OAM Integration

Similar Messages

• OIM-OAM integration and LDAP Sync

  Hello All, I have deployed OIM 11g R2 and OAM/OVD 11.1.1.5. Now I need to enable LDAP sync for OIM-OAM integration and I'm not allowed to extend Oracle schema in AD. So I decided to use OUD for FMW schema and I have completed all those steps and OUD is up and running. Since my enterprise directory is AD and OUD is my FMW directory, I need to think of a split profile setting in OVD. I'm following this link http://fusionapplications-ateam.blogspot.com/2012/04/split-profiles-with-ad-and-oid-for.html for this deployment. I have OVD adapters configured for AD, OUD, Join view and changelog. The link does not clearly explain the steps in OIM for LDAP Sync.
  When I configure LDAP Sync in OIM, should I point the sync to the OUD users container?
  When and how this cn=shadowentries container will be used? I understand that the password (obattributes) are used for password management by OAM, but wondering where will that get stored in OUD?
  Please let me know your thoughts.
  Thanks.

  Hi,
  when I use url:
  http://idm1:14000/admin/faces/pages/Admin.jspx
  I get Access Manager login page, I can click links: register new user, reset password and I get correct OIM pages. But when I type xelsysadm and password I get error on the next page:
  Error 401--Unauthorized
  From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
  10.4.2 401 Unauthorized
  I can't logon to EM, OAMconsole, Weblogic etc. when the OAM is running. In OIM log I got errors from oam-agent: "User is not authorized to access resource, MinorCode: DENY, MajorCode: DENY".
  I have got user xelsysadm in OIM and in LDAP, when the OAM is not running I can login to OIM, create users in OIM (they appear in OID) etc. The user xelsysadm is added to group: OAMAdministrators. Also when I try to logon to OAM console (http://idm1:7001/oamconsole) using orcladmin name I get error: Access to administration console is restricted. But when I use weblogic username (the user is in OAMAdministrators group in OID) i can get OAMconsole.
  How can I change logon type in OIM?
  best
  mp
  Edited by: J23 on 2011-01-10 00:47

• OBIEE-OAM Integration

  Hi,
  Does anyone has details of OBIEE-OAM Integration? We are doing it & having some issues so wanted to get help on that.
  Thanks,
  Pournima

  Hello,
  Is your environment similar to this in http://obiee-bip.blogspot.com/2010/10/obiee-integration-with-oracle-access.html or something different like diid you have create groups in OAM .?
  Also assuming your repository groups and presentation catalog groups are already setup. In the different authorization init block you have created enable the ‘Required for Authentication’ check box.
  NOTE: According to Oracle Access Manager (OAM) and Oracle Business Intelligence (OBI) Integration [ID 1217103.1]
  Creation of group should be done by loging as Administrator user to rpd and webcat. This should be done on different machine that does not have OAM integration. With OAM integration only OAM user can log into presentation services and they don’t have Administrator user privileges.
  Hope this helps. Pls mark if it does.
  Thanks,
  SVS

• No site2pstoretoken from SSO partner error in EBS - OAM integration

  Hello ,
  We have implemented an SSO integration between EBS and OAM. The architecture simply consists of the following elemens.
  E-Business Suite 11i with SSO enabled.
  IIS Web Server
  Oracle Access Manager
  Oracle Internet Directory
  Orache Http Server
  User types the ebs login page, and is redirected to OAM, OAM pushes IIS to ask for login credentials (or gets this information from domain) , and then authenticates user from OID. Then redirects user to EBS.
  This should be the case, but after asking for login credentials, user sees "500 Internal Server" error. And the ssoServer logs the error "No site2pstoretoken from SSO partner" . And if user goes to address line and requests EBS's url again, it works fine and he is logged in the application. I believe there is a kind of redirection problem but I couldn't find out why.. Does anybody faced the similar problem ?
  Thank you
  Kind Regards, Ece

  Some problem with the integration and the restoring after that. Set up a new environment where this issue didn't occur.

• OIM-OAM integration error

  Have the following:
  OAM - 11.1.1.5
  OIM - 11.1.2
  Following this guide - http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oim.htm#CHDHGEHJ
  While running idmConfigTool.sh -configOIM script, I get the following errors:
  Mar 13, 2013 10:43:03 AM oracle.idm.automation.impl.oim.handlers.OIMIntegrationHandler performConfigOIMOperations
  WARNING: java.lang.UnsupportedOperationException: Could not find MBean operation "registerThirdPartyTAPPartner(java.lang.String, java.lang.String, java.lang.String, java.lang.String)" for MBean registered un
  der "com.oracle.oam:name=OamWLST,type=oam.wlst,Application=oam_admin,ApplicationVersion=11.1.1.3.0" and implemented by "class oracle.security.am.wlst.management.FoundationConfigMXBeanImpl"
  ~
  Has anyone seen this? Please let me know. I confirmed from support earlier that OAM 11.1.1.5 is supported for integration with OIM 11.1.2.
  Thanks.

  This is a bug. Patch 12733108 (OAM BP02) has to be applied. The script worked fine after the patch.
  Sunil.

• HP PPM - Oracle Access Manager (OAM) Integration

  Dear all,
  We are planning to integrate HP PPM with OAM for user authentication.
  Please let us know the possibility of having this integration to be performed.
  Thanks & Regards,
  Chandru

  We are also facing the same issue. Have you resolved that issue?
  Any help would be appreciated.
  Thanking You
  Kiran Thakkar

• CG-OAM integration for Sites Visitors

  Hi Gurus,
  I m doing the webcenter sites and community gadget integration to do comments on sites.
  we want user to get authenticated via OAM before submitting comments on pages.
  I know this integration for visitors is not supported.
  I am seeking guidance to do this customization .
  Please help.
  Thanks,
  ~Dev

  Hi David,
  Answers in-line
  1. Can it be done natively or would we have to run the Windows version of OAM?
  You can run all of the OAM Servers on *nix, and simply point to AD as an OAM data source on the machine:port that AD is running on. There is no need for the OAM components to be on Windows.
  2. If you must run OAM on Windows to use AD for authentication, Is there some way to setup the Windows version of OAM as sort of an interface for our main OAM server running on Red Hat Linux to do the AD Auth
  As above, this is not necessary.
  3. Can it be done using some sort of an interface such as Oracle Virtual Directory to interface with the LDAP interface to MS Active Directory?
  Yes, this is entirely possible. Even though it is not necessary in your situation, it often provides more flexibility to front-end the user store with OVD, for example when adding/renaming Windows domains, or specifying specific branches for users and so on.
  Regards,
  Colin

• OAM Integrating with peoplesoft

  how to link the users in OAM and peoplesoft if the userid are different in OID from people soft userid,
  can anyone tell me the solution.

  Unless you are familiar with PeopleSoft, I would think your client should guide you in this integration. PeopleSoft has various ways to communicate with the "outside" world and I can give you the link to the PeopleTools PeopleBooks (http://docs.oracle.com/cd/E17566_01/epm91pbr0/eng/psbooks/psft_homepage.htm) but I highly doubt that will help you when you don't have any experience with PeopleSoft.
  Easiest option with sending to an outside application and receiving results is, in my opinion, still a webservice. But then your client should do some work as well otherwise they will never be able to send anything at all. Direct link to documentation on PeopleTools 8.52 would be http://docs.oracle.com/cd/E41509_01/pt852pbh2/eng/psbooks/tibr/book.htm

• 11g R2 OES - OAM Integration Documentation Link

  Hi,
  Can some one post the link for OES and OAM 11g R2 integration Documentation?
  Thanks in Advance,
  Sandy.

  11gR1 was using OES already for its policies so in this regard, nothing much has changed for R2 with respect to how they integrate. However, there is a big difference in that in R1, OAM had an embedded OES based on OES10g wheras OAM in R2 is using OES11g. This means you get more control of OES via the apm and other interfaces.

• OAM Integrated Windows Authentication vs WNA

  Does any one know the difference between these two?

  OAM IWA is for Oracle Access Manager and WNA is for the legacy Oracle SSO product. It sounds like they accomplish the same thing, but they work very differently. IWA in OAM relies on the webgate and IIS web server to perform the IWA authentication. WNA requires significant configuration of OID as well as setup of an account in AD. There's a training tutorial for WNA available here:
  http://www.oracle.com/technology/products/oid/oidhtml/sec_idm_training/html_masters/a_port01.htm
  I've never used Oracle SSO and WNA, but personally, I think setting up IWA in OAM seems a lot easier and if web SSO with Windows based Web apps is what you are trying to accomplish, I would go the OAM IWA route.

• CoreID/OAM integration

  Does beehive web interface support CoreID/OAM for user authentication and for further authorization based on groups defined in CoreID?
  Edited by: user2224198 on Jan 5, 2011 7:47 AM

  Hi Richard,
  I'm trying to integrate OAM 10.1.4.3 with beehive version 2.0.1.4 using a webgate. Access to beehive application should re-direct to my OAM sso page.Your previous post has clearly shown me the direction of work.
  Oracle beehive pluggable framework authentication documentation url :
  http://www.oracle.com/technetwork/middleware/beehive/plugauth-096705.html#plug-in_webseal
  I have downloaded the SampleSsoIdentityPlugin provided in the above page information. I'm trying to modify the same plugin to suit my requirement. Please tell whether all the java libraries used for compiling the plugin would be present by default in Beehive or we need to load them.
  Regards
  Gangadhar
  Edited by: 834802 on Feb 17, 2011 2:02 AM
  Edited by: 834802 on Feb 17, 2011 2:07 AM

• OVD-OAM Integration

  Hi All,
  I configure OVD with Oracle and Sun One LDAP server and now i configure OAM with OVD for user repository, when configuring i am getting only LDAP users (ie sun ldap users) but not oracle , do i need to do anything else to see all the users present in oracle while configuring identity server.
  Regards,
  Poorna

  This is controlled completely within OVD and has nothing to do with OAM. OAM is simply a client of OVD and has no effect on the inner workings of OVD. If you want a post-search action in OVD, then build you plugin, and every time a search is executed on that adapter the plugin will be invoked. If this is a search that only OAM will be performing, then you can code your plugin to only act upon that search criteria and ignore all others.

• Cnfiguration of OAM integrating OID with new Object class

  Hi,
  OID/OAM are installed in our environment. We need to add additional attributes with inetorgperson class. We are currently creating new class inheriting inetorgperson class in that.
  Do we require Identity Server setup of OAM to re-run for OAM to identify this new class ?
  Thanks.

  Yes you would have to reconfigure to recognize new Objectclass in OAM

• Reset Password In Form Based Authentication "OIM - OAM Integration" SSO

  Hi All
  I want to give Password Reset Option in the Form Based Authentication page for OIM-OAM SSO Application, could you please help me in that??
  my SSO is working with OIM 9.1.0.2BP06 with OAM 10.1.4.2.0, and i have created Simple Form in html, for the Authnetication, Now i want Password Reset Button on Form, and will have to reset through LDAP
  TA

  Provide the OIM links for registration and forgot password.
  If your OAM has a user store(LDAP) where OIM is provisioning, your changes will be reflected in OAM
  Hope this helps,
  Sagar

• OAM Integration with WAS 6.1 -main" java.lang.NoClassDefFoundError

  I am running the registryTester after installing connector for WebSphere on WAS 6.1. The registry gets started and after providing the credentials, it gives the following error:
  Exception in thread "main" java.lang.NoClassDefFoundError: com.ibm.ws.bootstrap.
  RASWsLoggerFactory
  at java.lang.J9VMInternals.verifyImpl(Native Method)
  at java.lang.J9VMInternals.verify(J9VMInternals.java:59)
  at java.lang.J9VMInternals.initialize(J9VMInternals.java:120)
  at com.ibm.ws.security.core.ContextManagerFactory.<clinit>(ContextManage
  rFactory.java:36)
  at java.lang.J9VMInternals.initializeImpl(Native Method)
  at java.lang.J9VMInternals.initialize(J9VMInternals.java:177)
  at com.ibm.websphere.security.WSSecurityException.printStackTrace(WSSecu
  rityException.java:154)
  at com.oblix.registry.RegistryLogger.logException(RegistryLogger.java:21
  3)
  at com.oblix.tools.registryTester.main(registryTester.java:104)
  I notice that wssec.jar which is in the classpath for registryTester.bat is not present in %WAS_INSTALL_DIR%\lib\wssec.jar location. Is that the problem?
  Thanks!

  Seems to be a CLASSPATH problem. Try:
  java -cp  .  ExampleProgramIt should help. (Beware there are three arguments, the . is the second.)
  Maybe you have a classpath variable set where the path doesn't contain the working directory (the "."). You may then consider adding it to the end.
  Hope it helps
  Ivan