Oracle Access Manager 11gR2 for eBusiness R12 12.1.3
Two weeks back, I completed another Access Manager Implementation to provide zero sign to eBusiness Suite 12.1.3.
I have used following versions for this implementation:
Oracle Access Manager: 11.1.2.0
Oracle Identity Management: 11.1.1.6
Oracle Access Manager WebGate: 11.1.2.0
Oracle E-Business Suite AccessGate: 1.2
Oracle Fusion Middleware WebTier 11.1.1.7
Oracle Database for RCU: 11.2.0.3
Oracle E-Business Suite Release 12: 12.1.3
Another level of complexity was to integrate Oracle Access Manager with Microsoft UAG. For external users UAG is delegating the Kerberos Authentication with WNA CredCollector on behalf of user.
Two weeks back, I completed another Access Manager Implementation to provide zero sign to eBusiness Suite 12.1.3.
I have used following versions for this implementation:
Oracle Access Manager: 11.1.2.0
Oracle Identity Management: 11.1.1.6
Oracle Access Manager WebGate: 11.1.2.0
Oracle E-Business Suite AccessGate: 1.2
Oracle Fusion Middleware WebTier 11.1.1.7
Oracle Database for RCU: 11.2.0.3
Oracle E-Business Suite Release 12: 12.1.3
- For Windows Native Authentication we had Windows Server 2003 AD.
- Most of the client Machines are Windows 7, also tested from Mac OS.
Another level of complexity was to integrate Oracle Access Manager with Microsoft UAG. For external users UAG is delegating the Kerberos Authentication with WNA CredCollector on behalf of user.
- AD to OID Synchronisation with, of more than 70K records.
- External Authentication Plugin Set-up AD ldapbind and AD ldapcompare) in case, WNA is not operational.
- In front of OAM, F5 Load balancer and similarly for access gate another F5 Load balancer SSL termination is happening at F5 Level. As UAG is in picture, Proxy Header SSL is also implemented.
Also, in one of the Development Server 2 Instances of Test OAM Installation is really a good experience. Still I am struggling to find the reason, let me call it as Installation#1(first installation) and Installation#2.
If I start Installation#2 after server reboot, then I am unable to start Installation#1. Reverse is not true.
Another good experience is Playing with KVNO. If you set password for a user, used for keytab file, multiple time, KVNO goes into three digit and kerberos would not work, until and unless you mention -kvno in the command line argument.
Though in terms of Identity and Access Management it was 5th Implementation Project, but for various complexities it was pleasant experience to explore.
Hi,
ReplyDeleteThis is indeed a very good post. Could you please share a doc with which you implemented the kerberos authentication using OAM 11.1.2
Hi Could you please share your install doc.
ReplyDeleteI am trying to implement the SSO using OAM.
ReplyDeleteSetup is completed now want to front end using f5 getting the below error.
Can you please share your document for f5 with OAM and access gate
Oracle Access Manager Operation Error
The WebGate plug-in is unable to contact any Access Servers.
Contact your website administrator to remedy this problem.
Sorry friends, I cant share client specific information, let me know if you have specific question
ReplyDelete