QUESTION 11 GR 2 BASED OAM

Similar Questions

• where are the challenge questions and answers stored in OAM?

  Hello

  OAM 10g, where the challenge questions and answers are stored?

  What is the best way to migrate the OAM 10 g challenge questions and answers in OIM 11 g?  Is it recommended to migrate or users request to reset the challenge questions and answers in OIM 11 g?

  Thank you

  Khanh

  Hello

  As a best practice after the migration of 10g OAM, you can force the user to set the questions and answers of security. The chances of error will be zero in this case.

  Also in the years/qus secuirty IOM are stored in table PCQ in encrypted form.

  ~ J

• Design of ACS server question 4.2 - role - based is a limit?

  Currently, I've implemented this ACS server.

  An ACS group maps to a group of active live in AD. For example, the Group ACS router_access maps to AD group called $f (gbr) raccess. If the user tries to connect to a router and it has this group in its profile AD, that it will be accepted and if not rejected.

  If for example, I want to revoke, allow access to some features I use NARS (for example accept connections from devices switch and router).

  It works - but this apparently isn't the way I do things.

  The best way is to have a group of ads by device group.

  EG for access to the router, you must $g (t) of group routers in your AD profile

  To get access to switch the Group $g (t) must spend in your AD profile

  Now, we hit the problem - the EC will use the first group in your AD profile to apply for pass/fail.

  Let as well as John has $g routers and switch (t) $g (t) group in its AD profile. When he tries to connect to a switch, the ACS attempts to use routers $g (t) because it's the first ACS AD Group in his profile. Subsequently, it fails, which means that ACS will not look through several AD strategies.

  I hope this makes sense.

  Anyway, I can't get it to work because it keeps failing!

  Hi Will,

  This is a limitation of how ACS 4.x performs operations. It defines everything based on your local user group on ACS as opposed to your ad groups - so the mapping of the group comes first and then everything else comes later.

  If you use Radius (this does not apply to the GANYMEDE) you may be able to use the network access profile feature to substitute some access. If for example you can tell if the user is in the local group, but authentication comes from a certain type of device, you can transmit different attributes. However, in terms of blocking, it is always based on the local group you are a member. He can do some additional checking of LDAP group, but I don't know if that will solve your problem.

  Is 5.x ACS to a new level - the entire platform is built as the network access profiles - so you can make rules as granular as you want - that is to say: If you are in a specific ad group (do not need to map - we can draw external groups) and it is a router then go down a permission set with a Pass. If it is a different ad group (or a different device type), then send a failure.

  Thank you

  Nate

• Quick syntax question!  Trigger is based on the evolution of the field

  Hi, want to make a timestamp every time someone changes a certain area. Does anyone know the expression for a field having been modified value?
  
  I hope you guys can help me!
  
  Welcome them
  Vincent

  Hi, compare the value with the old value using the PRE function available in workflows.

  -John CRMIT

• Check the tested URLS or rejected in OAM'logs

  Hi guys,.

  A question: is it a sign OAM where I can see the URL tested and/or rejected? Which one?

  I need to increase the the log level in order to check this information?

  Thank you!

  Enable auditing using the oam set administration console.  Current configuration-> Audit Configuration set "Filter Preset" all cela will generate audit.log file under/server/oam_server/logs/auditlogs/OAM in the audit log that you will be able to see tested or rejected URLs

  Concerning

  Aakash

• Exception when executing idmConfigTool.sh to configure OAM

  Hello
  
  I'm based OAM configuration on the
  -' Enterprise Deployment Guide for Oracle Identity Management 11g Release 1 (11.1.1.5)
  
  I am executing this step: "11.6.2 Oracle Access Manager configuration using IDM automation tool.
  But I get an exception
  
  idmConfigTool.sh - configOAM input_file = config_oam1.props
  
  Enter the ID store Bind DN password:
  Enter the password for the user for OAM11G_WLS_ADMIN_PASSWD:
  Confirm password user for OAM11G_WLS_ADMIN_PASSWD:
  Enter the password for the user for OAM11G_IDM_DOMAIN_WEBGATE_PASSWD:
  Confirm password user for OAM11G_IDM_DOMAIN_WEBGATE_PASSWD:
  Enter the password for the user for IDSTORE_PWD_OAMSOFTWAREUSER:
  Confirm password user for IDSTORE_PWD_OAMSOFTWAREUSER:
  Enter the password for the user for IDSTORE_PWD_OAMADMINUSER:
  Confirm password user for IDSTORE_PWD_OAMADMINUSER:
  
  oracle.idm.automation.exception.ExecutionFailedException: configuration file has a name of the container ID system
  at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.prepareLDAPUserDN(OAM11gIntegrationHandler.java:421)
  at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.configOAM11gIdStore(OAM11gIntegrationHandler.java:234)
  at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.execute(OAM11gIntegrationHandler.java:839)
  at oracle.idm.automation.AutomationTool.configOAM(AutomationTool.java:708)
  at oracle.idm.automation.AutomationTool.parseCmdLine(AutomationTool.java:232)
  at oracle.idm.automation.AutomationTool.main(AutomationTool.java:146)
  There are some errors found. Details have been registered in automation.log
  
  Do not know what is missing in my IDStore
  
  Any suggestions?

  Looks like he's complaining that there is no value for the IDSTORE_SYSTEMIDBASE parameter in the file entry for the idmConfig tool properties.

  Kind regards
  Colin

• Integration of 11g OAM with Kerberos on cluster with virtualhost load balancing

  Hello!
  I need to make an integration of Kerberos with OAM.
  I find the rest of OAM 11 g notes: Configuration Ondaaah HA Clusters [1365888.1 ID] (https://support.oracle.com/epmos/faces/ui/km/SearchDocDisplay.jspx?_afrLoop=223640518878014 & type = DOCUMENT & id = 1365888.1 & displayIndex = 1 & _afrWindowMode = 0 & _adf.ctrl - State = 14ehvbh4z2_61).
  
  "In environment clustered OAM, OAM Principal for Ondaaah must be the same on all levels, i.e. balancing virtualhost to the OAM cluster."
  That's why each managed server OAM will reference the same keytab file generated for main HTTP / < virtualhost.domain >, and the keytab file will be in the same location on all OAM servers managed.
  For example: ${DOMAIN_HOME} /domains/$ {DomainName} / config/fmwconfig/oam / < the keytab file name >.
  
  After copying the file keytab to the same directory on all OAM manages the server machines, proceed to configuring the Kerberos authentication module in the Console of Administration of OAM (/ oamconsole).
  The AdminServer ensure that the config.xml file - oam on all levels of OAM managed server in the cluster is updated with this configuration."
  
  The question is; When I create oam.keytab with the following command, what is the name of the server I'll have to order? Node1 and Node2 (balanced) VirtualHost?
  
  Ktpass - princ HTTP / < servername > @domaine - pass XXXXXXX mapuser domain\user - on oam.keytab.
  
  Thanks in advance and best regards!
  
  PS: Sorry if my English is not clear.

  David,

  Your main name must match the URL of SSO LB. (ie: sso.mycomany.com)

  Ktpass - princ HTTP/sso.mycomany.com@DOMAIN-passer XXXXXXX mapuser domain\user - on oam.keytab.

  Also make sure that sso.mycomany.com has a reverse DNS configured correctly.
  You can check using the dig command

  Ping sso.mycomany.com
  Regardless of the ip address
  dig - x

  Check in the reverse DNS it takes 1 form.

  ;; SECTION OF THE ANSWER:
  1.1.1.1.in - addr.arpa. 3600 IN PTR sso.mycomany.com.

  Let me know if you have any other questions.

  Thank you
  Saurabh

• How create/update files when the original Version is based on a query of outer join?

  Hi gurus,
  
  
  I created a custom page where I use a table-style area where I question my VO records, based on a query of outer join. This query contains my table looks, where I would like to insert/update records, and joined the table of standard elements, which is external with my custom table.
  
  When I now question my files in the t, I have a record for each record in the table section, which is ok, but when I 'Refresh' some fields of my custom table and attempt to commit, I get the message "unable to complete the transaction on record. Cause: The record has been deleted by another user. "Action: cancel the transaction and re - query records to get new data.
  The reason why because a record is to be inserted rather than updating because in fact there is not yet in my custom table.
  
  The reason why I'm using the outer join, is because I don't want the user to create a record for each item one by one.
  There is no work around for this?
  
  Thanks in advance!
  
  
  BR
  Guy

  Hello
  You can try this.

  In your EntityImpl.java to extend OAPlsqlEntityImpl.

  Override the updateRow() method and coding your insert statement to insert into a table custom here.
  Don't forget, you must ignore the lines for which your custom table columns are null

  -Idris

• Query based VO can insert record (with the EO)

  I have question.
  I request based VO (not belongs to any EO).
  I need insert record using them.
  
  Is this possible?
  
  Hope quick response.

  N °

• Performance in the treatment of the based on a game, several tables from target

  Welcome.
  
  I have question about a treatment based on a game, when mapping have several tables in the target. I noticed that OWB generate SQL code that usually build a query for each table in the target insertion. Suggest that each table has results from different stages of the treatment, so multi table insert cannot be used. Looking for generated code PL/SQL, I feel that each insert query managed independently and so each make analyses of source table and joins on its own.
  To make my question more concrete, I will introduce two simple examples of stream ETL:
  1) start-> (table scan)--> (joins)--> (inserting into the table t1)
  2) start-> (table scan)--> (joins)-> two targets: (insert into table t1)
  -> two targets: (deduplicator)--> (insertion in table t2)
  Admit, that scans and joins are very expensive comparing to insert rows. Thus, it is usually, if oracle performs scans of tables 2 and joined in example 2) and example 2) take twice longer than example 1)?
  Or fact Oracle is so smart that it can cache the result of entering the first query and use it again in the second query?
  
  Best regards
  Pawel

  Hi Pawel,

  Thus, it is usually, if oracle performs scans of tables 2 and joined in example 2) and example 2) take twice longer than example 1)?

  Yes, you are right

  Or fact Oracle is so smart that it can cache the result of entering the first query and use it again in the second query?

  Nor the database Oracle or OWB don't is not to intermediate capabilities query result caching.
  While the Oracle database feature "result cache queries", but it must match exactly to SQL source and it store only the final query result...

  Kind regards
  Oleg

• Need a field order and tab based on another field

  It seems that this is possible, but I can't find any information.  Maybe I'm not asked the question properly.

  Based on my document attached if the CPFF tax type is selected, then I want the tab order to move the field of cost of the project and all the fields to the right.

  These fields should be required if the CPFF tax type is chosen.  If any other type of charge is selected the tab order should move to the next field.

  It is also possible to disable the tab in the fields such as kind of cool, the cost of the project, etc.?

  Thank you!

  I believe that when you say that the tab order, you mean developed and access.

  The code below, attached to the event exit the drop-down list controls, if "CPFF - fixed cost" was unsuccessful. If it was not selected, I change the access of ProjCost property, FixedFee and Total in 'read only' and set the focus on TextField1. In the contrary case, tab order is applied and ProjCost, FixedFee and Total are rendered user entered - optional by setting the property of access «»

  Form1. #subform [0]. Table3.Row1.DropDownList1::exit - (JavaScript, client)

  If (this.rawValue! = 'CPFF - more flat fee') {}

  Table3.Row1.ProjCost.access = "readOnly";

  Table3.Row1.FixedFee.access = "readOnly";

  Table3.Row1.total.access = "readOnly";

  xfa.host.setFocus (TextField1);

  }

  else {}

  Table3.Row1.ProjCost.access = "";

  Table3.Row1.FixedFee.access = "";

  Table3.Row1.total.access = "";

  }

  Steve

• OAM ObSSO Cookie problem!

  Hello
  
  Please go through the following scenarios 2. In the Iam scenario-1 do not face any problem and with Oracle Identity Manager SSO is achieved with OAM. When such as scenario-2, Iam, facing the question.
  
  Scenario - 1:
  
  1 OAM is present on the Machine1
  2 OHS and IOM have both lie on Computer2. (OSH for transmission by proxy the request to the server of the IOM)
  
  ProxyPass /xlWebApp < IOM SERVER > http://: 7001/xlWebApp
  ProxyPassReverse /xlWebApp < IOM SERVER > http://: 7001/xlWebApp
  
  3. form: http: / / < OHS HOST >: 7777/am_login_mod/login.html
  Action: / Dummy.cgi
  CREDS:userid password
  
  4. has created an area of policy to protect /xlWebApp
  
  When Iam to access the http:// < OHSHOST >: 7777/xlWebApp, redirected to the form page and validates the credentials, able to see the IOM homepage. (SSO is successful)
  
  Scenario - 2:
  
  1 OAM is present on the Machine1
  2 OHS is present on Computer2. (OSH for transmission by proxy the request to the server of the IOM)
  3 IOM is present on the machine 3.
  
  ProxyPass /xlWebApp < IOM SERVER > http://: 7001/xlWebApp
  ProxyPassReverse /xlWebApp < IOM SERVER > http://: 7001/xlWebApp
  
  3. form: http:// < OHS HOST >: 7777/am_login_mod/login.html
  Action: / Dummy.cgi
  CREDS:userid password
  
  4. has created an area of policy to protect /xlWebApp
  
  When Iam to access the http:// < OHSHOST >: 7777/xlWebApp, redirected to the page of the form and give valid credentials, get the HTTP 404 error with the url http:// < OHS HOST >: 7777/dummy.cgi. (SSO does not).
  
  Main difference I have noticed is:
  
  In scenario 1, all three ObSSOCookie cookies, ObFormLoginCookie and JsessionID are generated (able to see in mozilla) but in scenario 2, Jsession ID is not created and the content of ObSSCookie is "Loggedoutcontinue".
  
  Please suggest. I tried all the options, but not able to go forward with this issue.

  Hi Pavan,

  Protect this URL in OAM and (I think) it should start working. In addition, is computer3 in your 2 identical computer2 to scenario 1 scenario? Otherwise, I do not know how, even your scenario 1 worked!

  -Vinod

• Instances of ticket OAM belongs to what kind of data?

  I'm in the planning phase of the OAM load balancing architecture. Most of the OAM components does not support the load balancing operation read/write of data policy and Configuration (between components OAM and LDAP).
  
  Through the above, here is my question. Instances of ticket OAM belongs to which category (User Configuration or political) OAM database? Can be considered type of Configuration data?

  Hi k,

  It's true - workflow OAM tickets are part of the configuration data.

  -Vinod

• Location services

  Hello! I am a mother of two sons who are now using iPhones (5 & 5 s). I have them sharing an Apple ID/iTunes which is my email address so I can see what applications they purchase/download account & to avoid buying 2 of 99.9% of their applications. I also have restrictions on the phone to their respective ages. My question is, for location-based services, I so their device sharing their location with me. However, he can only share it of their devices, not every phone separate. I think that it is the cause of shared iTunes identification. Am I right my theory? What is the best way to solve this problem?

  Thanks for your help!

  Hey!

  The best way to do this would be to create our separate apple for each of your sons, and then enable sharing of family for them. In this way, whenever they buy any application of your card, you will first need to approve the purchase (but I think it works only if they are minors).

  Set up a family sharing: https://support.apple.com/en-in/KM205151?cid=acs:applesearch

  If you want to use an id and will continue to receive their locations, you will need to use find my iPhone . The app will show the locations of each device.

  If you see their location, to find friends or through iMessage app, you will see only one location (as you rightly mentioned, because they both have the same apple account).

• How to open a local file on the computer?

  I use FF 25.0.1 connect my console EMC VNX5300 JAVA so I can administer the San. One of the functions is to create reports on the use of SAN. The SAN console writes files on the local computer and use the browser to open and view the file. Here is the address of one of my reports toolbar:

  file:///C:/users/MyName/EMC/Unisphere/reports/7.32.2.0.36/ArrayConfig.HTML?XML=file%3A///C%3A%5CUsers%5Cjmilano%5Cemc%5CUnisphere%5CReports%5CFCN00131500068_UMReport_12-17-2013_15-58-21.XML

  <sub>changerepeatedly used more small text to repeat, if not obscured when I discover it ~ J99
  
  file:///C:/users/MyName/EMC/Unisphere/reports/7.32.2.0.36/ArrayConfig.HTML?XML=file%3A///C%3A%5CUsers%5Cjmilano%5Cemc%5CUnisphere%5CReports%5CFCN00131500068_UMReport_12-17-2013_15-58-21.XML</sub>

  The report must be a table formatted data, but instead, I get a blank window in my tab. If I run the report under IE, it works OK. It looks like this:

  Storage system: FCN00123456789XML file:... / review-FCN00123456789_UMReport_12-17-2013_15-58 - 21.xmlSystem Configuration Viewer: 1.2.2.1.0036GeneralConfigurationView ALLIntroductionXML file InformationIntroduction
  The storage system configuration display function provides an easy to understand on the XML configuration data generated by the storage system. Note that no configuration data for the part of the VNX system file is included.
  The XML version of the data is encrypted and sent to your service provider.

  The following information is available on each tab:
  ....
  ....
  ....

  How can I get FF to show the report? Thank you.

  I don't know what was the original question, if it was based on a thug affecting on one of my addons or whatever, but one day FF said that my browser took too long so that it starts and asked me if I wanted to correct that. Duh!

  I said yes, and he seems to have reset my settings of browser including losing all my addons. The positive side is that once I have re-installed all my addons, I can now navigate local reports generated by my EMC SAN with no problems!

  Yah, problem solved.