apm aaa oam
apm aaa oam(1) BIG-IP TMSH Manual apm aaa oam(1)
NAME
oam - Manages an AAA Oracle Access Manager server.
MODULE
apm aaa
SYNTAX
Configure the oam component within the aaa module using the syntax shown in the following sections.
CREATE/MODIFY
create oam [name]
modify oam [name]
options:
access-server-hostname [[string] | none]
access-server-name [[string] | none]
access-server-port [[integer] | none]
access-server-retries [integer]
accessgate-encrypted-password [[string] | none]
accessgates [add | delete | modify | replace-all-with] {
[name]
}
action [config-accessgate | noop]
admin-id [[string] | none]
admin-password [[string] | none]
app-service [[string] | none]
description [[string] | none]
enable [false | true]
global-access-protocol-passphrase [[string] | none]
location-specific [true | false]
transport-security-mode [cert | open | simple]
edit oam | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list oam
list oam [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete oam [name]
DESCRIPTION
You can use the oam component to create and manage an AAA Oracle Access Manager server.
EXAMPLES
create oam oam10g { access-server-hostname www.localcorp.biz access-server-name accessSrv1 access-server-port 6021 access-
server-retries 0 accessgates { oam10gwebgate1 { encrypted-password [string] } } admin-id firstname.lastname admin-password
"[string]" global-access-protocol-passphrase "[string]" transport-security-mode simple }
Creates the AAA OAM server named oam10g accessing the web gate oam10gwebgate1 on the Access Server accessSrv1 at host
name www.localcorp.biz on port 6021. The server retries connections zero times.
delete aaa oam MyOAMServer
Deletes the AAA Oracle Access Manager server named MyOAMServer from the system.
OPTIONS
access-server-hostname
Specifies the IP address or FQDN of the Oracle Access Manager server. This option is required.
access-server-name
Specifies the name of the Oracle Access Manager server. This option is required.
access-server-port
Specifies the port of the Oracle Access Manager server. The default is 6021.
access-server-retries
Specify the number of times you want the access gate to attempt to connect to the Oracle Access Manager server when
the action option is set to config-accessgate. The default is 0 (zero).
accessgates
Specifies the ID of the access gate or web gate on the OAM Server. The system supports the use of multiple access
gates/web gates as long as they are from the same OAM server.
action
Specifies the Oracle Access Manager action type. Actions allow you to pass user profile information or to redirect the
user's browser to another site. For more information on Actions, refer to the Access Administration Guide provided by
Oracle. The options are:
config-accessgate
Specifies that you want the system to use the configureAccessGate tool.
noop Specifies "no operation performed." This is the default.
admin-id
Specifies the administrator ID required by the Oracle Access Manager server. This option is required.
admin-password
Specifies the administrator password required by the Oracle Access Manager server. The default is none.
app-service
Specifies the name of the application service to which the object belongs. The default value is none. Note: If the
strict-updates option is enabled on the application service that owns the object, you cannot modify or delete the
object. Only the application service can modify or delete the object.
description
Specifies a unique description for the Oracle Access Manager server. The default is none.
enable
Specifies whether you want to enable the server. The default is true.
global-access-protocol-passphrase
Specifies a global passphrase for all Oracle components. The default is none.
location-specific
Specifies whether or not this object contains one or more attributes with values that are specific to the location
where the BIG-IP device resides. The location-specific attribute is either true or false. When using policy sync, mark
an object as location-specific to prevent errors that can occur when policies reference objects, such as
authentication servers, that are specific to a certain location.
[name]
Specifies the name of an AAA Oracle Access Manager server. This setting is required.
transport-security-mode
Specifies the transport security level for the communication between Oracle components and Access Policy Manager. The
options are:
open Communication is not encrypted for protection. Use this mode when security is not an issue
simple
Communication is encrypted with Oracle Access Manager's internal CA. Simple mode encrypts communications using
Transport Layer Security, RFC 2246 (TLS v1). This mode is less secure than Cert mode. Use this mode if you have
some security concerns but do not want to manage your own CA.
cert Communication is encrypted with an external CA. Use cert mode if you want different certificates on OAM servers
and webgates and you have a trusted 3rd party CA. Oracle Access Manager components use X.509 digital certificates
in PEM format only.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2012. All rights reserved.
BIG-IP 2014-10-27 apm aaa oam(1)