Hello Friends,
I am working on the Integration of OIM and OAM 12.2.1.3.0 with Microsoft Active Directory 2008 R2 as Identity Store, but could not find any clear document regarding the prerequisites steps such as extending the Microsoft Active Directory Schema before this integration.
Earlier for this integration, I was referring to relevant case study document "OIM/OAM 12c Step-By-Step SSO Integration Case Study ( Doc ID 2393062.1 )" and the Oracle® Fusion Middleware Integration Guide for Oracle Identity Management Suite 12c (12.2.1.3.0).
I had performed integration steps as per the "Step-by-step Procedure for OIG-OAM Integration Using Automated Script" approach.
While executing the "./OIGOAMIntegration.sh -prepareIDStore", I came across few errors and came to know that using the prepareIDStore we can only extend the Oracle Directory Products [OID, OUD] schema but it does not work with Microsoft Active Directory. And there is no mention of extending the schema of Microsoft Active Directory to create prerequisite objects such as groups, users, attributes, classes, etc. in Microsoft Active Directory.
I could not find any appropriate document in OIM and OAM 12.2.1.3.0 documentation library. However when I tried to search the OIM and OAM 11g documentation and found the below Reference link
Reference link: https://docs.oracle.com/cd/E52734_01/core/IMEDG/imedg_ldap.htm#IMEDG30486 and its related section as below on how to extend schema of Microsoft AD: -
Based on above link, I manually corrected and imported the following ldif files in my Microsoft Active Directory Server.
- 1. AD_OracleSchema.ldif
- 2. ADUserSchema.ldif
- 3. AD_oam_pwd_schema_add.ldif
After this, I tried to extend the schema of Microsoft Active Directory using ldifadd.sh, extendadschema.sh file with below Reference Documents but could not succeed hence I further researched and manually corrected the ldif files [adOIMSchema.ldif, adOAMEnable.ldif , adOIMLanguageSubtype.ldif,] on Microsoft Active Directory
A) https://docs.oracle.com/cd/E27559_01/admin.1112/e28212.pdf -
Section “9.4.3.2 Configuring Active Directory for Use with Access Manager and Oracle Identity Manager” the ldapadd -h command didn’t worked.
B) https://docs.oracle.com/cd/E52734_01/core/IDMPV/IDMPV.pdf -
On Microsoft Active Directory I manually performed all steps in section “3.2 Preparing an Existing Microsoft Active Directory Instance for Use with Oracle Identity and Access Management”.
Then tried to perform steps in Section5.3 Manual Deployment Tasks When Using Microsoft Active Directory for an Integrated Topology
While executing the ./extendadschema.sh -h ADHOST -p ADPORT –D -D administrator@example.com -AD dc=example,dc=com> -OAM true, but it failed with below error:
Error: Could not find or load main class oracle.ods.virtualization.engine.util.ADSchemaExtendUtil
Can you please guide me on resolving above errors / provide a correct document link to refer on achieving the above mentioned integration in OIM and OAM 12.2.1.3.0 with proper sequence of steps?
Really appreciate your help in this.
Thanking you in anticipation.