18-14 Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management 5. Check the log file for errors and correct them if necessary. 6. Restart WLS_OIM1, WLS_OIM2, and the WebLogic Administration Server, as described in Section 20.1, Starting and Stopping Oracle Identity Management Components.

18.1.6 Updating Oracle Virtual Directory Authenticator

When configOIM has finished, it will have created an Oracle Virtual Directory authenticator if you are using Oracle Virtual Directory. This authenticator must be updated, as follows.

1. Log in to WebLogic console at http:admin.mycompany.comconsole

2. Click Security Realms from the domain structure.

3. Click My Realm.

4. Click the Providers tab.

5. Click the OVDAuthenticator provider.

6. Click Lock and Edit.

7. Click Provider Specific tab.

8. Change the following values:

■ All Users Filter : uid=objectclass=person ■ User From Name Filter : uid=uobjectclass=person

9. Click Save.

10. Click Activate Changes.

11. Restart the Administration Servers WLS_OAM1, WLS_OAM2, WLS_OIM1, and WLS_

OIM2, and any other managed servers that are running. Notes: ■ If you have already enabled single sign-on for your WebLogic Administration Consoles as described in Section 19.1, Configuring Single Sign-On for Administration Consoles with Oracle Access Manager 11g when this script is run, you might see the following errors when this script is run: ERROR: Desired authenticators already present. [Ljava.lang.String;7fdb492] ERROR: Error occurred while configuration. Authentication providers to be configured already present. ERROR: Rolling back the operation.. These errors can be ignored. ■ Note: You might see errors in the log file that look like this: ALL: Error seeding SSOGlobalPP credential This is a bug and the workaround is described in the next section. Integrating Components 18-15

18.1.7 Manually Creating CSF Keys

1. Log into Oracle Enterprise Manager Fusion Middleware Control at:

http:admin.mycompany.comem

2. Navigate to FARM_IDMDomain - Weblogic Domain

3. Click IDMDomain.

4. When the summary screen is displayed, select Security - Credentials from the list.

5. Click the credential key oim and click Create Key.

Create the following keys: ■ SSOKeystoreKey ■ SSOGlobalPP ■ SSOAccessKey Field Value Map oim Key SSOKeystoreKey Type Password User Name SSOKeystoreKey Password Key store password as entered in Section 11.11, Creating Oracle Access Manager Key Store Description OAMSSOKeystorepassword Field Value Map oim Key SSOGlobalPP Type Password User Name SSOGlobalPP Password Value of Global Passphrase entered in Section 11.6.1, Changing Oracle Access Manager Security Model, Step 10 Description OAMGlobalPP Field Value Map oim Key SSOAccessKey Type Password User Name SSOAccessKey Password Value of OAM11G_OIM_WEBGATE_PASSWD entered in Section 11.6.2, Configuring Oracle Access Manager by Using the IDM Automation Tool Description OAMAccessGatePassword 18-16 Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management SSOKeystoreKey and SSOGlobalPP are only required if you are using the Simple transport model.

18.1.8 Managing the Password of the xelsysadm User