Session Impersonation allows an end user to designate one or more users to act on his/her behalf within a constrained window of time.
OAM Session Impersonation Use Case
A. Apply latest bundle patch (Recommended)
– BP10 (22116468) Pre-req: shut down AdminServer, oam_server1
B. Add Impersonation object class/attributes to OUD using ODSM
Impersonation object class : orclIDXPerson
Attributes : orclImpersonationGrantee and orclImpersonationGranter
C. Add impersonation object class – orclIDXPerson – to two users – pennie and rajesh – to demonstrate impersonation functionality.
In reality, the entire user population in the OUD will have this object class – orclIDXPerson.
D. Obtain the entryUUID and orclGUID of the impersonator (rajesh)
cd /d01/Weblogic/FMW/asinst_1/OUD/bin
./ldapsearch -p 1389 -b “uid=rajesh,ou=People,dc=oud,dc=com” -s base -D “cn=Directory Manager” -w Oracle123 “(objectclass=*)” orclguid entryuuid
orclguid: 43ce0ed15c5c31a7879fdad695b4d21e
E. Search orclImpersonationGrantee optional attribute of the impersonatee(pennie) and add the orclguid value.
Format:
orclguid of impersonator(rajesh)|start_date|end_date;impersonator2|start_date|end_date;impersonator3|start_date|end_date
E.g.:
43ce0ed15c5c31a7879fdad695b4d21e|20160222235959Z|20180222235959Z
verify : ./ldapsearch -p 1389 -D “cn=Directory Manager” -w Oracle123 -b “uid=pennie,ou=People,dc=oud,dc=com” “objectclass=*” orclImpersonationgrantee
F. Modify EnableImpersonation to true in oam-config.xml
cd /d01/Weblogic/FMW/user_projects/domains/OAMDomain/config/fmwconfig/
vi oam-config.xml
EnableImpersonation to true
G. Enable Allow Session Impersonation at Application Domain level.
H. Restart oam_server1, OUD instance, AdminServer and Webserver(having webgate)
I. login as Impersonator (rajesh) to access OAM resource and open new tab with below URL :
http://oam.oraclefusion4all.com:14100/oam/server/impersonate/start?userid=pennie&success_url=http://oam.oraclefusion4all.com:7778/example&failure_url=https://www.tutionbooks.com/
For VIDEO topic:
https://www.praclearn.com/unit/oam-29-session-impersonation/?id=3408
- Use “Host Network Manager” in Oracle Virtual BoxUncategorized
- The trust relationship between this workstation and the primary domain failed.Uncategorized
- Certification Path for Skills in OIM, OAM, OAAM, OIF, OES or OPAMOAM OIM OPAM
- VirtualBox Error – Failed to open the disk image file Cannot register the hard disk UUID already exists.OAM OIM OPAM
- JBO-25058: Definition
of type Attribute is not found in OrganizationVO or UserVO or RoleVO or CatalogVO OIM
SailPoint IdentityIQ v8.1 – HandsOn, Self Paced & Live Online TrainingOther,Technical 
CyberArk EPM (Endpoint Privilege Manager) V11.5 – Hands-On, Self Paced & Live Online TrainingCAandCyberArk 
CyberArk PAS(Privileged Account Security) V12 – Hands-On, Self Paced & Live Online TrainingCAandCyberArk 
CA SiteMinder Version 12.5 with Hands On : Self Paced & Live Online TrainingCAandCyberArk 
Essential Linux Administration with Oracle DB 12c (12.1.0.2) and other working toolsOracle
0 responses on "How Session Impersonation works in OAM"