OAM PS3 – continued

Allow auto start (production mode) for your scripts: cd /oracle/user_projects/domains/oam_domain/servers mkdir -p oam_server1/security mkdir -p omsm_server1/security mkdir -p oam_policy_mgr1/security vi oam_server1/security/boot.properties cp oam_server1/security/boot.properties omsm_server1/security/ cp oam_server1/security/boot.properties oam_policy_mgr1/security/ You can now use command line

refhost.xml kludge is fixed

No More missing packages I wrote several times about manually editing refhost.xml. There's not need for it, just apply Patch 18231786.

Wrong Java version on Unified Directory Server

Wrong version Java After losing the battle with the OS guys for control over java, I keep stumbling upon environments that have wrong java versions due to the fact java is installed in /usr/java, or /usr/bin.In such cases, this is the result:which java /usr/bin/java As I do not have control over /usr/bin, I install java in /oracle/middleware/java, so I would like which java /oracle/middleware/

OAM PS3

Identity and Access Management Patch Set 3 It has been launched last week. I have seen it in March, during a partner event in Paris, and there are quite a few changes and improvements to get exited about. Install over previous (not upgrade) I cloned my PS2 OAM machine, and the plan is to get PS3 running asap. So, I fire up the V11.1.1.9 RCU, and drop the existing schemas. Next, rerun (more...)

Access Denied – Access to administration console is restricted

Access Denied - Access to administration console is restricted. Ran into it, today. Again. This time, I'll make a proper blog entry, not like this one... This time, I actually did follow my own advice, but for the fact, I now am working in a multi-homed WebLogic environment - I simply pasted the wrong WLS home...

Retrieving OAM keystore password

How to retrieve the password of OAM keystore If you ever need it; the password of the default OAM keystore password (which is generated) can be retrieved using: cd /oracle/middleware/oracle_common/common/bin ./wlst.sh connect(); domainRuntime() listCred(map="OAM_STORE",key="jks") Would you like to change it, use resetKeystorePassword()

BEA-090898 during PlugIn activation in clusters

Be Secure I did not mention it in my not so "OAM-in-a-day" entry, but when you run a clustered environment, make sure to set the "Secure" flag on the AdminServer and Managed Server configuration screens. It does have more impact that setting the "Use JSSE" flag on the SSL/Advanced section of the Weblogic console, but when you failed to do so, that's one place to correct it. Why? No particular

OAM 11GR2PS2 in a day

Get Access Manager 11gRel2 PS2 installed in a day Goal is to get OAM installed and configured in a day - with full control; that is without using the Installation Wizard. Virtual Box Start with Virtual Box. Allow plenty of memory (10GB), and disk (120GB). Attach V33411-01.iso (Oracle Server V6.3) to the CD, and boot. Minimal (not Basic server!) install, configure network with static IP

Je suis Charlie

Je suis Charlie Bien sûr, moi aussi, je suis Charlie, moi.

Dumb… no module named dom during startWeblogic.sh

ImportError: no module named dom This error suddenly appeared in two OAM 11.1.2.2.2 environments, during startup of the stack, more specifically, weblogic startup (startWeblogic.sh). The complete stack is: $DOMAIN_HOME/startWebLogic.sh CLASSPATH=/oracle/middleware/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/oracle/middleware/jdk1.7.0_45/lib/tools.jar:/oracle/

Latest OAM certified against EBS

OAM 11.1.2.2 certified EBS This blog entry shows OAM 11G Rel 2 PS2 (a.k.a. 11.1.2.2.0) is certified against the Oracle e-Business suite 11 and 12 as of February 2014. Just in case you missed it, like me. Oracle e-business and SSO using OAMThe blog entry also references a series of articles on how to do e-Business Suite SSO using OAM.

Private Storage

Just a little project I just happened to be upgrading my workstation, and was left with some spare parts. I had some memory modules, an old P5 motherboard, and several AT-style enclosures. Also, I noticed my trusty Synology Diskstation began needing some larger disks. Or maybe it was time to replace it all together? Keeping up indexing my music and photos seems to become quite a daunting task,

HTTP-404 on /oamconsole

WeblogicHost versus WeblogicCluster Despite the fact, the oamconsole can not be clustered, it has to be "clustered". If you ever find yourself in a scenario, where your configure a webgate in front of your OAM Console, make sure you configure it like ############################################## ## Entries Required by Oracle Access Manager ############################################## # OAM

OAMSSA-06252 after patching

Once upon a time.. you had a working environment with WebLogic, Access and Identity Management (or Discoverer, or ...) and all of a sudden things start failing. Symptoms You notice the dreaded OAMSSA-06252 (Policy Store not Available) while starting up, and start fearing the worst. Also, it seems as-if you cannot login to OAM management console anymore; your credentials are accepted, but you get

Customized pages with Distributed Credential Cellector (DCC)

One of the worst documented areas in OAM; customizing pages with DCC. One revelation: you must use login.pl when you want logout.pl to work, as login.pl seems to build the "Callback URL" list, that logout.pl uses to destroy the session cookies.

Access Management alternatives (Part 1: Directory Services)

Intro At the governmental institute that hired me, I'm working hard to get the full Oracle Identity and Access Management (IAM) stack implemented. A colleague suggested OpenIAM, which -at closer look- turns out to be a fork of what I believe to be the origin of the Oracle stack, Sun's OpenSSO. So, I started at looking at this stack, which is available from ForgeRock. Let's start with the basis:

Check this out: IAM 11G Rel2 V8

Oracle lanched Identity and Access management 11G Release 2, Version 8 (also known as V11.1.2.2.0) two weeks ago. You should check it out. Some reasons why: Installation is so much easier Installation is error proof (the "just MUST run configuresecurity first, or redo all" error can not occur. Tested it) The interface (OAM Console) has had a major overhaul. It responds faster and is more

Identity Management 11G Rel 2: RCU

Repository Creation Utility Running the Repository Creation Utility (RCU) for Linux is troublesome for some reasons. One of the reasons is it is 32-bits software, whereas the Linux platforms now are predominantly 64 bits. The other is java... Running it off my Ubuntu LTS host, using linux32 ./bin/rcu" resulted in (more...)

Enterprise Install of Identity & Access Management 11.1.2

Hardware Virtual hardware added to the Database and OUD/OVD installs: an 8GB/4CPU VM. Basic Software Of course, jrockit (the 37 release, the 45 does not always work with OFM 11GR2...) and WebLogic 10.3.6. WLS 12 is not yet certified against OFM I&AM 11GR2, as far as I (more...)

Access Manager 11G Rel 2 and APEX 4.2

There is some documentation regarding APEX and OAM, but it is flawed. Make sure APEX functions with standard (APEX user based) security, even through OAM; this means Allow /APEX/** Allow /i/** Protect /apex/apex_authentication.callback Page 9 states "OAM_REMOTE_USER with a value of $user.userid is created by default".Not true, (more...)