This content has been marked as final. Show 11 replies
Use Oracle Access Manager(OAM) with AD as its user store. OAM and OIM integrate seamlessly.
It is also possible to integrate OIM with other single sign solutions than OAM.
Bumping the thread.
Has anyone gotten single sign on with AD for OIM without OAM working?
Yes Martin I did that. You just wanted the confirmation or the procedure.
Procedure would be great.
One of my old customer is looking at doing this.
You are aiming it against which App Server. I have steps customized for WebLogic. And this appears to be somewhat different from other app servers.
I have to same requirement....SSO method without OAM........
We are using JBoss as the application server...
They are aiming at JBoss but instructions for any app server would probably be useful as a hint for how to do it on JBoss.
Go to Weblogic console:
OIM_DOMAIN > Security > Realms > myrealm > Providers > Authentication > Configure a new Active Directory Authenticator...
Control Flag= SUFFICIENT.
Provide AD credentials.
Under User tab:
User Name Attribute = sAMAccountName (Default Value wil be cn)
User From Name Filter = (&(sAMAccountName=%u)(objectclass=user))
Propagate Cause For Login Exception: CHECKED
Go to OIM Authenticator and make Control Flag as OPTIONAL and allow custom authentication should be checked.
Create a group in AD with name User. OIM User must be part of this group under AD.
Now login into OIM using AD Credentials.
Has anyone successfully implemented this for OIM 11g? Are the steps above accurate?