OAM Policy Manager Setup Issue “Error in setting Policy Domain Root” : OAM with AD and Dynamic Auxiliary Class
.
Issue : Oracle Access Manager Installation failed at Policy Manager Configuration Screen “Error in setting Policy Domain Root”
.
Configuration :
1. Oracle Access Manager Version – 10.1.4.3
2. Directory Server (LDAP) – Microsoft Active Directory (AD) 2003
3. Dynamic Auxiliary Class support with AD 2003 was enabled
.
.
Root Cause :
Active Directory (AD) 2003 domain and forest was NOT promoted to Functional Level 2003 for Dynamic-Linked Auxiliary Object Class Support as mentioned in “Oracle Access Manager installation with AD” guide here
.
Fix :
1.Restore Active Directory from backup (pre OAM installation state) as it is NOT possible to delete schema (schema for OAM in AD) . For steps on how to uninstall/remove Oracle Access Manager (OAM) here
2. Raise functional domain level for Domain and Forest in AD from Mixed Mode (2000 Native + 2003) to Windows Server 2003
.
Similarly change Forest Functional Level to 2003
.
.
3. Restart Windows Machine which hosts AD
4. Install Oracle Access Manager again
.
.
What is Object Class – Structural and Auxiliary Object Class ?
Object Classes – Directory (LDAP Server) entries are made up of Object Classes. Object Classes are made up of attributes. There are three type of Object Classes in Oracle Access Manager (OAM)
i) Structural Object Class– These type of Object Class defines basic aspects of an Object. Each Identity Application (User, Group , Organization) is associated with a structural Object Class. example of Structural Object Class – inetOrgPerson or person
ii) Auxiliary Object Class – Auxiliary Object Classes extend the structural Object Class. They describe additional attributes for special items of a structural Object Class. в это время делать ставки на события на выводимые средства mostbet По правилам букмекера, клиента в любой момент могут попросить о верификации аккаунта
iii) Template Object Class – Template Object Class is configured for provisioning data to external applications. Template Class objects are NOTstored in LDAP Directory. Objects from Template Class are stored in Files. Oracle Access Manager provides generic template file in [install_dir]/config/templates
.
What is Dynamically Linked Auxiliary Class ?
A dynamically-linked auxiliary class is a class that is attached to an individual object, rather than to an object class. Dynamic linking enables you to store additional attributes with an individual object without the forest-wide impact of extending the schema definition for an entire class. More information here
About the Author Atul Kumar
Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.