Configure OID as Primary Identity Store in OAM11G R2 PS2

By default, Oracle Access Manager uses the Embedded LDAP in the WebLogic Server instance on which OAM is running is as the user identity store. However, a number of other external LDAP repositories can also be configured as user identity store.  After installing and configuring Oracle Access Management, you can configure your own LDAP to use instead of the default embedded LDAP.This post explains the steps to Configure OID as Primary Identity Store in OAM11G R2 PS2.

Configure OID as Primary Identity Store in OAM11G R2 PS2

Follow the below steps to configure OID as primary identity store in OAM11G R2 PS2 .

1. Make sure that OID  server is up and running .

2. Login to OAM server and locate the oam-config.xml file in the following path: Middleware_Home/user_projects/domains/<domain_name>/config/fmwconfig/oam-config.xml . take a backup of oam-config.xml file.

3. Create a user called oamadmin  and group Administrator  in OID and assign the user oamadmin to Administrator group. This user will be used to login to oamconsole.

4. Login to oamconsole. Navigate to Configuration-> User Identity Stores

 

Configure OID as Primary Identity Store in OAM11GR2 PS21 1024x460 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

5. Click on Create to create new User Identity Store

6. Enter all the parameters as shown in the below ,

Parameter Name Parameter Values
Store Type OID: Oracle Internet Directory
Location idmserver:3060
Bind DN cn=orcladmin
Password Welcome1
Username Attribute uid
User Search Base cn=Users,dc=oracle,dc=com
Group Name Attribute cn
Group Search Base dc=oracle,dc=com

Configure OID as Primary Identity Store in OAM11GR2 PS22 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

7.Click on Test Connection to validate the connection parameters you entered is correct. If so click on Apply to save the User Identity Store settings.

 

Configure OID as Primary Identity Store in OAM11GR2 PS23 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

Configure OID as Primary Identity Store in OAM11GR2 PS24 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

 

 

 

8. Go to Default and System Store section and select OID as Default Store and System Store . Under Access System Administrators tab , click on + icon.

 

Configure OID as Primary Identity Store in OAM11GR2 PS25 1024x286 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

9. Select Admin User or/and group for accessing OAM Console. The user selected will be used to login to oamconsole after OID is configured as System Store and Default Store.

Select oamadmin and Adminstrator group created in OID.

 

Configure OID as Primary Identity Store in OAM11GR2 PS26 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

10 . Click on Apply to confirm and in the next screen click OK.

Configure OID as Primary Identity Store in OAM11GR2 PS27 1024x259 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

11. Confirmation page will be displayed.

Configure OID as Primary Identity Store in OAM11GR2 PS28 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

 

12. Navigate to Access Manager – > Authentication Module.

Configure OID as Primary Identity Store in OAM11GR2 PS29 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

13. From the list select LDAP .

 

Configure OID as Primary Identity Store in OAM11GR2 PS210 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

14. Select OID as User Identity Store

 

Configure OID as Primary Identity Store in OAM11GR2 PS211 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

15. Click on Apply . Confirmation message will be displayed.

 

Configure OID as Primary Identity Store in OAM11GR2 PS212 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

 

16. Login to weblogic console . Navigate to Security Realms -> myrealm-> Providers tab

 

Configure OID as Primary Identity Store in OAM11GR2 PS213 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

17 . Click on New to create a new Authentication Provider.

 

18. Enter Name as OIDAuthenticator and OracleInternetDirectoryAuthenticator

 

Configure OID as Primary Identity Store in OAM11GR2 PS214 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

 

 

19 . Click on OK to create the OID Authenticator

19. In the Authentication Providers table, click on Reorder and move OIDAuthenticator to second place and change the control flags  of OIDAuthenticator and Default Authenticator to SUFFICIENT.

 

Configure OID as Primary Identity Store in OAM11GR2 PS215 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

 

20 . Click on OIDAuthenticator and go to Provider Specific tab

21. Update all the parameters as shown in the screenshot below and click on Save.

 

Configure OID as Primary Identity Store in OAM11GR2 PS217 1024x561 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

 

 

22. Restart OAM Admin server and OAM Managed Server.

23. After restart , you can login to oamconsole with oamadmin user.

 

Configure OID as Primary Identity Store in OAM11GR2 PS219 Configure OID as Primary Identity Store in OAM11G R2 PS2

 

 

 

 

 

 

 

 

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>