In today’s post I am going to show command line tool WLST (Weblogic Scripting Tool) to manage configuration of Oracle Access Manager 11g .
___
OAM administrator and user identities are stored within an LDAP server for use during authentication and authorization. By default OAM 11g uses weblogic’s embedded LDAP server as its Identity Store.
___
In my earlier post here I explained How to create Identity Store for OAM 11g pointing to enterprise LDAP server like OID or Active Directory using OAM Console (Graphical User Interface to manage configuration). In below example, I will explain how to change default identity store of OAM 11g back to Identity Store “UserIdentityStore1” using WebLogic Scripting Commands for OAM 11g.
1. Set Environment variable
$DOMAIN_HOME/bin/setDomainEnv.sh
2. Start WLST
$ORACLE_HOME/common/bin/wlst.sh
Now you should get prompt like
wls:/offline>
3.Connect to WebLogic Admin Server
connect([username, password], [url], [adminServerName])
Like
WLST>connect(‘weblogic’, ‘welcome1’, ‘t3://myadmin:7001’)
Now you should be conencted and get prompt like wls:/base_domain/serverConfig>
4. To take help on any command
help(‘command_name’) like
help(‘displayUserIdentityStoreConfig’)
or
help(‘oam’)
5. To check current identity store
displayUserIdentityStore(name=”ID_store”, domainHome=”domainHome1″)
example
displayUserIdentityStore(name=”UserIdentityStore1″, domainHome=”/oracle/apsp/OAM/user_projects/domains/base_domain”)
You should see output like
________________
Name : UserIdentityStore1, Type : LDAP, LDAP_URL : ldap://ldap-host:7001, SECURITY_PRINCIPAL : cn=Admin, SECURITY_CREDENTIAL : {AES}F8E3A9FAD9D662F753D842979423ED3D, USER_SEARCH_BASE : ou=people,ou=myrealm,dc=base_domain, GROUP_SEARCH_BASE : ou=groups,ou=myrealm,dc=base_domain, USER_NAME_ATTRIBUTE : uid, LDAP_PROVIDER : EMBEDDED_LDAP, UserIdentityProviderType : OracleUserRoleAPI, Role Security Admin : Administrators, Role System Monitor : Monitors, Role Application Administrator : Operators, Role System Manager : Deployers,
_______________
5. To set UserIdentityStore1 as primary identity store
editUserIdentityStore(name=”UserIdentityStore1″, isPrimary=”true”)
.
References