Configure Oracle Access Management 12c Sandbox Environment

Introduction

This tutorial shows you how to run the Repository Creation Utility to load the Oracle Access Management (OAM) database schemas. It also shows how to create the Oracle Access Management 12c domain.

This is the sixth tutorial in the series Creating an Oracle Access Management 12c Sandbox Environment for Oracle Advanced Authentication and they should be read sequentially.

Objective

To load the OAM schemas into the Oracle Database, and create the Oracle Access Management 12c domain.

Prerequisites

To have followed Configure Oracle Unified Directory for Oracle Access Management 12c Sandbox Environment.

All the tasks in this tutorial should be performed on the OAM linux server (oam.example.com). Where hostnames (db.example.com,oam.example.com,ohs.example.com) or domain names (example.com) are referenced, change to match your environment.

Run the Repository Creation Utility

  1. Launch a terminal window as oracle and enter the following commands:

    cd /u01/app/oracle/product/middlewareidm/oracle_common/bin
./rcu

  2. Follow the table below to guide you through the installation screens:

    Step Window Description Choice or Values
    1 Welcome Click Next
    2 Create Repository System Load and Product Load
    3 Database Connection Details Database Type: Oracle Database
    Host Name: db.example.com
    Port: 1521
    Service Name: orcl.example.com
    Username: sys
    Password: <password>
    Role: SYSDBA

    Click OK in Checking Prerequisites window
    4 Select Components Create a new prefix: DEV
    Under IDM Schemas select Oracle Access Manager

    Click OK in Checking Prerequisites window
    5 Schema Passwords Use same passwords for all schemas
    Password: <password>
    Confirm Password: <password>
    6 Map Tablespaces Click Next

    Click OK in Confirmation and Creating Tablespaces windows
    7 Summary Click Create
    8 Completion Summary Click Close

Configure the Oracle Access Management 12c Domain

  1. Launch a terminal window as oracle and enter the following commands:

    cd /u01/app/oracle/product/middlewareidm/oracle_common/common/bin
./config.sh

  2. Follow the table below to guide you through the configuration screens:

    Step Window Description Choice or Values
    1 Create Domain Select Create a new domain
    Domain Location: /u01/app/oracle/admin/domains/oam_domain
    2 Templates Select: Oracle Access Management Suite
    3 Application Location Application Location: /u01/app/oracle/admin/applications/oam_domain
    4 Administrator Account Name: weblogic
    Password: <password>
    Confirm: <password>
    5 Domain Mode and JDK Domain Mode: Production
    JDK: Oracle Hotspot
    6 Database Configuration Type Host Name: db.example.com
    DBMS/Service: orcl.example.com
    Port: 1521
    Schema Owner: DEV_STB
    Schema Password: <password>

    Click Get RCU Configuration
    If successful, click Next
    7 Component Datasources Click Next
    8 JDBC Component Schema Test Click Next
    9 Advanced Configuration Select Node Manager, and Topology
    10 Node Manager Node Manager Type: Per Domain Default Location
    Username: weblogic
    Password: <password>
    Confirm Password: <password>
    11 Managed Servers Click Next
    12 Clusters Click Add, Cluster Name: OAM_Cluster, Frontend Host: ohs.example.com, Frontend HTTPS: 443. Repeat these steps for Cluster Name: OAM_Policy
    13 Server Templates Click Next
    14 Dynamic Servers Click Next
    15 Assign Servers to Clusters Select oam_server1 and OAM_Cluster and click the right arrow to move oam_server1 under OAM_cluster. Select oam_policy_mgr1 and Policy_Cluster and click the right arrow to move oam_policy_mgr1 under Policy_cluster. Click Next
    16 Coherence Clusters Click Next
    17 Machines Click Add
    Name: oam_machine
    18 Assign Servers to Machines Select Admin Server, oam_server1 and oam_policy_mgr1.
    Select oam_machine and click the right arrow to move the servers under oam_machine
    19 Virtual Targets Click Next
    10 Partitions Click Next
    21 Configuration Summary Click Create
    22 Configuration Progress Click Next
    23 End of Configuration Click Finish

Start the Servers

  1. Launch a terminal window as oracle and enter the following commands to start the Oracle Access Management 12c Administration server:

    cd /u01/app/oracle/admin/domains/oam_domain/
./startWebLogic.sh

    When prompted enter the WebLogic administrator credentials (weblogic/<password>):

    Enter username to boot WebLogic server:weblogic
Enter password to boot WebLogic server: ********

    Wait until the terminal displays the message The server started in RUNNING mode, then minimize the window:

    <DATE> <Notice> <WebLogicServer> <BEA-000360> <The server started in RUNNING mode.>
<DATE> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RUNNING.>

  2. In another terminal window start Node Manager by running the following command:

    cd /u01/app/oracle/admin/domains/oam_domain/bin
./startNodeManager.sh

    Wait until the terminal displays that node manager is running, then minmize the window:

    <DATE> <INFO> <Secure socket listener started on port 5556, host localhost/127.0.0.1>

  3. Launch a terminal window as oracle and enter the following commands to start the OAM Managed Server:

    cd /u01/app/oracle/admin/domains/oam_domain/bin
./startManagedWebLogic.sh oam_server1

    When prompted enter the WebLogic administrator credentials (weblogic/<password>):

    Enter username to boot WebLogic server:weblogic
Enter password to boot WebLogic server: ********

    Wait until the terminal displays the message server started in RUNNING mode, then minmize the window:

    <DATE> <Notice> <WebLogicServer> <BEA-000360> <The server started in RUNNING mode.>
<DATE> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RUNNING.>

  4. Launch a terminal window as oracle and enter the following commands to start the OAM Policy Manager Managed Server:

    cd /u01/app/oracle/admin/domains/oam_domain/bin
./startManagedWebLogic.sh oam_policy_mgr1

    When prompted enter the WebLogic administrator credentials (weblogic/<password>):

    Enter username to boot WebLogic server:weblogic
Enter password to boot WebLogic server: ********

    Wait until the terminal displays the message server started in RUNNING mode, then minmize the window:

    <DATE> <Notice> <WebLogicServer> <BEA-000360> <The server started in RUNNING mode.> 
<DATE> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RUNNING.>

Validate the installation

Access the WebLogic Server Console

  1. Launch a browser and access the WebLogic Server Console at http://oam.example.com:7001/console. Login as weblogic/<password>.

  2. In the Domain Structure pane, under oam_domain navigate to Environment > Servers. Make sure all the servers show as running:

Access the OAM Console

  1. Launch a browser and access the Oracle Access Management Console at http://oam.example.com:7001/oamconsole. Login as weblogic/<password>. The OAM console should be displayed:

Access the OAM Policy Manager Console

  1. Launch a browser and access the OAM Policy Manager Console at http://oam.example.com:14150/access. Login as weblogic/<password>. The OAM Policy Manager console should be displayed.

    Note: The OAM Policy Manager console looks the same as the Oracle Access Management Console, however it does not contain the full functionality available in the Oracle Access Management Console deployed on the AdminServer. The Policy Manager Console has only the policy administration functionality.

Configure boot.properties

In this section you create boot.properties files to prevent having to enter the weblogic username and password on startup.

  1. Launch a terminal window as oracle and enter the following commands:

    mkdir /u01/app/oracle/admin/domains/oam_domain/servers/AdminServer/security
mkdir /u01/app/oracle/admin/domains/oam_domain/servers/oam_server1/security
mkdir /u01/app/oracle/admin/domains/oam_domain/servers/oam_policy_mgr1/security
cd /u01/app/oracle/admin/domains/oam_domain/servers/AdminServer/security
echo -e "username=weblogic\npassword=<password>" >boot.properties
cp boot.properties ../../oam_server1/security/
cp boot.properties ../../oam_policy_mgr1/security/

    where <password> is your weblogic password.

Configure WebLogic-Plugin Enabled

Before you can validate that requests are routed correctly through the Oracle HTTP Server instances, you must set the WebLogic Plug-In Enabled parameter. It is recommended to set the WebLogic Plug-In Enabled parameter at the domain level. Any clusters or servers not using the plugin via the web-tier can have their WebLogic Plug-In Enabled parameter value set to no on an exception basis as needed.

  1. Log in to the WebLogic Server Console http://oam.example.com:7001/console. Login as weblogic/<password>.

  2. In the Domain Structure pane, click on oam_domain.

  3. Click Lock & Edit in the Change Center.

  4. Click on the Domain Name oam_domain.

  5. Click on the Web Applications tab.

  6. Locate and select the WebLogic PlugIn Enabled option.

  7. Click Save.

  8. Click Activate Changes in the Change Center.

  9. Restart the Administration Server. Launch a terminal window as oracle and enter the following commands to restart the Oracle Access Management 12c Administration server:

    cd /u01/app/oracle/admin/domains/oam_domain/bin
./stopWebLogic.sh
./startWebLogic.sh

Configuring Oracle Access Manager to Use the LDAP Directory

In this section you associate Oracle Access Manager with the OUD.

  1. Create a file called /stage/OAM12c/oam.props with the following information:

    #IDSTORE PROPERTIES
IDSTORE_HOST: oam.example.com
IDSTORE_PORT: 1389
IDSTORE_BINDDN: cn=oudadmin
IDSTORE_SEARCHBASE: dc=example,dc=com
IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=example,dc=com
IDSTORE_USERNAMEATTRIBUTE: cn
IDSTORE_LOGINATTRIBUTE: uid
IDSTORE_USERSEARCHBASE: cn=Users,dc=example,dc=com
IDSTORE_SYSTEMIDBASE: cn=SystemIDs,dc=example,dc=com
IDSTORE_NEW_SETUP: true
IDSTORE_DIRECTORYTYPE: OUD
IDSTORE_WLSADMINUSER: weblogic_iam
IDSTORE_WLSADMINGROUP: WLSAdministrators
IDSTORE_OAMADMINUSER: oamadmin
IDSTORE_OAMSOFTWAREUSER: oamLDAP
# OAM Properties
OAM11G_IDSTORE_NAME: OUDStore
OAM11G_IDSTORE_ROLE_SECURITY_ADMIN: OAMAdministrators
PRIMARY_OAM_SERVERS: oam.example.com:5575
WEBGATE_TYPE: ohsWebgate12c
ACCESS_GATE_ID: Webgate_IDM
OAM11G_OIM_WEBGATE_PASSWD: <password>
COOKIE_DOMAIN: .example.com
COOKIE_EXPIRY_INTERVAL: 120
OAM11G_WG_DENY_ON_NOT_PROTECTED: true
OAM11G_IDM_DOMAIN_OHS_HOST: ohs.example.com
OAM11G_IDM_DOMAIN_OHS_PORT: 443
OAM11G_IDM_DOMAIN_OHS_PROTOCOL: https
OAM11G_SERVER_LBR_HOST: ohs.example.com
OAM11G_SERVER_LBR_PORT: 443
OAM11G_SERVER_LBR_PROTOCOL: https
OAM11G_OAM_SERVER_TRANSFER_MODE: open
OAM_TRANSFER_MODE: open
OAM11G_SSO_ONLY_FLAG: false
OAM11G_IMPERSONATION_FLAG: false
OAM11G_IDM_DOMAIN_LOGOUT_URLS: /console/jsp/common/logout.jsp,/em/targetauth/emaslogout.jsp
OAM11G_OIM_INTEGRATION_REQ: false 
OAM11G_OIM_OHS_URL: https://ohs.example.com:443/
# WebLogic Properties
WLSHOST: oam.example.com
WLSPORT: 7001
WLSADMIN: weblogic

    Change <password to the password you wish to assign to the webgate agent you will be creating.

  2. Run the following command to create the required object classes. Enter the password for cn=oudadmin, and the passwords you want to set for OAM11G_WLS_ADMIN_PASSWD, OAM11G_IDM_DOMAIN_WEBGATE_PASSWD, IDSTORE_PWD_OAMSOFTWAREUSER, and IDSTORE_PWD_OAMADMINUSER when prompted:

    export MW_HOME=/u01/app/oracle/product/middlewareidm
export JAVA_HOME=/u01/app/oracle/product/jdk
export ORACLE_HOME=/u01/app/oracle/product/middlewareidm/idm
cd $ORACLE_HOME/idmtools/bin
./idmConfigTool.sh -configOAM input_file=/stage/OAM12c/oam.props

    The output will look similar to the following:

    Enter ID Store Bind DN Password : 
Enter User Password for OAM11G_WLS_ADMIN_PASSWD: 
Confirm User Password for OAM11G_WLS_ADMIN_PASSWD: 
Enter User Password for OAM11G_IDM_DOMAIN_WEBGATE_PASSWD: 
Confirm User Password for OAM11G_IDM_DOMAIN_WEBGATE_PASSWD: 
Enter User Password for IDSTORE_PWD_OAMSOFTWAREUSER: 
Confirm User Password for IDSTORE_PWD_OAMSOFTWAREUSER: 
Enter User Password for IDSTORE_PWD_OAMADMINUSER: 
Confirm User Password for IDSTORE_PWD_OAMADMINUSER: 
Connecting to t3://oam.example.com:7001
Connection to domain runtime mbean server established
Starting edit session
Edit session started
Connected to security realm.
Validating provider configuration
Validated desired authentication providers
Created OAMIDAsserter successfuly
Created OUDAuthenticator successfuly
Setting attributes for OUDAuthenticator
All attributes set. Configured inOUDAuthenticatornow
LDAP details configured in OUDAuthenticator
Control flags for authenticators set sucessfully
Reordering of authenticators done sucessfully
Saving the transaction
Transaction saved
Activating the changes
Changes Activated. Edit session ended.
Connection closed sucessfully
The tool has completed its operation. Details have been logged to automation.log

    Check the $ORACLE_HOME/idmtools/bin/automation.log log file for any errors or warnings, and correct them.

  3. Restart the OAM Administration Server:

    cd /u01/app/oracle/admin/domains/oam_domain/bin
./stopWebLogic.sh 
./startWebLogic.sh

  4. After running the idmConfigTool, several files are created in /u01/app/oracle/admin/domains/oam_domain/output/Webgate_IDM that you will need in later tutorials. Run the following commands to create a backup:

    cd /u01/app/oracle/admin/domains/oam_domain/output/Webgate_IDM
tar -cvzf webgate.tar *
cp webgate.tar /stage/OAM12c/

Validating the OAM LDAP Integration

To validate that the OAM LDAP integration has completed correctly:

  1. Launch a browser and access the Oracle Access Management Console at http://oam.example.com:7001/oamconsole. Log in as the Access Manager administration user you created when you prepared the ID Store. For example oamadmin.

  2. Click Agents from the Application Security screen.

  3. When the Search SSO Agents screen appears, click Search.

  4. You should see the WebGate agent Webgate_IDM.

    Note: If you discover that the Webgate_IDM Agent does not exist, you can create it manually in the next section Creating the Webgate_IDM Agent.

  5. Access the WebLogic Server Console http://oam.example.com:7001/console. Login as weblogic/<password>.

  6. Click Security Realms on the left navigation pane.

  7. On the Summary of Security Realms page, click myrealm under the Realms table.

  8. On the Settings page for myrealm, go to the Users and Groups tab.

  9. Go to the Users tab and check to see that LDAP users are displayed from the directory connector. For example, Provider: OUDAuthenticator.

  10. Go to the Groups tab and check to see that LDAP groups are displayed from the directory connector. For example, Provider: OUDAuthenticator.

Creating the Webgate_IDM Agent

You should only follow this section if the Webgate_IDM Agent was not shown in the OAM Console.

  1. Create a file called /stage/OAM12c/Webgate_IDM.xml with the following information:

    <?xml version="1.0" encoding="UTF-8"?>

<!--
Copyright (c) 2009, 2015, Oracle and/or its affiliates. All rights reserved.

	NAME: OAM11GRequest_short.xml - Template for OAM 11G Agent Registration Request file
			(Shorter version - Only mandatory values - Default values will be used for all other fields)
	DESCRIPTION: Modify with specific values and pass file as input to the tool.

-->
<OAM11GRegRequest>

    <serverAddress>http://oam.example.com:7001</serverAddress>
    <hostIdentifier>IAMSuiteAgent</hostIdentifier>
    <agentName>Webgate_IDM</agentName>
    <autoCreatePolicy>false</autoCreatePolicy>
    <protectedResourcesList>
         <resource>/**</resource>
    </protectedResourcesList>
    <publicResourcesList>
            <resource>/public/**</resource>
    </publicResourcesList>
    <excludedResourcesList>
        <resource>/excluded/**</resource>
    </excludedResourcesList>

</OAM11GRegRequest>

  2. Run the following command to create the webgate:

    cd /u01/app/oracle/product/middlewareidm/idm/oam/server/rreg/bin
./oamreg.sh inband /stage/OAM12c/Webgate_IDM.xml

    You are prompted to enter your administrative credentials. Provide the name of the OAM Administration User (oamadmin) and the Password. In addition, you are asked whether you want to create a WebGate password which is optional.

    The output will look similar to the following:

    Welcome to OAM Remote Registration Tool!
Parameters passed to the registration tool are: 
Mode: inband
Filename: /stage/OAM12c/Webgate_IDM.xml
Enter admin username:oamadmin
Username: oamadmin
Enter admin password:          
Do you want to enter a Webgate password?(y/n):
n


Request summary:
OAM11G Agent Name:Webgate_IDM
URL String:IAMSuiteAgent
Registering in Mode:inband
Your registration request is being sent to the Admin server at: http://oam.example:7001


<DATE> oracle.security.jps.util.JpsUtil disableAudit
INFO: JpsUtil: isAuditDisabled set to true
Inband registration process completed successfully! Output artifacts are created in the output folder.

  3. Navigate to the /u01/app/oracle/product/middlewareidm/idm/oam/server/rreg/output/Webgate_IDM directory and create a backup of the webgate files created:

    cd /u01/app/oracle/product/middlewareidm/idm/oam/server/rreg/output/Webgate_IDM
tar -cvzf webgate.tar *
cp webgate.tar /stage/OAM12c/

  4. Launch a browser and access the Oracle Access Management Console at http://oam.example.com:7001/oamconsole. Log in as the Access Manager administration user you created when you prepared the ID Store. For example oamadmin.

  5. Click Agents from the Application Security screen.

  6. When the Search SSO Agents screen appears, click Search.

  7. You should see the WebGate agent Webgate_IDM.

Adding LDAP Groups to WebLogic Administrators

Oracle Access Manager requires access to the MBeans stored within the Administration Server. To enable the LDAP users to log in to the WebLogic Console and Fusion Middleware Control, you must assign them the WebLogic administration rights. For Oracle Access Manager to invoke these Mbeans, users in the OAMAdministrators group must have the WebLogic administration rights.

When you implement single sign-on, you have to provide the LDAP group IDM administrators with the WebLogic administration rights to help them log in and perform the WebLogic administrative actions.

To add the LDAP Groups OAMAdministrators and WLSAdministrators to the WebLogic Administrators:

  1. Launch a browser and access the WebLogic Console at http://oam.example.com:7001/console. Log in as the default administrative user weblogic.

  2. In the left pane of the console, click Security Realms.

  3. On the Summary of Security Realms page, click myrealm under the Realms table.

  4. On the Settings page for myrealm, click the Roles & Policies tab.

  5. On the Realm Roles page, expand the Global Roles entry under the Roles table.

  6. Click the Roles link to go to the Global Roles page.

  7. On the Global Roles page, click the Admin role to go to the Edit Global Roles page.

  8. On the Edit Global Roles page, under the Role Conditions table, click the Add Conditions button.

  9. On the Choose a Predicate page, select Group from the drop down list for predicates and click Next.

  10. On the Edit Arguments Page, Specify OAMAdministrators in the Group Argument field and click Add.

  11. Repeat for the Group WLSAdministrators.

  12. Click Finish to return to the Edit Global Roles page.

  13. The Role Conditions table now shows the groups OAMAdministrators or WLSAdministrators as role conditions.

  14. Click Save to finish adding the Admin role to the OAMAdministrators and IDM Administrators Groups.

Updating WebGate Agents

  1. Launch a browser and access the Oracle Access Management Console at http://oam.example.com:7001/oamconsole. Log in as the Access Manager administration user you created when you prepared the ID Store. For example oamadmin.

  2. Click the Agents pad on the Application Security screen.

  3. Ensure that the WebGates tab is selected.

  4. Click Search. This lists all agents.

  5. Click an agent.

  6. Set Maximum Connections to 10. This is the total maximum number of connections for the primary OAM server.

  7. In User Defined Parameters if:

    • logoutRedirectUrl is set, make sure it is set to logoutRedirectUrl=https://ohs.example.com/oam/server/logout.
    • OAMRestEndPointHostName is set, make sure it is set to OAMRestEndPointHostName=ohs.example.com.
    • OAMRestEndPointPort is set, make sure it is set to OAMRestEndPointPort=443.
    • OAMServerCommunicationMode is set, make sure it is set to OAMServerCommunicationMode=HTTPS.

  8. Set Logout Redirect URL to https://ohs.example.com/oam/server/logout.

  9. Click Apply.

  10. Repeat steps 6-9 for the rest of the agents.

Adding the Missing Policies to OAM

The following policies need adding to the IAM Suite domain if they do not exist:

Resource Type Host Identifier Resource URL Protection Level Authentication Policy Authorization Policy
HTTP IAMSuiteAgent /consolehelp/** Excluded    
HTTP IAMSuiteAgent /management/** Excluded    
HTTP IAMSuiteAgent /otpfp/** Excluded    
HTTP IAMSuiteAgent /dms/** Excluded    
HTTP IAMSuiteAgent /iam/access/binding/api/v10/oap/** Excluded    
HTTP IAMSuiteAgent /iam/admin/config/api/v1/config/** Excluded    
HTTP IAMSuiteAgent /oam/services/rest/** Excluded    
HTTP IAMSuiteAgent /oauth2/rest/** Excluded    
HTTP IAMSuiteAgent /.well-known/openid-configuration Excluded    
HTTP IAMSuiteAgent /oauth2/rest/approval Protected OAuth Authentication Policy Protected Resource Policy
HTTP IAMSuiteAgent /oam/pages/consent.jsp Protected OAuth Authentication Policy Protected Resource Policy

  1. Launch a browser and access the Oracle Access Management Console at http://oam.example.com:7001/oamconsole. Log in as the Access Manager administration user you created when you prepared the ID Store. For example oamadmin.

  2. From the Launch pad click Application Domains in the Access Manager section.

  3. Click Search on the Search page.

  4. Click the domain IAM Suite.

  5. Click the Resources tab and click Search.

  6. If any of the above do not exist, then click Create and enter the information specified in the table above. Click Apply.

  7. Repeat the above for any other missing resources.

Validating the Authentication Providers

Set the order of identity assertion and authentication providers in the WebLogic Server Administration Console:

  1. Log in to the WebLogic Server Administration Console, if not already logged in.

  2. Click Lock & Edit.

  3. From the left navigation, select Security Realms.

  4. Click the myrealm default realm entry.

  5. Click the Providers tab.

  6. From the table of providers, click the DefaultAuthenticator.

  7. Set the Control Flag to SUFFICIENT.

  8. Click Save to save the settings.

  9. From the navigation breadcrumbs, click Providers to return to the list of providers.

  10. Click Reorder.

  11. Sort the providers to ensure that the OAM Identity Assertion provider is first, and the DefaultAuthenticator provider is last

    Sort Order Provider Control Flag
    1 OAMIDAsserter REQUIRED
    2 OUDAuthenticator SUFFICIENT
    3 DefaultIdentityAsserter N/A
    4 Trust Service Identity Asserter N/A
    5 DefaultAuthenticator SUFFICIENT

  12. Click OK.

  13. Click Activate Changes to propagate the changes.

Configuring Oracle ADF and OPSS Security with Oracle Access Manager

Some Oracle Fusion Middleware management consoles use Oracle Application Development Framework (Oracle ADF) security, which can integrate with Oracle Access Manager Single Sign-on (SSO). These applications can take advantage of Oracle Platform Security Services (OPSS) SSO for user authentication, but you must first configure the domain-level jps-config.xml file to enable these capabilities.

To update the OPSS configuration to delegate SSO actions in Oracle Access Manager, complete the following steps:

  1. Run the following commands to connect to the WebLogic Administration Server:

    cd /u01/app/oracle/product/middlewareidm/oracle_common/common/bin
./wlst.sh
connect('weblogic','<password>','t3://oam.example.com:7001')

  2. Run the addOAMSSOProvider command as follows:

    addOAMSSOProvider(loginuri="/${app.context}/adfAuthentication", logouturi="/oam/logout.html")

    The output should look similar to the following:

    Location changed to domainRuntime tree. This is a read-only tree
with DomainMBean as the root MBean.
For more help, use help('domainRuntime')

  3. Exit WLST:

    exit()

Restart the Domain.

  1. Stop the OAM servers:

    cd /u01/app/oracle/admin/domains/oam_domain/bin
./stopManagedWebLogic.sh oam_policy_mgr1
./stopManagedWebLogic.sh oam_server1
./stopWebLogic.sh

  2. Start the OAM servers:

    cd /u01/app/oracle/admin/domains/oam_domain/bin
./startManagedWebLogic.sh oam_server1
./startManagedWebLogic.sh oam_policy_mgr1
./startWebLogic.sh

Next Tutorial

Install and Configure Oracle HTTP Server for Oracle Access Management 12c Sandbox Environment.

Feedback

To provide feedback on this tutorial, please contact idm_user_assistance_ww_grp@oracle.com

Acknowledgements

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.