Oracle Enterprise Single Sign-n Prvisining Gateway Release Ntes Release 10.1.4.0.3 E10331-01 June 2007
Oracle Enterprise Single Sign-n Prvisining Gateway Release Ntes Guide, Release 10.1.4.0.3 E10331-01 Cpyright 2006-2007, Oracle. All rights reserved. The Prgrams (which include bth the sftware and dcumentatin) cntain prprietary infrmatin; they are prvided under a license agreement cntaining restrictins n use and disclsure and are als prtected by cpyright, patent, and ther intellectual and industrial prperty laws. Reverse engineering, disassembly, r decmpilatin f the Prgrams, except t the extent required t btain interperability with ther independently created sftware r as specified by law, is prhibited. The infrmatin cntained in this dcument is subject t change withut ntice. If yu find any prblems in the dcumentatin, please reprt them t us in writing. This dcument is nt warranted t be errr-free. Except as may be expressly permitted in yur license agreement fr these Prgrams, n part f these Prgrams may be reprduced r transmitted in any frm r by any means, electrnic r mechanical, fr any purpse. If the Prgrams are delivered t the United States Gvernment r anyne licensing r using the Prgrams n behalf f the United States Gvernment, the fllwing ntice is applicable: U.S. GOVERNMENT RIGHTS Prgrams, sftware, databases, and related dcumentatin and technical data delivered t U.S. Gvernment custmers are "cmmercial cmputer sftware" r "cmmercial technical data" pursuant t the applicable Federal Acquisitin Regulatin and agency-specific supplemental regulatins. As such, use, duplicatin, disclsure, mdificatin, and adaptatin f the Prgrams, including dcumentatin and technical data, shall be subject t the licensing restrictins set frth in the applicable Oracle license agreement, and, t the extent applicable, the additinal rights set frth in FAR 52.227-19, Cmmercial Cmputer Sftware--Restricted Rights (June 1987). Oracle USA, Inc., 500 Oracle Parkway, Redwd City, CA 94065. The Prgrams are nt intended fr use in any nuclear, aviatin, mass transit, medical, r ther inherently dangerus applicatins. It shall be the licensee's respnsibility t take all apprpriate fail-safe, backup, redundancy and ther measures t ensure the safe use f such applicatins if the Prgrams are used fr such purpses, and we disclaim liability fr any damages caused by such use f the Prgrams. Oracle, JD Edwards, PepleSft, and Siebel are registered trademarks f Oracle Crpratin and/r its affiliates. Other names may be trademarks f their respective wners. The Prgrams may prvide links t Web sites and access t cntent, prducts, and services frm third parties. Oracle is nt respnsible fr the availability f, r any cntent prvided n, third-party Web sites. Yu bear all risks assciated with the use f such cntent. If yu chse t purchase any prducts r services frm a third party, the relatinship is directly between yu and the third party. Oracle is nt respnsible fr: (a) the quality f third-party prducts r services; r (b) fulfilling any f the terms f the agreement with the third party, including delivery f prducts r services and warranty bligatins related t purchased prducts r services. Oracle is nt respnsible fr any lss r damage f any srt that yu may incur frm dealing with any third party.
Release Ntes Oracle Enterprise Single Sign-On Prvisining Gateway Versin 10.1.4.0.3 March, 2007 Oracle is releasing versin 10.1.4.0.3 f Oracle Enterprise Single Sign-On Prvisining Gateway (ESSO-PG). These release ntes prvide imprtant infrmatin abut this release. The infrmatin in this dcument supplements and supersedes infrmatin in the ESSO-PG prduct dcuments. The fllwing tpics are discussed: What s Changed...4 Reslved Issues...5 Open Issues...5 Hardware and Sftware Requirements...6 Technical Ntes...11 Prduct Dcumentatin...12
What s Changed What s Changed Usability enhancements t Manage SSO User s page User applicatins srted alphabetically In the ESSO-PG Administrative Cnsle, n the Manage SSO Users page, applicatins listed in the Only shw users wh have lgns fr are nw srted alphabetically. The applicatins used t be listed randmly. This prvides an easier way t srt thrugh the applicatins. Next and previus buttns A paging feature has been added t the Manage SSO Users page fr scenaris where mre than 1000 recrds are retrieved. A Next and Previus page buttn allws fr the navigatin f the multiple pages. Hardware and sftware requirements The System Requirements have been updated t include specific versin infrmatin fr each supprted platfrm. They have als been mved frm the ESSO-PG Installatin and Setup Guide t the Release Ntes. 4 Release Ntes
Reslved Issues Reslved Issues This sectin describes issues that were reprted in earlier releases f ESSO-PG and have been reslved in this release: Tracking Number a9291 Descriptin A memry cnsumptin issue ccurs n bth the server and client when larger searches are perfrmed. Open Issues This sectin describes issues that remain pen in this release. Tracking Number a7508 Descriptin Entlist cannt be fund Nte: This nly applies t Active Directry strage. ESSO-LM cannt lcate the Entlist when any frm f the wrd "Peple" is used in the "User Path(s)" field and "Lcate in User" is enabled. These settings are cnfigured n the Strage page under the Settings tab in the ESSO-PG Management Cnsle. T wrkarund this issue: Use Cnfiguratin Objects instead f Entlists if "Lcate in User" is enabled. OR D nt create flders with any frm f the wrd "Peple" in the name. Fr example, "mypeple", "yurpeple", "peplesft", etc. 5 Release Ntes
Hardware and Sftware Requirements Hardware and Sftware Requirements The ESSO-PG hardware and sftware requirements are listed under the fllwing sectins: HSupprted Operating SystemsH HSystem RequirementsH HDisk Space RequirementsH HMemry RequirementsH HPrcessr RequirementsH HSftware PrerequisitesH HESSO-LMH HMicrsft.NET FramewrkH HMicrsft IIS H HMicrsft Web Services Enhancements:H HRepsitriesH HDatabasesH HBrwsersH HInstaller RequirementsH HCertificate RequirementsH Supprted Operating Systems The ESSO-PG cmpnents are supprted n the fllwing Operating Systems: Operating System Micrsft Windws 2000 Server Micrsft Windws Server 2003 Family (recmmended server) Versins Supprted SP4 SP1 System Requirements The ESSO-PG cmpnents system requirements are as fllws: Disk Space Requirements Disk space requirements fr the Client Plug-in: Minimum, excluding temprary space and runtime expansin Temprary disk space (/tmp) needed during installatin Fr runtime expansin (cnfiguratin data and lgs) MSI: < 1 MB 10 MB < 1 MB EXE: < 1 MB 10 MB < 1 MB 6 Release Ntes
Hardware and Sftware Requirements Disk space requirements fr the CLI: Minimum, excluding temprary space and runtime expansin Temprary disk space (/tmp) needed during installatin Fr runtime expansin (cnfiguratin data and lgs) MSI: 25 MB 50 MB 2 MB EXE: 25 MB 50 MB 2 MB Disk space requirements fr the Server: Minimum, excluding temprary space and runtime expansin Temprary disk space (/tmp) needed during installatin Fr runtime expansin (cnfiguratin data and lgs) MSI: 7 MB 20 MB 2 MB EXE: 7 MB 30 MB 2 MB Other disk space requirements The fllwing cmpnents require additinal disk space requirements: Micrsft.NET Framewrk 2.0: 20 MB hard drive space (if nt present) A nte abut MSI installer vs. EXE installer: The disk space requirements are different fr the MSI and EXE installers as there are differences in the capabilities f these installers: The EXE installer file includes Micrsft.NET Framewrk versin 2.0, which is a requirement fr ESSO-PG. The EXE installer file can be run in multiple languages. The MSI file is English-nly. Memry Requirements Memry requirements fr the Client Plug-in: Minimum: < 1 MB Recmmended: 1 MB Memry requirements fr the CLI: Minimum: 10 MB Recmmended: 15 MB 7 Release Ntes
Hardware and Sftware Requirements Memry requirements fr the Server: Minimum: 784 MB RAM Recmmended: 1 GB RAM Nte: Althugh this applicatin can run in an envirnment with the minimum amunt f memry installed, the cmputer's memry usage shuld be mnitred and additinal memry added as needed. A lw memry cnditin can cause this applicatin t fail. Prcessr Requirements Prcessr requirements fr the Client Plug-in: Minimum: 1 GHz prcessr Recmmended: 1.4 GHz prcessr Prcessr requirements fr the Server: Minimum: Optern r Xen class prcessr Recmmended: dual-prcessr Optern r Xen class prcessr Sftware Prerequisites The ESSO-PG cmpnents require sftware prerequisites are as fllws: ESSO-LM: ESSO-LM versin 10.1.4.x. Micrsft.NET Framewrk: Micrsft.NET Framewrk 2.0 is required fr the Administrative Cnsle. Micrsft Internet Infrmatin Server: Micrsft IIS 5.0 and Micrsft IIS 6.0 (6.0 recmmended). Ntes: If Active Directry r ADAM is used, the annymus accunt used in IIS must have Administrative privileges and the server must be jined t the dmain. If yu are running Windws 2000 SP4, make sure that the ASPNET accunt (r IWAM_Machine if ASPNET des nt exist) has the privilege t impersnate a client after authenticatin. Please refer t http://supprt.micrsft.cm/kb/821546 fr mre infrmatin. Micrsft Web Services Enhancements: Micrsft Web Services Enhancements 3.0 (WSE 3.0) (installed by ESSO-PG). 8 Release Ntes
Repsitries: Hardware and Sftware Requirements Repsitry Versins Supprted Micrsft Active Directry 2000, 2003 Micrsft Active Directry Applicatin Mde 2003 SP1 IBM Tivli Directry Server 5.2 Sun Java System Directry Server 5.2 Oracle Internet Directry 10.1.4.0.1 Nvell edirectry 8.8 SP1 Databases (nly required if using Event Lgging): Database Versins Supprted Micrsft SQL Server 2000, 2005 Micrsft SQL Server Express Editin 2005 Micrsft SQL Server Desktp Engine (MSDE) Oracle Database Management System 2000 10g Brwsers: Brwser Versins Supprted Internet Explrer 6.0, 7.0 Mzilla Firefx 1.0, 2.0 9 Release Ntes
Hardware and Sftware Requirements Installer Requirements T install ESSO-PG, yu need t have administrative privileges fr the ESSO-PG/IIS server. Yu need t prvide the fllwing infrmatin t cnfigure a directry server: Hst Prt name1[,name2,name3] Name f the server hsting the directry server instance. Prt number f directry server instance. Distinguished name f the directry server dmain rt. Certificate Requirements An X.509 Certificate fr SSL must be btained frm a Certificate Authrity. A Trusted Rt CA Certificate shuld als be dwnladed frm yur Certificate Authrity int the list f trusted rt CA s n the lcal cmputer. Fr mre infrmatin see the Enable SSL sectin in the ESSO-PG Installatin and Setup Guide. A certificate setup guide is prvided with the ESSO-PG dcumentatin suite. If yu d nt have a certificate authrity set up and want t use Micrsft Certificate Services t btain certificates, please refer t the ESSO-PG Certificate Setup Guide which walks yu thugh btaining the necessary certificates using Micrsft Certificate Services. 10 Release Ntes
Hardware and Sftware Requirements Technical Ntes ESSO-PG des nt supprt File Sync r DB Sync. Multiple Lcatrs require a matching applicatin cnfiguratin list (entlist) at each lcatr site. If tw users are lcated under different cntainers (CN) r rganizatinal units (OU), an entlist must exist at each lcatr site in rder fr prvisining t wrk dwn t the client. The matching entlists must exist under bth CNs/OUs that stre the user credentials. In a case where Active Directry and ADAM are used, it is recmmended that the ESSO-PG Server is jined t the same dmain as the SSO users it will be managing. Fr prvisining t take place, the system time f the ESSO-PG server and the SSO clients shuld be synchrnized. If jined t the same dmain this will be handled autmatically by the Dmain Cntrller. When using Java 1.4 fr CLI prvisining, the Java path must be added t the Windws Envirnment path. The IIS Default Web Site Cnnectin Timeut value must be increased if mre than 5000 users are ging t be ppulated in the ESSO-PG Cnsle. The recmmended starting value 300 (5 minutes). This value may need t be increased based n number the number f users. 11 Release Ntes
Prduct Dcumentatin Prduct Dcumentatin The fllwing dcuments supprt this prduct: Oracle Enterprise Single Sign-n Prvisining Gateway Installatin and Setup Guide Oracle Enterprise Single Sign-n Prvisining Gateway Administratr Guide Oracle Enterprise Single Sign-n Prvisining Gateway CLI Guide Oracle Enterprise Single Sign-n Prvisining Gateway.Net CLI/SDK Guide Oracle Enterprise Single Sign-n Prvisining Gateway Java CLI/SDK Guide Oracle Enterprise Single Sign-n Prvisining Gateway Certificate Setup Guide Oracle Enterprise Single Sign-n Prvisining Gateway OIM Cnnectr User s Guide Oracle Enterprise Single Sign-n Prvisining Gateway TIM Installatin and Integratin Guide Oracle Enterprise Single Sign-n Prvisining Gateway SIM Installatin and Integratin Guide Oracle Enterprise Single Sign-n Prvisining Gateway SIM Installatin and Integratin Guide using the Java CLI Oracle Enterprise Single Sign-n Prvisining Gateway CONTROL-SA Installatin and Integratin Guide 12 Release Ntes