| Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management (Oracle Fusion Applications Edition) 11g Release 1 (11.1.3) Part Number E21032-07 |
|
|
PDF · Mobi · ePub |
| Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management (Oracle Fusion Applications Edition) 11g Release 1 (11.1.3) Part Number E21032-07 |
|
|
PDF · Mobi · ePub |
This chapter describes the software installations required for an Oracle Identity Management enterprise deployment.
This chapter contains the following topics:
The installation is divided in two sections. In the first one, the WebTier required installations are addressed. In the second, the required Oracle Fusion Middleware components are installed. Later chapters describe the configuration steps to create the Oracle Identity Management topology.
See Also:
The Oracle Fusion Middleware 11g Release 1 Download, Installation, and Configuration Readme for this release, at: http://docs.oracle.com/cd/E23104_01/download_readme.htm
Oracle groups its software releases by product area. A Product Media Pack refers to those groupings. Each media pack may also include a zipped file containing electronic documentation files or "Quick Install" files, which facilitate the initial installation of the software.
Note:
For installations of Oracle Fusion Applications, you must have available the complete set of software contained in the product media pack. You cannot install from individual pieces. Therefore, if you need to install from media that is no longer available on Oracle Software Delivery Cloud, contact My Oracle Support to obtain the complete media pack.
Once you have completed the software licensing agreements, you can obtain the Oracle Fusion Applications software using one of these two methods:
Oracle Software Delivery Cloud Portal: Provides you with a readme document that helps you to determine which media you need to fulfill the license you have purchased. You download only the media you need. This is the default delivery method.
Oracle Store: Provides a complete set of the software in DVD format. You use only the DVDs covered by your software licensing agreement.
Using either method, you can obtain the Oracle Fusion Applications Provisioning repository and gain access to the Oracle Fusion Applications documentation library.
After you download the archive file, extract the archive file into a directory of your choice on the machine where you are performing the installation.
For more information, see the Preparing for an Installation chapter in Oracle Fusion Applications Installation Guide.
Different topologies use different servers and require different software to be installed. Table 6-1, "Software to be Installed for Different Topologies" shows, for each topology, which software should be installed into each host. The subsequent sections explain how to do this. Also see Table 2-2, "Software Versions Used" a
Where two different pieces of Oracle binary software are installed onto the same host (for example OIM11g and SOA11g), this software is installed in the same Middleware home location, but in different Oracle homes.
All software uses the same Middleware home location.
Notes:
When using shared storage, ensure that users and groups used in the installation have the same ID on all hosts that use the storage. If you fail to do this, some hosts might not be able to see or execute some all the files.
Some products, such as Oracle Internet Directory and Oracle Virtual Directory, require you to run a script that sets the permissions of some files to root.
Table 6-1 Software to be Installed for Different Topologies
| Topology | Hosts | OHS 11g | JRockit | WLS | IAM | SOA | IDM |
|---|---|---|---|---|---|---|---|
|
All |
WEBHOST1 |
X |
|||||
|
WEBHOST2 |
X |
||||||
|
OAM11g/OIM11g |
IDMHOST1 |
X |
X |
X |
X |
X |
|
|
IDMHOST2 |
X |
X |
X |
X |
X |
||
|
OIMHOST1 |
X |
X |
X |
X |
|||
|
OIMHOST2 |
X |
X |
X |
X |
|||
|
OIDHOST1 |
X |
X |
X |
||||
|
OIDHOST2 |
X |
X |
X |
||||
|
OVDHOST1 |
X |
X |
X |
||||
|
OVDHOST2 |
X |
X |
X |
||||
|
Split Domain for OIM (Separate MW_HOME, SOA, and IAM) |
IDMHOST1 |
X |
X |
X |
X |
||
|
IDMHOST2 |
X |
X |
X |
X |
|||
|
OIMHOST1 |
X |
X |
X |
X |
|||
|
OIMHOST2 |
X |
X |
X |
X |
|||
|
OIDHOST1 |
X |
X |
X |
||||
|
OIDHOST2 |
X |
X |
X |
||||
|
OVDHOST1 |
X |
X |
X |
||||
|
OVDHOST2 |
X |
X |
X |
||||
|
OIF11g/OAM11g |
IDMHOST1 |
X |
X |
X |
X |
X |
|
|
IDMHOST2 |
X |
X |
X |
X |
X |
||
|
OIDHOST1 |
X |
X |
X |
||||
|
OIDHOST2 |
X |
X |
X |
||||
|
OVDHOST1 |
X |
X |
X |
||||
|
OVDHOST2 |
X |
X |
X |
Oracle Identity Management products are bundled as two product sets: Oracle Identity Management and Oracle Identity and Access Management. (See Table 2-2, "Software Versions Used".) The relevant Identity Management software is installed into separate Oracle homes.
This section explains how to install Oracle HTTP Server on WEBHOST1 and WEBHOST2 (Enterprise Deployments only).
This section contains the following topics:
Prior to installing the Oracle HTTP server, check that your machines meet the following requirements:
Ensure that the system, patch, kernel, and other requirements are met as specified in Oracle Fusion Middleware Installation Guide for Oracle Web Tier.
On Linux platforms, if the /etc/oraInst.loc file exists, check that its contents are correct, as described in Section 6.2.1.1, "Check oraInst.loc."
Check that the inventory directory is correct and that you have write permissions for that directory. If the /etc/oraInst.loc file does not exist, you can skip this step.
The contents of the oraInst.loc file are shown in this example:
inventory_loc=/u01/app/oraInventory inst_group=oinstall
As described in Section 4.4.4, "Directory Structure," you install the Oracle HTTP Server onto a local disk. You can install it on shared storage, but if you do that, you must allow access from the Web Tier DMZ to your shared disk array, which is undesirable. If you decide to install onto shared disk then please see the Release Notes for further configuration information.
Start the Oracle Universal Installer as follows:
On UNIX, issue the command
./runInstaller
On Windows, double-click setup.exe.
Before Starting the install, ensure that the following environment variables are not set on UNIX and Linux platforms.
LD_ASSUME_KERNEL
ORACLE_INSTANCE
On the Specify Inventory Directory screen, do the following:
Enter HOME/oraInventory, where HOME is the home directory of the user performing the installation (this is the recommended location).
Enter the OS group for the user performing the installation.
Click Next.
Follow the instructions on screen to execute createCentralInventory.sh as root.
Click OK.
Proceed as follows:
On the Specify Oracle Inventory Directory screen, enter HOME/oraInventory, where HOME is the home directory of the user performing the installation. (This is the recommended location).
Enter the OS group for the user performing the installation.
Click Next.
On the Welcome screen, click Next.
On the Select Installation Type screen, select Install Software –> Do Not Configure
Click Next.
On the Prerequisite Checks screen, click Next.
On the Specify Installation Location screen, specify the following values:
Fusion Middleware Home Location (Installation Location) For example:
/u01/app/oracle/product/fmw
Oracle Home Location Directory: web
On the Specify SecurityUpdates screen, choose whether to receive security updates from Oracle support.
Click Next.
On the Installation Summary screen, review the selections to ensure that they are correct (if they are not, click Back to modify selections on previous screens), and click Install.
This section describes how to install Oracle Fusion Middleware.
This section contains the following topics:
Section 6.3.1, "Installing Oracle Fusion Middleware Components"
Section 6.3.3, "Installing Oracle WebLogic Server and Creating the Fusion Middleware Home"
Section 6.3.6, "Installing Oracle Identity and Access Management"
Note:
Oracle Identity Management products are bundled as two product sets: Oracle Identity Management and Oracle Identity and Access Management.
This section describes how to install the required binaries to create the Middleware home (MW_HOME), the Oracle WebLogic Server home (WL_HOME), the Oracle homes for Oracle Identity Management (IDM_ORACLE_HOME), the Oracle SOA Suite (SOA_ORACLE_HOME) and Oracle Identity and Access Management (IAM_ORACLE_HOME). A summary of these homes is provided in Table 6-2, "Summary of Homes".
Table 6-2 Summary of Homes
| Home Name | Home Description | Products Installed |
|---|---|---|
|
|
Consists of the Oracle WebLogic Server home and, optionally, one or more Oracle homes. |
|
|
|
This is the root directory in which Oracle WebLogic Server is installed. The |
|
|
|
Contains the binary and library files for Oracle Identity Management and is located in: |
|
|
|
Contains the binary and library files required for Oracle Identity and Access Management and is located in |
|
|
|
Contains the binary and library files required for the Oracle SOA Suite.Required only when creating topologies with OIM and is located in |
|
|
|
Contains the generic Oracle home files. This Oracle home is created automatically by any product installation and is located in |
Generic commands |
If you are deploying Oracle Identity Manager in a split domain, install the IAM and SOA binaries twice, once for each domain, using a separate MW_HOME in the Oracle Identity Manager domain for one set.
Oracle strongly recommends that you read the release notes for any additional installation and deployment considerations prior to starting the setup process.
As described in Section 4.4.4, "Directory Structure," you install Oracle Fusion Middleware software in at least two storage locations for redundancy.
You must install the following components of Oracle Fusion Middleware to create a Middleware home (MW_HOME):
Oracle WebLogic Server: Section 6.3.3, "Installing Oracle WebLogic Server and Creating the Fusion Middleware Home"
One or more of the Oracle Fusion Middleware components
Oracle Fusion Middleware for Identity Management
Perform these steps to install the Oracle WebLogic Server.
To install Oracle WebLogic Server, proceed as follows:
Note:
If you are installing WebLogic Server on a 64-bit platform using a 64-bit JDK, follow the steps in section "Installing WebLogic Server on 64-Bit Platforms Using a 64-Bit JDK" in the Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server instead of the steps in this section.
Start the installer for Oracle WebLogic Server from the installation media:
$ ./wls1036_linux32.bin
In the Welcome screen, click Next.
In the Choose Middleware Home Directory screen, do the following:
Select Create a new Middleware Home.
For Middleware Home Directory, enter ORACLE_BASE/product/fmw
ORACLE_BASE is the base directory under which Oracle products are installed. The recommended value is /u01/app/oracle. See Section 4.4, "About Recommended Locations for the Different Directories" for more information.
Click Next.
In the Register for Security Updates screen, enter your contact information so that you can be notified of security updates, and click Next.
In the Choose Install Type screen, select Custom, and click Next.
In the Choose Products and Components screen, click Next.
In the JDK Selection screen, select only Oracle JRockit 1.6.0_version SDK, and click Next.
In the Choose Product Installation Directories screen, accept the directories ORACLE_BASE/product/fmw/wlserver_10.3 and ORACLE_BASE/product/fmw/coherence_3.7, and click Next.
In the Installation Summary screen, click Next.
The Oracle WebLogic Server software is installed.
In the Installation Complete screen, clear the Run Quickstart check box and click Done.
Validate the installation by verifying that the following directories and files appear in the ORACLE_HOME directory after installing Oracle WebLogic Server:
coherence_version
jrockit-jdkversion
modules
registry.xml
utils
domain-registry.xml
logs
ocm.rsp
registry.dat
wlserver_10.3
Perform these steps to install Oracle Identity Management on the hosts identified in Table 6-1, "Software to be Installed for Different Topologies".
Oracle Identity Management consists of:
Oracle Internet Directory
Oracle Virtual Directory
Oracle Directory Services Manager (ODSM)
Oracle Identity Federation
Note:
Because the installation is performed on shared storage, the two MW_HOME installations are accessible and used by the remaining servers in that tier of the topology.
When provisioning the software on the local hard disk of the machine, ensure you complete the steps on all the hosts in the tier.
Ensure that the system, patch, kernel and other requirements are met. These are listed in the Oracle Fusion Middleware Installation Guide for Oracle Identity Management in the Oracle Fusion Middleware documentation library for the platform and version you are using.
Start the Oracle Fusion Middleware 11g Oracle Identity Management Installer as follows:
./runInstaller
Then proceed as follows:
On the Specify Inventory Directory screen, enter values for the Oracle Inventory Directory and the Operating System Group Name. For example:
Specify the Inventory Directory: /u01/app/oraInventory
Operating System Group Name: oinstall
A dialog box appears with the following message:
Certain actions need to be performed with root privileges before the install can continue. Please execute the script /u01/app/oraInventory/createCentralInventory.sh now from another window and then press "Ok" to continue the install. If you do not have the root privileges and wish to continue the install select the "Continue installation with local inventory" option.
Log in as root and run:
/u01/app/oraInventory/createCentralInventory.sh
This sets the required permissions for the Oracle Inventory Directory and then brings up the Welcome screen.
Note:
The Oracle Inventory screen is not shown if an Oracle product was previously installed on the host. If the Oracle Inventory screen is not displayed for this installation, ensure that the following are true:
The /etc/oraInst.loc file exists.
The Inventory directory listed is valid.
The user performing the installation has write permissions for the Inventory directory.
On the Welcome screen, click Next.
On the Install Software Updates screen, choose whether to register with Oracle Support for updates or search for updates locally.
Click Next.
On the Select Installation Type screen, select Install Software - Do Not Configure, and then click Next.
On the Prerequisite Checks screen, verify that the checks complete successfully, then click Next.
On the Specify Installation Location screen, enter the following values:
Oracle Middleware Home: Select the previously installed Middleware home from the list for MW_HOME, for example:
/u01/app/oracle/product/fmw
Oracle Home Directory: Enter idm as the Oracle home directory name.
Click Next.
On the Installation Summary screen, click Install - Do Not Configure.
On the Installation Progress screen, on Linux and UNIX systems, a dialog box appears that prompts you to run the oracleRoot.sh script. Open a window and run the oracleRoot.sh script, as the root user.
On the Installation Complete screen, click Finish.
Perform these steps to install the Oracle SOA Suite.
Ensure that the system, patch, kernel and other requirements are met. These are listed in the Oracle Fusion Middleware Installation Guide for Oracle SOA Suite and Oracle Business Process Management Suite in the Oracle Fusion Middleware documentation library for the platform and version you are using.
On UNIX and Linux systems, start the Oracle Fusion Middleware 11g SOA Suite Installer as follows:
./runInstaller
On Windows, the command is:
setup.exe
When the installer prompts you for a JRE/JDK location, enter the Oracle SDK location created in the Oracle WebLogic Server installation, for example:
/u01/app/oracle/product/fmw/jrockit_version
Then perform these installation steps:
On the Specify Inventory Directory screen, enter values for the Oracle Inventory Directory and the Operating System Group Name. For example:
Specify the Inventory Directory: /u01/app/oraInventory
Operating System Group Name: oinstall
A dialog box appears with the following message:
Certain actions need to be performed with root privileges before the install can continue. Please execute the script /u01/app/oraInventory/createCentralInventory.sh now from another window and then press "Ok" to continue the install. If you do not have the root privileges and wish to continue the install select the "Continue installation with local inventory" option.
Log in as root and run:
/u01/app/oraInventory/createCentralInventory.sh
This sets the required permissions for the Oracle Inventory Directory and then brings up the Welcome screen.
Note:
The Oracle Inventory screen is not shown if an Oracle product was previously installed on the host. If the Oracle Inventory screen is not displayed for this installation, check the following:
The /etc/oraInst.loc file exists.
The Inventory directory listed is valid.
The user performing the installation has write permissions for the Inventory directory.
On the Welcome screen, click Next.
On the Prerequisite Checks screen, verify that the checks complete successfully, and then click Next.
On the Specify Installation Location screen, enter the following values:
Oracle Middleware Home: Select a previously installed Middleware Home from the drop-down list. For example: /u01/app/oracle/product/fmw
Oracle Home Directory: Enter SOA as the Oracle home directory name.
Note:
You must use the same Oracle home directory name for Oracle SOA Suite on all hosts.
Click Next.
On the Application Server screen, choose your Application Server, for example: Web Logic Server.
Click Next.
On the Install Software Updates screen, choose whether to register with Oracle Support for updates or search for updates locally.
Click Next.
On the Installation Summary screen, click Install.
On the Installation Process screen, click Next.
On the Installation Complete screen, click Finish.
Oracle Identity and Access Management consists of the following products:
Oracle Access Manager 11g
Oracle Identity Manager
Perform the steps in this section to install Oracle Identity and Access Management on the hosts identified in Table 2-2, "Software Versions Used".
Ensure that the system, patch, kernel and other requirements are met. These are listed in the Oracle Fusion Middleware Installation Guide for Oracle Identity Management in the Oracle Fusion Middleware documentation library for the platform and version you are using.
Start the Oracle Fusion Middleware 11g Installer for Oracle Identity and Access Management as follows:
./runInstaller
When the installer prompts you for a JRE/JDK location, enter the Oracle SDK location created in the Oracle WebLogic Server installation, for example:
/u01/app/oracle/product/fmw/jrockit_version
Then perform these installation steps:
On the Specify Inventory Directory screen, enter values for the Oracle Inventory Directory and the Operating System Group Name. For example:
Specify the Inventory Directory: /u01/app/oraInventory
Operating System Group Name: oinstall
A dialog box appears with the following message:
Certain actions need to be performed with root privileges before the install can continue. Please execute the script /u01/app/oraInventory/createCentralInventory.sh now from another window and then press "Ok" to continue the install. If you do not have the root privileges and wish to continue the install select the "Continue installation with local inventory" option.
Log in as root and run:
/u01/app/oraInventory/createCentralInventory.sh
This sets the required permissions for the Oracle Inventory Directory and then brings up the Welcome screen.
Note:
The Oracle Inventory screen is not shown if an Oracle product was previously installed on the host. If the Oracle Inventory screen is not displayed for this installation, check the following:
The /etc/oraInst.loc file exists.
The Inventory directory listed is valid.
The user performing the installation has write permissions for the Inventory directory.
On the Welcome screen click Next.
On the Prerequisite Checks screen, verify that the checks complete successfully, then click Next.
On the Specify Installation Location screen, enter the following values:
Oracle Middle Ware Home: Select a previously installed Middleware Home from the drop-down list. For example: /u01/app/oracle/product/fmw
Oracle Home Directory: Enter iam as the Oracle home directory name.
Click Next.
On the Install Software Updates screen, choose whether to register with Oracle Support for updates or to search for updates locally.
On the Installation Summary screen, click Install.
On the Installation Progress screen, click Next.
On the Installation Complete screen, click Finish.
You must apply the following patches and workarounds to your environment. Patches are available for download from http://support.oracle.com. You can find instructions for deploying each patch in the enclosed README.html file.
For a complete list of patches, see the Oracle Fusion Middleware Release Notes for your platform and operating system.
This section contains the following topics:
The Release Notes for this version of Oracle Fusion Applications contain the list of Oracle Fusion Middleware patches to apply. You must apply the patches to ensure that your software operates as expected.
Due to issues with versions of the configuration wizard, some environmental variables are not added to the DOMAIN_HOME/bin/setDomainenv.sh script. This causes certain install sequences to fail. This section is a temporary workaround for that problem. The steps in this section must be performed on all the hosts in application tier (IDMHOST1, IDMHOST2, OIMHOST1, and OIMHOST2).
Apply the following steps across all the WebLogic Server homes in the domain.
Copy the OIMAuthenticator.jar, oimmbean.jar, oimsigmbean.jar and oimsignaturembean.jar files located under the IAM_ORACLE_HOME/server/loginmodule/wls directory to the MW_HOME/wlserver_10.3/server/lib/mbeantypes directory.
cp $IAM_ORACLE_HOME/server/loginmodule/wls/* $MW_HOME/wlserver_10.3/server/lib/mbeantypes/.
Change directory to MW_HOME/wlserver_10.3/server/lib/mbeantypes/.
cd $MW_HOME/wlserver_10.3/server/lib/mbeantypes
Change the permissions on these files to 750 by using the chmod command.
chmod 750 *
Oracle Identity Manager uses the wlfullclient.jar library for certain operations. Oracle does not ship this library, so you must create this library manually. Oracle recommends creating this library under the MW_HOME/wlserver_10.3/server/lib directory on all the machines in the application tier of your environment. You do not need to create this library on directory tier machines such as OIDHOST1, OIDHOST2, OVDHOST1 and OVDHOST2.
Follow these steps to create the wlfullclient.jar file:
Navigate to the MW_HOME/wlserver_10.3/server/lib directory
Set your JAVA_HOME environment variable and ensure that the JAVA_HOME/bin directory is in your path.
Create the wlfullclient.jar file by running:
java -jar wljarbuilder.jar
It is a best practice recommendation to back up the Middleware Home and the Oracle Homes. On Linux, to create a backup of the MW_HOME and the ORACLE_HOMEs, as the root user, type:
tar -cvpf fmwhomeback.tar ORACLE_BASE/product/fmw
This creates a backup of the installation files for any products installed in the Oracle Fusion Middleware home.
|
 Copyright © 2004, 2012, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|