Oracle Fusion Middleware

Oracle Identity & Access Management

Archive for April, 2011

Oracle Datapump Commands

Posted by ajaybabu007 on April 14, 2011

—-Exporting the database Tablespace

1) Login as sysdba into database

2) create directory datadir1 as ‘/u01/oracle/ajaydir’;

3) GRANT READ,WRITE ON DIRECTORY datadir1 TO <Schema_user>;

4) expdb <schema_user>/<schema_password> DIRECTORY=datadir1 DUMPFILE=<file>.dmp SCHEMAS=<SCHEMANAME> LOGFILE=<logfile>.log

—-Dropping the database tablespaces

1) DROP USER <SCHEMA_USER> cascade;

2) DROP TABLESPACE tbs_02 INCLUDING CONTENTS AND DATAFILES;
—-Importing the database Tablespace

1) OTE-Enabled ( as sysdba) –> Create smallfile tablespace “ajaytbs” datafile ‘/u01/oracle/…../ajay.dbf’ SIZE 5M AUTOEXTEND ON NEXT5M MAXSIZE UNLIMITED NOLOGGING EXTENT MANGEMENT LOCAL SEGMENT SPACE MANAGEMENT AUTO ENCRYPTION USING ‘AES192′ DEFAULT STORAGE(ENCRYPT);

2) If ODV is installed on top of database then login as DVACCMGR and issue the below command
 create user <schema_username>  identified by <password>  default tablespace ajaytbs quota unlimited to <schema_username>;
 grant read,write on directory datadir1 to <schema_username>;
3) impdp <schema_username>/<password>@<ORACLE_SID> schemas=<schema_name> directory=datadir1 dumpfile=<file>.dmp logfile=<logfile>.log

Posted in Uncategorized | Leave a Comment »

OIM 11g Reporting

Posted by ajaybabu007 on April 13, 2011

Prerequisite Components to be Installed and Running :

OIM 11g Managed Servers 
Oracle BI Publisher 10g (10.1.3.4)
Oracle Enterprise Manager (component as a part of WLS)
Oracle Database
Oracle SOA/BPEL (OIM Workflow Approval Requests)

————————————————————————————————————————————————————————-

 Configuring OIM 11g Reporting:

Step 1)  Install Oracle BI Publisher 10g (10.1.3.4): 

Install Oracle Business Intelligence Publisher from your software repository. Please select basic installation, provide oc4jadmin password during the installation. Make sure that you access the BI URL:  http://<BI_FQDN_IP>:9704/xmlpserver

Step 2) Configuring Reports Steps for OIM11g in BI:

  •  Create a folder for OIM Reports under <BI_HOME>/xmlp/XMLP/reports.
  •  Copy and unzip  OIM Reports from <OIM_IDM_Domain>/server/reports/oim_product_reports_11_1_1_3_0.zip to <BI_HOME>/xmlp/XMLP/reports/OIM Reports
  •  Define two JDBC data sources for OIM (eg: DEV1_OIM schema) & SOAINFRA (eg: DEV1_SOAINFRA) with their associated schema and appropriate database details.
  •  Test both the connections.

Step 3 ) Configure OIM Report/Attestation of BI URL in Oracle Enterprise Manager

  •   Login to Oracle Enterprise Manager as an administrator weblogic/<password>.
  •  Navigate on the left: Farm_oim11g_domain → Identity and Access → OIM→ oim(11.1.1.3.0)
  • Click on Oracle Identity Manager à System MBean Browser  → oracle.iam → Server: oim_server1→ Application: oim → XMLConfig → Config → XMLConfig.DiscoveryConfig →Discovery
  •  Click on BIPublisherURL attribute, provide the Oracle BI Publisher URL: http://<BI_FQDN_IP>:9704/xmlpserver 
  •  Click on Apply Button for changes.
  • Test from the OIM Console: Advanced → Launch BI Publisher Reports

Step 4) Managing/Testing Auditing Reports in BI Publisher:

  •  Login to Oracle BI Publisher as an administrator /<password>.
  •  Click on Reports the OIM Reports –> Click on User Summary, User Deleted Activities and so on.

Posted in Uncategorized | 1 Comment »

Enable/Disable Archive Log Mode in DB 10g/11g

Posted by ajaybabu007 on April 12, 2011

 

This is one of the prequisite before starting RMAN backups and recovery.

This is how to enable archiving:

Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 – Productio
With the Partitioning, OLAP and Data Mining options

SQL> archive log list
Database log mode No Archive Mode
Automatic archival Disabled
Archive destination USE_DB_RECOVERY_FILE_DEST
Oldest online log sequence 26
Current log sequence 28
SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> startup mount
ORACLE instance started.

Total System Global Area 289406976 bytes
Fixed Size 1248576 bytes
Variable Size 96469696 bytes
Database Buffers 184549376 bytes
Redo Buffers 7139328 bytes
Database mounted.
SQL> alter database archivelog;

Database altered.

SQL> alter database open;

Database altered.

SQL> archive log list
Database log mode Archive Mode
Automatic archival Enabled
Archive destination USE_DB_RECOVERY_FILE_DEST
Oldest online log sequence 26
Next log sequence to archive 28
Current log sequence 28
SQL>

=================================================

This is how to disable archiving:

SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> startup mount
ORACLE instance started.

Total System Global Area 289406976 bytes
Fixed Size 1248576 bytes
Variable Size 100664000 bytes
Database Buffers 180355072 bytes
Redo Buffers 7139328 bytes
Database mounted.
SQL> alter database noarchivelog;

Database altered.

SQL> alter database open;

Database altered.

SQL> archive log list
Database log mode No Archive Mode
Automatic archival Disabled
Archive destination USE_DB_RECOVERY_FILE_DEST
Oldest online log sequence 26
Current log sequence 28
SQL>

Posted in Uncategorized | Leave a Comment »

LDAP Service Account for updating OID attributes

Posted by ajaybabu007 on April 7, 2011

Create a delegated admin/service account user who will have least access privileges control on OID and still will be able to update/manage the end-user attributes by importing the below ldif file into OID.

1) Create/Prepare the below ldif who will have privileges to update to user attributes.

dn: cn=sa_sysadmin, ou=Service Accounts, cn=Users, dc=myorg,dc=com
objectclass: top
objectclass: orcluser
objectclass: orcluserv2
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
uid: sa_sysadmin
sn: sa_sysadmin
cn: sa_sysadmin
userpassword: welcome123
orclisenabled: ENABLED
dn: cn=User Provisioning Admins,cn=Groups,cn=OracleContext
changetype: modify
add: uniquemember
uniquememeber: cn=sa_sysadmin,ou=Service Accounts, cn=Users,dc=myorg,dc=com

2) Execute this ldif file at OID Machine using ldapadd utility.

3) Restart all the components of OID.

Posted in Oracle Internet Directory | Leave a Comment »

UCM Integration with LDAP Servers

Posted by ajaybabu007 on April 5, 2011

Step 1) Prepare the below ldif file and import into the Directory Server. This ldif file contains the admin (service) account that will physically created in LDAP, and will be used to login to UCM web-based Admin Console for maintenance/management. The file includes the account name, and it’s password. It is recommended that the password provided in this ldif file be changed to a suitable value. Make sure that the groups admin,sysmanager were created under cn=Groups,dc=myorg,dc=com before importing this ldif file to LDAP Server.

———————Start of LDIF file————————————————————————————

dn: cn=sa_sysadmin,  ou=Service Accounts, cn=Users, dc=myorg,dc=com
objectclass: top
objectclass: orcluser
objectclass: orcluserv2
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
uid: sa_sysadmin
sn: sa_sysadmin
cn: sa_sysadmin
userpassword: idc
orclisenabled: ENABLED

dn: cn=sysmanager, cn=UCM Service Groups, cn=Groups, dc=myorg,dc=com
changetype: modify
add: uniquemember
uniquemember: cn=sa_sysadmin,ou=Service Accounts,cn=Users,dc=myorg,dc=com

dn: cn=admin, cn=UCM Service Groups, cn=Groups, dc=myorg,dc=com
changetype: modify
add: uniquemember
uniquemember: cn=sa_sysadmin,ou=Service Accounts,cn=Users,dc=myorg,dc=com

———————End of LDIF file————————————————————————————

Step 2) Logon the web-based admin console of UCM application http://UCM_WEBSERVER_IP/FQDN>:Port/idc/

Step 3) Login with username as sysadmin and the corresponding valid password (idc).  At this point, UCM’s admin account is still the local admin account setup during UCM installation stored in database. Please use the password setup during UCM installation to login here. Only after logged in as sysadmin, we will be changing the UCM system admin account to point to LDAP service account setup in the previous step 1.

  • Expand the Administration drop down menu.
  • Click on Providers in the drop down menu.
  • Under Create a new provider menu, Click on Add action on Provider type: ldapuser for configuring an LDAP user provider.

Step 4) Configuration Details: All the values mentioned below in the table are to be as it as configured. The only apparent change will be host and port of LDAP server. I’m taking OID as LDAP Server for acheiving this integration with UCM.

Provider Name OID
Provider Description Externalizing authentication to OID
Provider Class intradoc.provider.LdapUserProvider
Connection Class intradoc.provider.LdapConnection
Source Path OID
LDAP Server 192.x.x.x<Host of LDAP Server>
LDAP Suffix dc=myorg,dc=com
LDAP Port 389 <Port of LDAP Server>
Number of connections 10
Connection timeout 10
Priority 1
Use Netscape SDK Enabled
Use Group Filtering Enabled
Default Network Roles  
Role Prefix (Add) cn=Groups,dc=myorg,dc=com[1]
AttributeMap LDAP Attribute User Attribute
displayname  dFullName
mail dEmail
employeetype dUserType
LDAP Admin DN cn=orcladmin
LDAP Admin Password <<admin password of OID application administrator (orcladmin)>>

 Step 5) Click on Add Button for saving the configurations changes. Now you’ll be able to 10 out of 10 connections good with LDAP Provider profile.

Step 6) Restart both UCM Content Server and OHS/Apache Web Server. 

Step 7)  Now we can test the integration by trying to logon UCM admin console with the new service account user created in OID, which is sa_sysadmin.

Step 8) Login to the admin console with OID account: sa_sysadmin and corresponding OID password, and confirm if the user is getting authenticated successfully for UCM admin console.

This concludes the successful integration of Oracle UCM with LDAP Servers…

Posted in Oracle Internet Directory, UCM | Leave a Comment »

 
Follow

Get every new post delivered to your Inbox.