Monday, July 28, 2014

How to : Oracle Internet Directory 11g DIP(Oracle Directory Integration Platform) Synchronization with Active Directory

Steps to configure OID DIP synchronization with Active Directory


















-- Siva Pokuri.

How to Installation OID 11g (11.1.1.7.0)


Note: Assuming Weblogic Server 11g (10.3.6) & Oracle Database 11g installed

Steps:

1) Download Oracle Internet Directory 11g RCU & Installer from OTN
   
     URL: http://www.oracle.com/technetwork/middleware/downloads/oid-11g-161194.html

2) Follow below steps to create OID database schema












3) Install Oracle Internet Directory using IDM 11g suite




















-- Siva Pokuri.


Saturday, July 26, 2014

TIPS: Changing Oracle Access Manager 11g diagnostic log location


1) Login to Enterprise Manager Console. Ex: http://pokuri.demo.com:7001/em

2) Navigate to Identity and Access>>OAM>>oam_server(11.1.2.0.0)>>Logs and click on "Log Configuration"


3) Click on "Log Files" and select "old-handler" and click on "Edit Configuration".


4) Change the Log Path to new location and click "OK".


-- Siva Pokuri.

Friday, July 25, 2014

How to integrate OAM & OAAM 11g R2 PS2 (11.1.2.2.0)

Oracle Access Manager & Oracle Adaptive Access Manager 11g R2 PS2(11.1.2.2.0) Integration

Environment:

-- Oracle Access Manager 11g R2 PS2(11.1.2.2.0)
-- Oracle Adaptive Access Manager 11g R2 PS2(11.1.2.2.0)
-- Oracle Database 11g
-- Oracle WebLogic Server 10.3.6
-- Oracle Enterprise Linux 64-bit
-- Oracle Repository Creation Utility 11g R2 PS2(11.1.2.2.0)
-- Oracle HTTP Server 11g R1
-- OAM WebGate for OHS webserver 11.1.1.7.0
-- OAM user store is Weblogic embedded LDAP

Steps:

-- Login to Weblogic Administration console and create "oaamadmin" user and assign all the OAAM admin privileges.








-- Login to OAAM Admin console and add property as shown in the below screen shot





-- Follow below screen shots to create TAP key Store.





-- Assign a password for IAMSuiteAgent in OAM Admin console and update the same in Weblogic Administration console Security Realm>> IAMSuite Agent provider









-- Restart all OAM and OAAM admin & managed servers.

-- Update TAP Scheme challenge parameters as shown in the below screen shots.





-- Setup OAM Integration with OAAM.





-- Update the OAM, OAAM details in oaam_cli.properties file as shown in the below screen shot.



-- Set ORACLE_MW_HOME environment variable and execute setupOAMTapIntegration.sh as shown in the below screen shots

-- Enter "oaamadmin" user(which we created in the first step) and enter the password followed by OAAM database credentials and TAP keystore password. 



-- Verify oaam.uio.security.mode property value set to 1 in OAAM Admin console properties.

Testing:

Change any existing protected resource Authentication Schema from "LDAP Scheme" to "TAPScheme" and try to access the protected resource and try login with a valid user in the directory server.









-- Successfully logged in with OAAM security profile setup.



Hope this helps.

Thanks
Siva Pokuri.