| Oracle® Fusion Middleware Enterprise Single Sign-On Suite Installation Guide 11g Release 2 (11.1.2.2) Part Number E37691-05 |
|
|
PDF · Mobi · ePub |
| Oracle® Fusion Middleware Enterprise Single Sign-On Suite Installation Guide 11g Release 2 (11.1.2.2) Part Number E37691-05 |
|
|
PDF · Mobi · ePub |
This section provides descriptions of most commonly encountered Oracle Enterprise Single Sign-On Suite installation issues and their solutions.
If an error 1720 occurs during the installation of any of the Oracle Enterprise Single Sign-On Suite components software installation, then the currently logged-on user does not have sufficient rights to install software on that machine. You must log on to the machine as a user with Administrator rights or contact your organization's IT support personnel.
The following are the most common issues that can be encountered during the installation of Provisioning Gateway, along with their solutions.
Provisioning Gateway will not function correctly if it is deployed with the file synchronizer.
The Agent is configured to store its user data as a flat file on a network drive, FTP server, NFS share, or local disk drive. Provisioning Gateway will not function in this scenario because it requires a directory in order to distinguish and provision individual user accounts.
If two users are stored in different containers, a matching application configuration list (entlist) must exist in each locator site in order for provisioning to work down to the client. The matching entlists must exist under both containers that store the user credentials.
If IIS and Active Directory (or the AD LDS (ADAM) instance) are on different computers, then you must provide the IIS Web services with a user account that is in the same domain as (or a trusted domain of) Active Directory or AD LDS (ADAM), and that is provided with read/write access to the directory.
In order for Windows domain users and Citrix MetaFrame users to access Provisioning Gateway, you must add the Provisioning Gateway Web service to the workstation's Local Intranet zone.
When Provisioning Gateway is deployed with multiple Oracle Internet Directory (OID) servers load-balanced in an active-active (all servers active) topology, Provisioning Gateway cannot resolve the client-server session state due to multiple servers being involved in the session. This will cause Provisioning Gateway to behave erratically. To avoid this issue, do one of the following:
For simple failover support, load-balance your deployment using an active-standby topology. In this configuration, only one OID server is handling connections from Provisioning Gateway clients at any given moment. Backup servers, synchronized with the active server via replication, are ready to take over if the active server fails. You must configure your network to automatically re-route the connections from the failed server to one of the backup servers when a failure occurs.
(Recommended) Use the Oracle Real Application Cluster (RAC) technology to create an OID server cluster. A cluster will appear as a single server to Provisioning Gateway clients, while providing the performance and high availability of a fully load-balanced deployment. In case of server failure, operation continues uninterrupted, and servers can be replaced on the fly. Servers can also be added at any time, providing quick and easy scalability.
This section describes how to troubleshoot most common Password Reset installation problems.
When you install .NET 2.0 on a computer running a newly installed operating system, the Network Service account must be granted read/write access or you will encounter a server error when you access the Password Reset 7.0 Management Console.
To avoid the server error, grant the Network Service account read/write access to the following folder:
C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files
This is not a Password Reset-specific issue. All ASP.NET applications will receive this error if the configuration is not set correctly.
Password Reset uses the password history setting of the Windows XP Group Security Policy. You should allow for one additional prior password in addition to the Enforce password history setting. For example, if the setting is 3 (ensuring that a user's last three prior passwords cannot be reused), Password Reset uses one of these, so the actual setting is 2. Oracle recommends a higher setting for Enforce password history for optimal security.
|
 Copyright © 1998, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
