Latest OAM certified against EBS

OAM 11.1.2.2 certified EBS This blog entry shows OAM 11G Rel 2 PS2 (a.k.a. 11.1.2.2.0) is certified against the Oracle e-Business suite 11 and 12 as of February 2014. Just in case you missed it, like me. Oracle e-business and SSO using OAMThe blog entry also references a series of articles on how to do e-Business Suite SSO using OAM.

Private Storage

Just a little project I just happened to be upgrading my workstation, and was left with some spare parts. I had some memory modules, an old P5 motherboard, and several AT-style enclosures. Also, I noticed my trusty Synology Diskstation began needing some larger disks. Or maybe it was time to replace it all together? Keeping up indexing my music and photos seems to become quite a daunting task,

HTTP-404 on /oamconsole

WeblogicHost versus WeblogicCluster Despite the fact, the oamconsole can not be clustered, it has to be "clustered". If you ever find yourself in a scenario, where your configure a webgate in front of your OAM Console, make sure you configure it like ############################################## ## Entries Required by Oracle Access Manager ############################################## # OAM

OAMSSA-06252 after patching

Once upon a time.. you had a working environment with WebLogic, Access and Identity Management (or Discoverer, or ...) and all of a sudden things start failing. Symptoms You notice the dreaded OAMSSA-06252 (Policy Store not Available) while starting up, and start fearing the worst. Also, it seems as-if you cannot login to OAM management console anymore; your credentials are accepted, but you get

Customized pages with Distributed Credential Cellector (DCC)

One of the worst documented areas in OAM; customizing pages with DCC. One revelation: you must use login.pl when you want logout.pl to work, as login.pl seems to build the "Callback URL" list, that logout.pl uses to destroy the session cookies.

Access Management alternatives (Part 1: Directory Services)

Intro At the governmental institute that hired me, I'm working hard to get the full Oracle Identity and Access Management (IAM) stack implemented. A colleague suggested OpenIAM, which -at closer look- turns out to be a fork of what I believe to be the origin of the Oracle stack, Sun's OpenSSO. So, I started at looking at this stack, which is available from ForgeRock. Let's start with the basis:

Check this out: IAM 11G Rel2 V8

Oracle lanched Identity and Access management 11G Release 2, Version 8 (also known as V11.1.2.2.0) two weeks ago. You should check it out. Some reasons why: Installation is so much easier Installation is error proof (the "just MUST run configuresecurity first, or redo all" error can not occur. Tested it) The interface (OAM Console) has had a major overhaul. It responds faster and is more

Identity Management 11G Rel 2: RCU

Repository Creation Utility Running the Repository Creation Utility (RCU) for Linux is troublesome for some reasons. One of the reasons is it is 32-bits software, whereas the Linux platforms now are predominantly 64 bits. The other is java... Running it off my Ubuntu LTS host, using linux32 ./bin/rcu" resulted in (more...)

Enterprise Install of Identity & Access Management 11.1.2

Hardware Virtual hardware added to the Database and OUD/OVD installs: an 8GB/4CPU VM. Basic Software Of course, jrockit (the 37 release, the 45 does not always work with OFM 11GR2...) and WebLogic 10.3.6. WLS 12 is not yet certified against OFM I&AM 11GR2, as far as I (more...)

Access Manager 11G Rel 2 and APEX 4.2

There is some documentation regarding APEX and OAM, but it is flawed. Make sure APEX functions with standard (APEX user based) security, even through OAM; this means Allow /APEX/** Allow /i/** Protect /apex/apex_authentication.callback Page 9 states "OAM_REMOTE_USER with a value of $user.userid is created by default".Not true, (more...)

Setup OUD and ODSM, and OVD/OID with ODSM

ODSM and ODSM? The version of ODSM, suitable for OUD will *not* serve OVD or OID, it is as simple as that. In fact, Oracle spends a whole chapter on installing the lot. I did follow this, but sometimes you want to explore different routes. OUD and ODSM I have (more...)

ORA-02248 – brilliant

Brilliant explanation, RTFM made polite. [oracle@local ~]$ oerr ora 2248 02248, 00000, "invalid option for ALTER SESSION" // *Cause: Obvious. // *Action: see SQL Language Manual for legal options.

Oracle Unified Directory 11.1.2.1.0: TNS and EUS – Part 2: Enterprise User Security

Enterprise User Security: Step by Step I want to set OUD up in the way I've done it with OID 10.1.4.3: Use a Shared Schema in every database map this shared schema within the security domain in OUD create enterpise users in OUD Use a group in (more...)

Oracle Unified Directory 11.1.2.1.0: TNS and EUS – Part 1: TNS Resolving

Part two of OUD. Start it up # su - oracle $ /oracle/Middleware/asinst-1/OUD/bin/start-ds Just to make things happen, I shut down the firewall: # service iptables stop But at least, I can do things like: frank@ubuntu64:~$ ldapsearch -D "cn=Directory Manager" -w Welcome1 -h oud -p 1389 -b dc=home,dc=local cn=groups -LLL (more...)

Oracle Unified Directory 11.1.2.1.0 configure

Configure the Unified Directory server /oracle/Middleware/oracle_common/common/bin/config.sh Of course, add new domain. There's nothing yet! Select ODSM and EM; JRF will come automagically Changing the defaults Don't forget to document the passwords... Production mode; I will not develop new apps, so there's no need to scan for these - it (more...)

Oracle Unified Directory 11.1.2.1.0 Installation

Installation and use. Having worked on a proof-of-concept which heavily depends on all sorts of Oracle Identity suites, I learned Oracle will probably dump OID (Internet Directory) and OVD (Virtual Directory) over the next 5 years in favor of Oracle Unified Directory (OUD - which means "old" in Ducth). So, (more...)

SSO + WNA shown from Apache logging

When SSO works with Windows native Authentication, the Apache logging shows this: 10.10.10.116 - - [03/Feb/2011:11:11:34 +0100] "GET /oiddas/ui/oracle/ldap/das/mypage/ViewMyPage HTTP/1.1" 302 1061 10.10.10.116 - - [03/Feb/2011:11:11:34 +0100] "GET /pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=v1.4~18DD161D~A37A8CBF4314DD9

Configuring Identiy and Access Management 11GR2

In a nutshell: Start nodemenager /oracle/middleware/wlserver_10.3/server/bin/startNodeManager.sh Configure the Identity and Management Suite: /oracle/middleware/Oracle_IDM1/bin/config.sh DO NOT START YOUR MANAGED SERVERS!!! There's an omission in the manual... You need to configure the database as security placeholder first. You do that by /oracle/middleware/oracle_common/common/bin/wlst.sh

Configuring OID onto the existing IDM domain

Easy enough, when you know how ;) Start database & listener (of course, your environment is set): lsnrctl start sqlplus / as sysdba<Easy enough, when you know how ;) Start database & listener (of course, your environment is set): lsnrctl start sqlplus / as sysdba

-->

Install Identity and Access management Suite 11GR2

Install software Java You will need some sort of Java; I have none, and chose to use JRockit. Installing: [oracle@idm1 ~]$ /oracle/install/Software/weblogic/jrockit-jdk1.6.0_37-R28.2.5-4.1.0-linux-x64.bin Extracting 0%....................................................................................................100% No Demoes, no source code. WebLogic Oracle left the Apache camp, and now