3-12 Administrators Guide for Oracle Business Data Synchronization Server If the Windows domain is required, it can be prepended to the user name and a backslash \ is used to separate the domain and user name as in domain\username. Add the credentials listed in Table 3–2 using Fusion Middleware Control, as illustrated in Figure 3–12 . For more information on credentials, see Configuring the Credential Store in Oracle Containers for J2EE Security Guide. Figure 3–12 Creating Credentials in Oracle Enterprise Manager The following steps describe how you enter in the credentials using Oracle Enterprise Manager. 1. Log in to Oracle Enterprise Manager.

2. Expand the WebLogic Domain node in the navigation pane and then right-click

your domain.

3. From the context menu, select Security and then Credentials. The Security Page

appears.

4. Create the exchange2007pimtransport credential map by clicking Create Map. The

Create Map dialog appears.

5. Enter exchange2007pimtransport in the Map Name field and then click OK.

6. For each JPS key listed in Table 3–2 , perform the following:

a. Click Create Key. The Create Key dialog appears.

b. Select exchange2007pimtransport from the Select Map list. c. Enter the JPS key. For example, enter activeDirectoryAdminCredential. d. In the User Name field, enter in the user name ensuring to prefix the domain if needed e. In the Password field, enter the password.

7. Click OK.

Table 3–3 Credentials Required by BPEL Task Connector JPS Map Name JPS Key User Name and Password fts-webcenter-connector adminCredential Contains the user name and password used by the BPEL Task Connector when it calls the BPEL server to access the users task data. These credentials should have access rights for all of the users who will be synchronizing. Installing the BDSS Components 3-13

3.7 Setting SSL

If the configuration of the Exchange 2007 servers require secure communications, then you must configure the Exchange 2007 Connector to support SSL to enable it to communicate securely with the Microsoft Autodiscovery and Exchange Web Service EWS. The Certificate Authority CA that issued and signed the certificate bound to the EWS server must be installed as a trusted CA in the trust store used by the connector. By default, the application deployed to WebLogic Server use a trust store called DemoTrust.jks, which is located in the WL_HOME\lib directory. To configure SSL, you must first obtain the X.509 certificate bound to the IIS Web Server hosting the Exchange Web Services and then update DemoTrust.jks with this certificate. To install the certificate: 1. Obtain the X.509 certificate bound to the IIS Web Server hosting the Exchange Web Services and save it as a file on the file system on the same box the connector is being deployed on. For the purposes of this document, the file is saved at c:\temp\exchangecacert.cer. 2. Log in to the Exchange 2007 server. 3. Start IIS Manager.

4. Right click the Exchange virtual directory typically at Web Sites Default Web

Site Exchange and select Properties. 5. Navigate to the Directory Security.

6. Click View Certificate.

7. Click the Details tab and then select Copy to File.

8. In the wizard, select the defaults on each page until you are prompted for the file name. Specify the name and location for the file. For example, enter c:\temp\exchangecacert.cer. To update DemoTrust.jks with the certificate: 1. Open a command window and change the current directory to the location of DemoTrust.jks. For example, enter the following command: cd c:\WL_HOME\wlserver_10.3\server\lib Note: You can access the System MBean Browser from the context menu that appears when you right-click a domain in the Navigation pane. Using the System MBean browser, you can invoke some operations on the JPS MBean, but not all of them. The steps described in Section 3.6 are the correct method for entering credentials. You can also use the System MBean browser to manage the BDSS MBeans, which you use to configure BDSS Hub components and server and connector instances. Note: The following instructions assume a deployment that uses the default trust store, DemoTrust.jks. If you have created a different trust store and have configured WebLogic Server to use it instead of the default trust store, you can still use these instructions, but you must define the Java keytool’s name and password.