For OAM WebGate
I installed 11.1.2 for 11.1.2 OAM Webgate and ran into a problem. I uninstalled and reinstalled(webgate/webcache).
I use this doc-installation and configuration of server of HTTP in Oracle 11 g WebGate in OAM-11 g Release 2 (11.1.2.2.0)
and in this section 2.6.1.4 uses the Mode Out-Of-Band.
In political OAM Configuration host identifiers, I have some host identifiers that I would like to get rid of. How to manually remove these?
When I try to remove them within the OAM, it tells me "host ID cannot be deleted. (Referred to in a resource). »
I currently have 4.
I would like to run the Mode Out-Of-Band with no host identifiers, so I don't have any problems.
Any recommendations would be appreciated.
Thank you
To remove a host identifier, you must separate them all the resources protected by them. Check the areas of application and to identify the resources that are related to this host-ID. Remove from the protected/auth/az public policy. Once that is done, try to delete the host identifier
Tags: Fusion Middleware
Similar Questions
-
Active directory certification for OAM 11 GR 2 using OVD
I am aware that OAM 11 GR 2 doesnot support Active Directory (AD) 2003.
We had a use case in support of Federation using OAM 11 GR 2 somehow. I noticed that the last version of OVD 11.1.1.7 located support AD 2003.
So can assume us that we can use AD 2003 with 11 GR 2 OAM for services of the Federation if we use OVD as the identity store?
Thank you
Nassima
Got confirmation from Oracle it's possible!
-
No sufficient privileges for OAM
I am the administrator of the system and for some reason if I go to OAM any menu item I get the message of
An error has occurred!
Please note: you don't have sufficient privileges to perform this function.
I am entitled to everything. I signed as long as me and not the system administrator.
If I sign with the sysadmin, I am able to access it.
RDBMS: 11.2.0.3.0
Oracle Applications: 12.1.3
It must be something with the grants/roles assigned to your user - compare SYSADMIN should check.
Also, please check the application logs, you will find more information about the error.
Thank you
Hussein
-
We use the OAM 10.1.4.2. There are several webgates. One of the webgate (A webgate) is to have more question:
If a user has to connect on webgate A application and then open a new browser window and log on to another application webgate. The user is disconnected Webgate asked.
Thank you.
Vinay
Published by: user504421 on January 9, 2010 23:50Hello
Check the primary domain HTTP Cookie option on webgate configuration. What is the value configured this option in the configuration of these two webgates?
Carlos
-
Hi all
I'll try to find every possible way to monitor a server 10g OAM... The documentation I read on SNMP Monitoring... So I installed the SNMP Agent on the machine where OAM is installed... And I came to know how to enable SNMP Monitoring in OAM 10 g...
I'm writing my understanding please correct me if I'm worng.
-L' SNMP agent is installed in the machine OAM will gather surveillance data
-L'agent will send information via SNMP for a master application
If my interpretation is correct, here are my questions for which I need your answers; :)
1. do I need to install all of the third party tools such as Tivoli or Sun SunNet Manager to which the SNMP Agent will send the information?
2. my task is to create a custom OAM 10 g monitoring application. Can U please suggest me a better way to do...
3. is there another way to control the identity and the access server to the...
Thanks :)
A * RHmm, should work any SNMP tool, Grid Control works.
-olaf
-
Migration of 10g OAM for other infrastructure
Hello
We have a requirement to OAM 10 g of an infrastructure.
There are about 10-15 applications configured in OAM and the political identity of shop/store is AD.
Below two queries WRT, I have this:
1. to confirm as OAM10g uses an LDAP in the policy, for the migration store we can export data LDAP and then import it into the new policy store for all configurations of OAM (of course some do we do manually too)?
2. the 2nd challenge is that what needs to be done to Webgate, do we need to install new webgates for applications or we can re - register existing with the new OAM webgate.
In both cases, to do it for all applications.
3. is there the document/migration utility to migrate the data from one environment to the other OAM.
Kind regards
Deepika
Hi Deepika,
Unfortunately there is no utilities taken in charge for this type of horizontal OAM 10 g migration. For policies, you might consider copying the relevant part (o = oblix) in ldap and massage the data so that it is consistent with the new environment, but of course it's a little risky and prone to error.
For WebGates, there is no need to uninstall/reinstall them - you can create entries (registry) in the new OAM access System Console, and then run the WebGate configureWebGate t-i
order to point the WebGate on the new environment. Kind regards
Colin
-
How to reconfigure the OHS 11 g WebGate with OAM 11 g?
Hi all
Can you please let me know your opinion on below scenario?
1. I set up a SST 11 g WebGate in OAM 11 g with main server with unique. WebGate works very well.
2. in the future, I created a new OAM server with different proxy port and want to add as a secondary server to OHS 11 g webgate. To do this, my thoughts are: Goto OAM admin console and change the profile of the agent to add the secondary server. Is this all enough to make the complete work? By the way, ObAccessClient.xml no is not updated in the folder RREG_HOME/output of artifacts. If it is updated automatically after changing details in the OAM console so I can just copy to WebGate instance.
The same question arises for 10g WebGate with OAM 11 g. Is it also possible to reconfigure the webgate as in the case of OAM 10 g and 10 g webgates?
-MangoHi Manon,.
You only need to make the change in the oamconsole (change the agent profile as you suggest) and you do not need to re - copy the file ObAccessClient.xml. You may need to wait a few minutes for the change must be executed by the WebGate, or I expect a restart of the web server in order to acquire the new settings. Using the url of diagnosis webgate will tell you which servers OAM the WebGate is connected to (http://server:port/ohs/modules/webgate.cgi?progid=1 mfor 11 g WebGate).
Kind regards
Colin -
OIF - integrate OAM as a Module for the integration of MS
We have a few problems integrating OIF OAM.
We have installed the OAMSDK and configure the webgate on the server of the OIF and run listed here installation instructions (http://download.oracle.com/docs/cd/E12839_01/oim.1111/e13400/deployment.htm#DAFEEAAI)
We put the %DOMAIN_HOME%\AccessServerSDK\oblix\lib folder into startweblogic.cmd.
We tried %DOMAIN_HOME%\AccessServerSDK\oblix\lib with - Djava.library.path = in the arguments of weblogic server startup section.
We have set any environment variables listed in the documentation.
The error we receive the first time that we are trying to integrate with OAM, after we started the weblogic server is: caused by: java.lang.UnsatisfiedLinkError: no obaccess in java.library.path
So if try again us, we get: caused by: java.lang.NoClassDefFoundError: com, oblix, access, ObConfig
There is information about this error in Metalink but it refers only to a solution for Linux [579393.1 ID]
Kind regards
TimI'm glad it helped.
http://www.Oracle.com/technology/products/id_mgmt/coreid_acc/PDF/oracle_access_manager_certification_10.1.4_r3_matrix.xls<-- certification="" matrix="" that="" defines="" only="" 32-bit="" jvm="" as="" supported="" for="" oam="">-->
-
WLST Script to create the domain weblogic for IOM and OAM
Hello
I intend to set up PS3 IOM - OAM in the new environment. We intend to perform the installation in silent mode. Does anyone have example WLST to create the domain weblogic for IOM or OAM?
Thank you
Here is an example of OUD. I post this one since it's the simplest and shortest, but it is the same for OAM and IOM except that the script is much longer because they ask a lot more questions. You will need to export the variables used or replace them with the appropriate values for your system.
wait-<>
the value of timeout 600
spawn ${OUD_BASE}/${WLS_NAME}/common/bin/config.sh mode = console
# Create a WebLogic domain
wait {}
{"Enter the index number to select GOLD *" {send "1\n"}}
# Choose the components of the Weblogic Platform
wait {}
{"Enter the index number to select GOLD *" {send "1\n"}}
# | ___Oracle directory Services Manager - 11.1.2.3.0 [Oracle_OUD1] [3]
wait {}
{"Enter number exactly as it appears in the media *" {send "3\n"}}
wait {}
{"Enter number exactly as it appears in the media *" {send "n"}}
# Change the domain information
wait {}
"" Enter the value of * "{send" ${OUD_DOMAIN_NAME} \n "}}"
wait {}
{"Enter the number of the option to select GOLD *" {send "n\n"}}
# Select the target area for this domain directory
wait {}
{'Enter' new target location GOLD * {send "${OUD_BASE} / user_projects/domains\n"}}
wait {}
{'Enter' new target location GOLD * {send "n\n"}}
# Configure password and username administrator
wait {}
{"Enter the number of the option to select GOLD *" {send "2\n"}}
wait {}
"" Enter new * "{send" ${WLS_PASS} \n "}}"
wait {}
{"Enter the number of the option to select GOLD *" {send "3\n"}}
wait {}
"" Enter new * "{send" ${WLS_PASS} \n "}}"
wait {}
{"Enter the number of the option to select GOLD *" {send "n\n"}}
# Configuration mode field-> 1 | Development mode
wait {}
{"Enter the index number to select GOLD *" {send "1\n"}}
# Java SDK selection
wait {}
{"Enter the index number to select GOLD *" {send "2\n"}}
wait {}
{'Enter' new JVM Directory GOLD * {send "${JAVA_HOME} \n"}}
wait {}
{'Enter' new JVM Directory GOLD * {send "n\n"}}
# Select Optional Configuration
wait {}
{"Enter the index number to select GOLD *" {send "1\n"}}
wait {}
{"Enter the index number to select GOLD *" {send "n"}}
# Configure the Administration Server
# Change "Listen port.
wait {}
{"Enter the number of the option to select GOLD *" {send "3\n"}}
wait {}
"" Enter the value of * "{send" ${ODSM_PORT} \n "}}"
# Change 'SSL enabled.
wait {}
{"Enter the number of the option to select GOLD *" {send "4\n"}}
wait {}
{"Enter the index number to select GOLD *" {send "1\n"}}
# Change 'SSL listening Port.
wait {}
{"Enter the number of the option to select GOLD *" {send "4\n"}}
wait {}
"" Enter the value of * "{send" ${ODSM_SPORT} \n "}}"
# Then
wait {}
{"Enter the number of the option to select GOLD *" {send "n\n"}}
# wait for install
wait {}
{"Successfully created * field *" {send "\n"}}
EXPRESSIONS OF FOLKLORE
-
Export files for use in Adobe Muse OAM
I'm a 3D Designer and you want to make an OAM-file so I can put it in Adobe Muse.
I try to import all the 500 png in Adobe animate CC and save it as a file OAM, but quality is still poor.
How can I set up publication for OAM that the quality is good.
Thank you.
Export files of CC OAM animate to Dreamweaver and Adobe Muse | Adobe Dreamweaver CC tutorials
[moved to Adobe Creative cloud to Adobe animate CC - general]
-
Access Oracle Portal Configuration problem (OAM 11.1.2.2 + OTD)
Hi all
Has anyone faced the question below while installation & configuration of the Portal (PAO) to access Oracle?
I followed the Oracle documentation(up to 47.3.14.1) , but began to get server errors to access the /logonmangager using the port of Oracle traffic Director (OTD).
OTD oblog.log inspection, I noticed that the following have been measurement error,
2014/11/06@20:47:50.15891 4542 4559 ACCESS_GATE FATAL 0 x 00001520 /ade/aime_ngamac_738371/ngamac/src/palantir/webgate2/src/nsentry_web_gate.cpp:275
"The exception thrown during initialization WebGate.
2014/11/06@20:47:50.15894 4542 4559 FATAL ACCESS_GATE 0x0000181C /ade/aime_ngamac_738371/ngamac/src/palantir/webgate2/src/nsentry_web_gate.cpp:276
"Oracle accessgate API is not initialized." raw_code ^ 204
Though, I met these errors as soon as possible for a standard OAM + Webgate install, I've been check all possible reasons why that could happen - expiry of the certificate, re-copied artifacts webgate, redone the steps etc but nothing helped.
Pointers would be much appreciated.
This question has bypassed by configuring the webgate in "Open" Mode
-
Application of flow through Webgate and web application server
I have a scenarios,
There are two webgates on both web servers configured as a reverse proxy to an application. The doors of two web use external load balancer 1 (material). Two web portals are registered on two servers OAM (load balancing - logical web application server). The application is protected by OAM, and is set to launch a custom login page. The application web servers also use external load balancer 2.
First, when the user tries to access the URL of the application, the flow would be:
LoadBalancer1 - Web server with OAM WebGate - WebServer with WebGate (after successful authentication) - LoadBalancer2 (lettering) - server of web App - homepage
Now, what happens if the user goes to another link within the app? The user will be routed to the loadbalancer 2 to the Web server with load balancer WebGate GOLD 2 to 1 load balancer, then to the Web server with WebGate. Please note that the web server with WebGate is configured as reverse proxy for the application. Sorry if I'm not able to articulate the situation clearly.
Any thoughts?
Thank you.
Hello
Allows to call the application URL app.mydomain.com. With the components you mentioned above, generally that would make a DNS change to point app.mydomain.com to 'loadbalancer1 '.
Say so the user has already been authenticated and authorized and on the page of the application (app.mydomain.com/home.jsp). OAM is usually configured to protect web pages within an application. When the user clicks on 'Préférences' inside of home.jsp which is "app.mydomain.com/preferences.jsp", control would again go to loadbalancer1-> of the webgates.
Hope that answers your question.
-
With OAM10g WebGate load balancer
Hi all
I have two protected apache http server with 10g oam webgate, they work fine if I have access to the resource protected from the IP two webgate separately.
However, if I have access to the protected front load balancer IP address resource, the resource is not protected and no challenge/SSO authentication happens.
the load balancer will be distruibute request to the Apache server two webgate protected, and the end user can know only the dns name/IP address of the load balancer.
Should any configuration be done on the side of the OAM?
I tried to add the LB IP of the host identifier, but even he can't get works.
Thank you.
Yes. the identifier for the host includes the webgate and LB hostname/IP.
The problem is solved, the cause is the LB before the application for application port 7003 directly rather than port 80 http.
-
Hello world!
I configured an OAM (webgate) + DIO + OBIEE + OHS system.
The OBIEE is protected via OHS(weblogic module) and webgate. It works very well.
The CAO authenticates OID (default user identity store).
The * "User research Base" * is the same (* "cn = Users, dc is mydomain, dc = com" *) in the store of identity and authentication provider OID of OBIEE too.
SSO is enabled in OBIEE and suppliers are:
OID (provider that performs authentication LDAP 1.0) JUST
REQUIRED OAM (Oracle Access Manager identity Asserter 1.0) provider
DefaultAuthenticator (WebLogic Authentication Provider 1.0) SUFFICIENT
DefaultIdentityAsserter
IF the * "User name attribute" * is * '' cn '' * in-store OAM of identity of the users and the provider of the OID of the OBIEE * "user name attribute" * is * "cn" * (by default) also, everything works fine.
But I have to use * "orclSAMAccountName" * instead of * "cn" * (OAM and OID provider). And in this case, I have the problem.
The OID of the OBIEE provider are:
All users filter: (& (orclSAMAccountName = *)(objectclass=person))
The user of the name filter: (&(orclSAMAccountName=%u)(objectclass=person)))
Username attribute: orclSAMAccountName
I did a test user:
CN = test
SN = test_sn
orclsamaccountname = test_sama
UID = test_uid
krbprincipalname = test_krb
I can authenticate with test_sama OAM, but OBIEE say: * "" you are not logged here: Oracle BI Server. "*"
The bi log shows that:
+ By default (self-adjusting)' > < BISystemUser > <>< 00093dFuR ^ HFW7PMye7i6G00052S000Tt7 > < 1345642607333 > < BEA-000000 > < javax.security.auth.login.FailedLoginException: [Security: 090304] authentication failed: User test javax.security.auth.login.LoginException: identity [Security: 090300] Assertion failure: test user does not exist +.
+ oracle.security.jps.internal.api.jaas.AssertionException: javax.security.auth.login.FailedLoginException: [Security: 090304] authentication failed: User test javax.security.auth.login.LoginException: [Security: 090300] identity Assertion failure: test user does not exist.
Why does search OBIEE the * '' cn '' * and why does not use the * "orclsamaccountname?"
Any idea?
Best regards, JaniHello Joseph,.
This is a known issue in OBIEE 11.1.1.6.0, please see: OBIEE 11.1.1.6 Agent failed with error code: IHVF6OM7:OPR4ONWY:U9IM8TAC [nQSError: 13039] the imposter does not exist in the BI [1446877.1 ID] Security Service
We have configured OBIEE 11.1.1.6 on Linux and use Single Sign On (SSO) with authentication Native for Windows (Ondaaah).
Configured authenticator AD, select sAMAccountName instead of CN for the attribute of the user. SSO in MS license. When you try to access the OBIEE presentation services we met the below error.
«You are not logged here: Oracle BI Server.»
When to check the logfile biserver1 found: failure of the Assertion of identity [Security: 090300]: user OracleSystemUser does not exist
After you apply the hotfix 13553428 on top of 11.1.1.6.0 OBIEE we connected in OBIEE presentation services.
It works very well with OBIEE, 11.1.1.5.0 and 11.1.1.6.1
OBIEE fixed in 11.1.1.6.1. Apply Patch 13742915.
If you want to stay in OBIEE 11.1.1.6.0. Apply Patch 13553428.
Let me know if this solves the problem of Asserter.
Pls mark so useful or response.
Thank you
SVS- -
Solaris 10 compatibility with 11g Webgates
We have a customer using Solaris 10, Apache 2.2.13, and we need to install webgates to protect their resources. We use the OAM 11 g (11.1.1.5). We have done in the past, but the matrix certification indicates that only 10g webgates are able to be used with this combination.
Is this still true or are we able to use 11g webgates with this combination?
In a few months, we have will be upgrading to 11.1.1.6... are we going (notice I did not ask if we) have to say about our customer to go to the OHS 11 g instead of Apache?
Any help would be appreciated... and if we can get documentation that directs us precisely on this point-, so we can instill in our customer the need to spend to OHS Apache would be too great!OldGuy wrote:
We have a customer using Solaris 10, Apache 2.2.13, and we need to install webgates to protect their resources. We use the OAM 11 g (11.1.1.5). We have done in the past, but the matrix certification indicates that only 10g webgates are able to be used with this combination.It is correct and still the case.
In a few months, we have will be upgrading to 11.1.1.6... are we going (notice I did not ask if we) have to say about our customer to go to the OHS 11 g instead of Apache?
There is no 11.1.1.6 for OAM, the next update will go to 11.1.2 and WebGate support remains the same, but Sun OpenSSO agent will build as well.
Maybe you are looking for
-
How to return to Google instant
How can I get rid of the hijack of Firefox in the moment the Launcher Android Google page?
-
Missing Audio device (Microphone) on the Satellite A500-026 (PSAR2A 026002)
Hello list! I have a laptop A500-026 Toshiba for presentations (via overhead projector) and internet communications (Skype, etc.). At a recent presentation, I was using the internal speakers of the place (plug in the line-out jack on my A500), but to
-
OfficeJet 6600: iPad suddenly can not find wireless HP printer.
iPad, suddenly cannot find a working HP officejet wireless printer! He worked recently.
-
a forest, two areas using Exchange 2010. With the command Get-MailboxDatabase-status to see how many mailboxes in a database, I get only the amount of mailboxes from one of the areas. What I add to it in order to get the info from these two areas?
-
Order number: H124754400 product number: C2L41UA #ABA
Hi, I would like to inquire about my order has been shipped, why not and I'm sad because I waited more than 10 days and I have not received my order