19.7 Replicating Domains in Identity Manager Deployments

If you have a deployment where Access Manager and Oracle Identity Manager ( are integrated in the same domain T2P cannot be used for domain replication because Identity Manager does not support it. In this case, Access Manager and Identity Manager need to be installed in different domains.

To replicate domains in Identity Manager deployments:

  1. Install Access Manager.

  2. Run configureSecurityStore (-create).

  3. Start Access Manager.

    Remember to enable TRACE logging with instrumented EAR.

  4. Install Identity Manager.

  5. Run configureSecurityStore (-join).

  6. Update the default passwords for the Access Manager and Identity Manager domains in $DOMAIN_HOME/config/fmwconfig/default-keystore.jks password using the keytool command.

  7. Set the same password values in the CSF using the EM console.

    1. Navigate to the domain_name of the appropriate Weblogic domain.

    2. Right click the domain_name and navigate to Security --> Credentials.

    3. Expand the oracle.wsm.security Credential map and edit the value of keystore-csf-key.

    4. Update password and confirm password fields with the password.

      This password should be same as the new password for default-keystore.jks in both Access Manager and Identity Manager domains

  8. Map oracle.wsm.security with the Key keystore-csf-key.

  9. Start Identity Manager.

  10. Restart Access Manager and Identity Manager.