Similar Questions

• Active directory certification for OAM 11 GR 2 using OVD

  I am aware that OAM 11 GR 2 doesnot support Active Directory (AD) 2003.

  We had a use case in support of Federation using OAM 11 GR 2 somehow. I noticed that the last version of OVD 11.1.1.7 located support AD 2003.

  So can assume us that we can use AD 2003 with 11 GR 2 OAM for services of the Federation if we use OVD as the identity store?

  Thank you

  Nassima

  Got confirmation from Oracle it's possible!

• No sufficient privileges for OAM

  I am the administrator of the system and for some reason if I go to OAM any menu item I get the message of

  	An error has occurred! Please note: you don't have sufficient privileges to perform this function.

  I am entitled to everything.  I signed as long as me and not the system administrator.

  If I sign with the sysadmin, I am able to access it.

  RDBMS: 11.2.0.3.0

  Oracle Applications: 12.1.3

  It must be something with the grants/roles assigned to your user - compare SYSADMIN should check.

  Also, please check the application logs, you will find more information about the error.

  Thank you

  Hussein

• Problem with OAM Webgate

  We use the OAM 10.1.4.2. There are several webgates. One of the webgate (A webgate) is to have more question:
  
  If a user has to connect on webgate A application and then open a new browser window and log on to another application webgate. The user is disconnected Webgate asked.
  
  Thank you.
  Vinay
  
  Published by: user504421 on January 9, 2010 23:50

  Hello

  Check the primary domain HTTP Cookie option on webgate configuration. What is the value configured this option in the configuration of these two webgates?

  Carlos

• Monitoring tool for OAM 10 g

  Hi all
  I'll try to find every possible way to monitor a server 10g OAM... The documentation I read on SNMP Monitoring... So I installed the SNMP Agent on the machine where OAM is installed... And I came to know how to enable SNMP Monitoring in OAM 10 g...
  
  I'm writing my understanding please correct me if I'm worng.
  
  -L' SNMP agent is installed in the machine OAM will gather surveillance data
  -L'agent will send information via SNMP for a master application
  
  If my interpretation is correct, here are my questions for which I need your answers; :)
  
  1. do I need to install all of the third party tools such as Tivoli or Sun SunNet Manager to which the SNMP Agent will send the information?
  2. my task is to create a custom OAM 10 g monitoring application. Can U please suggest me a better way to do...
  3. is there another way to control the identity and the access server to the...
  
  Thanks :)
  
  A * R

  Hmm, should work any SNMP tool, Grid Control works.

  -olaf

• Migration of 10g OAM for other infrastructure

  Hello

  We have a requirement to OAM 10 g of an infrastructure.

  There are about 10-15 applications configured in OAM and the political identity of shop/store is AD.

  Below two queries WRT, I have this:

  1. to confirm as OAM10g uses an LDAP in the policy, for the migration store we can export data LDAP and then import it into the new policy store for all configurations of OAM (of course some do we do manually too)?

  2. the 2nd challenge is that what needs to be done to Webgate, do we need to install new webgates for applications or we can re - register existing with the new OAM webgate.

  In both cases, to do it for all applications.

  3. is there the document/migration utility to migrate the data from one environment to the other OAM.

  Kind regards

  Deepika

  Hi Deepika,

  Unfortunately there is no utilities taken in charge for this type of horizontal OAM 10 g migration. For policies, you might consider copying the relevant part (o = oblix) in ldap and massage the data so that it is consistent with the new environment, but of course it's a little risky and prone to error.

  For WebGates, there is no need to uninstall/reinstall them - you can create entries (registry) in the new OAM access System Console, and then run the WebGate configureWebGate t-i order to point the WebGate on the new environment.

  Kind regards

  Colin

• How to reconfigure the OHS 11 g WebGate with OAM 11 g?

  Hi all
  
  Can you please let me know your opinion on below scenario?
  
  1. I set up a SST 11 g WebGate in OAM 11 g with main server with unique. WebGate works very well.
  2. in the future, I created a new OAM server with different proxy port and want to add as a secondary server to OHS 11 g webgate. To do this, my thoughts are: Goto OAM admin console and change the profile of the agent to add the secondary server. Is this all enough to make the complete work? By the way, ObAccessClient.xml no is not updated in the folder RREG_HOME/output of artifacts. If it is updated automatically after changing details in the OAM console so I can just copy to WebGate instance.
  
  The same question arises for 10g WebGate with OAM 11 g. Is it also possible to reconfigure the webgate as in the case of OAM 10 g and 10 g webgates?
  
  -Mango

  Hi Manon,.

  You only need to make the change in the oamconsole (change the agent profile as you suggest) and you do not need to re - copy the file ObAccessClient.xml. You may need to wait a few minutes for the change must be executed by the WebGate, or I expect a restart of the web server in order to acquire the new settings. Using the url of diagnosis webgate will tell you which servers OAM the WebGate is connected to (http://server:port/ohs/modules/webgate.cgi?progid=1 mfor 11 g WebGate).

  Kind regards
  Colin

• OIF - integrate OAM as a Module for the integration of MS

  We have a few problems integrating OIF OAM.
  
  We have installed the OAMSDK and configure the webgate on the server of the OIF and run listed here installation instructions (http://download.oracle.com/docs/cd/E12839_01/oim.1111/e13400/deployment.htm#DAFEEAAI)
  
  We put the %DOMAIN_HOME%\AccessServerSDK\oblix\lib folder into startweblogic.cmd.
  
  We tried %DOMAIN_HOME%\AccessServerSDK\oblix\lib with - Djava.library.path = in the arguments of weblogic server startup section.
  
  We have set any environment variables listed in the documentation.
  
  The error we receive the first time that we are trying to integrate with OAM, after we started the weblogic server is: caused by: java.lang.UnsatisfiedLinkError: no obaccess in java.library.path
  
  So if try again us, we get: caused by: java.lang.NoClassDefFoundError: com, oblix, access, ObConfig
  
  There is information about this error in Metalink but it refers only to a solution for Linux [579393.1 ID]
  
  Kind regards
  Tim

  I'm glad it helped.

  http://www.Oracle.com/technology/products/id_mgmt/coreid_acc/PDF/oracle_access_manager_certification_10.1.4_r3_matrix.xls<-- certification="" matrix="" that="" defines="" only="" 32-bit="" jvm="" as="" supported="" for="" oam="">

• WLST Script to create the domain weblogic for IOM and OAM

  Hello

  I intend to set up PS3 IOM - OAM in the new environment. We intend to perform the installation in silent mode. Does anyone have example WLST to create the domain weblogic for IOM or OAM?

  Thank you

  Here is an example of OUD. I post this one since it's the simplest and shortest, but it is the same for OAM and IOM except that the script is much longer because they ask a lot more questions. You will need to export the variables used or replace them with the appropriate values for your system.

  wait-<>

  the value of timeout 600

  spawn ${OUD_BASE}/${WLS_NAME}/common/bin/config.sh mode = console

  # Create a WebLogic domain

  wait {}

  {"Enter the index number to select GOLD *" {send "1\n"}}

  # Choose the components of the Weblogic Platform

  wait {}

  {"Enter the index number to select GOLD *" {send "1\n"}}

  # | ___Oracle directory Services Manager - 11.1.2.3.0 [Oracle_OUD1] [3]

  wait {}

  {"Enter number exactly as it appears in the media *" {send "3\n"}}

  wait {}

  {"Enter number exactly as it appears in the media *" {send "n"}}

  # Change the domain information

  wait {}

  "" Enter the value of * "{send" ${OUD_DOMAIN_NAME} \n "}}"

  wait {}

  {"Enter the number of the option to select GOLD *" {send "n\n"}}

  # Select the target area for this domain directory

  wait {}

  {'Enter' new target location GOLD * {send "${OUD_BASE} / user_projects/domains\n"}}

  wait {}

  {'Enter' new target location GOLD * {send "n\n"}}

  # Configure password and username administrator

  wait {}

  {"Enter the number of the option to select GOLD *" {send "2\n"}}

  wait {}

  "" Enter new * "{send" ${WLS_PASS} \n "}}"

  wait {}

  {"Enter the number of the option to select GOLD *" {send "3\n"}}

  wait {}

  "" Enter new * "{send" ${WLS_PASS} \n "}}"

  wait {}

  {"Enter the number of the option to select GOLD *" {send "n\n"}}

  # Configuration mode field-> 1 | Development mode

  wait {}

  {"Enter the index number to select GOLD *" {send "1\n"}}

  # Java SDK selection

  wait {}

  {"Enter the index number to select GOLD *" {send "2\n"}}

  wait {}

  {'Enter' new JVM Directory GOLD * {send "${JAVA_HOME} \n"}}

  wait {}

  {'Enter' new JVM Directory GOLD * {send "n\n"}}

  # Select Optional Configuration

  wait {}

  {"Enter the index number to select GOLD *" {send "1\n"}}

  wait {}

  {"Enter the index number to select GOLD *" {send "n"}}

  # Configure the Administration Server

  # Change "Listen port.

  wait {}

  {"Enter the number of the option to select GOLD *" {send "3\n"}}

  wait {}

  "" Enter the value of * "{send" ${ODSM_PORT} \n "}}"

  # Change 'SSL enabled.

  wait {}

  {"Enter the number of the option to select GOLD *" {send "4\n"}}

  wait {}

  {"Enter the index number to select GOLD *" {send "1\n"}}

  # Change 'SSL listening Port.

  wait {}

  {"Enter the number of the option to select GOLD *" {send "4\n"}}

  wait {}

  "" Enter the value of * "{send" ${ODSM_SPORT} \n "}}"

  # Then

  wait {}

  {"Enter the number of the option to select GOLD *" {send "n\n"}}

  # wait for install

  wait {}

  {"Successfully created * field *" {send "\n"}}

  EXPRESSIONS OF FOLKLORE

• Export files for use in Adobe Muse OAM

  I'm a 3D Designer and you want to make an OAM-file so I can put it in Adobe Muse.

  I try to import all the 500 png in Adobe animate CC and save it as a file OAM, but quality is still poor.

  How can I set up publication for OAM that the quality is good.

  Thank you.

  

  Export files of CC OAM animate to Dreamweaver and Adobe Muse | Adobe Dreamweaver CC tutorials

  [moved to Adobe Creative cloud to Adobe animate CC - general]

• Access Oracle Portal Configuration problem (OAM 11.1.2.2 + OTD)

  Hi all

  Has anyone faced the question below while installation & configuration of the Portal (PAO) to access Oracle?

  
  

  I followed the Oracle documentation(up to 47.3.14.1) , but began to get server errors to access the /logonmangager using the port of Oracle traffic Director (OTD).

  OTD oblog.log inspection, I noticed that the following have been measurement error,

  2014/11/06@20:47:50.15891 4542 4559 ACCESS_GATE FATAL 0 x 00001520 /ade/aime_ngamac_738371/ngamac/src/palantir/webgate2/src/nsentry_web_gate.cpp:275

  "The exception thrown during initialization WebGate.

  2014/11/06@20:47:50.15894 4542 4559 FATAL ACCESS_GATE 0x0000181C /ade/aime_ngamac_738371/ngamac/src/palantir/webgate2/src/nsentry_web_gate.cpp:276

  "Oracle accessgate API is not initialized."  raw_code ^ 204

  Though, I met these errors as soon as possible for a standard OAM + Webgate install, I've been check all possible reasons why that could happen - expiry of the certificate, re-copied artifacts webgate, redone the steps etc but nothing helped.

  
  

  Pointers would be much appreciated.
  

  This question has bypassed by configuring the webgate in "Open" Mode

• Application of flow through Webgate and web application server

  I have a scenarios,

  There are two webgates on both web servers configured as a reverse proxy to an application. The doors of two web use external load balancer 1 (material). Two web portals are registered on two servers OAM (load balancing - logical web application server). The application is protected by OAM, and is set to launch a custom login page. The application web servers also use external load balancer 2.

  First, when the user tries to access the URL of the application, the flow would be:

  LoadBalancer1 - Web server with OAM WebGate - WebServer with WebGate (after successful authentication) - LoadBalancer2 (lettering) - server of web App - homepage

  Now, what happens if the user goes to another link within the app? The user will be routed to the loadbalancer 2 to the Web server with load balancer WebGate GOLD 2 to 1 load balancer, then to the Web server with WebGate. Please note that the web server with WebGate is configured as reverse proxy for the application. Sorry if I'm not able to articulate the situation clearly.

  Any thoughts?

  Thank you.

  Hello

  Allows to call the application URL app.mydomain.com. With the components you mentioned above, generally that would make a DNS change to point app.mydomain.com to 'loadbalancer1 '.

  Say so the user has already been authenticated and authorized and on the page of the application (app.mydomain.com/home.jsp). OAM is usually configured to protect web pages within an application. When the user clicks on 'Préférences' inside of home.jsp which is "app.mydomain.com/preferences.jsp", control would again go to loadbalancer1-> of the webgates.

  Hope that answers your question.

• With OAM10g WebGate load balancer

  Hi all

  I have two protected apache http server with 10g oam webgate, they work fine if I have access to the resource protected from the IP two webgate separately.

  However, if I have access to the protected front load balancer IP address resource, the resource is not protected and no challenge/SSO authentication happens.

  the load balancer will be distruibute request to the Apache server two webgate protected, and the end user can know only the dns name/IP address of the load balancer.

  Should any configuration be done on the side of the OAM?

  I tried to add the LB IP of the host identifier, but even he can't get works.

  Thank you.

  Yes. the identifier for the host includes the webgate and LB hostname/IP.

  The problem is solved, the cause is the LB before the application for application port 7003 directly rather than port 80 http.

• OBIEE 11.1.1.6 SSO with OAM 11.1.1.5: problem of attribute OID 11.1.1.6

  Hello world!
  
  I configured an OAM (webgate) + DIO + OBIEE + OHS system.
  The OBIEE is protected via OHS(weblogic module) and webgate. It works very well.
  The CAO authenticates OID (default user identity store).
  The * "User research Base" * is the same (* "cn = Users, dc is mydomain, dc = com" *) in the store of identity and authentication provider OID of OBIEE too.
  SSO is enabled in OBIEE and suppliers are:
  OID (provider that performs authentication LDAP 1.0) JUST
  REQUIRED OAM (Oracle Access Manager identity Asserter 1.0) provider
  DefaultAuthenticator (WebLogic Authentication Provider 1.0) SUFFICIENT
  DefaultIdentityAsserter
  
  IF the * "User name attribute" * is * '' cn '' * in-store OAM of identity of the users and the provider of the OID of the OBIEE * "user name attribute" * is * "cn" * (by default) also, everything works fine.
  
  But I have to use * "orclSAMAccountName" * instead of * "cn" * (OAM and OID provider). And in this case, I have the problem.
  The OID of the OBIEE provider are:
  All users filter: (& (orclSAMAccountName = *)(objectclass=person))
  The user of the name filter: (&(orclSAMAccountName=%u)(objectclass=person)))
  Username attribute: orclSAMAccountName
  
  I did a test user:
  CN = test
  SN = test_sn
  orclsamaccountname = test_sama
  UID = test_uid
  krbprincipalname = test_krb
  I can authenticate with test_sama OAM, but OBIEE say: * "" you are not logged here: Oracle BI Server. "*"
  The bi log shows that:
  + By default (self-adjusting)' > < BISystemUser > <>< 00093dFuR ^ HFW7PMye7i6G00052S000Tt7 > < 1345642607333 > < BEA-000000 > < javax.security.auth.login.FailedLoginException: [Security: 090304] authentication failed: User test javax.security.auth.login.LoginException: identity [Security: 090300] Assertion failure: test user does not exist +.
  + oracle.security.jps.internal.api.jaas.AssertionException: javax.security.auth.login.FailedLoginException: [Security: 090304] authentication failed: User test javax.security.auth.login.LoginException: [Security: 090300] identity Assertion failure: test user does not exist.
  
  Why does search OBIEE the * '' cn '' * and why does not use the * "orclsamaccountname?"
  
  Any idea?
  
  Best regards, Jani

  Hello Joseph,.

  This is a known issue in OBIEE 11.1.1.6.0, please see: OBIEE 11.1.1.6 Agent failed with error code: IHVF6OM7:OPR4ONWY:U9IM8TAC [nQSError: 13039] the imposter does not exist in the BI [1446877.1 ID] Security Service

  We have configured OBIEE 11.1.1.6 on Linux and use Single Sign On (SSO) with authentication Native for Windows (Ondaaah).

  Configured authenticator AD, select sAMAccountName instead of CN for the attribute of the user. SSO in MS license. When you try to access the OBIEE presentation services we met the below error.

  «You are not logged here: Oracle BI Server.»

  When to check the logfile biserver1 found: failure of the Assertion of identity [Security: 090300]: user OracleSystemUser does not exist

  After you apply the hotfix 13553428 on top of 11.1.1.6.0 OBIEE we connected in OBIEE presentation services.

  It works very well with OBIEE, 11.1.1.5.0 and 11.1.1.6.1

  OBIEE fixed in 11.1.1.6.1. Apply Patch 13742915.

  If you want to stay in OBIEE 11.1.1.6.0. Apply Patch 13553428.

  Let me know if this solves the problem of Asserter.

  Pls mark so useful or response.

  Thank you
  SVS-

• Solaris 10 compatibility with 11g Webgates

  We have a customer using Solaris 10, Apache 2.2.13, and we need to install webgates to protect their resources. We use the OAM 11 g (11.1.1.5). We have done in the past, but the matrix certification indicates that only 10g webgates are able to be used with this combination.
  
  Is this still true or are we able to use 11g webgates with this combination?
  
  In a few months, we have will be upgrading to 11.1.1.6... are we going (notice I did not ask if we) have to say about our customer to go to the OHS 11 g instead of Apache?
  
  Any help would be appreciated... and if we can get documentation that directs us precisely on this point-, so we can instill in our customer the need to spend to OHS Apache would be too great!

  OldGuy wrote:
  We have a customer using Solaris 10, Apache 2.2.13, and we need to install webgates to protect their resources. We use the OAM 11 g (11.1.1.5). We have done in the past, but the matrix certification indicates that only 10g webgates are able to be used with this combination.

  It is correct and still the case.

  In a few months, we have will be upgrading to 11.1.1.6... are we going (notice I did not ask if we) have to say about our customer to go to the OHS 11 g instead of Apache?

  There is no 11.1.1.6 for OAM, the next update will go to 11.1.2 and WebGate support remains the same, but Sun OpenSSO agent will build as well.