|Oracle® Fusion Middleware Administrator's Guide for Oracle Internet Directory
11g Release 1 (11.1.1)
Part Number E10029-01
As of 11g Release 1 (11.1.1), Oracle Internet Directory has been integrated with a common management infrastructure that in turn uses Oracle WebLogic Server. This product set is called Oracle Fusion Middleware. This chapter describes some features of Oracle Fusion Middleware that affect Oracle Internet Directory management.
This chapter contains the following sections:
A WebLogic Server administration domain is a logically related group of Java components. Domains include a special WebLogic Server instance called the Administration Server, which is the central point from which you configure and manage all resources in the domain. Usually, you configure a domain to include additional WebLogic Server instances called managed servers. You deploy Java components, such as Web applications and Web services, and other resources onto the managed servers and use the Administration Server for configuration and management purposes only. The managed servers can be grouped together into a cluster.
Oracle Internet Directory is a system component. That is, it is a manageable process that is not an Oracle WebLogic Server. System components can use the WebLogic Administrative Domain for management services, including Oracle Enterprise Manager Fusion Middleware Control, Audit Framework, configuration management through MBeans and Secure Sockets Layer and Wallet Management. The Oracle WebLogic Server Administration Server controls Oracle Internet Directory and other system components through OPMN.
Oracle Internet Directory itself is a C-based process. Its only run time dependency is the Oracle Database. To be managed by the Oracle Fusion Middleware management framework, Oracle Internet Directory must register itself with a local or a remote Oracle WebLogic Server administration domain during installation or from the command line after installation. Therefore, an Oracle Internet Directory 11g installation requires either a local or a remote installation of Oracle WebLogic Server. Also, the Directory Management user interface, ODSM, is a Java component deployed on Oracle WebLogic Server.
If you must manage Oracle Internet Directory in your deployment using only command-line tools and a remote ODSM, there is also an option to install and configure Oracle Internet Directory without registering with a Oracle WebLogic Server Domain.
There are three deployment options for Oracle Internet Directory:
Create Domain–Oracle Internet Directory with a local Oracle WebLogic Server Domain. Oracle WebLogic Server is installed locally with Oracle Internet Directory and an admin domain is created for Oracle Internet Directory.
Extend Domain–Oracle Internet Directory with a remote Oracle WebLogic Server Domain. Oracle WebLogic Server admin server and domain have been installed and created separately and Oracle Internet Directory registers with the Domain remotely.
No Domain–Oracle Internet Directory without a Oracle WebLogic Server Domain. Oracle Internet Directory can be installed and configured without Oracle WebLogic Server Server and without registering to any Oracle WebLogic Server Admin Domains. In this case, Oracle Internet Directory cannot be managed by Oracle Enterprise Manager Fusion Middleware Control or other common Oracle Fusion Middleware management services. You must rely on command-line utilities such as
opmnctl and the LDAP tools. ODSM can be deployed separately and used to manage Oracle Internet Directory.
During an Oracle Internet Directory installation, Oracle Identity Management 11g Installer requests domain information. You have the following choices:
Create New Domain
Extend Existing Domain
If you choose Create New Domain or Extend Existing Domain, the Oracle Internet Directory component you create is registered with that domain when the installation is complete.
If you choose None, the Oracle Internet Directory component is not registered with any domain when the installation is complete. You will be unable to manage Oracle Internet Directory, or any other component in that Oracle instance, with Oracle Enterprise Manager Fusion Middleware Control until you register the component with a WebLogic domain by using the command-line tool
An Oracle Fusion Middleware home consists of the Oracle WebLogic Server home, and optionally one or more other Oracle product homes (also known as Oracle homes). A middleware home can reside on a local file system or on a remote shared disk that is accessible through NFS. The Oracle Fusion Middleware home is represented in path names as
A WebLogic Server home contains installed files necessary to host a WebLogic Server. The WebLogic Server home directory is a peer of other Oracle home directories underneath the middleware home directory. In path names, it is represented as
An Oracle home contains installed files necessary to host a specific product.
An Oracle home is the top-level installation directory for Oracle products. It can reside on a local file system or on a remote shared disk that is accessible through NFS. Oracle home is where product binaries and read-only files reside. Files in the Oracle home are not updated during the normal running of the application server components. They are only updated when you apply a patch or upgrade.
The Oracle home is usually represented in path names as
Each Oracle home can be associated with multiple Oracle instances or Fusion Middleware domains
In 11g Release 1 (11.1.1), product configuration data has been separated from product binaries. The product binaries reside in the Oracle home,
ORACLE_HOME, while updatable files reside in an Oracle instance, represented in path names as
Most Oracle Internet Directory commands require that you set the environment variable
ORACLE_INSTANCE to the value of
ORACLE_INSTANCE. You dereference this variable as
$ORACLE_INSTANCE on UNIX or Linux systems and as
%ORACLE_INSTANCE% on Windows.
All configuration files, repositories, log files, deployed applications, and temporary files reside in a oracle instance. Keeping updatable files separate from non-updatable files facilitates administrative tasks such as patching, upgrades, backup and restore, and cloning. It allows administrators to have their run-time and install-time binaries follow independent life cycles.
Oracle instance refers not only to a physical location on disk but also encompasses the associated processes. An Oracle instance contains one or more active middleware system components, such as Oracle Virtual Directory or Oracle Internet Directory. You determine which components are part of an instance, either at install time or by creating and configuring an instance at a later time.
When you install Oracle Internet Directory on a host computer, Oracle Identity Management 11g Installer creates an Oracle Fusion Middleware component of type OID in a new or existing Oracle instance. The component name for the first Oracle Internet Directory component is
ORACLE_INSTANCE/config/OID/componentName ORACLE_INSTANCE/diagnostics/logs/OID/componentName ORACLE_INSTANCE/diagnostics/logs/OID/tools ORACLE_INSTANCE/OID/admin ORACLE_INSTANCE/OID/admin/SSLwallet-name ORACLE_INSTANCE/OID/load ORACLE_INSTANCE/tmp
Fusion Middleware Control enables you to configure and manage all Oracle products from one user interface. You can perform most configuration functions in Fusion Middleware Control that you can perform from the command line. Oracle Enterprise Manager Fusion Middleware Control also includes wizards for setting up replication and for estimating sizing and tuning needs.
Oracle Directory Services Manager is an additional administrative interface for Oracle Internet Directory and Oracle Virtual Directory. It is accessible from Oracle Enterprise Manager Fusion Middleware Control or directly from its own URL.
Using Oracle Enterprise Manager Fusion Middleware Control, you can monitor the Oracle Internet Directory Server and related components and activities.
Using the monitoring functions, you can gain insight into system activity and performance, for example, total logins, successful and unsuccessful logins, average login time, request latencies, LDAP connections, and so on.
You can monitor the following items:
Metrics: To monitor system health
General: A high-level rollup of load, performance, security, login, CPU utilization, and other data
Performance: Key metrics for the directory server and its host
Reports: Data on operation success and failure
Topology: Information on the Oracle HTTP Server instances, directory server instances, associated databases, and other components
The Oracle WebLogic Scripting Tool (WLST) is a command-line scripting environment that you can use to create, manage, and monitor Oracle WebLogic Server domains. It is based on the Java scripting interpreter, Jython. You can use WLST to perform some Oracle Internet Directory management operations.
A managed bean (MBean) is a Java object that represents a JMX manageable resource in a distributed environment, such as an application, a service, a component or a device. When Oracle Internet Directory is registered with an Oracle WebLogic Server Admin Domain, Oracle Internet Directory MBeans are deployed in the Oracle WebLogic Server Admin Server. These MBeans enable management of Oracle Internet Directory configuration through Oracle Enterprise Manager Fusion Middleware Control or WLST.