5 Replies Latest reply: Jan 29, 2013 2:59 PM by jtellier RSS

    idmconfigtool.sh in OIM R2

    SunilU
      I installed OIM R2. I already have OAM 11.1.1.5 configured against OVD 11.1.1.5 front-ending AD with our enterprise users. I do not have the option to extend the orcl schema on AD, so I decided to use OUD R2 and the install and base config went fine. I’m following this URL: http://docs.oracle.com/cd/E27559_01/install.1112/e27301/oim.htm#CDDGJIBJ to prep OUD and the schema went in fine. Now I’m confused with what exactly I need to do to complete OIM-OAM integration. Documentation seems to be everywhere with idmconfigtool.sh especially with R2.

      I did not enable LDAP Sync during OIM config, so im following this post-install link – http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oid_oim.htm#CHDBICCC to complete that setup. And here’s where I see there is not much detail on how I need to idmconfigtool.sh and with what options. The good thing with OUD is almost all orcl schema is shipped and there is nothing much to do related to schema, except for ob objectclasses and index, which i did based on the first link posted above.

      Experts, do you have any thoughts on how to proceed with idmconfigtool.sh related to OIM R2? Thanks for the help.

      Sunil.
        • 1. Re: idmconfigtool.sh in OIM R2
          Ketan Solanki
          I am going on work on same requirement (except I am not using OUD)

          As the doc says: we need to run this tool to preconfigure LDAP sync, so I think following should be used
          http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/idmcfgtool.htm#CIHIJCIC

          For OUD, there are additional suggested tasks

          http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/idmcfgtool.htm#CIHDAAFB

          Please let me know how it works out for you :-)
          • 2. Re: idmconfigtool.sh in OIM R2
            SunilU
            Thanks Ketan. So I think here's the highlevel steps:

            1. Prep FMW Store (OUD) for ob attributes, containers, OIMAdmin user, ACL etc.. - http://docs.oracle.com/cd/E27559_01/install.1112/e27301/oim.htm#CDDGJIBJ
            2. Run ./idmconfigtool.sh in oim http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/idmcfgtool.htm#CIHIJCIC with options ( - preConfigIDStore, -prepareIDStore, -ConfigPolicyStore, -configOAM, -configOIM etc..)
            3. Run OUD specific tasks with the link you suggested - http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/idmcfgtool.htm#CIHDAAFB
            4. Enable post-install ldap sync in oim and test - http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oid_oim.htm#CHDGEGHJ

            Does this sequence sound right? Please confirm. Thanks so much for your insights.

            Sunil.
            • 3. Re: idmconfigtool.sh in OIM R2
              Ketan Solanki
              Thanks Sunil, order looks fine to me. I am still looking at few things
              2. whether idmconfigtool is to be run with all commands? I don't think configPolicyStore,configOAM commands need to run.
              4. In post-installation, i cannot seem to locate some metadata files and there location is changed in R2. File LdapContainerRules.xml mentioned on post-installation is discussed here http://docs.oracle.com/cd/E14571_01/doc.1111/e14309/cust_ldap.htm

              Still jotting down all steps in single page. :-)
              Good luck
              • 4. Re: idmconfigtool.sh in OIM R2
                SunilU
                Ketan,

                Step 2 - I think -configOAM (creates the access gate in OAM) and -configOIM is needed. I'm not sure on -configPolicyStore either. I'm also looking into this link http://onlineappsdba.com/index.php/2011/11/23/idmconfigtool-oimoamfusionapps-integration-preconfigidstore-prepareidstore-configoam-configoim/

                Just before Step 4 - there should be another step to configure OVD for split profile, if your requirement is similar to mine. http://docs.oracle.com/cd/E25054_01/fusionapps.1111/e21032/non_oid_dir.htm#CHDJCFDA . I wanted to keep AD as enterprise user directory and use OUD to store FMW schema attributes. I'm planning to use shadow joiner to merge both and provide a single view to OAM for Auth. When we run -configOIM it should be pointed against the OVD instance. I'm assuming LDAP Sync configuration can go directly against OUD.

                Step 5 - Post-installation

                Please let me know if this makes sense and sorry to throw too many links in this thread. This integration is messier than I thought initially and the documentation is strewn all over. If you would like I'm also available via sunilu@gmail to discuss more on this offline. Thanks for the help.

                Sunil.
                • 5. Re: idmconfigtool.sh in OIM R2
                  jtellier
                  Hello,

                  I'm trying also to configure LDAPSync post install in OIM 11gR2 and I've stumbled on that thread while trying to find precisions regarding the confusing official doc. The steps you are pointing out make sense, but can you confirm that they work? Anything else I should know before proceeding?

                  Thanks,
                  --jtellier