Skip Headers
Oracle® Fusion Middleware Patching Guide
11g Release 1 (11.1.1.7.0)

Part Number E16793-25
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

7 Patching Oracle Identity and Access Management

This chapter describes additional patching procedures for Oracle Identity and Access Management components.

Note:

If you have a version of Oracle Identity Management that is earlier than 11g, you must upgrade your software and the patching instructions in this chapter are not applicable. For upgrade instructions, see the Oracle Fusion Middleware Upgrade Guide for Oracle Identity Management.

This chapter contains the following sections:

7.1 Before You Begin

The procedures in this chapter should be used in conjunction with the procedures described in Chapter 3, "Applying the Latest Oracle Fusion Middleware Patch Set". Specifically, be sure that you have reviewed the following before you begin the patching procedures described in this chapter:

7.2 Patching Oracle Identity and Access Management 11.1.1.3.0 Components

To apply the latest patch set to Oracle Identity Manager, Oracle Access Manager or Oracle Adaptive Access Manager 11.1.1.3.0, you must first patch to 11.1.1.5.0.

For information on how to patch your existing 11.1.1.3.0 components to 11.1.1.5.0, refer to the following sections in the Oracle Fusion Middleware Patching Guide in the Oracle Fusion Middleware 11g Release 1 (11.1.1.5.0) documentation library:

Note:

Be sure to review the Oracle Fusion Middleware Interoperability and Compatibility Guide for interoperability issues between Oracle Identity Management and Oracle Fusion Middleware Identity and Access Management components.

Once the components have been upgraded to 11.1.1.5.0, you can apply the 11.1.1.7.0 patch by following the steps in Section 3.6, "Patching Oracle Fusion Middleware".

7.3 Updating Oracle Identity Manager 11.1.1.5.0 to 11.1.1.7.0

This section describes the steps needed to update your existing Oracle Identity Manager 11.1.1.5.0 environment to 11.1.1.7.0.

Note:

The following steps are optional and are not required to complete the patching of Oracle Identity Manager.

  1. Shut down the following servers running in the domain:

    • Administration Server for Oracle Identity Manager

    • Managed Servers for Oracle Identity Manager

    Note:

    The SOA server must be running while applying the patch set. If the SOA server is not running, you will receive an error message and the patch set will not be applied.

  2. After stopping the servers, you must back up your old Oracle Identity Manager 11.1.1.5.0 environment before you upgrade to Oracle Identity Manager 11.1.1.7.0. Be sure that you have backed up the following:

    • MW_HOME directory, including the Oracle Home directories inside Middleware Home

    • Domain Home directory

    • Oracle Identity Manager schemas

    • MDS schema

    • ORASDPM schema

    • SOAINFRA schemas

  3. Make sure you have patched your Oracle SOA Suite software to the latest supported version.

  4. Run the Oracle Identity and Access Management 11g Release 1 (11.1.1.7.0) Patch Set Installer to patch your existing Oracle Identity and Access Management deployment as described in Applying the Patch Set.

  5. Run Patch Set Assistant (located in the bin directory inside the ORACLE_HOME).

    Chapter 4, "Updating Your Schemas with Patch Set Assistant" contains information about using the Patch Set Assistant.

  6. Select Oracle Identity Manager from the Select Component screen. The following schemas are automatically selected for upgrade:

    • Oracle Identity Manager schema _OIM

    • Oracle Metadata Services schema _MDS

      There will be two Oracle Metadata Services schemas selected:

      • Oracle Metadata Services schema used for OIM

      • Oracle Metadata Services schema used for SOA

    • Oracle SOA Infrastructure schema _SOAINFRA

    • User Messaging schema _ORASDPM

    Chapter 4, "Updating Your Schemas with Patch Set Assistant" contains information about using the Patch Set Assistant.

  7. Oracle Identity Manager 11.1.1.7.0 provides an optional standalone patching utility that is used to automate some configuration tasks and optional features. After you have applied the 11.1.1.7.0 patch set, run this utility to:

    • Drop unused database objects

    • Deploy SOA-composites that were changed or introduced with this release

    • Seed new tasks, jobs and notifications

    • Change system properties that cannot be changed with MDS listeners (MBeans)

    • Apply domain specific changes like deployment of new ears, shared libraries to respective target servers

  8. From your present working directory, navigate to the ORACLE_Home/server/bin directory on UNIX systems or ORACLE_Home\server\bin on Windows operating systems.

  9. Navigate to ORACLE_HOME/server/bin and edit the oimPS1PS2upgrade.properties file with the following environment variables:

    Variable Description Sample Value

    JAVA_HOME

    Where JAVA_HOME is the location of the JDK included in the installer.

    On UNIX operating systems:

    JAVA_HOME=/u01/oim/jrockit-jdk1.6.0_29-R28.2.0-4.0.1

    On Windows operating systems:

    C:\Program Files\Java\jdk1.6.0_02

    WEBLOGIC_USER

    Where WEBLOGIC_USER is the name of the WebLogic server administrator.

    WEBLOGIC_USER=weblogic

    WEBLOGIC_HOST

    Where WEBLOGIC_HOST is the location of the machine hosting the server.

    WEBLOGIC_HOST=examplehost/exampleservice

    WEBLOGIC_PORT

    Where WEBLOGIC_PORT is the listening port of the server.

    Where WEBLOGIC_PORT= 1521

    WEBLOGIC.SERVER.DIR

    Where WEBLOGIC.SERVER.DIR is the location of the Oracle WebLogic server installation.

    On UNIX operating systems:

    WEBLOGIC.SERVER.DIR=/u01/oim/wlserver_10.3

    On Windows operating systems:

    WEBLOGIC.SERVER.DIR=\u01\oim\wlserver_10.3


    For Windows operating systems, the following parameters must be set as environment variables. These variables are not read from the oimPS1PS2upgrade.properties file. Any variables set within the properties file will be ignored.

    Variable Description

    OIM_ORACLE_HOME

    Set OIM_ORACLE_HOME to the IAM Oracle Home, where Oracle Identity Manager is installed.

    OIM_ORACLE_HOME=ORACLE_HOME\Oracle\Middleware/ORACLE_OIM1

    ANT_HOME

    Where ANT_HOME is the location of the Ant Java library

    ANT_HOME=\u01\oim\modules\org.apache.ant_1.7.1

    WL_HOME

    Where MW_HOME is the Middleware home that contains the existing Oracle Identity Manager .

    Drive:\Oracle\Middleware


  10. Depending on your environment configuration, you may also need to set the following environment variables to TRUE:

    Variable Description Sample Value (UNIX operating systems)

    LDAPSYNCEnabled

    Set to TRUE to Enable LDAP sync.

    LDAPSYNCEnabled=true

    FAEnabled

    Set to TRUE if your environment is FA. For non-FA environments set to FALSE.

    FAEnabled=true

    SODEnabled

    Set to TRUE if your environment is FA-SOD. For non-FA environments, set to FALSE.

    SODEnabled=true

    MTEnabled

    Set to TRUE if you have a multi-tenant environment. For non-multi-tenant environment, set to FALSE.

    MTEnabled=true


  11. Note:

    Environment details must be provided for each flag set to TRUE. For example, if SODEnabled=true, you must provide the following:

    • Location of the SOA_HOME

    • Name of the SOA Managed Server

    • Name of the database that hosts the server

    • Server port number

    Verify that you have provided all environment-related information for each variable enabled to TRUE before performing the upgrade.

  12. Run oimPS1PS2upgrade.sh (on UNIX) or oimPS1PS2upgrade.bat (on Windows).

  13. Restart the Administration Server and Managed Server for Oracle Identity Manager.

  14. Verify that the Upgrade utility completed successfully.

    • Review the oimPS1PS2upgrade.log file created in the ORACLE_HOME/server/upgrade/log directory.

      End of file should state BUILD SUCCESSFUL.

    • Verify all the required schema s are upgraded properly by running the following query:

      select comp_name,version,status,upgraded from schema_version_registry;
      
      SDP Messaging 11.1.1.7.0 VALID Y
      SOA Infrastructure Services 11.1.1.7.0 VALID Y
      Metadata Services 11.1.1.7.0 VALID Y
      Oracle Identity Manager 11.1.1.7.0 VALID Y
      

7.3.1 Upgrading Oracle Identity Manager Remote Manager

After you have updated your Oracle Identity Manager 11.1.1.5.0 to 11.1.1.7.0, you must reinstall the Remote Manager, if you will be using Remote Manger features.

  1. Back up configuration files

    Before starting the Remote Manager upgrade, back up the following Remote Manager configuration files:

    • On UNIX, $<XLREMOTE_HOME>/remotemanager.sh

    • $<XLREMOTE_HOME>/xlremote/config/xlconfig.xml file.

    • On Windows, <XLREMOTE_HOME>\remotemanager.bat

    • <XLREMOTE_HOME>\xlremote\config\xlconfig.xml file.

  2. Run the Oracle Identity and Access Management Installer to upgrade the Remote Manager home.

  3. Restore configuration files.

    Restore the backed up configuration files in the upgraded Remote Manager home.

7.3.2 Upgrading Oracle Identity Manager Design Console

The Oracle Identity Manager Design Console is used to configure system settings that control the system-wide behavior of Oracle Identity Manager and affect its users. The Design Console allows you to perform user management, resource management, process management, and other administration and development tasks. For more information about the Design Console, see "Design Console Overview" in the Oracle Fusion Middleware Developer's Guide for Oracle Identity Manager.

Note:

Oracle recommends that you install Oracle Identity Manager and the Design Console in different directory paths, regardless of whether the Design Console is on the same system as the Oracle Identity Management server.

To upgrade Design Console, complete the following steps:

  1. Back up the following files:

    • On UNIX operating systems:

      $<XLDC_HOME>/xlclient.sh

      <XLDC_HOME>/config/xlconfig.xml

    • On Windows operating systems:

      <XLDC_HOME>\xlclient.cmd

      <XLDC_HOME>\config\xlconfig.xml

  2. Run the Oracle Identity and Access Management Installer to upgrade the Design Console home <XLDC_HOME>.

  3. Restore the backed up files in the upgraded Design Console home.

  4. Build and copy the wlfullclient.jar file as follows:

    1. Go to WebLogic_Home/server/lib directory on UNIX and WebLogic_Home\server\lib directory on Windows.

    2. Set the JAVA_HOME environment variable and add the JAVA_HOME variable to the PATH environment variable.

      For example, you can set the JAVA_HOME to the jdk160_21 directory inside the Middleware home.

    3. Run the following command to build the wlfullclient.jar file:

      java -jar <MW_HOME>/modules/com.bea.core.jarbuilder_1.7.0.0.jar

    4. Copy the wlfullclient.jar file to the <IAM_HOME> where you installed the Design Console. For example:

      On UNIX operating systems:

      cp wlfullclient.jar <Oracle_IDM2>/designconsole/ext

      On Windows operating systems:

      copy wlfullclient.jar <Oracle_IDM2>\designconsole\ext