Ran into a small gotcha while configuring the LDAP Sync for OIM. In step 13.7 of the Enterprise Deployment guide you are setting the LDAPSync parameters while running the OIM configuration utility. The docs seem to indicate that you are only entering a relative DN for the users and roles containers, that the rest of the DN root is defined elsewhere. We were getting errors creating new users after configuring it this way, we realized it must not be building the full correct DN for new users.
To repair, export /db/LDAPContainerRules.xml from the metadata repository and change the containers from just the 'cn=Users' to the full dn root 'cn=Users,dc=company,dc=com' and likewise for the Roles. Reimport and you should be all set.
Tuesday, August 31, 2010
Looking for OIM xlconfig.xml in 11g?
The new OIM stores its metadata config files in the database so you have to export it, edit, and re-import the file.
I found documentation on how to accomplish this in section 17.5.6 in the Enterprise Deployment Guide via command line. You can also perform the operation using Enterprise Manager by following section 18.2 in the OIM System Administration guide.
I found documentation on how to accomplish this in section 17.5.6 in the Enterprise Deployment Guide via command line. You can also perform the operation using Enterprise Manager by following section 18.2 in the OIM System Administration guide.
Installing OIM/OID/OVD 11g
We have successfully installed our development environment. We have two mid-tier nodes running in the current setup.
Node One:
WL AdminServer and Enterprise Manager
OIM/SOA
Node Two:
OID
OVD
ODSM
I found the best installation instructions that covered the gotchas was the Enterprise Deployment Guide for Identity Management. There are a couple of steps the basic installation guide misses that may cause issues when you add OIM into the same domain. Section 4.7.6 in the enterprise guide in particular.
Eric
Node One:
WL AdminServer and Enterprise Manager
OIM/SOA
Node Two:
OID
OVD
ODSM
I found the best installation instructions that covered the gotchas was the Enterprise Deployment Guide for Identity Management. There are a couple of steps the basic installation guide misses that may cause issues when you add OIM into the same domain. Section 4.7.6 in the enterprise guide in particular.
Eric
Monday, August 30, 2010
IdM 11G!
It has been awhile since I've posted, but we are up to some exciting things here and I want to use this platform to provide some information, lessons learned, and other information as we begin our work toward a full upgrade/re-implementation of the IDM/IAM 11g Stack.
We have decided rather than try to upgrade to the 11g versions, we are going to take this opportunity to use all of the information and things we have learned over our 10g setups to re-implement on 11g. This will give us many benefits, not the least of which is parallelism, ability to gradually phase in new versions, new hardware/OS/database setups. As well as the many things we have learned how to do better, things we thought we would use and never did, overly complicated groups and attributes, etc.
Additional as we are replacing our main ERP system as a parallel project, this will give us the opportunity to have our OIM11g installation uncluttered with old, unused connectors and interfaces.
We have started installing our development environment and the installation is fairly straight forward.
Stay tuned!
We have decided rather than try to upgrade to the 11g versions, we are going to take this opportunity to use all of the information and things we have learned over our 10g setups to re-implement on 11g. This will give us many benefits, not the least of which is parallelism, ability to gradually phase in new versions, new hardware/OS/database setups. As well as the many things we have learned how to do better, things we thought we would use and never did, overly complicated groups and attributes, etc.
Additional as we are replacing our main ERP system as a parallel project, this will give us the opportunity to have our OIM11g installation uncluttered with old, unused connectors and interfaces.
We have started installing our development environment and the installation is fairly straight forward.
Stay tuned!
Subscribe to:
Posts (Atom)