Introduction Recently, I was helping a customer in an OIM project go live when we ran an “Active Directory User Target Recon Job” with an AD Connector...
Introduction Recently, I was helping a customer in an OIM project go live when we ran an “Active Directory User Target Recon Job” with an AD Connector (11.1.1.6) and a regular expression filter to select just a subset of users. Main Article To our surprise, every time we executed the job, we got a strange error: java.lang.VerifyError: (class: org/codehaus/groovy/runtime/ArrayUtil, method: createArray signature: ()[Ljava/lang/Object;) Illegal type in constant pool. This...
Introduction Recently, I was helping a customer in an OIM project go live when we ran an “Active Directory User Target Recon Job” with an AD Connector (11.1.1.6) and a regular expression filter...
Introduction In this post, we investigate a complication that can occur if you require a firewall between your WebGate agents and your OAM 11g servers within...
Introduction In this post, we investigate a complication that can occur if you require a firewall between your WebGate agents and your OAM 11g servers within your deployment topology. We provide some guidance related to how to configure your WebGates in this case. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. The problem we are trying...
Introduction In this post, we investigate a complication that can occur if you require a firewall between your WebGate agents and your OAM 11g servers within your deployment topology. We provide some...
Introduction Occasionally, it is necessary to make changes to OAM 11g configuration by directly updating the oam-config,xml file, rather than using the OAM...
Introduction Occasionally, it is necessary to make changes to OAM 11g configuration by directly updating the oam-config,xml file, rather than using the OAM console. In this post, we describe the correct way to make changes to this file. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. Editing oam-config.xml Correctly making durable edits...
Introduction Occasionally, it is necessary to make changes to OAM 11g configuration by directly updating the oam-config,xml file, rather than using the OAM console. In this post, we describe the...
Introduction You have deployed Oracle BPM and decided to run some load tests against it. You're concerned, among other things, about the behavior of your...
Introduction You have deployed Oracle BPM and decided to run some load tests against it. You're concerned, among other things, about the behavior of your backend LDAP server under peak times, whether it's going to be able to handle the load or not. You check the security providers settings in Weblogic Server and see you have an LDAP Authenticator (or some specialization, like OVD Authenticator, for instance) with an ldap pool size set to 50 connections. But your test reveals...
Introduction You have deployed Oracle BPM and decided to run some load tests against it. You're concerned, among other things, about the behavior of your backend LDAP server under peak times,...
Introduction When installing or upgrading Fusion Applications, it is necessary to validate the security components to ensure that they are functioning...
Introduction When installing or upgrading Fusion Applications, it is necessary to validate the security components to ensure that they are functioning correctly. This article provides a list of tasks that can be performed to accomplish this. The order of tasks below follow the dependency that the components have on each other so that if a fault is found the problematic component can be more easily identified. Prior to beginning validation, the components should be started...
Introduction When installing or upgrading Fusion Applications, it is necessary to validate the security components to ensure that they are functioning correctly. This article provides a list of...
Introduction Some of our larger deployments are seeing the benefits of centralizing their Webgate deployments onto a server farm. This post discusses some of...
Introduction Some of our larger deployments are seeing the benefits of centralizing their Webgate deployments onto a server farm. This post discusses some of the architecture and recommendation when deploying such an architecture. Main Article First, what is a Webgate farm or Webgate Reverse Proxy farm? A Webgate farm is: A series of web servers that are clustered on the basis of their protected applications. These servers protect the same set of applications. It is not...
Introduction Some of our larger deployments are seeing the benefits of centralizing their Webgate deployments onto a server farm. This post discusses some of the architecture and recommendation...
Introduction In this post, we have a quick look at POST data preservation, a new feature introduced in the 11g R2 PS1 (or 11.1.2.1) version of Oracle Access...
Introduction In this post, we have a quick look at POST data preservation, a new feature introduced in the 11g R2 PS1 (or 11.1.2.1) version of Oracle Access Manager. We'll explain the problem that this feature solves and walk through a simple example explaining how to configure and use the feature. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is...
Introduction In this post, we have a quick look at POST data preservation, a new feature introduced in the 11g R2 PS1 (or 11.1.2.1) version of Oracle Access Manager. We'll explain the problem that...
Introduction Exciting, it is Go Live day, the system goes online, everything seems ok for a while, and then Kerplunk! Thousands of things could have happened...
Introduction Exciting, it is Go Live day, the system goes online, everything seems ok for a while, and then Kerplunk! Thousands of things could have happened and everyone scrambles to figure it out. What went wrong? My first question is, “Was a proper load test completed?” Yes, Load Test. Functionally the software may have worked, but under a heavy load issues can start bubbling up. If you have been there like I have many times you know what I am talking about. Situations...
Introduction Exciting, it is Go Live day, the system goes online, everything seems ok for a while, and then Kerplunk! Thousands of things could have happened and everyone scrambles to figure it...
Out-of-the-box, the OIM reset password functionality is available to system administrators, and to delegated administrators who have administrative privileges...
Out-of-the-box, the OIM reset password functionality is available to system administrators, and to delegated administrators who have administrative privileges on users’ accounts and have the ‘reset password’ privilege assigned to them. The data of the user who is having his/her password reset plays no role on how this functionality is presented to delegated administrators. This post shows a way of having password reset functionality behaving differently depending on the end...
Out-of-the-box, the OIM reset password functionality is available to system administrators, and to delegated administrators who have administrative privileges on users’ accounts and have the...
