Benifits of OIM and OAM...

Hello friends..
I am new to OIM and OAM but I know java and Struts. If i decided to learn OIM/OAM then what will be future scope of these technologies to me. And in which sector i will have the job. Currently working as a Java Developer and willing to learn OIM and OAM.
Please know me if anyone know...
Thanks and Regards
DB

This is how I understand how the products relate to each other:
Oracle Identity Management isn't an actual product it's an umbrella term Oracle use to describe all the Oracle Identity and Access Management products. Please take a look at the link below:
http://www.oracle.com/technology/products/id_mgmt/index.html
Oracle Identity Manager and Oracle Access Manager are seperate products.
Oracle Identity Manager is a provisioning and compliance product formerly Xellerate Identity Manager from Thor.
Oracle Access Manager is a authentication and access product used for securing and providing single sign on to web based applications.
Both products have many other features besides what's described above some of these features overlap such as workflow, user self service and password management.
Hope this helps.

Similar Messages

  • Best practices on enterprise and application roles in OIM and OAM 11g?

    Hi, all,
    I wonder if any of you can give me some advice on role design for OIM and OAM 11g. I'd like to have both enterprise roles, such as Accountant II, and application roles, such as App1_User, App1_Admin, etc. Ideally, the enterprise role would automatically give the user the appropriate application roles, but I can't figure out how to do that. We tried using OIM 11g's inheritance, but when the application role is inherited, OAM doesn't see it in OID/OVD and therefore doesn't think the user has the correct authorization to access the application. I thought about using role membership rules, but those seem to only allow you to use user attributes to control membership, which doesn't help at all in my situation.
    How is this situation best handled? Any advice much appreciated!
    Ariel Anderson
    Senior Business Analyst
    Zirous, Inc.

    Hi,
    I am assuming in clustered environment you are having two instances running.
    It must be an issue with a single server,,because the problem is intermittent.
    To see which server is causing problem....just perform the following steps:
    1) Stop server1 and keep running server2..and fire new registration request...
    2) stop server 2..and keep running server1.....and fire new registration request.
    Using above, atleast you can see which server is causing the problem...
    Regards,
    J
    Edited by: J_IDM on Mar 21, 2011 10:52 PM

  • Difference Between OIM and OAM

    Once again, apologies for the newbie question, but I am becoming thoroughly confused by Identity Mgmt as a whole.
    I've implemented Single Sign-On for E-Business Suite before (10.1.4.2) and it was straight forward. Now I am confused by all
    the different Identity Mgmt Paths. Can someone explain what the difference is between Oracle Identity Mgmt (10.1.4.3) and Oracle Access Manager ?? Is OAM installed on top of 10.1.4.3 ?? Any information would be helpful.

    Hi,
    There are a number of white papers here:
    http://www.oracle.com/products/middleware/identity-management/resource-library.html
    that will hopefully help to describe the various identity management packages, and which ones should be used depending on requirements. This one:
    http://www.oracle.com/technology/products/id_mgmt/pdf/idm_suite_datasheet.pdf
    has a short description of each of the current products.
    Hope this helps.
    Regards,
    Colin

  • Support OIM and OAM 11gR2 versions

    Hello friends,
    The version of Oracle Weblogic Server 12c is supported for Oracle Identity Manager and Oracle Access Manager 11gR2
    Thanks

    Directly from Oracle website on Weblogic Server certification
    "Oracle Identity and Access Management 11gR2 (11.1.2.0.0) is certified with Oracle Weblogic Server 11gR1 (10.3.5) and Oracle Weblogic Server 11gR1 (10.3.6)."
    Here is the url, http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-certification-100350.html
    click on - System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.x) ( xls)
    Edited by: 970711 on Nov 25, 2012 7:04 AM

  • OIM and SiteMinder

    Hi All, I searched the threads but didn't see anything specific to this topic.
    I am (in the near future) planning on implementing OIM. In this case, I have SiteMinder already in place. I know that OIM and OAM are easy to integrate, but what about OIM and SiteMinder? In theory, they should work fine together.
    Has anyone had any experience with this? Any advice or gotchas I need to be aware of?
    Thanks in advance!

    Check the post installation steps for Enabling Single Sign on in Oracle Identity Manager
    http://download.oracle.com/docs/cd/B32479_01/doc.903/b32459/post_install.htm#CBHIHACD
    Hope this helps,
    Sagar

  • OIM or OAM?

    Hi all !
    i am newbie to the world of identity and access management! currently i am studying both identity and access management solutions for our company! i am a bit confused and require your guidance!
    OIM is a solution that is used to manage identities of users and organisation of an enterprise.
    OAM is a solution that in addition to (limited) identity management is used for authenticating and authorizing users.
    Now we have both the issue at hand. We want to manage identities and also want to manage access to out set of web applications through single sign -on.
    where i get confused is that do we need to install OIM for identity management and OAM for access management i.e WAM (web access management). Can they both be deployed in collaboration?
    or do we need just to have access manager installed and manage identity through it as well?
    Bear with me my little knowledge.
    Best Regards
    Zia

    You have to install both OIM and OAM. OIM will manage identities and then oyu have to integrate OAM with OIM which will take care of Authentication and Authorization of OIM identities.
    Users of OIM will be authenticated through OAM.

  • What is the best way update similar OID and OAM LDAP attributes via OIM?

    Our environment uses OIM provisioning to an OID LDAP which is used by OAM.
    For legacy purposes, we need to populate both the Oracle "orcl*" attributes and OAM "ob*" in cases where they have the same or similar usage.
    Example: When a user is disabled in OIM we need to set orclisenabled="false" and obUserAccountControl="DEACTIVATED" in OID
    What is the best way to accomplish this in OIM? My initial thought was to write a custom adapter, similar to the out-of-the-box OID Modify User adapter, which supports modifying multiple attributes.
    Is there a better way?

    You can create two tasks which will modify two attributes of OID.
    On Disable user task, call task1 and on Success of task1, call Task2 (using Task to Generate Feature).
    You can make use of OOTB connector only.

  • Info about OIM and WebCenter integration

    Any info or doc/url for OIM and WebCenter integration would be helpful. Any experiences etc please provide some links.

    Follow the link -
    http://docs.oracle.com/cd/E21764_01/core.1111/e12037/oam.htm#WCEDG345
    Follow the below points -
    *"Credential and Policy Store Configuration"*
    *"Oracle Access Manager 10g Integration"*
    *"Oracle Access Manager 11g Integration"*
    *"Configuring WebCenter Applications"*
    *"Configuring WebCenter and BPEL Authentication"*
    *"Backing Up the Installation"*

  • Self registration error in OIM-OID-OAM 11g

    Hi,
    We are using OIM,OID,OAM 11G,in clustering mode.We are facing a problem on self registration process.
    For every alternate self registration request,system is throwing an error.After the self register user request has got approveod,I have checked the request status in 'advanced' panel its saying ; " IAM-3051103:The create operation on user entity failed in action stage.:"
    This is really a big mysterious thing to me,1st self registration was successful,2nd was throwing an error , again 3rd was success ,4th was failure , 5th was success and 6th was failure.
    Below is the corresponding error message in log file for the failed request.
    <Mar 21, 2011 2:22:30 PM CDT> <Error> <oracle.iam.identity.usermgmt.impl.handlers.create> <IAM-3051103> <The create operation on user entity failed in action stage.
    oracle.iam.platform.entitymgr.MissingRequiredAttributeException: [act_key]
         at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.checkRequired(EntityManagerImpl.java:1448)
         at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.createEntity(EntityManagerImpl.java:261)
         at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.createEntity(EntityManagerImpl.java:237)
         at oracle.iam.identity.usermgmt.impl.handlers.create.CreateUserActionHandler.execute(CreateUserActionHandler.java:141)
         at oracle.iam.identity.usermgmt.impl.handlers.create.CreateUserActionHandler.execute(CreateUserActionHandler.java:68)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at oracle.iam.platform.kernel.impl.EventHandlerDynamicProxy.invoke(EventHandlerDynamicProxy.java:30)
         at $Proxy235.execute(Unknown Source)
         at oracle.iam.platform.kernel.impl.OrchProcessData.runActionEvents(OrchProcessData.java:1028)
         at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:637)
         at oracle.iam.platform.kernel.impl.OrchProcessData.executeEvents(OrchProcessData.java:220)
         at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:669)
         at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:716)
         at oracle.iam.platform.kernel.impl.OrhestrationAsyncTask.execute(OrhestrationAsyncTask.java:108)
         at oracle.iam.platform.async.impl.TaskExecutor.executeUnmanagedTask(TaskExecutor.java:100)
         at oracle.iam.platform.async.impl.TaskExecutor.execute(TaskExecutor.java:70)
         at oracle.iam.platform.async.messaging.MessageReceiver.onMessage(MessageReceiver.java:68)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
         at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
         at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
         at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
         at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
         at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
         at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
         at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
         at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
         at $Proxy428.onMessage(Unknown Source)
         at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:466)
         at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:371)
         at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:327)
         at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4659)
         at weblogic.jms.client.JMSSession.execute(JMSSession.java:4345)
         at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3821)
         at weblogic.jms.client.JMSSession.access$000(JMSSession.java:115)
         at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5170)
         at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    >
    <Mar 21, 2011 2:22:30 PM CDT> <Error> <oracle.iam.platform.entitymgr.provider.ldap> <IAM-0042004> <An error occurred while un-reserving the user in LDAP, and the corresponding error is - java.lang.NullPointerException>
    <Mar 21, 2011 2:22:30 PM CDT> <Warning> <oracle.iam.identity.usermgmt.impl.handlers.create> <BEA-000000> <null>
    Any help would be really appreciated.
    Thanks.

    Hi,
    I am assuming in clustered environment you are having two instances running.
    It must be an issue with a single server,,because the problem is intermittent.
    To see which server is causing problem....just perform the following steps:
    1) Stop server1 and keep running server2..and fire new registration request...
    2) stop server 2..and keep running server1.....and fire new registration request.
    Using above, atleast you can see which server is causing the problem...
    Regards,
    J
    Edited by: J_IDM on Mar 21, 2011 10:52 PM

  • OIM/SOA/OAM Instance cloning

    Hi All,
    Can anyone give me inputs on how to replicate an instance of OIM/SOA/OAM from one machine to another machine, with same configuration details.
    Given that I have oracle home location and the password to use. How do I go ahead about cloning the instance on different machines?
    Regards,
    Shashi

    Further to this discussion, I found these scripts what would copy environments and home instances and its components.
    http://docs.oracle.com/cd/E23943_01/core.1111/e10105/clone.htm
    Can the same procedure be followed for environment cloning?
    We are planning to try this approach, so, needs any of your reviews,
    1. Use backup & restore strategy to import the schema and data.
    2. Use the cloning procedure given at the above link to import the instance details.
    Regards,
    Shashi
    Updated the message with approach details

  • How can we get ADFSecurity work when used in OC4J, OID and OAM?

    I am getting error in http server log "mod_oc4j: Response status=499 and reason=Oracle SSO, but failed to get mod_osso global context."
    But I am not using Oracle SSO and my client doesn't want to use it either, I am using OAM SSO(CoreIDSSO) in my configuration. Please read the details below.
    I am using ADFSecurity in an app that is protected by OAM. To migrate ADFSecurity permissions from
    system-jazn-data.xml to OID, I used JAZNMigrationTool to populate OID with Grantees and Permissions. OAM gives login page, and authentication works fine.
    But ADFSecurity is not working. ADFComponent Delete button is enabled even for roles that dont have permissions for the iterator delete.
    - The app works fine when I use without OAM. ADF Security permissions work fine.
    - The app works fine when used with OAM, but with ADFSecurity disabled (enforce=false).
    - When I enforce ADFSecurity alongwith OAM, ADFSecurity is not working.
    In the doc "Oracle Containers for J2EE Security Guide b28957", there is a mention of use of CoreIDPrincipal for permissions. Our OID Permissions entries show
    LDAPRealmRole for attribute orcljaznprincipal. I am not sure if this could be the reason.
    We have configured AccessServerSDK for the SOA instance and have policy for the urls in the policy manager. We have entries in orion-application.xml, orion-web.xml and system-jazn-data.xml as per the documentations.
    How can we get ADFSecurity work when used with OID and OAM?

    Have you been able to successfully integrate OAS with OAM & OID? We have similar requriement and so far we have not been able to get it working.
    We have application specific roles which we map to OID roles using orion-application.xml.
    Any pointers to achieve this would be greatly appreciated.
    thanks,
    Dipal

  • OIM and MS Exchange - Invalid mail store name error

    hello,
    I'm trying to provision a user with a mailbox in Exchange. I have setup SSL between the AD/Exch box and OIM. After a manual provisioning is initiated through OIM, the "Create Mailbox" adapter status is shown as "Rejected".
    In the details, the Reason show is "Invalid mail store name passed". However, the mail store name used in the IT Resource Configuration is as per the connector documentation and as seen in the Exchange System Manager console i.e. "Mailbox Store (BASE)" where "BASE" is the name of the computer where AD/Exch is installed.
    Am I missing something? Is there a full DN of the mail store required? Is this something to do with the access permissions in AD or Exchange?
    Please advise. Thank you!

    Hi,
    I was able to resolve this by changing the value of "Server Name" value in the IT Resource. The issue is not with the Mail Store Name or "Store Name" rather it's with the "Server Name".
    The value of "Server Name" should be the host name without the domain name for example, BASE only instead of BASE.mydomain.com.
    The value of "Store Name" should be as shown in the Windows Exchange Admin Console. E.g. "Mailbox Store (BASE)".
    Also, ensure that the value "AD User" is added under the "Depends On" for the "Exchange" Resource Object.
    Once you provide the values as mentioned above, create a user in OIM and assign AD User and Exchange resources.
    The mailbox will not be created/shown in the Exchange Admin Console unless you access the Exchange URL and login with the target user's credentials.
    The Exchange URL can be accessed as "http://hostname or IP/exchange". Provide the user's username and password and the Outlook Web Access screen will be displayed.
    Now go to Exchange Admin System console and check the mail store if the maiilbox is created.
    Hope this helps. Thanks!!

  • OIM User Creation Error After OIM and OID Intregation

    Hi,
    I am new in oim and i am getting popup error message for user creation from OIM application after oim and oid intregation through libovd.
    Error message : LDAP create event failed : orclguid attribute has duplicate value.
    please guide me for resolving error.
    Thanks & Regards,
    Rajeev

    Hi,
    Thanks for reply...i checked1307549.1 in metalink, In that link they are telling us to modify some tables in the data base.i have some question regarding the following steps please help.
    === ODM Solution / Action Plan ===
    1. Use the following query to find fields with "plain text" values:
    select svr.svr_name, spd.spd_field_name, svp.svp_key, svp_field_value
    from svp
    inner join spd on spd.spd_key = svp.spd_key
    inner join svr on svr.svr_key = svp.svr_key
    2. Set these plain text values to null after making backup of table.
    *(kashyap:: Which fields values we have to change)*
    3. Edit the Directory Server to re-set values.
    *(kashyap:: could you please explain this)*
    Expected error at this stage:
    -- no "System Error call admin...", but that makes sense since the values in question pertained directly to the Directory Server --

  • Can SiteMinder and OAM co-exist (SMSession and ObSSOCookie)?

    Hi folks,
    We currently have SiteMinder in place, but we're migrating to OAM 10.1.4.3.0. At some point, we'll need to have SiteMinder and OAM to co-exist and stand in parallel, so that we can gradually phase out Siteminder, and start protecting all of our resources with OAM. With this in mind, is there a way for the two of these access systems to co-exist? Can they share some common data, so that once user has been authenticated with SM, a cookie is created (similar to SMSession) which would then be understood by the OAM, or vice versa. This way, when the same customer accesses a subsequent resource protected in turn by OAM, the OAM (instead of authenticate and authorize user for the second time) would then read a session cookie, created by the SM and grant access. This scenario should be reversible, and also work the other way around with OAM as an entry point.
    Has anyone faced the same issue?
    Thank you,
    Roman

    For apps already protected by SiteMinder:
    User get authenticated by SiteMinder; gets SMSession cookie and comes to app protected by OAM
    OAM can read the cookie value and treat it as Credentials. For this you need to evaluate how to make OAM understand the SMSession cookie value.
    More Info: http://download.oracle.com/docs/cd/E15217_01/doc.1014/e12488/v2authen.htm#BABEAHEB
    For apps protected by OAM:
    User get authenticated by OAM; gets ObSSOCookie and comes to app protected by OAM
    Well, I'm not sure if this is supported by SiteMinder, but there should be some way to read the ObSSOCookie value also. Otherwise, you need to develop your own module.
    If you have considerable number of applications, it will be practical if applications are migrated from SM to OAM step by step. I might be wrong with these ideas, but it will be a good experience to involve in such type of discussions. Lets see what the experts have to say on this.

  • Integration and reconciliation of OIM and OID

    I need to do integration with OID and OIM, when i import the XML file, there are two XML files,
    1) oimOIDuser
    2) oimUser
    which xml should be used for the integration of OIM and OID.
    and for the trusted source Reconciliation.
    -sudhan elango.

    oimOIDUser.xml
    If you are using OIM 9.1.0 or later then you don't have to import the connector
    You can install it by copying the contents of the installation in OIM_HOME/xellerate/ConnectorDefaultDirectory
    and then Deployment Manager-> Install connector and from the connector list select OID connector and Load
    Hope it helps,
    Saggu

Maybe you are looking for

  • Is there any way to speed up a voicemail message once you've slowed it down?

    On voicemail playback you can slow the voicemail down by selecting 4 while it's playing.  I've yet to find a way to speed it back up.  Is there any way to do this?  We have CUC 9.0. Thanks

  • DVD Menu only shows up after the movie?!?!

    Hey guys I'm new to IDVD! I made a slideshow on Imovie and I hit share it to IDVD, i think pick a menu and hit burn. But when I play the movie in my DVD player, the movie starts right up and then it's not until after the movie is done playing that th

  • Roll over question

    I'd like to roll over text on a page, and have it change in color, AND have an image show up on the page. Is there any way that I can do this? Thanks in advance.

  • Premiere CC does not let me show Camera Raw after imported blackmagic Cinema Camera DNG file

    as the title said, I have imported my DNG files that shot from blackmagic cinema camera into Premiere CC 7.2 and the Camera Raw software does not pop up to let me do the color correction !! but in AE works well please help me !! how to solve this pro

  • BexWeb Error

    hi, We are upgrading from BI 3.1 to BI 7.  As part of the upgrade, we are also planning to use the Bex Web functionality. We have maintained the necessary settings in SICF and SM59 for BexWeb. But when I try to open the query through BexWeb by using