Step 1: Install Windows Server 2008 R2
a. set Static IP address
b. Disable Firewall
c. Create a Domain (dcpromo ) Eg : activedirectory.com
Step 2 : Install Connector Server in Windows Server
Step 3 : Install Active Directory User Management Connector in " OIM " and Configure IT Resources
Step 4 : Install Active Directory password Sync Connector in " Windows Server "
Step 5 : Goto Run Command type " regedit" Search "ADConfig " or Path HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Lsa\ oimpwdsync\ ADConfig
Step 6 : Goto Run Command type " regedit" Search "OIMConfig " or Path HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Lsa\ oimpwdsync\ OIMConfig
SPML-DSML Deployment Steps :
Before you deploy the connector, deploy the SPML-DSML Service on the Oracle WebLogic Application Server on which Oracle Identity Manager is running:
Step 7 : Goto Run Command type " regedit" Search "Install " or Path HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Lsa\ oimpwdsync\ Install
Step 8 : Reconfigure the IT Resources
set the Allow Password Provisioning parameter to
a. set Static IP address
b. Disable Firewall
c. Create a Domain (dcpromo ) Eg : activedirectory.com
Step 2 : Install Connector Server in Windows Server
Step 3 : Install Active Directory User Management Connector in " OIM " and Configure IT Resources
Step 4 : Install Active Directory password Sync Connector in " Windows Server "
Step 5 : Goto Run Command type " regedit" Search "ADConfig " or Path HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Lsa\ oimpwdsync\ ADConfig
- ADPersistentStore is OU in Active Directory that will store data for users whose password can’t be synced from AD to OIM for various reasons .
- Change value of Log from N to Y , if you wish to enable logging in password synchronization
- LogPath represents directory in which logs are enabled (to enable logging set value of field Log to Y )
Step 6 : Goto Run Command type " regedit" Search "OIMConfig " or Path HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Lsa\ oimpwdsync\ OIMConfig
- OIMhost is hostname where OIM managed server is running ( Ex : oim.luckyfusion.com )
- OIMPort is port on OIM managed server is running (Ex : 14000 )
- To disable Password Synchronization connector, set value of Disabled to 1
- AD will communicate to OIM server via SPML Web Service (WS) SOAPrequest over HTTP(S) like http(s)://oim.luckyfusion:14000/spmlws/OIMProvisioning for OIM on WebLogic Server (Make sure to deploy SPML-DSML application on OIM Managed Server and application is in ACTIVE state)
SPML-DSML Deployment Steps :
Before you deploy the connector, deploy the SPML-DSML Service on the Oracle WebLogic Application Server on which Oracle Identity Manager is running:
- Log in to the Oracle WebLogic Server Administration Console.
- In the Change Center region, click Lock & Edit to enable modification to the settings on the page.
- In the Domain Structure region, click Deployments.
- On the right pane, click Install.
- On the Locate deployment to install and prepare for deployment page, in the Path field, enter
OIM_HOME
\server\apps.
For example,D:\my_install\middleware\Oracle_IDM1\server\apps
. - In the region following the Current Location field, select spml-dsml.ear and then click Next.
- On the Choose targeting style page, click Next to accept the default selection and proceed with installation.
- On the Select deployment targets page, in the Available targets for spml-dsml region, select oim_server1 if Oracle Identity Manager is installed in a nonclustered environment. Otherwise, select oim_cluster.
- Click Next.
- On the Optional Settings page, in the Source accessibility region, select I will make the deployment accessible from the following location, and then click Next.
- On the Review your choices and click Finish page, verify the data that you have provided, and then click Finish.
- On the Settings for spml-dsml page, review the configuration information of the deployed SPML-DSML Service, and then click Save.
- In the Change Center region, click Activate Changes for the changes to take effect.
- On the left pane, in the Domain Structure region, click Deployments.
- On the right pane, in the Deployments table, select spml-dsml, and then from the Start list, select Servicing all requests.The SPML-DSML Service is started.
Step 7 : Goto Run Command type " regedit" Search "Install " or Path HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Lsa\ oimpwdsync\ Install
Step 8 : Reconfigure the IT Resources
set the Allow Password Provisioning parameter to
no
Step 9 : Configure SSL
Step 10 :
No comments:
Post a Comment