Book

Administering and configuring IDM/OpenIDM

This book provides information on administering and configuring IDM/OpenIDM, including frequently asked questions and known issues.


Printer friendly view

Table of Contents

  • 1 General
    • 1.1 What versions of DS/OpenDJ are compatible with IDM/OpenIDM?
    • 1.2 What versions of AM/OpenAM are compatible with IDM/OpenIDM?
    • 1.3 What Java versions are ForgeRock products supported on?
  • 2 Security
    • 2.1 How do I secure the JWT session cookie used by OpenIDM 4?
    • 2.2 How do I limit the supported secure protocols and cipher suites in IDM/OpenIDM (All versions)?
    • 2.3 How do I disable TLS Client-Initiated Renegotiation in IDM/OpenIDM (All versions)?
    • 2.4 How do I hash the password for openidm-admin before the first startup of IDM/OpenIDM (All versions)?
    • 2.5 How does IDM/OpenIDM (All versions) use anonymous access?
    • 2.6 How does IDM/OpenIDM (All versions) protect against CSRF attacks?
    • 2.7 How do I remove access to the browser-based UI in IDM/OpenIDM (All versions)?
  • 3 Keystores
    • 3.1 How do I change the symmetric key in IDM 5.x, 6 and OpenIDM 4.x?
    • 3.2 How do I renew my existing CA certificate in use by IDM/OpenIDM (All versions)?
  • 4 Clusters
    • 4.1 Best practice for clustering in IDM
    • 4.2 FAQ: Clusters in IDM/OpenIDM
  • 5 Configuration
    • 5.1 How do I run the command-line interface in IDM (All versions) and OpenIDM 4.x if my install and project directories are different?
    • 5.2 How do I load OSGI bundles and JAR files into IDM/OpenIDM (All versions)?
    • 5.3 How do I implement keep-alive functionality for the managed repository in IDM/OpenIDM (All versions)?
    • 5.4 How do I modify the startup parameters for the IDM/OpenIDM (All versions) Windows Service?
    • 5.5 How do I customize authorization rules for http requests in IDM/OpenIDM (All versions)?
    • 5.6 How do I configure specific managed objects to be case insensitive in IDM/OpenIDM (All versions)?
    • 5.7 How do I stop IDM (All versions) prompting users for their current password during password reset?
    • 5.8 How do I disable audit logging in IDM 6.5?
    • 5.9 How do I re-create the internal OrientDB repository in IDM 5 and OpenIDM 4.x?
    • 5.10 Integration with AM/OpenAM
      • 5.10.1 How does the OIDC authorization flow work when IDM 5.5.x or 6.x is integrated with AM?
    • 5.11 Workflows
      • 5.11.1 How do I migrate my existing BPMN workflows after upgrading to IDM 5.5 or applying Security Advisory #201705?
      • 5.11.2 How do I use workflow scripts to make calls back to IDM/OpenIDM (All versions)?
      • 5.11.3 How do I use RequireJS to load dependencies inside a workflow in IDM 5.x, 6 and OpenIDM 4.x?
    • 5.12 Task Scanner
      • 5.12.1 How do I configure the Task Scanner in IDM/OpenIDM (All versions) to find a user's start date between today and n number of days in the future?
      • 5.12.2 How do I convert a date stored in DS/OpenDJ to a format that the Task Scanner in IDM/OpenIDM (All versions) can use?
      • 5.12.3 FAQ: Task Scanner in IDM/OpenIDM
  • 6 Frequently Asked Questions
    • 6.1 FAQ: General IDM/OpenIDM
    • 6.2 FAQ: Installing and configuring IDM/OpenIDM
    • 6.3 FAQ: IDM/OpenIDM compatibility with third-party products
    • 6.4 How do I count the number of users in my ForgeRock deployment?
  • 7 Known Issues
    • 7.1 Password reset link is invalid error when resetting password via Self-Service in IDM 5.x or 6.x
    • 7.2 Failure to query configurations error when accessing Admin UI in IDM (All versions)
    • 7.3 AM 5, 5.5, 5.5.1 and 6.0.0.x, IDM 6.x and Rest2LDAP cannot connect to DS 5, DS 5.5, DS 5.5.1, DS 5.5.2 or 6 after restricting DS cipher suites or Java upgrade
    • 7.4 SSLHandshakeException or ClassCastException when using an HSM and Java 11 with ForgeRock products
    • 7.5 An illegal reflective access operation has occurred when using Java 11 with ForgeRock products
    • 7.6 Property substitutions no longer work in system configuration files in IDM 5.5 and 6.x
    • 7.7 Finding org.forgerock.json.crypto.JsonCryptoException: Decryption failed errors in IDM/OpenIDM
    • 7.8 Resource exception: 500 Internal Server Error keeps happening in IDM/OpenIDM (All versions)
    • 7.9 Given final block not properly padded error when starting IDM/OpenIDM (All versions)
    • 7.10 Failed to update repo instance state during failed instance recovery warning in IDM (All versions)
    • 7.11 Login fails for some users with an Access denied, user inactive error when IDM 5.x or 6.x is integrated with AM
    • 7.12 Authentication fails with IDM 5.x or 6.x integrated with AM when session-jwt cookie size exceeds browser limits
    • 7.13 Customizing Java Log Format to use SimpleFormatter fails in IDM/OpenIDM (All versions)
    • 7.14 Double-clicks on Self-Service Registration page causes duplicate entries in IDM 5.x, 6 and OpenIDM 4.x
    • 7.15 Link in Password Reset and User Registration emails does not work in Microsoft Outlook with IDM 5.x, 6 - 6.0.0.4, 6.5.0 and OpenIDM 4.x
  • 8 Patches
    • 8.1 How do I check what patches are installed for ForgeRock products?
    • 8.2 How do I install an IDM/OpenIDM patch (All versions) supplied by ForgeRock support?
Loading...