Protect OIM 11 g self-serve by using OAM 11 g

Similar Questions

• I have a Proxy Server that uses a self-signed certificate, and I can't accept this certificate from Firefox

  I have Firefox installed 37.0.1 on OpenSuse 13.2. I have a proxy server that uses a self-signed certificate, and I tried to add my certificate to the list of authorities and to check all the option displayed to be wz trust no chance.

  I tried to restart firefox, but it did not help.

  I did the same steps in chrome and it works fine.

  appreciate any help.

  After removing my .mozilla in my home directory. Add the certificate to the list of authorities in fact work.

• Configure SSL for OUD 4444 port Admin port-> replace the self signed certificates used

  Hi Experts,

  When installing OUD choose Certification self-signed for ports 1636 and 4444.

  Later I change the certificates used by the port of 1636 to a new key file containing the CA certificates. (Track the steps of: https://docs.oracle.com/cd/E52734_01/oud/OUDAG/security_clients_severs.htm#OUDAG00050)

  But same procedure does not have to replace the self signed certificates used by ports 4444!  Everyone is configured SSL (with Cert CA) on the Administration port?

  I couldn't even start the servers, you see an error:

  """

  category = gravity CORE = NOTICE msgID = 458891 msg = the directory server sent a notification to alert generated by the class org.opends.server.core.DirectoryServer (org.opends.server.DirectoryServerShutdown alert type, alert ID 458893): the directory server started the shutdown process.  Stop was launched by an instance of the org.opends.server.core.DirectoryServer class and the reason for the closure was an error occurred trying to start the directory server: NullPointerException (File.java:277 AdministrationConnector.java:843 AdministrationConnector.java:675 AdministrationConnector.java:182 ConnectionHandlerConfigManager.java:356 DirectoryServer.java:2932 DirectoryServer.java:1584 DirectoryServer.java:10108)

  «[27/sep / 2015:06:22:53-0400] category = gravity = NOTICE msgID = 458955 msg = the directory server CORE is now stopped "«»

  Post edited by: 1976902

  Sorry, I cannot help here - here are a few possibilities.

  Change connector Administration certificate

  https://docs.Oracle.com/CD/E52668_01/E54669/HTML/ol7-genssc-auth.html

  The failure of the handshake could occur for various reasons:

  • Incompatible encryption suites in use by the client and the server. This would require the customer to use (or allow) a suite of encryption supported by the server.
  • Incompatible versions of SSL in use (the server can only accept TLS v1, while the client is capable of using SSL v3 only).
  • Incomplete trust for the certificate of the server path
  • The certificate is issued to another area.
  • incomplete certificate trust path between the certificate for the server, and a certification authority root.
  • In most cases, this is because the certificate is not present in the trust store

• OAM: What identity server is used by the password policy?

  Hello
  
  Setup of the OAM has two identity (ois1, ois2) servers, two webpass (wp1, wp2) on two web servers. WP1 wp2 pointing ois2 is pointing to ois1 only
  
  We have two sets of Policy manager, the server access and WebGate. GT1 is pointing to aaa1 and wg2 points to aaa2.
  
  Now, when a user tries to access a page protected OAM webgate and password policy is applied, make the server identity comes into picture? If so, which identity server is used here, ois1 or ois2?
  
  I want to use ois1 for all requests coming from Web server with GT1. How can I do?
  
  Thanks in advance.

  Hi anon,.

  The process is that when executing the authentication (specifically the validate_password plugin) is the access server that evaluates the password policy. If necessary, OAM then redirects the user to a WebPass for password or challenge/response according to the redirects specified in the password policy.

  Thus, ois is relevant that the user is redirected (as the WebPass connects to the ois) in the case otherwise, it is not used at all - and you can control who access or servers are used by the WebGate on AccessGate configuration screens. I can't imagine a way to OAM to password policy redirect to different WebPasses based on the WebGate is used.

  Kind regards
  Colin

• How to find which server I use

  I have windows vista 64 bit, I would like to know what windows server I use.
  And, if I can update.
  Thank you

  I'm Katrina58 sorry, but your post makes no sense, as written. There are several versions of the Windows Server operating system (ex. 2003 server, 2008 Server, Small Business Server, etc), none of which is Windows Vista 64-bit, which is a separate operating system. Please specify which computer you have and what you're trying to do. These links will help.

  http://www.elephantboycomputers.com/page2.html#Usenet (you can ignore the references to Usenet discussion groups / as you post on a web forum, but any suggestions on how to write the post are applies here too)

  http://support.Microsoft.com/default.aspx/KB/555375 - how to ask a Question
  MS - MVP - Elephant Boy computers - don't panic!

• How to find the right server to use windowsmail to send and receive e-mails?

  How to find the right server to use windowsmail to send and receive e-mails?

  Who is your current e-mail server? (Which is after the @ in your address).
   
  Windows Mail: Setting up an account of end-to-end
  http://Windows.Microsoft.com/en-us/Windows-Vista/Windows-mail-setting-up-an-account-from-start-to-finish 

• VMware ESX server CPU use test alarm

  Hi all

  For a new client, I need to show the alarm and ticket slot functionlity vmware ESX server logging settings

  • Use of the CPU of a server ESX VMW
  • Use of memory for the server ESX VMW

  While I reduced the threshold value of VMW ESX Server CPU use as beloow format

  WARNING - 5% and STDev.warning - 0

  I made this two days before configuration, but still no alarm generated for this rule.

  Help the creation of a test of the abveo metric ESX alarm

  Hi - I ended up having to do such things in the past as well. I just built a virtual machine added lots of processors and memory, then for the CPU, I used the script CPUBusy.vbs from VMware (Google search which) and down it load times so that he began to max real physical processors... For memory, I just opened a massive text file in Wordpad and scroll up and down it. This gave me the circumstances to test the alarms, just don't do as a busy time or use some dev ESX servers... Danny Bravo

• How to send images and a single parameter to the server by using the POST method. ?

  Hey

  I want to send images and a single parameter to the server by using the POST method.

  Please help me.

  Vaishali, take a look at this-

  http://developer.Nokia.com/community/wiki/HTTP_Post_multipart_file_upload_in_Java_ME

  Thank you.

• Find out which DNS server is used.

  Is their a website I can use to show what DNS server is using my PC. I am aware/all IPCONFIG can be used, but it can give false information in certain circumstances.

  It is not a way to see this on a web site.   The servier DNS is used to search a web site but is not him are communicated.
  I'm not sure what you mean by IPCONFIG/all can give false information.  If you are connected to a router, ipconfig displays normally the gateway of the router address.  To see the real DNS used, connect to your router and check the settings there.

• VCenter server by using domain ID and password to login

  Hello

  I wanted to connect to Vcenter server via powercli but its always takes my default windows credentials when I connect using Connect-VIServer-vcenter01 Server rather than my domain ID and the password. My credentials for vcenter server is different from the Windows credentials. Please let me know the command for the VI login server, by using the credentials of domain.

  Thank you

  vmk2014

  Cannot connect you with:

  to connect-viserver Vcenter01.domain.bla - user domain\user - pass the password

• The steps required to perform a migration to a new server vCenter using distributed switches?

  We are currently on version 5.1 of vCenter and ESXi 5.1 on all our guests.  We use a vDS on our current server vCenter and will need to migrate to a new server vCenter soon.  Is there a documentation about the steps to migrate to a new server vCenter using switches distributed?  We hope to achieve this goal without any downtime.  The problem is that we need that VDS on our 10GB network for the aggregation of links.  If having to migrate guests at standard switches before moving them to the new vCenter server, there will be problems of network performance.

  Because information about your environment are stored in the database of vcenter al you should just be able to stand up the new vCenter server and that it points to the existing database

• can restore us a vcenter Server inventory using vpxd.cfg only

  can restore us a vcenter Server inventory using vpxd.cfg only

  problem: restoring Vcenter server using vpxd.cfg file only

  No, you can't, vCenter inventory information is saved in vCenter database and not in vpxd.cfg.

  vpxd.cfg is the only configuration file for vCenter

• A Dell PowerEdge 2850 server is used for the new ESXi server, but it does not support the 64-bit VM.

  A Dell PowerEdge 2850 server is used for the new ESXi server, but it does not support the 64-bit VM.

  I can't believe it.

  When I start up a virtual computer, it gives a wrong message shown in the picture below.

  Does anyone have any ideas on this?

  Usually not enabled virtualization technology in host BIOS.

  Take a look at can not power on a 64-bit Windows VM

• Protect an Apllication of HTML using OAM 11 g

  No matter which allow high level measures to integrate (protect) an Apllicaion of HTML using OAM 11 g and OID as identity store
  
  
  
  
  
  
  
  Thank you
  Sony

  The exact steps for OAM protect all applications are:
  -Create your instance webgate configuration of access system
  -Install webget on the machine running HTML page
  -Create a policy area in my policy areas in Access Manager to protect your HTML page
  -Create rules and authentication schemes in authentication of OAM management section
  -Now go to my area of policy and create the resources that you have to protect. You must add your link to the page html here
  -Create authorization rules based on the group. Member of this group will be provided access to the page if it meets the rules and expressions mentioned here
  -Create default domain policy rules and policies for resources and define all the rules here viz authentication, authorization and audit. All this is in the section areas MyPolicy
  -Create strategies to protect your html pages and the resource based on attributes
  -Test with tester to access polcies
  -Now, configuration done, start testing :)

  Here are the steps high level made for OAM 10 g to protect a Web page. I did not for 11g, but it should be almost the same.

  Kind regards
  GP

• How FTP a file from the client computer to the server database using Forms 10 g

  Hello
  I want a file from a client computer to the database server computer using Forms 10 G (or PL/SQL) via ftp.
  could you please tell me how can I do this
  
  Concerning

  Hello

  I gave u the adequate instructions on webutil configuration but u did not comply with it.
  I will post again please read correctly and follow it.

  How to get running with WebUtil 1.06 included with Oracle Developer Suite 10.1.2.0.2 on a win32 platform
  Solution
  Assuming a new 'Complete' installation of Oracle Developer Suite 10.1.2.0.2,
  Here are the steps to get a shape of small test running, using WebUtil 1.06.

  Note: Oracle_Home is used as an alias for your real oDS ORACLE_HOME.
  Feel free to copy this note to a text editor and do a find/replace on
  Oracle_Home with your real value (no slash). Then, it is easy to
  copy and paste the actual orders to be run from the copy of the memo.

  (* 1) * download http://prdownloads.sourceforge.net/jacob-project/jacob_18.zip
  and extract to a temporary staging area. Do not attempt to use 1.7 or 1.9.

  (* 2) * copy or move jacob.jar and jacob.dll
  C:\webutile is the folder where you extracted Jacob and ends in ...\jacob_18
  CD C:\webutile
  Copy jacob.jar Oracle_Home\forms\java\.
  Copy jacob.dll Oracle_Home\forms\webutil\.
  Staging of Jacob is no longer needed and can be deleted.

  (* 3) * sign frmwebutil.jar and jacob.jar
  Open a DOS command prompt.
  Add Oracle_Home\jdk\bin in the path:
  set PATH=Oracle_Home\jdk\bin;%PATH%
  Sign files and check the result of success:
  Oracle_Home\forms\webutil\sign_webutil Oracle_Home\forms\java\frmwebutil.jar
  Oracle_Home\forms\webutil\sign_webutil Oracle_Home\forms\java\jacob.jar

  (* 4) * If you already have a pattern in your RDBMS that contains stored WebUtil code,.
  You can skip this step. Otherwise,.
  Create a schema for the stored code WebUtil and privileges to
  Sign in and create a stored package. Name of the schema "WEBUTIL" is recommended
  for no reason other than consistency based on users.
  Open Oracle_Home\forms\create_webutil_db.sql in a text editor and remove or comment
  the declaration of EXIT, in order to see if the objects have been created witout
  errors.
  Launch SQL * more like SYSTEM and the issue:
  Webutil IDENTIFIED BY password CREATE a USER
  DEFAULT TABLESPACE users
  TEMPORARY TABLESPACE temp;
  /
  GRANT CONNECT, CREATE PROCEDURE, CREATE SYNONYM TO webutil PUBLIC;
  /

  CONNECT webutil/webutil@rcci
  @Oracle_Home\forms\create_webutil_db.sql
  -Inspect SQL * Plus output for errors, and then
  CREATE a PUBLIC SYNONYM webutil_db FOR webutil.webutil_db;
  /

  Reconnect as SYSTEM and the question:
  Grant execute on webutil_db to public;

  /

  (* 5) * Edit Oracle_Home\forms\server\default.env and add Oracle_Home\jdk\jre\lib\rt.jar
  to the CLASSPATH entry.

  (* 6) * add edit Oracle_Home\forms\server\formsweb.cfg default insde:
  archive_jini = frmall_jinit.jar, frmwebutil.jar, Jacob.jar
  Archive = frmall.jar
  also add:
  webutil
  WebUtilLogging = off
  WebUtilLoggingDetail = normal
  WebUtilErrorMode = alert
  WebUtilDispatchMonitorInterval = 5
  WebUtilTrustInternal = true
  WebUtilMaxTransferSize = 16384
  baseHTMLjinitiator = webutiljini.htm
  baseHTMLjpi = webutiljpi.htm
  baseHTML = webutilbase.htm
  archive_jini = frmall_jinit.jar
  WebUtilArchive = frmwebutil.jar, jacob.jar, f90all.jar
  Archive = frmwebutil.jar, f90all.jar
  lookAndFeel = oracle

  (* 7) * Oracle_Home\forms\server\webutil.cfg edit and add:
  Transfer.Database.Enabled = True
  Transfer.appsrv.Enabled = True

  (* 8) * start the OC4J instance

  (* 9) * start Forms Builder and connect to a schema in the RDBMS used in step (4).
  Webutil.PLL open, make a 'compile ALL' (shift-control-K) and generate PLX (Ctrl-T).
  It is important to generate the PLX, in order to avoid the FRM-40039 indicated in Note 303682.1
  If the PLX is not generated, the library Webutil.pll must be fixed with
  path information full access to all who wish to make use of WebUtil. This is NOT recommended.

  (* 10) * create a new WBF.
  Open Webutil.olb and subclass (not copy) the Webutil opposes the shape.
  There is no need to subclass the WebutilConfig object.
  Attach the Webutil.pll library and remove the path.
  Add a logon trigger IT with code
  NULL;
  to avoid having to connect to a RDBMS (optional).
  Create a new button on a new canvas, with the code
  show_webutil_information (TRUE);
  in a trigger WHEN BUTTON PRESSED.
  Compile the FMB to FMX, after doing a compilation-All (shift-control-K).

  (* 11) * under Edit-> preferences-> Runtime in the form designer, click the "Reset to Default" If
  the "Application Server URL" is empty.
  Then add '? config = webutil' at the end, if you end up with a URL of the form
  : http://application-tier server: port/forms/frmservlet? config = webutil

  (* 12) * run your form

  Note: If you want to use Jacob and you can configure jacob too, if you follow the above mentioned instructions.
  Sarah