As per Prasad Akkiraju here Oracle Applications 11i/R12 is now certified with Oracle Identity Management (OID, DAS, DIP, SSO, Identity Federation) 10.1.4.2
This post summarizes key points in upgrading Oracle Identity Management (OID, DAS, DIP, SSO, Federation) from 10.1.4.0.1 version 10.1.4.2 (IdM 10g R3 patchset 1)
Things to note while upgarding OID/IdM to 10.1.4.2
1. Patch to upgrade Oracle Identity Management (including OID) to 10g Rel 3 patchset 1 (AKA 10.1.4.2) is 5983637
2. IdM 10g Rel 3 patchset 1 (10.1.4.2) can be applied only on IdM version 10.1.4.0.1 (For Previous release , first ugrade to 10.1.4.0.1)
3. This patch is currently (as of 31Mar08) certified for windows & linux only
4. While upgrading OID Node include $ORACLE_HOME/bin as first entry in PATH (This is to ensure installer takes ldapsearch or ldap* from $ORACLE_HOME/bin and not from /usr/bin )
5. Upgrade to 10.1.4.2 IdM (SSO, OID, DIP, DAS, Federation) includes software upgrade only.
How to patch/upgrade IdM (Oracle Identity Management) to 10.1.4.2
1. Download patch 5983637
2. Unzip patch
3. Shutdown Identity Management Services (OID, SSO, Identity Federation) and take backup
4. Go to Disk1 in directory where you unzipped patch
5. Ensure oraInventory (oraInst.loc) is pointing to right location
6. start upgrade by running ./runInstaller
7. Start Services
Main changes in 10.1.4.2 Patchset
Improvement in DIP
1. Profile Group & Configset
Configset- before 10.1.4.2 configset used to contain
a) configuration information for DIP (Directory Integration and Provisioning Server) like refresh interval, debug level, max number of profile to refresh …
b) List of profile that are schedule for execution
Profile Group- introduced in 10.1.4.2, consist of all profiles that are to be scheduled by specific instance of DIP.
Configset in 10.1.4.2 contains only configuration information like refresh interval, debug level, max number of profile to be executed … Point b) from previous release of DIP/OID is taken out of configset and moved to Profile Group
Improvement in OID
2. Server Chaining - New options are provided with OID server chaining (introduced in OID 10.1.4). To know more about OID Server chaining click here
2.1 SSL Support to connect to external directory
For more on this feature check metalink note # 452381.1 & 452385.1
3. Account with status locked, expired, etc. (custom control) were able to login via EUS (Enterprise User Security) where EUS was integrated with OID. With 10.1.4.2 you can stop account with status lock, expire to login from EUS
(More details visit metalink note # 459772.1)
Note* EUS (Enterprise User Security) is a feature in Oracle Database for centrally managing authentication and authorization of database users. - Updated later (Check comment below)
Improvement in DAS
4. Users without appropriate privileges could perform configuration operation in release previous to 10.1.4.2 (This is now fixed)
Improvement in SSO
5. Improvement in integration of SSO with Windows native authentication
Fixes around Identity Federation
6. Oracle Identity Federation can now consume PKCS#12 wallets created by OWM (Oracle Wallet Manager) Read More about OWM here
For full list of these bug fixes in IdM 10.1.4.2 check readme of Patch 5983637
Related Posts for IdM
- Oracle Identity & Access Management II
- Upgrade Oracle Internet Directory/IdM Suite to 10.1.4.2
- Oracle Launches Oracle Access Management Suite
- Installing Oracle Fusion Middleware (FMW) 11g - Identity Management Components (OID, DIP, OVD, OIF)
Popularity: 9% [?]
Download R12 VMware Documentation
Good hands-on exercises (installation, patching, cloning), very experienced trainer worth for Money 
6 users commented in " Upgrade Oracle Internet Directory/IdM Suite to 10.1.4.2 "
Follow-up comment rss or Leave a Trackback“Note* EUS (Enterprise User Security) is new feature in Oracle 11g Database Enterprise Edition for centrally managing authentication and authorization of database users.” — not correct at all.
EUS is there right from 92 db.
Thanks for pointing this, Yes you are right EUS is in database since way back from 8i .
Hello Atul,
When we are upgrading OID from 10.1.2 to 10.1.4, in one instance it is asking for “Oracle Certificate Authority Administrator” and in one instance it is not asking for the password.
Can you please let me know why it is asking for “OCAA” password in some instances and where to find the password. We tried to give orcladmin password, but it didnt take that password.
Thank you
Ramam
It is possible that during isntallation on one of instance you selected OCA (Oracle Certifying Authority)
password is different from orcladmin password, check with person who installed OCA with OID
Hello Atul,
Thank you very much for your quick response.
I only installed Infra instnace in the machine and I didnt remember whether I have selected OCA by the time of installation, any how can you please let me know how to change OCA Administrator password or where can we find the password.
I tried to change the password with “ocactl setpasswd -type DB”, but it is asking for the existing password also.
Thank you
Ramam
Ramam,
Welcome to Oracle’s trap , I am not sure if this is possible to reset password from backend (File System/OID) raise SR with Oracle and ask them to assign to OCA team
Leave A Reply