Online Apps DBA

One Stop Shop for Apps DBA’s

Exporting and importing of policies in OAM 11g

Posted in May 4th, 2012

byMahendra in idm, installation, oam

This post talks about the command used to export and importing of OAM 11g policies. OAM 11g provides this functionality through WLST scripting tool. This is the only possible approach to automatically export all policies from OAM 11g. The below steps are appropriate in linux env for exporting policies.

Goto $ORACLE_HOME/common/bin.
Run ./wlst.sh
connect(‘weblogic’,'password’,'t3://weblogic_host:port’)
exportPolicy(pathTempOAMPolicyFile,’/app/shared/home/tmweb/Oracle/Middleware_Dev2/oam_policies.xml’)

Refer the below screenshot for the output.

For importing policies into target OAM environment, follow the below steps:

Goto $ORACLE_HOME/common/bin.
Run ./wlst.sh
connect(‘weblogic’,'password’,'t3://weblogic_host:port’)
importPolicy(pathTempOAMPolicyFile,’/app/shared/home/tmweb/Oracle/Middleware_Dev2/oam_policies.xml’)

The exported policies xml file (oam_policies.xml in this case) contains the below data:

Authentication schemes
Host Identifiers
Application domains: Resources, Authentication/Authorization policies etc.,

Once the policies are imported to target OAM server the application domains, authentication schemes, host identifiers will be created/updated. Please note that IAMSuiteAgent application domain will also gets imported into target OAM server and this does not harm the OAM setup.

The same policies file can be imported multiple times without any issues.

Hope this post helps.

12 users commented in " Exporting and importing of policies in OAM 11g "

Follow-up comment rss or Leave a Trackback

mike said,

in May 11th, 2012 at 2:10 pm

Have you seen this output before? I get the same response with multiple servers and different environments (PROD, TEST, etc)

wls:/test_sso_domain/serverConfig> exportPolicy(pathTempOAMPolicyFile=’/u01/app/oracle/admin/test_sso_domain/mserver/test_sso_domain/policy-export.xml’)
Traceback (innermost last):
File “”, line 1, in ?
NameError: exportPolicy
wls:/test_sso_domain/serverConfig>

Atul Kumar said,

in May 11th, 2012 at 2:41 pm

@ Mike,
From where you are running wlst.sh ?

Mahendra said,

in May 12th, 2012 at 12:28 am

Please ensure to run wlst.sh from ORACLE_HOME/common/bin folder.

Manal said,

in June 1st, 2012 at 7:59 am

I am running it from the ORACLE_HOME/common/bin folder but im still getting an error:

wls:/idm_domain/serverRuntime> exportPolicy(pathTempOAMPolicyFile=’/odrive/oracle/temp/policies.xml’)
Traceback (innermost last):
File “”, line 1, in ?
NameError: exportPolicy

Mahendra said,

in June 1st, 2012 at 9:55 am

I have executed it just now from $ORACLE_HOME/common/bin.

Looks like you are executing some other than after connecting and before exportPolicy. In my case wls:/base_domain/serverConfig, in your case wls:/idm_domain/serverRuntime

wls:/base_domain/serverConfig> exportPolicy(pathTempOAMPolicyFile=’/app/shared/home/tmweb/Oracle/Middleware_Dev2/oam_policies_latest.xml’)
Successfully exported policies. Check log file for details.
wls:/base_domain/serverConfig>

Manal said,

in June 1st, 2012 at 10:50 am

I was trying something else in the above example. I did this and it still does not work:

bash-3.00$ /odrive/oracle/Middleware/wlserver_10.3/common/bin/wlst.sh

wls:/offline> connect(‘weblogic’,'password’,'host:port’)
Connecting to t3://www.localcorp.biz:7001 with userid weblogic …
Successfully connected to Admin Server ‘AdminServer’ that belongs to domain ‘idm_domain’.

Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.

wls:/idm_domain/serverConfig> exportPolicy(pathTempOAMPolicyFile=’/odrive/oracle/temp/policies.xml’)
Traceback (innermost last):
File “”, line 1, in ?
NameError: exportPolicy

in June 1st, 2012 at 11:03 am

You are executing wlst.sh from WL_HOME/common/bin. It should be executed from ORACLE_HOME/common/bin.

» Exporting and Importing partners in OAM 11g Online Apps DBA: One Stop Shop for Apps DBA’s said,

in June 19th, 2012 at 9:32 am

[...] have covered export and import of policies in previous post . The export and import partners also entail in similar steps using WLST [...]

» How to export and import configurations in OAM 11g? Online Apps DBA: One Stop Shop for Apps DBA’s said,

in July 3rd, 2012 at 2:20 am

[...] OAM 11g Policies are stored in database and this needs to be exported to an XML file, read this post for more details. The policies in target environment should have URLs (such as Authentication [...]

aengineer said,

in October 31st, 2012 at 2:39 pm

When we do a export of policy data, we get multiple files. For example, if we run:
exportPolicy(pathTempOAMPolicyFile=’/tmp/oam_policies.xml’);

we get 5 additional files with names of the form:
oam_policies.xml.@.1
through
oam_policies.xml.@.5

What are these additional files and are they needed for the import?

Thanks
Aspi Engineer

aengineer said,

in October 31st, 2012 at 2:42 pm

The formatting for my last post was lost.

The 5 files have the naming convention:
oam_policies.xml.NNN@MACHINE-NAME.1
through
oam_policies.xml.NNN@MACHINE-NAME.5

Mahendra said,

in November 2nd, 2012 at 1:42 am

@Aspi Engineer,

Those files are not required for import.

Leave A Reply

E-Mail Subscription

Subscribe in a reader

buy OAM/OIM 11g book from Amazon Oracle Identity & Access Manager 11g Administration

Oracle Identity & Access Manager 11g Administration

Oracle Mix

Join us on Oracle Mix

Users since Oct 07

Contributors

Interested in sharing your knowledge/experiences; contact us at admin @ onlineappsdba.com

Amit Pancholia (6)

Ankit Mittal (1)

Ankita Kumari (1)

Atul Kumar (648)

Brijesh Kumar (11)

Dharmendra Chauhan (2)

Harinderjit Singh (4)

Mahendra Babu (168)

Muhammad Rawish Siddiqui (9)

Neha Mittal (28)

Ramnik Gupta (5)

Richa Shivkumar (39)

Rupesh Sreenivas (11)

Saurabh Srivastava (3)

Shanker Jadapa (3)

Shilu Thomas (11)

ODI

ODI Installation & overview

ODQ/ODP & Metabase Manager

Create Data Loader

OPA/OPM

OPA/ Haley Rules basics

OAS/SOA

Application Server

Install Application Server

Clone/Stage 10g AS

Install 10gAS Infra

Change Hostname of 10g AS

Find passwords in 10g AS

Troubleshooting Portal/ Webcache/ HTTP

Upgrade to 10.1.2.2

iAS Comsole/EM changes

Reset ias_admin Password

Integration

Apps 11i/R12 with SSO

10g AS with OAM

Application Integration Architecture

Oracle SSO with third party Access Management

Fusion Middleware

Fusion Middleware Overview

Fusion or ConFusion

Difference between Middleware, iAS and Fusion

11g AS/Jdeveloper/SOA

Install 11g Jdeveloper / SOA

10gR3 AS / SOA Suite

Upgrade OAS to 10.1.3.4.0

Upgrade SOA/OAS to 10.1.3.3.0

SOA Suite Overview

Install SOA Suite

Reset OC4JADMIN Password

11g SOA/Jdeveloper

SOA integration with SSO

Cluster SOA Suite for HA

iASConsole changes in 10.1.3

Configure 10.1.3 OC4J from 10.1.2 Web Server

Service Bus

Oracle Service Bus = OESB + ALSB

Service Registry

Service Registry Installation

BPEL

Hello World in BPEL

Deploy BPEL Process

Deploy/Compile BPEL

BPEL Admin Console

BPEL Console, domain & Sensor

OracleAS Adapters

Adapter Overview & Services

Scripts

Workflow Related

Certification

R12 Apps DBA - Beta

Certification - 10gAS

Certification for DBA's

Database

RAC Database

Step by Step RAC Install

CRS, Voting Disk, Cache Fusion

Database

Block, Segment, Extents

Tablespace, Datafiles

Embedded SQL in shell

Errors in 10.2.0.1

Install TimesTen In-Memory DB

11g Upgrade overview

Dataware Housing

RMAN/Recovery

Recovery Scenario

Recover Accidentally deleted file

Verify Corruption

RAC

Recent Comments

Recent Entries

Social Network

Blogroll

Archives

©2012 Online Apps DBA | Sponsored by Focus Thread | Supported by Apps DBA Forum
The articles are copyrighted to Atul Kumar and can only be reproduced given the author's permission.