2.3 OIM, OAM, OAAM, OAPM, and OIN
This section discusses the following topics:
-
Prerequisite Checks Performed by the Oracle Identity Management Installer
-
Understanding Oracle WebLogic Server Administration Domain Options
-
Additional Configuration Using the Oracle Identity Manager 11g Configuration Wizard
-
Additional 11g Release 1 (11.1.1.3.0) Deployment Information
-
Understanding the State of Oracle Identity Management Components After Installation
2.3.1 Installation Roadmap
Table 2-2 lists the tasks required to install and configure Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Authorization Policy Manager, and Oracle Identity Navigator.
Table 2-2 Installation Flow for Oracle Identity Management
| No. | Task | Description |
|---|---|---|
|
1 |
Review installation concepts in the Installation Planning Guide. |
Read the Oracle Fusion Middleware Installation Planning Guide, which describes the process for various users to install or upgrade to Oracle Fusion Middleware 11g (11.1.1.3) depending on the user's existing environment. |
|
2 |
Review the system requirements and certification documents to ensure that your environment meets the minimum installation requirements for the components you are installing. |
Read the System Requirements and Specifications document that covers information such as hardware and software requirements, minimum disk space and memory requirements, and required system libraries, packages, or patches: http://www.oracle.com/technology/software/products/ias/files/fusion_requirements.htm Read the Certification document that covers supported installation types, platforms, operating systems, databases, JDKs, and third-party products: http://www.oracle.com/technology/software/products/ias/files/fusion_certification.html |
|
3 |
Install the Oracle 11.1.1 database and any required patches. |
For more information, see Installing Oracle Database. |
|
4 |
Install Oracle WebLogic Server 10.3.3, and create a Middleware Home. |
For more information, see Installing Oracle WebLogic Server 10.3.3 and Creating the Oracle Middleware Home. |
|
5 |
Run Repository Creation Utility (RCU) to create and load the appropriate schemas for Oracle Identity Management products |
For more information, see Creating Database Schema Using the Repository Creation Utility (RCU). |
|
6 |
Install the Oracle Identity Management 11g software. |
For more information, see Installing the Oracle Identity Management 11g Software. |
|
7 |
For Oracle Identity Manager users only: Install the latest version of Oracle SOA Suite 11g (11.1.1.3.0). |
Install the 11.1.1.2.0 version of Oracle SOA Suite, but do not configure a WebLogic domain for Oracle SOA Suite at this stage. You must configure Oracle SOA Suite after patching Oracle SOA Suite 11.1.1.2.0 to 11.1.1.3.0, which is the latest version of Oracle SOA Suite 11g. For more information, see Installing the Latest Version of Oracle SOA Suite (Oracle Identity Manager Users Only). |
|
8 |
Run the Oracle Fusion Middleware Configuration Wizard to configure your Oracle Identity Management products in a new or existing WebLogic domain. |
For more information, see the following chapters: |
|
9 |
Start the servers. |
For more information, see Starting the Stack. |
|
10 |
For Oracle Identity Manager users only: Run the Oracle Identity Manager Configuration Wizard to configure Oracle Identity Manager Server, Design Console, or Remote Manager. Note that you should run the Oracle Identity Manager Server after completing this configuration. |
For more information, see the following topics: |
Oracle Identity Management components will not start running after installing them using the Oracle Identity Management 11g Installer. For information about starting the components after installation, see the Getting Started topics in specific chapters in this guide.
The following figure illustrates the process of installing the Oracle Identity Management 11g software components (the suite containing OIM, OAM, OAAM, OAPM, and OIN).
Table 2-3 lists the Installers and tools used to install and configure Oracle Identity Management 11g components at different stages of the installation process.
Table 2-3 Installation and Configuration Tools
| Task | Tool |
|---|---|
|
Install Oracle WebLogic Server |
Oracle WebLogic Server Installer For more information, see Installing Oracle WebLogic Server 10.3.3 and Creating the Oracle Middleware Home. |
|
Install Oracle SOA 11g Suite |
Oracle SOA 11g Suite Installer For more information, see Installing the Latest Version of Oracle SOA Suite (Oracle Identity Manager Users Only). |
|
Create and load database schema |
Repository Creation Utility (RCU) For more information, see Creating Database Schema Using the Repository Creation Utility (RCU). |
|
Upgrade your existing database schema |
Oracle Fusion Middleware 11g Upgrade Assistant For more information, see the guide Oracle Fusion Middleware Upgrade Guide for Oracle Identity Management. |
|
Install the Oracle Identity Management 11g software |
Oracle Identity Management 11g Installer For more information, see Installing the Oracle Identity Management 11g Software. |
|
Create or extend a WebLogic administration domain |
Oracle Fusion Middleware Configuration Wizard For more information, see Screens in Oracle Fusion Middleware Configuration Wizard. |
|
Install and configure Oracle Identity Manager Server, Design Console, and Remote Manager |
Oracle Identity Manager 11g Configuration Wizard For more information, see Configuring OIM Server, Design Console, and Remote Manager. |
2.3.2 Prerequisite Checks Performed by the Oracle Identity Management Installer
The Oracle Identity Management 11g Release 1 (11.1.1) Installer ensures that your machine has a certified version of the operating system, the correct software packages (service packs), and sufficient physical memory to install the Oracle Identity Management applications on your machine.
On Windows operating systems, the Installer verifies the operating system version, service pack, and physical memory (at least 1024 MB).
On UNIX operating systems, the Installer verifies the operating system version, operating system packages, kernel parameters, glibc version, and physical memory (at least 1024 MB).
2.3.3 Understanding Oracle WebLogic Server Administration Domain Options
After Oracle Identity Management 11g is installed, you are ready to configure the WebLogic Server Administration Domain for Oracle Identity Management components. A domain includes a special WebLogic Server instance called the Administration Server, which is the central point from which you configure and manage all resources in the domain.
This section describes each domain option for installing Oracle Identity Management components:
See:
The "Understanding Oracle WebLogic Server Domains" chapter in the Oracle Fusion Middleware Understanding Domain Configuration for Oracle WebLogic Server guide for more information about Oracle WebLogic Server administration domains.2.3.3.1 Create a New Domain
Select the Create a new WebLogic domain option on the Welcome screen in the Oracle Fusion Middleware Configuration Wizard to create a new WebLogic Server domain.
2.3.3.2 Extend an Existing Domain
Select the Extend an existing WebLogic domain option on the Welcome screen in the Oracle Fusion Middleware Configuration Wizard to add Oracle Identity Management components in an existing Oracle WebLogic Server administration domain. When you add Oracle Identity Management components using this option, they are essentially "joining" an existing domain.
For more information, see Understanding Domain Extension Scenarios.
2.3.4 Additional Configuration Using the Oracle Identity Manager 11g Configuration Wizard
Read this section only if you are installing Oracle Identity Manager. After you install Oracle Identity Manager by using the Oracle Identity Management 11g Installer software, you can encrypt secure data in Oracle Identity Manager schema, create keystores, and so on. You can configure such elements by using the Oracle Identity Manager 11g Release 1 (11.1.1) Configuration Wizard, which is included with the release media.
On UNIX operating systems, to start the Oracle Identity Manager 11g Release 1 (11.1.1) Configuration Wizard, run the <IAMSUITE_IDM_HOME>/bin/config.sh script. On Windows operating systems, run the <IAMSUITE_IDM_HOME>\bin\config.bat script. Note that IAMSUITE_IDM_HOME refers to your IDM_Home directory that contains Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Authorization Policy Manager, and Oracle Identity Navigator.
2.3.5 Additional 11g Release 1 (11.1.1) Deployment Information
This topic describes additional sources for 11g Release 1 (11.1.1) deployment information, including documentation on the following subjects:
See Also:
The "Related Documents" section in this guide's Preface for a list of documents that provide additional information about Oracle Identity Management components.2.3.5.1 Upgrading to 11g Release 1 (11.1.1)
This guide does not explain how to upgrade previous versions of Oracle Identity Management components to 11g Release 1 (11.1.1). To upgrade an Oracle Identity Management component:
From Release 10g to 11g Release 1 (11.1.1), refer to:
2.3.5.2 Installing 11g Release 1 (11.1.1) for High Availability
This guide does not explain how to install Oracle Identity Management components in High Availability (HA) configurations. To install an Oracle Identity Management component in a High Availability configuration, refer to the following documents:
Specifically, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.
2.3.6 Silent Installation
In addition to the standard graphical installation option, you can perform silent installation of the Oracle Identity Management 11g software. A silent installation runs on its own without any intervention, and you do not have to monitor the installation and provide input to dialog boxes.
For more information, see Performing a Silent Installation.
2.3.7 Installing Components on Separate Systems
You can install Oracle Fusion Middleware instances on separate systems. You can also distribute Oracle Fusion Middleware components over multiple systems, which is especially useful for Oracle Identity Management components. You might want to distribute components to improve performance, security, scalability, and availability of Oracle Identity Management services.
The following are two (of many) examples of Oracle Identity Management deployments that benefit from distributing components over multiple systems:
-
Oracle Identity Manager Server on one system, and Oracle Identity Manager Design Console on a different system.
-
Oracle Identity Management components use an Oracle Database to contain the Oracle Metadata Repository. The Oracle Identity Management components and the Oracle Database are installed on separate systems.
Note:
If you install Oracle Identity Management components on a separate system from the database containing the Oracle Metadata Repository, the Oracle Identity Management components will need network access to the repository.
2.3.8 Screens in Oracle Fusion Middleware Configuration Wizard
The Oracle Fusion Middleware Configuration Wizard displays screens based on your domain configuration options. You can use the Oracle Fusion Middleware Configuration Wizard in the following scenarios:
-
Creation of a new WebLogic administration domain, which involves the configuration of Administration Server parameters, server start mode, and so on.
-
Configuration of an existing domain to support Oracle Identity Management components by extending the domain.
See:
The "Customizing the Domain Environment" chapter in the Oracle Fusion Middleware Creating Domains Using the Configuration Wizard guide for more information about configuring your domain.The appendix WebLogic Domain Configuration Screens in this guide for screens in the Oracle Fusion Middleware Configuration Wizard.
2.3.9 Understanding the State of Oracle Identity Management Components After Installation
This topic provides information about the state of Oracle Identity Management components after installation, including:
2.3.9.1 Default SSL Configurations
By default, most of the Oracle Identity Management 11g components are not installed with SSL configured. Only Oracle Adaptive Access Manager is configured with SSL. For other components, you must configure SSL for the Oracle WebLogic Administration Server and Oracle WebLogic Managed Server after installation.
See:
The "SSL Configuration in Oracle Fusion Middleware" topic in the Oracle Fusion Middleware Administrator's Guide for more information.2.3.9.2 Default Passwords
By default, the passwords for all Oracle Identity Management components are set to the password for the Oracle Identity Management Instance. For security reasons, after installation, you should change the passwords of the various components so they have different values.
See:
The following documents for information about changing passwords for Oracle Identity Management components:-
The "Getting Started Managing Oracle Fusion Middleware" topic in the guide Oracle Fusion Middleware Administrator's Guide.
-
Component-specific guides listed in the "Related Documents" section in this guide's Preface.