With the upcoming release of version 12c PS4 of the Oracle Identity Management Suite, there is no better time to upgrade from 11g to 12c. This release continues to improve the platform’s underlying architecture to support easier migrations and quicker upgrades. 12c PS4 introduces advanced automation with out-of-the-box utilities that will allow you to easily run on multi-cloud environments, both in the cloud and on-premises. Oracle IAM suite will be validated for deployment to container-based environments like Docker and Kubernetes to further simplify your deployments with cluster management, stability and scale. With the new platform, functionality will be released in patch bundles. Post patching, getting the benefits is quick and easy: just turn it on! No more big platform upgrades required to get the hottest new features.

Oracle Identity Governance (OIG) 12c adds a number of features to simplify application on-boarding, accelerate moving to role based access management, manage data growth, and target certification campaigns to specific customer defined entitlements. 12c application on-boarding introduces schema discovery, which greatly reduces administrative effort to on-board new applications. Faster on-boarding means less effort on keeping compliant with regulatory requirements around life cycle management and certification reviews. Here are a few additional highlights on what’s new in OIG:

  • Certification enhancements provide you fine-grained control on who reviews user’s access and supports filtering entitlements based on organization for campaigns
  • Day-N LCM utilities to simplify management, backup and restore of deployment configuration
  • Connected applications can use flat-file based reconciliation with relative ease
  • Self-service access policy management
  • Self-service REST APIs
  • Greatly simplified install/configuration with no server restarts
  • Bulk sandbox migration

The latest release also allows you to integrate OIG and Oracle Access Manager using LDAP Connectors. OIG-OAM integration can be done in a single step by executing a new automated script “OIGOAMIntegration.sh”. Alternatively, integration can be done incrementally with sequential steps for execution.
 

Oracle Access Management (OAM) 12c includes several new features to improve the security, usability, and integration with applications. 12c brings you password-less authentication to bypass the standard web form-based authentication and integrating with push notification in Oracle Mobile Authenticator. 12c introduces full support for OpenID Connect, providing application migration to the cloud and native support for cloud applications. OAM WebGates enhanced to understand OAuth/OpenID Connect protocols. 12c enables an advanced feature set of connected sessions, admin session termination, and multi-data center deployment. Some of the 12c highlights include: 

  • Oracle Access Protocol (OAP) over REST for cloud applications
  • Support for standards-based OAuth in a multi-data center environment
  • Simplified process of managing OAM multi-data center topologies without T2P tooling
  • New REST-based APIs, reducing configuration steps
  • Supports database-backed server-side session management
  • Implements database-based authentication plugin import, distribution and activation
  • Supports TLS1.2 to provide communications security over the internet
  • Enhanced password policy management with forced password change, OTP (one time PIN) and more
  • Simplified installer with re-entrant bootstrapping


With Oracle Directory Services, 12c brings virtualization enhancements in Oracle Unified Directory (OUD) and improved REST/SCIM interfaces. You’ll have easier transition to OUD from Oracle Virtual Directory (OVD) and Oracle Directory Server Enterprise Edition (ODSEE) with new virtualization enhancements and overall performance and scalability improvements. The REST/SCIM interfaces will enable OUD to be integrated with modern workloads through HTTP(s) along with legacy applications through LDAP. OUD proxy will be able to expose the data in backends through REST/SCIM. Some of the OUD 12c capabilities include:

  • New & enhanced workflow elements
  • Enhanced security through password-based key functions
  • Better support for TLS 1.2 protocols and cipher suites for improving security
  • Support for WebLogic Scripting tool provisioning commands to simplify management of OUD instances
  • Support for Transparent Network Substrate (TNS) aliases
  • Support for new log publishers that are configurable via OUDSM
  • REST APIs for OUD Administration

Oracle Internet Directory (OID) 12c is also being updated for improved replication and resiliency. With OID, you’ll see:

  • Use of WebLogic Management Framework
  • Diagnostic log messages captured in OID server log files,
  • HTML summary reports from the OIDdiag tool
  • Support of one-way or two-way authentication SSL mode by replication server
  • Enable no-auth mode of SSL, anonymous cipher configuration in OID

To learn more about what’s required to upgrade, check out the Introduction to Upgrading Oracle Identity and Access Management to 12c and stay tuned to this blog series for future updates!