Oracle Access Manager, ADAM & Oracle ECM - UCM integration?

I`m currently investigating the potential of using Oracle Access Manager (OAM) as a tool that allows connections to multiple Active Directory(AD) or ADAM servers providing a single point to author and manage users with a good easy to use GUI.
The UCM will connect directly to OAM and authenticate users connecting from AD accounts..
At the moment we use Quest software to manage users, but the cost for setting up users is £15/user where as OAM is only £3. I believe..
Right the questions I have :)
1. Has any one set this type of environment up?
2. ls OAM stand alone or will I need additional software to set it up?
Reading the installation guide it says I need the following:
# Oracle Internet Directory 10g (10.1.4.0.1)
# Microsoft Active Directory
# Oracle Virtual Directory Server 10.1.4.0.1
# Oracle Virtual Directory Manager 10.1.4.0.1
# Oracle Virtual Directory Patch 10.1.4.0.1 (P5667977)
# Stand-alone Oracle HTTP Server 2.x (This needs to be preinstalled in your environment. You can download the OHS 2.x standalone from the Oracle SOA Suite 10g Companion (10.1.3.1.0) release from here.)
3. Can I use IIS instead of Oracle HTTP Server?
4. Can I install OAM on 1 server or do I need multiple servers, I`v been looking at the diagrams and reading through the guides I`m getting a little confused with Identity and Access server?

The OAM identity system (identity server and WebPass) sound like a good fit for what you want to do. One constraint is that if you want to create/manage users in different directory instances via a single OAM identity system installation, you would also need OVD.
And yes you definitely can have IIS host the WebPass - OHS, OID etc are not required.
-Vinod

Similar Messages

  • Difference: Oracle Access Manager and Oracle Access Management

    Dear,
    What is the difference between Oracle Access Manager and Oracle Access Management, both 11g
    thanks

    Oracle Access Manager is the foundation(main product), of the new Oracle Access Management platform. Access Manager provides the core functionality of Web Single Sign On(SSO), authentication, authorization, centralized policy administration and agent management, real-time session management and auditing. Built as a 100% Java solution, Access Manager is extremely scalable to handle Internet scale deployments and works with existing heterogeneous environments in the enterprise with agents certified on hundreds of web servers and application servers. Access Manager provides rich functionality, extreme scalability and high availability thereby increasing security, improving user experience and productivity and enhancing compliance while reducing total cost of ownership.
    Oracle Access management solution provides: Comprehensive Web Access Management, Web Single Sign-On, Identity Propagation, and Federation;Mobile and Social Sign-On;Real-time External Authorization;daptive Access and Fraud Detection
    So basically one is a product and the other one is an entire solution.
    I hope this helps,
    Thiago Leoncio.

  • Oracle Access Manager, ADAM & UCM integration? Help please..

    I`m currently investigating the potential of using Oracle Access Manager (OAM) as a tool that allows connections to multiple Active Directory(AD) or ADAM servers providing a single point to author and manage users with a good easy to use GUI.
    The UCM will connect directly to OAM and authenticate users connecting from AD accounts..
    At the moment we use Quest software to manage users, but the cost for setting up users is £15/user where as OAM is only £3. I believe..
    Right the questions I have :)
    1. Has any one set this type of environment up?
    2. ls OAM stand alone or will I need additional software to set it up?
    Reading the installation guide it says I need the following:
    # Oracle Internet Directory 10g (10.1.4.0.1)
    # Microsoft Active Directory
    # Oracle Virtual Directory Server 10.1.4.0.1
    # Oracle Virtual Directory Manager 10.1.4.0.1
    # Oracle Virtual Directory Patch 10.1.4.0.1 (P5667977)
    # Stand-alone Oracle HTTP Server 2.x (This needs to be preinstalled in your environment. You can download the OHS 2.x standalone from the Oracle SOA Suite 10g Companion (10.1.3.1.0) release from here.)
    3. Can I use IIS instead of Oracle HTTP Server?
    4. Can I install OAM on 1 server or do I need multiple servers, I`v been looking at the diagrams and reading through the guides I`m getting a little confused with Identity and Access server?

    Hi,
    Have you got information reg UCM & OAM integration?
    Could you please help me with the integration guide?
    Regards,
    Ashish

  • Oracle Access Manager - Sharepoint Portal Server 2007 integration

    Does anyone know a proper documentation link for OAM-Sharepoint portal integration. We have followed pretty much the same steps provided on OTN site. No luck, integration is not working.
    Our OAM is listening to OVD for the user data which at the backend is pointed to AD whereas sharepoint is listening to AD for authentication.
    we also tried custom http module to read the headervar and authorize the user (steps provided by asp .net - siteminder integration). It was authenticating the user, but some links were missing and when clicked on peoples and group link it says access denied for this user. Dunno where exactly we are doing wrong.
    Does OAM which is listening to OVD for user data supports OAM-Sharepoint integration?
    Any help on this would be much appreciated.
    Thanks!

    Since you are getting "Welcome unknown" then there's definitely something wrong with the configuration you have done for the integrated windows authentication and impersonation. It has nothing to do with the user store, OVD should work perfectly fine.
    If you are using 10g I suggest you
    1. check the event viewer to see if your impersonation is working correctly. you should see logins to the system by impersonation user as well as the user you are trying to login with. See http://download.oracle.com/docs/cd/E12530_01/oam.1014/e10356/shrpprtl.htm#CHDFGBFC
    2. check if you have given all the necessary permissions to the impersonation user. See http://download.oracle.com/docs/cd/E12530_01/oam.1014/e10356/shrpprtl.htm#CHDHGIJA
    3. Test the impersonation on some other site on IIS rather than Sharepoint
    Once your impersonation works you would have all the accesses which that user is entitled to in the Sharepoint.
    Hope this helps,
    Sagar

  • Issues integrating WebCenter with Oracle Access Manager

    Hi All,
    I am trying to integrate WebCenter 10.1.3.2 with Oracle Access Manager (CoreId). Followed the steps described in the Chapter 11 of the OC4J Security Guide.
    I was able to successfully authenticate WebCenter using IWA with Access Manager.
    Then I proceeded with the below steps:
    - Implemented ADF Security in the application. Created application roles and login page and worked fine on my local machine.
    - Provide the auth-method of "COREIDSSO" in orion-application.xml
    - Renamed the app-jazn-data.xml to give the OID groups
    - Mapped the OID groups to application roles in orion-application.xml
    - Used the jazn migration tool to populate the system-jazn-data.xml
    When trying to access the application, it looks like the ADF Context identifies that this is an authenticated user.
    ADFContext.getCurrent().getSecurityContext().isAuthenticated() retruns true
    ADFContext.getCurrent().getSecurityContext().isAuthorizationEnabled() returns true
    I get the below error message on the server console:
    [CoreIDLoginModule::getUserSessionFromCookie]: This user session for F3iwZhUGgjej9RSrMLSo0wjH5Ec6c2oeC0OBRH12y7%2FvfPVncz6dYoBoFD6q8DWAlMtzah%2FYV4T1t7jztVFYbxwfOyu0VOMXMEIosRrFicfJwoPRrM8MOkFsziQxpUqo98XrC9iBRHffdWSItNHZRZK4ZoCJMi6HZZ6noOc4Z%2BGJDGj3kWndYHTWjiG0cJhkSbL95wMmrXCDElzZHjPMdkuNQUHW1TfAJvgSlDeX6hhhIThlc%2BGmxMP3MQ%2FZoxUysbKieIJgDXo1%2FEMmLmTVjA%3D%3D is not valid or user is not logged in.
    I also tried using the "Headervar" variable to display the obmygroups value, but it comes as blank.
    Any help would be appreciated.
    Thanks
    Aneesh

    We recently integrated Webcenter Application (with ADF Authentication and Authorization) with OAM. May be the following will be of some help to you.
    We did the following steps documented in Chapter 11 Oracle Access Manager in Oracle J2EE security guide.
    OAM
    1. Created ALL specified policies , authentication schemes, protection specified in OAM section of the document.
    OC4J
    1. Ran all configuration listed for the OC4J section.
    Webcenter
    1. Developed the Webcenter Application
    2. Enabled ADF Security (Authentication & Authorization)
    3. Deployed the application. While deploying chose File based provider.
    4. After the deployment, changed orion-application.xml to have COREIDSSO as documented in Oracle documentation
    system-jazn-data.xml
    1. Added login module details as specified in the document. (Changed only the application name. Rest all was same as we used names as specified in the earlier steps of the document)
    OID Migration
    Reference document: "Configuring a WebCenter Application to Use Oracle Access Manager" in Webcenter Framework Developer guide.
    1. Located app-jazn-data.xml in the deployed application
    2. Removed "realm-name" and "type" subelements of "grantee" tags. Removed any realm details in user name.
    3. changed references to "class oracle.security.jazn.spi.xml.XMLRealmRole" to "oracle.security.jazn.realm.CoreIDPrincipal"
    4. ran the JAZN migration tool with "all" options. Migration from app-jazn-data.xml to OID.
    OAM
    Created policies for protecting our application.
    Test the application.
    Debugging.
    1. Enable oracle.adf.share.security , oracle.j2ee.security & oracle.j2ee.security.oc4j loggers to debug if the application is not working the way you expect to work.
    2. Set log level in Enterprise manager.
    3. All logging information are written in log.xml in $ORACLE_HOME/j2ee/OC4J_Webcenter/log/OC4J_WebCenter_default_group_1/oc4j
    Thanks

  • Oracle Access Manager 11g Basic with E-Business Suite

    Hi gurus,
    I was just wondering if anyone could tell me if the basic edition of Oracle Access Manager 11g is licensed for use with e-Business Suite 11i as a partner application? Or is it necessary to purchase the full license to use it with EBS?

    925237 wrote:
    Hi gurus,
    I was just wondering if anyone could tell me if the basic edition of Oracle Access Manager 11g is licensed for use with e-Business Suite 11i as a partner application? Or is it necessary to purchase the full license to use it with EBS?You need a license for Oracle Access Manager. However, AccessGate is available at no charge to customers who have already licensed both Oracle E-Business Suite and Oracle Access Manager.
    Oracle E-Business Suite AccessGate Release 1.0.2 Now Available
    https://blogs.oracle.com/stevenChan/entry/ebs_accessgate_102
    Oracle Access Manager 11.1.1.5 Certified with E-Business Suite 12
    https://blogs.oracle.com/stevenChan/entry/oracle_access_manager_11_11
    Oracle Access Manager 11.1.1.3 Certified with E-Business Suite 12
    https://blogs.oracle.com/stevenChan/entry/oracle_access_manager_11_1
    Please contact your Oracle sales representative (account manager), he/she is the best one to answer your license questions.
    Global Pricing and Licensing
    http://www.oracle.com/us/corporate/pricing/index.html
    Thanks,
    Hussein

  • Oracle Access Manager 11gR2 Web application: "oam" failed to preload

    Any pointers for troubleshooting this error?
    Managed Server starts up but fails to start-up "oam" deployment.
    weblogic.application.ModuleException: [HTTP:101216]Servlet: "AMInitServlet" failed to preload on startup in Web application: "oam".
    java.lang.ExceptionInInitializerError
            at oracle.security.am.pbl.transport.http.AMInitServlet.initializeAmServer(AMInitServlet.java:113)
            at oracle.security.am.pbl.transport.http.AMInitServlet.init(AMInitServlet.java:79)
            at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:283)
            at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
            at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
            at weblogic.servlet.internal.StubSecurityHelper.createServlet(StubSecurityHelper.java:64)
            at weblogic.servlet.internal.StubLifecycleHelper.createOneInstance(StubLifecycleHelper.java:58)
            at weblogic.servlet.internal.StubLifecycleHelper.<init>(StubLifecycleHelper.java:48)
            at weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.java:539)
            at weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletContext.java:1981)
            at weblogic.servlet.internal.WebAppServletContext.loadServletsOnStartup(WebAppServletContext.java:1955)
            at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1874)
            at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
            at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1518)
            at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
            at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
            at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
            at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
            at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
            at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
            at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
            at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
            at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:671)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
            at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
            at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:59)
            at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
            at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
            at weblogic.deploy.internal.targetserver.operations.AbstractOperation.activate(AbstractOperation.java:569)
            at weblogic.deploy.internal.targetserver.operations.ActivateOperation.activateDeployment(ActivateOperation.java:150)
            at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doCommit(ActivateOperation.java:116)
            at weblogic.deploy.internal.targetserver.operations.StartOperation.doCommit(StartOperation.java:149)
            at weblogic.deploy.internal.targetserver.operations.AbstractOperation.commit(AbstractOperation.java:323)
            at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentCommit(DeploymentManager.java:844)
            at weblogic.deploy.internal.targetserver.DeploymentManager.activateDeploymentList(DeploymentManager.java:1253)
            at weblogic.deploy.internal.targetserver.DeploymentManager.handleCommit(DeploymentManager.java:440)
            at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.commit(DeploymentServiceDispatcher.java:163)
            at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doCommitCallback(DeploymentReceiverCallbackDeliverer.java:195)
            at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$100(DeploymentReceiverCallbackDeliverer.java:13)
            at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$2.run(DeploymentReceiverCallbackDeliverer.java:68)
            at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:545)
            at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
            at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    Caused by: java.lang.NullPointerException
            at oracle.security.am.pbl.diagnostic.DiagnosticUtil.<init>(DiagnosticUtil.java:80)
            at oracle.security.am.pbl.diagnostic.DiagnosticUtil.<clinit>(DiagnosticUtil.java:65)
            ... 45 more
            at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1520)
            at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
            at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
            at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
            Truncated. see log file for complete stacktrace
    Caused By: java.lang.NullPointerException
            at oracle.security.am.pbl.diagnostic.DiagnosticUtil.<init>(DiagnosticUtil.java:80)
            at oracle.security.am.pbl.diagnostic.DiagnosticUtil.<clinit>(DiagnosticUtil.java:65)
            at oracle.security.am.pbl.transport.http.AMInitServlet.initializeAmServer(AMInitServlet.java:113)
            at oracle.security.am.pbl.transport.http.AMInitServlet.init(AMInitServlet.java:79)
            at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:283)

    SOA is not required. WebGate is a separate installation, separate from where you install the Oracle Access Manager.
    Oracle Access Manager is like the management station, WebGate would typically be installed on a host where a Web Server is running. So WebGate running on the WebServer host would be used to provide access control functions for web pages hosted on Web Server. You will have to do the configuration of WebGate separately after Access Manager has been installed. Please mark answer helpful/correct if helpful.

  • Oracle Access Manager 11g r2 with Oracle Entitlement Server 11g r2

    Hello,
    I would like to set up a configuration with Oracle Access Manager 11g r2 where Authentication is against Active Directory, and Authorisation is against Oracle internet Directory
    Access Manager has to get authorizations from Oracle internet Directory via Oracle Entitlement Server
    I cant find any document describing how to integrate Oracle Access Manager with Oracle Entitlement Server
    could any one help ?
    Regards

    Hi all,
    I am facing some issue with the distribution of the policy in the security module of OES.
    The "application" distribution tab allows me to distribute the policy created but does not generate any distribution ID or address for webservice access.
    I am using OES 11.1.5
    Thanks in advance.

  • Integrating Oracle EBS R12 with Oracle Access Manager 11g

    Hi Everyone ,
    Oracle Access Manager version 11.1.1.5
    Oracle Identity Management 11.1.1.6.0
    Oracle Access Manager WebGate 11.1.1.5
    Oracle E-Business Suite AccessGate patch p12796012
    Apps Version : 12.1.1
    DB Version 11.2.0.3
    PLatform : OEL 5.8
    We are trying to Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11g using Oracle E-Business Suite AccessGate.We followed metalink id's
    1309013.1 and 1543803.1 and some other documents.We have performed every step as documented , and everything seems to work fine untill user tries to log out from Oracle Applications i.e User
    is able to login to Oracle Applications through access gate and everything is working fine. But as user click logout button an error messsage is diplayed like "*500*
    *Internal Server Error Servlet error: An exception occured* " (The url at the time of this message is http://hostname:port/OA_HTML/AppsLogout ).
    Apps Tier (oacore) Application log:-
    +13/05/15 19:04:20.229 html: Servlet error+
    java.lang.NoSuchMethodError: oracle.apps.fnd.sso.SSOManager.getAuthAgentLogoutUrl(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;
    at oracle.apps.fnd.sso.AppsLogoutRedirect.doGet(AppsLogoutRedirect.java:193)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)+
    at oracle.apps.jtf.base.session.ReleaseResFilter.doFilter(ReleaseResFilter.java:26)
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15)+
    at oracle.apps.fnd.security.AppsServletFilter.doFilter(AppsServletFilter.java:318)
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)+
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)+
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)+
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)+
    Apps Tier Apache Error log :-
    +[Wed May 15 18:50:52 2013] [error] [client 192.168.0.2] [ecid: 1368624052:192.168.0.61:10798:0:44,0] File does not exist: /u01/eBiZR12/apps/apps_st/comn/java/classes//+
    WE have set all required profile in Oracle Application as directed in documents , and users are able to login just fine , but they are not able to logout.
    IS there something that we are missing , any help is highly appreciated.
    Regards
    Edited by: TheKop88 on May 16, 2013 11:39 AM

    Hi there ,
    Thanks for reply ,
    We had already gone through that document earlier. We noticed that when Apllication Profile "*Apllications SSO Type* " is set to SSWA then OA_HTML/AppsLogout is
    working fine , but when we set "*Applications SSO Type*" to SSWA w/SSO then OA_HTML/AppsLogout is not working(not redirecting) .Error thrown on web browser is "+500 Internal Server Error Servlet error: An exception occurred. The current application deployment descriptors do not allow for including it in this response+" . we believe that we might have missed some Profile settings that is causing this error.
    Regards
    Edited by: TheKop88 on May 16, 2013 12:03 PM
    Edited by: TheKop88 on May 16, 2013 12:07 PM

  • OBIEE Integration with Oracle Access Manager (OAM)

    Hi All,
    I am new to OBIEE and not familiar with Security part. We have one request from the client to have OBIEE Integration with Oracle Access Manager (OAM) through eternal identity management tool (OID/other LDAP).
    I tried google and found some information, but non of them has Step-by-Step process.
    Does anyone has document or know good portal which gives step by step information on how to Integrate OBIEE with OAM using external identity management tool?
    Appreciate if you share the information.

    Hi,
    You can use this note/doc attached in the note to configure:
    Oracle Access Manager (OAM) and Oracle Business Intelligence (OBI) Integration [ID 1217103.1]
    Regards,
    Jay

  • LifeRay Poratl & Oracle Access Manager Integration

    Hi All
    Am trying to integrate LifeRay Portal with Oracle Access Manager to provide SSO. Steps I done is Created Proxy (Required) to the application with Apache Web Server and installed Apache Web Gate on it to protect the proxy. Now I need help to configure Portal to enable SSO and Authentication with LDAP Users Customization. Any one Please try to help me in this issue please
    Version of LifeRay : 6.0.6
    Oracle Access Manager : 10g (10.1.4.3.0)

    Have you provided all the hostname and port combinations in the Host Identifier?
    What have you configured as Preferred Host in webgate configuration? What is configured in the Host Identifier?
    ~Yagnesh

  • Integrating Oracle Access Manager with Kerberos (WNA)

    Hi,
    I have working Oracle Access Manager currently being able only to authenticate users against Active Directory. I want to enable WNA. But I am still having issues with correctly configure it:
    I do not know what am I doing wrong.
    I am logged as example.com\testuser into Windows XP, using firefox with WNA enabled for URI example.com. Then I enter http://oracle.example.com which is my Oracle HTTP Server's protected URL, then I am receiving ERROR from Oracle Access Manager: "The user account is locked or disabled. Please contact the System Administrator."
    In OAM Log there is this: <Jun 19, 2012 4:14:15 PM CEST> <Error> <oracle.oam.controller> <OAM-02010> <User account is locked. Authentication failed.>
    Interesting is when I disable WNA support in firefox, then this behavior occurs: fisrt there is this dialog shown "A username and password are being requested by http://oracle.example.com:14100. The site says: "OAM 11g"" --> here I enter example.com\testuser and password. After this new dialog is shown: A username and password are being requested by http://oracle.example.com:14100. The site says: "WebLogic Server", then after entering weblogic/password I receive "The user account is locked or disabled. Please contact the System Administrator."
    In the OAM log this is logged:
    <Jun 19, 2012 4:22:28 PM CEST> <Error> <oracle.oam.user.identity.provider> <OAMSSA-20023> <Authentication Failure for user : weblogic.>
    <Jun 19, 2012 4:22:28 PM CEST> <Error> <oracle.oam.controller> <OAM-02010> <User account is locked. Authentication failed.>
    Any ideas? I am really stuck here.
    I am using this keytab file:
    [root@oracle centos]# klist -ke /home/oracle/keytab.testuser1
    Keytab name: WRFILE:/home/oracle/keytab.testuser1
    KVNO Principal
    7 HTTP/[email protected] (des-cbc-crc)
    7 HTTP/[email protected] (des-cbc-md5)
    7 HTTP/[email protected] (arcfour-hmac)
    7 HTTP/[email protected] (aes256-cts-hmac-sha1-96)
    7 HTTP/[email protected] (aes128-cts-hmac-sha1-96)
    kinit passes fine:
    [root@oracle centos]# kinit -V HTTP/[email protected] -k -t /home/oracle/keytab.testuser1
    Using default cache: /tmp/krb5cc_0
    Using principal: HTTP/[email protected]
    Using keytab: /home/oracle/keytab.testuser1
    Authenticated to Kerberos v5
    Why and which user is locked? I can lock with the AD user into windows domain, so I assume it is not locked + I checked it in the Active Directory.

    Ok, now I got it working. Sh~t! Why oracle documentation says I should set AD datasource with this parameter:
    User Name Attribute: UserPrincipalName, when this does not work?!
    After changing to User Name Attribute: sAMAccountName my WNA works!!!
    I have been fighting all day with this! The question is why such behavior - if the problem is in wrongly written oracle documentation, or I have problem somewehere else.
    Btw my user in AD looks like this:
    distinguishedName:     CN=John Doe,CN=Users,DC=example,DC=com
    sAMAccountName:     doejohn
    userPrincipalName     [email protected]
    It looks OAM takes "doejohn" from Windows via WNA/Kerberos and searches for this using UserPrincipalName and this is giving no match of course because "doejohn != [email protected]".
    The question is why does it take doejohn and not [email protected] from Windows WNA/Kerberos ???

  • Installing Oracle Access Manager - 11.1.1.5

    Hi
    I am very new to Identity Management and have been trying to set Oracle Access Manager in Windows XP.
    Downloaded ofm_iam_generic_11.1.1.5.0_disk1_1.zip from OTN.
    I cannot find the RCU for 11.1.1.5 version from the website directly. All I could see is only RCU for 11.1.1.3 and 11.1.1.2 version.
    Can anyone send me the download link for RCU 11.1.1.5 and step by step installation guide for setting up Oracle Access Manager.
    I tried creating OAM Domain after installing IDM Suite and running RCU 11.1.1.3 version.
    When I run the WebLogic and OAM server I am getting error
    Caused By: oracle.security.am.common.policy.admin.PolicyManagerException: oracle.security.am.c
    policy.admin.PolicyManagerException: OAMSSA-06251: Unsupported policy store version detected.
    ed "11.1.1.5.0" but found "11.1.1.3.0".
    Also unable to login to OAM console.
    Thanks,
    Ram

    Daren,
    Do you have OAM 11.1.1.3 running and now you wish to upgrade it to 11.1.1.5 or
    You wish to install new 11.1.1.5 ?
    If this is later then better you should use 11.1.1.5 RCU to create schema as this is straight and easy process with no upgrade.
    If you are running 11.1.1.3 and wish to upgrade to 11.1.1.5 then there are steps to apply 11.1.1.5 oatch in My Oracle Support(earlier metalink) Procedure to Upgrade OAM 11.1.1.3.0 to OAM 11.1.1.5.0 [ID 1318524.1
    Atul Kumar
    http://www.amazon.co.uk/Oracle-Identity-Access-Manager-Administrators/dp/1849682682  <- OIM / OAM 11g Book on Amazon
    http://onlineappsdba.com/index.php/book/   <- EBS R12 Integration with OID/OAM for SSO Book                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

  • Where to download •Oracle Access Manager WebGate 10.1.4.3

    i am working on OAM/OID integration with EBS R12(Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR1 (11.1.1.5) using Oracle E-Business Suite AccessGate [ID 1309013.1]), As per the document i am trying to download Oracle Access Manager WebGate 10.1.4.3 from this link
    http://www.oracle.com/technetwork/middleware/ias/downloads/101401-099957.html
    i am confused on downloading (Oracle Access Manager Core Components (10.1.4.3.0 or Oracle Access Manager WebGates for OHS 11g and Weblogic Identity Assertion Provider (10.1.4.3.0) or Policy Manager and WebPass on Third Party and non-OHS 11g Web Servers (10.1.4.3.0 )
    which one i need to download.

    Hi,
    Oracle Access Manager 10.1.4.3.0 is a part of 11g R1 release So, you should be fine with OAM 10.1.4.3.0.
    OAM 10G R3 consists of OAM 10.1.4.0.1 (and 10.1.4.2.0).
    -- Pramod Aravind

  • How to Migrate 10g sso integrate with EBS 11.5.10.2  to 11g OAM(oracle access manager) with R12.1.3

    How to Migrate 10g sso integrated with EBS 11.5.10.2  to 11g OAM(oracle access manager) with R12.1.3
    Os:Linux 64 bit
    database:11.2.0.3 Rac

    Hi,
    You could try working through the EBS -> APEX integration article on the Apex community site (http://www.oracle.com/technetwork/developer-tools/apex/apex-ebs-wp-cabot-consulting-169064.pdf)
    Rod West

Maybe you are looking for

  • My itunes store will not load i keep getting a blank white screen

    My itunes store will not load when i click on the store a blank white screen will come up and only that

  • Web Services Connection Timeout

    Hello All, I have a web services client that runs in Tomcat. When making a web service call, I am getting the following exception: HTTP transport error: java.net.ConnectException: A remote host did not respond within the timeout period.      at com.s

  • How to get back missing podcasts

    Dear All, Since upgrading to 7.0.1.8 I have noticed that there appears to be no option for viewing all of the files in my library - I used to use this view for managing my podcasts. Now I have to go into the podcasts view, which shows all podcasts, n

  • Veriables changing detection

    Hi, all, Suppose there is a java application which is running on Unix or windows platform.The application contains some dynamic changing varables, and they are changing when the application is running. Now I need to make a java monitor to detecte the

  • [solved] NFS: "ls: reading directory .: Input/output error" after time

    Hello, I got the following configuration: NFS-server: Always on, connected via LAN. NFS-clients: 2 computers, connected via LAN and WLAN. On standby: auto umount NFS-share via system-sleep-hook with systemd. This works flawlessly some hours or even d