You must have the administrative privileges to run the installation. If you are logged in as a different user, then you need to exit the installation, log in as the Administrator, and then restart the installation. Then, click Next.

In the Destination Name text box, set the installation directory to E:\Oracle\identity and click Next.

Review the location to which Oracle Access Manager Identity Server is getting installed and the total disk size it would take for the installation. Then, click Next.

Notice that the installer begins copying the Oracle Access Manager Identity Server files. Next, select the Open Mode: No encryption option for the Identity client and Identity Server to communicate. Click Next.

You need to provide the Identity Server ID, host name, and port number for the Identity Server connection. For this installation, you can provide the following values, and then click Next.

Note: You can use your own values for all these parameters on the basis of any changes made to the environment setup.

If you are installing the first Identity Server instance on the host, then keep the default selected option Yes and click Next.

The OVD will be used to route the storage of information. This is used to host the user data for the Identity Server. In this case, you select Data Anywhere from the Directory Server Type drop-down list and click Next.

The directory server schema needs to be extended to store the Oracle Access Manager schema. To configure the user repository with the Oracle Access Manager schema, retain the Yes option and click Next.

Provide the following information for the virtual directory server that routes the hosting for the user data, and then click Next.

An LDAP server is used to store the Oracle data (configuration data) for the Identity Server. In this case, you select Oracle Internet Directory from the Directory Server Type drop-down list and click Next.

To configure the repository with the OAM Access Manager schema, retain the Yes option selected, and then click Next.

Provide the following information for the directory server hosting the Oracle data, and then click Next.

Enter identity as the Windows service name and click Next.

You can view read me and then click Next.

You can review the server settings and click Finish.

Start the Oracle Access Manager Identity Server (identity) service.

Note: In this environment, you start it from a batch file that runs a NET START command to start the identity service. You can also start it by navigating to Start > Control Panel > Administrative Tools > Services, right-clicking the Oracle Access Manager Identity Server (identity) service, and selecting Start.

You can verify the schema for the Oracle data (Oblix) in the OID by navigating to Oracle Directory Manager > Oracle Internet Directory Servers > orcladmin@ten.mydomain.com:13060 > Schema Management. You will find the Oracle (Oblix) specific object classes and attributes created when the OID schema was extended by the Identity Server installer.

Note: You need to click the Attributes tab to view the values.

In the OVD Manager, in the Server Navigator pane, navigate to OVD_Training > ten.mydomain.com and right-click Reload from Server.

Note: In case you are not connected to the server, navigate to OVD_Training > ten.mydomain.com and right-click Connect to Server. Retain the default username as cn=Admin and password as abcd1234, and then click OK.

Click the Schema tab to view the listed OAM schemas. Here you will find the Oracle (Oblix)-specific object classes and attributes created when the OVD schema was extended by the Identity Server installer.

Note: You need to expand the Attributes and Objectclasses link to see the details.

To view the AD schema from the Microsoft Management Console, click Start > Run, and then enter regsvr32 schmmgmt.dll.

Notice the message about successful registration and then click OK.

You need to access the Microsoft Management Console to add the AD schema snap-in. Click Start > Run and enter mmc. Click OK to open the MMC console.

In the left pane, click Console Root, and then click File > Add/Remove Snap-in.

In the Add/Remove Snap-in dialog box, click Add and select the Active Directory Schema Snap-in. Click Add to insert the snap-in.

Click OK and you can view the Active Directory Schema Snap-in added to the Console Root.

Browse to the E:\Oracle\identity\oblix\tools\DataAnyWhere\OblixUserSchema folder and edit the ADUserSchema.ldif file to change the base DN for the AD domain to dc=mydomain,dc=com.

To extend the AD schema with Oracle (Oblix)-specific object classes and attributes, run the following command from the E:\Oracle\identity\oblix\tools\DataAnyWhere\OblixUserSchema folder.

ldifde –a “cn=administrator,cn=users,dc=mydomain,dc=com” “abcd1234” –i –c “dc=mydomain,dc=com” “dc=mydomain,dc=com” –f aduserschema.ldif -v

You need to access the MMC to view the AD schema. Click Start > Run and enter mmc. Click OK to open the MMC console.

Note: If you already have AD schema console open, then you need to close it and reopen it using the Microsoft Management Console. You might have to refresh the MMC to view the updated records.

From the Console Root > Active Directory Schema, navigate to expand the Classes and the Attributes to view the OAM information.

To install Oracle Access Manager WebPass, you must have the administrative privileges. If you are logged in as a different user, then you need to exit the installation, log in as the Administrator, and then restart the installation. Then, click Next.

In the Destination Name text box, set the installation directory to E:\oracle\webpass and click Next.

Review the location to which Oracle Access Manager WebPass is getting installed and the total disk size it would take for the installation. Then, click Next.

.

Notice that the installer begins copying the Oracle Access Manager WebPass files. Next, select the Open Mode: No encryption option for the WebPass and Identity Server to communicate, and then click Next.

You need to provide the WebPass ID, host name, and port number for the Identity Server connection. For this installation, you can provide the following values, and then click Next.

Note: You can use your own values for all these parameters on the basis of any changes made to the environment setup.

The Web server needs to be configured by modifying the configuration of the Web server directory. This change is reflected in the httpd.conf file for the stand-alone OHS 2.x instance. To automatically update this configuration, retain the automatic update selection, and then click Next.

Note: OHS 2.x is the default Web server used in this environment.

Notice that the Web server configuration has been modified for the OHS 2.x. You need to restart the identity server and the Web server for the changes to take effect. To restart the identity server, click Start > Control Panel > Administrative Tools and double-click Services. Right-click the Oracle Access Manager Identity Server (identity) service and select Restart.

Note: Do not click Next before you start the Identity Server and restart the Web server.

To restart the Web server, execute the following commands in sequence from <OHS_home>\opmn\bin.

E:\Oracle\ohs\opmn\bin>opmnctl stopall

E:\Oracle\ohs\opmn\bin>opmnctl startall

You can view the read me and then click Next.

You can review the WebPass configuration settings and click Finish.

To verify the WebPass installation, access the Identity Administration page from the following URL:

http://<hostname>.<domainname>/identity/oblix

Note: For this environment, use the URL http://ten.mydomain.com:7778/identity/oblix where 7778 is the port on which the OHS will route the access to the Identity Server.

To verify the update to the httpd.conf file, navigate to E:\Oracle\ohs\ohs\conf and open the httpd.conf file. You can view the changes made after the installer added the update for WebPass.

Notice that the System Console Application is not set up. Then, click Setup to perform the configuration.

For the Directory Server type for User data, select Data Anywhere and then click Next.

You can view the note for the schema changes where the installer needs to update the Oracle Access Manager Identity schema into the directory. Scroll down and click Next.

You need to specify the location of the LDAP server that will store user data. For this, provide the following parameters for the OVD Server and then click Next.

For the Directory Server type for Oracle configuration data, select Oracle Internet Directory and then click Next.

You can view the note for the schema changes where the installer needs to update the Oracle Access Manager Identity schema into the directory. Scroll down and click Next.

You need to specify the location of the LDAP server that will store the configuration data. For this, provide the following parameters and then click Next.

The configuration DN is the directory tree where Oracle Access Manager stores the configuration data. The Oracle Access Manager Identity System and the Oracle Access Manager System needs to use the same configuration data. The searchbase is the node in the directory tree where user data is stored. In this case, the searchbase will point to the base of local store adapter that has been configured in the OVD. The local store adapter in turn will fetch the user data from LDAP servers, OID and AD. To set the searchbases for the configuration and user directories, provide the following values and click Next.

The Person Object Class defines the primary objectclass for people in the user directory. This will vary by the specific type of directory used for user information or if directory schema extensions are made to define a new type of ‘person’ object. Provide the value for the Person Object Class as inetOrgPerson
and click Next.

Note: By default, retain the Auto configure objectclass check box as selected.

The Group Object Class defines the primary objectclass for groups in the user directory. This will vary by the specific type of directory used for user information or if directory schema extensions are made to define a new type of default "group" object. Provide the values for the Group Object Class as groupOfUniqueNames and click Next.

Note: By default, retain the Auto configure objectclass check box as selected.

The basic connection information for the directories is completed. You need to restart both the Identity Server and the OHS Web Server for these changes to take effect and then perform the basic configuration schema mappings. After you perform the restart (from the next four steps), click Next.

Note: You need to click Next only after you perform step 13 to 16.

To stop the identity server, click Start > Control Panel > Administrative Tools and double-click Services. Right-click the Oracle Access Manager Identity Server (identity) service and select Stop.

To stop the stand-alone OHS, browse to <OHS_standalone_home>\opmn\bin and execute the following commands:

E:\Oracle\ohs\opmn\bin>opmnctl stopall

To start the stand-alone OHS, browse to <OHS_standalone_home>\opmn\bin, and execute the following commands:

E:\Oracle\ohs\opmn\bin>opmnctl startall

To start the identity server click Start > Control Panel > Administrative Tools and double-click Services. Right-click the Oracle Access Manager Identity Server (identity) service and select Start.

You can verify the configuration values set for the objectclass inetOrgPerson. After you review the complete schema mapping for this objectclass, click Yes.

You can verify the configuration values set for the group objectclass groupOfUniqueNames. After you review the complete schema mapping for this groupclass, click Yes.

Oracle Access Manager administrators have access to system configuration and system management functions. In this setup, one or more Oracle Access Manager Master Administrators need to be assigned. These users can configure the rest of the Oracle Access Manager installations. To identify these users, click Select User.

Search for Full Name as tina hart and click Go.

Note: By configuring the OVD, any user from any of the LDAP servers can serve as an administrator for OAM. For this example, Tina Hart is a user in OID within the organization firemains.

You can view the user Tina Hart. Click ADD to select this user as the master administrator.

Click Done to return to the Configure Administrators section. You can view that Tina Hart is now listed as Master Admins. Click Next.

The default directories of the Oracle Access Manager Identity Server installation should be secured. Next, click Done.

Open the browser and enter the URL to access the Identity System Console in the following format, and then click Identity System Console.

http://<hostname>.<domainname>/identity/oblix

You can authenticate as a Master Administrator you selected earlier. Enter the username as tina.hart and password as abcd1234, and click Login.

The Identity System Console entry page will be displayed. You can click the System Configuration tab and the Common Configuration tab to view the system and the administrative functions that the Oracle Access Manager can perform.

Click Object Classes in the left pane to view the selection.

Open the browser and enter the URL to access the Identity System Console in the following format, and then click User Manager.

http://<hostname>.<domainname>/identity/oblix

Log in with the username as tina.hart and password as abcd1234.

With OVD fetching the data from both OID and AD, you can try search for users from both these LDAP servers. To verify this, in the Search text box, enter JANE.FULLTIME (who resides in AD), and click Go. Notice that the user information is populated.

Similarly, in the Search text box, enter bill anthony (who resides in OID), and then click Go. Notice that the user information is populated.

Browse to the ODM to Entry Management > dc=com > o=Oblix to view the Oracle(Oblix)–specific configuration data stored in OID.