How to add a new attribute in COREid Identity Users?

Following is the solution:

STEP 1 Adding attribute in Directory Server.

This optional step as you may have added attribute to inetOrgPerson, but I will recommend to add new attributes to oblixOrgPerson. (As inetOrgPerson is directory server specific object , which will be Person on AD . By using oblixOrgPerson you will be making sure that changes are transparent across DS).

1. Create user defined attributes: obManagerName , obSupplierName ( datatype to Directory String)

2. Add these attributes to oblixOrgPerson. You can use inetOrgPerson which I guess you already did.

STEP 2 define custom attribute to inetOrgPerson (in oblix)

1. go to identity system console --> Common configuration --> Object classes -->

select inetOrgPerson and then Clickmodify Attributes button.

2.The New user defined attribute should be available in the attribute list.

Select the attribute and update the values for Display Name, Semantic Type, Attribute Values, and Display Type.

I have added “ManagerName Added”, attribute : ManagerName

3.Select Save and then Done.

STEP 3

1.Go to identity system console --> User Manager configuration --> Tabs

--> Person class tab (Default: Employee)

2.Click View Object Profile Button

3.Select Configure panel --> Add button --> from the drop-down select the attribute that you want to Display.

4.Save.

You should now be able to see the new attribute in the search results.

You should now be able to see the new attribute in the search results. In this case Manager Name Added: Rajan Behal

CA SiteMinder to Oracle Access Manager Migration

Sometime back one of friend asked me , how to progress on SiteMinder to OAM migration. I just prepared following as it may help to do migration.

Following approach should be taken when migrating to access management to OAM:

(1) We need details on SiteMinder Access Management implementation for any enterprise through following parameters:

Components: These components are part of enterprise access management i.e.

• (1) Network Topology: AM deployment architecture and details of OSs.
  (2) Applications: details of applications which are protected by AM.
  (3) Web Server: details of web server on which applications are hosted.
  (4) Application Server: details of application servers on which applications are running.

(5) Store: It can be directory server or database server. It is used by SiteMinder as user store, policy store or for storing audit and logging data.

(5) User Store : It contains user information i.e. user name, password etc. and can be directory server or database server.
(6) Policy Store: It contains policy server information and policy information.

(7) Directory Servers: details of directory server used by AM for storing user,

policy information , audit or logging.

(6) Database Server: details of database server used by AM for storing user,

Policy information, audit or logging.

(7) Agents / Proxies: Agents or request interceptor installed on webs serves
or application servers

(8) Policies : various policies defined to protect applications.

Above details can be gathered from implementation SRS, Design and Deployment Document.

(2) Following are the components of OAM those support similar functionality available with SiteMinder components.

Component	SiteMinder	OAM
Identity Server and UI	NA.	Built-in (Identity Server, WebPass)
Proxy	Web Agent	Web Gate
Access Server	NA	AAA Server
Policy Server UI	Policy Server	Policy Manager
User Store	Any data storage	Directory Server
Policy Store	Any data storage	Directory Server
Configuration Store	NA. store in policy store	Directory Server
Auditing and Logging	Any data storage	RDBMS
Reporting	Built-in Capability	Built-in Capability
Diagnosabilty or monitoring	Available	Available
Key Encryption (static and dynamic)	Policy Server Key	User Encryption key
Delegated Administration	Available	Available
Support for Multi Domain SSO	Available	Available
Support for Secure Communication (Digital Signature, Cert.)	Available	Available
Support for Various Platform	Available	Available
Support for Functional requirements i.e. Web Access Control, SSO, Authentications, Logging and Auditing	Available	Avaialble
Support for Non-Functional Requirements i.e. Availability, Scaling, Performance	Available	Available

(3) Use Case for Migration:

(1) User Store: SiteMinder can be configured with any directory or database server where as OAM needs user store on directory server only. OAM uses Identity Server for authenticating user credential. We can configure Identity Server using WebPass .We can use oracle virtual directory to access database server as if we are accessing directory server. (Depends on type of directory server and OVD compatibility.) In Case, OVD is not compatible then Store need to be replicate and directory schema needs to be extend. Failover and load balancing can be supported with OAM.

(2) Policy Store: Again SiteMinder can be configured with any directory or database server and OAM needs policy store on directory server only. Please not that we can’t user OVD to use with Policy data.

(3) Policy and application data: SiteMinder needs to extend schema for storing policy and application data and the same are with OAM. Please note that OAM can store policy and application data separately where as SiteMinder need to store policy and application data in same repository.

(4) Configuring Policy: We need to configure policy using PolicyManager. Both OAM and SiteMinder use similar approach for defining policies.

(5) Installation and Configuration of Identity Server and WebPass : As mentioned in UseCase-1 , We need to installed Identity Server and WebPass component for setting User Store.

(6) Installation and Configuration of WebGate: We need to install WebGate on the web Server hosting application and same information need to configure in Access Server by PolicyManager.

(7) Installation and Configuration of AccessServer: We need to install AccessServer and same need to be configured by PolicyManager.

(8) Installation and Configuration of PolicyManager: We need to install Policy Manager which is web application.