The requirement is to add an authorization policy for permissions (containing Roles + LDAP Groups) for a resource against an action. I have exported the policy XML from the OES using policyIX.sh and tried updating the authorization policy. The ATZ policy XML block will be as shown below: <xb:authorization_policy_entry> <xb:policy_effect value=”grant”/> <xb:policy_actions> <xb:policy_action_entry value=”MyAction”/> </xb:policy_actions> […]
Read More. . OAM 11g identity store is covered in my book and this post covers steps to find what identity store (OID, OVD, AD or other LDAP Server) configured with OAM and what user OAM uses to connect to User Store (LDAP Server). When you try to login to OAM server using username/password, OAM collects this […]
Read MoreKnowledge Based Authentication (KBA) is a feature available in Oracle Adaptive Access Manager (OAAM) that provides rich set of challenge questions, logic behind presenting those questions to user, and validating answers. To know more about KBA in OAAM click here and here . 1. KBA can be used as a) First Authentication for forgot password use case […]
Read MoreJoin now to reap the benefits of Oracle Apps DBA R12 Training which is constantly in great demand. This is a course tailor made for you keeping in mind the latest in the world of Oracle. Why this training is important? Our training offers hands-on exercises on day-to-day Apps DBA activities such as Installation, Patching, Cloning etc. We […]
Read MoreWhen you integrate OIM with OAM (and optionally OAAM) then user logon to OIM via OAM is locked by OAM after 5 continuous failed attempts. This post covers what happens behind the scene, how account lockout happens in OAM and how to unlock this. Note: When an account gets locked in OAM (via attribute obLogintryCount […]
Read MoreOne of our client environments had OAM setup since couple of years and we saw the below error all of a sudden and all the authentication/authorization requests of a specific access gate has stopped working. 2012/09/17@19:11:15.602601 16038 1000059 CONNECTIVITY DEBUG3 0x00000201 /export/t3array/build6/Oblix/coreidport/palantir/netlib/src/obmessagechannel.cpp:601 “Received NMP STS negotiation ” _seqno^0 _opcode^0 _opcodeStr^ServerDiagnosticEvent Message^sts=cert 2012/09/17@19:11:15.992267 16038 68 […]
Read MoreThis post cover key points and request flow that you must understand when integrating three Oracle Identity Management product OIM, OAM, and OAAM a) OIM – Oracle Identity Manager b) OAM – Oracle Access Manager c) OAAM – Oracle Adaptive Access Manager For an overview of features available by integrating OIM, OAM, and OAAM click […]
Read MoreWhen you integrate OAM with OIM (more here ), You see three links “Forgot Password” , “Register New Account” , and “Track User Registration” . Where is this configuration stored and how to change Forgot Password link to some other password management application ? These links are defied in OAM configuration file i.e. $DOMAIN_HOME/config/fmwconfig/oam-config.xml […]
Read MoreOracle Identity Analytics (OIA) earlier Sun Role Manager (SRM) provides ability to define and manage roles and automate identity based controls. OIA also provides Attestation and SoD (Segregation of Duties). For list of OIA features click here This post covers steps to find version of OIA installed on system. Note: Latest version of OIA is […]
Read MoreI have created an XML for various OES elements such as Actions/Resources/Roles/RolePolicies/Authorization Policies. What is already existing in OES ? Application is created through OES Admin console and the necessary identities such as groups/users are added in OES console (choose ASI console). Importing policies: $ ./policyIX.sh -import -disableTransaction ../config/App_policyIX_config.xml App_Policies.xml Error in command output: Uploading […]
Read More