Home > Identity Manager, Oracle MiddleWare > Oracle Internet Directory (OID) Synchronization with Active Directory for Enterprise User Security – Part 2

Oracle Internet Directory (OID) Synchronization with Active Directory for Enterprise User Security – Part 2


1.1       Configuring new OID Instance

Why do we need a new OID instance?

  • Oracle database for Enterprise User Security with OID need a port on “SSL No Authentication Mode 1”.
  • Active Directory to synchronize AD password need OID with a port on “SSL Server authentication mode 2”
  • To cater to above requirements, we need to configure another OID instance

1.1.1     Steps to create new oid instance

  • $> opmnctl createcomponent -componentType OID -componentName oid3 -adminPort 7003 -Db_info “localhost:1521:ORCL”
  • For TEST –adminPort is 7001 and –Db_info is “localhost:1521:oid”
  • Asks for a password for ODS, ODSSM users. Provide appropriate password
  • Asks for a password for OID admin user i.e. orcladmin. Provide password appropriately
  • Now you should see OID instance created successfully message. Below is the screenshot run on Oracle Enterprise Linux for your reference

  • $> “opmnctl status –l”
  • You should see that the new oid3 instance, which is down
  • Start the new oid3 instance by issuing
  • $> ./opmnctl startproc ias-component=oid3
  • $>./opmnctl status –l
  • It should show that 2 oid instances are up and running but the new oid3 instance running on different port (may be 3061 Non SSL, 3132 SSL No authentication mode)
  • Sql>conn orcladmin/
  • Connection should be successful
  • That’s it! Your new oid instance is ready

1.1.1     Steps to configure new OID instance as “SSL Server Auth Mode 2”

  • Once your managed servers are up and running go to the Enterprise Manager
  • Go to http:// <weblogic-server>:7001/em
  • From Identity and access tree expand and select ‘oid3’
  • If you see an “Information: Configuration settings are unavailable because oid3 is down” then try to restart from EM console i.e. OID–>control–>restart
  • OID–>Security–>Wallets
  • Create a new wallet ‘selfsigned’ as shown in screenshots below

  • Got OID–>Administrator–>Server Properties
  • Click on the General –> Change SSL Settings
  • o   Restart OID server now by going to Controls–>Restart server

    o   SSL configuration for OID is complete now. We need to test the SSL connection

    o   Got to http:// <idmweblogicserverdomain>:7005/odsm

    o   Create a new connection with SSL port 3132 and select SSL enabled on test a pop-up should show up. Accept the certificates and click on OK. A new SSL connection should be visible on ODSM.

    o   In the ODSM go to the tab “Data Browser”

    Note:

    In the case of Oracle Internet Directory and Microsoft Active Directory integration, Oracle Internet Directory is the server and Microsoft Active Directory is the client. The Oracle Password Filter for Microsoft Active Directory uses SSL to protect the password during transmission between the Microsoft Active Directory domain controller and the Oracle Internet Directory server.

     

    Continuation of the configuration is in the next blog post on Active Directory Configuration…

     

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: