This post is about OUD and extremely large static groups where membership numbers exceed hundreds of thousands or even millions; yes I said millions. I have...
This post is about OUD and extremely large static groups where membership numbers exceed hundreds of thousands or even millions; yes I said millions. I have been using Directory Services for over 15 years and the response I typically have for a customer that wants to use very large static groups is don't do it. Then I steer them into dynamic groups or even suggest leveraging attributes from user entries. In fact OUD has a great feature unique to itself called Virtual...
This post is about OUD and extremely large static groups where membership numbers exceed hundreds of thousands or even millions; yes I said millions. I have been using Directory Services for over 15...
Introduction Companies usually have some Identity and Access Management solution deployed on premises to manage users and roles to secure access to their...
Introduction Companies usually have some Identity and Access Management solution deployed on premises to manage users and roles to secure access to their corporate applications. As business move to the cloud, companies will, most likely, want to leverage the investment already made into such IAM solutions and integrate them with the new SaaS or PaaS applications that are being added to their portfolio. Oracle Public Cloud and its Shared Identity Management services (SIM)...
Introduction Companies usually have some Identity and Access Management solution deployed on premises to manage users and roles to secure access to their corporate applications. As business move to...
If you have been using Oracle’s Identity Management software for at least the last few years you will probably be familiar or at least heard of OVD (Oracle...
If you have been using Oracle’s Identity Management software for at least the last few years you will probably be familiar or at least heard of OVD (Oracle Virtual Directory), which was originally acquired back in 2005 from a company called OctetString. OVD provides a vast number of great virtual features used to aggregate multiple backend data stores and present LDAP consumers a single unified Directory Server. Beginning with OUD version 11.1.2.1.0, there have been a number...
If you have been using Oracle’s Identity Management software for at least the last few years you will probably be familiar or at least heard of OVD (Oracle Virtual Directory), which was...
Introduction I am always looking for great tips that give big values; this one is no exception. This article is to help you understand how to tweak the index...
Introduction I am always looking for great tips that give big values; this one is no exception. This article is to help you understand how to tweak the index called “Index Entry Limit” to reap some dramatic ldapsearch performance improvements. I explain what this index is about, some of my own test results, how to determine the correct value, and finally how to make the index change to your OUD instance. This will be a tip you will definitely want to add to your OUD Ninja...
Introduction I am always looking for great tips that give big values; this one is no exception. This article is to help you understand how to tweak the index called “Index Entry Limit” to reap some...
INTRODUCTION This post discusses the steps required to configure a “master” data center to a “clone” data center and visa-versa. If you are not familiar with...
INTRODUCTION This post discusses the steps required to configure a “master” data center to a “clone” data center and visa-versa. If you are not familiar with Multi-Data Center (MDC) implementation and Automated Policy Synchronization (APS) please read the following links: http://www.ateam-oracle.com/multi-data-center-implemenation-in-oracle-access-manager/ http://www.ateam-oracle.com/automated-policy-synchronization-aps-for-oam-cloned-environment/ MAIN ARTICLE Use Case:...
INTRODUCTION This post discusses the steps required to configure a “master” data center to a “clone” data center and visa-versa. If you are not familiar with Multi-Data Center (MDC) implementation and...
Authentication mechanism chaining Since the inception of OAM 11g, we have been talking about authentication scheme chaining and being able to invoke multiple...
Authentication mechanism chaining Since the inception of OAM 11g, we have been talking about authentication scheme chaining and being able to invoke multiple authentication schemes in sequence or invoke an authentication scheme based on some condition. This has been made possible since OAM R2PS2 release with the introduction of authentication status. You can PAUSE authentication process to interact with the user and resume authentication once the interaction is over. However...
Authentication mechanism chaining Since the inception of OAM 11g, we have been talking about authentication scheme chaining and being able to invoke multiple authentication schemes in sequence...
Introduction I recently worked with a customer who needed to do some OAM session manipulation via custom code in order to implement a complex use case. While...
Introduction I recently worked with a customer who needed to do some OAM session manipulation via custom code in order to implement a complex use case. While the focus of this post is not to go into details about a specific implementation, I did want to share some advice on a very necessary building block needed to do "out of band" session manipulation: retrieving the OAM Session ID. What is the Session ID (used for)? OAM 11g supports the concept of a server-side session...
Introduction I recently worked with a customer who needed to do some OAM session manipulation via custom code in order to implement a complex use case. While the focus of this post is not to go...
Introduction This post is part of a series of posts about OAM's OAuth implementation. Other posts can be found here: Part I - explains the proposed architecture...
Introduction This post is part of a series of posts about OAM's OAuth implementation. Other posts can be found here: Part I - explains the proposed architecture and how to enable and configure OAM OAuth Services. Part II - describes a Business to Business use-case (2-legged flow); Part III - deals with the Customer to Business use-case (3-legged flow), when the client code is running in the application server; Part IV - describes the Customer to Business use-case (3-legged...
Introduction This post is part of a series of posts about OAM's OAuth implementation. Other posts can be found here: Part I - explains the proposed architecture and how to enable and configure OAM...
Introduction This post is part IV of a series of posts about OAM's OAuth implementation. Other posts can be found here: Part I - explains the proposed...
Introduction This post is part IV of a series of posts about OAM's OAuth implementation. Other posts can be found here: Part I - explains the proposed architecture and how to enable and configure OAM OAuth Services. Part II - describes a Business to Business use-case (2-legged flow); Part III - deals with the Customer to Business use-case (3-legged flow), when the client code is running in the application server; Part IV - describes the Customer to Business use-case...
Introduction This post is part IV of a series of posts about OAM's OAuth implementation. Other posts can be found here: Part I - explains the proposed architecture and how to enable and configure OAM...
