OAM-OAAM-IOM in R2 integration

Similar Questions

• IOM-OAM-OAAM integration

  Experts,
  
  It's about IDM Oracle 11 g. I'm trying to understand the features of self-service (password reset, locking of account user, forgotten password, security question and answer configurations) in the integration of the IOM-OAM-OAAM. Here are my questions:
  
  * 1. Standalone OIM 11 g, how does below present works? *
  
  a. reset password
  b. account locking (which is the attribute to identify the user is locked)
  c. forgotten password.
  
  * 2. In the OAM - OIM 11g integration scenario, how does below present works? *
  
  a. reset password. (Which will take care of him)
  b. What is the debit of account lockout (which is the attribute to identify the user is locked).
  c. is user locked himself in the two IOM and OAM?
  (d) what will be the flow of forgotten password.
  e. what product stores the responses to question safety of the user?
  
  
  * 3. In the IOM-OAM-OAAM integration scenario, how does below present works? *
  
  a. reset password. (Which will take care of him)
  b. What is the debit of account lockout (which is the attribute to identify the user is locked).
  c. is user locked himself in the two IOM and OAM and OAAM?
  (d) what will be the flow of forgotten password.
  e. what product stores the responses to question safety of the user?
  
  Please help me.
  
  Thank you
  
  Published by: 859875 on March 23, 2012 09:59

  Hello

  To answer your questions here, it takes 1 HR alteast to type. Please go through link he proceeded by steps below.

  http://docs.Oracle.com/CD/E14571_01/doc.1111/e15740/idmint.htm#BABCBHDB

  + "If she answers your question, mark it as either useful or response. In this way, other users decides if he should respond to this request or not and records the time ' + '.

  Thank you
  GK

• Get the error during the execution of the IOM in script integrated purge OIM_ReconArch.sh

  Get the error during the execution of the IOM in script integrated purge OIM_ReconArch.sh
  
  
  bash-3. $00 cat Err_Arch_Recon_2012_11_01_15_36_06.log
  ****
  -The execution state of archives reconciliation
  ****
  BEGIN OIM_SP_ReconArchival ("n", "n", 200000, 'ARCHIVE_SELECT_WITH_CONS_DROP_REC', 'both, '20110101',' 20111231'); END;
  
  *
  ERROR on line 1:
  ORA-00942: table or view does not exist
  ORA-06512: at "PREPRD. OIM_SP_RECONARCHIVAL', line 722
  ORA-00942: table or view does not exist
  ORA-01031: insufficient privileges
  ORA-06512: at line 1
  
  
  Help, please

  ORA-06512: at "PREPRD. OIM_SP_RECONARCHIVAL', line 722
  ORA-00942: table or view does not exist
  ORA-01031: insufficient privileges

  (1) check if the OIM_SP_RECONARCHIVAL table or the view exists or not...
  (2) if it exists, check if the DEV_OIM user has enough privilege to view this table...
  Otherwise, give it all privileges to open as a sys as sysdba

  GRANT ALL PRIVILEGES ON DEV_OIM;

  COMMIT;

• IOM and OAAM 11g changing Password Integration

  After completing the integration IOM and OAAM, when I connect to IOM and then navigate to the profile > Security > change password I get redirected to the login page OAAM, but I receive an error message stating "sorry, the ID you entered is not recognized. Please try again. »
  
  I found the following error in the oaam_server_server1 - diagnostic.log. It seems that OAAM trying to make a back-end call to the /bea_wls_internal, but it's using the host name virtual sso.mycompany.com. I do not set up this context on the host virtual sso and it does not seem right to do so. Does anyone have an idea what is happening here? I think that he should ask bea_wls_internal to an internal host name and not the external virtual host.
  
  [2010-10-20 T 09: 34:46.242 - 05:00] [oaam_server_server1] [ERROR] [] [oracle.oaam] [tid: [ASSETS].] [ExecuteThread: '0' for the queue: "(self-adjusting) weblogic.kernel.Default"] [username: < anonymous >] [ecid: 004 ^ kpFaP600zkWFLzuHOA00024w00010b, 0:1] [APP: oaam_server #11.1.1.3.0] [URI: /oaam_server/oimChangePassword.jsp] error loading instance plugin for className = com.bharosa.vcrypt.services.OAAMUserMgmtOIM []
  javax.security.auth.login.LoginException: java.net.ConnectException: https://sso.mycompany.com:4443: Destination unreachable; nested exception is:
  java.io.FileNotFoundException: answer: 404: not found ' URL: ' https://sso.mycompany.com:4443/bea_wls_internal/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+10.3.3.0+dummy+%0A & rand = 5446459301412305231 .htm & DID = 2048 & HL = 19'; No router available at destination
  at weblogic.security.auth.login.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:194)
  at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
  to javax.security.auth.login.LoginContext.access$ 000 (LoginContext.java:186)
  to javax.security.auth.login.LoginContext$ 4.run(LoginContext.java:683)
  at java.security.AccessController.doPrivileged (Native Method)
  at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
  at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
  at Thor.API.Security.LoginHandler.weblogicLoginHandler.login (weblogicLoginHandler.java:61)
  at oracle.iam.platform.OIMClient.login(OIMClient.java:134)
  at oracle.iam.platform.OIMClient.login(OIMClient.java:129)
  at com.bharosa.vcrypt.services.OAAMUserMgmtOIM.init(OAAMUserMgmtOIM.java:407)
  to com.bharosa.vcrypt.services.OAAMUserMgmtOIM. < init > (OAAMUserMgmtOIM.java:87)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance0 (Native Method)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
  at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
  at java.lang.Class.newInstance0(Class.java:355)
  at java.lang.Class.newInstance(Class.java:308)
  at com.bharosa.uio.util.UIOUtil.getPlugin(UIOUtil.java:1926)
  at com.bharosa.uio.util.UIOUtil.getPasswordManager(UIOUtil.java:1895)
  at com.bharosa.uio.actions.ChangePasswordAction.bharosaExecute(ChangePasswordAction.java:198)
  at com.bharosa.uio.actions.UIOBaseAction.execute(UIOBaseAction.java:81)
  at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:421)
  at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:226)
  at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164)
  at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
  to weblogic.servlet.internal.StubSecurityHelper$ ServletServiceAction.run (StubSecurityHelper.java:227)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
  at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:526)
  at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:253)
  at org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1056)
  at org.apache.struts.tiles.TilesRequestProcessor.doForward(TilesRequestProcessor.java:261)
  at org.apache.struts.action.RequestProcessor.processForwardConfig(RequestProcessor.java:388)
  at org.apache.struts.tiles.TilesRequestProcessor.processForwardConfig(TilesRequestProcessor.java:316)
  at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:231)
  at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164)
  at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
  to weblogic.servlet.internal.StubSecurityHelper$ ServletServiceAction.run (StubSecurityHelper.java:227)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
  at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:526)
  at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:253)
  at jsp_servlet.__oimchangepassword._jspService(__oimchangepassword.java:71)
  at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
  to weblogic.servlet.internal.StubSecurityHelper$ ServletServiceAction.run (StubSecurityHelper.java:227)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
  at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.security.wls.filter.SSOSessionSynchronizationFilter.doFilter(SSOSessionSynchronizationFilter.java:279)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.doIt (WebAppServletContext.java:3684)
  to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.run (WebAppServletContext.java:3650)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  
  ]]
  
  If I set up the context of the bea_wls_internal on the virtual host of sso, I have the followig error:
  
  [2010-10-20 T 10: 15:02.320 - 05:00] [oaam_server_server1] [ERROR] [] [oracle.oaam] [tid: [ASSETS].] [ExecuteThread: '1' for the queue: "(self-adjusting) weblogic.kernel.Default"] [username: < anonymous >] [ecid: 004 ^ krVaEMv0zkWFLzuHOA0003w3000028, 0:1] [APP: oaam_server #11.1.1.3.0] [URI: /oaam_server/oimChangePassword.jsp] error loading instance plugin for className = com.bharosa.vcrypt.services.OAAMUserMgmtOIM []
  javax.security.auth.login.LoginException: java.net.ConnectException: https://sso.mycompany.com:4443: Destination unreachable; nested exception is:
  java.net.ProtocolException: result not specified - Tunneling is the HTTP server to the host: port and 'sso.mycompany.com': '4443' a WebLogic Server? No router available at destination
  
  Published by: user582588 on October 20, 2010 08:18

  The property oaam.oim.url in environment OAAM settings control the host name, it should be on your IOM-internal vip, which refers directly to managed servers. Also, make sure you have HTTP Tunneling enabled on your servers IOM managed - you can find the setting under oim_server1 > protocols > HTTP.

• OIA 11 g and 11g of IOM on WebLogic integration

  I followed the instructions for the integration of IOM and OIA from this location:
  
  http://wikis.Sun.com/display/OIA11gDocs/integrating+with+Oracle+Identity+Manager
  
  With the exception that there are typos on step 2:
  
  xlUtils.xls is actually xlUtils.jar
  xLVO.jar is xlVO.jar
  
  When I try to start the application, I get the following error:
  
  14:10:13, 922 ERROR context initialization failed [ContextLoader]
  org.springframework.beans.factory.BeanCreationException: error creating bean with name 'certificationEventListener' defined in ServletContext resource [WEB-INF/idc - context.xml]: cannot resolve a reference to 'rbacxIDCService' of the bean while setting the property "rbacxIDCService" bean nested exception is org.springframework.beans.factory.BeanCreationException: error creating bean with name 'rbacxIDCService' defined in ServletContext resource [WEB-INF/idc - context.xml]: cannot resolve a reference to 'rbacxIAMService' of the bean while setting the property "rbacxIAMService" bean nested exception is org.springframework.beans.factory.BeanCreationException: error creating bean with name 'rbacxIAMService' defined in ServletContext resource [WEB-INF/iam - context.xml]: cannot create the inner bean "com.vaau.rbacx.iam.service.impl.RbacxIAMServiceImpl #6ba00355" type [com.vaau.rbacx.iam.service.impl.RbacxIAMServiceImpl] all by setting the bean property "target"; nested exception is org.springframework.beans.factory.BeanCreationException: error creating bean with name ' com.vaau.rbacx.iam.service.impl.RbacxIAMServiceImpl #6ba00355 "defined in ServletContext resource [WEB-INF/iam - context.xml]: could not resolve reference to bean"IOM"setting bean property"iamSolutions"with key [TypedStringValue: value [oracle], the type of target [null]]; nested exception is org.springframework.beans.factory.BeanCreationException: error creating bean with name 'IOM' defined in ServletContext resource [WEB-INF/iam - context.xml]: instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: com/thortech/xl/util/ThorException
  at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:275)
  at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:104)
  at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1245)
  at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1010)
  at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:472)
  to org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$ 1.run(AbstractAutowireCapableBeanFactory.java:409)
  at java.security.AccessController.doPrivileged (Native Method)
  at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
  to org.springframework.beans.factory.support.AbstractBeanFactory$ 1.getObject(AbstractBeanFactory.java:264)
  at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
  at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
  at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
  at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
  at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeansOfType(DefaultListableBeanFactory.java:308)
  at org.springframework.context.support.AbstractApplicationContext.getBeansOfType(AbstractApplicationContext.java:947)
  at org.springframework.context.support.AbstractApplicationContext.registerListeners(AbstractApplicationContext.java:701)
  at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:377)
  at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255)
  at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199)
  at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45)
  to weblogic.servlet.internal.EventsManager$ FireContextListenerAction.run (EventsManager.java:481)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
  at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:181)
  at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1863)
  at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3126)
  at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1512)
  at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:486)
  to weblogic.application.internal.flow.ModuleStateDriver$ 3.next(ModuleStateDriver.java:425)
  at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:41)
  at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
  at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
  at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
  to weblogic.application.internal.flow.ModuleStateDriver$ 3.next(ModuleStateDriver.java:425)
  at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:41)
  at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
  at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
  to weblogic.application.internal.BaseDeployment$ 2.next(BaseDeployment.java:1267)
  at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:41)
  at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:409)
  at weblogic.application.internal.SingleModuleDeployment.activate(SingleModuleDeployment.java:43)
  at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
  at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
  at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
  at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
  to weblogic.management.deploy.internal.DeploymentAdapter$ 1.doActivate(DeploymentAdapter.java:51)
  at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
  to weblogic.management.deploy.internal.AppTransition$ 2.transitionApp(AppTransition.java:30)
  at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
  at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
  at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
  at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
  at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  
  Any ideas on what is wrong?

  The solution is to include a few additional files of OIM 11 g jar (it is a bug not documented at Oracle).

  CP ${IAM_ORACLE_HOME}/server/client/oimclient.jar ${RBACX_HOME} / rbacx/WEB-INF/lib
  CP ${IAM_ORACLE_HOME}/server/platform/iam-platform-utils.jar ${RBACX_HOME} / rbacx/WEB-INF/lib

  I asked a documentation updated without luck, but this action solved the problem.

• IOM - BI publisher integration process

  Please give me the steps to integrate BI publisher with OIM 11 g.

  http://Srini-bellamkonda.blogspot.com/2012/11/integrate-OIM-11gr2-bi-Publisher.html

  Give it a try by following the above steps the url.

• Redirect IOM built-in connection after the forgotten password or timeout.

  Hello

  We have OAM and IOM deployed and integrated 11.1.2.2.0, nonclustered, with a DCC webgate using standard forms authentication.  IOM and OAM do not share a physical host or a domain.

  We can successfully connecting and disconnecting the IOM through the DCC webgate.

  The standard login form has had a link added to access the features of IOM forgotten password.

  1. After successfully using the password link forgot that you are presented with a button «Back to Login»  This button goes back to IOM standard connection on the host server screen, IOM and the port.

  2 when the IOM time-out is used, it also takes us back to the standard login IOM on IOM managed server host and portscreen.

  Nobody knows what he does to make sure that we get redirected to the page of OAM connection on the host of the CDC?

  Thanks in advance.

  Darren

  Try this link http://oraclestack.blogspot.com.au/2014/01/modify-oim11gr2-session-timeout.html

• IOM Setup integrated with OAM in HA using separate domains

  Must configure OAM and IOM in HA and integrated.

  Target architecture:
  1 is high availability. We have eight servers 2 for each of: level Web, OAM, OAM and OUD.
  2 OAM must be integrated with the IOM.

  3. we use two domains an OAM and another separate domain for IOM.

  4 using the version IAM 11.1.2.3
  
  We follow the high availability and guides 11.1.2.3 integration.
  On two servers with its domain, we have installed an OAM and IOM on two other servers with her owner field.

  We used the references:

  http://docs.Oracle.com/CD/E52734_01/OIM/IDMIG/OIM.htm#IDMIG32008 (Integration_guide)

  • 2.1.2 access Manager and Oracle Identity Manager integration to a single node topology

  You MUST set up the components of Oracle Identity Management in distinct areas WebLogic Server (split domain topology), as discussed in Section 1.2.1 "Integration of basic topology", otherwise, try to repair or upgrade a product can be blocked by a dependency of a component shared with another version. When you install the Oracle Identity Management components in a single WebLogic Server domain, there is a risk that you install the component (custom libraries, jars, utilities and plug-ins) in the area is perhaps not compatible with other components, resulting in problems through your domain.

  
  

  Oracle Identity Manager integration roadmap and Manager to access the section 2.1.3 Says nothing on utilization patterns separate db created by UCR and nothing on the store security DB.

  
  

  • http://docs.Oracle.com/CD/E27559_01/install.1112/e27794/configtwo.htm#OAMQI76585 (earlier version of IAM)

  3.2.9.2 article before you set up the database of store security
  Note: Regardless of the number of domains in a logic Oracle Identity and Access Management 11 g Release 2 (11.1.2) deployment (a logical deployment is a collection of products Oracle Identity and Access Management running in one or more domains and use a single database to store product schemas), all areas share the same database to store security and use the same encryption key for domain.
  The store security database is created when the first domain is created, and each new domain created is then joined with the database already created security store.

  
  

  We have already installed and configured OAM in its own domain and now wants to configure the IOM in its own domain.

  For IOM configured in its own domain and use the same DB as OAM and configured the store DB to help security configureSecurityStore.py with the option to join - Mr. Successfully completed this but OAM had a NAP error message.

  
  

  My questions:

  1. install IOM, MUST create us the separate db schemas when you use the RCU for IOM of OAM?  If so, why? Since it is in contrast with the references I listed above.   AND the need to ensure that we can OAM integrated with IOM.

  2 If can be convinced that they must be separated from the patterns which for each of the OAM and IOM?  (I am aware IOM needs: MDS, OPSS, IOM, SOAINFRA, ORASDPM, BIPLATFORM.)  But necessarily list OAM)

  3 so we can share the same patterns or if need to use a separate diagram, how we create the database of store (AKA strategies store) security?  To help create or join mode?

  Keeping in mind that we must integrate OAM and IOM.

  Not sure if someone has managed to do this configuration.

  Thank you

  If you're feeling lucky, you can try to fix your updateBIPJMSSecurity.py and then continue, however, if you want to be sure that nothing else could get broken by following the demolition, start from the beginning.

• IOM - Forced OAM of password change signout redirection URL

  Hello

  We have integrated the OAM and IOM 11.1.2.2 using a DCC 11g webgate.

  SignOut IOM correctly goes to the page of disconnection, OAM.  Aclose with the help of IOM forgotten password OI featureM redirects to the OAM login page.

  My problem occurs when a user is forced to change their password at the first login.  Screens of the IOM appears as expected, but after completing the page and clicking on 'Submit', the display shows an error ' ADFC-02017: the value of the url cannot be null or empty.  Logs show SSOAutoLoginHelper: redirect Signout URL: null.

  Change of password is successful, is just the redirect which fails.

  Can someone tell me where the redirect Signout URL must be set?

  Thank you

  Darren

  Thanks for your reply, but it's an integrated OAM and IOM put in place there is no link of password change created by me.

  In my case, that error was because OID obpasswordchangeflag is set to true but that IOM usr_change_pwd_at_next_logon has not been set to 1.

  This because the IOM has been upgraded from a version 10g, who has worked with an OAM 10 g version where all the functionality of password entrusted by OAM 10 g, if no user was never their flag usr_change_pwd_at_next_logon is set.

• forgotpassword OAM oim integration page does not

  Hello

  We have integrated OAM - IOM (11.1.2.2) a problem where forgotpassword page don't showup. When we reached the forgotpassword link it goes to http://< ohs_host >: < ohs_port > / identity/faces/forgotpassword , but what we see is a wheel that turns and that the page does not showup. Now, if connect us to IOM and then hit that url page comes up fine resembles a kind of politics of the OAM for IOM. Here's what we have in the tab "resources" OAM.

  

  Any idea on what could be missing or misconfigured.

  Thank you

  Got it understood problem was with the footer I protected this is why self-service pages were not working. So I have to revert back the changes and applied appropriate security level everything works fine.

  Thank you

• Problem with OAM OIM integration using OVD

  Hello
  
  I am trying to integrate 11.1.1.5 OAM and IOM help OVD.
  
  I already have set up LDAPSynch and have prepared the store ID as well.
  
  In the integration of OAM - IOM when I specify the OVD 6501 port in the properties file and to run the tool of idmConfig - configOAM, I get the following error:
  
  9 April 2012 10:05:43 oracle.idm.automation.util.Util setLogger
  WARNING: Logger initialized in focus mode warning
  9 April 2012 10:05:52 oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler run
  MORE FINE: ENTRY
  9 April 2012 10:06:24 oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
  MORE FINE: ENTRY
  9 April 2012 10:06:24 oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
  FINER: Creating mbean connection
  9 April 2012 10:06:27 oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
  More FINE: Connection created mbean
  9 April 2012 10:06:27 oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler getFoundationConfigMBean
  MORE FINE: ENTRY
  9 April 2012 10:06:28 oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler getFoundationConfigMBean
  FINER: COM. ORACLE. OAM:LOCATION = ADMINSERVER, NAME IS OAMWLST, TYPE = OAM. WLST, APPLICATION = OAM_ADMIN, APPLICATIONVERSION = 11.1.1.3.0 RETURN
  9 April 2012 10:06:28 oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
  FINER: Invoking mbean
  9 April 2012 10:06:28 oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
  SEVERE: Error during Setup webgate and area
  java.lang.NullPointerException
  at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.configOAM11gIdStore(OAM11gIntegrationHandler.java:368)
  at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.execute(OAM11gIntegrationHandler.java:696)
  at oracle.idm.automation.AutomationTool.configOAM(AutomationTool.java:593)
  at oracle.idm.automation.AutomationTool.parseCmdLine(AutomationTool.java:218)
  at oracle.idm.automation.AutomationTool.main(AutomationTool.java:132)
  
  
  Someone has encountered this problem before? Can you please pass on the resolution?
  
  
  Please note: if I specify the OID 3060 port and run the configOAM, there is no problem!
  
  
  Thank you
  
  Raphael...

  Uncheck the box "Enable access control" in the settings of the OVD Server / bounce IAM Suite servers and try again your script

• WLST Script to create the domain weblogic for IOM and OAM

  Hello

  I intend to set up PS3 IOM - OAM in the new environment. We intend to perform the installation in silent mode. Does anyone have example WLST to create the domain weblogic for IOM or OAM?

  Thank you

  Here is an example of OUD. I post this one since it's the simplest and shortest, but it is the same for OAM and IOM except that the script is much longer because they ask a lot more questions. You will need to export the variables used or replace them with the appropriate values for your system.

  wait-<>

  the value of timeout 600

  spawn ${OUD_BASE}/${WLS_NAME}/common/bin/config.sh mode = console

  # Create a WebLogic domain

  wait {}

  {"Enter the index number to select GOLD *" {send "1\n"}}

  # Choose the components of the Weblogic Platform

  wait {}

  {"Enter the index number to select GOLD *" {send "1\n"}}

  # | ___Oracle directory Services Manager - 11.1.2.3.0 [Oracle_OUD1] [3]

  wait {}

  {"Enter number exactly as it appears in the media *" {send "3\n"}}

  wait {}

  {"Enter number exactly as it appears in the media *" {send "n"}}

  # Change the domain information

  wait {}

  "" Enter the value of * "{send" ${OUD_DOMAIN_NAME} \n "}}"

  wait {}

  {"Enter the number of the option to select GOLD *" {send "n\n"}}

  # Select the target area for this domain directory

  wait {}

  {'Enter' new target location GOLD * {send "${OUD_BASE} / user_projects/domains\n"}}

  wait {}

  {'Enter' new target location GOLD * {send "n\n"}}

  # Configure password and username administrator

  wait {}

  {"Enter the number of the option to select GOLD *" {send "2\n"}}

  wait {}

  "" Enter new * "{send" ${WLS_PASS} \n "}}"

  wait {}

  {"Enter the number of the option to select GOLD *" {send "3\n"}}

  wait {}

  "" Enter new * "{send" ${WLS_PASS} \n "}}"

  wait {}

  {"Enter the number of the option to select GOLD *" {send "n\n"}}

  # Configuration mode field-> 1 | Development mode

  wait {}

  {"Enter the index number to select GOLD *" {send "1\n"}}

  # Java SDK selection

  wait {}

  {"Enter the index number to select GOLD *" {send "2\n"}}

  wait {}

  {'Enter' new JVM Directory GOLD * {send "${JAVA_HOME} \n"}}

  wait {}

  {'Enter' new JVM Directory GOLD * {send "n\n"}}

  # Select Optional Configuration

  wait {}

  {"Enter the index number to select GOLD *" {send "1\n"}}

  wait {}

  {"Enter the index number to select GOLD *" {send "n"}}

  # Configure the Administration Server

  # Change "Listen port.

  wait {}

  {"Enter the number of the option to select GOLD *" {send "3\n"}}

  wait {}

  "" Enter the value of * "{send" ${ODSM_PORT} \n "}}"

  # Change 'SSL enabled.

  wait {}

  {"Enter the number of the option to select GOLD *" {send "4\n"}}

  wait {}

  {"Enter the index number to select GOLD *" {send "1\n"}}

  # Change 'SSL listening Port.

  wait {}

  {"Enter the number of the option to select GOLD *" {send "4\n"}}

  wait {}

  "" Enter the value of * "{send" ${ODSM_SPORT} \n "}}"

  # Then

  wait {}

  {"Enter the number of the option to select GOLD *" {send "n\n"}}

  # wait for install

  wait {}

  {"Successfully created * field *" {send "\n"}}

  EXPRESSIONS OF FOLKLORE

• Check which OAM schema and use IOM

  How can I check what dev1 in dev2 database schema or other my OAM and IOM use?
  
  Config files
  
  Thank you!

  Under your domain name, home directory (MW_HOME\user_projects\domains\DOMAIN_NAME) it must be a config.xml file in the config directory. This package contains the database reference.

• OAM / IOM - conceptual question

  Hi all
  
  I am trying to understand the OAM and IOM overlapping identities management. I am going through the manuals OAM and we're talking identity system OAM in a way that closely resembles many of IOM, IE. management of users, groups, Managing Director, free admin, etc...
  
  I'm trying to understand how these two fit. I know that IOM does much more in terms of commissioning to other resources... OAM is IOM provisions resources to? If you have any IOM and OAM, it seems that there is now 2 repositories of user data...
  
  Can you explain (or point me to a doc that is) the relationship between IOM and OAM, how they fit together, that pushes the other, etc...?
  
  Thank you very much
  Alex

  You are right. Directory of the OAM user (LDAP/AD) is just another resource target provided by IOM. Don't forget that only the IOM is configured to store authoritative data (HR systems) to pull the user news/modified records and synchronize the information with other systems (LDAP/AD/Exchange). When as in just OAM uses LDAP/AD to authenticate users and provide Single Sign-On functionality. OAM will never be configured to talk to HR Systems/PeopleSoft and not supported by OAM.

• OAAM: I forgot the password feature:

  Hi all
  
  I have an integration of the IOM-OAM-OAAM put in place. On the '+' Forget Passsword + link in OAAM, I am being shown a virtual device default to forget password which is PinPad. I can change this PinPad by setting the the property '+ bharosa.uio.default.use.authentipad.checkpoint +' false since the OAAM console.
  
  However other details about the default device as the input for "+ card number +" and there is still all. My requirement is to put something else outside the PinPad, say QuestionPad.
  
  For this I created a policy to the Checkpoint of forgotten password and created a rule and set the group action as "+ Challenge Question. It doesn't seem to work in this sense either.
  
  Can someone guide me or point me to a good documentation where in they have covered on how it is possible?
  
  
  Kind regards

  In UI OAAM, what rules are getting called for "political OAAM challenge"? You may need to see the properties of the OAAM server which is the substitution of default behavior.