The following topics introduce the new and changed features of Oracle Identity and Access Management and other significant changes that are described in this guide, and provides pointers to additional information.
Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity and Access Management 11g Release 2 (11.1.2.3) differs from previous versions in that the majority of the components are configured using the Identity and Access Management Life Cycle Management (LCM) tools.
This release does not support Oracle Internet Directory or Active Directory as directory stores when using LCM tools. Configuring the deployed environment for Oracle Internet Directory or Active Directory must be done outside of the deployment process.
EDG now supports both OUD and OID as a backend directory. Note: In an OID scenario only OID is shown. ODSM for OID is outside the scope of this EDG. In addition to OUD and OID, Active Directory is also supported.
The new Oracle Identity and Access Management Life Cycle Management (LCM) tool (deployment tool) does the following:
Creates RCU schema objects
Provisions using a single command.
The Oracle Identity and Access Management Life Cycle Management tool does not create an LDAP directory. If you wish to create an LDAP directory for use by the deployment tool, create it using the manual steps in this guide.
The Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity and Access Management 11g Release 2 (11.1.2.3) includes manual steps for setting up an enterprise deployment.
The new product support includes the following:
Oracle Privileged Account Manager
BI Publisher Light
Mobile Security Suite (Formally Bitzer)
The standard guide has been enhanced to include the different steps required to deploy Oracle Identity and Access Management on Exalogic. The steps described in this guide are for the Fusion Middleware aspects of the deployment only.
For information on how to configure the Exalogic appliance in preparation for deploying Oracle Fusion Middleware, refer to the Oracle Fusion Middleware Enterprise Deployment Guide for Exalogic.
This release of Oracle Identity and Access Management includes the following additional features:
New Oracle Access Management (OAM) administration architecture.
Extra Entry point URL for Oracle Mobile Security Suite.
Inclusion of Oracle Mobile Security Access Server (MSAS) Proxy in the web tier. The MSAS Proxy acts as a security agent in its own right and therefore does not sit behind the Web Server.
Changes to facilitate Multi Data Center (MDC).
Separation of Entry point URLs into login.example.com
and prov.example.com
. This allows Access Domain to be setup in an active/active Multidata Center configuration, while allowing the governance domain to be Active/Passive.
Separation of data into two different databases. Oracle Access Management MDC has two open active databases, so having the Access Domain data located in a dedicated database allows this to happen. Having the Governance Domain data (plus OID if used) in a different database allows that database to be protected using Active Dataguard.
Governance Domain Admin Server moved to OIMHOST2. This means that, on a single host (pair) deployment, the admin servers are distributed across hosts rather than everything being located onto a single host.
Exadata Virtual - LDAP moved to dedicated vServers to make the topology similar to the platform distributed model.