User Identity Stores

Default and System Store

The following table describes the elements in the Default and System Store section of the User Identity Stores page:

Element	Description
Default Store	Select a default store from the drop-down menu. For LDAP authentication modules, you must manually select the registered identity store.
System Store	Select a system store from the drop-down menu. Only one User Identity Store can be designated as the System Store. This is used to authenticate Administrators signing in to use the Oracle Access Management Console, remote registration tools, and custom administrative commands in WLST.
Apply	Click Apply to submit the changes.

Element

Description

Default Store

Select a default store from the drop-down menu.

For LDAP authentication modules, you must manually select the registered identity store.

System Store

Select a system store from the drop-down menu. Only one User Identity Store can be designated as the System Store. This is used to authenticate Administrators signing in to use the Oracle Access Management Console, remote registration tools, and custom administrative commands in WLST.

Apply

Click Apply to submit the changes.

Access System Administrators

This table appears only while changing System Store. All Administrator roles, users, and groups must be stored in the System Store. If the System Store changes, appropriate Administrator roles must be added to the new System Store.

The following table describes the elements in the Access System Administrators section of the User Identity Stores page:

Element	Description
Name	Displays the name added using Add System Administrators Roles dialog box.
Type	Displays the type of the added name.
	Click to sort the items in the column in ascending order.
	Click to sort the items in the column in descending order.
Add	Click to open Add System Administrators Roles dialog box.
Delete	Select a row in the table and click Delete to remove the row.

Add System Administrators Roles dialog box

Click Add button in Access System Administrators section to open this dialog box.

Search

In this section, user can search the System Store to find configured administrators.

The following table describes the elements in the Add System Administrator Roles dialog box of the Access System Administrators section:

Element	Description
Name	Type a name that needs to be searched.
Type	Select a Type from the list.
Search	Click Search to initiate the search and populate results in the search results table.
Reset	Click Reset to reset the search criteria.

Search Results

This section lists the records matching the search criteria.

The following table describes the elements in the Add System Administrator Roles dialog box of the Access System Administrators section:

Element	Description
View	Choose commands from the View menu to control how the columns are displayed: Columns - Click a column header name to quickly show or hide a single column. Detach - Click to open the table in a larger window. Reorder Columns - Click to open a dialog that lets you change the order of the table columns.
Detach	Click to expand the table to a full page.
Name	Displays the searched names.
Type	Displays the Type of the searched names.
Add selected	Select the desired user from the table, then click Add Selected to add the selected rows to Access System Administrators table.
Cancel	Click Cancel to cancel your selections.
	Click to close the dialog box.

OAM ID Stores

The following table describes the elements in the OAM ID Stores section of the User Identity Stores page:

Element	Description
View	Choose commands from the View menu to control how the columns are displayed: Columns - Click a column header name to quickly show or hide a single column. Detach - Click to open the table in a larger window. Reorder Columns - Click to open a dialog that lets you change the order of the table columns.
Create	Click to create a new user identity store using the Create User Identity Store page.
Duplicate	Click to create a copy of the existing record. Select a row and click Duplicate to open the existing record in edit mode, user can make changes and save the record.
Edit	Select a row in the table and click Edit to open the record in edit mode. Modify values as needed and click Apply to update the registration or close the tab without applying changes.
Delete	Select a row in the table and click Delete, in the confirm pop-up click Delete to remove the row or click Cancel to retain the row.
Name	Lists all the created Store Names.
Directory Type	Lists the type of directory server software hosting the repository. If the type is not selected, this field will be empty.
Host Information	Lists the information about the host computer on which the Identity Directory Service Repository is located.
Description	Lists the description added while creating the Identity Store.
Synched IDS Profiles	Lists the IDS profiles that are synched.
	Click to sort the items in the column in ascending order.
	Click to sort the items in the column in descending order.
Sync IDS Profiles	Click to make common Identity Directory Service Profiles accessible to Oracle Access Management as local Identity Stores.

Identity Directory Service

Identity Directory Service is a common service used by Oracle Identity Management products to access and manage Identity Directory. The IDS Profiles can be used within Oracle Access Management after they are synchronized.

IDS Profiles

The following table describes the elements in the IDS Profiles section of the User Identity Stores page:

Element	Description
View	Choose commands from the View menu to control how the columns are displayed: Columns - Click a column header name to quickly show or hide a single column. Detach - Click to open the table in a larger window. Reorder Columns - Click to open a dialog that lets you change the order of the table columns.
Create	Click to create a new identity directory service profile using the Create Identity Store Profile page.
Edit	Select a row in the table and click Edit to open the record in edit mode. Modify values as needed and click Apply to update the registration or close the tab without applying changes.
Delete	Select a row in the table and click Delete, in the confirm pop-up click Delete to remove the row, or click Cancel to retain the row.
Name	Lists all the created User Profile Service Provider names.
Description	Lists all the descriptions added for the Service Provider names.
Repository Name	Lists all the Repository Names added for the Service Provider names.
Created By	Displays the name of the user who created the IDS profile.
	Click to sort the items in the column in ascending order.
	Click to sort the items in the column in descending order.

Create Identity Store Profile

Use this page to create an Identity Service Profile. Click Create under IDS Profiles section to access this page.

The following table describes the elements in the Create Identity Store Profile page:

Element	Description
Name	Type a unique name for this User Profile Service Provider.
Description	Type a short description that will help you or another Administrator identify this service in the future.

Repository

The following table describes the elements in the Repository section of the Create Identity Store Profile page:

Element	Description
Repository Options	Select any of the following options: Create New - Defines a new Repository object for the Identity Directory Service connection. Use Existing - Allows you to choose a previously defined Repository object selecting it from the drop down menu.
Name	Enter a unique name to create, or choose an existing one from the menu. After entering a new name, configure properties for the Identity Directory Service connection.
Directory Type	Select the type of directory server software hosting the Repository. For Example: Microsoft Active Directory or Oracle Internet Directory. If your directory is not listed, leave this field empty. Note: If you are not defining a new Identity Directory Service connection or creating a new repository, this field is read-only.
Hosts	Contains information about the host computer on which the Identity Directory Service Repository is located. Add multiple hosts if the directory server is part of a cluster.
View	Choose commands from the View menu to control how the columns are displayed: Columns - Click a column header name to quickly show or hide a single column. Detach - Click to open the table in a larger window. Reorder Columns - Click to open a dialog that lets you change the order of the table columns.
Add	Click to add a new host to the table.
Remove	Select a row in the table and click Removeto delete the row.
Host Name	Type either the IP address or the name of the computer on which the Directory server is running.
Port	Type the port number that the directory server is configured to use.
Load Distribution (%)	Type the load amount as a percentage that should be directed to each host. For multiple hosts, the amount should add up to 100%.
Availability	Choose from the following: Failover - Choose if the cluster is configured for failover operation. Load balanced - Choose if the cluster distributes the load across multiple hosts. Note: This field is read-only if you are using an existing repository.
SSL	Select Enabled if the connection is configured for SSL.
Bind DN	Type the distinguished name (DN) of the LDAP Administrator used to authenticate to the Directory server.
Bind Password	Type the Bind DN password used to authenticate to the Directory server.
Base DN	Type the base distinguished name (DN) where User and Group data is located.
Password Management	Select Enabled to enable password policy enforcement against attribute values. Refer Password Management for attribute values and to configure the corresponding options in the password policy.
Use Native ID Store Settings	This enables getting the authentication code for natively locked/disabled/pw_must_change code in the LDAP authentication module.
Use Oblix User schema	Click to check this box to Enable the use of OBLIX schema instead of standard Oracle schema.
Create	Click to create this identity profile, the profile is displayed in the IDS Profiles table.
Cancel	Click to cancel this identity profile.
Test Connection	Click to confirm connectivity, then close the confirmation window.

Form-Fill Application IDS Profile

Use this page to create an Identity Directory Service Profile for a Form-fill Application, click the Create Form-Fill Application IDS Profile button on the left of the IDS Profile section to access this page.

This page is arranged in the following sections:

Repository
Entity Search Bases

The following table describes the elements in the Form-Fill Application IDS Profile page:

Element	Description
Name	Type a unique name for this User Profile Service Provider.
Description	Type a short description that will help you or another Administrator identify this service in the future.

Repository

The following table describes the elements in the Repository section of the Form-Fill Application IDS Profile page:

Element	Description
Repository Options	Select any of the following options: Create New - Defines a new Repository object for the Identity Directory Service connection. Use Existing - Allows you to choose a previously defined Repository object selecting it from the drop down menu.
Name	Enter a unique name to create, or choose an existing one from the menu. After entering a new name, configure properties for the Identity Directory Service connection.
Directory Type	Select the type of directory server software hosting the Repository. For Example: Microsoft Active Directory or Oracle Internet Directory. If your directory is not listed, leave this field empty. Note:If you are not defining a new Identity Directory Service connection or creating a new repository, this field is read-only.
Hosts	Contains information about the host computer on which the Identity Directory Service Repository is located. Add multiple hosts if the directory server is part of a cluster.
View	Choose commands from the View menu to control how the columns are displayed: Columns - Click a column header name to quickly show or hide a single column. Detach - Click to open the table in a larger window. Reorder Columns - Click to open a dialog that lets you change the order of the table columns.
Add	Click to add a new host to the table.
Remove	Select a row from the table and click Remove to delete the row.
Host Name	Type either the IP address or the name of the computer on which the Directory server is running.
Port	Type the port number that the directory server is configured to use.
Load Distribution (%)	Type the load amount as a percentage that should be directed to each host. For multiple hosts, the amount should add up to 100%.
Availability	Choose from the following: Failover - Choose if the cluster is configured for failover operation. Load balanced - Choose if the cluster distributes the load across multiple hosts. Note: This field is read-only if you are using an existing repository.
SSL	Select Enabled if the connection is configured for SSL.
Bind DN	Type the distinguished name (DN) of the LDAP Administrator used to authenticate to the Directory server.
Bind Password	Type the Bind DN password used to authenticate to the Directory server.
Base DN	Type the base distinguished name (DN) where User and Group data is located.
Password Management	Select Enabled to enable password policy enforcement against attribute values. Refer Password Management for attribute values and to configure the corresponding options in the password policy.
Use Native ID Store Settings	This enables getting the authentication code for natively locked/disabled/pw_must_change code in the LDAP authentication module.
Use Oblix User schema	Click to check this box to Enable the use of OBLIX schema instead of standard Oracle schema.

Entity Search Bases

The following table describes the elements in the Entity Search Bases section of the Form-Fill Application IDS Profile page:

Element	Description
User Base DN	Full DN for the node at which enterprise users are stored in the directory. For Example: cn=Users,realm_DN.
Group Base DN	Full DN for the node at which enterprise groups are stored in the directory. For Example: ou=demo.
Application Template Base DN	Full DN for the node from which searches for the Application Templates will begin.
Top Search Base DN	Full DN for the node from which searches will begin. For Example: cn=realm_DN.
Create	Click to create this identity profile, the profile is displayed in the IDS Profiles table.
Cancel	Click to cancel this identity profile.
Test Connection	Click to confirm connectivity, then close the confirmation window.

IDS Repositories Elements

The following table describes the elements in the IDS Repositories section of the User Identity Stores page:

Element	Description
View	Choose commands from the View menu to control how the columns are displayed: Columns - Click a column header name to quickly show or hide a single column. Detach - Click to open the table in a larger window. Reorder Columns - Click to open a dialog that lets you change the order of the table columns.
Create	Click to create a new IDS Repository using the Create IDS Repositories page.
Edit	Select a row in the table and click Edit to open the record in edit mode. Modify values as needed and click Apply to update the repository, or close the tab without applying changes.
Delete	Select a row in the table and click Delete, in the confirm pop-up click Delete to remove the row, or click Cancel to retain the row.
Name	Lists the created IDS Repository names.
Directory Type	Lists the Directory Type added for the Repositories.
Host Information	Lists the Host Information added.
	Click to sort the items in the column in ascending order.
	Click to sort the items in the column in descending order.

Create IDS Repositories/Create LDAP Repository

Use this page to create an Identity Directory Service Repository, click Create under IDS Repository to access this page.

The following table describes the elements in the Create IDS Repositories page:

Element	Description
Name	Type a unique name to create, or choose an existing one from the menu. After entering a new name, configure properties for the Identity Directory Service connection.
Directory Type	Select the type of directory server software hosting the Repository. For example: Microsoft Active Directory or Oracle Internet Directory. If your directory is not listed, leave this field empty. Note: If you are not defining a new Identity Directory Service connection or creating a new repository, this field is read-only.
Hosts	Contains information about the host computer on which the Identity Directory Service Repository is located. Add multiple hosts if the directory server is part of a cluster.
View	Choose commands from the View menu to control how the columns are displayed: Columns - Click a column header name to quickly show or hide a single column. Detach - Click to open the table in a larger window. Reorder Columns - Click to open a dialog that lets you change the order of the table columns.
Add	Click to add a new host to the table.
Remove	Select a row from the table and click Remove to delete the row.
Host Name	Type either the IP address or the name of the computer on which the Directory server is running.
Port	Type the port number that the directory server is configured to use.
Load Distribution (%)	Type the load amount as a percentage that should be directed to each host. For multiple hosts, the amount should add up to 100%.
Availability	Choose from the following: Failover - Choose if the cluster is configured for failover operation. Load balanced - Choose if the cluster distributes the load across multiple hosts. Note: This field is read-only if you are using an existing repository.
SSL	Select Enabled if the connection is configured for SSL.
Bind DN	Type the distinguished name (DN) of the LDAP Administrator used to authenticate to the Directory server.
Bind Password	Type the Bind DN password used to authenticate to the Directory server.
Base DN	Type the base distinguished name (DN) where User and Group data is located.
Password Management	Select Enabled to enable password policy enforcement against attribute values. Refer Password Management for attribute values and to configure the corresponding options in the password policy.
Use Native ID Store Settings	This enables getting the authentication code for natively locked/disabled/pw_must_change code in the LDAP authentication module.
Use Oblix User Schema	Click to check this box to Enable the use of OBLIX schema instead of standard Oracle schema.
Test Connection	Click to confirm if the values are correct.
Create	Click to create this IDS Repository, the repository is displayed in the IDS Repositories table.
Cancel	Click to cancel this IDS Repository.