Go to main content
1/28
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Part I Introduction and Preparation
1
Introduction
1.1
Overview of Oracle Identity and Access Management 11
g
Release 2 (11.1.2.3.0)
1.2
Additional 11
g
Release 2 (11.1.2.3.0) Deployment Information
1.2.1
Upgrading to Oracle Identity and Access Management 11
g
Release 2 (11.1.2.3.0)
1.2.2
Migrating to Oracle Identity and Access Management 11
g
Release 2 (11.1.2.3.0)
1.2.3
Installing Oracle Identity and Access Management 11
g
Release 2 (11.1.2.3.0) for High Availability
1.3
Silent Installation
1.4
Understanding the State of Oracle Identity and Access Management Components After Installation
1.4.1
Default SSL Configurations
1.4.2
Default Passwords
1.5
Using This Guide
2
Preparing to Install
2.1
Reviewing System Requirements and Certification
2.2
Installing and Configuring Java Access Bridge (Windows Only)
2.3
Identifying Installation Directories
2.3.1
Oracle Middleware Home Location
2.3.2
Oracle Home Directory
2.3.3
Oracle Common Directory
2.3.4
Oracle WebLogic Domain Directory
2.3.5
WebLogic Server Directory
2.4
Determining Port Numbers
2.5
Locating Installation Log Files
2.6
Verifying Your Database Password Policies
Part II Installing and Configuring Oracle Identity and Access Management (11.1.2.3.0)
3
Installing and Configuring Oracle Identity and Access Management (11.1.2.3.0)
3.1
Installation and Configuration Roadmap
3.2
Installing and Configuring Oracle Identity and Access Management 11
g
Release 2 (11.1.2.3.0)
3.2.1
Obtaining the Oracle Fusion Middleware Software
3.2.2
Installing a Certified JDK
3.2.3
Database Requirements
3.2.3.1
Identity Manager
3.2.4
Optional: Enabling TDE in Database for Oracle Access Management
3.2.5
Creating Database Schemas Using the Oracle Fusion Middleware Repository Creation Utility (RCU)
3.2.6
Installing Oracle WebLogic Server and Creating a Middleware Home
3.2.6.1
Applying Mandatory Patches for Oracle WebLogic Server
3.2.7
Installing Oracle SOA Suite (Oracle Identity Manager Users Only)
3.2.8
Installing Oracle Identity and Access Management 11
g
Release 2 (11.1.2.3.0)
3.2.8.1
Products Installed
3.2.8.2
Dependencies
3.2.8.3
Procedure
3.2.9
Configuring Oracle Identity and Access Management (11.1.2.3.0) Products
3.2.10
Configuring Database Security Store for an Oracle Identity and Access Management Domain
3.2.11
Configuring Oracle Identity Manager Server and Design Console
3.2.12
Starting the Servers
3.2.13
Verifying Your Environment Using the Environment Health Check Utility
4
Configuring Oracle Identity Manager
4.1
Important Notes Before You Start Configuring Oracle Identity Manager
4.2
Configuration Roadmap for Oracle Identity Manager
4.3
Creating a new WebLogic Domain for Oracle Identity Manager, SOA, and BI Publisher
4.3.1
Appropriate Deployment Environment
4.3.2
Components Deployed
4.3.3
Dependencies
4.3.4
Procedure
4.4
Configuring the Database Security Store
4.5
Starting the Servers
4.6
Overview of Oracle Identity Manager Configuration
4.6.1
Before Configuring Oracle Identity Manager Server or Design Console
4.6.1.1
Prerequisites for Configuring Oracle Identity Manager Server
4.6.1.2
Prerequisites for Configuring Only Oracle Identity Manager Design Console on a Different Machine
4.6.2
Oracle Identity Manager Configuration Scenarios
4.6.2.1
Scope of Configuration Using the Oracle Identity Manager 11
g
Configuration Wizard
4.6.2.2
Scenario 1: Oracle Identity Manager Server and Design Console on Different Machines
4.6.2.3
Scenario 2: Oracle Identity Manager Server and Design Console on a Single Windows Machine
4.7
Configuring Oracle Identity Manager Server
4.7.1
Appropriate Deployment Environment
4.7.2
Components Deployed
4.7.3
Dependencies
4.7.4
Procedure
4.7.5
Completing the Prerequisites for Enabling LDAP Synchronization
4.7.6
Running the LDAP Post-Configuration Utility
4.7.7
Verifying the LDAP Synchronization
4.7.8
Enabling LDAP Sync After Installing and Configuring Oracle Identity Manager Server at a Later Point
4.8
Optional: Configuring Oracle Identity Manager Design Console
4.8.1
Appropriate Deployment Environment
4.8.2
Components Deployed
4.8.3
Dependencies
4.8.4
Procedure
4.8.5
Post-Configuration Steps
4.8.6
Updating the xlconfig.xml File to Change the Port for Design Console
4.8.7
Configuring Design Console to Use SSL
4.9
Verifying the Oracle Identity Manager Installation
4.10
Changing Memory Settings for Oracle Identity Manager
4.11
Setting Up Integration with Oracle Access Management
4.12
List of Supported Languages
4.13
Getting Started with Oracle Identity Manager After Installation
5
Configuring Oracle Access Management
5.1
Overview
5.2
Important Note Before You Begin
5.3
Configuration Roadmap for Oracle Access Management
5.4
Configuring Oracle Access Management in a New WebLogic Domain
5.4.1
Appropriate Deployment Environment
5.4.2
Components Deployed
5.4.3
Dependencies
5.4.4
Procedure
5.5
Configuring the Database Security Store
5.6
Starting the Oracle WebLogic Administration Server
5.7
Optional Post-Installation Tasks
5.8
Optional: Configuring Oracle Mobile Security Suite
5.9
Starting the Managed Servers
5.10
Verifying the Oracle Access Management Installation
5.11
Setting Up Oracle Access Manager Webgate Agents
5.12
Setting Up Integration with OIM
5.13
Getting Started with Oracle Access Management After Installation
6
Configuring Oracle Adaptive Access Manager
6.1
Overview
6.2
Important Note Before You Begin
6.3
Configuration Roadmap for Oracle Adaptive Access Manager
6.4
Oracle Adaptive Access Manager in a New WebLogic Domain
6.4.1
Appropriate Deployment Environment
6.4.2
Components Deployed
6.4.3
Dependencies
6.4.4
Procedure
6.5
Configuring Oracle Adaptive Access Manager (Offline)
6.5.1
Components Deployed
6.5.2
Dependencies
6.5.3
Procedure
6.6
Configuring the Database Security Store
6.7
Starting the Servers
6.8
Post-Installation Steps
6.9
Verifying the Oracle Adaptive Access Manager Installation
6.10
Getting Started with Oracle Adaptive Access Manager After Installation
7
Configuring Oracle Entitlements Server
7.1
Important Note Before You Begin
7.2
Overview of Oracle Entitlements Server 11
g
Installation
7.3
Configuration Roadmap for Oracle Entitlements Server
7.4
Configuring Oracle Entitlements Server Administration Server
7.4.1
Components Deployed
7.4.2
Extracting Apache Derby Template (Optional)
7.4.3
Configuring Oracle Entitlements Server in a New WebLogic Domain
7.4.4
Configuring SSL When Configuring the Database Security Store
7.4.5
Configuring the Database Security Store for Oracle Entitlements Server Administration Server
7.4.6
Starting the Servers
7.4.7
Verifying Oracle Entitlements Server Configuration
7.5
Installing Oracle Entitlements Server Client
7.5.1
Prerequisites
7.5.2
Obtaining Oracle Entitlements Server Client Software
7.5.3
Installing Oracle Entitlements Server Client
7.5.4
Verifying Oracle Entitlements Server Client Installation
7.6
Configuring Oracle Entitlements Server Client
7.6.1
Configuring Distribution Modes
7.6.1.1
Configuring Controlled Push Distribution Mode
7.6.1.2
Configuring Non-Controlled and Controlled Pull Distribution Mode
7.6.2
Configuring Security Modules in a Controlled Push Mode (Quick Configuration)
7.6.2.1
Configuring Java Security Module in a Controlled Push Mode
7.6.2.2
Configuring RMI Security Module in a Controlled Push Mode
7.6.2.3
Configuring Web Service Security Module in a Controlled Push Mode
7.6.2.4
Configuring Oracle WebLogic Server Security Module in a Controlled Push Mode
7.6.3
Configuring Security Modules
7.6.3.1
Configuring WebLogic Server Security Module
7.6.3.2
Configuring Web Service Security Module
7.6.3.3
Configuring Web Service Security Module on Oracle WebLogic Server
7.6.3.4
Configuring Oracle Service Bus Security Module
7.6.3.5
Configuring IBM WebSphere Security Module
7.6.3.6
Configuring JBoss Security Module
7.6.3.7
Configuring the Apache Tomcat Security Module
7.6.3.8
Configuring Java Security Module
7.6.3.9
Configuring RMI Security Module
7.6.3.10
Configuring Microsoft .NET Security Module
7.6.3.11
Configuring Microsoft SharePoint Server (MOSS) Security Module
7.6.4
Locating Security Module Instances
7.6.5
Using the Java Security Module
7.6.6
Configuring the PDP Proxy Client
7.7
Getting Started with Oracle Entitlements Server After Installation
8
Configuring Oracle Privileged Account Manager
8.1
Overview
8.2
Important Note Before You Begin
8.3
Configuration Roadmap for Oracle Privileged Account Manager
8.4
Optional: Enabling TDE in Oracle Privileged Account Manager Data Store
8.4.1
Enabling TDE in the Database
8.4.2
Enabling Encryption in OPAM Schema
8.5
Configuring Oracle Privileged Account Manager in a New WebLogic Domain
8.5.1
Appropriate Deployment Environment
8.5.2
Components Deployed
8.5.3
Dependencies
8.5.4
Procedure
8.6
Configuring the Database Security Store
8.7
Starting the Oracle WebLogic Administration Server
8.8
Post-Installation Tasks
8.9
Starting the Managed Server
8.10
Assigning the Application Configurator Role to a User
8.11
Optional: Setting Up Non-TDE Mode
8.12
Optional: Configuring OPAM Console
8.13
Verifying Oracle Privileged Account Manager
8.14
Getting Started with Oracle Privileged Account Manager After Installation
9
Configuring Oracle Access Management Mobile and Social
9.1
Overview
9.2
Important Note Before You Begin
9.3
Configuration Roadmap for Oracle Access Management Mobile and Social
9.4
Configuring Oracle Access Management Mobile and Social with Oracle Access Manager
9.5
Configuring the Database Security Store
9.6
Starting the Servers
9.7
Verifying Oracle Access Management Mobile and Social
9.8
Getting Started with Oracle Access Management Mobile and Social After Installation
10
Configuring Oracle Mobile Security Suite
10.1
Overview
10.2
Important Note Before You Begin
10.3
Configuration Roadmap for Oracle Mobile Security Suite
10.4
Configuring Oracle Access Management in a WebLogic Domain
10.5
About the Administrator Roles in an Oracle Mobile Security Suite Deployment
10.6
Preparing Your LDAP Directory as the Identity Store
10.7
Configuring Oracle Access Manager for Oracle Mobile Security Suite
10.7.1
Creating the Oracle Access Manager Properties File
10.7.2
Running idmConfigTool to Configure Oracle Access Manager
10.7.3
Granting WebLogic Admin Role to Oracle Access Manager and WebLogic Server Groups
10.7.4
Additional Task for Oracle Unified Directory
10.8
Configuring Oracle Mobile Security Manager
10.8.1
Creating the Oracle Mobile Security Suite Properties File
10.8.2
Running idmConfigTool to Configure Oracle Mobile Security Manager
10.9
Starting the Managed Servers
10.10
Verifying Oracle Access Manager and Oracle Mobile Security Manager
10.11
Optional: Creating Additional Administrator Groups After Configuration
10.11.1
Creating Additional System Administrator Groups After Configuration
10.11.2
Creating Help Desk Administrator Groups After Configuration
10.12
Installing Oracle Mobile Security Access Server
10.13
Getting Started with Oracle Mobile Security Suite After Installation
11
Configuring Database Security Store for an Oracle Identity and Access Management Domain
11.1
Overview
11.2
Before Configuring Database Security Store
11.3
Configuring the Database Security Store
11.4
Example Scenarios for Configuring the Database Security Store
11.4.1
Example Scenario for One or More Oracle Identity and Access Management Products in the Same Domain
11.4.2
Example Scenarios for Oracle Identity and Access Management Products in Different Domains
12
Verifying Your Environment Using the Environment Health Check Utility
12.1
Running the Environment Health Check Utility After Configuration
12.2
Running the Environment Health Check Utility to Verify Your Installation and Configuration
12.3
Running the Environment Health Check Utility to Verify Oracle Identity Manager
12.4
Running the Environment Health Check Utility to Verify Oracle Access Manager
13
Lifecycle Management
13.1
How Lifecycle Events Impact Integrated Components
13.2
LCM for Oracle Identity Manager
13.3
LCM for Oracle Access Manager
13.4
LCM for Oracle Adaptive Access Manager
13.5
References
Part III Appendixes
A
Oracle Identity and Access Management 11
g
Release 2 (11.1.2.3.0) Software Installation Screens
A.1
Welcome
A.2
Install Software Updates
A.3
Prerequisite Checks
A.4
Specify Installation Location
A.5
Installation Summary
A.6
Installation Progress
A.7
Installation Complete
B
Oracle Identity Manager Configuration Screens
B.1
Welcome
B.2
Components to Configure
B.3
Database
B.4
WebLogic Admin Server
B.5
OIM Server
B.6
LDAP Server
B.7
LDAP Server Continued
B.8
Configuration Summary
C
Starting or Stopping the Oracle Stack
C.1
Starting the Stack
C.2
Stopping the Stack
C.3
Restarting Servers
D
Creating Oracle Entitlement Server Schemas for Apache Derby
E
Configuring the PDP Proxy Client for Web Service Security Module
F
Deinstalling and Reinstalling Oracle Identity and Access Management
F.1
Deinstalling Oracle Identity and Access Management
F.1.1
Deinstalling the Oracle Identity and Access Management Oracle Home
F.1.2
Deinstalling the Oracle Common Home
F.2
Reinstalling Oracle Identity and Access Management
G
Troubleshooting the Installation
G.1
General Troubleshooting Tips
G.2
Installation Log Files
G.3
Password for OAM Schema on Oracle Database 11
g
Expires Every 180 Days
G.4
Configuring OIM Against an Existing OIM 11
g
Schema
G.5
Resolving Issues When Starting the Administration Server
G.5.1
Unsupported Configuration Store Version Detected After Configuring Oracle Access Management
G.6
Need More Help?
H
Oracle Adaptive Access Manager Partition Schema Reference
H.1
Overview
H.2
Partition Add Maintenance
H.2.1
Sp_Oaam_Add_Monthly_Partition
H.2.2
Sp_Oaam_Add_Weekly_Partition
H.3
Partition Maintenance Scripts
H.3.1
drop_monthly_partition_tables.sql
H.3.2
drop_weekly_partition_tables.sql
H.3.3
add_monthly_partition_tables.sql
H.3.4
add_weekly_partition_tables.sql
I
Software Deinstallation Screens
I.1
Welcome
I.2
Select Deinstallation Type
I.2.1
Option 1: Deinstall Oracle Home
I.2.1.1
Deinstall Oracle Home
I.2.2
Option 2: Deinstall ASInstances managed by WebLogic Domain
I.2.2.1
Specify WebLogic Domain Detail
I.2.2.2
Select Managed Instance
I.2.2.3
Deinstallation Summary (Managed Instance)
I.2.3
Option 3: Deinstall Unmanaged ASInstances
I.2.3.1
Specify Instance Location
I.2.3.2
Deinstallation Summary (Unmanaged ASInstance)
I.3
Deinstallation Progress
I.4
Deinstallation Complete
Scripting on this page enhances content navigation, but does not change the content in any way.