Using SSSD with Kerberos and Active Directory to Terminal into an OCI Linux Machine

Introduction OCI or Oracle Cloud Infrastructure, is Oracle’s latest cloud infrastructure that is replacing the older Oracle Cloud Infrastructure Classic. One feature it has is built-in Identity Management Governance. For example, you can add and manage users to grant who can access OCI resources among other features, please refer to this link for more information https://cloud.oracle.com/governance. […]

Under the hood: Oracle Identity Cloud Service Audits

Introduction Audit events enable organization administrators to review the actions performed by members of your organization using details provided by the Audit logs – who performed the action, performed it, and what the action was.  Before getting into the article I want to mention this blog was written by Abhishek Juneja, a Principal Product Manager of Identity & […]

How to Configure Oracle Identity Manager to use Unicast

As of version 11gR2PS1 (11.1.2.1.0), OIM relies on JGROUPS to implement cache coordination among all it’s cluster nodes.  Out of the box OIM is configured to use Multicast (one to many) for JGroups for cluster messaging.  This could be a showstopper when deploying OIM in datacenter where Multicast is blocked or unsupported, which is the case in […]

IDCS Integrations Series Part III: Integrating on-prem applications to IDCS

Overview As more and more customers move Identity to the cloud, we will run into applications that cannot be migrated in short term or cannot be migrated at all to cloud for various reasons including security. That leads to the question, how do we integrate those on-prem applications to cloud Identity solution? There are a […]

IDCS Integrations Series Part II:Integrating Fusion Application with IDCS

Overview Last year at OOW, I conducted Hands On Lab on Fusion integration with IDCS. We had a full room of audience with loads of questions. That inspired me to write this blog. One of the most common requirements as Fusion is deployed in OPC is, how to centrally manage users and implement Single Sign-On […]

Part 4 of 4 – SSSD Authentication: Known Problems and Troubleshooting Tips

Introduction In Part 3 of 4 – SSSD Linux Authentication: Implementation Step-by-Step Guideline I covered all the necessary step-by-step details on deploying SSSD, but nothing ever seems to go perfect the first time does it.  This is why I have included a final Part 4 that covers known problems I came across, though there could […]

Part 3 of 4 – SSSD Linux Authentication: Implementation Step-by-Step Guideline

Introduction In Part 2 of 4 – SSSD Linux Authentication: LDAP Identity Store Requirements all the aspects of the LDAP Identity Store requirements were covered. And before that in article Part 1 of 2 – SSSD Linux Authentication: Introduction and Architecture I covered an introduction and high-level architecture of SSSD, which will be very important […]

Part 2 of 4 – SSSD Linux Authentication: LDAP Identity Store Requirements

Introduction In Part 1 of 4 – SSSD Linux Authentication: Introduction and Architecture I covered an introduction on SSSD and an architecture overview with details on the flow of how it all works.  In this part I am going to cover the LDAP Identity Store details required for SSSD.   LDAP Identity Store Schema Requirements […]

Part 1 of 4 – SSSD Linux Authentication: Introduction and Architecture

Introduction This article provides the details needed to solve a real use case used to allow a user to authenticate to an Oracle Public Cloud Linux server in SaaS using a single or multiple LDAP Identity store that could be Active Directory 2012R2 (AD) or better, Oracle Internet Directory (OID), Oracle Unified Directory (OUD), Oracle […]

The Ultimate Apache/OHS11g Tuning Guide for OAM11g WebGate

Introduction OK, maybe “Ultimate” could be stretching it, but it caught your eye so you can be the judge. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available here. Though OAM11g is […]

OIM Connector for Identity Cloud Service

The IDCS Connector is an OIM REST based connector for Oracle’s Identity Cloud Service (IDCS). In this blog post we will look at use case scenarios for hybrid cloud solutions, that span both the Oracle Public Cloud and an on-premise Oracle identity management deployment.This blog post aims to cover the most common scenarios from an […]

Comparing the SCIM REST and OIG REST APIs

The objective of this post is to show the differences and similarities of the two REST APIs offered by OIM – the SCIM REST API and the OIG REST API. OIM Java APIs have been available in OIM for many versions now (since OIM 9.x or earlier), although each successive version has added new Java […]

Secure Access to Oracle Identity Manager 11g R2 PS3 REST APIs

REST APIs for Oracle Identity Manager (OIM) 11g R2 PS3 were released recently. The availability of REST APIs enables a variety of newer integrations with the product in addition to already available mechanisms using Java APIs. In this article, we discuss various ways of accessing these REST APIs in a secure manner. Please note that […]

Authenticating to the OIG REST API from an OAM-protected web app

The objective of this post is to describe how a web app protected by an OAM WebGate can authenticate to the OIG REST APIs. In a previous blog post, I provided detailed steps to do the same thing for the SCIM REST APIs; now in this blog post I will explain how the same approach […]

Loading Data from Oracle Identity Cloud Service into Oracle BI Cloud Service using REST

Introduction This post details a method of extracting and loading data from Oracle Identity Cloud Service (IDCS) into the Oracle Business Intelligence Cloud Service (BICS). It builds upon the A-team post IDCS Audit Event REST API which details the REST API calls used. One use case for this method is for analyzing trends regarding audit events. […]

Loading Identity Data Into Oracle Identity Cloud Services: A Broad High-level Survey

Introduction Oracle Identity Cloud Services (IDCS) – Oracle’s comprehensive Identity and Access Management platform for the cloud – was released recently. Populating identity data – such as user identities, groups and group memberships – is one of most important tasks that is typically needed initially and on an on-going basis in any identity management system. […]

REST API for OIM 11gR2 PS3 is Available

Starting with Bundle Patch 11.1.2.3.161018 (Patch 24326201), Oracle Identity Gorvernance or OIM, adds a new REST API for self service requests.   The REST Service includes endpoints to invoke self service calls for tasks like Catalog, Requests, Certification, Users, Role, Organization and others.  Documentation and examples are available here. The REST Service has to be installed […]

Cloud Security: Seamless Federated SSO for PaaS and Fusion-based SaaS

Introduction Oracle Fusion-based SaaS Cloud environments can be extended in many ways. While customization is the standard activity to setup a SaaS environment for your business needs, chances are that you want to extend your SaaS for more sophisticated use cases. In general this is not a problem and Oracle Cloud offers a great number […]

Identity and Cloud Security A-Team at Oracle Open World

I just wanted to let everyone know that Kiran and I will be presenting with our good friend John Griffith from Regions Bank at Oracle Open World next week. Our session is Oracle Identity Management Production Readiness: Handling the Last Mile in Your Deployment [CON6972] It will take place on Wednesday, Sep 21, 1:30 p.m. […]