Table of Contents
- List of Examples
- List of Figures
- List of Tables
- Title and Copyright Information
- Preface
- What's New
-
Part I IdM Integration Topology
-
1
Introduction to IdM Suite Components Integration
- 1.1 Prerequisites to Integrating IdM Suite Components
- 1.2 Understanding Oracle Identity Management Integration Topologies
- 1.3 Overview of IdM Components Used in the Integration
- 1.4 IdM Integration Quick Links
- 1.5 About Password Management Scenarios
- 1.6 System Requirements and Certification
- 1.7 Using My Oracle Support for Additional Troubleshooting Information
-
1
Introduction to IdM Suite Components Integration
-
Part II Core Integrations
- 2 Preparing LDAP IDStore
- 3 Integrating Oracle Access Manager and LDAP
-
4
Integrating Oracle Identity Governance and Oracle Access Manager Using LDAP Connectors
-
4.1
Overview of Oracle Identity Governance and Oracle Access Manager Integration
- 4.1.1 About Integrating Oracle Identity Governance with Oracle Access Manager
- 4.1.2 About Oracle Identity Governance and Oracle Access Manager Single-Node Integration Topology
- 4.1.3 Prerequisites to Integrating Oracle Identity Governance and Oracle Access Manager
- 4.1.4 Roadmap to Integrating Oracle Identity Governance and Oracle Access Manager
- 4.2 Installing Oracle HTTP Server and Configuring the Oracle HTTP Server WebGate
-
4.3
Configuring Oracle Identity Governance and Oracle Access Manager Integration
- 4.3.1 Prerequisites for the Connector-based Integration
-
4.3.2
Step-by-step Procedure for OIG-OAM Integration Using Automated Script
- 4.3.2.1 Populating OHS Rules Using Automated Script
- 4.3.2.2 Configuring WLS Authentication Providers Using Automated Script
- 4.3.2.3 Configuring LDAP Connector Using Automated Script
- 4.3.2.4 Configuring SSO Integration Using Automated Script
- 4.3.2.5 Enabling OAM Notifications Using Automated Script
- 4.3.2.6 Restarting Servers
- 4.3.2.7 Adding JDK Arguments
-
4.4
Validating the Access Manager and Oracle Identity Governance Integration
- 4.4.1 Validating the Oracle Identity Governance SSO Configuration Settings
- 4.4.2 Validating the Oracle Identity Governance Security Provider Configuration
- 4.4.3 Validating the Access Manager Security Provider Configuration
- 4.4.4 Validating the Oracle Identity Governance Domain Credential Store
- 4.4.5 Validating the Oracle Identity Governance Event Handlers Configured for SSO
- 4.4.6 Validating the Oracle Identity Governance SSO Logout Configuration
- 4.4.7 Functionally Testing the Access Manager and Oracle Identity Governance Integration
- 4.4.8 Validating Integration Configuration
- 4.4.9 Improving Reset Password Performance in Active Directory Integration
- 4.5 Scheduled Jobs for OIG-OAM Integration
- 4.6 Configuring User Defined Fields
- 4.7 Known Limitations and Workarounds in OIG-OAM Integration
-
4.1
Overview of Oracle Identity Governance and Oracle Access Manager Integration
-
5
Troubleshooting Common Problems in Access Manager and OIG Integration
-
5.1
Troubleshooting Single Sign-On Issues in an Access Manager and OIG Integrated Environment
- 5.1.1 Diagnosing Single Sign-On Issues By Capturing HTTP Headers
- 5.1.2 Access Manager Redirection to OIG Login Page
- 5.1.3 Access Manager Failure to Authenticate User
- 5.1.4 Troubleshooting Oracle Access Management Console Login Operation Errors
- 5.1.5 Troubleshooting Authenticated User Redirection to OIG Login
- 5.1.6 User Redirected to OIG During OIG Forgot Password, Register New Account, or Track User Registration Flows
- 5.1.7 User Redirection in a Loop
- 5.1.8 Troubleshooting SSO Integration Configuration
- 5.1.9 WADL Generation Does not Show Description
- 5.2 Troubleshooting Auto-Login Issues in an Access Manager and OIG Integrated Environment
- 5.3 Troubleshooting Session Termination Issues
- 5.4 Troubleshooting Account Self-Locking Issues
-
5.5
Troubleshooting Miscellaneous Issues in an Access Manager and OIG Integrated Environment
- 5.5.1 Scheduler and System Properties do not come up in the Integrated Environment
- 5.5.2 Client Based Oracle Identity Governance Login Failure
- 5.5.3 Logout 404 Error Occurs After Logging Out of OIG protected Application
- 5.5.4 Old Password Remains Active After Password Reset
- 5.5.5 OIG Configuration Failure During Seeding of OIG Policies into Access Manager
- 5.5.6 Adding Object Classes Fails
- 5.5.7 SSO Reconciliation Filter Does Not Work With DN Attributes for Trusted Source Reconciliation
- 5.5.8 Login Fails for Users Created Through Bulk Load
- 5.5.9 Events are Generated Without Any Changes in the Target
- 5.6 Troubleshooting Target Account Creation
- 5.7 Troubleshooting prepareIDStore for AD
- 5.8 Troubleshooting the OIG-OAM Integrated Environment Upgrade
-
5.1
Troubleshooting Single Sign-On Issues in an Access Manager and OIG Integrated Environment
- 6 Modifying OAM Configuration Properties
-
Part III External SSO Solutions
-
7
Integrating with Identity Federation
- 7.1 Introduction to Identity Federation with Oracle Access Manager
- 7.2 Running Access Manager-OIF Integration Scripts to Automate Tasks
-
7
Integrating with Identity Federation
-
Part IV Additional Identity Store Configuration
-
8
Configuring an Identity Store with Multiple Directories
- 8.1 Overview of Configuring Multiple Directories as an Identity Store
-
8.2
Configuring Multiple Directories as an Identity Store: Split Profile
- 8.2.1 Prerequisites to Configuring Multiple Directories as an Identity Store
- 8.2.2 Repository Descriptions
- 8.2.3 Setting Up Oracle Internet Directory as a Shadow Directory
- 8.2.4 Directory Structure Overview - Shadow Join
- 8.2.5 Configuring Oracle Virtual Directory Adapters for Split Profile
- 8.2.6 Configuring a Global Consolidated Changelog Plug-in
- 8.2.7 Validating the Oracle Virtual Directory Changelog
- 8.3 Configuring Multiple Directories as an Identity Store: Distinct User and Group Populations in Multiple Directories
- 8.4 Additional Configuration Tasks When Reintegrating Oracle Identity Governance With Multiple Directories
-
8
Configuring an Identity Store with Multiple Directories
- Part V Part V IDM Known Issues and Workarounds
-
Appendices
-
A
Verifying Adapters for Multiple Directory Identity Stores by Using ODSM
-
A.1
Verifying Oracle Virtual Directory Adapters for Split Profile by Using ODSM
- A.1.1 Verifying User Adapter for Active Directory Server
- A.1.2 Verifying Shadowjoiner User Adapter
- A.1.3 Verifying JoinView Adapter
- A.1.4 Verifying User/Role Adapter for Oracle Internet Directory
- A.1.5 Verifying Changelog Adapter for Active Directory Server
- A.1.6 Verifying Changelog Adapter for Oracle Internet Directory
- A.1.7 Configuring a Global Consolidated Changelog Plug-in
- A.1.8 Validating Oracle Virtual Directory Changelog
-
A.2
Verifying Adapters for Distinct User and Group Populations in Multiple Directories by Using ODSM
- A.2.1 Verifying the User Adapter on the Oracle Virtual Directory Instances
- A.2.2 Verifying the Plug-In of the User/Role Adapter A1
- A.2.3 Verifying the Plug-In of the User/Role Adapter A2
- A.2.4 Verifying the Changelog Adapter C1 Plug-In
- A.2.5 Verifying the Changelog Adapter for Active Directory
- A.2.6 Verifying Changelog Adapter C2
- A.2.7 Verifying Oracle Virtual Directory Global Plug-in
- A.2.8 Configuring a Global Consolidated Changelog Plug-in
-
A.1
Verifying Oracle Virtual Directory Adapters for Split Profile by Using ODSM
- B Using the idm.conf File
-
C
Using the idmConfigTool Command
- C.1 About idmConfigTool
- C.2 Set Up Environment Variables for OIG-OAM Integration
- C.3 idmConfigTool Syntax and Usage
- C.4 Additional Tasks for OUD Identity Store in an HA Environment
- C.5 IdmConfigTool Options and Properties
- C.1 preConfigIDStore Command
- C.2 prepareIDStore Command
- C.3 configOAM Command
- D Configuring User-Defined Fields
- E Modifying OIG to Revert OIG-OAM Integration Configuration
-
F
Upgrading OIG-OAM Integrated
Environments
- F.1 About the Starting Points for an OIM-OAM Integrated Environment Upgrade
- F.2 Upgrading an OAM-OIM Integrated Environment from a Previous 12c Release
-
F.3
Upgrading an OAM-OIM Integrated
Environment from a 11g Release
- F.3.1 Task 1: Upgrading the Integrated Environments
- F.3.2 Task 2: Configuring Oracle HTTP Server
- F.3.3 Task 3: Prerequisites for the Connector-based Integration
- F.3.4 Task 4: Disabling LDAP Synchronization
- F.3.5 Task 5: Configuring WLS Authentication Providers
- F.3.6 Task 6: Configuring the LDAP Connector
- F.3.7 Task 7: Configuring SSO Integration
- F.3.8 Task 8: Enabling OAM Notifications
- F.3.9 Task 9: Adding Missing Object Classes
- F.3.10 Task 10: Restarting Servers
- F.3.11 Task 11: Performing Post-Upgrade Task
- F.3.12 Task 12: Validating the Integrated Environments
-
A
Verifying Adapters for Multiple Directory Identity Stores by Using ODSM