fp_idmworks Trusted Contributor.
Trusted Contributor.
374 views

3.5 -- how to convert from OSP to Access Manager oauth

We hare having issues getting Access Manager to configure with oauth.

Backup completed, NODE config types backed up to /opt/netiq/idm/apps/idgov/conf/nam-merged-configuration.properties
10 command(s) completed.
Error:
Exit code: 0
Access Manager configuration returned with the following error message :
'Error getting OAuth client definitions'

We are going to move forward with OSP for the time being. Are we able to move to oauth with Acess Manager later once we have the install configuration figured out? Do we have to reinstall or can we use utilities?

configutil gui does not show where we are configuring the nam information. Configupdate.sh also does not show the NAM oauth configuration. It does show if you do OSP and then SAML for the authentication method.

If there are manual steps of where to put the client id and secret and where to copy what certs to what keystores, we could do the manual process, but the utilities don't seem to allow for configuration after the fact.
0 Likes
2 Replies
Micro Focus Expert
Micro Focus Expert

Re: 3.5 -- how to convert from OSP to Access Manager oauth

On 3/18/19 4:24 PM, fp IDMWORKS wrote:
>
> We hare having issues getting Access Manager to configure with oauth.
>
> Backup completed, NODE config types backed up to
> /opt/netiq/idm/apps/idgov/conf/nam-merged-configuration.properties
> 10 command(s) completed.
> Error:
> Exit code: 0
> Access Manager configuration returned with the following error message
> :
> 'Error getting OAuth client definitions'
>
> We are going to move forward with OSP for the time being. Are we able to
> move to oauth with Acess Manager later once we have the install
> configuration figured out? Do we have to reinstall or can we use
> utilities?
>
> configutil gui does not show where we are configuring the nam
> information. Configupdate.sh also does not show the NAM oauth
> configuration. It does show if you do OSP and then SAML for the
> authentication method.
>
> If there are manual steps of where to put the client id and secret and
> where to copy what certs to what keystores, we could do the manual
> process, but the utilities don't seem to allow for configuration after
> the fact.
>
>

Greetings,

1) There are some steps that have to be done in NAM before you start to
get it set-up to OAuth. Also, you have to have NAM 4.4 SP3 at a min

2) If you are going to set this up at ID Gov install time, then you do
not install OSP. Within the ID Gov installer will be the question about
OSP or NAM and when you select NAM, a new panel will appear for more
information to be entered.


3) If you installed with OSP and then want to switch to using NAM, then
you will need to utilize configupdate 1st to update the necessary and
then run configutil make the necessary changes after.

--
Sincerely,
Steven Williams
Principal Enterprise Architect
Micro Focus
0 Likes
fp_idmworks Trusted Contributor.
Trusted Contributor.

Re: 3.5 -- how to convert from OSP to Access Manager oauth

I have a ticket open for this. Hopes is that we can have a TID or solution that customer's can easily configure with examples to help promote the products and the integration of them.

Thanks, I think the customer will be comfortable moving to production knowing there is a way forward.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.