H Oracle Identity Manager Configuration Screens

This appendix describes the screens of the Oracle Identity Manager 11g Configuration Wizard that enables you to configure Oracle Identity Manager Server, Oracle Identity Manager Design Console, and Oracle Identity Manager Remote Manager.

This appendix contains the following topics:

Welcome
Components to Configure
Database
WebLogic Admin Server
OIM Server
LDAP Sync and OAM
LDAP Server
LDAP Server Continued
OIM Server Host and Port
Remote Manager
KeyStore Password
Configuration Summary

H.1 Welcome

The Welcome screen is displayed each time you start the Oracle Identity Manager Configuration Wizard.

Figure H-1 Welcome Screen

You can use the Oracle Identity Manager Configuration Wizard only once during initial setup for configuring Oracle Identity Manager Server. After configuring Oracle Identity Manager Server using this wizard, you cannot re-run this wizard to modify the configuration of Oracle Identity Manager. You must use Oracle Enterprise Manager Fusion Middleware Control to make such modifications. However, you can run this wizard on other machines, where Design Console or Remote Manager is configured, as and when needed.

Ensure that you have configured Oracle Identity Manager in a new or existing WebLogic domain before launching the Oracle Identity Manager Configuration Wizard to configure Oracle Identity Manager Server, Design Console on Windows, and Remote Manager.

If you are configuring Server, you must run this wizard on the machine where the WebLogic Administration Server is running (the Administration Server for the domain in which Oracle Identity Manager is deployed). Ensure that the Administration Server is up and running before you start configuring Oracle Identity Manager Server.

If you are configuring only Design Console, you must run this wizard on the Windows machine where Design Console should be configured. If you are configuring only Remote Manager, you must run this wizard on the machine where Remote Manager is being configured. Note that the Oracle Identity Manager Server should be configured before you can configure Design Console or Remote Manager.

Click Next to continue.

H.2 Components to Configure

Use this screen to select the Oracle Identity Manager components that you want to configure. Oracle Identity Manager components include Server, Design Console, and Remote Manager.

Before configuring Oracle Identity Manager Server, Design Console or Remote Manager, ensure that you have configured Oracle Identity Manager in a new or existing WebLogic domain using the Oracle Fusion Middleware Configuration Wizard.

Figure H-2 Components to Configure Screen

Table H-1 describes the Oracle Identity Manager components that you can choose.

Table H-1 Oracle Identity Manager Configuration Choices

Option	Description
Configure all components on this screen	To configure Oracle Identity Manager Server, Design Console, and Remote Manager simultaneously on the same machine, select the Oracle Identity Manager option.
Configure only Oracle Identity Manager Server	To configure only Oracle Identity Manager Server, select the OIM Server option. This option is selected, by default. Note that WebLogic Administration Server for the domain (the domain in which Oracle Identity Manager is deployed) should be up and running.
Configure only Oracle Identity Manager Design Console	To configure only Oracle Identity Manager Design Console, select the OIM Design Console option. However, note that Oracle Identity Manager Server must be configured either on the local machine or on a remote machine before you can run Design Console on development machines. Design Console is supported on Windows operating systems only.
Configure only Oracle Identity Manager Remote Manager	To configure only Oracle Identity Manager Remote Manager, select the OIM Remote Manager option. However, note that Oracle Identity Manager Server must be configured either on the local machine or on a remote machine before you can run Remote Manager.

Note:

You can also select any combination of two of the three Oracle Identity Manager components.

H.3 Database

In this screen, you specify the database and schema information. Note that you should have created and loaded Oracle Identity Manager schemas using the Oracle Fusion Middleware Repository Creation Utility (RCU) before configuring Oracle Identity Manager Server. For information about creating and loading Oracle Identity Manager schemas, see Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU).

Figure H-3 Database Screen

You can use the same database or different databases for creating the Oracle Identity Manager schema and the Metadata Services schema.

Table H-2 describes the database connection information that you must specify.

Table H-2 Fields in the Database Screen

Field	Description
Connect String	Enter the full path, listen port, and service name for your Oracle database. For a single host instance, the format of connect string is `hostname:port:servicename`. For example, if the hostname is aaa.bbb.com, port is 1234, and the service name is xxx.bbb.com, then you must enter the connect string for a single host instance as follows: `aaa.bbb.com:1234:xxx.bbb.com` If you are using a Real Application Cluster database, the format of the database connect string is as follows: `hostname1:port1:instancename1^host2:port2:instancename2@servicename`
OIM Schema User Name	Enter the name of the schema user that you created for Oracle Identity Manager using the Oracle Fusion Middleware Repository Creation Utility. If you upgraded your existing Oracle Identity Manager schema to 11g Release 1 (11.1.1), enter the user name for your existing schema.
OIM Schema Password	Enter the password for the Oracle Identity Manager schema user that you set while creating the schema using the Oracle Fusion Middleware Repository Creation Utility (RCU). If you upgraded your existing Oracle Identity Manager schema to 11g Release 1 (11.1.1), enter the password for your existing schema.
Select different database for MDS schema	Select this check box if you want to use a different database for the Metadata Services (MDS) schema.
MDS Connect String	If you are using a different database for the Metadata Services (MDS) schema, enter the full path, listen port, and service name for the database associated with the MDS schema. The format of the connect string is similar to that of the standard Connect String.
MDS Schema User Name	Enter the name of the schema user that you created for AS Common Services - Metadata Services by using the Oracle Fusion Middleware Repository Creation Utility (RCU). If you upgraded your existing Metadata Services schema to 11g Release 1 (11.1.1), enter the user name for your existing schema.
MDS Schema Password	Enter the password for the AS Common Services - Metadata Services schema user that you set while creating the schema by using the Oracle Fusion Middleware Repository Creation Utility (RCU). If you upgraded your existing Oracle Identity Manager schema to 11g Release 1 (11.1.1), enter the password for your existing schema.

After entering information in the fields, click Next to continue.

H.4 WebLogic Admin Server

In this screen, you specify the t3 URL, user name and password for the WebLogic administration domain in which the Oracle Identity Manager application is deployed. Ensure that the Administration Server is up and running.

Figure H-4 WebLogic Admin Server Screen

In the WebLogic Admin Server URL text box, enter the t3 URL of the Administration Server for the WebLogic domain in the following format:

t3://hostname:port

In the UserName text box, enter the WebLogic Administrator user name.

In the Password text box, enter the WebLogic Administrator password.

After entering information in the fields, click Next to continue.

H.5 OIM Server

Use this screen to set a password for the for the system administrator (xelsysadm).

Figure H-5 OIM Server Screen

Table H-3 describes the Oracle Identity Manager Server parameters that you can configure.

Table H-3 Oracle Identity Manager Server Configuration Parameters

Field Name	Description
OIM Administrator Password	Enter a new password for the administrator. A valid password contains at least six characters, begins with an alphabetic character, and includes at least one number, one uppercase letter and one lowercase letter. The password cannot contain first name, last name, or login name of Oracle Identity Manager. Note that you are not prompted to enter this password in upgrade scenarios. You must set a password only if you are performing a new 11g installation.
Confirm Password	Enter the new password again to confirm.
OIM HTTP URL	Enter the http URL that front-ends the Oracle Identity Manager application. For example, `http://localhost:7002`. By default, this field contains the URL of the Oracle Identity Manager Managed Server.
KeyStore Password	Enter new password for the keystore. A valid password can contain 6 to 30 characters, begin with an alphabetic character, and use only alphanumeric characters and special characters like Underscore (_), Dollar ($), Pound (#). The password must contain at least one number.
Confirm KeyStore Password	Enter the new password again to confirm.

After entering information in the fields, click Next to continue.

H.6 LDAP Sync and OAM

In this screen, you can perform the following optional tasks:

Enable synchronization of Oracle Identity Manager roles, users, and their hierarchy to an LDAP directory
Enable Identity Administration Integration with Oracle Access Manager (OAM)
Configure Oracle Identity Manager to use Oracle BI Publisher by specifying the BI publisher URL

Figure H-6 LDAP Sync and OAM Screen

Enabling OIM-LDAP Synchronization

If you want to enable LDAP sync, you must first set up LDAP Sync for Oracle Identity Manager (OIM) before selecting the Enable LDAP Sync option on this screen. For information about setting up OIM-LDAP Sync, see Setting Up LDAP Synchronization. After setting up LDAP Synchronization, select the Enable LDAP Sync option.

If you do not want to perform the other optional tasks, click Next to continue.

Enabling Identity Administration Integration with Oracle Access Manager (OAM)

You must set up integration between OIM and OAM before enabling identity administration integration with OAM on this screen. For information about setting up the integration, see the chapter Integration Between OIM and OAM. After setting up the integration, select the Enable Identity Administration Integration with OAM option, and enter the following:

Password of Access Gate - Enter the access gate password for Oracle Identity Manager. This is the same password you provided with the oimAccessGatePwd parameter for the configureOIM WLST command during the OIM-OAM integration setup.
Domain of Cookie - Enter the domain in which Oracle Access Manager is installed. For example, *.us.acme.com*. This is the same cookie domain you provided with the oimCookieDomain parameter for the configureOIM WLST command during the OIM-OAM integration setup. Note that the period (.) at the beginning of the string is mandatory.

Note:
When you choose to enable Identity Administration Integration with OAM, the LDAP synchronization for OIM is enabled, by default.

If you do not want to configure Oracle BI Publisher, click Next to continue.

Configuring Oracle Identity Manager to Use Oracle BI Publisher

Ensure that Oracle BI Publisher is installed on your local or remote machine.

To configure Oracle Identity Manager to use Oracle BI Publisher, select the Configure BI Publisher option, and enter the BI Publisher URL in the BI Publisher URL text box.

The URL is of the format: http://hostname:port/xmlpserver, where hostname and port are the host name and the port on which the Oracle BI Publisher server is running.

After entering information in the fields, click Next to continue.

H.7 LDAP Server

This screen is displayed only if you select the Enable LDAP Sync option on the LDAP Sync and OAM screen. In the LDAP Server screen, you should specify the authentication information for the Oracle Virtual Directory server, as you want to synchronize Oracle Identity Manager roles, users, and their hierarchy to an LDAP directory.

Figure H-7 LDAP Server Screen

Table H-4 describes the Oracle Virtual Directory Server parameters that you must specify.

Table H-4 LDAP Server Information

Field Name	Description
LDAP URL	Enter the LDAP URL in the format: `ldap://ovd_host:ovd_port`
LDAP User	Enter the user name for the Oracle Virtual Directory administrator.
LDAP Password	Enter the password for the Oracle Virtual Directory administrator.
LDAP SearchDN	Enter the Distinguished Names (DN). For example, `dc=acme`, `dc=com` This is the top-level container for users and roles in LDAP that is used for Oracle Identity Manager for reconciliation purposes.

After entering information in the fields, click Next to continue.

H.8 LDAP Server Continued

This screen is a continuation of the LDAP Server screen.

Figure H-8 LDAP Server Continued Screen

Table H-5 describes the LDAP parameters that you must specify.

Table H-5 LDAP Server Continued Information

Field Name	Description
LDAP RoleContainer	Enter a name for the container that will be used as a default container of roles in the LDAP directory.
LDAP RoleContainer Description	Type a description for the role container.
LDAP UserContainer	Enter a name for the container that will be used as a default container of users in the LDAP directory.
LDAP UserContainer Description	Type a description for the user container.
User Reservation Container	Enter a name for the container that will be used for reserving user names in the LDAP directory while their creation is being approved in Oracle Identity Manager. When the user names are approved, they are moved from the reservation container to the user container in the LDAP directory.

After entering information in the fields, click Next to continue.

H.9 OIM Server Host and Port

This screen is displayed only if you choose to configure Oracle Identity Manager Design Console on the Components to Configure screen, on Windows operating systems. Note that you must configure Oracle Identity Manager (OIM) Server on a local machine or a remote machine before running Design Console. In the OIM Server Host and Port screen, you must specify the host name and port information for the Oracle Identity Manager Server.

Figure H-9 OIM Server Host and Port Screen

In the OIM Server Hostname text box, enter the host name of the Oracle Identity Manager Managed Server that you configured during while configuring OIM in a new or existing WebLogic domain.

In the OIM Server Port text box, enter the port number for the Oracle Identity Manager Managed Server. This port is the Listen port you or your administrator specified while configuring OIM in a new or existing WebLogic administration domain.

After entering information in the fields, click Next to continue.

H.10 Remote Manager

Use this screen to configure the Oracle Identity Manager Remote Manager. Note that you must configure Oracle Identity Manager Server on the local machine or a remote machine before running Remote Manager.

Figure H-10 Remote Manager Screen

Surrounding text describes Figure H-10 .

Table H-6 describes the Oracle Identity Manager Remote Manager parameters that you can configure.

Table H-6 Remote Manager Configuration

Field Name	Description
Service Name	Enter the service name for the Remote Manager.
RMI Registry Port	Enter the port number on which RMI registry should be started. The default value is 12345.
Listen Port (SSL)	Enter the SSL port number. On this port number, a secure socket is opened to listen to client requests. The default value is 12346.

After entering information in the fields, click Next to continue.

H.11 KeyStore Password

This screen is displayed if you choose to configure only Remote Manager on a remote machine (a machine where Oracle Identity Manager Server is not configured).

Figure H-11 KeyStore Password Screen

Surrounding text describes Figure H-11 .

Table H-7 describes the keystore password requirements.

Table H-7 Fields in the KeyStore Password Screen

Field Name	Description
KeyStore Password	Enter a new password for the keystore. A valid password can contain 6 to 30 characters, begin with an alphabetic character, and use only alphanumeric characters and special characters like Underscore (_), Dollar ($), Pound (#). The password must contain at least one number.
Confirm KeyStore Password	Enter the new password again to confirm.

Field Name

Description

KeyStore Password

Enter a new password for the keystore.

A valid password can contain 6 to 30 characters, begin with an alphabetic character, and use only alphanumeric characters and special characters like Underscore (_), Dollar ($), Pound (#). The password must contain at least one number.

Confirm KeyStore Password

Enter the new password again to confirm.

After entering information in the fields, click Next to continue.

H.12 Configuration Summary

This screen displays a list of the applications or components you have selected for configuration. It includes the following information:

Location of your installation
Disk space that will be used for the installation
Applications or components you have selected for configuration
Configuration choices you made on different screens in the Oracle Identity Manager Configuration Wizard

Figure H-12 Configuration Summary Screen

Surrounding text describes Figure H-12 .

Review this summary screen.

Additionally, you can select to create a response file from your installation selections by clicking on the Save button in the Save Response File field. A response file can be used for silent or non-interactive installations of software requiring no or very little user input.

Click Configure to start configuring the selected Oracle Identity Manager components.