Table of Contents
- List of Examples
- List of Figures
- List of Tables
- Title and Copyright Information
- Preface
-
What's New
- Updates in April 2018 Documentation Refresh for 12c Release 2 (12.2.1.3.0)
- Updates and New Features in January 2018 Documentation Refresh for 12c Release 2 (12.2.1.3.0)
- Updates in June 2015 Documentation Refresh for 11g Release 2 (11.1.2.3.0)
- Updates and New Features for 11g Release 3 (11.1.2.3.0)
- Updates in February 2014 Documentation Refresh for 11g Release 2 (11.1.2.2.0)
- Updates and New Features for 11g Release 2 (11.1.2.2.0)
- Updates in September 2013 Documentation Refresh for 11g Release 2 (11.1.2.1.0)
- Updates in July 2013 Documentation Refresh for 11g Release 2 (11.1.2.1.0)
- Updates in May 2013 Documentation Refresh for 11g Release 2 (11.1.2.1.0)
- New and Changed Features for 11g Release 2 (11.1.2.1.0)
- Updates in November 2012 Documentation Refresh for 11g Release 2 (11.1.2)
- Updates in August 2012 Documentation Refresh for 11g Release 2 (11.1.2)
- New and Changed Features for 11g Release 2 (11.1.2)
- Other Significant Changes in this Document for 11g Release 2 (11.1.2)
-
Part I IdM Integration Topology
-
1
Introduction to IdM Suite Components Integration
- 1.1 Prerequisites to Integrating IdM Suite Components
- 1.2 Understanding Oracle Identity Management Integration Topologies
- 1.3 Overview of IdM Components Used in the Integration
- 1.4 IdM Integration Quick Links
- 1.5 About Password Management Scenarios
- 1.6 System Requirements and Certification
- 1.7 Using My Oracle Support for Additional Troubleshooting Information
-
1
Introduction to IdM Suite Components Integration
-
Part II Core Integrations
-
2
Integrating Oracle Identity Governance and Oracle Access Manager Using LDAP Connectors
-
2.1
Overview of Oracle Identity Governance and Oracle Access Manager Integration
- 2.1.1 About Integrating Oracle Identity Governance with Oracle Access Manager
- 2.1.2 About Oracle Identity Governance and Oracle Access Manager Single-Node Integration Topology
- 2.1.3 Prerequisites to Integrating Oracle Identity Governance and Oracle Access Manager
- 2.1.4 Roadmap to Integrating Oracle Identity Governance and Oracle Access Manager
- 2.2 Configuring Oracle HTTP Server to Front-End Resources on Oracle Identity Governance
-
2.3
Configuring Oracle Identity Governance and Oracle Access Manager Integration
- 2.3.1 Prerequisites for the Connector-based Integration
- 2.3.2 One-step Procedure for OIG-OAM Integration Using Automated Script
-
2.3.3
Step-by-step Procedure for OIG-OAM Integration Using Automated Script
- 2.3.3.1 Preparing IDStore Using Automated Script
- 2.3.3.2 Configuring OAM Using Automated Script
- 2.3.3.3 Populating OHS Rules Using Automated Script
- 2.3.3.4 Configuring WLS Authentication Providers Using Automated Script
- 2.3.3.5 Configuring LDAP Connector Using Automated Script
- 2.3.3.6 Configuring SSO Integration Using Automated Script
- 2.3.3.7 Enabling OAM Notifications Using Automated Script
- 2.3.3.8 Adding Missing Object Classes Using Automated Script
- 2.3.3.9 Restarting Servers
-
2.4
Validating the Access Manager and Oracle Identity Governance Integration
- 2.4.1 Validating the Oracle Identity Governance SSO Configuration Settings
- 2.4.2 Validating the Oracle Identity Governance Security Provider Configuration
- 2.4.3 Validating the Access Manager Security Provider Configuration
- 2.4.4 Validating the Oracle Identity Governance Domain Credential Store
- 2.4.5 Validating the Oracle Identity Governance Event Handlers Configured for SSO
- 2.4.6 Validating the Oracle Identity Governance SSO Logout Configuration
- 2.4.7 Functionally Testing the Access Manager and Oracle Identity Governance Integration
- 2.4.8 Validating Integration Configuration
-
2.5
Troubleshooting Common Problems in Access Manager and OIG Integration
-
2.5.1
Troubleshooting Single Sign-On Issues in an Access Manager and OIG Integrated Environment
- 2.5.1.1 Diagnosing Single Sign-On Issues By Capturing HTTP Headers
- 2.5.1.2 Access Manager Redirection to OIG Login Page
- 2.5.1.3 Access Manager Failure to Authenticate User
- 2.5.1.4 Troubleshooting Oracle Access Management Console Login Operation Errors
- 2.5.1.5 Troubleshooting Authenticated User Redirection to OIG Login
- 2.5.1.6 User Redirected to OIG During OIG Forgot Password, Self-Registration, or Track Registration Flows
- 2.5.1.7 User Redirection in a Loop
- 2.5.1.8 Troubleshooting SSO Integration Configuration
- 2.5.2 Troubleshooting Auto-Login Issues in an Access Manager and OIG Integrated Environment
- 2.5.3 Troubleshooting Session Termination Issues
- 2.5.4 Troubleshooting Account Self-Locking Issues
- 2.5.5 Troubleshooting Miscellaneous Issues in an Access Manager and OIG Integrated Environment
- 2.5.6 Troubleshooting Target Account Creation
-
2.5.1
Troubleshooting Single Sign-On Issues in an Access Manager and OIG Integrated Environment
- 2.6 Scheduled Jobs for OIG-OAM Integration
- 2.7 Known Limitations and Workarounds in OIG-OAM Integration
-
2.1
Overview of Oracle Identity Governance and Oracle Access Manager Integration
-
2
Integrating Oracle Identity Governance and Oracle Access Manager Using LDAP Connectors
-
Part III External SSO Solutions
-
3
Integrating with Identity Federation
- 3.1 Introduction to Identity Federation with Oracle Access Manager
-
3.2
Integrating Access Manager 11gR2 with Identity Federation 11gR1
- 3.2.1 About SP and Authentication Integration Modes
- 3.2.2 Access Manager and Oracle Identity Federation Integration Overview
- 3.2.3 Prerequisites to Integrating Access Manager with Oracle Identity Federation
- 3.2.4 Verifying Servers are Running and a Resource is Protected
- 3.2.5 Registering Oracle HTTP Server WebGate with Access Manager for Access Manager and OIF Integration
- 3.2.6 Configuring Oracle Identity Federation for Access Manager and OIF Integration
- 3.2.7 Configuring Access Manager for Integration with Oracle Identity Federation
- 3.2.8 Configuring Access Manager to Protect a Resource with the OIFScheme
- 3.2.9 Testing the Access Manager and Oracle Identity Federation Integration Configuration
- 3.3 Running Access Manager-OIF Integration Scripts to Automate Tasks
-
3
Integrating with Identity Federation
-
Part IV Additional Identity Store Configuration
-
4
Configuring an Identity Store with Multiple Directories
- 4.1 Overview of Configuring Multiple Directories as an Identity Store
-
4.2
Configuring Multiple Directories as an Identity Store: Split Profile
- 4.2.1 Prerequisites to Configuring Multiple Directories as an Identity Store
- 4.2.2 Repository Descriptions
- 4.2.3 Setting Up Oracle Internet Directory as a Shadow Directory
- 4.2.4 Directory Structure Overview - Shadow Join
- 4.2.5 Configuring Oracle Virtual Directory Adapters for Split Profile
- 4.2.6 Configuring a Global Consolidated Changelog Plug-in
- 4.2.7 Validating the Oracle Virtual Directory Changelog
- 4.3 Configuring Multiple Directories as an Identity Store: Distinct User and Group Populations in Multiple Directories
- 4.4 Additional Configuration Tasks When Reintegrating Oracle Identity Governance With Multiple Directories
-
4
Configuring an Identity Store with Multiple Directories
-
Appendices
-
A
Verifying Adapters for Multiple Directory Identity Stores by Using ODSM
-
A.1
Verifying Oracle Virtual Directory Adapters for Split Profile by Using ODSM
- A.1.1 Verifying User Adapter for Active Directory Server
- A.1.2 Verifying Shadowjoiner User Adapter
- A.1.3 Verifying JoinView Adapter
- A.1.4 Verifying User/Role Adapter for Oracle Internet Directory
- A.1.5 Verifying Changelog Adapter for Active Directory Server
- A.1.6 Verifying Changelog Adapter for Oracle Internet Directory
- A.1.7 Configuring a Global Consolidated Changelog Plug-in
- A.1.8 Validating Oracle Virtual Directory Changelog
-
A.2
Verifying Adapters for Distinct User and Group Populations in Multiple Directories by Using ODSM
- A.2.1 Verifying the User Adapter on the Oracle Virtual Directory Instances
- A.2.2 Verifying the Plug-In of the User/Role Adapter A1
- A.2.3 Verifying the Plug-In of the User/Role Adapter A2
- A.2.4 Verifying the Changelog Adapter C1 Plug-In
- A.2.5 Verifying the Changelog Adapter for Active Directory
- A.2.6 Verifying Changelog Adapter C2
- A.2.7 Verifying Oracle Virtual Directory Global Plug-in
- A.2.8 Configuring a Global Consolidated Changelog Plug-in
-
A.1
Verifying Oracle Virtual Directory Adapters for Split Profile by Using ODSM
- B Using the idm.conf File
-
C
Using the idmConfigTool Command
- C.1 About idmConfigTool
- C.2 Set Up Environment Variables for OIG-OAM Integration
- C.3 idmConfigTool Syntax and Usage
- C.4 Additional Tasks for OUD Identity Store in an HA Environment
- C.5 IdmConfigTool Options and Properties
- C.1 preConfigIDStore Command
- C.2 prepareIDStore Command
- C.3 configOAM Command
- D Configuring LDAP Connector Manually
- E Configuring User-Defined Fields
- F Modifying OIG to Revert OIG-OAM Integration Configuration
-
A
Verifying Adapters for Multiple Directory Identity Stores by Using ODSM