ORACLE ACCESS MANAGEMENT INSTALLATION AND CONFIGURATION
Oracle Access Management includes components like Oracle Access Manager, Oracle Access Management Security Token Service, Oracle Access Management Identity Federation, Oracle Access Management Mobile and Social.
Following topics in this chapter provides detailed information on installing and configuring Oracle Access Management after installing Oracle Identity and Access Management:
Installing Oracle Access Manager
- Before you start configuring Oracle Access Management, note that the IDM HOME is the path provided during IDM installation and is used to refer to the Oracle home directory.
- Run below command to start installation:
java –jar fmw_12.2.1.3.0_idm.jar
Next >
Next >
Select the same Weblogic as in Sec 6.2.1
Next
Next >
Click Install to complete the installation
Running the repository creation utility (RCU)
Run below command
<ORACLE_HOME>/oracle_common/bin
./rcu
Next >
Next >
Provide connection parameter (Oracle 12c DB) > Next
Provide prefix > Next
Provide passwords > Next
Click Next > Finish to complete installation of schemas
Configuring Weblogic Domain to use OUDSM and OAM
- Execute the below command, to launch the Weblogic Configuration Wizard:
<Oracle_Home>/oracle_common/common/bin/config.sh
Note: Oracle_Home is the Middleware Home, which is the absolute path where Weblogic Server is installed.
- Follow the instructions as shown below for installation:
Welcome Screen
The Welcome screen is displayed > Next
Click Next to continue.
Select Domain Source Screen
Select options as shown above (Do not uncheck auto selected options) > Next.
Enter domain password > Next
Provide Database details as created by RCU previously (Use same schema prefix) > Get RCU Configuration > Next
Click Next.
Click Next.
Change any ports if required by selecting required options > Next.
Click Create and then Finish to complete the configuration
Starting servers –
OUD
<ORACLE_HOME>/asinst_1/OUD/bin ./start-ds
OAM
<Oracle_Home>/user_projects/domains/<OAM_domain>/bin/startWeblogic.sh
<Oracle_Home>/user_projects/domains/<OAM_domain>/bin/startManagedWeblogic.sh oam_server1
Post-Installation Tasks
After installing and configuring Oracle Access Management, the user can perform the following steps:
- Configure your own LDAP to use instead of the default embedded LDAP, which comes with Oracle Weblogic Server.
- To do this, ensure that the Admin Server is running. Login to the Weblogic Console using the following URL:
http://<hostname>:<oam_admin_port>/console
- Now, go to Security Realms > myrealm > Providers
- Click on ‘DefaultAuthenticator” provider and change the Control Flag to SUFFICIENT and Save the changes.
- Now, click on New and enter the below details and click Save.
Name : OUDAuthenticator
Type : IPlanetAuthenticator
Control Flag : SUFFICIENT
- Click on the new OUDAuthenticator Provider and under Provider Specific tab and set the details of LDAP where the server should point. Refer to the following table for more information:
Property |
Value |
---|---|
Host |
This is the LDAP Server (OUD) Hostname. |
Port |
This is the LDAP Server (OUD) Port. For example: 1389. |
Principal |
This is the AdministratorAdministrator is a set of individuals that administer the applicant/Affiliate entity. For example, Accountants, Authorized Signatories for organizations, Power of Attorney for individuals. Account name. For example: cn=orcladmin |
Credential |
This is the Administrator Account password. |
UserBase DN |
This is the OUD user search base cn=Users, dc=in,dc=oracle,dc=com |
GroupBase DN |
This is the OUD group search base cn=Groups, dc=in,dc=oracle,dc=com |
- Click on Save to update the changes.
- Click on Save and reorder the providers so that LDAP Provider gets highest priority followed by DefaultAuthenticator.
- Click Save to apply the changes and shutdown the Admin Server for restart.
- Now, again restart the Admin Server using the command,
<Oracle_Home>/user_projects/domains/<OAM_domain>/bin/startWeblogic.sh
- Also, restart the OAM Managed Server (by default it is ‘oam_server1’) as mentioned below:
<Oracle_Home>/user_projects/domains/<OAM_domain>/bin/startManagedWeblogic.sh oam_server1
Verifying the Installation
- You can perform any combination of the following tasks to verify that your installation was successful:
- Ensure that the Administration Server and Managed Servers are up and running.
- Verifying the installation for Oracle Access Management.
- Log in to the Administration Console for Oracle Access Management using the following URL:
http://<hostname>:<oam_admin_port>/oamconsole
- You will be redirected to:
http://<hostname>:<oamserver_port>/oam/server
When you access this Administration Console running on the Administration Server, you are prompted to enter a user name and password. Note that you must have Administrator's role and privileges.
- Verifying the installation for Weblogic Server Administration Console
If the installation and configuration of Oracle Access Management are successful, this console shows the Administration Server in running mode.
Verifying the installation for OUD console
http://<host>:<admin port>/oudsm