9 Extending the Domain with Oracle Directory Integration Platform and ODSM

This chapter describes how to install and configure Oracle Directory Integration Platform (DIP) and Oracle Directory Services Manager (ODSM).

Oracle Directory Integration Platform is an optional product. If it is not required in your environment, do not install it.

This chapter includes the following topics:

9.1 Extending the Oracle WebLogic Domain with Oracle Directory Integration Platform and ODSM

The application tier consists of multiple computers hosting the Oracle Directory Integration Platform, Oracle Directory Services Manager, and Oracle Access Manager instances. In the complete configuration, requests are balanced among the instances on the application tier computers to create a high-performing, fault tolerant application environment.

Note:

Oracle Directory Integration Platform uses Quartz to maintain its jobs and schedules in the database. For the Quartz jobs to be run on different Oracle Directory Integration Platform nodes in a cluster, it is recommended that the system clocks on the cluster nodes be synchronized.

Follow these steps to install and configure Oracle Directory Integration Platform and Oracle Directory Services Manager on IDMHOST1:

  1. Ensure that the system, patch, kernel and other requirements are met. These are listed in the Oracle Fusion Middleware Installation Guide for Oracle Identity Management manual in the Oracle Fusion Middleware documentation library for the platform and version you are using.

  2. If you plan on provisioning the Instance Home or the Managed Server domain directory on shared storage, ensure that the appropriate shared storage volumes are mounted on IDMHOST1 as described in Section 2.4, "Shared Storage and Recommended Directory Structure."

  3. Ensure that port 7006 is not in use by any service on the computer by issuing these commands for the operating system you are using. If a port is not in use, no output is returned from the command.

    On UNIX:

    netstat -an | grep "7006"
    

    If the port is in use (if the command returns output identifying the port), you must free it.

    On UNIX:

    Remove the entries for port 7006 in the /etc/services file and restart the services, as described in Section 19.1, "Starting and Stopping Oracle Identity Management Components,"or restart the computer.

  4. If you plan on provisioning the Instance Home or the Managed Server domain directory on shared storage, ensure that the appropriate shared storage volumes are mounted on IDMHOST1 as described in Section 2.4, "Shared Storage and Recommended Directory Structure."

  5. Copy the staticports.ini file from the Disk1/stage/Response directory to a temporary directory.

  6. Edit the staticports.ini file that you copied to the temporary directory to assign the following custom port:

    # The port for ODSM Server port
    ODS Server Port No = 7006
    
  7. Start the Oracle Identity Management 11g Configuration Assistant by running the config.sh script located under the ORACLE_HOME/bin directory on IDMHOST1. For example:

    /u01/app/oracle/product/fmw/idm/bin/config.sh
    
  8. On the Welcome screen, click Next.

  9. On the Select Domain screen, select Extend Existing Domain and enter the domain details:

    • Hostname: ADMINVHN.mycompany.com

    • Port: 7001

    • User Name: weblogic

    • User Password: <enter user password>

    Click Next.

  10. A dialog box with the following message appears:

    The selected domain is not a valid Identity Management domain or the installer
    cannot determine if it is a valid domain. If you created the domain using the
    Identity Management installer, you can ignore this message and continue. If
    you did not create the domain using the Identity Management installer, refer
    to the Identity Management documentation for information on how to verify the
    domain is valid.
    

    Click OK to continue.

    This is a benign warning that you can ignore.

  11. On the Specify Installation Location screen, specify the following values (the values for the Oracle Middleware Home Location and the Oracle Home Directory fields are prefilled. The values default to the Middleware home and Oracle home previously installed on IDMHOST1 in Section 6.1, "Enabling ADMINVHN on IDMHOST1":

    • Oracle Middleware Home Location: /u01/app/oracle/product/fmw

    • Oracle Home Directory: idm

    • WebLogic Server Directory: /u01/app/oracle/product/fmw/wlserver_10.3

    • Oracle Instance Location: /u01/app/oracle/admin/ods_inst1

    • Oracle Instance Name: ods_inst1

    Click Next.

  12. On the Specify Email for Security Updates screen, specify these values:

    • Email Address: Provide the email address for your My Oracle Support account.

    • Oracle Support Password: Provide the password for your My Oracle Support account.

    • Check the check box next to the I wish to receive security updates via My Oracle Support field.

    Click Next.

  13. On the Configure Components screen, select the following components:

    • Oracle Directory Integration Platform

    • Management Components - Oracle Directory Services Manager

    Deselect all the other components.

    Select the Clustered check box.

    Click Next.

  14. On the Configure Ports screen, select Specify Ports Using Configuration File and enter the full path name to the staticports.ini file that you edited in the temporary directory

    Click Next.

  15. On the Specify OID Details screen, specify the following:

    • Hostname: oid.mycompany.com

    • Port: 636

    • Username: cn=orcladmin

    • Password: ******

    Click Next.

  16. On the Specify Schema Database screen, specify the following values:

    • Connect String:

      infradbhost1-vip.mycompany.com:1521:idmdb1^infradbhost2-vip.mycompany.com:1521:idmdb2@idmedg.mycompany.com
      

      Note:

      The Oracle RAC database connect string information needs to be provided in the format host1:port1:instance1^host2:port2:instance2@servicename.

      During this installation, it is not required for all the Oracle RAC instances to be up. If one Oracle RAC instance is up, the installation can proceed.

      It is required that the information provided above is complete and accurate. Specifically, the correct host, port, and instance name must be provided for each Oracle RAC instance, and the service name provided must be configured for all the specified Oracle RAC instances.

      Any incorrect information entered in the Oracle RAC database connect string has to be corrected manually after the installation.

    • User Name: ODSSM

    • Password: ******

    Click Next.

  17. On the Installation Summary screen, review the selections to ensure that they are correct (if they are not, click Back to modify selections on previous screens), and click Configure.

  18. On the Configuration Progress screen, multiple configuration assistants are launched in succession; this process can be lengthy. Wait until it completes.

  19. On the Installation Complete screen, click Finish to confirm your choice to exit.

9.2 Expanding the Oracle Directory Integration Platform and ODSM Cluster

This section includes the steps for extending the WebLogic Server Domain on IDMHOST2.

This section contains the following topics:

9.2.1 Installing and Configuring Oracle Directory Integration Platform and ODSM on IDMHOST2

Follow these steps to install and configure Oracle Directory Integration Platform and Oracle Directory Service Manager on IDMHOST2:

  1. Ensure that the system, patch, kernel and other requirements are met. These are listed in the Oracle Fusion Middleware Installation Guide for Oracle Identity Management manual in the Oracle Fusion Middleware documentation library for the platform and version you are using.

  2. If you plan on provisioning the Instance Home or the Managed Server domain directory on shared storage, ensure that the appropriate shared storage volumes are mounted on IDMHOST2 as described in Section 2.4, "Shared Storage and Recommended Directory Structure."

  3. Ensure that port number 7006 is not in use by any service on the computer by issuing this command for the operating system you are using. If a port is not in use, no output is returned from the command.

    On UNIX:

    netstat -an | grep "7006"
    

    If the port is in use (if the command returns output identifying the port), you must free it.

    On UNIX:

    Remove the entries for port 7006 in the /etc/services file if the port is in use by a service and restart the services, as described in Section 19.1, "Starting and Stopping Oracle Identity Management Components,"or restart the computer.

  4. Copy the staticports.ini file from the Disk1/stage/Response directory to a temporary directory.

  5. Edit the staticports.ini file that you copied to the temporary directory to assign the following custom port:

    #The port for ODSM Server port
    ODS Server Port No: 7006
    
  6. Start the Oracle Identity Management 11g Configuration Assistant by running the config.sh script located under the ORACLE_HOME/bin directory on IDMHOST1. For example:

    /u01/app/oracle/product/fmw/idm/bin/config.sh
    
  7. On the Welcome screen, click Next.

  8. On the Select Domain screen, select the Expand Cluster option and specify these values:

    • Hostname: ADMINVHN.mycompany.com

    • Port: 7001

    • UserName: weblogic

    • User Password: <Enter the password for the webLogic user>

    Click Next.

  9. A dialog box with the following message appears:

    The selected domain is not a valid Identity Management domain or the installer
    cannot determine if it is a valid domain. If you created the domain using the
    Identity Management installer, you can ignore this message and continue. If you
    did not create the domain using the Identity Management installer, refer to the
    Identity Management documentation for information on how to verify the domain
    is valid.
    

    Click OK to continue.

    This is a benign warning that you can safely ignore.

  10. On the Specify Installation Location screen, specify the following values. The values for the Oracle Middleware Home Location and the Oracle Home Directory fields are prefilled. The values default to the Middleware home and Oracle home previously installed on IDMHOST1 in Section 6.1, "Enabling ADMINVHN on IDMHOST1."

    • Oracle Middleware Home Location: /u01/app/oracle/product/fmw

    • Oracle Home Directory: idm

    • WebLogic Server Directory: /u01/app/oracle/product/fmw/wlserver_10.3

    • Oracle Instance Location: /u01/app/oracle/admin/ods_inst2

    • Oracle Instance Name: ods_inst2

    Click Next.

  11. On the Email for Security Updates screen, specify these values:

    • Email Address: Provide the email address for your My Oracle Support account.

    • Oracle Support Password: Provide the password for your My Oracle Support account.

    • Check the check box next to the I wish to receive security updates via My Oracle Support field.

    Click Next.

  12. On the Configure Components screen, de-select all the products except Oracle DIP and Management Components and then click Next.

  13. On the Configure Ports screen, select Specify Ports Using Configuration File and enter the full path name to the staticports.ini file that you edited in the temporary directory.

    Click Next.

  14. On the Installation Summary screen, review the selections to ensure that they are correct (if they are not, click Back to modify selections on previous screens), and click Configure.

  15. On the Configuration Progress screen, multiple configuration assistants are launched in succession; this process can be lengthy. Wait until it completes.

  16. On the Installation Complete screen, click Finish to confirm your choice to exit.

9.2.2 Post-Installation Steps

In the previous section, the installer created a second Managed Server, WLS_ODS2 on IDMHOST2. However, the Oracle Directory Integration Platform application is not deployed on IDMHOST2 and the newly created Managed Server is not automatically started. Also, the WebLogic Administration Console shows the state of the WLS_OD2 Managed Server on IDMHOST2 as UNKNOWN.

Follow the post-installation steps in this section to complete the installation and configuration of the Oracle Directory Integration Platform and Oracle Directory Services Manager applications on IDMHOST2.

9.2.2.1 Copying the DIP Application from IDMHOST1 to IDMHOST2

Copy the Oracle Directory Integration Platform application from IDMHOST1 to IDMHOST2.

Copy the following directory on IDMHOST1:

MW_HOME/user_projects/domains/IDMDomain/config/fmwconfig/servers/WLS_ODS1/applications

to the following location on IDMHOST2:

MW_HOME/user_projects/domains/IDMDomain/config/fmwconfig/servers/WLS_ODS2/applications. 

For example, from IDMHOST1, execute this command:

scp -rp \
MW_HOME/user_projects/domains/IDMDomain/config/fmwconfig/servers/WLS_ODS1/applications \
user@IDMHOST2:/MW_HOME/user_projects/domains/IDMDomain/config/fmwconfig/servers/WLS_ODS2/applications

9.2.2.2 Setting the Listen Address for the Managed Servers

Set the listen address for the WLS_ODS1 and WLS_ODS2 Managed Servers to the host name of their respective nodes using the Oracle WebLogic Administration Server:

  1. Using a web browser, bring up the Oracle WebLogic Administration Server console and log in using the weblogic user credentials.

  2. In the left pane of the WebLogic Administration Server Console, click Lock & Edit to edit the server configuration.

  3. In the left pane of the WebLogic Server Administration Console, expand Environment and select Servers.

  4. On the Summary of Servers page, click on the link for the WLS_ODS1 Managed Server.

  5. On the Settings page for the WLS_ODS1 Managed Server, update the Listen Address to idmhost1.mycompany.com. This is the host name of the server where WLS_ODS1 is running.

  6. Click Save to save the configuration.

  7. Repeat steps 2 to 6 to update the Listen Address for the WLS_ODS2 Managed Server to idmhost2.mycompany.com. This is host name of the server where WLS_ODS2 is running.

  8. Click Activate Changes to update the server configuration.

9.2.2.3 Starting the Managed Server on IDMHOST2

Follow these steps to start the newly created WLS_ODS2 Managed Server in a cluster on IDMHOST2:

  1. In the left pane of the Oracle WebLogic Server Administration Console, expand Environment and select Clusters.

  2. Select the cluster (cluster_ods) containing the Managed Server (WLS_ODS2) you want to start.

  3. Select Control.

  4. Under Managed Server Instances in this Cluster, select the check box next to the Managed Server (WLS_ODS2) you want to start and click Start.

  5. On the Server Life Cycle Assistant page, click Yes to confirm.

Node Manager starts the server on the target machine. When the Node Manager finishes its start sequence, the server's state is indicated in the State column in the Server Status table.

9.3 Provisioning the Managed Servers on the Local Disk

This section provides the steps to provision the Managed Server on the local disk. Proceed as follows:

  1. Copy the applications directory under the MW_HOME/user_projects/domains/IDMDomain/config/fmwconfig/servers/WLS_ODS1/ directory to the MW_HOME/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/servers/WLS_ODS1 directory and the MW_HOME/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/servers/WLS_ODS2 directory.

    cp -rp MW_HOME/user_projects/domains/IDMDomain/config/fmwconfig/servers/WLS_ODS1/applications ORACLE_BASE/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/servers/WLS_ODS1/
    cp -rp MW_HOME/user_projects/domains/IDMDomain/config/fmwconfig/servers/WLS_ODS1/applications ORACLE_BASE/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/servers/WLS_ODS2/
    
  2. Stop the Admin Server and the Managed Servers (WLS_ODS1 and WLS_ODS2) as described in Section 19.1, "Starting and Stopping Oracle Identity Management Components."

  3. Stop the Node Manager running on both IDMHOST1 and IDMHOST2 as described in Section 19.1, "Starting and Stopping Oracle Identity Management Components."

  4. On IDMHOST1, pack the Managed Server domain using the pack command located under the ORACLE_HOME/common/bin directory. Make sure to pass managed=-true flag to pack the managed server. Type:

    ORACLE_HOME/common/bin/pack.sh -managed=true \
       -domain=path_to_adminServer_domain -template=templateName.jar \
       -template_name=templateName
    

    For example

    ORACLE_HOME/common/bin/pack.sh -managed=true \
      -domain=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain \
      -template=/u01/app/oracle/product/fmw/templates/managedServer.jar \
      -template_name=ManagedServer_Template
    
  5. Unpack the Managed Server to the local disk on IDMHOST1 using the unpack command located under the ORACLE_COMMON_HOME /common/bin directory.

    ORACLE_HOME/common/bin/unpack.sh -domain=path_to_domain_on_localdisk \  
       -template=templateName.jar -app_dir=path_to_appdir_on_localdisk
    

    For example:

    ORACLE_HOME/common/bin/unpack.sh \
       -domain=/u01/app/oracle/admin/IDMDomain/mserver/IDMDomain \
       -template=/u01/app/oracle/product/fmw/templates/managedServer.jar \
       -app_dir=/u01/app/oracle/admin/IDMDomain/mserver/applications
    
  6. Copy the Managed Server template directory from IDMHOST1 to IDMHOST2. For Example:

    scp -rp /u01/app/oracle/products/fmw/templates user@IDMHOST2://u01/app/oracle/products/fmw/templates
    
  7. Unpack the Managed Server to the local disk on IDMHOST2 using the unpack command located under the ORACLE_HOME/common/bin directory.

    ORACLE_HOME/common/bin/unpack.sh -domain=path_to_domain_on_localdisk \
       -template=templateName.jar -app_dir=path_to_appdir_on_localdisk
    

    For example:

    ORACLE_HOME/common/bin/unpack.sh \
       -domain=/u01/app/oracle/admin/IDMDomain/mserver/IDMDomain \
       -template=/u01/app/oracle/product/fmw/templates/managedServer.jar \
       -app_dir=/u01/app/oracle/admin/IDMDomain/mserver/applicationsStatus  
    
  8. Start the Node Manager on IDMHOST1 and IDMHOST2 using the startNodeManager.sh script located under the WL_HOME/server/bin directory. For Example:

    /u01/app/oracle/product/fmw/wlserver_10.3/server/bin/startNodeManager.sh > /tmp/nm.log &
    
  9. Start the Administration server from the shared disk on IDMHOST1 using the startWebLogic.sh script. For example:

    /u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/bin/startWebLogic.sh > \
      /tmp/adminServer.out 2>&1 &
    
  10. Validate that the Administration Server started up successfully by opening a browser accessing the Administration Console http://ADMINVHN.us.oracle.com:7001/console.

    Also validate Enterprise Manager by opening a browser and accessing Oracle Enterprise Manager Fusion Middleware Control at http://ADMINVHN.us.oracle.com:7001/em.

  11. Start the Managed Servers on IDMHOST1 and IDMHOST2 by using the Administration Console by following the steps below

    1. In the left pane of the Oracle WebLogic Server Administration Console, expand Environment and select Clusters

    2. Select the cluster (cluster_ods) containing the Managed Servers (WLS_ODS1, WLS_ODS2) you want to start.

    3. Select Control.

    4. Under Managed Server Instances in this Cluster, select the Managed Servers (WLS_ODS1, WLS_ODS2) and click Start.

    5. On the Server Life Cycle Assistant page, click Yes to confirm.

  12. Delete the MW_HOME/user_projects directory on IDMHOST1 and IDMHOST2. This directory is created by the Oracle Universal Installer when the domain is originally configured and is no longer required after the provisioning the Managed Server to the local disk.

9.4 Configuring ODSM to work with the Oracle Web Tier

This section describes how to configure Oracle Directory Services Manager to work with the Oracle Web Tier.

This section contains the following topics:

9.4.1 Prerequisites

Before proceeding, ensure that the following tasks have been performed:

  1. Install Oracle Web Tier on WEBHOST1 and WEBHOST2.

  2. Install and configure ODSM and Oracle Directory Integration Platform on IDMHOST1 and IDMHOST2.

  3. Configure the load balancer with a virtual hostname (admin.mycompany.com) pointing to web servers WEBHOST1 and WEBHOST2.

9.4.2 Configuring Oracle HTTP Servers to Access the ODSM Console

On each of the web servers on WEBHOST1 and WEBHOST2, a file called admin.conf was created in the directory ORACLE_INSTANCE/config/OHS/component/moduleconf. (See Section 6.9, "Configuring Oracle HTTP Server for the Administration Server.") Edit this file and add the following lines within the virtual host definition:

<Location /odsm>
   SetHandler weblogic-handler
   WebLogicCluster idmhost1.us.oracle.com:odsm_port1,idmhost2.us.oracle.com:odsm_port2
 </Location> 

After editing the file should look like this:

NameVirtualHost *:80
 
<VirtualHost *:80>
 
   ServerName admin.mycompany.com:80
   ServerAdmin you@your.address
   RewriteEngine On
   RewriteOptions inherit
 
   # Admin Server and EM
   <Location /console>
      SetHandler weblogic-handler
      WebLogicHost ADMINVHN
      WeblogicPort 7001
   </Location>
 
   <Location /consolehelp>
      SetHandler weblogic-handler
      WebLogicHost ADMINVHN
      WeblogicPort 7001
   </Location>
 
   <Location /em>
      SetHandler weblogic-handler
      WebLogicHost ADMINVHN
      WeblogicPort 7001
   </Location>
 
   <Location /odsm>
      SetHandler weblogic-handler 
      WebLogicCluster idmhost1.us.oracle.com:odsm_port1,idmhost2.us.oracle.com:odsm_port2
   </Location>
 
</VirtualHost>

Restart the Oracle HTTP Server, as described in Section 19.1, "Starting and Stopping Oracle Identity Management Components."

9.5 Validating the Application Tier Configuration

This section includes steps for validating Oracle Directory Services Manager and Oracle Directory Integration Platform.

This section contains the following topics:

9.5.1 Validating Oracle Directory Services Manager

Follow these steps to validate the Oracle Directory Services Manager installation:

  1. Bring up Oracle Directory Services Manager (ODSM) in a web browser. The URL to access ODSM is:

    http://hostname.mycompany.com:port/odsm/faces/odsm.jspx
    

    For example, on IDMHOST1, enter this URL:

    http://idmhost1.mycompany.com:7006/odsm/faces/odsm.jspx
    

    And on IDMHOST2, enter this URL:

    http://idmhost2.mycompany.com:7006/odsm/faces/odsm.jspx
    
  2. Access ODSM through the LBR address: http://admin.mycompany.com/odsm

  3. Validate that Oracle Directory Services Manager can create connections to Oracle Internet Directory and Oracle Virtual Directory. Follow these steps to create connections to Oracle Internet Directory and Oracle Virtual Directory:

    To create connections to Oracle Internet Directory, follow these steps:

    1. Launch Oracle Directory Services Manager from IDMHOST1:

      http://idmhost1.mycompany.com:7006/odsm/faces/odsm.jspx
      
    2. Create a connection to the Oracle Internet Directory virtual host by providing the information shown below in ODSM:

      Host: oid.mycompany.com
      Port: 636
      Enable the SSL option
      User: cn=orcladmin
      Password: <ldap-password>
      

    To create connections to Oracle Virtual Directory, follow these steps. Create connections to each Oracle Virtual Directory node separately. Using the Oracle Virtual Directory load balancer virtual host from ODSM is not supported:

    1. Launch Oracle Directory Services Manager from IDMHOST1:

      http://idmhost1.mycompany.com:7006/odsm/faces/odsm.jspx
      
    2. Create a direct connection to Oracle Virtual Directory on OVDHOST1 providing the information shown below in ODSM:

      Host: ovdhost1.mycompany.com
      Port: 8899  (The Oracle Virtual Directory proxy port)
      Enable the SSL option
      User: cn=orcladmin
      Password: <ldap-password>
      

9.5.2 Validating Oracle Directory Integration Platform

Validate the Oracle Directory Integration Platform installation by using the WLST dipStatus command. To run this command, follow these steps:

  1. Set the ORACLE_HOME environment variable to the directory where you installed the Identity Management binaries. For example:

    export ORACLE_HOME=/u01/app/oracle/product/fmw/idm
    
  2. Set the WLS_HOME environment variable to the directory where you installed the WebLogic Server. For example:

    export WLS_HOME=/u01/app/oracle/product/fmw/wlserver_10.3
    
  3. Run the ORACLE_HOME/bin/dipStatus -h hostName -p port -D wlsuser command.

    For example, on IDMHOST1, the command and output look like this:

    ORACLE_HOME/bin/dipStatus -h idmhost1.mycompany.com -p 7006 -D weblogic
    [Weblogic user password]
    Connection parameters initialized.
    Connecting at idmhost1.mycompany.com:7006, with userid "weblogic"..
    Connected successfully.
    
    ODIP Application is active at this host and port.
    

    For example, on IDMHOST2, the command and output look like this:

    ORACLE_HOME/bin/dipStatus -h idmhost2.mycompany.com -p 7006 -D weblogic
    [Weblogic user password]
    Connection parameters initialized.
    Connecting at idmhost2.mycompany.com:7006, with userid "weblogic"..
    Connected successfully.
    
    ODIP Application is active at this host and port.
    

9.6 Creating the Oracle Internet Directory Adapter Using ODSM

Create an Oracle Virtual Directory adapter for Oracle Internet Directory using the following steps.

  1. Log in to ODSM. You can get to ODSM either from Oracle Enterprise Manager Fusion Middleware Control or directly. To access ODSM from Fusion Middleware Control, go to http://admin.mycompany.com/em, click OVD, then select ODSM from the OVD menu. To access ODSM directly, go to http://admin.mycompany.com:7005/odsm.

  2. Create a connection to the Oracle Virtual Directory instance on OVDHOST1 and another connection to the instance on OVDHOST2, as follows:

    1. Click Create a New Connection.

    2. Supply the following information:

      Directory Type: OVD

      Name: myovd

      Server: Name of server OVD is running on, for example: OVDHOST1

      Port: Https port of the OVD. Determine this by typing:

      opmnctl status -l
      

      SSL Enabled: Ensure this is selected

      User Name: cn=orcladmin

      Password: orcladmin password

    3. Click Connect.

    4. Accept the certificate when prompted.

  3. Click the Adapter tab.

  4. Click Create Adapter. The New Adapter Wizard appears.

  5. On the Type Screen, supply the following information:

    • Adapter Type: LDAP

    • Adapter Name: User Adapter

    • Adapter Template: User_OID

    Click Next.

  6. On the DNS Setting Screen, for Use DNS for Auto Discovery, choose No.

    Provide the following Connection Details

    • Host: oid.mycompany.com. port: 389

    • Server Proxy Bind DN: cn=orcladmin

    • Proxy Password: orcladmin_password

    Click Next.

  7. Ensure that the Connection Setting are successful.

    Click Next.

  8. On the Name Space screen, provide the following information:

    • Remote Base: dc=mycompany,dc=com

    • Mapped Namespace: dc=mycompany,dc=com

    Click Next.

  9. Verify that the details provided on the Summary screen are accurate and click Finish to create the adapter.

  10. Repeat the Steps 3-9 on the second OVD host with exactly the same parameters and names.

  11. Stop and Start OVDHOST1 and OVDHOST2 as described in Section 19.1, "Starting and Stopping Oracle Identity Management Components" so that the changes take effect.

9.7 Backing Up the Application Tier Configuration

It is an Oracle best practices recommendation to create a backup after successfully completing the installation and configuration of each tier, or at another logical point. Create a backup after verifying that the installation so far is successful. This is a quick backup for the express purpose of immediate restoration in case of problems in later steps. The backup destination is the local disk. You can discard this backup when the enterprise deployment setup is complete. After the enterprise deployment setup is complete, you can initiate the regular deployment-specific Backup and Recovery process. For more details, see the Oracle Fusion Middleware Administrator's Guide.

For information on database backups, refer to the Oracle Database Backup and Recovery Advanced User's Guide.

To back up the installation to this point, follow these steps:

  1. Back up the web tier as described in Section 5.6, "Backing up the Web Tier Configuration."

  2. Back up the database. This is a full database backup, either hot or cold. The recommended tool is Oracle Recovery Manager. You can also use operating system tools such as tar for cold backups.

  3. Back up the application tier instances by following these steps:

    1. Shut down the instance using opmnctl located under the ORACLE_INSTANCE/bin directory:

      ORACLE_INSTANCE/bin/opmnctl stopall
      
    2. Create a backup of the Middleware home on the application tier as the root user:

      tar -cvpf BACKUP_LOCATION/apptier.tar MW_HOME 
      
    3. Create a backup of the Instance home on the application tier as the root user:

      tar -cvpf BACKUP_LOCATION/instance_backup.tar ORACLE_INSTANCE 
      
    4. Start up the instance using opmnctl located under the ORACLE_INSTANCE/bin directory:

      ORACLE_INSTANCE/bin/opmnctl startall
      
  4. Back up the Administration Server domain directory as described in Section 6.14, "Backing Up the WebLogic Domain."

  5. Back up the Oracle Internet Directory as described in Section 7.5, "Backing up the OID Configuration."

  6. Back up the Oracle Virtual Directory as described in Section 8.5, "Backing Up the Oracle Virtual Directory Configuration."

For information about backing up the application tier configuration, see Section 19.4, "Performing Backups and Recoveries."