RSA 

enVision Event Source

Oracle Identity Manager

Configuration Instructions and Release Notes
Last Modified: Tuesday, October 04, 2011
Event Source (Device) Product Information
Vendor Oracle
Event Source (Device) Identity Manager
Supported Versions 9.1
enVision Product Information
Version 3.7.1 and later
Event Source (Device) Type oracleim, 193
Collection Method ODBC
Event Source (Device) Class.Subclass Security.Access Control
Content 2.0 Table Access
Service ODBC Service

This document contains the following information for the Oracle Identity Manager event source:

l Configuration Instructions

l Release Notes20111004-165427

Oracle Identity Manager Configuration Instructions

Important: You must have Oracle Identity Manager Auditing and Compliance Module set up to
complete these configuration instructions.
To configure Oracle Identity Manager to work with RSA enVision, you must complete these tasks:
I. Configure the Oracle Identity Manager
II. Create the TNS Service Name
III. Create a System Data Source Name
IV. Set Up the NIC ODBC Service

Copyright © 2011 EMC Corporation. All Rights Reserved.

RSA enVision Event Source

Configure the Oracle Identity Manager

Important: You must install the Oracle Identity Manager Client before completing these steps. 

To configure the Oracle Identity Manager:

1. Log on to the Oracle Identity Manager Design Console with administrator credentials.
2. Expand Administration and double-click System Configuration.
3. To enable user profile auditing, follow these steps:
a. In the Keyboard field, type XL.UserProfileAuditDataCollection.
b. Click the Search icon.
c. In the Value field, type Resource Form.
d. Click the Save icon.

2 Configure the Oracle Identity Manager

RSA enVision Event Source

Create the TNS Service Name

To create the TNS service name:
1. On the enVision appliance, click Start > All Programs > Oracle - OraClient11g_home1
> Configuration and Migration Tools > Net Configuration Assistant.
2. From the Oracle New Configuration Assistant wizard, select Local Net Service Name
Configuration, and click Next.
3. Select Add, and click Next.
4. In the Service Name field, enter a service name, and click Next.
5. Select a network protocol, and click Next.
6. In the Host Name field, enter a hostname, select a port number, and click Next.
7. (Optional) Test the ODBC service connection to the database, and click Next.
8. In the Net Service Name field, ensure that the service name is the same as the name in step 4,
and click Next.
9. Select No, and click Next.
10. Click Finish.

Create the TNS Service Name 3

RSA enVision Event Source

Create a System Data Source Name

To create a system data source name:
1. On the enVision appliance, click Start > All Programs > Administrative Tools
> ODBC Services.
2. On the ODBC Data Source Administrator window, click the System DSN tab.
3. Click Add.
4. On the Create New Data Source window, select Oracle in OraClient11g_home1.
5. Click Finish.
6. On the Oracle ODBC Driver Configuration window, complete the fields as follows.
Field Value
Data Source Name data source name
TNS Service Name The TNS service name that you created
User ID your user ID

7. To test the connection, follow these steps:

a. Click Test Connection.
b. From the Oracle ODBC Driver Connect window, in the Password field, enter your
password.
c. Click OK.
8. On the ODBC Data Source Administrator window, click OK.

4 Create a System Data Source Name

RSA enVision Event Source

Set Up the NIC ODBC Service

Important: If you are running RSA enVision 3.7, you must contact RSA Customer Support to apply bug
fix (EBF) 99362-112701. If you are running RSA enVision 3.7.1 SP 1 or 4.0, you do not need to apply the
bug fix.

To set up the NIC ODBC Service in RSA enVision:

1. Log on to RSA enVision with your administrator credentials.
2. Click Overview > System Configuration > Services > Device Services > Manage ODBC
Service.
3. In the Manage ODBC Service window, click Add.
4. To add the Oracle_IM data source, complete the fields as follows.
Field Action
Enter the name that you created when you added the data
Data source name
source.
Type From the drop-down list, select OracleIM.
Select Use static IP address associated with the data
IP address source name, and enter the IP address of the database loca-
tion.
Enter the database logon ID that you created when you added
User name
the data source.
Enter the password that you created when you added the data
Password
source.
Verify Password Enter the password again.
Interval Enter a time interval for collection.
Start ODBC Service on
Ensure that Start ODBC Service on Apply is selected.
Apply

5. Click Apply.

Note: You must restart the NIC ODBC Service to apply the changes.

Oracle Identity Manager Release Notes (20111004-165427)

What's New in This Release

RSA updated the Oracle Identity Manager event source to Content 2.0. This event source uses the
Access table.
Content 2.0 features new tables and improvements to the parsing of event data into variables in those new
tables.
For rules and reports, note the following:

Set Up the NIC ODBC Service 5

RSA enVision Event Source

l For factory reports, as existing event sources are converted to Content 2.0, their device-specific
reports are updated to work with the new content. In some cases, class-specific reports have
replaced device-specific reports.
l Factory correlated rules have been modified to take advantage of the improved tables, variables
and parsing.
l Custom rules, that involve event sources updated to work with Content 2.0, need to be rewritten.
l Custom reports may not produce the same results as previously. For guidance on updating custom
reports, see the accompanying table documentation and the RSA enVision Content Inspection Tool
guide.

6 Set Up the NIC ODBC Service