• Find us:
    +1-669-900-5138   |   +44-203-372-5553
  • Free Newsletter

    Get Latest Updates

  • Make Training Enquiry


    Company

  • Categories

  • Archive

  • Oracle Identity & Access Management 11gR2 : Installation & Configuration in 12 Steps

    Posted by "" in "identity_manager, idm, im, installation, oaam, oam, oes, oif, OIM, owsm" on 2012-08-11

    Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInPin on PinterestEmail this to someone

    This post covers steps to install and configure Oracle Identity & Access Management (IDAM) 11gR2 (11.1.2). To download IDAM 11gR2 (11.1.2) software click here and for documentation click here

    Oracle Identity & Access Management 11gR2 (11.1.2) consists of

    • Oracle Access Management (OAM) : OAM suite consists of
      –> OAM Access Manager (earlier Oracle Access Manager)
      –> OAM Secure Token Service
      –> OAM Identity Federation (earlier Oracle Identity Federation)
      –> Oracle Access Management Mobile and Social (new product added in 11gR2)
      –> OAM Adaptive Access Manager
      –> Oracle Entitlement Server
      –> Oracle Web Services Manager (OWSM)
      Note: There are few more products (Oracle Enterprise Gateway, Enterprise Single Sign-On etc…) that are part of Oracle Access management Suite but they are installed using their own software.
    • Oracle Identity Manager (OIM)
    • Oracle Privileged Account Manager (OPAM) (new product added in 11gR2)
    • Oracle Identity Navigator (OIN)
    High Level Installation Steps for IDAM 11gR2 (11.1.2.0.0)
    Installation steps for IDAM 11gR2(11.1.2) are same as 11gR1 (11.1.1.3/5) with additional step to configure Database Security Store (configureSecurityStore.py)

    1. Install Database for Oracle Identity & Access Management(IDAM) schemas

    2. Create IDAM schemas in database using RCU 11.1.2.0.0

    3. Install JDK/JRockit 1.6 (for IBM Aix or HP Unix install vendor specific JDK).

    4. Install WebLogic 10.3.6  (This step will create Middleware Home MW_HOME)

    5. Install Identity & Access Management 11.1.2.0 software in Middleware Home (MW_HOME created in previous step)

    6. Install SOA Suite 11.1.1.6.0 software in Middleware Home (MW_HOME created in step 4) (SOA is required only for OIM, If you are not configuring OIM then there is no need to install SOA Suite)

    7. Apply patches listed in Release Notes here (Required for OIM only). [updated on 18th August 2012] If you can’t find patches listed in Release Notes of 11gR2 then check Bug 14489758 : WRONG PATCH NUMBERS IN RELEASE NOTES

    8. Create Weblogic Domain (more here) and select IDAM components by running config.sh from $MW_HOME/oracle_common/common/bin (Do not start WebLogic Server yet, create Database Security Store first as mentioned in next step)

    9. Create Database Security Store using WLST – <IAM_ HOME>/common/tools/configureSecurityStore.py (Ignore this step if you are creating WebLogic domain with just one domain template i.e. “Oracle Access Management Mobile and Social)

    10. Start WebLogic Admin Server

    11. Configure OIM Server ($IAM_ORACLE_HOME/bin/config.sh) – Ignore this step if you do not want OIM server

    12. Start WebLogic Managed Servers created during WebLogic domain creation

     

    References/Related

    Related Posts for IdM


    1. Oracle Identity & Access Management II
    2. Upgrade Oracle Internet Directory/IdM Suite to 10.1.4.2
    3. Oracle Launches Oracle Access Management Suite
    4. Installing Oracle Fusion Middleware (FMW) 11g – Identity Management Components (OID, DIP, OVD, OIF)
    5. Oracle Identity Management Products – OID, OVD, OAM, OIM, ORM, OWSM, OIF, eSSO, OES, OAAM
    6. #OracleIdM 11g webinar : Is this for OAM (Oracle Access Manager) & OIM (Oracle Identity Manager) 11g ?
    7. Installing Oracle Identity Management (OIM & OAM) 11g R1 PS2 (11.1.1.3) : High Level Steps
    8. #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN (11.1.1.3.0) – Part I : Load Schema
    9. Part II – Install WebLogic 10.3.3 : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN (11.1.1.3.0)
    10. Part III – Install SOA 11.1.1.2 & Upgrade to 11.1.1.3 : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN (11.1.1.3.0)
    11. Part IV – Install IDAM 11.1.1.3 : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN
    12. Part V : Create Domain : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN
    13. Part VI : Configure Identity Manager (OIM) : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN
    14. Part VII : Install & Configure OIM Design Console : #OracleIdM 11g : Step by Step Installation of OAM, OIM, OAAM, OAPM, OIN
    15. OAM 11g / OIM 11g High Availability (Active / Active) Architecture Documentation
    16. Part VIII (Optional) Configure LDAP Sync with OIM 11g (OIM 11g Integration with OVD/OID)
    17. Looking for Technical Reviewer for Oracle Identity & Access Management Book (OIM/OAM Administration)
    18. My Book “Oracle Identity & Access Manager 11g for Administrators” is now available in RAW format
    19. Install Oracle Identity Management (OIM/IDM) 11.1.1.4 – OID / OVD / OIF : High Level Steps
    20. Oracle IDentity & Access Management (OAM, OIM, OAAM & OES) 11.1.1.5 is available now : 12575064
    21. Password Policy in OAM-OIM-OID Integration : User not locked after configured value
    22. IdmConfigTool : OIM/OAM/FusionApps Integration – preConfigIDStore, prepareIDStore, configOAM, configOIM
    23. Autologin failed in OIM/OAM Integration after password reset SSOAccessKey javax.security. auth.login. LoginException
    24. OIM 11.1.1.5 BP02 (13399365) and OAM 11.1.1.5 BP02 (13115859)
    25. Confused about Oracle IAM software version & release number ?
    26. Oracle Identity Management 11g R2 #oracleidm : Webcast
    27. Oracle Identity Management 11g R2 documentation now available
    28. Oracle Identity & Access Management 11gR2 Software is now available to download
    29. Oracle Identity & Access Management 11gR2 : Installation & Configuration in 12 Steps
    30. OIM-OAM-OAAM integration using TAP – Request Flow you must understand !!
    31. Account Lock in OIM OAM OAAM, OID & WebLogic 11g because of Failed Login Attempts
    32. User not synced from OID (LDAP) to OIM (LDAPsync) : Account Locked in OAM is not locked in OIM
    33. Oracle IAM 11gR2 PS2 (11.1.2.2) is now available : Software download & Documentation
    34. Oracle IAM 11.1.2.2 Certification Matrix – Supported JDK, WebLogic, OS

    137 Responses to “Oracle Identity & Access Management 11gR2 : Installation & Configuration in 12 Steps”

    1. Henrik says:

      Have you applied the patches you mention in step 7?
      “7. Apply patches listed in Release Notes here (Required for OIM only)”

      I can’t find them on My Oracle Support, I opened a support case about it, but have not heard anything back yet…

    2. Roland says:

      Great to see you have had a successful installation. I am stuck at the RCU scripts in my own installation, they keep chewing through a ton of disk space (4G) – I am wondering if you happen to know how much disk space it took to run the RCU.

    3. IgnitedMind says:

      Hi Atul, Sould i use SOA 11.1.1.6.0 with 11gR2 ?

      (RCU 11.1.1.6.0,SOA 11.1.1.6.0)

      Help Appreciated.

    4. Atul Kumar says:

      @ IgnitedMind,
      Yes use SOA 11.1.1.6 for IDAM 11gR2 and use 10.3.6 weblogic (though doc says both 10.3.5 and 10.3.6 are supported)

    5. IgnitedMind says:

      Summarining,

      Installation of Database 11gR2

      Step 1>
      Creation of Schema using RCU 11.1.1.6 for OID.
      Creation of middllewareR1 using weblogic 10.3.6
      Installation & config of Oracle Identity Mangement 11.1.1.6.0
      Installation & configuration of SOA 11.1.1.6.0

      Step 2> as u mentioned in this post,
      Creation of Schema using RCU 11.1.2
      Creation of middllewareR2
      Installation of IAM etc

      Is above is ok ?
      2nd, I need to create Schmea for SOA using which RCU ? 11.1.1.6.0 or 11.1.2 ?

      Help Appreciated,

    6. Atul Kumar says:

      @ IgnitedMind

      I am not sure what you want to achieve . It is important to note that “Idenitity management” and “Identity & Access Management” are two different installs and different software.

      Check this
      http://onlineappsdba.com/index.php/2012/05/30/confused-about-oracle-iam-software-version-release-number/

    7. IgnitedMind says:

      Hi Atul,

      I have gone thru the link you shared.

      My Question Is,Schmea for SOA 11.1.1.6.0 should be created thru RCU 11.1.1.6.0 correct ? not thru RCU 11.1.2 (R2) ?

      thank you very much for your quick response.

      • Atul Kumar says:

        Currently SOA schema version in RCU 11.1.1.6 and 11.1.2.0.0 is same and compatible with SOA 11.1.1.6.0

        To be on safe side

        If you are installing IDAM 11.1.1.5 then install SOA 11.1.1.5 and use RCU 11.1.1.5 or 11.1.1.5.2

        If you are installing IDAM 11.1.2 then install SOA 11.1.1.6 and use RCU 11.1.2

    8. […] 1. OES consists of : a) OES 11g Administration Console : Authorization Policy Manager (APM) : This is server side components installed as part of Identity & Access Management software. […]

    9. Henrik says:

      Regarding the OIM patch numbers I asked about, they are incorrect in the docs.
      Oracle Support Bug 14489758 (WRONG PATCH NUMBERS IN RELEASE NOTES) can be found at: https://support.oracle.com/epmos/faces/ui/km/BugDisplay.jspx?id=14489758

      They should be:
      > 14948569 -> 14016801
      > 14735868 -> 13931550
      > 15211191 -> 14196234
      > 14908250 -> 14049150

    10. IgnitedMind says:

      Hi Atul/Henrik,

      I am not finding the patches for OIM.
      “2.3 Mandatory Patches for Installing Oracle Identity Manager”

      •14948569

      •14735868

      •15211191

      •14908250

      Non of the above patches found in support link.

      Any help appreciated.

    11. Henrik says:

      IgnitedMind -> See the post above yours..

    12. IgnitedMind says:

      oops, thanks Atul for the info.

    13. IgnitedMind says:

      Hi Atul,

      I have applied OIM Patch but for all the 4 patchs its giving similar message as below.

      [oracle@localhost 14049150]$ opatch apply
      Oracle Interim Patch Installer version 11.2.0.3.0
      Copyright (c) 2012, Oracle Corporation. All rights reserved.

      Oracle Home : /home/oracle/app/oracle/product/11.2.0/dbhome_1
      Central Inventory : /home/oracle/app/oraInventory
      from : /home/oracle/app/oracle/product/11.2.0/dbhome_1/oraInst.loc
      OPatch version : 11.2.0.3.0
      OUI version : 11.2.0.1.0
      Log file location : /home/oracle/app/oracle/product/11.2.0/dbhome_1/cfgtoollogs/opatch/14049150_Aug_17_2012_18_48_26/apply2012-08-17_18-48-26PM_1.log

      Applying interim patch ‘14049150’ to OH ‘/home/oracle/app/oracle/product/11.2.0/dbhome_1′
      Verifying environment and performing prerequisite checks…
      OPatch system modification phase did not start:
      Patch “14049150” is not needed since it has no fixes for this Oracle Home. Please see log file for details.
      Log file location: /home/oracle/app/oracle/product/11.2.0/dbhome_1/cfgtoollogs/opatch/14049150_Aug_17_2012_18_48_26/apply2012-08-17_18-48-26PM_1.log

      OPatch stopped on request.

      what coud have been wrong here ?

    14. IgnitedMind says:

      All the 4 patch Installed Successfully. I have to keep changing ORACLE_HOME dir based on patch like soa, idm or iam or oracle_common.
      patch like J2ee continer patch,ovd patch ,soa patch etc.

      I am not sure whether it was the correct way, just was doing trail.

      Once again thanks for help.

    15. Roland says:

      @IgnitedMind,
      I am having trouble applying the patches, would you be kind enough to map which patch needs to have which ORACLE_HOME set? I hope that isn’t too much trouble.

    16. Roland says:

      I also notice that patch 13931550 is really a deployment package for something called the Oracle Application Access Controls Governor. What is that? I don’t have confidence that I should be installing that into my environment – are we sure that it is the correct patch number?

    17. IgnitedMind says:

      @Roland,
      export PATH=$PATH:/home/oracle/middlewareR2/iam/OPatch

      >14948569 -> 14016801 ->
      Oracle_home=/home/oracle/middlewareR1/idm

      > 15211191 -> 14196234-Oracle_Home=/:/home/oracle/middlewareR2/soa1

      > 14908250 -> 14049150->Oracle_HOME=home/oracle/middlewareR2/oracle_common

      Last Patch was OAACG > 14735868 -> 13931550
      Yes even I have no confidence in this Patch.
      I am doing Installation on my personal laptop so can’t even raise an SR. :(

      Whats Oracle response on your SR ?

    18. IgnitedMind says:

      @Roland,

      I am able to login OIM now .I think till you get update on ur SR, you can continue further configuration.

    19. Roland says:

      @IgnitedMind, I didn’t open an SR with Oracle on that patch. I have simply not applied it on this go around. Like you I am installing on my laptop (MBP,Retina,16G,500GB SSD). I have had lots of issues with running out of disk space and memory in Vmware Fusion. A note for others: I would recommend that you start out with at least 50G of disk assigned and I believe I will end up using 6-8G of memory when all the servers are started. Fusion has a max of 8G of memory so I’ve just thrown everything I could at it yesterday.

    20. Roland says:

      I am able to get everything running except for OIM. I also cannot get patch 14016801 to apply. I am thinking that oim is not deployed properly but I don’t know what to do next to fix it.

      I am able to get the oim server (oim_server1) running but I can see that oim has failed to deploy. It is the only service that has failed to deploy – I can get everything else up and running: oam, oaam, opam, etc…

    21. IgnitedMind says:

      @Roland,

      Did your OIM Configuration was successfully ?

    22. IgnitedMind says:

      @Roland,

      Did u Enabled LDAP Sync while Configuraion ?

      I yes than, What LDAP you have choosen ?
      have you crated related container in OID ?

    23. Atul Kumar says:

      @ Roland/IgnitedMind ,
      Are you hitting any issues during OIM 11GR2 config ? If yes I can try this (I used OAM 11gR2 for now) and share my experiences here.

    24. sk says:

      Hi! Can IAM 11.1.2 be used for Fusion Apps 11.1.4?

    25. RR says:

      Can anyone please confirm if these 4 patches mentioned above are really required for OIM11gR2.
      As i did the OIM 11g R2 installation and configuration already.

      • Atul Kumar says:

        @ RR,
        No these patches are not mandatory. I installed and configured OIM 11gR2 without these 4 patches and all OIM 11gR2 features are working as expected.

        Regards
        Atul Kumar

    26. RR says:

      Thanks Atul for the quick response.
      Since it was mentioned in the document as mandatory patches, so was not sure if its really required or not.
      As of now even I am able to install and configure OIM 11gR2 without these patches.

      Regards

    27. Roland says:

      I am still having trouble getting OIM running. The OIM config keeps failing for me with the following error:

      [OIM_CONFIG] Passwords including weblogic password set in credential store successfully.
      ]]
      [2012-08-20T14:24:50.619-06:00] [as] [ERROR] [] [oracle.as.provisioning] [tid: 62] [ecid: 0000J_5hMQaFw000jzwkno1GCdmU000003,0] [[
      java.lang.NullPointerException

      …followed by a Java Stack Trace, then another Java error:

      [2012-08-20T14:24:50.620-06:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 62] [ecid: 0000J_5hMQaFw000jzwkno1GCdmU000003,0] [[
      [OIM_CONFIG] Database Encrytion failed.
      ]]
      [2012-08-20T14:24:50.620-06:00] [as] [ERROR] [] [oracle.as.provisioning] [tid: 62] [ecid: 0000J_5hMQaFw000jzwkno1GCdmU000003,0] Exception[[
      java.lang.Exception: Exception occured while encrypting the configuration and database
      at oracle.as.install.oim.config.util.EncryptConfigurationAndDB.encryptConfigurationAndDatbase(EncryptConfigurationAndDB.java:239)

      I have tried a lot of things, I’ve tried setting the value of DOMAIN_HOME when running config.sh, I truncated MLS_LOCALE (as per one post online), I’ve re-run the RCU and dropped DEV_OIM and then added it back. None of these have gotten me past this.

      Additional Notes: I opted for Not “Enable LDAP Sync” during the config. One thing that I have noticed, and I don’t know if it is supposed to be that way or not, under /home/oracle/Oracle/Middleware/Oracle_IDM1 I see dirs for oam, oaam, oinav, etc but I don’t see one for either idm or oim, yet I am not sure if i am supped to or not. I also have a separate directory for SOA at /home/oracle/Oracle/Middleware/Oracle_SOA1.

      • Atul Kumar says:

        @ Roland,
        Issue in your case is that database key for OIM is corrupt. My suggestion would be to remove everything including database schema and try again .

        Don’t run config.sh from $ORACLE_HOME/bin (to configure OIM server) multiple times.

    28. Bryan says:

      I have OIM 11.1.2.0 installed and working without using any of the patches mentioned above. I see the interfaces have been split in this new release. I can reconcile accounts into OIM but I don’t see where to provision accounts. I have the AD connector setup, configured, and reconciling accounts properly. What I don’t see is anywhere to Add Resources to the user accounts. Has anyone found this? I may just be overlooking it.

    29. Bryan says:

      Looks like the AD User account should show up under Accounts if you click on the user. If I click the accounts tab and click refresh, nothing appears. I have the AD Connector set for direct provisioning. If I click Request Access, nothing appears in the catalog. Not seeing anything out there for guidance. Has anyone else gotten this working?

    30. Bryan says:

      It looks like the AD User account should appear under the Accounts Tab under the user. If I click it and click refresh, nothing appears. If I click Request, nothing appears in the catalog. I have the AD connector set for direct provisioning. Has anyone gotten this working?

    31. Atul Kumar says:

      @ Bryan,
      I’ve not tested this yet but to add resource, use identity console /identity -> Administration -> Users .

      Did you populate catalog in OIM ?

      http://docs.oracle.com/cd/E27559_01/admin.1112/e27149/reqcat.htm#BABGCCJG

    32. […] in OIM URL and Administration Console. For Oracle IDM 11gR2 high level installation steps click here, for IDM 11gR2 documentation click here and to download IDM 11gR2 software click […]

    33. Bryan says:

      I’m working with the Active Directory Connector with 11G R2 and trying to provision to AD. I have the connector configured as a target resource. I have the Catalog configured to show the AD User option. I have a Role created for AD Users and an Access Policy associated with the role. When a user requests the AD User Resource from the Catalog, the resource account workflow shows it’s in a Provisioning state with an Unknown status. Looking at the resource history, the request is stuck in a Pending state under a task name of system validation.

      I have run the organization and group lookup recon tasks ahead of time and they both show as successes. Some folks in the forums insisted that the error was from the organization lookup recon and the lookup was not populated. I’m showing that the Lookup table associate with the lookup recon (Lookup.ActiveDirectory.OrganizationalUnits) is populated with my OU’s. I feel like this is something small, but I can’t figure out what it is.

      I’m stuck… any help would be greatly appreciated.

    34. Bryan says:

      As a additional note, I went into the design console and updated the AD User process definition to be set to Auto Save Form.

    35. Atul Kumar says:

      @ Bryan,
      I’ll try to integrate AD-OIM11Gr2 this next week (busy with my prodction build for my customer :( ) and update lessons learned here.

    36. Bryan says:

      I appreciate it… I’ll keep plugging away at it as well and update with any findings. I also saw a page load error when trying to access a workflow for approval from the Home screen. I haven’t looked into that either.

    37. Bryan says:

      I did, that was pretty easy to setup and configure.

      I need to read up more on the Catalog. When trying to request Roles or Resources, it directs me to the Catalog. As an end user, I would think they would want to click on the Catalog and see their options and not have to search and guess as to what they are looking for. I had to type AD and search for me to see the AD User provisioning process. I still haven’t been able to figure out how to Request a Role through the Catalog.

    38. Roland says:

      I’ve been getting some strange errors when trying to get OIM and OAM to work well together. I’m running OL6/64 bit. It made me go back and double check what version of the RCU I ran and it turns out that when I issue an “rcu -version” I get 11.1.1.6 as the result, even though the package I downloaded from Oracle clearly stated it was the 11.1.2 RCU for Linux. My question to others would be, if you run the same command, what version of the RCU did you use for your installs? Maybe I need to ask Oracle if they mistakenly posted the wrong RCU for Linux?

      • Atul Kumar says:

        @ Roland,
        I know this is strange but this is expected behaviour (developers forgot to update version in help) . Run below command and you will see output like below

        SQL> select * from schema_version_registry;

        OAM Oracle Access Manager DEV1 OAM OAM DEV1_OAM 11.1.1.3.0 VALID N

        OIM Oracle Identity Manager DEV1 OIM OIM DEV1_OIM 11.1.2.0.0 VALID N

        Note that there is nothing changed in OAM schema between 11.1.1.3 till 11.1.2 and hence you still see version 11.1.1.3 in database (this is compatible with OAM version)

        Your issue is something different. Did you create these two components OIM & OAM is same domain or different domain ? what issue you are hitting ?

    39. Roland says:

      @Atul, Thanks, yes, I do see that OIM is at version 11.1.2 in the schema registry.

      I do have OIM and OAM installed in the same domain. What was happening was that I would log into OIM with xelsysadm then I would be redirected to OAM, but the hostname would be “null” and I would have to change it my hostname, login with weblogic and then I would get access to my OIM sysadm or identity consoles.

      I found the Host Identifier for IAMSuiteAgent had two hosts defined:
      IAMSuiteAgent, port 80
      IAMSuiteAgent, no port

      That didn’t make any sense, so I put in my hostname (idm) and FQDN (idm.example.com) but didn’t know what port to use, so I used the OAM Proxy port (5575)

      I then only needed to sign into OIM once, with xelsysadm, but I have errors in both my Admin Server, oim_server1 and oam_server1. The admin server and oim_server1 have the following error:

      <OAM Server can not be accessed, fallback to container policy

      the oam_server1 has the error:

      But I can login… Just the error messages are disturbing.

    40. Anand says:

      Hi Atul,

      There is a issue while accessing the policy configuration tab in OAM admin console 11gr2

      Error: the policy store is not available.please see the log files.

    41. Rohith says:

      Hello,

      I hav installed OIM 11g R2 and AD Connector Server is also configured. I have created IT Resource and Application Instance. I am trying to run AD Group Lookup Recon schedule task but I am getting following error: Exception Message org.identityconnectors.framework.common.exceptions.ConnectorException: java.net.SocketTimeoutException: connect timed out
      Any hints/thoughts about this?

      Cheers,
      Rohith

    42. swathi says:

      Hi Atul,

      There is a issue while accessing the policy configuration tab in OAM admin console 11gr2

      Error: the policy store is not available.please see the log files.

      I believe this was because of the below.

      When I was creating domain for OAM using common/bin/config.sh “create domain” screen and in selecting the product’s checkboxes… I noticed on this one install that “Oracle Access Manager with Database Policy Store” was not in the list of products.

      How to resolve this issue in 11gR2.

    43. Atul Kumar says:

      @ Swathi,
      Did you run configureSecurityStore.py and was that successful ?

      Check where is policy store pointing to (You can do this via EM), this should be pointing to database under OPSS schema .

    44. Atul Kumar says:

      @ Swathi,
      Policy store I mentioned above (CSF and application roles) is diifferent from OAM policy store. You mentioned that “Oracle Access Manager with Database Policy Store” was in domain template …

      This could be your issue – Did your IAM 11gR2 installation complete successfully ? What all options were available during domain template ?

    45. Swathi says:

      Hi Atul,

      I have installed OAM 11gR2 only OAM (no OIM, no SOA) successfully and was able to login to oamconsole. But when i click on policy configuration tab I am getting errors like “the policy store is not available.please see the log files”.

      I did not run configureSecurityStore.py as I thought it is only for OIM. Do I still need to run this even just for OAM?

      As I am receiving policy store errors, thought of reinstalling it again. While reinstalling, I installed RCU for OAM, OAM, webtier. And at the time of domain creation, I found that I am not getting “Oracle Access Manager with Database Policy Store” option to check. I think this is why in my first installtion, i received policy store related errors.

      I sent an email to you with the jpg files showing the options that I am getting while creating a domain for this oam.

      Again, thanks for your help.

    46. jdev says:

      Hi Atul,
      While running configureSecurityStore.py by following
      Scenario 1: Oracle Identity Manager, Oracle Access Manager in the same WebLogic Administration Domain Sharing the same Database Security Store
      I am getting follwing error eventhough the password is correct.
      /oracle_common/common/bin/wlst.sh /common/tools/configureSecurityStore.py -d /user_projects/domains/iamtest_dom -c IAM -m create
      Info: Data source is: opss-DBDS
      Please input data source password:
      Pa$$w0rd
      Info: DB JDBC driver: oracle.jdbc.OracleDriver
      Info: DB JDBC URL: jdbc:oracle:thin:@rac1-vip.XXXXXX:1521/testdb.XXXXXXX
      INFO: Found persistence provider “org.eclipse.persistence.jpa.PersistenceProvider”. OpenJPA will not be used.
      INFO: Found persistence provider “org.eclipse.persistence.jpa.PersistenceProvider”. OpenJPA will not be used.
      [EL Severe]: 2012-09-16 09:28:41.915–ServerSession(475351693)–Exception [EclipseLink-4002] (Eclipse Persistence Services – 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
      Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied

      my domain creation was successful with the all the schemas and passwords
      regards jdev

    47. jdev says:

      Hi atul,
      please remove my previous post. will post updated question…

    48. jdev says:

      hi athul,
      please remove my previous post….will update the question with new logs…

    49. jdev says:

      hi atul,
      i fixed the issue the problem was with the special characters in the password….please remove my post…..

    50. Swathi says:

      Hi Atul,

      Please ignore my post. I found the issue and fixed it.

      Thanks,
      swathi

    51. Atul Kumar says:

      @ Swathi,
      Good to hear that, what you did to fix your issue ?

    52. user6066 says:

      Had anyone used iam 11.1.2 with EBS 12.1.3? Is it certified? All metalink note on EBS 12.1.3 and SSO integration still talk about 11.1.1.5 or 11.1.1.6.

    53. Suneel says:

      Hi,

      I am new to Identity Management products. I just started implementing Oracle Identity and Access Management 11g (11.1.2.0.0) for testing.

      I downloaded the following S/W & the documentation bundles from Oracle:

      1. Oracle WebLogic Server 11gR1 (10.3.6) Generic and Coherence
      2. Oracle SOA Suite 11g Patch Set 5 (11.1.1.6.0)
      3. Oracle Identity and Access Management 11g (11.1.2.0.0)
      4. Oracle Fusion Middleware Repository Creation Utility 11g (11.1.2.0.0) for Microsoft Windows
      5. Oracle Enterprise Single Sign On 11.1.2.0.0
      6. Oracle Access Manager WebGates 11.1.2.0.0
      7. Oracle Unified Directory 11g (11.1.2.0.0)
      8. Oracle Identity Management 11g Patch Set 5 (11.1.1.6.0) for Microsoft Windows x86 (64-bit)
      Docs:
      1. Oracle Fusion Middleware Documentation Library 11g Release 1 (11.1.1.6.0)
      2. Oracle Fusion Middleware Identity Management Documentation Library 11g Release 2 (11.1.2.0.0)

      After reviewing the installation guide for IAM 11g R2 and your article, I followed the steps from 1 to 10 (except 7, I do not have support contract with Oracle).
      Now I am trying to configure Identity Navigator and realized that I need to configure identity store using : Oracle Internet Directory or OracleVirtual Directory. As I see OID or OVD are not part of Oracle IAM 11gR2, but they are part of : Oracle Identity Management 11g Patch Set 5 (11.1.1.6.0).

      Can I now use (After installing R2): Oracle Identity Management 11g Patch Set 5 (11.1.1.6.0) to Install OID/OVD in the same setup? If not what are the other options I have?

      I just created one Admin Server & see most of the servers are not running.

      From Admin Console:
      Servers (Filtered – More Columns Exist)

      Showing 1 to 6 of 6 PreviousNext
      Name Sorted Ascending Cluster Machine State Health Listen Port
      AdminServer(admin) RUNNING OK 7001
      oaam_server_server1 SHUTDOWN 14300
      oam_server1 SHUTDOWN 14100
      oim_server1 SHUTDOWN 14000
      opam_server1 SHUTDOWN 18101
      soa_server1 LocalMachine SHUTDOWN 8001

      Do I need to create a Member server for these servers to run?

      I know some questions may be basic ones, I am trying to read as much as possible to understand but with too many new products :-(, I felt it is better to ask for some help.

      Thanks in Advance.

      Suneel

    54. jdev says:

      Hi Athul,

      I deployed oim 11g r2 successfully and its working fine….my goal is to extend the domain with oam but not going to integrate with oim.So for that i did following..
      Extend the oim domain with oam..
      Removed IAMSuite agendt from myrelm…
      After that oim login is not working….
      Please let me know following…
      The procedure which i followed is right or wrong and how can i achieve my goal…

      Regards,
      jdev

    55. Atul Kumar says:

      @ jdev,
      When you say OIM is not working , what is not working ?

      Is this that you can’t login ?
      How are you loggin in to OIM (via OHS or direct on OIM weblogic port) ?
      What authentication providers do you have in weblogic and in what order and what is JAAS flag ?

      Check http://onlineappsdba.com/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/

      and

      http://onlineappsdba.com/index.php/2010/02/04/how-to-integrate-weblogic-with-oracle-internet-directory-for-login-authentication/

    56. jdev says:

      Hi Athul,

      yes i cant login

      I observed the following things….
      If we extend oim domain with oam,then OIMAuthenticationProvider (authenticating against oimdb) will be removed and IAMSuiteAgent will be added the myrealm provider list…

      any comments..
      jdev

    57. Anand says:

      Hi Atul
      i have integrated OIM11gR2 with OAM 11gR2,every thing working fine when i perform selfregistration in OIM it is throwing following error in OIM server logs,when i track the request ID it shows the request creation failled.

      javax.naming.directory.InvalidAttributeIdentifierException: [LDAP: error code 1 – Attribute orclaccountlocked is not supported in schema.]; remaining name ‘cnTNEWUSER01,cn=Reserve,cn=oracleAccounts,dc=uatoid,dc=nbty,dc=global’
      at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3136

      Regards
      Anand

    58. Atul Kumar says:

      @ Anand,
      Issue is with either
      a) Your OIM – OAM integartion
      or
      b) You are using OID hostname in LDAP resource (hostname should be blank so OVD can be used)
      or
      c) If you are using OVD then persmissions are not set correctly in OVD (ACLs)

      Share which document you used to integrate OIM with OAM ?
      Are you using OVD for OIM LDAP inetgration ?

    59. Anand says:

      Hi Atul,

      i have a ldap sync with OID, i am not using OVD. i have followed the this http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oim.htm#CACJDIDD link for integration.integration is working fine when ever i perform self registration,i am getting following error

      javax.naming.directory.InvalidAttributeIdentifierException: [LDAP: error code 1 – Attribute orclaccountlocked is not supported in schema.]; remaining name ‘cnTNEWUSER01,cn=Reserve,cn=oracleAccounts,dc=uatoid,dc=nbty,dc=global’
      at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3136

    60. Anand says:

      Hi Atul,

      Thanks for your help, the problem resolved.

    61. Anand says:

      Hi Atul,

      After OIM and OAM integration, new user is try to login into oimconsole using oamauthenticationpage, it is not asking reset password and challenge questions, How to get restet password and challenge questions after integration,is it possible?

    62. om says:

      Hi Atul,

      Wish you a very happy new year 2013! I had encountered a problem while setting up the IDM & IAM stack, hence seeking your help.

      The versions I am using are IDM 11.1.1.6, IAM 11.1.2.0, SOA 11.1.1.6, Weblogic 10.3.6. The install part is completed successfully for all the components. I am trying to set up IAM and IDM components in the same weblogic domain, correct me if this is not supported (my assumption being that its supported.

      As we know, that for IAM 11.1.2 we need to set up the Database Security Store before we start the weblogic servers here is the problem I am facing:. I cannot configure the IDM components before the database security store config because the IDM config wizard starts up the weblogic server in the process. What I dis was, create a weblogic domain, extend it then set up the Database Security Store
      and then configure the IAM components (which goes fine), followed by IDM components config, the OIF configuration fails. If I try the sequence the other way round, IDM config -> DB Cred Store config, IAM config, it throws errors and Policy Manager is not accessible ( which is logical as the DB cred store config needs to go in before weblogic server starts). So this leaves me in a fix, please advise.

    63. Atul Kumar says:

      @ om,

      Install IDM 11.1.1.6 and IAM (IDAM) 11.1.2 in different middleware home and under separate domain.

      Regards
      Atul Kumar

    64. om says:

      Thanks Atul for the reply. I had also thought of this option to set them up in two different domains which should work fine. The reason I was pursuing this option (to set up both in same weblogic domain) because I could not find any oracle documentation which was saying this as non supported and I had been successfully using IAM and IDM in the same weblogic domain on the earlier versions (till 11.1.1.6).

    65. Atul Kumar says:

      @ OM,
      Yes, I agree there is no note that says this is not supported. There are some changes in policyStore configuration (in 11gR2 it is mandatory to have DB as policy store) where as in 11gR1 policyStore could be XML, OID or DB .

      My suggestion would be different DOMAIN_HOME and MW_HOME for 11gR1 and 11gR2 IDM

    66. […] Manager (OPAM) is a new product introduced in Oracle Identity Management 11gR2 (More on IdM 11gR2  here, here, and here. For new features in IdM 11gR2 click here, here, and here ). OPAM server is part […]

    67. […] Manager (OPAM) is a new product introduced in Oracle Identity Management 11gR2 (More on IdM 11gR2  here, here, and here. For new features in IdM 11gR2 click here, here, and here ). OPAM server is part […]

    68. Vinod says:

      Integration OIM 11G R2 with R12.1.3, and also i need to configure OIM, OVD setup. Please help us, which softwares to download it.

    69. Vinod says:

      Hi Atul,

      I need small help from you.

      Before Integration Oracle E-Business Suite 12.1.3 with IAM 11gR2 and also need setup Single Sign-On with OID/OAM 11g?

      Need to install WebLogic Server 10.3.6.
      OVD Setup is required?

      What are the pre-requisites software’s to download it.


      Regards,
      Vinod

    70. Vinod says:

      Hi Atul,

      I’m confusion with OAM 10g/11g.

      Pre-requisites software’s to Install/Configure IAM 11gR2 integration Oracle E-Business Suite 12.1.3 & OAM 11g for SSO.

      Using WebLogic Server 10.3.6. OVD Setup is required?


      Regards,
      Vinod

    71. Atul Kumar says:

      @ Vinod ,
      What is your exact requirement for EBS integration with identity management ?

      1. Is this just SSO ?
      or also
      2. Self Service Password Management including Forgot Password
      and also
      3. User provisioning & responsibility assignment via Identity management

      Share your exact requirement and then I’ll share software required including any dependencies

    72. Vinod says:

      Hi Atul,

      We are planning to implement SSO with Oracle EBS R12 (12.1.3).

      We have to install & configure OID (11.1.1.6) with EBS R12.1.3 and also OAM 11g.

      We are not sure what are the products to be installed?

      Could you please help me how to complete these two steps (including what software & versions to be downloaded)?

      Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR2 (11.1.2) using Oracle E-Business Suite AccessGate [ID 1484024.1]

      • Oracle Access Manager 11.1.2
      • Oracle E-Business Suite Release 12.0.6, 12.1.1+
      • Oracle Identity Management 11.1.1.5, 11.1.1.6
      • Oracle Internet Directory 11.1.1.6
      • Oracle WebLogic Server 10.3.5+


      Regards,
      Vinod

    73. Atul Kumar says:

      @ Vinod

      This is what you need to do

      1. Install OAM 11.1.2 in MW_HOME1

      1.1 Install JDK 1.6.29+
      1.2 Install WLS 10.3.6
      1.3 Create OAM schema using RCU 11.1.2
      1.4 Install IDAM 11.1.2
      1.5 Create Weblogic Domain and select components as OAM and EM
      1.6 Configure security store for OAM Domain in database

      2. Install OID 11.1.1.6 in MW_HOME2

      1.1 Install JDK 1.6.24+
      1.2 Install WLS 10.3.6
      1.3 Create OID schema using RCU 11.1.1.6
      1.4 Install IDM 11.1.1.6
      1.5 Configure OID and DIP/ODSM

      3. Install OHS 11.1.1.6

      4. Install WebGate 10g or 11gR1 or 11gR2

      5. Integrate EBS with OID

      6. Configure EBS with OAM for SSO using AccessGate

    74. Vinod says:

      Thank you for explain me in brief.

    75. Vinod says:

      Hi Atul,

      For downloading all software from
      https://edelivery.oracle.com

      Oracle Fusion Middleware 11g Media Pack for Linux x86-64 – version 11.1.1.6.0.

      Oracle Fusion Middleware Identity Management 11g R2 Media Pack – version 11.1.2.0.0.


      Thanks,
      Vinod

    76. Vinod says:

      Just for confirmation

    77. Vinod says:

      Thank you very much for all your help and support!

    78. NP says:

      Atul,
      I have some confusion around responsibilities.
      1) Are EBS responsibilities synced from EBS to OIM or OAM in order to assign properly?
      2) Are EBS responsibilities managed in EBS once integrated or in OIM or OAM? For example, I want to create AP XXX, with varying menus functions. Where?
      3) How are the responsibilities setup in EBS pulled to either OIM or OAM?

      Thanks.

    79. blanchem says:

      Hi Atul,

      I am currently working a Identity and Access Management deployment in order to test an implementation of Identity federation (OIF) using SAML 2.0 Attribute base mapping. So far I’ve got 2 domains, first one OAM 11.1.2 acting as a federated SP and OIM 11.1.1.6 acting as a federated IdP. I believe I have all the component up and running in place, although still have some config to complete:

      OAM 11.1.2 domain

      1.1 Install JDK 1.6.29+
      1.2 Install WLS 10.3.6
      1.3 Create OAM schema using RCU 11.1.2
      1.4 Install IDAM 11.1.2
      1.5 Create Weblogic Domain and select components as OAM, OIF as SP and EM
      1.6 Configure security store for OAM Domain in database
      1.7 Register WebGate 10g with OAM
      1.7 Install WebGate: • 64-bit Webgate: Oracle_Access_Manager10_1_4_3_0_Win64_ISAPI_Webgate.exe on IIS Server for protecting hosted document.

      OIM domain…

      1.1 Install JDK 1.6.24+
      1.2 Install WLS 10.3.6
      1.3 Create OID schema using RCU 11.1.1.6
      1.4 Install IDM 11.1.1.6
      1.5 Configure OID and OVD

      3. Install OHS 11.1.1.6

      Here’s my question:

      There is some documentation talking about 11G Webgate for OAM 11.1.2, but I could’nt find anything on OTN download site for IIS server.
      Is there any benefit of using 11G webgate vs 10G and does it exist for IIS server or 11G webgate is strickly for OHS/WebLogic server.

    80. Atul Kumar says:

      @blanchem,
      11g Webgate is avaialble for OHS only , for all other web servers (including IIS) there is only 10g WebGate.

      Only difference between 10g and 11g webgate is that “Deny on not protected” is configurable in 10g webgate where as in 11g webgate only option is “Deny on not protected”

      In 11gR2 webgate , you can also configure webgate as credential collection (new seacurity feature introduced in 11gR2 webgate)

    81. kiron says:

      Hi Atul,

      I have installed OAM 11gr2 product only on two nodes in cluster environment. I am able to open the oamconsole using the admin server port on the node 1. I am little confused now how we can access the oam console from node 2 when node 1 is down? Because the admin server is running only on node 1 (ofcourse oam managed server also on it) and node2 has only the managed oam server.

      • Atul Kumar says:

        @ Kiron,
        OAM Admin Console is singleton service that means it can only run in Active-Passive mode. This application is used only by Administrators for configuration and if node1 goes down then you can migrate Admin Server to node2 and start OAMconsole.

    82. madan says:

      Looking for past experience for migration Oracle Access Manager 11g Release 1 to Oracle Access Management Access Manager (Access Manager) 11g Release 2 (11.1.2).

      I am following 16 step upgrade flow. 11GR2 requires new schema’s and export/import of data.

      http://docs.oracle.com/cd/E27559_01/doc.1112/e28183/oam_up.htm#BABFJDGF

      Our baseline is OAM 11.1.1.5.0 BP03 on Linux.

      Upgrade is completed but data is not shown in oamconsole. Documentation states that The Administration server start-up takes approximately 30 minutes due to policy migration but for me it is coming up in 3-4 minutes

      Here is output of of exportAccessData. It generates PS1 policy files. Import has no errors. I

      wls:/offline> exportAccessData(“/u01/soft/OAM11G.R2.Upgrade/config/upgrade.properties”)
      LOGGER intialised java.util.logging.Logger@1e211757
      Mar 14, 2013 10:21:32 AM oracle.security.access.upgrade.WLSTExecutor executeCommand
      INFO: EXPORT_DATA_COMMAND
      Mar 14, 2013 10:21:32 AM oracle.security.access.upgrade.util.WLSTExportDataUtil executeCommand
      INFO: OAAM PRODUCT
      Mar 14, 2013 10:21:32 AM oracle.security.access.upgrade.util.WLSTExportDataUtil executeCommand
      INFO: OAM PRODUCT
      Mar 14, 2013 10:21:32 AM oracle.security.access.upgrade.util.WLSTExportDataUtil executeCommand
      INFO: oamPlugin.getName() = oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory
      Mar 14, 2013 10:21:32 AM oracle.security.am.upgrade.plugin.util.UpgradeUtil exportConfiguration
      INFO: Copying configuration file….
      oracle.security.am.upgrade.plugin.upgradehelper.OAMVersionSpecificClassLoader@1e1f4781
      [EL Info]: 2013-03-14 10:21:34.51–ServerSession(517763463)–EclipseLink, version: Eclipse Persistence Services – 1.1.0.r3634

      [EL Info]: 2013-03-14 10:21:36.974–ServerSession(517763463)–file:/u01/app/oracle/product/iam/fmw/Oracle_IAM/oam/server/lib/upgrade/ps1-policy/oes-d8/jps-internal.jar-JpsDBDataManager login successful
      Mar 14, 2013 10:21:40 AM com.tangosol.coherence.component.util.logOutput.Jdk log
      INFO: 2013-03-14 10:21:40.456/17.045 Oracle Coherence 3.5.3/465p2 (thread=Main Thread, member=n/a): Loaded operational configuration from resource “jar:file:/u01/app/oracle/product/iam/fmw/Oracle_IAM/oam/server/lib/upgrade/ps1-policy/coherence.jar!/tangosol-coherence.xml”
      Mar 14, 2013 10:21:40 AM com.tangosol.coherence.component.util.logOutput.Jdk log
      INFO: 2013-03-14 10:21:40.466/17.055 Oracle Coherence 3.5.3/465p2 (thread=Main Thread, member=n/a): Loaded operational overrides from resource “jar:file:/u01/app/oracle/product/iam/fmw/Oracle_IAM/oam/server/lib/upgrade/ps1-policy/coherence.jar!/tangosol-coherence-override-dev.xml”
      Mar 14, 2013 10:21:40 AM com.tangosol.coherence.component.util.logOutput.Jdk log
      INFO: 2013-03-14 10:21:40.468/17.057 Oracle Coherence 3.5.3/465p2 (thread=Main Thread, member=n/a): Loaded operational overrides from resource “jar:file:/u01/app/oracle/product/iam/fmw/Oracle_IAM/oam/server/lib/upgrade/ps1-policy/mapstore-coherence.jar!/tangosol-coherence-override.xml”
      Mar 14, 2013 10:21:40 AM com.tangosol.coherence.component.util.logOutput.Jdk log
      INFO: 2013-03-14 10:21:40.620/17.209 Oracle Coherence GE 3.5.3/465p2 (thread=Main Thread, member=n/a): Loaded cache configuration from “jar:file:/u01/app/oracle/product/iam/fmw/Oracle_IAM/oam/server/lib/upgrade/ps1-policy/mapstore-coherence.jar!/oam-cache-config.xml”
      Mar 14, 2013 10:21:41 AM com.tangosol.coherence.component.util.logOutput.Jdk log
      WARNING: 2013-03-14 10:21:41.085/17.674 Oracle Coherence GE 3.5.3/465p2 (thread=Main Thread, member=n/a): UnicastUdpSocket failed to set receive buffer size to 1428 packets (2096304 bytes); actual size is 89 packets (131071 bytes). Consult your OS documentation regarding increasing the maximum socket buffer size. Proceeding with the actual value may cause sub-optimal performance.
      Mar 14, 2013 10:21:44 AM com.tangosol.coherence.component.util.logOutput.Jdk log
      INFO: 2013-03-14 10:21:44.497/21.086 Oracle Coherence GE 3.5.3/465p2 (thread=Cluster, member=n/a): Created a new cluster “OAM” with Member(Id=1, Timestamp=2013-03-14 10:21:41.1, Address=172.16.10.171:9095, MachineId=46763, Location=site:bias.com,machine:iadoel03,process:1212, Edition=Grid Edition, Mode=Development, CpuCount=2, SocketCount=1) UID=0xAC100AAB0000013D69471D6CB6AB2387
      Mar 14, 2013 10:21:45 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
      INFO: Diagnostic Engine with rate metrics enabled, has been initialized.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.diagnostic.impl.Config
      INFO: Number of collectors registered: “2”.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:48 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:48 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:48 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:48 AM oracle.security.am.upgrade.plugin.policyextractor.OAMPolicyExtractor writeApplicationDomains
      SEVERE: Resource : not found.
      oracle.security.am.common.policy.admin.store.PolicyStoreException: Resource : not found.
      at oracle.security.am.common.policy.admin.provider.oes.OESResourceStore.getResource(OESResourceStore.java:677)
      at oracle.security.am.upgrade.plugin.policyextractor.OAMPolicyExtractor.writeApplicationDomains(Unknown Source)
      at oracle.security.am.upgrade.plugin.policyextractor.OAMPolicyExtractor.extractOAMPolicies(Unknown Source)
      at oracle.security.am.upgrade.plugin.policyextractor.OAMPolicyExtractor.extract(Unknown Source)
      at oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory.exportData(Unknown Source)
      at oracle.security.access.upgrade.util.WLSTExportDataUtil.executeCommand(WLSTExportDataUtil.java:68)
      at oracle.security.access.upgrade.WLSTExecutor.executeCommand(WLSTExecutor.java:99)
      at oracle.security.access.upgrade.WLSTExecutor.execute(WLSTExecutor.java:67)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at org.python.core.PyReflectedFunction.__call__(Unknown Source)
      at org.python.core.PyReflectedFunction.__call__(Unknown Source)
      at org.python.core.PyObject.__call__(Unknown Source)
      at org.python.core.PyObject.invoke(Unknown Source)
      at org.python.pycode._pyx49.exportAccessData$3(/u01/app/oracle/product/iam/fmw/Oracle_IAM/common/wlst/access_upgrade.py:32)
      at org.python.pycode._pyx49.call_function(/u01/app/oracle/product/iam/fmw/Oracle_IAM/common/wlst/access_upgrade.py)
      at org.python.core.PyTableCode.call(Unknown Source)
      at org.python.core.PyTableCode.call(Unknown Source)
      at org.python.core.PyFunction.__call__(Unknown Source)
      at org.python.pycode._pyx62.f$0(:1)
      at org.python.pycode._pyx62.call_function()
      at org.python.core.PyTableCode.call(Unknown Source)
      at org.python.core.PyCode.call(Unknown Source)
      at org.python.core.Py.runCode(Unknown Source)
      at org.python.core.Py.exec(Unknown Source)
      at org.python.util.PythonInterpreter.exec(Unknown Source)
      at org.python.util.InteractiveInterpreter.runcode(Unknown Source)
      at org.python.util.InteractiveInterpreter.runsource(Unknown Source)
      at org.python.util.InteractiveInterpreter.runsource(Unknown Source)
      at weblogic.management.scripting.WLST.main(WLST.java:188)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at weblogic.WLST.main(WLST.java:29)

      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:52 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:52 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:52 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
      WARNING: Cannot load audit configuration.
      Mar 14, 2013 10:21:53 AM oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory exportData
      INFO: Extraction Done!!
      Mar 14, 2013 10:21:53 AM oracle.security.am.upgrade.plugin.util.UpgradeCommonUtil removeDirectory
      INFO: Deletion of Directory: true path: /u01/soft/OAM11G.R2.Upgrade/config/temp.zip
      Mar 14, 2013 10:21:53 AM oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory exportData
      INFO: Export completed successfully!!

      Thanks
      Madan

    83. Bryan says:

      Does anyone have a walkthrough they could share of a simple 2 node IAM enterprise install? All I see are single node standalone installs. Just looking for something to guide me through it once.

      Thanks.

    84. Atul Kumar says:

      @ Bryan,
      Use same guideline for HA (Active-Active cluster) for 11gR1. Do you have Enterprise Deployment Guide for 11gr1 ?

      Atul

    85. Bryan says:

      I’m reading through the enterprise deployment guide. It looks as if there are two complete installs of IAM (including weblogic, soa, IAM and database).

      I’ve got the installs down individually, but my question is how do they tie together to be HA? I think I’m missing something basic.

      Maybe I’ve overlooking it in the doc?

    86. Atul Kumar says:

      @ Bryan
      Yes you install twice (on each IAM node) but when it comes to creating domain then you define cluster .

      Follow http://docs.oracle.com/cd/E14571_01/core.1111/e12035/create_domain_im.htm#CFHIBIEG and also link you shared above

    87. Bryan says:

      Does it share the same database instance?

    88. Atul Kumar says:

      @ Bryan,
      For Database HA use RAC so you will have have two or more database instances for a database .

      This is all in the document that I shared .

    89. […] Identity Management Suite. For High Level installation Steps of Identity Management 11gR2 click here  For Oracle Identity Management 11gR2 documentation click here and for software […]

    90. IgnitedMind says:

      HI,
      I am receiving error ” “. while oam server is starting.

      I have checked data source is running.

      I have also verified in EM that store type is Oracle database and its pointing to jdbc/OPSSDBDS

      any thought on this error ?

      It was working before but now i was doing some integration (oam-oim-ovd) stuff and thought of creating identity store in OAM but when i tried to login got above error.

      Help Appreciated.

    91. IgnitedMind says:

      I have also checked
      ./wlst.sh /home/oracle/middlewareR2/iam/common/tools/configureSecurityStore.py -d /home/oracle/middlewareR2/user_projects/domains/base_domain/ -m validate
      Info: Data source is: opss-DBDS
      Info: Diagnostics data was saved to the credential store.
      Info: Validate operation has completed successfully.

    92. IgnitedMind says:

      I am receiving error

      Scanning of system policy failed. Reason oracle.security.jps.service.policystore.PolicyStoreException: JPS-10702: The datasource jdbc/OPSSDBDS is not found..

    93. Atul Kumar says:

      @ IgnitedMind ,
      Check OPSSDBDS is available in WebLogic Console as data source under Services and there are no errors in WebLogic server log files.

      Check status of this data source OPSSDBDS from WebLogic console

    94. IgnitedMind says:

      Hi Atual,

      data source OPSSDBDS from WebLogic console
      is in running state. hence its working fine and i have target as Admin Server,oim,oam,soa server.

      there are no error in weblogic server as well. :(

    95. Neha says:

      Hi Atul,

      I am trying to install OAM 11gr2. So I ran RCU(V37476). Then I installed weblogic 10.3.6 and ran the install for OAM(v37472). Then I came back and did config wizard for Weblogic and while test JDBC schema, I get test failed for OAM infrastructure. I get a message saying, A connection was established but no rows returned for that. I did get test successful for OPSS. Please let me know what I can do.
      Thanks,
      Neha

    96. rohit_rr says:

      @Anand:

      Can you please elaborate how did you resolved the issue
      [LDAP: error code 1 – Attribute orclaccountlocked is not supported in schema.]; remaining name
      Thanks
      Rohit

      • Atul Kumar says:

        @ Rohit, This error means not all the intergation steps are configured for OIM/OAM/OID integration. If you think you have performed all the steps and still hitting this issue then share which document you are following.

    97. rohit_rr says:

      @Atul:

      Thanks for the Quick response, i’m following the following Guide
      http://docs.oracle.com/cd/E15586_01/fusionapps.1111/e21032/toc.htm

      However we do have a OHS and Clustering, but dont think that should affect the setup between OIM/OAM/OID

      per my knowledge i have performed all the steps i have rechecked them and they are all fine.

    98. rohit_rr says:

      @ Atul:

      Forgot to mention its the version is 11.1.1.7 and not R2

    99. rohit_rr says:

      @ Atul:
      THis is the only part i have not done “11.6.2 Configuring Oracle Access Manager by Using the IDM Automation Tool”

      becuase i’m not using OHS, however i have configured a OID IDstore from the oamconsole and have set it as System store, i’m able to successfully login to OAM using the orcladmin

      incase the 11.6.2 configuration is mandatory for the user creation in OID from OIM as Ldapsync option please do let me know what values shud i be providing in the fields which refer to OHS. Also after running the Ldap User and Group Full reconcilation job i have all the OID users in OIM

      Thanks
      Rohit

    100. Phanindra says:

      Hi Atul,

      I am starting up with OIM 11g R2 on Linux for the first time, could you help me with a brief notes of Installation and Configuration, including the Linux commands for a Root user ?

      Pls send to my email address “gvrpkumar@gmail.com”

      Many Thanks in advance.

      Best Regards,
      Phanindra.

      • Atul Kumar says:

        @ Phanindra,
        You can’t install OIM using root, you must use non root account.

        After installation and configuration (as mentioned in above post),
        1. Start Admin Server ($DOMAIN_HOME/bin/startWebLogic.sh)
        2. Start Node Manager $WL_HOME/server/bin/startNodeManager.sh
        3. Start OIM & SOA server from WebLogic Admin Console http://host:adminPort/console (where default value of adminPort is 7001)

    101. Phanindra says:

      Hi Atul,

      Thanks for the reply.

      I am planning to install using the RHEL – GUI.

      have the below 2 questions.

      1. Does the OIM setup requires a Webserver to be setup ? If yes where it needs to be hosted ? (i.on a new server or ii on the OIM server itself)?

      2. How does the password flow back happens from AD to OIM & ERP (Autherative system) ? and how the event of conflict would be handled, in case of any attribute changes at the AD level ?

    102. Atul Kumar says:

      @ Phanindra

      1. Does the OIM setup requires a Webserver to be setup ? If yes where it needs to be hosted ? (i.on a new server or ii on the OIM server itself)?

      AK: No, Web Server is not required just for OIM but if you want to do SSO (Single Sign-On) server with OIM then Web Server is required. You can deploy web server on any server including OIM server but in production it is recommended to install web server on different machine in DMZ (for security reasons)

      2. How does the password flow back happens from AD to OIM & ERP (Autherative system) ? and how the event of conflict would be handled, in case of any attribute changes at the AD level ?

      AK: Password change from OIM to AD happens using kernel event in OIM and from AD to OIM it happens via Password Sync connector.

    103. Phanindra says:

      Atul,

      Please send me the compatible version matrix of OIM components needs to be downloaded, for OIM 11g R2 on Linux 64, and the links, i could not see all these below on the URL below.

      https://edelivery.oracle.com/EPD/Download/get_form

      Java / jrockit
      RCU
      Weblogic
      SOA
      OIM
      OAM

      Thanks,
      Best Regards,
      Phanindra

    104. Phanindra says:

      Hi Atul,

      One more question, could you also send a some information on the data flow happens betwen EBS (Autherative system) to OIM and from OIM to AD, including the auto privisioning.

      i.e if a user has been created in EBS, how it flow to AD, and how the automatic user provisioning would happen at AD.

      And could we apply any Flag at OIM level to do a Selective user provisioning ? if yes, please also let me know that procedure.

      Many Thanks,
      Phanindra.

    105. kjj1983 says:

      Hi Atul,

      A basic feature seems to be missing. I need to confirm if its the case with everyone.

      A certification approver has to be assigned Certification administrator role to allow them to take any action on the certs. The issue here is the approver can view other certs and also perform any actions on them. This is an issue. Can you confirm if you have the same behavior. I had upgraded from OIM11gr2 BP06 to PS1.

    106. rojalin_sahoo says:

      Hi,
      I ran /oracle_common/common/bin/wlst.sh /common/tools/configureSecurityStore.py -d -c IAM -p -m create
      script in windows.
      I got the error failed to initialize security store in command prompt.

    107. Sadiq says:

      Team,
      Trying to install OIM on linux via virtual box. I have done the all the necessary setup however while trying to start weblogic server. Encountered the following error

      Info: Data source is: opss-DBDS
      WLS ManagedService is not up running. Fall back to use system properties for configuration.
      Error: Diagnostics data was not saved to the credential store.
      Error: Validate operation has failed.
      Need to do the security configuration first!

      understood that i have to create and validate the security store.However, while trying to create the security store i got the following error even though the password mentioned is right.

      MW_Home/oracle_common/common/bin/wlst.sh MW_Home/common/tools/configureSecurityStore.py -d MW_HOme/user_projects/domains/OIM_Test -c IAM -m create

      Info: Data source is: opss-DBDS
      Please input data source password:

      Info: DB JDBC driver: oracle.jdbc.OracleDriver
      Info: DB JDBC URL: jdbc:oracle:thin:@rac1-vip.XXXXXX:1521/testdb.XXXXXXX
      INFO: Found persistence provider “org.eclipse.persistence.jpa.PersistenceProvider”. OpenJPA will not be used.
      INFO: Found persistence provider “org.eclipse.persistence.jpa.PersistenceProvider”. OpenJPA will not be used.
      [EL Severe]: 2012-09-16 09:28:41.915–ServerSession(475351693)–Exception [EclipseLink-4002] (Eclipse Persistence Services – 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
      Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied

      Regards,
      Sadiq

    108. Sadiq says:

      Hi Atul,
      I did provide the password with -p kindly find the syntax below. Former post was a copy, paste error.

      Correct Syntax Used:

      MW_Home/oracle_common/common/bin/wlst.sh MW_Home/common/tools/configureSecurityStore.py -d MW_HOme/user_projects/domains/OIM_Test -c IAM -p password1 -m create

      Is there anyways to retrieve the old password or change opss password.

      Regards,
      Sadiq

    109. Atul Kumar says:

      @ Sadiq,
      You can chnage password of XXX_OPSS from DB SQL> alter user XXX_OPSS identified by ;

      You must also change any passwords in JDBC (in weblogic console) related to OPSS

    110. Sadiq says:

      Thanks atul will try it out tonight and update the results.

      Regards,
      Sadiq

    111. Sadiq says:

      Hi Atul,
      I was able to go beyond this error by resetting the password. However ran into a new one when configuring the security store.

      Caused by: java.sql.SQLIntegrityConstraintViolationException:ORA-00001: unique constraint (DEV1_OPSS.IDX_JPS_RDN_PDN) violated

      Followed metalink document 1547423.1 and did the following steps as suggested

      Reinstall OAM as

      1. Delete the Schemas using RCU.
      2. Recreate the OAM schemas.
      3. Reinstall the WLS and OAM software.
      4. Run config.sh to create a new domain.
      5. Run setDomainEnv.sh from user_projects/domains//bin
      6. Run the configureSecurityStore.py from same window.

      Still No go. Seems i have ran into a bug.16690836 with no solution or patches.

      I am trying to install OIM on linux via virtual box. Any thoughts or work arounds????

      Regards,
      Sadiq

    112. Atul Kumar says:

      @ Sadiq,
      This error means

      1. You are not using same version of RCU as for IAM middleware
      or
      2. There are imcompatible software in MW_HOME (like IAM 11gR1 and R2 both in same middleware home)

    113. Sadiq says:

      Yup, Realized that. thanks atul. Downloading 11gr2 now.

      Will keep posted.

      Thanks once again.

      Regards,
      Sadiq

    114. OIMBP says:

      Hi Atul,

      While installing OIM 11g R2 (infact while running config utility) getting below error : INST-6193: The attribute JpsContextName in MBean com.oracle.sdp.messaging:Location=soa_server1,name=ServerConfig

      Have you by any chance had this issue? Appreciate if you can guide on resolving this…

      • Atul Kumar says:

        @ OIMBP<
        Never, ensure that you have followed all the steps carefully . If this is still an issue then share which documentation you are following to install and configure OIM

    115. Piyush says:

      We are trying to create attestation process in OIM 11gr2. the requirement is to run attestation on roles (to check who all are member of that particular role). Actually there are roles associated with each users which have to be reconciled from DB.(there are two tables in DB one with user detail and other child table contains role associated with each user). requirement is get get attestation reports based on roles.

    116. sundas7 says:

      Hi Experts,
      I am trying to insatall OIM11Gr2 on my Windows 7 32 bit laptop( 4GB RAM).

      I am able to install DB.However, I am trying to execute RCU and it gives me with the error:

      This version \rcu_home\jdk\jre\bin\javaw.exe is not compatible with the version of Windows you are running.

      I have confirmed JDK version is 1.7_55.

      Can you please advice if OIM11gr2 can be installed only on Windows 64 bit and Not 32 bit?

      thanks
      sundas7

    117. Anil says:

      Hi Atul,

      I regularly Follow your posts, I was Integrating Oracle Access Manager with Oracle E-business Suite for this I have Installed Oracle Access Manager+ Oracle Internet Directory When After Testing the Webgate Registration when I am Accessing the OAMConsole Page it is giving me below,

      “the policy store is not available please check log file”

      Please provide me a helpful guideline.

      Regards,
      Anil

    Leave a Reply



  • K21 Technologies is among the most experienced Oracle Gold Partner for Identity Access Management service providers. We work with application development companies and in-house technology division to help achieve significant returns on their IT security investment. Our clientele includes some of the globally renowned corporate, which speaks of our expertise in our field.

    We have the most talented and experienced team that can swiftly deploy security solutions even in complex IT ecosystem. Our clients highly appreciate our timely implementation, interactive training, on-demand support and community resources.
  • CONTACTS

    K21 Technologies
    8 Magnolia Place, Harrow,
    London, HA2 6DS

    UK: +44(0)7476444481
    USA: +1-888-414-1821

  • 2014, K21 Technologies. All rights reserved DMCA.com
  • TOP
    TOP