This content has been marked as final. Show 5 replies
I am going on work on same requirement (except I am not using OUD)
As the doc says: we need to run this tool to preconfigure LDAP sync, so I think following should be used
For OUD, there are additional suggested tasks
Please let me know how it works out for you :-)
Thanks Ketan. So I think here's the highlevel steps:
1. Prep FMW Store (OUD) for ob attributes, containers, OIMAdmin user, ACL etc.. - http://docs.oracle.com/cd/E27559_01/install.1112/e27301/oim.htm#CDDGJIBJ
2. Run ./idmconfigtool.sh in oim http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/idmcfgtool.htm#CIHIJCIC with options ( - preConfigIDStore, -prepareIDStore, -ConfigPolicyStore, -configOAM, -configOIM etc..)
3. Run OUD specific tasks with the link you suggested - http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/idmcfgtool.htm#CIHDAAFB
4. Enable post-install ldap sync in oim and test - http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oid_oim.htm#CHDGEGHJ
Does this sequence sound right? Please confirm. Thanks so much for your insights.
Thanks Sunil, order looks fine to me. I am still looking at few things
2. whether idmconfigtool is to be run with all commands? I don't think configPolicyStore,configOAM commands need to run.
4. In post-installation, i cannot seem to locate some metadata files and there location is changed in R2. File LdapContainerRules.xml mentioned on post-installation is discussed here http://docs.oracle.com/cd/E14571_01/doc.1111/e14309/cust_ldap.htm
Still jotting down all steps in single page. :-)
Step 2 - I think -configOAM (creates the access gate in OAM) and -configOIM is needed. I'm not sure on -configPolicyStore either. I'm also looking into this link http://onlineappsdba.com/index.php/2011/11/23/idmconfigtool-oimoamfusionapps-integration-preconfigidstore-prepareidstore-configoam-configoim/
Just before Step 4 - there should be another step to configure OVD for split profile, if your requirement is similar to mine. http://docs.oracle.com/cd/E25054_01/fusionapps.1111/e21032/non_oid_dir.htm#CHDJCFDA . I wanted to keep AD as enterprise user directory and use OUD to store FMW schema attributes. I'm planning to use shadow joiner to merge both and provide a single view to OAM for Auth. When we run -configOIM it should be pointed against the OVD instance. I'm assuming LDAP Sync configuration can go directly against OUD.
Step 5 - Post-installation
Please let me know if this makes sense and sorry to throw too many links in this thread. This integration is messier than I thought initially and the documentation is strewn all over. If you would like I'm also available via sunilu@gmail to discuss more on this offline. Thanks for the help.
I'm trying also to configure LDAPSync post install in OIM 11gR2 and I've stumbled on that thread while trying to find precisions regarding the confusing official doc. The steps you are pointing out make sense, but can you confirm that they work? Anything else I should know before proceeding?