4 Installing and Configuring a Database for Oracle Identity Manager

Oracle Identity Manager requires a database. You must install and configure your database before you begin the Oracle Identity Manager installation. This chapter contains the following topics:

• Using an Oracle Database for Oracle Identity Manager

• Using Oracle RAC Databases for Oracle Identity Manager

Using an Oracle Database for Oracle Identity Manager

To use Oracle for your database, you must:

1. Install Oracle—see "Installing Oracle" for more information.

2. Create your Oracle database—see "Creating an Oracle Database" for more information.

3. Prepare the Oracle database—see "Preparing the Oracle Database" for more information.

Installing Oracle

Install the Oracle9i or 10g Release 2 database by referring to the documentation delivered with the Oracle database. Refer to the Oracle Identity Manager Release Notes for the specific supported versions. Oracle recommends using the Basic installation.

Note:

If you choose the Custom installation, you must include the JVM option, which is required for XA transaction support.

Creating an Oracle Database

You need to create a new Oracle database instance for Oracle Identity Manager. When creating the database, make sure to configure the Oracle JVM feature and enable query rewrite.

You can use the Database Configuration Assistant (DBCA) tool to create the database. To configure the Oracle JVM feature, select the Oracle JVM feature on the Standard Database Features page of the DBCA.

To enable the database for query rewrite, set the init.ora parameters QUERY_REWRITE_ENABLED to TRUE and QUERY_REWRITE_INTEGRITY to TRUSTED in the All Initialization Parameters field of the DBCA.

Consult your Oracle database documentation for detailed instructions on creating a database instance.

Configuring the Database for Globalization Support

For globalization support for Oracle Identity Manager, Oracle recommends configuring the database for Unicode. To configure the database for Unicode, perform the following steps:

1. Set the database character to AL32UTF8, which supports the latest version of the Unicode standard, by selecting AL32UTF8 in the Character Sets tab of the DBCA.

2. Set the NLS_LENGTH_SEMANTICS init.ora parameter to CHAR in the All Initialization Parameters field of the DBCA.

   See Also:

   Oracle Identity Manager Globalization Guide

Preparing the Oracle Database

Once you have installed Oracle and created a database instance, you must prepare it for Oracle Identity Manager by completing the following tasks:

• Verify that query rewrite is enabled

• Enable XA transactions support

  Note:

  The Java JVM is required to enable XA transaction support. If you did not install the JVM during your Oracle installation, you must install it now. Consult Oracle documentation for specific instructions.

• Create at least one tablespace for storing Oracle Identity Manager data

• Create a database user account for Oracle Identity Manager

You can perform the preceding tasks to prepare your Oracle database for Oracle Identity Manager by running one of the following scripts:

• prepare_xl_db.sh (for UNIX or Linux)

• prepare_xl_db.bat (for Windows)

Both of these scripts ship with the Oracle Identity Manager installer and reside in the directory \installServer\Xellerate\db\oracle\.

You must observe the following prerequisites when using the prepare_xl_db scripts:

• The script must be run by the user holding dba privilege (For example, the oracle user on UNIX or Linux typically holds these privileges).

• The script must be run on the machine where the database resides.

To prepare your Oracle database for Oracle Identity Manager, complete the steps associated with the operating system on the machine hosting your Oracle database:

UNIX or Linux:

1. Copy the scripts prepare_xl_db.sh and xell_db_prepare.sql from the distribution CD to a directory on the machine hosting your database where you (as the account user performing this task) have write permission.

2. Run the following command to enable execute permission for the script:

   chmod 755 prepare_xl_db.sh

3. Run the script prepare_xl_db.sh by entering the following command:

   ./prepare_xl_db.sh

4. Provide information appropriate for your database and host machine when the script prompts you for the following items:

   1. The location of your Oracle home (ORACLE_HOME)

   2. The name of your database (ORACLE_SID)

   3. The name of the Oracle Identity Manager database user to be created

   4. The password for the Oracle Identity Manager database user

   5. The name of the tablespace to be created for storing Oracle Identity Manager data

   6. The directory in which to store the data file for the Oracle Identity Manager tablespace

   7. The name of the data file (you do not need to append the .dbf extension)

   8. The name of the temporary tablespace.

5. Check the prepare_xl_db.lst log file located in the directory where you ran the xl_db_prepare script from to see execution status and additional information.

   Note:

   If you encounter errors after running the prepare_xl_db.sh script, run the following command to ensure the prepare_xl_db.sh is executable on UNIX and Linux and then run the prepare_xl_db.sh script again.

   $ dos2unix prepare_xl_db.sh
   
   

Windows:

1. Copy the scripts prepare_xl_db.bat and xell_db_prepare.sql from the distribution CD to a directory on the machine hosting your database where you (as the account user performing this task) have write permission.

2. Open a command window, navigate to the directory where you just copied the scripts, then run prepare_xl_db.bat with the following arguments:

   prepare_xl_db.bat <ORACLE_SID> <ORACLE_HOME>
   <XELL_USER> <XELL_USER_PWD> <TABLESPACE_NAME>
   <DATAFILE_DIRECTORY> <DATAFILE_NAME>
   <XELL_USER_TEMP_TABLESPACE> <SYS_USER_PASSWORD>
   
   

   For example, the string you enter on the command line might look something like the following:

   prepare_xl_db.bat XELL C:\oracle\ora92 xladm xladm
   xeltbs C:\oracle\oradata xeltbs_01 TEMP manager
   
   

   Table 4-1 lists the options used in the preceding example of prepare_xl_db.bat:

   Table 4-1 Options for the prepare_xl_db.bat Script

   Argument	Description
   XELL	Name of the database
   C:\oracle\ora92	Directory where the Oracle database is installed
   xladm	Name of the Oracle Identity Manager user to be created
   xladm	Password for the Oracle Identity Manager user
   xeltbs	Name of the tablespace to be created
   C:\oracle\oradata	Directory where the datafiles will be placed
   xeltbs_01	Name of the datafile (you do not need to give .dbf extension)
   TEMP	Name of the temporary tablespace that already exists in your database
   manager	Password for the SYS user

   
   

3. Check the prepare_xell_db.lst log file located in the directory where you ran the xell_db_prepare script from to see execution status and additional information.

If the script returns a message indicating successful execution, you can continue to the next task, which is Oracle Identity Manager installation.

If the script does not succeed, you must manually fix all fatal errors so that the database is prepared successfully.

You can ignore non-fatal errors. For example, when the script tries to drop a non-existent view, it will return the error "ORA-00942: table or view does not exist". This can be ignored without adverse consequences.

Make sure to scan all the errors in the log file and ignore or resolve them on an individual basis. Remember that you must successfully prepare the database for Oracle Identity Manager before you can install Oracle Identity Manager.

Removing Oracle Identity Manager Entries from an Oracle Database

To remove Oracle Identity Manager entries from an Oracle database after removing (deinstalling) the Oracle Identity Manager product, drop the database user holding the Oracle Identity Manager schema.

Using Oracle RAC Databases for Oracle Identity Manager

This section explains how to deploy Oracle RAC databases for Oracle Identity Manager and contains the following sections:

• Installing Oracle Identity Manager for Oracle RAC

• Oracle RAC Net Services

• JDBC and Oracle RAC

• Configuring Oracle Application Server for Oracle RAC

Installing Oracle Identity Manager for Oracle RAC

Oracle RAC is a cluster database with a shared cache architecture that provides highly scalable and available database solutions. A RAC consists of multiple database instances on different machines and acting in tandem to provide these features.

Important:

The Oracle Identity Manager installer program does not provide support for RAC. To deploy Oracle Identity Manager for RAC, you must install Oracle Identity Manager on a single database instance in the RAC and then change the application server settings, specifically the connection pool parameters, to use the RAC JDBC connection string.

Use the following steps to install Oracle Identity Manager for RAC:

1. Ensure the RAC is properly set up and configured with the Oracle Identity Manager schema owner.

2. Start the Oracle Identity Manager installer program.

3. Enter the host name, port number, and database name of a single database instance in the RAC on the Database Parameters screen of the Oracle Identity Manager installer program.

4. Complete the Oracle Identity Manager installation by finishing the steps in the installer program.

5. Configure your application server for RAC by referring to Configuring Oracle Application Server for Oracle RAC.

Oracle RAC Net Services

The net service name entry for an Oracle RAC database differs from that of a conventional database. The following is an example of the net services name entry for an Oracle RAC database:

racdb= 
              (DESCRIPTION= 
                              (LOAD_BALANCE=on)
                              (FAILOVER=on)
                              (ADDRESS_LIST=
                                              (ADDRESS=(protocol=tcp)(host=node1-vip)(port=1521))
                                              (ADDRESS=(protocol=tcp)(host=node2-vip)(port=1521))) 
              (CONNECT_DATA=
                              (SERVER=DEDICATED)
                              (SERVICE_NAME=racdb)))

Table 4-2 lists and describes the parameters in a net services name entry for an Oracle RAC database:

Table 4-2 Parameters for Oracle RAC Database Net Services Name Entries

Parameter	Description
LOAD_BALANCE	Specifies whether client load balancing is enabled (on) or disabled (off). The default setting is on.
FAILOVER	Specifies whether failover is enabled (on) or disabled (off). The default setting is on.
ADDRESS_LIST	Specifies the list of all the nodes in the RAC, including their host names and the ports they listen on.

JDBC and Oracle RAC

JDBC client applications using the Thin driver to connect to an Oracle RAC database must use the RAC net services name as a part of the JDBC URL. The entire RAC net services name is concatenated and the entire string is used in the JDBC URL so the client application can connect to the RAC.

The following is sample code that demonstrates an example JDBC URL used to connect to a RAC database:

//String url = "jdbc:oracle:thin:@dbhost:1521:dbservice"
String racUrl =
"jdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=on)(FAILOVER=on)(ADDRESS_LIST=(ADDRESS=(protocol=tcp)(host=node1-vip)(port=1521))(ADDRESS=(protocol=tcp)(host=node2-vip)(port=1521)))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=racdb)))";

       String strUser = "username";
       String strPW = "password";

       // load Oracle driver   
       Class.forName("oracle.jdbc.driver.OracleDriver");   

       // create the connection
       con = DriverManager.getConnection(strURL, strUser, strPW);

The subsequent sections about configuring application servers for Oracle RAC databases explain how to modify connection pools to use a similar JDBC URL so the application server can communicate with the RAC.

Configuring Oracle Application Server for Oracle RAC

This section explains how to configure both non-clustered and clustered Oracle Application Servers for Oracle RAC by ensuring the data sources and connection pools are configured to use the RAC JDBC connection string.

Note:

Before configuring Oracle Application Server for Oracle RAC, you must:

• Get the RAC net services name from the tnsnames.ora file.

• Construct the RAC JDBC URL by referring to JDBC and Oracle RAC.

Perform the following steps to configure both non-clustered and clustered Oracle Application Servers for Oracle RAC:

Note:

If you are configuring an Oracle Application Server cluster for Oracle RAC, perform each of the following steps on all nodes in the cluster.

1. Open the <XL_HOME>/xellerate/config/xlconfig.xml file.

2. Locate the <DirectDB> section and replace the value of the <url>...</url> tag with the RAC JDBC URL. For example, the new tag may be similar to the following:

   <url>jdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=on)(FAILOVER=on)(ADDRESS_
   LIST=(ADDRESS=(protocol=tcp)(host=node1-vip)(port=1521))(ADDRESS=(protocol=tcp)
   (host=node2-vip)(port=1521)))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_
   NAME=racdb)))</url>
   
   

3. Save and close the <XL_HOME>/xellerate/config/xlconfig.xml file.

4. Log in to the Oracle Application Server Administrative Console using a web browser.

5. Select the application server where Oracle Identity Manager is installed and then select the OC4J instance within the Oracle Application Server instance you are configuring for Oracle RAC .

6. Select the Administration tab, then select Services, and then select JDBC Resources.

7. Locate the Connection Pools section and select xlConnectionPool.

8. Set the URL property value to the RAC JDBC URL described in step 2.

9. Save the settings.

10. Select xlXAConnectionPool.

11. Set the URL property value to the RAC JDBC URL described in step 2.

12. Save the settings.

13. For a clustered Oracle Application Server environment, repeat steps 5–12 for each node in the cluster.

14. Restart the Oracle Application Server. If you are configuring an Oracle Application Server cluster for Oracle RAC, restart all nodes in the cluster.