BEA-090898 during PlugIn activation in clusters

Be Secure I did not mention it in my not so "OAM-in-a-day" entry, but when you run a clustered environment, make sure to set the "Secure" flag on the AdminServer and Managed Server configuration screens. It does have more impact that setting the "Use JSSE" flag on the SSL/Advanced section of the Weblogic console, but when you failed to do so, that's one place to correct it. Why? No particular

OAM 11GR2PS2 in a day

Get Access Manager 11gRel2 PS2 installed in a day Goal is to get OAM installed and configured in a day - with full control; that is without using the Installation Wizard. Virtual Box Start with Virtual Box. Allow plenty of memory (10GB), and disk (120GB). Attach V33411-01.iso (Oracle Server V6.3) to the CD, and boot. Minimal (not Basic server!) install, configure network with static IP

Je suis Charlie

Je suis Charlie Bien sûr, moi aussi, je suis Charlie, moi.

Dumb… no module named dom during

ImportError: no module named dom This error suddenly appeared in two OAM environments, during startup of the stack, more specifically, weblogic startup ( The complete stack is: $DOMAIN_HOME/ CLASSPATH=/oracle/middleware/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/oracle/middleware/jdk1.7.0_45/lib/tools.jar:/oracle/

Latest OAM certified against EBS

OAM certified EBS This blog entry shows OAM 11G Rel 2 PS2 (a.k.a. is certified against the Oracle e-Business suite 11 and 12 as of February 2014. Just in case you missed it, like me. Oracle e-business and SSO using OAMThe blog entry also references a series of articles on how to do e-Business Suite SSO using OAM.

Private Storage

Just a little project I just happened to be upgrading my workstation, and was left with some spare parts. I had some memory modules, an old P5 motherboard, and several AT-style enclosures. Also, I noticed my trusty Synology Diskstation began needing some larger disks. Or maybe it was time to replace it all together? Keeping up indexing my music and photos seems to become quite a daunting task,

HTTP-404 on /oamconsole

WeblogicHost versus WeblogicCluster Despite the fact, the oamconsole can not be clustered, it has to be "clustered". If you ever find yourself in a scenario, where your configure a webgate in front of your OAM Console, make sure you configure it like ############################################## ## Entries Required by Oracle Access Manager ############################################## # OAM

OAMSSA-06252 after patching

Once upon a time.. you had a working environment with WebLogic, Access and Identity Management (or Discoverer, or ...) and all of a sudden things start failing. Symptoms You notice the dreaded OAMSSA-06252 (Policy Store not Available) while starting up, and start fearing the worst. Also, it seems as-if you cannot login to OAM management console anymore; your credentials are accepted, but you get

Customized pages with Distributed Credential Cellector (DCC)

One of the worst documented areas in OAM; customizing pages with DCC. One revelation: you must use when you want to work, as seems to build the "Callback URL" list, that uses to destroy the session cookies.

Access Management alternatives (Part 1: Directory Services)

Intro At the governmental institute that hired me, I'm working hard to get the full Oracle Identity and Access Management (IAM) stack implemented. A colleague suggested OpenIAM, which -at closer look- turns out to be a fork of what I believe to be the origin of the Oracle stack, Sun's OpenSSO. So, I started at looking at this stack, which is available from ForgeRock. Let's start with the basis:

Check this out: IAM 11G Rel2 V8

Oracle lanched Identity and Access management 11G Release 2, Version 8 (also known as V11. two weeks ago. You should check it out. Some reasons why: Installation is so much easier Installation is error proof (the "just MUST run configuresecurity first, or redo all" error can not occur. Tested it) The interface (OAM Console) has had a major overhaul. It responds faster and is more

Identity Management 11G Rel 2: RCU

Repository Creation Utility Running the Repository Creation Utility (RCU) for Linux is troublesome for some reasons. One of the reasons is it is 32-bits software, whereas the Linux platforms now are predominantly 64 bits. The other is java... Running it off my Ubuntu LTS host, using linux32 ./bin/rcu" resulted in (more...)

Enterprise Install of Identity & Access Management 11.1.2

Hardware Virtual hardware added to the Database and OUD/OVD installs: an 8GB/4CPU VM. Basic Software Of course, jrockit (the 37 release, the 45 does not always work with OFM 11GR2...) and WebLogic 10.3.6. WLS 12 is not yet certified against OFM I&AM 11GR2, as far as I (more...)

Access Manager 11G Rel 2 and APEX 4.2

There is some documentation regarding APEX and OAM, but it is flawed. Make sure APEX functions with standard (APEX user based) security, even through OAM; this means Allow /APEX/** Allow /i/** Protect /apex/apex_authentication.callback Page 9 states "OAM_REMOTE_USER with a value of $user.userid is created by default".Not true, (more...)

Setup OUD and ODSM, and OVD/OID with ODSM

ODSM and ODSM? The version of ODSM, suitable for OUD will *not* serve OVD or OID, it is as simple as that. In fact, Oracle spends a whole chapter on installing the lot. I did follow this, but sometimes you want to explore different routes. OUD and ODSM I have (more...)

ORA-02248 – brilliant

Brilliant explanation, RTFM made polite. [oracle@local ~]$ oerr ora 2248 02248, 00000, "invalid option for ALTER SESSION" // *Cause: Obvious. // *Action: see SQL Language Manual for legal options.

Oracle Unified Directory TNS and EUS – Part 2: Enterprise User Security

Enterprise User Security: Step by Step I want to set OUD up in the way I've done it with OID Use a Shared Schema in every database map this shared schema within the security domain in OUD create enterpise users in OUD Use a group in (more...)

Oracle Unified Directory TNS and EUS – Part 1: TNS Resolving

Part two of OUD. Start it up # su - oracle $ /oracle/Middleware/asinst-1/OUD/bin/start-ds Just to make things happen, I shut down the firewall: # service iptables stop But at least, I can do things like: frank@ubuntu64:~$ ldapsearch -D "cn=Directory Manager" -w Welcome1 -h oud -p 1389 -b dc=home,dc=local cn=groups -LLL (more...)

Oracle Unified Directory configure

Configure the Unified Directory server /oracle/Middleware/oracle_common/common/bin/ Of course, add new domain. There's nothing yet! Select ODSM and EM; JRF will come automagically Changing the defaults Don't forget to document the passwords... Production mode; I will not develop new apps, so there's no need to scan for these - it (more...)

Oracle Unified Directory Installation

Installation and use. Having worked on a proof-of-concept which heavily depends on all sorts of Oracle Identity suites, I learned Oracle will probably dump OID (Internet Directory) and OVD (Virtual Directory) over the next 5 years in favor of Oracle Unified Directory (OUD - which means "old" in Ducth). So, (more...)