Identity and Access Management, Identity Governance

How to stop Oracle WebLogic Server and Managed Server stack example. There are two types of WebLogic server instances in a domain. One is the called as the Admin Server or the WebLogic Admin Server and the other is called as the WebLogic Managed Server. When you stop the Stack or the whole WebLogic server stack services, first  Stopping the Stack You can stop the Oracle WebLogic Administration Server and all the managed servers by using Oracle WebLogic Administration Console. See  Oracle Fusion Middleware Introduction to Oracle WebLogic Server  for more information. To stop the stack components from the command line, perform the following steps: Stop WebLogic managed components, such as Oracle Directory Integration Platform, Oracle Identity Federation, Oracle Directory Services Manager, Oracle Access Manager, Oracle Identity Manager, and Oracle Adaptive Access Manager, by executing the following command: MW_HOME /user_projects/domains/ DOMAIN_NAME /bin/stopManagedWebLogic.sh \ {

OAM Sessions and Cookies (Taken from oam-idm blog) OAM - Securing Mobile and Web Applications OAM Session and OAM Cookies OAM Session Session is an object which represent an authenticated user. It contains authenticated user details. It does not contain user credentials but it keeps track of the important things like when was the last resource accessed, from which IP it was accessed and to which authentication scheme level the user is authenticated etc. Session is stored on server memory. If Database session persistence is enabled then the sessions object is maintained in database. Why session is so important? A valid session means a user is authenticated. If the session is not found in memory then user will be challenged by OAM. A session can attain 3 states:  - active  - inactive  - expired When a session is created it is

PMP PMI Chapter 7 Project Management          LINK Chapter 25 Introduction to Project     LINK A Capbility Maturity Model for Training and Eduction (PMI article)   LINK The Five Traditional Process Groups Explained In project management generally - and the Project Management Body of Knowledge (PMBOK ®  Guide) specifically - best practices dictate a very specific series of process groups that should be performed. These are referred to as Initiating, Planning, Executing, Monitoring and Controlling, and Closing . The question arises: what problem are we trying to solve by having five discrete process groups? (In the PMBOK Guide, they are called process groups because each one contains or houses specific processes that should be performed). The answer is that these processes give us an organizational background to successfully plan, execute, and manage a well-run project. With that said, let's look at each of these process groups in turn and discover why each is so vital

Reduce or eliminate use of SSN in IT systems, read here , here , Context Aware Content Based Federated Access Control System in Healthcare

How to get list of user accounts which are locked in OID (Oracle Internet Directory) If you want to get a list of user accounts which are locked in Oracle Internet Directory (OID) then u se the “ pwdaccountlockedtime=* ”  with ldapsearch that will give the list of users whose account is locked. I just now tested in OID 11.1.1.6 and could get a list of users whose account were locked. You can set a cron job that will run this command, say once every few hours to get such users whose accounts are locked. Once you have list of such users there are multiple ways for administrator to notify the user. For unix you can automate this via the crontab. Explore the option of "mailto" in the crontab. Your administrator can be configured in the mailto to receive output of the cron job run.  Check this post in the Oracle  Discussion  Forum References Setting Password Policies in OID  http://docs.oracle.com/cd/E28280_01/admin.1111/e10029/pwdpolicies.htm#OIDAG034 Following determine

4.13  ldapsearch The ldapsearch command-line tool enables you to search for and retrieve specific entries in the directory. The LDAP filter that you use to search for entries must be compliant with the Internet Engineering Task Force (IETF) standards as specified in RFC 2254. Refer to the IETF Web site at  http://www.ietf.org  for more information about the standard filter format. Oracle Internet Directory supports all elements of RFC 2254 except for extensible matching. Note: Various UNIX shells interpret some characters—for example, asterisks (*)—as special characters. Depending on the shell you are using, you may need to escape these characters. 4.13.1  Syntax for  ldapsearch ldapsearch -h oid_hostname -D " binddn " -w password [-Y " proxy_dn "] [-p ldap_port ] [-V ldap_version ] -b "basedn" {-s base|one|sub} {" filter_string " [ attributes ]|-f input_file } [-A] [-a never|always|search|find] [-F separator ] [-S] [-R] [-i 1