Leave a Comment:
145 comments
Have you applied the patches you mention in step 7?
“7. Apply patches listed in Release Notes here (Required for OIM only)”
I can’t find them on My Oracle Support, I opened a support case about it, but have not heard anything back yet…
Reply@ Henrik,
No, not applied these patches as I am currently exploring new features in Access Management of 11gR2 (Social, Mobile, PAM and OES).
Great to see you have had a successful installation. I am stuck at the RCU scripts in my own installation, they keep chewing through a ton of disk space (4G) – I am wondering if you happen to know how much disk space it took to run the RCU.
Reply@ Roland,
For me RCU using tiny disk space (under 1 GB) for schemas. Are you creating all schemas or just IDAM ones (create only IDAM ones please)
Hi Atul, Sould i use SOA 11.1.1.6.0 with 11gR2 ?
(RCU 11.1.1.6.0,SOA 11.1.1.6.0)
Help Appreciated.
Reply@ IgnitedMind,
Yes use SOA 11.1.1.6 for IDAM 11gR2 and use 10.3.6 weblogic (though doc says both 10.3.5 and 10.3.6 are supported)
Summarining,
Installation of Database 11gR2
Step 1>
Creation of Schema using RCU 11.1.1.6 for OID.
Creation of middllewareR1 using weblogic 10.3.6
Installation & config of Oracle Identity Mangement 11.1.1.6.0
Installation & configuration of SOA 11.1.1.6.0
Step 2> as u mentioned in this post,
Creation of Schema using RCU 11.1.2
Creation of middllewareR2
Installation of IAM etc
Is above is ok ?
2nd, I need to create Schmea for SOA using which RCU ? 11.1.1.6.0 or 11.1.2 ?
Help Appreciated,
Reply@ IgnitedMind
I am not sure what you want to achieve . It is important to note that “Idenitity management” and “Identity & Access Management” are two different installs and different software.
ReplyHi Atul,
I have gone thru the link you shared.
My Question Is,Schmea for SOA 11.1.1.6.0 should be created thru RCU 11.1.1.6.0 correct ? not thru RCU 11.1.2 (R2) ?
thank you very much for your quick response.
ReplyCurrently SOA schema version in RCU 11.1.1.6 and 11.1.2.0.0 is same and compatible with SOA 11.1.1.6.0
To be on safe side
If you are installing IDAM 11.1.1.5 then install SOA 11.1.1.5 and use RCU 11.1.1.5 or 11.1.1.5.2
If you are installing IDAM 11.1.2 then install SOA 11.1.1.6 and use RCU 11.1.2
Reply[…] 1. OES consists of : a) OES 11g Administration Console : Authorization Policy Manager (APM) : This is server side components installed as part of Identity & Access Management software. […]
ReplyRegarding the OIM patch numbers I asked about, they are incorrect in the docs.
Oracle Support Bug 14489758 (WRONG PATCH NUMBERS IN RELEASE NOTES) can be found at: https://support.oracle.com/epmos/faces/ui/km/BugDisplay.jspx?id=14489758
They should be:
> 14948569 -> 14016801
> 14735868 -> 13931550
> 15211191 -> 14196234
> 14908250 -> 14049150
Hi Atul/Henrik,
I am not finding the patches for OIM.
“2.3 Mandatory Patches for Installing Oracle Identity Manager”
•14948569
•14735868
•15211191
•14908250
Non of the above patches found in support link.
Any help appreciated.
ReplyHi Atul,
I have applied OIM Patch but for all the 4 patchs its giving similar message as below.
[oracle@localhost 14049150]$ opatch apply
Oracle Interim Patch Installer version 11.2.0.3.0
Copyright (c) 2012, Oracle Corporation. All rights reserved.
Oracle Home : /home/oracle/app/oracle/product/11.2.0/dbhome_1
Central Inventory : /home/oracle/app/oraInventory
from : /home/oracle/app/oracle/product/11.2.0/dbhome_1/oraInst.loc
OPatch version : 11.2.0.3.0
OUI version : 11.2.0.1.0
Log file location : /home/oracle/app/oracle/product/11.2.0/dbhome_1/cfgtoollogs/opatch/14049150_Aug_17_2012_18_48_26/apply2012-08-17_18-48-26PM_1.log
Applying interim patch ‘14049150’ to OH ‘/home/oracle/app/oracle/product/11.2.0/dbhome_1’
Verifying environment and performing prerequisite checks…
OPatch system modification phase did not start:
Patch “14049150” is not needed since it has no fixes for this Oracle Home. Please see log file for details.
Log file location: /home/oracle/app/oracle/product/11.2.0/dbhome_1/cfgtoollogs/opatch/14049150_Aug_17_2012_18_48_26/apply2012-08-17_18-48-26PM_1.log
OPatch stopped on request.
what coud have been wrong here ?
ReplyAll the 4 patch Installed Successfully. I have to keep changing ORACLE_HOME dir based on patch like soa, idm or iam or oracle_common.
patch like J2ee continer patch,ovd patch ,soa patch etc.
I am not sure whether it was the correct way, just was doing trail.
Once again thanks for help.
Reply@IgnitedMind,
I am having trouble applying the patches, would you be kind enough to map which patch needs to have which ORACLE_HOME set? I hope that isn’t too much trouble.
I also notice that patch 13931550 is really a deployment package for something called the Oracle Application Access Controls Governor. What is that? I don’t have confidence that I should be installing that into my environment – are we sure that it is the correct patch number?
Reply@Roland,
export PATH=$PATH:/home/oracle/middlewareR2/iam/OPatch
>14948569 -> 14016801 ->
Oracle_home=/home/oracle/middlewareR1/idm
> 15211191 -> 14196234-Oracle_Home=/:/home/oracle/middlewareR2/soa1
> 14908250 -> 14049150->Oracle_HOME=home/oracle/middlewareR2/oracle_common
Last Patch was OAACG > 14735868 -> 13931550
Yes even I have no confidence in this Patch.
I am doing Installation on my personal laptop so can’t even raise an SR. 🙁
Whats Oracle response on your SR ?
Reply@Roland,
I am able to login OIM now .I think till you get update on ur SR, you can continue further configuration.
Reply@IgnitedMind, I didn’t open an SR with Oracle on that patch. I have simply not applied it on this go around. Like you I am installing on my laptop (MBP,Retina,16G,500GB SSD). I have had lots of issues with running out of disk space and memory in Vmware Fusion. A note for others: I would recommend that you start out with at least 50G of disk assigned and I believe I will end up using 6-8G of memory when all the servers are started. Fusion has a max of 8G of memory so I’ve just thrown everything I could at it yesterday.
ReplyI am able to get everything running except for OIM. I also cannot get patch 14016801 to apply. I am thinking that oim is not deployed properly but I don’t know what to do next to fix it.
I am able to get the oim server (oim_server1) running but I can see that oim has failed to deploy. It is the only service that has failed to deploy – I can get everything else up and running: oam, oaam, opam, etc…
Reply@Roland,
Did u Enabled LDAP Sync while Configuraion ?
I yes than, What LDAP you have choosen ?
have you crated related container in OID ?
@ Roland/IgnitedMind ,
Are you hitting any issues during OIM 11GR2 config ? If yes I can try this (I used OAM 11gR2 for now) and share my experiences here.
Can anyone please confirm if these 4 patches mentioned above are really required for OIM11gR2.
As i did the OIM 11g R2 installation and configuration already.
@ RR,
No these patches are not mandatory. I installed and configured OIM 11gR2 without these 4 patches and all OIM 11gR2 features are working as expected.
Regards
Atul Kumar
Thanks Atul for the quick response.
Since it was mentioned in the document as mandatory patches, so was not sure if its really required or not.
As of now even I am able to install and configure OIM 11gR2 without these patches.
Regards
ReplyI am still having trouble getting OIM running. The OIM config keeps failing for me with the following error:
[OIM_CONFIG] Passwords including weblogic password set in credential store successfully.
]]
[2012-08-20T14:24:50.619-06:00] [as] [ERROR] [] [oracle.as.provisioning] [tid: 62] [ecid: 0000J_5hMQaFw000jzwkno1GCdmU000003,0] [[
java.lang.NullPointerException
…followed by a Java Stack Trace, then another Java error:
[2012-08-20T14:24:50.620-06:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 62] [ecid: 0000J_5hMQaFw000jzwkno1GCdmU000003,0] [[
[OIM_CONFIG] Database Encrytion failed.
]]
[2012-08-20T14:24:50.620-06:00] [as] [ERROR] [] [oracle.as.provisioning] [tid: 62] [ecid: 0000J_5hMQaFw000jzwkno1GCdmU000003,0] Exception[[
java.lang.Exception: Exception occured while encrypting the configuration and database
at oracle.as.install.oim.config.util.EncryptConfigurationAndDB.encryptConfigurationAndDatbase(EncryptConfigurationAndDB.java:239)
I have tried a lot of things, I’ve tried setting the value of DOMAIN_HOME when running config.sh, I truncated MLS_LOCALE (as per one post online), I’ve re-run the RCU and dropped DEV_OIM and then added it back. None of these have gotten me past this.
Additional Notes: I opted for Not “Enable LDAP Sync” during the config. One thing that I have noticed, and I don’t know if it is supposed to be that way or not, under /home/oracle/Oracle/Middleware/Oracle_IDM1 I see dirs for oam, oaam, oinav, etc but I don’t see one for either idm or oim, yet I am not sure if i am supped to or not. I also have a separate directory for SOA at /home/oracle/Oracle/Middleware/Oracle_SOA1.
Reply@ Roland,
Issue in your case is that database key for OIM is corrupt. My suggestion would be to remove everything including database schema and try again .
Don’t run config.sh from $ORACLE_HOME/bin (to configure OIM server) multiple times.
ReplyI have OIM 11.1.2.0 installed and working without using any of the patches mentioned above. I see the interfaces have been split in this new release. I can reconcile accounts into OIM but I don’t see where to provision accounts. I have the AD connector setup, configured, and reconciling accounts properly. What I don’t see is anywhere to Add Resources to the user accounts. Has anyone found this? I may just be overlooking it.
ReplyLooks like the AD User account should show up under Accounts if you click on the user. If I click the accounts tab and click refresh, nothing appears. I have the AD Connector set for direct provisioning. If I click Request Access, nothing appears in the catalog. Not seeing anything out there for guidance. Has anyone else gotten this working?
ReplyIt looks like the AD User account should appear under the Accounts Tab under the user. If I click it and click refresh, nothing appears. If I click Request, nothing appears in the catalog. I have the AD connector set for direct provisioning. Has anyone gotten this working?
Reply@ Bryan,
I’ve not tested this yet but to add resource, use identity console /identity -> Administration -> Users .
Did you populate catalog in OIM ?
http://docs.oracle.com/cd/E27559_01/admin.1112/e27149/reqcat.htm#BABGCCJG
Reply[…] in OIM URL and Administration Console. For Oracle IDM 11gR2 high level installation steps click here, for IDM 11gR2 documentation click here and to download IDM 11gR2 software click […]
ReplyI’m working with the Active Directory Connector with 11G R2 and trying to provision to AD. I have the connector configured as a target resource. I have the Catalog configured to show the AD User option. I have a Role created for AD Users and an Access Policy associated with the role. When a user requests the AD User Resource from the Catalog, the resource account workflow shows it’s in a Provisioning state with an Unknown status. Looking at the resource history, the request is stuck in a Pending state under a task name of system validation.
I have run the organization and group lookup recon tasks ahead of time and they both show as successes. Some folks in the forums insisted that the error was from the organization lookup recon and the lookup was not populated. I’m showing that the Lookup table associate with the lookup recon (Lookup.ActiveDirectory.OrganizationalUnits) is populated with my OU’s. I feel like this is something small, but I can’t figure out what it is.
I’m stuck… any help would be greatly appreciated.
ReplyAs a additional note, I went into the design console and updated the AD User process definition to be set to Auto Save Form.
Reply@ Bryan,
I’ll try to integrate AD-OIM11Gr2 this next week (busy with my prodction build for my customer 🙁 ) and update lessons learned here.
I appreciate it… I’ll keep plugging away at it as well and update with any findings. I also saw a page load error when trying to access a workflow for approval from the Home screen. I haven’t looked into that either.
Reply@ Bryan,
Did you use application instance as mentioned here http://docs.oracle.com/cd/E27559_01/admin.1112/e27149/appinstance.htm#CHDBGBFD
I did, that was pretty easy to setup and configure.
I need to read up more on the Catalog. When trying to request Roles or Resources, it directs me to the Catalog. As an end user, I would think they would want to click on the Catalog and see their options and not have to search and guess as to what they are looking for. I had to type AD and search for me to see the AD User provisioning process. I still haven’t been able to figure out how to Request a Role through the Catalog.
ReplyI’ve been getting some strange errors when trying to get OIM and OAM to work well together. I’m running OL6/64 bit. It made me go back and double check what version of the RCU I ran and it turns out that when I issue an “rcu -version” I get 11.1.1.6 as the result, even though the package I downloaded from Oracle clearly stated it was the 11.1.2 RCU for Linux. My question to others would be, if you run the same command, what version of the RCU did you use for your installs? Maybe I need to ask Oracle if they mistakenly posted the wrong RCU for Linux?
Reply@ Roland,
I know this is strange but this is expected behaviour (developers forgot to update version in help) . Run below command and you will see output like below
SQL> select * from schema_version_registry;
OAM Oracle Access Manager DEV1 OAM OAM DEV1_OAM 11.1.1.3.0 VALID N
OIM Oracle Identity Manager DEV1 OIM OIM DEV1_OIM 11.1.2.0.0 VALID N
Note that there is nothing changed in OAM schema between 11.1.1.3 till 11.1.2 and hence you still see version 11.1.1.3 in database (this is compatible with OAM version)
Your issue is something different. Did you create these two components OIM & OAM is same domain or different domain ? what issue you are hitting ?
Reply@Atul, Thanks, yes, I do see that OIM is at version 11.1.2 in the schema registry.
I do have OIM and OAM installed in the same domain. What was happening was that I would log into OIM with xelsysadm then I would be redirected to OAM, but the hostname would be “null” and I would have to change it my hostname, login with weblogic and then I would get access to my OIM sysadm or identity consoles.
I found the Host Identifier for IAMSuiteAgent had two hosts defined:
IAMSuiteAgent, port 80
IAMSuiteAgent, no port
That didn’t make any sense, so I put in my hostname (idm) and FQDN (idm.example.com) but didn’t know what port to use, so I used the OAM Proxy port (5575)
I then only needed to sign into OIM once, with xelsysadm, but I have errors in both my Admin Server, oim_server1 and oam_server1. The admin server and oim_server1 have the following error:
<OAM Server can not be accessed, fallback to container policy
the oam_server1 has the error:
But I can login… Just the error messages are disturbing.
ReplyHi Atul,
There is a issue while accessing the policy configuration tab in OAM admin console 11gr2
Error: the policy store is not available.please see the log files.
ReplyHello,
I hav installed OIM 11g R2 and AD Connector Server is also configured. I have created IT Resource and Application Instance. I am trying to run AD Group Lookup Recon schedule task but I am getting following error: Exception Message org.identityconnectors.framework.common.exceptions.ConnectorException: java.net.SocketTimeoutException: connect timed out
Any hints/thoughts about this?
Cheers,
Rohith
Hi Atul,
There is a issue while accessing the policy configuration tab in OAM admin console 11gr2
Error: the policy store is not available.please see the log files.
I believe this was because of the below.
When I was creating domain for OAM using common/bin/config.sh “create domain” screen and in selecting the product’s checkboxes… I noticed on this one install that “Oracle Access Manager with Database Policy Store” was not in the list of products.
How to resolve this issue in 11gR2.
Reply@ Swathi,
Did you run configureSecurityStore.py and was that successful ?
Check where is policy store pointing to (You can do this via EM), this should be pointing to database under OPSS schema .
Reply@ Swathi,
Policy store I mentioned above (CSF and application roles) is diifferent from OAM policy store. You mentioned that “Oracle Access Manager with Database Policy Store” was in domain template …
This could be your issue – Did your IAM 11gR2 installation complete successfully ? What all options were available during domain template ?
ReplyHi Atul,
I have installed OAM 11gR2 only OAM (no OIM, no SOA) successfully and was able to login to oamconsole. But when i click on policy configuration tab I am getting errors like “the policy store is not available.please see the log files”.
I did not run configureSecurityStore.py as I thought it is only for OIM. Do I still need to run this even just for OAM?
As I am receiving policy store errors, thought of reinstalling it again. While reinstalling, I installed RCU for OAM, OAM, webtier. And at the time of domain creation, I found that I am not getting “Oracle Access Manager with Database Policy Store” option to check. I think this is why in my first installtion, i received policy store related errors.
I sent an email to you with the jpg files showing the options that I am getting while creating a domain for this oam.
Again, thanks for your help.
ReplyHi Atul,
While running configureSecurityStore.py by following
Scenario 1: Oracle Identity Manager, Oracle Access Manager in the same WebLogic Administration Domain Sharing the same Database Security Store
I am getting follwing error eventhough the password is correct.
/oracle_common/common/bin/wlst.sh /common/tools/configureSecurityStore.py -d /user_projects/domains/iamtest_dom -c IAM -m create
Info: Data source is: opss-DBDS
Please input data source password:
Pa$$w0rd
Info: DB JDBC driver: oracle.jdbc.OracleDriver
Info: DB JDBC URL: jdbc:oracle:thin:@rac1-vip.XXXXXX:1521/testdb.XXXXXXX
INFO: Found persistence provider “org.eclipse.persistence.jpa.PersistenceProvider”. OpenJPA will not be used.
INFO: Found persistence provider “org.eclipse.persistence.jpa.PersistenceProvider”. OpenJPA will not be used.
[EL Severe]: 2012-09-16 09:28:41.915–ServerSession(475351693)–Exception [EclipseLink-4002] (Eclipse Persistence Services – 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied
my domain creation was successful with the all the schemas and passwords
regards jdev
Hi atul,
please remove my previous post. will post updated question…
hi athul,
please remove my previous post….will update the question with new logs…
hi atul,
i fixed the issue the problem was with the special characters in the password….please remove my post…..
Hi Atul,
Please ignore my post. I found the issue and fixed it.
Thanks,
swathi
@ Swathi,
Good to hear that, what you did to fix your issue ?
Had anyone used iam 11.1.2 with EBS 12.1.3? Is it certified? All metalink note on EBS 12.1.3 and SSO integration still talk about 11.1.1.5 or 11.1.1.6.
Reply@ user6066,
No EBS 12.1.3 is not yet certified with OAM 11gR2. as soon as this certification comes we will upgrade our eBook http://onlineappsdba.com/index.php/book/
Hi,
I am new to Identity Management products. I just started implementing Oracle Identity and Access Management 11g (11.1.2.0.0) for testing.
I downloaded the following S/W & the documentation bundles from Oracle:
1. Oracle WebLogic Server 11gR1 (10.3.6) Generic and Coherence
2. Oracle SOA Suite 11g Patch Set 5 (11.1.1.6.0)
3. Oracle Identity and Access Management 11g (11.1.2.0.0)
4. Oracle Fusion Middleware Repository Creation Utility 11g (11.1.2.0.0) for Microsoft Windows
5. Oracle Enterprise Single Sign On 11.1.2.0.0
6. Oracle Access Manager WebGates 11.1.2.0.0
7. Oracle Unified Directory 11g (11.1.2.0.0)
8. Oracle Identity Management 11g Patch Set 5 (11.1.1.6.0) for Microsoft Windows x86 (64-bit)
Docs:
1. Oracle Fusion Middleware Documentation Library 11g Release 1 (11.1.1.6.0)
2. Oracle Fusion Middleware Identity Management Documentation Library 11g Release 2 (11.1.2.0.0)
After reviewing the installation guide for IAM 11g R2 and your article, I followed the steps from 1 to 10 (except 7, I do not have support contract with Oracle).
Now I am trying to configure Identity Navigator and realized that I need to configure identity store using : Oracle Internet Directory or OracleVirtual Directory. As I see OID or OVD are not part of Oracle IAM 11gR2, but they are part of : Oracle Identity Management 11g Patch Set 5 (11.1.1.6.0).
Can I now use (After installing R2): Oracle Identity Management 11g Patch Set 5 (11.1.1.6.0) to Install OID/OVD in the same setup? If not what are the other options I have?
I just created one Admin Server & see most of the servers are not running.
From Admin Console:
Servers (Filtered – More Columns Exist)
Showing 1 to 6 of 6 PreviousNext
Name Sorted Ascending Cluster Machine State Health Listen Port
AdminServer(admin) RUNNING OK 7001
oaam_server_server1 SHUTDOWN 14300
oam_server1 SHUTDOWN 14100
oim_server1 SHUTDOWN 14000
opam_server1 SHUTDOWN 18101
soa_server1 LocalMachine SHUTDOWN 8001
Do I need to create a Member server for these servers to run?
I know some questions may be basic ones, I am trying to read as much as possible to understand but with too many new products :-(, I felt it is better to ask for some help.
Thanks in Advance.
Suneel
ReplyHi Athul,
I deployed oim 11g r2 successfully and its working fine….my goal is to extend the domain with oam but not going to integrate with oim.So for that i did following..
Extend the oim domain with oam..
Removed IAMSuite agendt from myrelm…
After that oim login is not working….
Please let me know following…
The procedure which i followed is right or wrong and how can i achieve my goal…
Regards,
jdev
@ jdev,
When you say OIM is not working , what is not working ?
Is this that you can’t login ?
How are you loggin in to OIM (via OHS or direct on OIM weblogic port) ?
What authentication providers do you have in weblogic and in what order and what is JAAS flag ?
and
ReplyHi Athul,
yes i cant login
I observed the following things….
If we extend oim domain with oam,then OIMAuthenticationProvider (authenticating against oimdb) will be removed and IAMSuiteAgent will be added the myrealm provider list…
any comments..
jdev
Hi Atul
i have integrated OIM11gR2 with OAM 11gR2,every thing working fine when i perform selfregistration in OIM it is throwing following error in OIM server logs,when i track the request ID it shows the request creation failled.
javax.naming.directory.InvalidAttributeIdentifierException: [LDAP: error code 1 – Attribute orclaccountlocked is not supported in schema.]; remaining name ‘cnTNEWUSER01,cn=Reserve,cn=oracleAccounts,dc=uatoid,dc=nbty,dc=global’
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3136
Regards
Anand
@ Anand,
Issue is with either
a) Your OIM – OAM integartion
or
b) You are using OID hostname in LDAP resource (hostname should be blank so OVD can be used)
or
c) If you are using OVD then persmissions are not set correctly in OVD (ACLs)
Share which document you used to integrate OIM with OAM ?
Are you using OVD for OIM LDAP inetgration ?
Hi Atul,
i have a ldap sync with OID, i am not using OVD. i have followed the this http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oim.htm#CACJDIDD link for integration.integration is working fine when ever i perform self registration,i am getting following error
javax.naming.directory.InvalidAttributeIdentifierException: [LDAP: error code 1 – Attribute orclaccountlocked is not supported in schema.]; remaining name ‘cnTNEWUSER01,cn=Reserve,cn=oracleAccounts,dc=uatoid,dc=nbty,dc=global’
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3136
1. Do you see ob* related attributes in OID ?
2. Did you select LDAPSync with OIM during OIM configuration and if yes what user you used
http://docs.oracle.com/cd/E27559_01/install.1112/e27301/oim.htm#CDDDIAIC
Server User – enter the user name for Directory Server administrator.
For example: cn=oimAdminUser,cn=systemids,dc=mycompany,dc=com
3. When you access OIM IT resource , under that LDAP resource what are value used in LDAP resouse ?
Hostname should be blank so that libOVD can be used
ReplyHi Atul,
After OIM and OAM integration, new user is try to login into oimconsole using oamauthenticationpage, it is not asking reset password and challenge questions, How to get restet password and challenge questions after integration,is it possible?
ReplyHi Atul,
Wish you a very happy new year 2013! I had encountered a problem while setting up the IDM & IAM stack, hence seeking your help.
The versions I am using are IDM 11.1.1.6, IAM 11.1.2.0, SOA 11.1.1.6, Weblogic 10.3.6. The install part is completed successfully for all the components. I am trying to set up IAM and IDM components in the same weblogic domain, correct me if this is not supported (my assumption being that its supported.
As we know, that for IAM 11.1.2 we need to set up the Database Security Store before we start the weblogic servers here is the problem I am facing:. I cannot configure the IDM components before the database security store config because the IDM config wizard starts up the weblogic server in the process. What I dis was, create a weblogic domain, extend it then set up the Database Security Store
and then configure the IAM components (which goes fine), followed by IDM components config, the OIF configuration fails. If I try the sequence the other way round, IDM config -> DB Cred Store config, IAM config, it throws errors and Policy Manager is not accessible ( which is logical as the DB cred store config needs to go in before weblogic server starts). So this leaves me in a fix, please advise.
@ om,
Install IDM 11.1.1.6 and IAM (IDAM) 11.1.2 in different middleware home and under separate domain.
Regards
Atul Kumar
Thanks Atul for the reply. I had also thought of this option to set them up in two different domains which should work fine. The reason I was pursuing this option (to set up both in same weblogic domain) because I could not find any oracle documentation which was saying this as non supported and I had been successfully using IAM and IDM in the same weblogic domain on the earlier versions (till 11.1.1.6).
Reply@ OM,
Yes, I agree there is no note that says this is not supported. There are some changes in policyStore configuration (in 11gR2 it is mandatory to have DB as policy store) where as in 11gR1 policyStore could be XML, OID or DB .
My suggestion would be different DOMAIN_HOME and MW_HOME for 11gR1 and 11gR2 IDM
Reply[…] Manager (OPAM) is a new product introduced in Oracle Identity Management 11gR2 (More on IdM 11gR2 here, here, and here. For new features in IdM 11gR2 click here, here, and here ). OPAM server is part […]
Reply[…] Manager (OPAM) is a new product introduced in Oracle Identity Management 11gR2 (More on IdM 11gR2 here, here, and here. For new features in IdM 11gR2 click here, here, and here ). OPAM server is part […]
ReplyIntegration OIM 11G R2 with R12.1.3, and also i need to configure OIM, OVD setup. Please help us, which softwares to download it.
Reply@ Vinod,
You will need
1. IDM 11.1.1.6 (OID & OVD)
2. IDAM 11.1.2 (OIM) with SOA 11.1.1.6
3. OIM connector for EBS
Are you going to use OAM as well for SSO ?
ReplyHi Atul,
I need small help from you.
Before Integration Oracle E-Business Suite 12.1.3 with IAM 11gR2 and also need setup Single Sign-On with OID/OAM 11g?
Need to install WebLogic Server 10.3.6.
OVD Setup is required?
What are the pre-requisites software’s to download it.
—
Regards,
Vinod
Hi Atul,
I’m confusion with OAM 10g/11g.
Pre-requisites software’s to Install/Configure IAM 11gR2 integration Oracle E-Business Suite 12.1.3 & OAM 11g for SSO.
Using WebLogic Server 10.3.6. OVD Setup is required?
—
Regards,
Vinod
@ Vinod ,
What is your exact requirement for EBS integration with identity management ?
1. Is this just SSO ?
or also
2. Self Service Password Management including Forgot Password
and also
3. User provisioning & responsibility assignment via Identity management
Share your exact requirement and then I’ll share software required including any dependencies
ReplyHi Atul,
We are planning to implement SSO with Oracle EBS R12 (12.1.3).
We have to install & configure OID (11.1.1.6) with EBS R12.1.3 and also OAM 11g.
We are not sure what are the products to be installed?
Could you please help me how to complete these two steps (including what software & versions to be downloaded)?
Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR2 (11.1.2) using Oracle E-Business Suite AccessGate [ID 1484024.1]
• Oracle Access Manager 11.1.2
• Oracle E-Business Suite Release 12.0.6, 12.1.1+
• Oracle Identity Management 11.1.1.5, 11.1.1.6
• Oracle Internet Directory 11.1.1.6
• Oracle WebLogic Server 10.3.5+
—
Regards,
Vinod
@ Vinod
This is what you need to do
1. Install OAM 11.1.2 in MW_HOME1
1.1 Install JDK 1.6.29+
1.2 Install WLS 10.3.6
1.3 Create OAM schema using RCU 11.1.2
1.4 Install IDAM 11.1.2
1.5 Create Weblogic Domain and select components as OAM and EM
1.6 Configure security store for OAM Domain in database
2. Install OID 11.1.1.6 in MW_HOME2
1.1 Install JDK 1.6.24+
1.2 Install WLS 10.3.6
1.3 Create OID schema using RCU 11.1.1.6
1.4 Install IDM 11.1.1.6
1.5 Configure OID and DIP/ODSM
3. Install OHS 11.1.1.6
4. Install WebGate 10g or 11gR1 or 11gR2
5. Integrate EBS with OID
6. Configure EBS with OAM for SSO using AccessGate
ReplyHi Atul,
For downloading all software from
https://edelivery.oracle.com
Oracle Fusion Middleware 11g Media Pack for Linux x86-64 – version 11.1.1.6.0.
Oracle Fusion Middleware Identity Management 11g R2 Media Pack – version 11.1.2.0.0.
—
Thanks,
Vinod
@Vinod,
Was that a question ?
For quick reply, phrase question clearly.
ReplyAtul,
I have some confusion around responsibilities.
1) Are EBS responsibilities synced from EBS to OIM or OAM in order to assign properly?
2) Are EBS responsibilities managed in EBS once integrated or in OIM or OAM? For example, I want to create AP XXX, with varying menus functions. Where?
3) How are the responsibilities setup in EBS pulled to either OIM or OAM?
Thanks.
ReplyHi Atul,
I am currently working a Identity and Access Management deployment in order to test an implementation of Identity federation (OIF) using SAML 2.0 Attribute base mapping. So far I’ve got 2 domains, first one OAM 11.1.2 acting as a federated SP and OIM 11.1.1.6 acting as a federated IdP. I believe I have all the component up and running in place, although still have some config to complete:
OAM 11.1.2 domain
1.1 Install JDK 1.6.29+
1.2 Install WLS 10.3.6
1.3 Create OAM schema using RCU 11.1.2
1.4 Install IDAM 11.1.2
1.5 Create Weblogic Domain and select components as OAM, OIF as SP and EM
1.6 Configure security store for OAM Domain in database
1.7 Register WebGate 10g with OAM
1.7 Install WebGate: • 64-bit Webgate: Oracle_Access_Manager10_1_4_3_0_Win64_ISAPI_Webgate.exe on IIS Server for protecting hosted document.
OIM domain…
1.1 Install JDK 1.6.24+
1.2 Install WLS 10.3.6
1.3 Create OID schema using RCU 11.1.1.6
1.4 Install IDM 11.1.1.6
1.5 Configure OID and OVD
3. Install OHS 11.1.1.6
Here’s my question:
There is some documentation talking about 11G Webgate for OAM 11.1.2, but I could’nt find anything on OTN download site for IIS server.
Is there any benefit of using 11G webgate vs 10G and does it exist for IIS server or 11G webgate is strickly for OHS/WebLogic server.
@blanchem,
11g Webgate is avaialble for OHS only , for all other web servers (including IIS) there is only 10g WebGate.
Only difference between 10g and 11g webgate is that “Deny on not protected” is configurable in 10g webgate where as in 11g webgate only option is “Deny on not protected”
In 11gR2 webgate , you can also configure webgate as credential collection (new seacurity feature introduced in 11gR2 webgate)
ReplyHi Atul,
I have installed OAM 11gr2 product only on two nodes in cluster environment. I am able to open the oamconsole using the admin server port on the node 1. I am little confused now how we can access the oam console from node 2 when node 1 is down? Because the admin server is running only on node 1 (ofcourse oam managed server also on it) and node2 has only the managed oam server.
Reply@ Kiron,
OAM Admin Console is singleton service that means it can only run in Active-Passive mode. This application is used only by Administrators for configuration and if node1 goes down then you can migrate Admin Server to node2 and start OAMconsole.
Looking for past experience for migration Oracle Access Manager 11g Release 1 to Oracle Access Management Access Manager (Access Manager) 11g Release 2 (11.1.2).
I am following 16 step upgrade flow. 11GR2 requires new schema’s and export/import of data.
http://docs.oracle.com/cd/E27559_01/doc.1112/e28183/oam_up.htm#BABFJDGF
Our baseline is OAM 11.1.1.5.0 BP03 on Linux.
Upgrade is completed but data is not shown in oamconsole. Documentation states that The Administration server start-up takes approximately 30 minutes due to policy migration but for me it is coming up in 3-4 minutes
Here is output of of exportAccessData. It generates PS1 policy files. Import has no errors. I
wls:/offline> exportAccessData(“/u01/soft/OAM11G.R2.Upgrade/config/upgrade.properties”)
LOGGER intialised java.util.logging.Logger@1e211757
Mar 14, 2013 10:21:32 AM oracle.security.access.upgrade.WLSTExecutor executeCommand
INFO: EXPORT_DATA_COMMAND
Mar 14, 2013 10:21:32 AM oracle.security.access.upgrade.util.WLSTExportDataUtil executeCommand
INFO: OAAM PRODUCT
Mar 14, 2013 10:21:32 AM oracle.security.access.upgrade.util.WLSTExportDataUtil executeCommand
INFO: OAM PRODUCT
Mar 14, 2013 10:21:32 AM oracle.security.access.upgrade.util.WLSTExportDataUtil executeCommand
INFO: oamPlugin.getName() = oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory
Mar 14, 2013 10:21:32 AM oracle.security.am.upgrade.plugin.util.UpgradeUtil exportConfiguration
INFO: Copying configuration file….
oracle.security.am.upgrade.plugin.upgradehelper.OAMVersionSpecificClassLoader@1e1f4781
[EL Info]: 2013-03-14 10:21:34.51–ServerSession(517763463)–EclipseLink, version: Eclipse Persistence Services – 1.1.0.r3634
[EL Info]: 2013-03-14 10:21:36.974–ServerSession(517763463)–file:/u01/app/oracle/product/iam/fmw/Oracle_IAM/oam/server/lib/upgrade/ps1-policy/oes-d8/jps-internal.jar-JpsDBDataManager login successful
Mar 14, 2013 10:21:40 AM com.tangosol.coherence.component.util.logOutput.Jdk log
INFO: 2013-03-14 10:21:40.456/17.045 Oracle Coherence 3.5.3/465p2 (thread=Main Thread, member=n/a): Loaded operational configuration from resource “jar:file:/u01/app/oracle/product/iam/fmw/Oracle_IAM/oam/server/lib/upgrade/ps1-policy/coherence.jar!/tangosol-coherence.xml”
Mar 14, 2013 10:21:40 AM com.tangosol.coherence.component.util.logOutput.Jdk log
INFO: 2013-03-14 10:21:40.466/17.055 Oracle Coherence 3.5.3/465p2 (thread=Main Thread, member=n/a): Loaded operational overrides from resource “jar:file:/u01/app/oracle/product/iam/fmw/Oracle_IAM/oam/server/lib/upgrade/ps1-policy/coherence.jar!/tangosol-coherence-override-dev.xml”
Mar 14, 2013 10:21:40 AM com.tangosol.coherence.component.util.logOutput.Jdk log
INFO: 2013-03-14 10:21:40.468/17.057 Oracle Coherence 3.5.3/465p2 (thread=Main Thread, member=n/a): Loaded operational overrides from resource “jar:file:/u01/app/oracle/product/iam/fmw/Oracle_IAM/oam/server/lib/upgrade/ps1-policy/mapstore-coherence.jar!/tangosol-coherence-override.xml”
Mar 14, 2013 10:21:40 AM com.tangosol.coherence.component.util.logOutput.Jdk log
INFO: 2013-03-14 10:21:40.620/17.209 Oracle Coherence GE 3.5.3/465p2 (thread=Main Thread, member=n/a): Loaded cache configuration from “jar:file:/u01/app/oracle/product/iam/fmw/Oracle_IAM/oam/server/lib/upgrade/ps1-policy/mapstore-coherence.jar!/oam-cache-config.xml”
Mar 14, 2013 10:21:41 AM com.tangosol.coherence.component.util.logOutput.Jdk log
WARNING: 2013-03-14 10:21:41.085/17.674 Oracle Coherence GE 3.5.3/465p2 (thread=Main Thread, member=n/a): UnicastUdpSocket failed to set receive buffer size to 1428 packets (2096304 bytes); actual size is 89 packets (131071 bytes). Consult your OS documentation regarding increasing the maximum socket buffer size. Proceeding with the actual value may cause sub-optimal performance.
Mar 14, 2013 10:21:44 AM com.tangosol.coherence.component.util.logOutput.Jdk log
INFO: 2013-03-14 10:21:44.497/21.086 Oracle Coherence GE 3.5.3/465p2 (thread=Cluster, member=n/a): Created a new cluster “OAM” with Member(Id=1, Timestamp=2013-03-14 10:21:41.1, Address=172.16.10.171:9095, MachineId=46763, Location=site:bias.com,machine:iadoel03,process:1212, Edition=Grid Edition, Mode=Development, CpuCount=2, SocketCount=1) UID=0xAC100AAB0000013D69471D6CB6AB2387
Mar 14, 2013 10:21:45 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Diagnostic Engine with rate metrics enabled, has been initialized.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.diagnostic.impl.Config
INFO: Number of collectors registered: “2”.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:45 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:46 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:48 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:48 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:48 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:48 AM oracle.security.am.upgrade.plugin.policyextractor.OAMPolicyExtractor writeApplicationDomains
SEVERE: Resource : not found.
oracle.security.am.common.policy.admin.store.PolicyStoreException: Resource : not found.
at oracle.security.am.common.policy.admin.provider.oes.OESResourceStore.getResource(OESResourceStore.java:677)
at oracle.security.am.upgrade.plugin.policyextractor.OAMPolicyExtractor.writeApplicationDomains(Unknown Source)
at oracle.security.am.upgrade.plugin.policyextractor.OAMPolicyExtractor.extractOAMPolicies(Unknown Source)
at oracle.security.am.upgrade.plugin.policyextractor.OAMPolicyExtractor.extract(Unknown Source)
at oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory.exportData(Unknown Source)
at oracle.security.access.upgrade.util.WLSTExportDataUtil.executeCommand(WLSTExportDataUtil.java:68)
at oracle.security.access.upgrade.WLSTExecutor.executeCommand(WLSTExecutor.java:99)
at oracle.security.access.upgrade.WLSTExecutor.execute(WLSTExecutor.java:67)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.python.core.PyReflectedFunction.__call__(Unknown Source)
at org.python.core.PyReflectedFunction.__call__(Unknown Source)
at org.python.core.PyObject.__call__(Unknown Source)
at org.python.core.PyObject.invoke(Unknown Source)
at org.python.pycode._pyx49.exportAccessData$3(/u01/app/oracle/product/iam/fmw/Oracle_IAM/common/wlst/access_upgrade.py:32)
at org.python.pycode._pyx49.call_function(/u01/app/oracle/product/iam/fmw/Oracle_IAM/common/wlst/access_upgrade.py)
at org.python.core.PyTableCode.call(Unknown Source)
at org.python.core.PyTableCode.call(Unknown Source)
at org.python.core.PyFunction.__call__(Unknown Source)
at org.python.pycode._pyx62.f$0(:1)
at org.python.pycode._pyx62.call_function()
at org.python.core.PyTableCode.call(Unknown Source)
at org.python.core.PyCode.call(Unknown Source)
at org.python.core.Py.runCode(Unknown Source)
at org.python.core.Py.exec(Unknown Source)
at org.python.util.PythonInterpreter.exec(Unknown Source)
at org.python.util.InteractiveInterpreter.runcode(Unknown Source)
at org.python.util.InteractiveInterpreter.runsource(Unknown Source)
at org.python.util.InteractiveInterpreter.runsource(Unknown Source)
at weblogic.management.scripting.WLST.main(WLST.java:188)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.WLST.main(WLST.java:29)
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:50 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:51 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:52 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:52 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:52 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:53 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Mar 14, 2013 10:21:53 AM oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory exportData
INFO: Extraction Done!!
Mar 14, 2013 10:21:53 AM oracle.security.am.upgrade.plugin.util.UpgradeCommonUtil removeDirectory
INFO: Deletion of Directory: true path: /u01/soft/OAM11G.R2.Upgrade/config/temp.zip
Mar 14, 2013 10:21:53 AM oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory exportData
INFO: Export completed successfully!!
Thanks
Madan
Does anyone have a walkthrough they could share of a simple 2 node IAM enterprise install? All I see are single node standalone installs. Just looking for something to guide me through it once.
Thanks.
Reply@ Bryan,
Use same guideline for HA (Active-Active cluster) for 11gR1. Do you have Enterprise Deployment Guide for 11gr1 ?
Atul
ReplyI’m reading through the enterprise deployment guide. It looks as if there are two complete installs of IAM (including weblogic, soa, IAM and database).
I’ve got the installs down individually, but my question is how do they tie together to be HA? I think I’m missing something basic.
Maybe I’ve overlooking it in the doc?
ReplyNevermind, I found it.
http://docs.oracle.com/cd/E14571_01/core.1111/e10106/imha.htm#CDEFECJF
Reply@ Bryan
Yes you install twice (on each IAM node) but when it comes to creating domain then you define cluster .
Follow http://docs.oracle.com/cd/E14571_01/core.1111/e12035/create_domain_im.htm#CFHIBIEG and also link you shared above
Reply@ Bryan,
For Database HA use RAC so you will have have two or more database instances for a database .
This is all in the document that I shared .
Reply[…] Identity Management Suite. For High Level installation Steps of Identity Management 11gR2 click here For Oracle Identity Management 11gR2 documentation click here and for software […]
ReplyHI,
I am receiving error ” “. while oam server is starting.
I have checked data source is running.
I have also verified in EM that store type is Oracle database and its pointing to jdbc/OPSSDBDS
any thought on this error ?
It was working before but now i was doing some integration (oam-oim-ovd) stuff and thought of creating identity store in OAM but when i tried to login got above error.
Help Appreciated.
ReplyI have also checked
./wlst.sh /home/oracle/middlewareR2/iam/common/tools/configureSecurityStore.py -d /home/oracle/middlewareR2/user_projects/domains/base_domain/ -m validate
Info: Data source is: opss-DBDS
Info: Diagnostics data was saved to the credential store.
Info: Validate operation has completed successfully.
I am receiving error
Scanning of system policy failed. Reason oracle.security.jps.service.policystore.PolicyStoreException: JPS-10702: The datasource jdbc/OPSSDBDS is not found..
Reply@ IgnitedMind ,
Check OPSSDBDS is available in WebLogic Console as data source under Services and there are no errors in WebLogic server log files.
Check status of this data source OPSSDBDS from WebLogic console
ReplyHi Atual,
data source OPSSDBDS from WebLogic console
is in running state. hence its working fine and i have target as Admin Server,oim,oam,soa server.
there are no error in weblogic server as well. 🙁
ReplyHi Atul,
I am trying to install OAM 11gr2. So I ran RCU(V37476). Then I installed weblogic 10.3.6 and ran the install for OAM(v37472). Then I came back and did config wizard for Weblogic and while test JDBC schema, I get test failed for OAM infrastructure. I get a message saying, A connection was established but no rows returned for that. I did get test successful for OPSS. Please let me know what I can do.
Thanks,
Neha
@Anand:
Can you please elaborate how did you resolved the issue
[LDAP: error code 1 – Attribute orclaccountlocked is not supported in schema.]; remaining name
Thanks
Rohit
@ Rohit, This error means not all the intergation steps are configured for OIM/OAM/OID integration. If you think you have performed all the steps and still hitting this issue then share which document you are following.
Reply@Atul:
Thanks for the Quick response, i’m following the following Guide
http://docs.oracle.com/cd/E15586_01/fusionapps.1111/e21032/toc.htm
However we do have a OHS and Clustering, but dont think that should affect the setup between OIM/OAM/OID
per my knowledge i have performed all the steps i have rechecked them and they are all fine.
Reply@ Atul:
THis is the only part i have not done “11.6.2 Configuring Oracle Access Manager by Using the IDM Automation Tool”
becuase i’m not using OHS, however i have configured a OID IDstore from the oamconsole and have set it as System store, i’m able to successfully login to OAM using the orcladmin
incase the 11.6.2 configuration is mandatory for the user creation in OID from OIM as Ldapsync option please do let me know what values shud i be providing in the fields which refer to OHS. Also after running the Ldap User and Group Full reconcilation job i have all the OID users in OIM
Thanks
Rohit
Hi Atul,
I am starting up with OIM 11g R2 on Linux for the first time, could you help me with a brief notes of Installation and Configuration, including the Linux commands for a Root user ?
Pls send to my email address “gvrpkumar@gmail.com”
Many Thanks in advance.
Best Regards,
Phanindra.
@ Phanindra,
You can’t install OIM using root, you must use non root account.
After installation and configuration (as mentioned in above post),
1. Start Admin Server ($DOMAIN_HOME/bin/startWebLogic.sh)
2. Start Node Manager $WL_HOME/server/bin/startNodeManager.sh
3. Start OIM & SOA server from WebLogic Admin Console http://host:adminPort/console (where default value of adminPort is 7001)
Hi Atul,
Thanks for the reply.
I am planning to install using the RHEL – GUI.
have the below 2 questions.
1. Does the OIM setup requires a Webserver to be setup ? If yes where it needs to be hosted ? (i.on a new server or ii on the OIM server itself)?
2. How does the password flow back happens from AD to OIM & ERP (Autherative system) ? and how the event of conflict would be handled, in case of any attribute changes at the AD level ?
Reply@ Phanindra
1. Does the OIM setup requires a Webserver to be setup ? If yes where it needs to be hosted ? (i.on a new server or ii on the OIM server itself)?
AK: No, Web Server is not required just for OIM but if you want to do SSO (Single Sign-On) server with OIM then Web Server is required. You can deploy web server on any server including OIM server but in production it is recommended to install web server on different machine in DMZ (for security reasons)
2. How does the password flow back happens from AD to OIM & ERP (Autherative system) ? and how the event of conflict would be handled, in case of any attribute changes at the AD level ?
AK: Password change from OIM to AD happens using kernel event in OIM and from AD to OIM it happens via Password Sync connector.
ReplyAtul,
Please send me the compatible version matrix of OIM components needs to be downloaded, for OIM 11g R2 on Linux 64, and the links, i could not see all these below on the URL below.
https://edelivery.oracle.com/EPD/Download/get_form
Java / jrockit
RCU
Weblogic
SOA
OIM
OAM
Thanks,
Best Regards,
Phanindra
@ Phanindra,
For compatible & certified version of software for OIM 11gR2 check https://www.google.co.uk/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&ved=0CDwQFjAC&url=http%3A%2F%2Fwww.oracle.com%2Ftechnetwork%2Fdeveloper-tools%2Fforms%2Foracle-forms-11gr2certmatrix-519680.xls&ei=chfxUZvtCOuT0QXV_IHgAg&usg=AFQjCNEmeYoxiymtOaEexMYB9LkpnFVxIg&bvm=bv.49784469,d.d2k
Java / jrockit – 1.6.28 or higher
RCU – 11gR2 (same version as OIM)
Weblogic – 10.3.5 or 10.3.6
SOA – 11.1.1.7
OIM – 11gR2
OAM – 11gR2
Hi Atul,
One more question, could you also send a some information on the data flow happens betwen EBS (Autherative system) to OIM and from OIM to AD, including the auto privisioning.
i.e if a user has been created in EBS, how it flow to AD, and how the automatic user provisioning would happen at AD.
And could we apply any Flag at OIM level to do a Selective user provisioning ? if yes, please also let me know that procedure.
Many Thanks,
Phanindra.
Hi Atul,
A basic feature seems to be missing. I need to confirm if its the case with everyone.
A certification approver has to be assigned Certification administrator role to allow them to take any action on the certs. The issue here is the approver can view other certs and also perform any actions on them. This is an issue. Can you confirm if you have the same behavior. I had upgraded from OIM11gr2 BP06 to PS1.
ReplyHi,
I ran /oracle_common/common/bin/wlst.sh /common/tools/configureSecurityStore.py -d -c IAM -p -m create
script in windows.
I got the error failed to initialize security store in command prompt.
@ rojalin_sahoo
Did you start command prompt in admin mode ?
Profile full patch of configureSecurityStore.py & wlst.sh as path you mentioned above doesn’t look right .
ReplyTeam,
Trying to install OIM on linux via virtual box. I have done the all the necessary setup however while trying to start weblogic server. Encountered the following error
Info: Data source is: opss-DBDS
WLS ManagedService is not up running. Fall back to use system properties for configuration.
Error: Diagnostics data was not saved to the credential store.
Error: Validate operation has failed.
Need to do the security configuration first!
understood that i have to create and validate the security store.However, while trying to create the security store i got the following error even though the password mentioned is right.
MW_Home/oracle_common/common/bin/wlst.sh MW_Home/common/tools/configureSecurityStore.py -d MW_HOme/user_projects/domains/OIM_Test -c IAM -m create
Info: Data source is: opss-DBDS
Please input data source password:
Info: DB JDBC driver: oracle.jdbc.OracleDriver
Info: DB JDBC URL: jdbc:oracle:thin:@rac1-vip.XXXXXX:1521/testdb.XXXXXXX
INFO: Found persistence provider “org.eclipse.persistence.jpa.PersistenceProvider”. OpenJPA will not be used.
INFO: Found persistence provider “org.eclipse.persistence.jpa.PersistenceProvider”. OpenJPA will not be used.
[EL Severe]: 2012-09-16 09:28:41.915–ServerSession(475351693)–Exception [EclipseLink-4002] (Eclipse Persistence Services – 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied
Regards,
Sadiq
@ Sadiq,
Error “Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied” means password is not correct for OPSS
configureSecurityStore.py -d MW_HOme/user_projects/domains/OIM_Test -c IAM -m create , did you not provide password with option -p More at http://docs.oracle.com/cd/E27559_01/install.1112/e27301/install.htm#CIHEDAJE
ReplyHi Atul,
I did provide the password with -p kindly find the syntax below. Former post was a copy, paste error.
Correct Syntax Used:
MW_Home/oracle_common/common/bin/wlst.sh MW_Home/common/tools/configureSecurityStore.py -d MW_HOme/user_projects/domains/OIM_Test -c IAM -p password1 -m create
Is there anyways to retrieve the old password or change opss password.
Regards,
Sadiq
@ Sadiq,
You can chnage password of XXX_OPSS from DB SQL> alter user XXX_OPSS identified by ;
You must also change any passwords in JDBC (in weblogic console) related to OPSS
ReplyThanks atul will try it out tonight and update the results.
Regards,
Sadiq
Hi Atul,
I was able to go beyond this error by resetting the password. However ran into a new one when configuring the security store.
Caused by: java.sql.SQLIntegrityConstraintViolationException:ORA-00001: unique constraint (DEV1_OPSS.IDX_JPS_RDN_PDN) violated
Followed metalink document 1547423.1 and did the following steps as suggested
Reinstall OAM as
1. Delete the Schemas using RCU.
2. Recreate the OAM schemas.
3. Reinstall the WLS and OAM software.
4. Run config.sh to create a new domain.
5. Run setDomainEnv.sh from user_projects/domains//bin
6. Run the configureSecurityStore.py from same window.
Still No go. Seems i have ran into a bug.16690836 with no solution or patches.
I am trying to install OIM on linux via virtual box. Any thoughts or work arounds????
Regards,
Sadiq
@ Sadiq,
This error means
1. You are not using same version of RCU as for IAM middleware
or
2. There are imcompatible software in MW_HOME (like IAM 11gR1 and R2 both in same middleware home)
Yup, Realized that. thanks atul. Downloading 11gr2 now.
Will keep posted.
Thanks once again.
Regards,
Sadiq
Hi Atul,
While installing OIM 11g R2 (infact while running config utility) getting below error : INST-6193: The attribute JpsContextName in MBean com.oracle.sdp.messaging:Location=soa_server1,name=ServerConfig
Have you by any chance had this issue? Appreciate if you can guide on resolving this…
Reply@ OIMBP< Never, ensure that you have followed all the steps carefully . If this is still an issue then share which documentation you are following to install and configure OIM
ReplyWe are trying to create attestation process in OIM 11gr2. the requirement is to run attestation on roles (to check who all are member of that particular role). Actually there are roles associated with each users which have to be reconciled from DB.(there are two tables in DB one with user detail and other child table contains role associated with each user). requirement is get get attestation reports based on roles.
ReplyHi Experts,
I am trying to insatall OIM11Gr2 on my Windows 7 32 bit laptop( 4GB RAM).
I am able to install DB.However, I am trying to execute RCU and it gives me with the error:
This version \rcu_home\jdk\jre\bin\javaw.exe is not compatible with the version of Windows you are running.
I have confirmed JDK version is 1.7_55.
Can you please advice if OIM11gr2 can be installed only on Windows 64 bit and Not 32 bit?
thanks
sundas7
Hello,
I am new to this , just finished the installation and configuration of Oracle Identity & Access Management (IDAM) 11gR2 , but when i am trying to access oam console using the below url it is showing page not found , but i can access oim admin and self service console, also can use opam console also .But only oam console page is not coming , can someone please help me .
http://sw007037:14100/oamconsle
ReplyHI All,
I am facing issue on upgrading OAM and OAAM domain to PS2.When I am able to install the binaries but after running the ./psa to upgrade the schema only OAM is getting upgraded but OAAM it is throwing below error .Please help
[ERROR] [upgrade.OAAM.OAAM1]OAAM_INCOMPATABLE_REPOSITORY
Thanks
Amar
Hi Atul,
I regularly Follow your posts, I was Integrating Oracle Access Manager with Oracle E-business Suite for this I have Installed Oracle Access Manager+ Oracle Internet Directory When After Testing the Webgate Registration when I am Accessing the OAMConsole Page it is giving me below,
“the policy store is not available please check log file”
Please provide me a helpful guideline.
Regards,
Anil
I want to upgrade weblogic 10.3.4 to 10.3.6 version, SOA 11.1.1.4 to 11.1.1.7,AIA 11.1.1.4 to 11.1.1.7 version,please tell me how to do these upgradation.
ReplyI followed all the steps listed above but at 11. Configure OIM I am getting an error:
Error
Exception occured while encrypting the configuration and database
If I open the log file contains the following exception:
[2014-12-13T15:21:47.776+02:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000Kd3ngm55EgWVLyyGOA1KZ3lJ000003,0] [[
[OIM_CONFIG] Database Encrytion failed.
]]
[2014-12-13T15:21:47.776+02:00] [as] [ERROR] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000Kd3ngm55EgWVLyyGOA1KZ3lJ000003,0] Exception[[
java.lang.Exception: Exception occured while encrypting the configuration and database
at oracle.as.install.oim.config.util.EncryptConfigurationAndDB.encryptConfigurationAndDatbase(EncryptConfigurationAndDB.java:240)
Hi guys,
I’ve successfully installed OAM 11gR2. I can startup Admin Svr for Weblogic without issue and able to access /oamconsole. However, on starting up ManagedOAMServer the /oamconsole goes into Error 404 Page not found. What am I missing here ?
Pls advise. Thanks a lot.
Regards,
Dave
@Dave,
When you start MAnaged Server , oamconsole login page is redirected to OAM login page . Can you check if there is any error in OAM managed server log file.
Hi Dave,
Login to Weblogic console and check the oam application status. If its in failed state try activating the application and tail the logs for the Error .
Thanks
Amar
Good Morning M. Kamar,
I’m installing IDAM. I installed the database 11gR2, the schemas using RCU, the weblogic server 10.3.6, the soa suite and OIM suite. I created a domain for IDAM (and SOA included) but when I start the server, the script startweblogic.cmd exit after a few seconds. Would you know what is the problem please?Thank you in advance