Upload
gouthambojja143
View
6
Download
0
Embed Size (px)
DESCRIPTION
Oracle Identity Manager 11g: Essentials Student Guide
Citation preview
Oracle Identity Manager 11g: Essentials Volume I Student Guide
D65160GC10 Edition 1.0 November 2010 D69802
Copyright 2010, Oracle and/or its affiliates. All rights reserved. Disclaimer This document contains proprietary information and is protected by copyright and other intellectual property laws. You may copy and print this document solely for your own use in an Oracle training course. The document may not be modified or altered in any way. Except where your use constitutes "fair use" under copyright law, you may not use, share, download, upload, copy, print, display, perform, reproduce, publish, license, post, transmit, or distribute this document in whole or in part without the express authorization of Oracle. The information contained in this document is subject to change without notice. If you find any problems in the document, please report them in writing to: Oracle University, 500 Oracle Parkway, Redwood Shores, California 94065 USA. This document is not warranted to be error-free. Restricted Rights Notice If this documentation is delivered to the United States Government or anyone using the documentation on behalf of the United States Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS The U.S. Governments rights to use, modify, reproduce, release, perform, display, or disclose these training materials are restricted by the terms of the applicable Oracle license agreement and/or the applicable U.S. Government contract. Trademark Notice Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Authors Robert LaVallie, Terri Cantor
Technical Contributors and Reviewers Eswar Vandanapu, Raj Kuchi, Rajesh Bhabu, Sri Subramanian, Gopal Kumarappan, Mario Lim, Ajay Keni, Brad Donison, Ashok Maram, Bitan Biswas, Amol Dharmadhikari, Abhishek Sharma, Semyon Shulman, Viresh Garg, Sid Choudhury, Javed Beg, Jatan Rajvanshi, Sidhartha Das, Ashutosh Pitre, Shyam Narayan Singh, Sanjay Rallapalli, Srinivas Marni, Debapriya Datta, Alexandre Babeanu, Don Biasotti, Gururaj B.S.
This book was published using: Oracle Tutor
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents i
Table of Contents
Introduction ......................................................................................................................................................1-1 Introduction ....................................................................................................................................................1-2 Road Map ......................................................................................................................................................1-3 Course Objectives ..........................................................................................................................................1-4 Road Map ......................................................................................................................................................1-7 Course Units ..................................................................................................................................................1-8 Unit 1: Product Overview ...............................................................................................................................1-9 Unit 2: Managing Users, User Entities, and Resources ................................................................................1-11 Unit 3: Handling Reconciliation Workflows .....................................................................................................1-13 Unit 4: Managing Policies, Reports, and Tools ..............................................................................................1-14 Unit 5: Deploying Configurations ....................................................................................................................1-16 Road Map ......................................................................................................................................................1-17 Lesson Summary ...........................................................................................................................................1-18 Road Map ......................................................................................................................................................1-19 What's Next? ..................................................................................................................................................1-20
Identity Management and Identity Administration: Overview ......................................................................2-1 Identity Management and Identity Administration: Overview ..........................................................................2-2 Road Map ......................................................................................................................................................2-3 Lesson Objectives ..........................................................................................................................................2-4 Road Map ......................................................................................................................................................2-6 Identity Management: Overview .....................................................................................................................2-7 Identity Management: Importance ..................................................................................................................2-9 Identity Management: Benefits .......................................................................................................................2-11 Quiz ................................................................................................................................................................2-13 Identity Management: Values .........................................................................................................................2-17 How Can Identity Management Help? ............................................................................................................2-19 Quiz ................................................................................................................................................................2-23 Identity Management: Terminology ................................................................................................................2-25 Identity Management: Functions ....................................................................................................................2-27 Identity Administration ....................................................................................................................................2-29 Access Management ......................................................................................................................................2-31 Directory Services ..........................................................................................................................................2-33 Audit and Compliance ....................................................................................................................................2-35 Suite Management .........................................................................................................................................2-37 Quiz ................................................................................................................................................................2-39 Road Map ......................................................................................................................................................2-43 Identity Administration: Infrastructure .............................................................................................................2-44 Identity Administration: Benefits .....................................................................................................................2-45 Road Map ......................................................................................................................................................2-46 Lesson Summary ...........................................................................................................................................2-47 Road Map ......................................................................................................................................................2-48 Lesson Demos ...............................................................................................................................................2-49 Road Map ......................................................................................................................................................2-50 What's Next? ..................................................................................................................................................2-51
Launching Oracle Identity Manager ...............................................................................................................3-1 Launching Oracle Identity Manager ...............................................................................................................3-2 Road Map ......................................................................................................................................................3-3
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents ii
Lesson Objectives ..........................................................................................................................................3-4 Road Map ......................................................................................................................................................3-6 Oracle WebLogic Server Overview ................................................................................................................3-7 Oracle WebLogic Server Overview: Domains ................................................................................................3-8 Comparing Administration Servers and Managed Servers ............................................................................3-10 Oracle Identity Manager Server Overview .....................................................................................................3-12 SOA Server Overview ....................................................................................................................................3-13 Starting Administration and Managed Servers ...............................................................................................3-15 Starting the Administration Server ..................................................................................................................3-16 Starting the Managed Servers........................................................................................................................3-17 Monitoring the Status of the Managed Servers ..............................................................................................3-18 Quiz ................................................................................................................................................................3-19 Road Map ......................................................................................................................................................3-22 Oracle Identity Manager Interfaces ................................................................................................................3-23 Oracle Identity Manager Administrative and User Console Overview ............................................................3-24 Oracle Identity Manager Unauthenticated Self Service Console Overview ....................................................3-26 Oracle Identity Manager Unauthenticated Self Service Console: Reset Password ........................................3-27 Oracle Identity Manager Unauthenticated Self Service Console: Self-Registration .......................................3-30 Oracle Identity Manager Unauthenticated Self Service Console: Track Registration .....................................3-33 Web Console Overview ..................................................................................................................................3-35 Self-Service Functionalities ............................................................................................................................3-36 Oracle Identity Manager Self Service Console ...............................................................................................3-38 Oracle Identity Manager Administration Console ...........................................................................................3-40 Oracle Identity Manager Advanced Administration Console ..........................................................................3-42 Starting the Oracle Identity Manager Web Consoles .....................................................................................3-45 Oracle Identity Manager Design Console Overview .......................................................................................3-46 Design Console: User Management ..............................................................................................................3-47 Design Console: Resource Management .......................................................................................................3-48 Design Console: Process Management .........................................................................................................3-49 Design Console: Administration .....................................................................................................................3-50 Design Console: Development Tools .............................................................................................................3-52 Starting the Oracle Identity Manager Design Console ...................................................................................3-54 Quiz ................................................................................................................................................................3-55 Road Map ......................................................................................................................................................3-58 Oracle SOA Consoles Overview ....................................................................................................................3-59 Oracle SOA Platform ......................................................................................................................................3-60 Oracle BPM Worklist Console ........................................................................................................................3-61 Launching the Oracle SOA Consoles .............................................................................................................3-62 Road Map ......................................................................................................................................................3-63 Lesson Summary ...........................................................................................................................................3-64 Road Map ......................................................................................................................................................3-65 Practice 3 Overview: Launching Oracle Identity Manager .............................................................................3-66 Road Map ......................................................................................................................................................3-67 What's Next? ..................................................................................................................................................3-68
Understanding Oracle Identity Manager ........................................................................................................4-1 Understanding Oracle Identity Manager .........................................................................................................4-2 Road Map ......................................................................................................................................................4-3 Lesson Objectives ..........................................................................................................................................4-4 Road Map ......................................................................................................................................................4-6
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents iii
Oracle Identity Management Products ...........................................................................................................4-7 Road Map ......................................................................................................................................................4-10 Oracle Identity Manager: Overview ................................................................................................................4-11 Oracle Identity Manager: Features .................................................................................................................4-14 Oracle Identity Manager Features: Self-Service and Delegated Administration ............................................4-16 Oracle Identity Manager Features: Workflow and Policy Management .........................................................4-17 Oracle Identity Manager Features: Password Management ........................................................................4-19 Oracle Identity Manager Features: Audit and Compliance Management .....................................................4-21 Oracle Identity Manager Features: Integration Solutions .............................................................................4-23 Oracle Identity Manager: Functional Layers ...................................................................................................4-25 Oracle Identity Manager: Solving Business Challenges .................................................................................4-27 Quiz ................................................................................................................................................................4-29 Road Map ......................................................................................................................................................4-32 Oracle Identity Manager Architecture .............................................................................................................4-33 Quiz ................................................................................................................................................................4-35 Road Map ......................................................................................................................................................4-39 Use Case #1: Initial Onboarding ....................................................................................................................4-40 Use Case #2: Request-Based Scenario .........................................................................................................4-41 Road Map ......................................................................................................................................................4-42 Reconciliation and Provisioning: Overview ....................................................................................................4-43 Quiz ................................................................................................................................................................4-45 Road Map ......................................................................................................................................................4-47 Oracle Identity Manager Connector: Overview .............................................................................................4-48 Quiz ................................................................................................................................................................4-49 Road Map ......................................................................................................................................................4-50 Lesson Summary ...........................................................................................................................................4-51 Road Map ......................................................................................................................................................4-53 What's Next? ..................................................................................................................................................4-54
Understanding Organizations, Roles, and Users ..........................................................................................5-1 Understanding Organizations, Roles, and Users ...........................................................................................5-2 Road Map ......................................................................................................................................................5-3 Lesson Objectives ..........................................................................................................................................5-4 Road Map ......................................................................................................................................................5-5 Oracle Identity Manager User ........................................................................................................................5-6 User Entity Life Cycle .....................................................................................................................................5-7 Oracle Identity Manager User Types ..............................................................................................................5-9 Oracle Identity Manager Functional Users .....................................................................................................5-11 Quiz ................................................................................................................................................................5-13 Road Map ......................................................................................................................................................5-16 Oracle Identity Manager Organizations ..........................................................................................................5-17 Oracle Identity Manager Roles .......................................................................................................................5-18 Role Hierarchy ...............................................................................................................................................5-19 Role Category ................................................................................................................................................5-20 Oracle Identity Manager Entity Relationships ................................................................................................5-21 Quiz ................................................................................................................................................................5-22 Road Map ......................................................................................................................................................5-25 Overview of the Bulk Load Utility ....................................................................................................................5-26 Loading Data with the Bulk Load Utility ..........................................................................................................5-27 Bulk Load Utility Scripts, Data Files, and Database Tables ...........................................................................5-29
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents iv
Bulk-Load Input Source ..................................................................................................................................5-31 Bulk-Load Database Columns........................................................................................................................5-32 Configuring the Bulk Load Utility ....................................................................................................................5-36 Quiz ................................................................................................................................................................5-37 Road Map ......................................................................................................................................................5-38 Creating Oracle Identity Manager Entities ......................................................................................................5-39 Creating an Organization ...............................................................................................................................5-40 Creating a User ..............................................................................................................................................5-42 Creating a Role Category ...............................................................................................................................5-45 Creating a Role ..............................................................................................................................................5-47 Assigning a User to a Role .............................................................................................................................5-49 Revoking a Role from a User .........................................................................................................................5-52 Bulk Modification of Users ..............................................................................................................................5-54 Modifying an Organization .............................................................................................................................5-55 Deleting an Organization ................................................................................................................................5-56 Disabling and Deleting a User ........................................................................................................................5-57 Deleting a Role...............................................................................................................................................5-59 Loading User and Role-Related Data with the Bulk Load Utility ....................................................................5-61 Quiz ................................................................................................................................................................5-68 Road Map ......................................................................................................................................................5-70 Lesson Summary ...........................................................................................................................................5-71 Road Map ......................................................................................................................................................5-72 Practice 5 Overview: Understanding Organizations, Roles, and Users .........................................................5-73 Road Map ......................................................................................................................................................5-74 What's Next? ..................................................................................................................................................5-75
Using Predefined Connectors .........................................................................................................................6-1 Using Predefined Connectors (Initial Onboarding) ........................................................................................6-2 Road Map ......................................................................................................................................................6-3 Lesson Objectives ..........................................................................................................................................6-4 Road Map ......................................................................................................................................................6-6 Oracle Identity Manager Connectors: Overview ............................................................................................6-7 Quiz ................................................................................................................................................................6-8 Road Map ......................................................................................................................................................6-9 Types of Oracle Identity Manager Connectors ...............................................................................................6-10 Quiz ................................................................................................................................................................6-13 Road Map ......................................................................................................................................................6-14 Transferring Oracle Identity Manager Connectors: Ways ..............................................................................6-15 Transferring Oracle Identity Manager Connectors: Advantages ....................................................................6-17 Transferring Oracle Identity Manager Connectors: Best Practices.................................................................6-18 Transferring Oracle Identity Manager Connectors: Tools ...............................................................................6-23 Quiz ................................................................................................................................................................6-25 Road Map ......................................................................................................................................................6-28 Using Oracle Identity Manager Connectors: Setup ........................................................................................6-29 Using Oracle Identity Manager Connectors: Run Time .................................................................................6-33 Step 1: Verifying Installation and Deployment Requirements .......................................................................6-34 Step 2: Configuring the External Resource ....................................................................................................6-35 Step 3: Copying Connector and External Code Files ....................................................................................6-36 Copying Connector Files: Sun Java System Directory Server ......................................................................6-38 Step 4: Configuring Oracle Identity Manager Server .....................................................................................6-44
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents v
Configuring Oracle Identity Manager Server: Clearing the Server Cache ......................................................6-45 Configuring Oracle Identity Manager Server: Enabling Logging ....................................................................6-47 Step 5: Importing an Oracle Identity Manager Connector .............................................................................6-50 Step 6: Defining an IT Resource ....................................................................................................................6-52 Step 7: Configuring Reconciliation Workflows ................................................................................................6-55 Step 8: Configuring Provisioning Workflows ..................................................................................................6-60 Step 9: Assigning the Connector to a User ....................................................................................................6-62 Step 10: Completing the Custom Process Form ............................................................................................6-64 Step 11: Accessing the Resource ..................................................................................................................6-66 Quiz ................................................................................................................................................................6-67 Road Map ......................................................................................................................................................6-72 Lesson Summary ...........................................................................................................................................6-73 Road Map ......................................................................................................................................................6-74 Practice 6 Overview: Using Predefined Connectors (Initial Onboarding) ......................................................6-75 Road Map ......................................................................................................................................................6-76 What's Next? ..................................................................................................................................................6-77
Understanding Manual and Automated Provisioning ...................................................................................7-1 Understanding Manual and Automated Provisioning .....................................................................................7-2 Road Map ......................................................................................................................................................7-3 Lesson Objectives ..........................................................................................................................................7-5 Road Map ......................................................................................................................................................7-7 Resources ......................................................................................................................................................7-8 Oracle Identity Manager Connectors ..............................................................................................................7-9 Differences Between Assigning Resources and Provisioning Resources ......................................................7-10 Quiz ................................................................................................................................................................7-11 Road Map ......................................................................................................................................................7-13 Assigning Resources to Users: Overview ......................................................................................................7-14 Assigning Resources to Users: Criteria ..........................................................................................................7-15 Assigning Resources to Users: Request ........................................................................................................7-16 Assigning Resources to Users: Direct Provisioning .......................................................................................7-17 Quiz ................................................................................................................................................................7-18 Road Map ......................................................................................................................................................7-21 Types of Provisioning .....................................................................................................................................7-22 Manual Provisioning .......................................................................................................................................7-23 Autoprovisioning.............................................................................................................................................7-24 Quiz ................................................................................................................................................................7-25 Road Map ......................................................................................................................................................7-26 Using Criteria to Assign a Resource to a User ...............................................................................................7-27 Step 1: Creating an Auto Membership Rule ...................................................................................................7-28 Step 2: Assigning an Auto Membership Rule to a Role .................................................................................7-30 Step 3: Building an Access Policy ..................................................................................................................7-32 Provisioning a User with a Resource Manually ..............................................................................................7-34 Step 1: Verifying a Resource Is Assigned to a User .......................................................................................7-36 Step 2: Completing a Custom Process Form .................................................................................................7-38 Step 3: Accessing the Resource ....................................................................................................................7-40 Quiz ................................................................................................................................................................7-41 Road Map ......................................................................................................................................................7-43 Modifying an Oracle Identity Manager Connector ..........................................................................................7-44 Step 1: Modifying the Provisioning Process ...................................................................................................7-46
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents vi
Step 2: Modifying the Custom Process Form .................................................................................................7-49 Provisioning a User with a Resource Automatically .......................................................................................7-51 Step 1: Verifying a Resource Is Assigned to a User .......................................................................................7-53 Step 2: Accessing the Resource ....................................................................................................................7-55 Quiz ................................................................................................................................................................7-56 Road Map ......................................................................................................................................................7-58 Lesson Summary ...........................................................................................................................................7-59 Road Map ......................................................................................................................................................7-61 Practice 7 Overview: Understanding Manual and Automated Provisioning ...................................................7-62 Road Map ......................................................................................................................................................7-63 What's Next? ..................................................................................................................................................7-64
Understanding Approval Processes and Requests ......................................................................................8-1 Understanding Approval Processes and Requests ........................................................................................8-2 Road Map ......................................................................................................................................................8-3 Lesson Objectives ..........................................................................................................................................8-4 Road Map ......................................................................................................................................................8-6 Request Workflow and Approval Process Overview ......................................................................................8-7 Request Overview ..........................................................................................................................................8-8 Request Type .................................................................................................................................................8-10 Request Type Catalog ...................................................................................................................................8-12 Request Dataset ............................................................................................................................................8-14 Default Request Dataset XML Files ...............................................................................................................8-16 Request Template ..........................................................................................................................................8-18 Approval Process ...........................................................................................................................................8-21 Approval Processes .......................................................................................................................................8-22 Oracle SOA Platform ......................................................................................................................................8-23 Template Level Approval Process..................................................................................................................8-25 Approval Policies and the Request and Operation Approval Levels ..............................................................8-26 Request and Operation Level Approval Processes ........................................................................................8-27 Quiz ................................................................................................................................................................8-29 Road Map ......................................................................................................................................................8-36 JDeveloper and SOA Composite Overview ...................................................................................................8-37 Loading an SOA Composite in JDeveloper ....................................................................................................8-38 Deploying an SOA Composite to a Defined Application Server .....................................................................8-40 Registering an SOA Composite with Oracle Identity Manager .......................................................................8-47 Registering a New SOA Composite with Oracle Identity Manager .................................................................8-48 Disabling an SOA Composite from Oracle Identity Manager .........................................................................8-51 Enabling an SOA Composite with Oracle Identity Manager ...........................................................................8-52 Road Map ......................................................................................................................................................8-53 Creating an Approval Policy ...........................................................................................................................8-54 Policy Details..................................................................................................................................................8-55 Set Approval Rule ..........................................................................................................................................8-56 Approval Policy Summary ..............................................................................................................................8-57 Approval Policy: Operation-Level Example ....................................................................................................8-58 Quiz ................................................................................................................................................................8-59 Road Map ......................................................................................................................................................8-60 Modeling a Request Template .......................................................................................................................8-61 Access the Request Template Wizard ...........................................................................................................8-62 Request Template Details ..............................................................................................................................8-63
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents vii
Allowed Resources ........................................................................................................................................8-65 Attribute Restrictions ......................................................................................................................................8-66 Attribute Restriction Details ............................................................................................................................8-67 Additional Attributes .......................................................................................................................................8-68 Template User Roles .....................................................................................................................................8-69 Request Template Confirmation.....................................................................................................................8-70 Road Map ......................................................................................................................................................8-71 Request Initiation Flowchart ...........................................................................................................................8-72 Request and Approval Stages for Requests ..................................................................................................8-74 Request and Approval Stages for Bulk Requests ..........................................................................................8-76 Initiating a Request ........................................................................................................................................8-77 Request Beneficiary .......................................................................................................................................8-78 Request Template ..........................................................................................................................................8-79 Select Users ...................................................................................................................................................8-80 Select Resources ...........................................................................................................................................8-81 Resource Details and Additional Data ............................................................................................................8-82 Request Justification ......................................................................................................................................8-83 Road Map ......................................................................................................................................................8-84 Lesson Summary ...........................................................................................................................................8-85 Road Map ......................................................................................................................................................8-86 Practice 8 Overview: Understanding Request Workflows and Approval Processes......................................8-87 Road Map ......................................................................................................................................................8-88 What's Next? ..................................................................................................................................................8-89
Understanding Reconciliation ........................................................................................................................9-1 Understanding Reconciliation ........................................................................................................................9-2 Road Map ......................................................................................................................................................9-3 Lesson Objectives ..........................................................................................................................................9-5 Road Map ......................................................................................................................................................9-8 Reconciliation and Provisioning .....................................................................................................................9-9 Reconciliation: Types .....................................................................................................................................9-11 Reconciliation: Events ....................................................................................................................................9-14 Quiz ................................................................................................................................................................9-17 Road Map ......................................................................................................................................................9-23 Authoritative Reconciliation: Conceptual Diagram .........................................................................................9-24 Authoritative Reconciliation: Single and Multiple Trusted Sources.................................................................9-25 Account Reconciliation: Conceptual Diagram ................................................................................................9-26 Account Reconciliation: Target System ..........................................................................................................9-27 Account Reconciliation: Data Process Flow ...................................................................................................9-28 Road Map ......................................................................................................................................................9-30 Implementing a Reconciliation Workflow ........................................................................................................9-31 Step 1: Verifying Installation and Deployment Requirements .......................................................................9-34 Step 2: Configuring the External Resource ....................................................................................................9-36 Step 3: Copying Connector and External Code Files ....................................................................................9-38 Copying Connector Files: Microsoft Active Directory ....................................................................................9-40 Copying External Code Files: Microsoft Active Directory ..............................................................................9-45 Step 4: Configuring Oracle Identity Manager Server .....................................................................................9-46 Configuring Oracle Identity Manager Server: Clearing the Server Cache ......................................................9-47 Configuring Oracle Identity Manager Server: Enabling Logging ....................................................................9-49 Step 5: Importing an Oracle Identity Manager Connector .............................................................................9-51
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents viii
Step 6: Defining an IT Resource ....................................................................................................................9-54 Step 7: Modifying a Scheduled Job ................................................................................................................9-59 Modifying a Scheduled Job: Trusted Source ..................................................................................................9-61 Modifying a Scheduled Job: Target Resource ...............................................................................................9-63 Step 8: Reconciling with a Trusted Source ....................................................................................................9-64 Step 8: Reconciling with a Target Resource ..................................................................................................9-67 Quiz ................................................................................................................................................................9-70 Road Map ......................................................................................................................................................9-74 Lesson Summary ...........................................................................................................................................9-75 Road Map ......................................................................................................................................................9-76 Practice 9 Overview: Understanding Reconciliation ......................................................................................9-77 Road Map ......................................................................................................................................................9-78 What's Next? ..................................................................................................................................................9-79
Managing Authorization Policies ....................................................................................................................10-1 Managing Authorization Policies ....................................................................................................................10-2 Road Map ......................................................................................................................................................10-3 Lesson Objectives ..........................................................................................................................................10-4 Road Map ......................................................................................................................................................10-6 Security Principles: Identity, Authentication, and Authorization ......................................................................10-7 What Is Authorization? ...................................................................................................................................10-9 Quiz ................................................................................................................................................................10-10 Road Map ......................................................................................................................................................10-12 Oracle Entitlement Server ..............................................................................................................................10-13 Authorization Policy Overview .....................................................................................................................10-15 Authorization Policy: Relationship to Roles ....................................................................................................10-17 Authorization Policy: Target ...........................................................................................................................10-18 Entity Association and Functional Security: Role Management ...................................................................10-19 Entity Association and Functional Security: Self Service User Management ................................................10-21 Entity Association and Functional Security: User Management ....................................................................10-22 Authorization Policy: Defining Scope with Data Security ................................................................................10-24 Authorization Policy: Policy Assignment ........................................................................................................10-26 Out-of-the-Box Authorization Policies ............................................................................................................10-27 When to Define Authorization Policies ...........................................................................................................10-34 Quiz ................................................................................................................................................................10-35 Road Map ......................................................................................................................................................10-41 Creating Role Management Authorization Policies ........................................................................................10-42 Step 1: Complete the Basic Policy Information ..............................................................................................10-43 Step 2: Select the Role Management Permissions ........................................................................................10-44 Step 3: Choose Data Constraints ...................................................................................................................10-45 Step 4: Select the Assignees .........................................................................................................................10-46 Step 5: Confirm the Results ...........................................................................................................................10-47 Creating Self Service User Management Authorization Policies ....................................................................10-48 Step 1: Complete the Basic Policy Information ..............................................................................................10-49 Step 2: Select the Self Service User Management Permissions ....................................................................10-50 Step 3: Select the Assignees .........................................................................................................................10-51 Step 4: Confirm the Results ...........................................................................................................................10-52 Creating User Management Authorization Policies ........................................................................................10-53 Step 1: Complete the Basic Policy Information ..............................................................................................10-54 Step 2: Select the User Management Permissions ........................................................................................10-55
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents ix
Step 3: Select Data Constraints .....................................................................................................................10-56 Step 4: Select the Assignees .........................................................................................................................10-57 Step 5: Confirm the Results ...........................................................................................................................10-58 Road Map ......................................................................................................................................................10-59 Lesson Summary ...........................................................................................................................................10-60 Road Map ......................................................................................................................................................10-61 Practice 10 Overview: Managing Authorization Policies ...............................................................................10-62 Road Map ......................................................................................................................................................10-63 What's Next? ..................................................................................................................................................10-64
Managing Reports ............................................................................................................................................11-1 Managing Reports ..........................................................................................................................................11-2 Road Map ......................................................................................................................................................11-3 Lesson Objectives ..........................................................................................................................................11-5 Road Map ......................................................................................................................................................11-8 Reports: Overview ..........................................................................................................................................11-9 Access Policy Reports ...................................................................................................................................11-10 Attestation, Request, and Approval Reports ..................................................................................................11-11 Password Reports ..........................................................................................................................................11-12 Resource and Entitlement Reports ................................................................................................................11-13 Role and Organization Reports ......................................................................................................................11-17 User Reports ..................................................................................................................................................11-18 Quiz ................................................................................................................................................................11-19 Road Map ......................................................................................................................................................11-20 Oracle BI Publisher: Overview .......................................................................................................................11-21 Configuring Oracle BI Publisher .....................................................................................................................11-22 Step 1: Copying Reports ................................................................................................................................11-24 Step 2: Starting Oracle BI Publisher ...............................................................................................................11-27 Step 3: Managing Data Sources ....................................................................................................................11-30 Managing Data Sources: Creating the OIM JDBC Data Source ...................................................................11-31 Managing Data Sources: Creating the BPEL JDBC Data Source .................................................................11-33 Quiz ................................................................................................................................................................11-35 Road Map ......................................................................................................................................................11-41 Creating Reports: Overview ...........................................................................................................................11-42 Creating an Access Policy Report ..................................................................................................................11-44 Creating a Request Report ............................................................................................................................11-46 Creating an Approval Report ..........................................................................................................................11-48 Creating a Password Report ..........................................................................................................................11-50 Creating a Resource Report ..........................................................................................................................11-52 Creating a Role Report ..................................................................................................................................11-54 Creating an Organization Report....................................................................................................................11-56 Creating a User Report ..................................................................................................................................11-58 Quiz ................................................................................................................................................................11-60 Road Map ......................................................................................................................................................11-63 Lesson Summary ...........................................................................................................................................11-64 Road Map ......................................................................................................................................................11-66 Practice 11 Overview: Managing Reports ......................................................................................................11-67 Road Map ......................................................................................................................................................11-69 What's Next? ..................................................................................................................................................11-70
Auditing, Monitoring, and Logging for Oracle Identity Manager .................................................................12-1
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents x
Auditing, Monitoring, and Logging for Oracle Identity Manager .....................................................................12-2 Road Map ......................................................................................................................................................12-3 Lesson Objectives ..........................................................................................................................................12-4 Roadmap .......................................................................................................................................................12-6 What is Auditing? ...........................................................................................................................................12-7 Auditing: Requirements ..................................................................................................................................12-8 Auditing: Business Challenges .......................................................................................................................12-10 Auditing: Oracle Fusion Middleware Audit Framework ...................................................................................12-11 Oracle Fusion Middleware Audit Framework: Features .................................................................................12-13 Oracle Fusion Middleware Audit Framework Audit Architecture .................................................................12-17 Oracle Fusion Middleware Audit Framework: Audit Flow ..............................................................................12-19 Oracle Fusion Middleware Audit Framework: Key Technical Concepts .........................................................12-20 Oracle Fusion Middleware Audit Framework: Oracle Identity Manager and SOA ..........................................12-21 Auditing Oracle Identity Manager ................................................................................................................12-22 Auditing: Oracle Identity Manager Audit Engine .............................................................................................12-23 Auditing: Oracle Identity Manager Audit Levels .............................................................................................12-25 Auditing: Changing the Oracle Identity Manager Audit Level .........................................................................12-26 Auditing: SOA Audit Levels ............................................................................................................................12-27 Auditing: Changing the SOA Audit Level ........................................................................................................12-28 Quiz ................................................................................................................................................................12-29 Roadmap .......................................................................................................................................................12-33 What Is Monitoring? .......................................................................................................................................12-34 Monitoring: Oracle Enterprise Manager Fusion Middleware Control ..............................................................12-35 Monitoring: Oracle Identity Manager ..............................................................................................................12-37 Monitoring: Oracle Identity Manager Performance Metrics ............................................................................12-39 Monitoring: SOA .............................................................................................................................................12-40 Quiz ................................................................................................................................................................12-43 Roadmap .......................................................................................................................................................12-45 What Is Logging? ...........................................................................................................................................12-46 Benefits of Logging ........................................................................................................................................12-47 Overview of Log Files .....................................................................................................................................12-48 Configuration Settings for Log Files for Oracle Identity Manager and SOA ...................................................12-49 Location and Configuration of Log Files for Oracle Identity Manager and SOA .............................................12-50 Search, View, and Download Log Files ..........................................................................................................12-51 Log Files: Setting Information Levels .............................................................................................................12-53 Log Files: Specifying the Log File Locale .......................................................................................................12-55 Log Files: ECID and RID ................................................................................................................................12-56 Quiz ................................................................................................................................................................12-58 Roadmap .......................................................................................................................................................12-62 Managing Auditing for Oracle Identity Manager .............................................................................................12-63 Managing Auditing for SOA ............................................................................................................................12-67 Managing Monitoring for Oracle Identity Manager .........................................................................................12-70 Managing Monitoring for SOA ........................................................................................................................12-75 Managing Logging for Oracle Identity Manager .............................................................................................12-85 Managing Logging for SOA ............................................................................................................................12-91 Roadmap .......................................................................................................................................................12-93 Lesson Summary ...........................................................................................................................................12-94 Roadmap .......................................................................................................................................................12-96 Practice 12 Overview: Auditing, Monitoring, and Logging for Oracle Identity Manager ..................................12-97
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents xi
Roadmap .......................................................................................................................................................12-98 What's Next? ..................................................................................................................................................12-99
Transferring Oracle Identity Manager Configurations ..................................................................................13-1 Transferring Oracle Identity Manager Configurations .....................................................................................13-2 Road Map ......................................................................................................................................................13-3 Lesson Objectives ..........................................................................................................................................13-4 Road Map ......................................................................................................................................................13-6 Deployment Manager Overview .....................................................................................................................13-7 Deployment Manager: Supported Configuration Objects ...............................................................................13-9 Supported Configuration Object Types ..........................................................................................................13-10 Advantages of Using the Deployment Manager to Transfer Configurations ...................................................13-11 Best Practices for Transferring Configuration Objects ...................................................................................13-12 Quiz ................................................................................................................................................................13-20 Road Map ......................................................................................................................................................13-21 Overview of MDS Utilities ...............................................................................................................................13-22 MDS WebLogic Properties File ......................................................................................................................13-24 Road Map ......................................................................................................................................................13-26 Exporting Data Using the Deployment Manager ............................................................................................13-27 Importing Data Using the Deployment Manager ............................................................................................13-29 Exporting Data Using the MDS Export Utility .................................................................................................13-31 Importing Data Using the MDS Import Utility ..................................................................................................13-33 Deleting MDS Data Using the MDS Delete Utility ..........................................................................................13-35 Quiz ................................................................................................................................................................13-36 Road Map ......................................................................................................................................................13-39 Lesson Summary ...........................................................................................................................................13-40 Road Map ......................................................................................................................................................13-41 Practice 13 Overview: Transferring Oracle Identity Manager Configurations .................................................13-42 Road Map ......................................................................................................................................................13-43 What's Next? ..................................................................................................................................................13-44
Oracle Identity Management Products: Overview .........................................................................................14-1 Oracle Identity Management Products: Overview ..........................................................................................14-2 Road Map ......................................................................................................................................................14-3 Appendix Objectives ......................................................................................................................................14-4 Road Map ......................................................................................................................................................14-5 Oracle Identity Management Products ...........................................................................................................14-6 Oracle Identity Management Products: Functional Aspects ...........................................................................14-9 Oracle Identity Management Products: Functionalities ..................................................................................14-10 Oracle Identity Management Products: Solutions ..........................................................................................14-11 Identity Administration: Infrastructure .............................................................................................................14-14 Oracle Identity Manager .................................................................................................................................14-15 Oracle Identity Analytics .................................................................................................................................14-16 Access Management: Infrastructure ...............................................................................................................14-18 Oracle Access Manager .................................................................................................................................14-19 Oracle Adaptive Access Manager ..................................................................................................................14-20 Oracle Authentication Service for OS .............................................................................................................14-22 Oracle Enterprise Single Sign-On ..................................................................................................................14-23 Oracle Entitlements Server ............................................................................................................................14-24 Oracle Identity Federation ..............................................................................................................................14-25 Oracle Web Services Manager ......................................................................................................................14-26
Copyright 2010, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Manager 11g: Essentials Table of Contents xii
Directory Services: Infrastructure ...................................................................................................................14-27 Oracle Virtual Directory ..................................................................................................................................14-29 Oracle Internet Directory ................................................................................................................................14-30 Road Map ......................................................................................................................................................14-31 Appendix Summary ........................................................................................................................................14-32
Basic Oracle WebLogic Server Concepts ......................................................................................................15-1 Basic Oracle WebLogic Server Concepts ......................................................................................................15-2 Road Map ......................................................................................................................................................15-3 Appendix Objectives ......................................................................................................................................15-4 Road Map ......................................................................................................................................................15-5 Oracle Fusion Middleware .............................................................................................................................15-6 Oracle Fusion Middleware Management Infrastructure ..................................................................................15-8 Relationship of Fusion Middleware Products to WebLogic Server .................................................................15-9 Typical Oracle Fusion Middleware Environment ............................................................................................15-10 Overview of WebLogic Server Domain ..........................................................................................................15-11 Domain Diagram ............................................................................................................................................15-13 Road Map ......................................................................................................................................................15-15 Configuring a Domain ....................................................................................................................................15-16 Starting the Domain Configuration Wizard .....................................................................................................15-18 Creating a Domain Using the Domain Configuration Wizard .........................................................................15-19 Creating a New WebLogic Domain and Selecting the Domain Source ..........................................................15-20 Configuring Administrator Settings .................................................................................................................15-21 Configuring Startup Mode and JDK.............................................................................................
