This chapter contains the following topics:
The user modifiable metadata XML files can be exported to MDS, imported from MDS, and deleted from MDS by using Oracle Enterprise Manager.
This section contains the following topics:
To export metadata XML files to MDS:
Navigate to MDS runtime mbeans. To do so:
Login to Oracle Enterprise Manager as the admin user.
On the landing page, click OIMAppMetadata(11.1.2.0.0) or OIMMetadata(11.1.2.0.0) based on where the metadata file is stored.
From the Application Deployment menu at the top, select MDS configuration.
Click Runtime MBean Browser, and then click the Operations tab.
Export metadata by using the operations. To do so:
Select the first exportMetadata operation in the list.
For toLocation, provide the path to a temporary directory, in which this file is to be exported. This file will be exported to the computer on which Oracle Identity Manager is running. Therefore, make sure that the directory path you specify exist on that computer.
For docs, click the pencil icon, click Add, and in the Element box, provide the full path of the file to be exported. By clicking Add, you can provide the path to multiple docs.
Invoke the operation.
To import metadata XML files from MDS:
Navigate to MDS runtime mbeans, as described in step 1 of "Exporting Metadata Files to MDS".
Export metadata by using the operations. To do so:
In the Operations tab, select the first importMetadata operation in the list.
For fromLocation, provide the directory path of the Oracle Identity Manager host from where documents are to be imported.
For docs, click the pencil icon, click Add, and in the Element box, provide the full path of the file to be imported. By clicking Add, you can provide the path to multiple docs. If no value is provided, then it imports everything under the fromLocation directory recursively.
To delete metadata XML files from MDS:
Note:
Make sure that you create a backup of the metadata file before performing delete operation.Navigate to MDS runtime mbeans, as described in step 1 of "Exporting Metadata Files to MDS".
Export metadata by using the operations. To do so:
In the Operations tab, select the first importMetadata operation in the list.
For docs, click the pencil icon, click Add, and in the Element box, provide the full path of the file to be deleted. By clicking Add, you can provide the path to multiple docs to be deleted.
The following metadata is used for configuring LDAP Container Rules to determine in which container user and roles should be created in LDAP.
Note:
Oracle Identity Manager looks into MDS with file paths starting with /metadata, /db, or /custom. Make sure that starting path or directory name for any XML document is /custom./db/LDAPContainerRules.xml
The following metadata contains the predefined event handler definitions for Oracle Identity Manager operations:
/db/ldapMetadata/EventHandlers.xml /metadata/iam-features-OIMMigration/EventHandlers.xml /metadata/iam-features-Scheduler/EventHandlers.xml /metadata/iam-features-accesspolicy/event-definition/EventHandlers.xml /metadata/iam-features-asyncwsclient/EventHandlers.xml /metadata/iam-features-autoroles/event-definition/EventHandlers.xml /metadata/iam-features-callbacks/event_configuration/EventHandlers.xml /metadata/iam-features-configservice/event-definition/EventHandlers.xml /metadata/iam-features-identity/event-definition/EventHandlers.xml /metadata/iam-features-notification/EventHandlers.xml /metadata/iam-features-passwordmgmt/event-definition/EventHandlers.xml /metadata/iam-features-reconciliation/event-definition/EventHandlers.xml /metadata/iam-features-request/event-definition/EventHandlers.xml /metadata/iam-features-requestactions/event-definition/EventHandlers.xml /metadata/iam-features-selfservice/event-definition/EventHandlers.xml /metadata/iam-features-sod/EventHandlers.xml /metadata/iam-features-system-configuration/EventHandlers.xml /metadata/iam-features-tasklist/EventHandlers.xml /metadata/iam-features-templatefeature/EventHandlers.xml /metadata/iam-features-transUI/EventHandlers.xml /metadata/iam-features-spmlws/EventHandlers.xml /db/ssointg/EventHandlers.xml /metadata/iam-features-catalog/EventHandlers.xml /metadata/iam-features-provisioning/event-definition/EventHandlers.xml /metadata/iam-features-requestprofile/event-definition/EventHandlers.xml /metadata/iam-features-rolesod/EventHandlers.xml
You might need to create a backup of the MDS before performing customizations. To create a backup of the MDS by using Oracle Enterprise Manager:
Login to Oracle Enterprise Manager as the administrator.
On the landing page, click oracle.iam.console.identity.self-service.ear(V2.0).
From the Application Deployment menu at the top, select MDS configuration.
Under Export, select the Export metadata documents to an archive on the machine where this web browser is running option, and then click Export.
All the metadata is exported in a ZIP file.
When migrating from test to production environment, all the connector artifacts must be migrated to the respective database tables, which can be done using the following utilities to migrate JAR files and resource bundle:
Note:
All the Upload JAR and Resource Bundle utilities must be run from the OIM_HOME/bin/ directory.
Make sure that wlfullclient.jar is generated before running these utilities.
Set APP_SERVER, OIM_ORACLE_HOME, JAVA_HOME, MW_HOME, WL_HOME, and DOMAIN_HOME before running the scripts.
All the scripts for the JAR files and resource bundles support both interactive mode and command-line mode usage. But it is recommended to use interactive mode because this is secure and the passwords are not echoed on the console.
For running the scripts in command-line mode, run it with the -help argument. For example:
sh UploadJars.sh -help
To upload a JAR file in the silent mode:
UploadJars.sh [-username USERNAME] [-password PASSWORD] [-serverURL <t3://OIM_HOSTNAME:OIM_PORT>] [-ctxFactory <weblogic.jndi.WLInitialContextFactory>] [-JavaTasks LOCATION_OF_JAVA_TASK_JAR]
For information about configuring the utilities to upload/download JAR files and resource bundle over SSL, see "Configuring SSL for Oracle Identity Manager Utilities" in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Manager.
To upload multiple JAR files in the silent mode:
UploadJars.sh [-username USERNAME] [-password PASSWORD] [-serverURL <t3://OIM_HOSTNAME:OIM_PORT>] [-ctxFactory <weblogic.jndi.WLInitialContextFactory>] [-JavaTasks LOCATION_OF_JAVA_TASK_JAR] [-ScheduleTask LOCATION_OF_SCHEDULED_TASK_JAR] [-ThirdParty LOCATION_OF_THIRD_PARTY_JAR] [-ICFBundle LOCATION_OF_ICF_BUNDLE_JAR]
In this document, interactive mode usage of the JAR and Resource Bundle utilities are explained because it is a secure way of running the utilities and is recommended.
To run the JAR or Resource Bundle utilities in interactive mode, run the scripts without specifying any arguments. For example:
sh UploadJars.sh
The UploadJars.sh and UploadJars.bat scripts are available in the OIM_HOME/bin/ directory. Running these scripts upload the JAR files in to the database.
A sample invocation of this utility is as shown:
[Enter Xellerate admin username :]ADMISTRATOR_LOGIN [Enter the admin password :]ADMINISTRATOR_PASSWORD [[Enter serverURL (Ex. t3://oimhostname:oimportno for weblogic or corbaloc:iiop:localhost:2801 for websphere)]:]t3://xyz.com:14000 [[Enter context (Ex. weblogic.jndi.WLInitialContextFactory for weblogic or com.ibm.websphere.naming.WsnInitialContextFactory for websphere)]:]weblogic.jndi.WLInitialContextFactory Enter the jar type 1.JavaTasks 2.ScheduleTask 3.ThirdParty 4.ICFBundle 1 Enter the path/location of jar file : /tmp/example.jar Do u want to load more jars [y/n] :n
Note:
14000 is Oracle Identity Manager port.The DownloadJars.sh and DownloadJars.bat scripts are available in the OIM_HOME/bin/ directory. Running these scripts download the JAR files from the database.
A sample invocation of this utility is as shown:
[Enter Xellerate admin username :]ADMINISTRATOR_LOGIN [Enter the admin password :]ADMINISTRATOR_PASSWORD [[Enter serverURL (Ex. t3://oimhostname:oimport for weblogic or corbaloc:iiop:localhost:2801 for websphere)]:]t3://localhost:14000 [[Enter context (i.e.: weblogic.jndi.WLInitialContextFactory for weblogic or com.ibm.websphere.naming.WsnInitialContextFactory for websphere)]:]weblogic.jndi.WLInitialContextFactory Enter the jar type 1.JavaTasks 2.ScheduleTask 3.ThirdParty 4.ICFBundle 1 Enter the full path of the download directory : /home/joe/tmp Enter the name of jar file to be downloaded from DB : example.jar Do u want to download more jars [y/n] :n
Note:
14000 is Oracle Identity Manager port.The DeleteJars.sh and DeleteJars.bat scripts are available at the OIM_HOME/bin/ directory. Running these scripts delete the JAR files from the database.
A sample invocation of this utility is as shown:
[Enter Xellerate admin username :]ADMINISTRATOR_LOGIN [Enter the admin password :]ADMINISTRATOR_PASSWORD [[Enter serverURL (Ex. t3://oimhostname:oimport for weblogic or corbaloc:iiop:localhost:2801 for websphere)]:]t3://localhost:14000 [[Enter context (i.e.: weblogic.jndi.WLInitialContextFactory for weblogic or com.ibm.websphere.naming.WsnInitialContextFactory for websphere)]:]weblogic.jndi.WLInitialContextFactory Enter the jar type 1.JavaTasks 2.ScheduleTask 3.ThirdParty 4.ICFBundle 1 Enter the name of jar to be deleted from DB : example.jar Do u want to delete more jars [y/n] :n
The UploadResourceBundles.sh and UploadResourceBundles.bat scripts are available in the OIM_HOME/server/bin/ directory. Running these scripts upload the connector or custom resources to the database.
A sample invocation of this utility is as shown:
Enter Xellerate admin username :]ADMINISTRATOR_LOGIN [Enter the admin password :]ADMINISTRATOR_PASSWORD [[Enter serverURL (Ex. t3://oimhostname:oimportno for weblogic or corbaloc:iiop:localhost:2801 for websphere)]:]t3://localhost:14000 [[Enter context (i.e.: weblogic.jndi.WLInitialContextFactory for weblogic or com.ibm.websphere.naming.WsnInitialContextFactory for websphere)]:]weblogic.jndi.WLInitialContextFactory Enter the resource bundle type 1.Custom Resource 2.Connector Resource 2 Enter the path/location of resource bundle file : /tmp/example.properties Do u want to load more resource bundles [y/n] :n
The DownloadResourceBundles.sh and DownloadResourceBundles.bat scripts are available in the OIM_HOME/bin/ directory. Running these scripts download the resource bundles from the database.
A sample invocation of this utility is as shown:
[Enter Xellerate admin username :]ADMINISTRATOR_LOGIN [Enter the admin password :]ADMINISTRATOR_PASSWORD [[Enter serverURL (Ex. t3://oimhostname:oimportno for weblogic or corbaloc:iiop:localhost:2801 for websphere)]:]t3://localhost:14000 [[Enter context (i.e.: weblogic.jndi.WLInitialContextFactory for weblogic or com.ibm.websphere.naming.WsnInitialContextFactory for websphere)]:]weblogic.jndi.WLInitialContextFactory Enter the resource bundle type 1.Custom Resource 2.Connector Resource 2 Enter the full path of the download directory : /home/joe/tmp Enter the name of resource bundle file : example.properties Do u want to download more resource bundles [y/n] :n
The DeleteResourceBundles.sh and DeleteResourceBundles.bat are available in the OIM_HOME/bin/ directory. Running these utilities delete the resource bundles from the database.
A sample invocation of this utility is as shown:
[Enter Xellerate admin username :]ADMINISTRATOR_LOGIN [Enter the admin password :]ADMINISTRATOR_PASSWORD [[Enter serverURL (Ex. t3://oimhostname:oimportno for weblogic or corbaloc:iiop:localhost:2801 for websphere)]:]t3://localhost:14000 [[Enter context (i.e.: weblogic.jndi.WLInitialContextFactory for weblogic or com.ibm.websphere.naming.WsnInitialContextFactory for websphere)]:]weblogic.jndi.WLInitialContextFactory Enter the resource bundle type 1.Custom Resource 2.Connector Resource 2 Enter the name of resource bundle file to be deleted from DB: example.properties Do u want to delete more resource bundles [y/n] :n