apm aaa oam
apm aaa oam(1) BIG-IP TMSH Manual apm aaa oam(1)
NAME
oam - Manages an AAA Oracle Access Manager server.
MODULE
apm aaa
SYNTAX
Configure the oam component within the aaa module using the syntax
shown in the following sections.
CREATE/MODIFY
create oam [name]
modify oam [name]
options:
access-server-hostname [[string] | none]
access-server-name [[string] | none]
access-server-port [[integer] | none]
access-server-retries [integer]
accessgate-encrypted-password [[string] | none]
accessgates [add | delete | modify | replace-all-with] {
[name]
}
action [config-accessgate | noop]
admin-id [[string] | none]
admin-password [[string] | none]
app-service [[string] | none]
description [[string] | none]
enable [false | true]
global-access-protocol-passphrase [[string] | none]
location-specific [true | false]
transport-security-mode [cert | open | simple]
edit oam | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list oam
list oam [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete oam [name]
DESCRIPTION
You can use the oam component to create and manage an AAA Oracle Access
Manager server.
EXAMPLES
create oam oam10g { access-server-hostname www.localcorp.biz access-
server-name accessSrv1 access-server-port 6021 access-server-retries 0
accessgates { oam10gwebgate1 { encrypted-password [string] } } admin-id
firstname.lastname admin-password "[string]" global-access-protocol-
passphrase "[string]" transport-security-mode simple }
Creates the AAA OAM server named oam10g accessing the web gate
oam10gwebgate1 on the Access Server accessSrv1 at host name
www.localcorp.biz on port 6021. The server retries connections
zero times.
delete aaa oam MyOAMServer
Deletes the AAA Oracle Access Manager server named MyOAMServer
from the system.
OPTIONS
access-server-hostname
Specifies the IP address or FQDN of the Oracle Access Manager
server. This option is required.
access-server-name
Specifies the name of the Oracle Access Manager server. This
option is required.
access-server-port
Specifies the port of the Oracle Access Manager server. The
default is 6021.
access-server-retries
Specify the number of times you want the access gate to attempt to
connect to the Oracle Access Manager server when the action option
is set to config-accessgate. The default is 0 (zero).
accessgates
Specifies the ID of the access gate or web gate on the OAM Server.
The system supports the use of multiple access gates/web gates as
long as they are from the same OAM server.
action
Specifies the Oracle Access Manager action type. Actions allow you
to pass user profile information or to redirect the user's browser
to another site. For more information on Actions, refer to the
Access Administration Guide provided by Oracle. The options are:
config-accessgate
Specifies that you want the system to use the
configureAccessGate tool.
noop Specifies "no operation performed." This is the default.
admin-id
Specifies the administrator ID required by the Oracle Access
Manager server. This option is required.
admin-password
Specifies the administrator password required by the Oracle Access
Manager server. The default is none.
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
description
Specifies a unique description for the Oracle Access Manager
server. The default is none.
enable
Specifies whether you want to enable the server. The default is
true.
global-access-protocol-passphrase
Specifies a global passphrase for all Oracle components. The
default is none.
location-specific
Specifies whether or not this object contains one or more
attributes with values that are specific to the location where the
BIG-IP device resides. The location-specific attribute is either
true or false. When using policy sync, mark an object as location-
specific to prevent errors that can occur when policies reference
objects, such as authentication servers, that are specific to a
certain location.
[name]
Specifies the name of an AAA Oracle Access Manager server. This
setting is required.
transport-security-mode
Specifies the transport security level for the communication
between Oracle components and Access Policy Manager. The options
are:
open Communication is not encrypted for protection. Use this mode
when security is not an issue
simple
Communication is encrypted with Oracle Access Manager's
internal CA. Simple mode encrypts communications using
Transport Layer Security, RFC 2246 (TLS v1). This mode is
less secure than Cert mode. Use this mode if you have some
security concerns but do not want to manage your own CA.
cert Communication is encrypted with an external CA. Use cert mode
if you want different certificates on OAM servers and
webgates and you have a trusted 3rd party CA. Oracle Access
Manager components use X.509 digital certificates in PEM
format only.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2012. All rights reserved.
BIG-IP 2014-10-27 apm aaa oam(1)