All posts by Mahendra

Validate OES 10g policy xml against XSD

In our OES 10g environment there is an application policy xml which is around 2 MB size containing around 35k lines. So it is a nightmare to edit the xml for any attributes or policies for syntax issues. However there are editors such as Eclipse to validate the xml document which may not produce expected […]

Read More

“Failed to modify policy! : The subject field in a rule cannot be longer than 2000 characters” error while importing OES policies in 10g

The requirement is to add an authorization policy for permissions (containing Roles + LDAP Groups) for a resource against an action. I have exported the policy XML from the OES using policyIX.sh and tried updating the authorization policy. The ATZ policy XML block will be as shown below: <xb:authorization_policy_entry> <xb:policy_effect value=”grant”/> <xb:policy_actions> <xb:policy_action_entry value=”MyAction”/> </xb:policy_actions> […]

Read More

“ObAccessException_ENGINE_DOWN” : WebGate Certificate expired

One of our client environments had OAM setup since couple of years and we saw the below error all of a sudden and all the authentication/authorization requests of a specific access gate has stopped working. 2012/09/17@19:11:15.602601    16038    1000059    CONNECTIVITY    DEBUG3    0x00000201    /export/t3array/build6/Oblix/coreidport/palantir/netlib/src/obmessagechannel.cpp:601    “Received NMP STS negotiation ”    _seqno^0    _opcode^0    _opcodeStr^ServerDiagnosticEvent    Message^sts=cert     2012/09/17@19:11:15.992267    16038    68   […]

Read More

Policies import failed in OES 10g

I have created an XML for various OES elements such as Actions/Resources/Roles/RolePolicies/Authorization Policies. What is already existing in OES ? Application is created through OES Admin console and the necessary identities such as groups/users are added in OES console (choose ASI console). Importing policies: $ ./policyIX.sh -import -disableTransaction ../config/App_policyIX_config.xml  App_Policies.xml Error in command output: Uploading […]

Read More

How to modify DN of an LDAP entry?

I have a requirement to change the CN of a LDAP group (cn=mahendra). I have constructed the ldif file as shown below. dn: cn=mahendra,cn=groups,dc=oracle,dc=com changetype: modify replace: cn cn: mahendrak When I ran the ldapmodify command to change DN, it resulted in error as shown below. $ ./ldapmodify  -h testmac.oracle.com -p 389 -D cn=orcladmin -w […]

Read More

Policy import failed in delete_existing mode in OES 10g

Refer my previous posts on export and import the entire policy data here and application specific data here in OES 10g. Today when I was importing the application specific exported policy XML using policyIX.sh command I got the errors in the command output as shown below. $ ./policyIX.sh -import -disableTransaction ../config/policyIX_config.xml policies_oes.xml Uploading file:/opt/oracle/bea/wls10_3/ales32-admin/bin/../config/policyIX_config.xml Upload […]

Read More

How to export Application specific policy data in OES 10g?

Long time ago I wrote a post on exporting and importing policies in OES 10g but that is full export and import. However if you want to only application specific policy data then this post is useful. policyIX.sh is the tool used to export and import policies, however there are other ways/tools used for import […]

Read More

“RequestCacheType” setting in OAM 11g

This post will talk about an important setting of OAM 11g high availability environment. The Oracle doc for setting up OAM 11g in HA is here. The section 8.8.3.11 explains changing request cache type. Let us see the importance of this flag and certain other factors where this is essential. When a user access a […]

Read More

How to setup Multi-master LDAP based replication in OID 11g?

Read my previous post to get familiarized with OID replication concepts. In this post I would to highlight some implementation points for setting up Multi-master LDAP based replication in OID 11g. Pre-requisites: Two or more OID servers that are installed and up/running. Recommendations: It is recommended to do following steps before setting up replication. Take […]

Read More

OID 11g Replication Concepts

In this post I would like to explain the concepts of Oracle Internet Directory 11g replication. What is replication? Replication is the process of copying the data from one environment to the other environments by maintaining the same naming contexts. In LDAP, the data is stored in DIT. A DIT can have multiple realms say […]

Read More
1 3 4 5 6 7 20