This chapter describes the process of installing and configuring additional software to enhance Oracle Communications Network Integrity.
Install and configure the following additional software:
Oracle Internet Directory
Oracle BI Publisher
The WebLogic Server includes an embedded LDAP store that acts as the default security provider data store for the Default Authentication, Authorization, Credential Mapping, and Role Mapping providers. You manage the embedded LDAP store using the WebLogic console. The Oracle Universal Installer uses this embedded LDAP server by default as the security provider. During installation, you can change the setting to use third party security providers with the Oracle WebLogic server.
See the WebLogic Server documentation for information on the embedded LDAP server.
You also have the option to use an external LDAP store, or security provider, if your requirements are greater and you need more security options than are provided by the embedded LDAP server.
Oracle recommends Oracle Internet Directory as the LDAP store external to the WebLogic server.
You require the following information to install the Oracle Internet Directory:
A static IP address
You require a static IP address to install the Oracle Identity Management suite.
Oracle Database
WebLogic Server
Application Development Runtime
Identity Management
Fusion Middleware
For information on installing Oracle Internet Directory, see For information on installing and configuring Oracle Internet Directory, see Oracle Fusion Middleware Installation Guide for Oracle Identity Management.
To enable the WebLogic Server to work with an external LDAP store, or Oracle Internet Directory:
Log in to the Administration console.
Under Your Application's Security Settings, click Security Realms.
The Summary of Security Realms screen appears.
Select the realm YourRealmName, for which you must set the Oracle Internet Directory as the external LDAP store.
The Settings For YourRealmName screen appears.
Click the Providers tab, and in the Providers tab, click the Authentication tab.
Click New.
The Create a New Authentication Provider screen appears.
In the Name field, enter the name of the authenticator, AuthenticatorName.
From the Type list, select OracleInternetDirectoryAuthenticator.
Click OK.
The Settings For YourRealmName screen appears, showing the newly created Authentication Provider, AuthenticatorName, in the Authentication tab.
Click the AuthenticatorName.
The Settings for AuthenticatorName screen appears.
In the Control Flag list, select SUFFICIENT.
Click Save.
Click the Provider Specific tab.
Under the Connection section, in the following fields, enter the relevant values:
Host
Port
Principal
Credentials
Confirm Credentials
Under the Users section, in the following fields, enter the relevant values:
User Base DN
Ensure that you provide the following value:
cn=Users,dc=idc,dc=oracle,dc=com
All User Filter
User From Name Filter
User Search Scope
User Name Attribute
User Object Class
Under the Groups section, in the following fields, enter the relevant values:
Group Base DN
Ensure that you provide the following value:
cn=Groups,dc=idc,dc=oracle,dc=com
All Groups Filter
Group From Name Filter
Group Search Scope
Group Membership Searching
Max Group Membership Search Level
Click Save.
Restart the WebLogic server.
Log in to the Administration console.
Navigate to the Settings For YourRealmName screen, and click Reorder.
The Reorder Authentication Providers screen appears.
Use the Up and Down arrows to reorder the listed Authentication Providers, and click OK.
You can configure custom authentication providers for your external security provider. In which case, you are required to manually create users and groups before starting Network Integrity installation.
Create the following groups in the new authentication provider store:
JDGroup
NetworkIntegrityRole (this is a member of the JDGroup)
Create a user named NIUSER in the new authentication provider store as a member of NetworkIntegrityRole and JDGroup. Ensure that you create the groups and users in the default security realm.
Installing publishing tools is optional. The requirement is based entirely on your individual requirements.
You use Oracle Business Intelligence Publisher (BI Publisher) to host and publish Network Integrity scan-related and other reports.
Download BI Publisher from the Oracle Technology Network Web site:
http://www.oracle.com/technology
For information on installing and configuring, see BI Publisher documentation.
See "Software Requirements" for information on the required version of BI Publisher.