| Oracle® Fusion Applications Installation Guide 11g Release 5 (11.1.5) Part Number E16600-21 |
|
|
PDF · Mobi · ePub |
| Oracle® Fusion Applications Installation Guide 11g Release 5 (11.1.5) Part Number E16600-21 |
|
|
PDF · Mobi · ePub |
This chapter describes the process of creating a response file for a new Oracle Fusion Applications environment using the Provisioning Wizard interview process.
This chapter includes the following sections:
Oracle Fusion Applications Provisioning orchestrates the physical installation and configuration of the product offerings that you choose and deploys those offerings and their dependent middleware components to a predetermined Oracle WebLogic Server Domain. To perform the installation tasks, Provisioning requires the provisioning repository of installers, the provisioning framework, and a response file.
When you create a response file, you choose provisioning configurations and specify the configuration details for the product offerings and their dependent middleware components. You save the response file and specify its location when you are ready to use it to provision a new environment.
You must have downloaded the provisioning repository, installed the provisioning framework, and installed a database and the identity management components before you can create a response file. See Section 2.1. for provisioning prerequisites.
Once the prerequisite setup is complete, you run the Provisioning Wizard and select the Create a New Applications Environment Response File option. During the interview process, you choose product offerings to install. The wizard "knows" which middleware dependencies must be installed for each product offering, and which host must be provisioned first. It detects common products that each offering relies on, as well as the presence of the transaction database and identity-related components, and prompts for the appropriate configuration parameters.
Using a question and answer interview format, the wizard collects information about:
Provisioning configurations (product offerings)
Node Manager credentials and installation and configuration directories
Database connections and schema passwords
Host names and ports for the offerings and their middleware dependencies
Common configuration details for components, such as web tier, virtual hosts, email, and identity management
Once you complete the response file, save it. Then, when you are ready to perform the physical installation, choose the Provision a New Environment option from the Provisioning Wizard and indicate the location of the response file. The wizard uses the details in the response file as a guide to what must be retrieved from the provisioning repository.
An installation of Oracle Fusion Applications is logically broken up into groups of features known as product offerings, which represent the highest-level collection of functionality that you can license and implement. A provisioning configuration is a collection of one or more product offerings.
Product offerings have interdependencies on companion applications (for example Oracle Fusion Human Capital Management relies on Oracle Financials payroll), as well as middleware dependencies (for example, Oracle SOA Suite) required for runtime execution. The wizard prompts for applications and middleware configuration details at the domain level during Domain Topology Configuration.
When you select individual product offerings within a configuration instead of selecting all offerings within the configuration, the wizard starts the Managed Servers only for the offerings that you selected. However, because the interdependent details for the entire configuration are included in the response file, you can activate additional functionality later by using the Oracle Fusion Applications Functional Setup Manager to start the other Managed Servers. See Oracle Fusion Applications Information Technology Management, Implement Applications Guide.
The provisioning configurations are as follows:
Oracle Fusion Customer Relationship Management (Sales and Marketing)
Oracle Fusion Financials (Financials, Oracle Fusion Procurement, and Oracle Fusion Projects)
Oracle Fusion Human Capital Management (Workforce Deployment, Workforce Development, and Compensation Management)
Oracle Fusion Supply Chain Management (Product Management, Order Orchestration, Material Management and Logistics)
You can also choose several standalone product offerings. For this group of offerings, only the direct dependencies are installed, configured, and deployed:
Customer Data Hub
Enterprise Contracts
Oracle Fusion Accounting Hub
Oracle Fusion Incentive Compensation
During the Provisioning Wizard interview process, the wizard collects information that is necessary to connect to the Oracle Identity Management components you have previously installed and configured. This information includes:
The user designated as the Super User. This user must already exist in the policy store.
The existence of the system administrators group. This information determines if the group was created during the Oracle Identity Management component installation and configuration process, or if it needs to be created during provisioning.
The distinguished name (DN) of the system administrators group (if it exists).
The authenticator that will serve as the LDAP identity store: Oracle Internet Directory (OIDAuthenticator) or Oracle Virtual Directory (OVDAuthenticator).
There are numerous scenarios for the environments you can create — from a small demonstration system, to a full production system provisioned on multiple hosts. The Provisioning Wizard can accommodate the creation of response files for specific environments so that you can create a separate response file for each type of environment. Note that all occurrences of a hostname should use the same name in the response file.
Frequently, details for a response file are not final, and so cannot be specified during a single pass through the Provisioning Wizard interview. Or, a completed response file has not been implemented, and requires changes before it is. The wizard options include the choice to save a partially completed response file and update it later. Note that a response file is not complete or available for provisioning until you click Finish on the Summary screen.
However, once you select product offerings and save them in a response file, regardless of whether it is partially or fully complete, you cannot update or change the product offerings in that response file. To add or change the mix of offerings, you must create a new response file and specify the new or additional offerings.
Before you create a response file, you must have completed the following tasks:
Complete the wizard interview screens and save the response file in a location that is accessible to the various installers. Record the location, as you must supply it when you provision the environment. Note that you should create your response file on the Primordial host, which is the host that contains the Administration Server of the Common domain.
Note:
The wizard warns if it cannot connect to the database or any of the hosts specified in the response file and if any of the passwords are not valid. If this warning represents an exception, you can ignore it and continue creating the response file. However, you must fix all issues flagged in the warnings before you start to provision an environment. You cannot successfully run provisioning until all validations have passed.
To start the Provisioning Wizard, do the following on the primordial host:
Set the JAVA_HOME environment variable to point to the JDK location in the provisioning repository, for example:
(UNIX)
export JAVA_HOME=repository_location/jdk6
export PATH=$JAVA_HOME/bin:$PATH
(AIX)
export JAVA_HOME=repository_location/jdk6
export PATH=$JAVA_HOME/bin:$PATH
export SKIP_ROOTPRE=TRUE
Note:
This environment variable is not required while creating a response file. However, it is required for provisioning an environment. See Section 5.4.1 for details.
(Windows)
set JAVA_HOME=repository_location\jdk6
set PATH=%JAVA_HOME%\bin;%PATH%
Verify that the LIBPATH value is null.
Run the following command on the primordial host. For more information, see Section 1.6.2.1.
(UNIX)
cd framework_location/provisioning/bin
./provisioningWizard.sh
On Solaris, use bash provisioningWizard.sh instead of ./provisioningWizard.sh.
(Windows)
cd framework_location\provisioning\bin
provisioningWizard.bat
Note:
Ensure that provisioning on Microsoft Windows platforms is performed from a Run as Administrator console. By default, the command prompt has the necessary privilege set. If not, you can run the Run as Administrator option by right clicking the Command Prompt from the Start menu.
Table 4-1 shows the steps necessary to create a response file using the Provisioning Wizard. For help with any of the interviews, see Appendix D or click Help on any Provisioning Wizard interview screen.
Table 4-1 Creating a Response File
| Screen | Description and Action Required |
|---|---|
|
Welcome |
No action is required on this read-only screen. Click Next to continue. |
|
Specify Central Inventory Directory |
This screen displays only if one or more of the following conditions are not met:
Specify the location of the Central Inventory Directory that meets the previous criteria. The For non-Windows platforms, in the Operating System Group ID field, select or enter the group whose members will be granted access to the inventory directory. All members of this group can install products on this host. Click OK to continue. The Inventory Location Confirmation dialog prompts you to run the If you do not have root access on this host but want to continue with the installation, select Continue installation with local inventory and click OK to proceed with the installation. For Windows platforms, this screen displays if the inventory directory does not meet requirements. For more information about inventory location files, see "Oracle Universal Installer Inventory" in the Oracle Universal Installer and OPatch User's Guide. Click Next to continue. |
|
Installation Options |
Presents the list of valid installation actions that you can perform using the wizard. Select Create a New Applications Environment Response File. Click Next to continue. |
|
Specify Security Updates |
Set up a notification preference for security-related updates and installation-related information from My Oracle Support. You can receive the notifications in two ways:
Click Next to continue. |
|
Provisioning Configurations |
Select one or more offerings, either within a configuration, or from the list of standalone product offerings. See Section 4.1.2 for details. Click Details in the message pane to see a breakdown of servers for each offering. Once you click Next, you cannot change the selections on this screen. To make changes, click Cancel, open a new wizard session, and create a new response file. |
|
Response File Description |
Enter information to describe this response file. This description is not associated in any way with the executable plan file, or the summary file, that you save when you finish creating this response file.
To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Installation Location |
Specify credentials for the Node Manager and supply the location of the various directories required for installation and configuration actions. See Section 4.3.3 for the list of parameters. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
System Port Allocation |
Accept the default values or set a custom value for the Applications Base Port. The application domain port ranges are derived from this value. If you change the base port value, the domain port ranges adjust accordingly. Ranges must not overlap and must be set in ascending order. The high and low port ranges are assigned by default to each domain in the Application Domain Port Ranges list. The default range allotment is 399. Each range is sequential, in ascending order, for example; 11601 – 12000 is a valid range. For port range validation rules, see Section 4.3.4. Ports listed under Other Ports are not derived from the Applications Base Port value. These "individual" ports can be defined using custom port values. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Database Configuration |
Enter the database parameters that you established when you installed Oracle Database. The wizard validates whether the database you installed is a single instance of Oracle Database or Oracle Real Application Clusters (Oracle RAC). If a Single Instance Database, enter:
If you have installed Oracle RAC, select Real Application Clusters Database and enter the Service Name that you specified when you installed this database. Click Add to create a new row in the table for each instance. Select a row and click Remove to delete it. Enter the following values for the previously installed database:
To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Schema Passwords |
The database that you installed contains preloaded schemas required for runtime execution. Select one of the following options and enter the database schema passwords set up when you ran the Oracle Fusion Applications Repository Creation Utility. For more information, see Table 3-5, "Running the Oracle Fusion Applications Repository Creation Utility".
To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
ODI Password Configuration |
Enter and confirm your ODI Supervisor Password. The ODI Supervisor Password is the Supervisor Password that you entered on the Custom Variables page during execution of Applications RCU under the Master and Work Repository component. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Domain Topology Configuration |
To determine the flow for the remaining wizard interview screens, choose one of the options. Note that all hosts must use the same operating system; that is, you cannot install "domain1" on Windows and "domain2" on Linux. See Section 4.3.5 for details. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Common Domain |
Note: Individual domain screens appear only if you selected the One host per application and middleware component option on the Domain Topology Configuration screen. Specify values for this domain and its middleware dependencies. All hosts must use the same operating system and share a common mount point for network storage. The host specified for the Admin Server is the default for all servers. You can change the default.
To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Product Family Domains |
Note: Individual domain screens appear based on which options you select on the Domain Topology Configuration screen. For example, the Incentive Compensation Domain screen does not appear unless you selected that product offering for installation. All product family domain screens prompt for the same types of values. Specify values for this domain and its middleware dependencies. All hosts must use the same operating system and share a common mount point for network storage. The host specified for the Admin Server is the default for all servers. You can change the default.
Note: See Section 4.3.6 for Oracle Business Intelligence configuration requirements. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Web Tier Configuration |
Use this screen to configure Oracle HTTP Server and choose a virtual host type. You can deploy the web tier to a host inside the firewall, or outside the firewall (demilitarized zone, known as DMZ). See Section 4.3.7 for the list of parameters. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Virtual Hosts Configuration |
Provisioning determines the application domains to be deployed based on your product offering choices and lists them on this screen. Specify domain-specific values for the type of virtual host mode that you selected on the Web Tier Configuration screen. See Section 4.3.8 for the list of parameters. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Load Balancer Configuration |
Load balancing enables you to distribute a workload evenly across two or more hosts, network links, CPUs, hard drives, or other resources. Check Load Balancing Enabled to take advantage of this feature, and specify:
To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Web Proxy Configuration |
Create Proxy Settings to enable users who want to use a proxy server to connect to the Internet. See Section 4.3.9 for details. Take note of the special instructions for Oracle Customer Relationship Management customers. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Load IDM Properties |
When you are creating a response file or updating an incomplete response file without updates to this page, you will be able to select the IDM properties file to load IDM configuration data. After you select the file, you can review the content and decide if you want to proceed with this file. Load IDM Configuration from IDM Properties file: Select this check box if you want the values on the Identity Management Configuration screen and the Access and Policy Management Configuration screen to default to the values in the IDM properties file (for example, idmDomainConfig.param). See "Creating a Properties File" in Oracle Fusion Applications Installation Guide for details. IDM Properties file: Enter the location of the file, for example, IDM_ORACLE_HOME/idmtools/bin/idmDomainConfig.param. IDM Properties file contents: If you have selected a valid IDM properties file, the contents will be displayed. This field is read-only and cannot be modified. Click Next to continue. |
|
Identity Management Configuration |
Provisioning loads roles, policies, and application IDs that you created during the prerequisite Oracle Identity Management installation. To share the identity management environment across multiple Oracle Fusion Applications installations, and make the policies and roles accessible to all environments, you must populate identity management configuration details during the first installation. See Section 4.3.12 for the list of parameters. See also Section 4.3.10 for information about Distinguished Names conventions. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Access and Policy Management Configuration |
Configure Oracle Fusion Applications for integration with existing Oracle Access Manager components. See Section 4.3.13 for the list of parameters. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
IDM Database Configuration |
Enter the configuration details that you specified when you installed the database for Oracle Identity Manager. See Section 4.3.14 for the list of parameters. To stop creating this response file and resume later, click Save. This action creates a partial response file. A partial response file cannot be used to provision an environment. Click Next to continue. |
|
Summary |
Displays the applications and middleware components that will be installed when you perform a physical installation using this response file. Includes details such as required disk space and the installation locations. See Section 4.3.15 for a description of the parameters. Click Finish to save the response file. The response file is complete and can be used as the basis for provisioning of a new environment. |
Specify credentials for the Node Manager and supply the location of the various directories required for installation and configuration actions on the Installation Location screen.
Node Manager Credentials
User Name: Specify a user name for the Node Manager role.
Password: Specify a password for the Node Manager and retype it in the Confirm Password field.
Installation and Configuration
Provide locations of various directories that the administrator needs access to. For non-Windows platforms, you must enter the full file path in the Provisioning Wizard UI when asked to provide any file path, such as Oracle Fusion Applications Home, Applications Configuration Directory, and so on. Using symbolic link paths will cause provisioning to fail in later phases.
Installers Directory Location: Enter the path to the repository_location directory you created when you downloaded the provisioning repository. For Windows, the location must be a symbolically linked directory. See Section 2.2.9 for additional details. Note that a symbolic link is not necessary if the repository and the database are on the same node.
Applications Base: Enter the directory path to the applications base directory. The top-level directory for the Oracle Fusion Applications binaries is the applications base and is referred to as the APPLICATIONS_BASE directory (net/mount1/appbase). See Section 1.5.2 for additional details.
The applications base directory must not be set to the system root directory or set to the root directory of a logical drive. Some lifecycle management tools compute directory names by backing up one directory level from the applications base directory and then appending the appropriate subdirectory name. These tools will fail if the applications base directory is set to the system root directory or set to the root directory of a logical drive because it is not possible to back up one directory level from the system root directory or from the root directory of a logical drive.
During creation of a provisioning plan in a Unix environment, ensure that the absolute file path of the APPLICATIONS_BASE directory does not exceed 59 characters before provisioning a new application environment.
In a Windows environment, this name cannot exceed eight characters, and must be a symbolically linked directory. See Section 2.2.9 for additional details.
Applications Configuration: This directory is automatically populated based on the value you specify in the Applications Base field. It is the path to the directory where the configuration files for the domain will be written. You can specify a different location of your choice instead of using the location automatically populated by the UI. For Windows, the location must be a symbolically linked directory. See Section 2.2.9 for additional details.
Enable Local Applications Configuration: Select this check box to run the Managed Servers from a non-networked (local) disk on the host, visible only to the processes running on that host. If you enable this option, the wizard copies the domain configuration from the shared location and places it on the local disk you specify. This configures all Managed Servers to run from the non-networked location.
Local Applications Configuration: Specify the location for the local domain directory you want to set up. This field is required if you selected Enable Local Applications Configuration. The specified directory must exist and initially be empty on every host that participates in the domain topology. You must ensure the directory has sufficient disk space. During the Preverify phase, Provisioning displays an error if the local configuration directory does not have sufficient disk space.
Middleware Dependencies
Font Directory: Appears only if you have selected Oracle Sales, Oracle Marketing, or Oracle Financials offerings. Enter the directory where the TrueType fonts are installed. The location varies on different operating systems, but is typically found here:
Microsoft Windows x64 (64-Bit): C:\WINDOWS\Fonts
Linux x86-64: /usr/X11R6/lib/X11/fonts/TTF
Oracle Solaris: /usr/X11R6/lib/X11/fonts/TrueType
IBM AIX on POWER Systems (64-Bit): /usr/X11R6/lib/X11/fonts/TrueType
Some systems may not have TrueType fonts installed. If you cannot locate the fonts on your system, verify that they have been installed. In addition, you can use the fonts directory shipped as part of the JRE installed in the repository. Regardless of which path you specify, you must have access to .ttf (.TTF) files.
Oracle Business Intelligence Repository Password
RPD Password: Specify and Confirm a password to allow access to the metadata repository (RPD) for both Oracle Business Intelligence Applications and Oracle Transactional Business Intelligence. The password must be between 8 and 30 characters and contain at least one digit. It can include letters, numbers, pound sign (#), dollar sign ($), or underscore (_). If you want to include two consecutive dollar signs ($$) in the RPD password, enter one additional dollar sign ($) as the escape character before the second dollar sign in the password. This means you need to enter three dollar signs ($$$) for this field in the Provisioning Wizard to indicate two consecutive dollar signs. Provisioning sets up this password, but does not actually access the repository.
If the environment created is Windows-based, the wizard prompts for these values:
Windows Domain\Windows User Name: Specify a user name to use for running provisioning.
Windows Domain Password: Specify a password for running provisioning. Retype the password to Confirm it.
The values entered on any of the common domain or product domain screens are validated against the ports ranges that you set up on this screen.
For more information about setting port values, see "Viewing and Changing Ports for Components" in the Oracle Fusion Applications Administrator's Guide.
Validation rules for port ranges are as follows:
The number of ports per domain varies according to the number of applications and middleware components installed. You can calculate the minimum port range (the sum of standard and secure ports required for all components), or you can set the range to the upper boundary for the largest domain.
Port ranges must not overlap. Gaps between the ranges are acceptable.
Port ranges must be in ascending order. For example, 11601 – 12000 is a valid order.
The lowest port value must be less than the highest port value of each domain.
The value must be unique within a domain.
If you create multiple response files for the same IP subnet, you could introduce port conflicts in the multicasting addresses set for clusters across response files. Examine and resolve such port conflicts before you execute a response file.
Ephemeral or dynamic ports for the operating system must be set to a port range between 32768 and 61000.
To determine the flow for the remaining wizard interview screens, choose one of the following options. Note that all occurrences of a hostname should use the same name in the response file. A machine name could be a logical or virtual host name. It can either be in fully qualified form, mymachine.mycompany.com, or short form, myMachine, as long as it is consistent throughout the response file. For more information, see Section 2.2.7, "Edit Host Names (Linux)".
One host for all domains: Select this option to specify the Host Name to provision all applications domains and their middleware dependencies on a single host. The wizard continues the interview at the Web Tier Configuration screen when you click Next.
One host per domain: Select this option and then select a Host Name for each domain to be created. Provisioning installs and configures the Managed Servers for each Application Domain and the middleware dependencies on the host that you specify. The wizard continues the interview at the Web Tier Configuration screen when you click Next.
One host per application and middleware component: Select this option to specify the host for each application and middleware component individually. The wizard displays the Common Domain screen when you click Next, and includes all domain-specific screens in the interview.
If you select the last option, you cannot change the selections on this screen once you click Next. You must click Cancel, open a new wizard session, and create a new response file to change the configuration domain topology later.
Oracle Business Intelligence products are integrated with, and accessible from, Oracle Fusion Applications. Products include:
Oracle Business Intelligence Enterprise Edition
Oracle Business Intelligence Applications
Oracle Transactional Business Intelligence
Oracle Essbase
Oracle Business Intelligence Publisher
Oracle Real-Time Decisions
Enter the Host where you want Oracle Business Intelligence products to be installed. You specified an RPD password on the Installation Location screen. Provisioning creates this password and makes it available so that Oracle Business Intelligence Applications and Oracle Transactional Business Intelligence can access the metadata repository in your new environment.
Note:
The Oracle Fusion Applications installation and provisioning process installs the Oracle BI Applications software components in the Business Intelligence Oracle home but does no further setup. To finish setting up Oracle BI Applications, you must follow the instructions in the "Setting Up Oracle Business Intelligence Applications" chapter of the Oracle Fusion Middleware Installation and Configuration Guide for Oracle Business Intelligence Applications.
You can create virtual hosts on a single web tier. There are three options (IP-based, name-based, and port-based) for each domain that is created during installation. The values assigned during installation are derived from the default HTTP port that you name on this screen. Note that all occurrences of a hostname should use the same name in the response file. A machine name could be a logical or virtual host name. It can either be in fully qualified form, mymachine.mycompany.com, or short form, myMachine, as long as it is consistent throughout the response file. For more information, see Section 2.2.7, "Edit Host Names (Linux)".
Web Tier
Install Web Tier in DMZ: Select this option if you set up a separate host for web tier installation as a demilitarized zone (DMZ). This host does not have access to the shared file system. It cannot be used for any other host deployed, regardless of domain. See Section 2.6.
Host: Enter the name of the host where Oracle HTTP Server will be installed and configured.
Virtual Host Mode: Select one of the following:
IP Based: Created on the basis of an IP or IP:host combination (the default).
Name Based: Create new DNS entries, such as fin.example.com and crm.example.com to use as virtual hosts.
Port Based: Created based on the internal and external port for each domain.
Domain Name: Specify a domain name (using the format my.example.com) to configure the domain in which Oracle Fusion Applications will receive requests. This value is also used as the default domain name for name-based virtual hosts.
HTTP Port: The default port for the web tier. (Unix) Do not specify a port that requires operating system administrator privileges.
HTTPS (SSL) Port: Secure port for the web tier. (Unix) Do not specify a port that requires operating system administrator privileges.
Note:
On Unix platforms, using a port below 1024 requires root privileges and Provisioning is not run as root user, so you should not specify a HTTP/HTTPS port below 1024. For more information, see "Changing the Oracle HTTP Server Listen Ports" in the Oracle Fusion Middleware Administrator's Guide.
SMTP Server
Host: Specify the host for email marketing. This field appears only if you selected the Oracle Fusion Customer Relationship Management offering.
Port: Default port for the SMTP server.
Specify the configuration parameters for the domains to be installed on the virtual hosts that you selected on the Web Tier Configuration screen. Note that all occurrences of a hostname should use the same name in the response file. A machine name could be a logical or virtual host name. It can either be in fully qualified form, mymachine.mycompany.com, or short form, myMachine, as long as it is consistent throughout the response file.
If you selected IP Based, specify the following information for each application domain listed:
Internal Name: The host name or IP address where the web tier listens on the internal virtual host for this domain.
Internal Port: The port for this internal virtual host. Visible only from inside the firewall.
External Name: The host name or IP address for the external virtual host for this domain or middleware dependency. The host:port should be visible from outside the firewall.
External Port: The port to be used for this external virtual host. The host:port should be visible from outside the firewall.
If you selected Name Based, specify the following information for each domain listed:
Internal.Name: The DNS name for this internal virtual host. For example, for Oracle Fusion Financials, the name might be fin-internal.
External.Name: The DNS name for this external virtual host. For example, for Oracle Fusion Financials, the name might be fin.
If you selected Port Based, specify the following information for each domain listed:
Internal Port: The port that is visible only from inside the firewall for this domain.
External Port: The port that is visible from outside the firewall for this domain.
Create Proxy Settings to enable users who want to use a proxy server to connect to the Internet.
Enable Web Proxy: Select to enable proxy-related values to set up access to the Internet. Note: If you are a CRM customer and have a web proxy for external HTTP(S) traffic, you must select Enable Web Proxy on this screen and specify your web proxy configuration.
Web Proxy Host: Enter the name of the host where the proxy server is installed.
Web Proxy Port: The listening port assigned to the proxy server.
Enable Secure Web Proxy: Select to have the proxy server SSL-enabled. If you select this check box, the Secure Web Proxy Host and Secure Web Proxy Port fields are enabled and become mandatory.
Secure Web Proxy Host: Enter the SSL host used for secure communications.
Secure Web Proxy Port: Enter the SSL port used for internal communications.
No Proxy Hosts: Defaults to hosts that are connected directly. If there are multiple hosts, they are listed and separated by a vertical bar (|). You can use a wildcard character (*) to specify hosts that should be bypassed. For example, *.example.com would bypass all hosts whose name ends with .example.com.
Proxy Server Requires Authentication: To enable authentication for the proxy server, select this option.
User Name: Enter the user name that you set up for accessing the proxy server.
Password: Enter the password that you set up for accessing the proxy server.
A Distinguished Name (DN) identifies an entry in a Lightweight Directory Access Protocol (LDAP) directory. Because directories are hierarchical, DNs identify the entry by its location as a path in a hierarchical tree (much as a path in a file system identifies a file). Generally, a DN begins with a specific common name, and proceeds with increasingly broader areas of identification until the country name is specified.
Table 4-2 provides definitions for distinguished name components (defined in the X.520 standard).
Table 4-2 Distinguished Name Components
| Component | Definition |
|---|---|
|
Common Name (CN) |
Identifies the person or object defined by the entry. For example, |
|
Organizational Unit (OU) |
Identifies a unit within the organization. For example, |
|
Organization (O) |
Identifies the organization where the entry resides. For example, |
|
Locality (L) |
Identities the place where the entry resides. The locality can be a city, county, township, or any other geographic region. For example, |
|
State of Province Name (ST) |
Identifies the state or province in which the entry resides. For example, |
|
Country (C) |
Identifies the name of the country where the entry resides. For example, |
|
Domain Component (DC) |
Identifies the components of a domain. For example, if the domain is |
When you are creating a response file or updating an incomplete response file without updates to this page, you will be able to select the IDM properties file to load IDM configuration data. After you select the file, you can review the content and decide if you want to proceed with this file.
Load IDM Configuration from IDM Properties file: Select this check box if you want the values on the Identity Management Configuration screen and the Access and Policy Management Configuration screen to default to the values in the IDM properties file (for example, idmDomainConfig.param). See "Creating a Properties File" in Oracle Fusion Applications Installation Guide for details.
IDM Properties file: Enter the location of the file, for example, IDM_ORACLE_HOME/idmtools/bin/idmDomainConfig.param.
IDM Properties file contents: If you have selected a valid IDM properties file, the contents will be displayed. This field is read-only and cannot be modified.
For more information about using Oracle Identity Management in an applications environment, see Section 2.1.4.
For nonseeded environments, provide the following files from a previously provisioned environment that was seeded in the same way as the Oracle Identity Management components that you are installing. The files are in the domain-home/config/fmwconfig directory or in a previously provisioned environment.
jps-config-jse.xml – located in the domain.
cwallet.sso – copy this file from the same domain as the jps-config-jse.xml file. It is located in this directory: domain-home/config/fmwconfig/bootstrap/cwallet.sso.
Copy the files to the following location:
repository_location/keystore
/jps-config-jse.xml
/bootstrap
/cwallet.sso
Enter the parameters necessary to integrate applications with a previously installed Oracle Identity Management infrastructure. If you chose to use the values in the IDM properties file (for example,idmDomainConfig.param) on the Load IDM Properties screen, they appear as defaults in the corresponding fields. You can replace the default values if your original configuration has changed. See Section 2.1.4.
Super User Name: Enter the name of an existing user that should be granted administrator and functional setup privileges. The uid attribute must be set to be the same as the cn attribute.
Create Administrators Group: Indicate whether you created an "Administrators" group, whose members have specialized privileges for all Oracle Fusion Middleware components. If you do not already have this group present in the identity store, this box should be checked.
Create Monitors Group: Indicate whether you created a "Monitors" group, whose members have read-only administrative privileges to Oracle WebLogic Server domains. If you do not already have this group present in the identity store, this box should be checked.
Create Operators Group: Indicate whether you created an "Operators" group, whose members have Monitors privileges to Oracle WebLogic Server domains. If you do not already have this group present in the identity store, this box should be checked.
Identity Store Server Type: Indicate the type of identity store that you set up: OID (Oracle Internet Directory) or OVD (Oracle Virtual Directory). If you select OVD, then the Default to Identity Store check box in Oracle Platform Security Services Configuration must be unchecked. Using OVD for policy store is not currently supported.
Use SSL to Communicate With Identity Store: This feature is not enabled in this release.
Identity Store Host: Enter the host or DNS name for your identity store LDAP service.
Identity Store Port: The port assigned to the identity store.
Identity Store Secure Port: The SSL port assigned to the identity store. This feature is not enabled for 11g Release 5 (11.1.5).
Identity Store User DN: Enter the Distinguished Name of the user that you set up with read-write access to the LDAP.
Identity Store Password: Enter the password that you set up for the user with read-write access to the LDAP.
Identity Store Read-only User DN: Enter the Distinguished Name (DN) of the user that you set up with read-only access to the Identity Store LDAP.
Identity Store Read-only Password: Enter the password that you set up for the identity store read-only user.
Identity Store User Name Attribute: Choose the type of user name attribute that you configured in the identity store. Valid values are: user ID (uid), common name (CN), or email address.
Identity Store User Base DN: Enter the root Distinguished Name assigned to the upload of applications user data. This is the root for all the user data in your identity store.
Identity Store Group Base DN: Enter the root Distinguished Name for all the group data in your identity store.
OIM Admin Server Host: Enter the name of the host where the OIM Administration Server is installed.
OIM Admin Server Port: The port where the Oracle Identity Management Administration Server listens.
OIM Administrator User Name: Enter the name you set up as the Oracle Identity Management Domain administrator.
OIM Administrator Password: Enter the password you set up for the Oracle Identity Management Domain administrator.
OIM Managed Server Host: Enter the virtual or real host name of the Oracle Identity Manager Managed Server where SPML callback and other OIM services are running.
OIM Managed Server Port: Enter the virtual or real port where the Oracle Identity Manager Managed Server listens.
OIM HTTP Internal Endpoint URL: The internal access point on the Oracle HTTP Server for Oracle Identity Manager services in an Oracle Identity Management enterprise deployment, or the Oracle Identity Manager Managed Server access point for a non-enterprise deployment. This URL is used for HTTP communication between Oracle Fusion Applications and Oracle Identity Manager.
Enter the HTTP termination address of Oracle Identity Manager, using the following format: http://host:port. It terminates at either a load balancer or the Oracle HTTP Server or the Oracle Identity Manager Managed Server.
OIM HTTP(S) External Endpoint URL: The access point to use for accessing the Oracle Identity Manager application using a browser. Note that a non-secure URL is used unless you provide an HTTPS URL.
Enter the HTTP(S) termination address of Oracle Identity Manager, using the following format: http(s)://host:port. It terminates at either a load balancer or the Oracle HTTP Server or the Oracle Identity Management Managed Server.
Note: The wizard warns if the Identity Store credentials are not valid and do not allow a connection to the database. If this warning represents an exception, you can ignore it and continue creating the response file. However, you must fix all issues before you start to provision an environment. You cannot successfully run provisioning until all validations have passed.
Enter the parameters necessary to integrate applications with a previously installed Oracle Identity Management infrastructure. If you chose to use the values in the IDM properties file (for example, idmDomainConfig.param) on the Load IDM Properties screen, they appear as defaults in the corresponding fields. You can replace the default values if your original configuration has changed. See Section 2.1.4.
Oracle Access Manager Configuration
OAM Admin Server Host: Enter the name of the host where the Administration Server for Oracle Access Manager exists.
OAM Admin Server Port: Enter the port number for the Oracle Access Manager Administration Server.
OAM Administrator User Name: Enter the name you assigned this user when you installed Oracle Access Manager.
OAM Administrator Password: Enter the password you assigned this user when you installed Oracle Access Manager.
OAM AAA Server Host: Enter the name of the proxy host where the Oracle Access Manager is installed.
OAM AAA Server Port: The port number for the Oracle Access Manager listener on the OAM proxy host.
Access Server Identifier: Name used to identify the Oracle Access Server.
Enable Second Primary Oracle Access Manager: Select this check box to name a second Primary Oracle Access Manager for high availability.
Second Access Server Identifier: This defaults to aaa2, the name of the second Primary Oracle Access Manager Server.
OAM Security Mode: Enter the OAM transport security mode that you set up for this access server when you installed Oracle Access Manager. Values are Simple or Open. For IBM AIX on POWER Systems (64-Bit), you must use the Open mode for setup.
OAM Simple Mode Passphrase: Enter the passphrase that you set up to secure the communication with the OAM Server. Required only if the mode is specified as Simple.
Webgate Password: Specify a password for the Resource WebGate. It must contain at least eight alphanumeric characters and at least one digit or punctuation mark. Retype to Confirm the password. If seeding of security data is disabled, the password must be the existing WebGate password.
Oracle Platform Security Services Configuration
Default to Identity Store: The default values of this section depend on whether this field is enabled. If the check box is unchecked, which is the default, the OPSS Policy Store Host, OPSS Policy Store Read-Write User Name and OPSS Policy Store Password fields are empty by default and do not inherit values from your identity store. OPSS Policy Store Port defaults to 3060 and OPSS Policy Store Secure Port defaults to 3131.
Note:
If you check this check box, the Identity Store Server Type cannot be OVD and must be OID. Using OVD for policy store is currently not supported.
If you check this check box, the following fields inherit values from your identity store: OPSS Policy Store Host, OPSS Policy Store Port, and OPSS Policy Store Secure Port.
A description of related fields follows:
Use SSL to communicate with OPSS Policy Store: This feature is not enabled in this release.
OPSS Policy Store Host: Enter the host name for OID where Oracle Platform Security Services (OPSS) policies are to be seeded if Default to Identity Store is unchecked. If Default to Identity Store is checked, this value defaults from your identity store.
OPSS Policy Store Port: The number of the OID port for the OPSS policy store defaults to 3060 if Default to Identity Store is unchecked. If Default to Identity Store is checked, this value defaults from your identity store.
OPSS Policy Store Secure Port: The number of the secure port for OID defaults to 3131 if Default to Identity Store is unchecked. If Default to Identity Store is checked, this value defaults from your identity store. This feature is not enabled for 11g Release 5 (11.1.5).
OPSS Policy Store Read-Write User Name: Enter the Distinguished Name of the user that you set up with write privileges to the OPSS policy store. Check if the common name, cn=PolicyRWUser, has already been seeded into Identity Management. If so, enter 'cn=PolicyRWUser,replace_your_choice_of_identity_store_user_base_distinguish_name_here'.
OPSS Policy Store Password: Enter the password that you set up for the OPSS policy store user with read-write privileges.
OPSS Policy Store JPS Root Node: This is the Distinguished Name of the node to be used as the OPSS policy root for Oracle Fusion Applications. This field is read-only and the default value is set as cn=FAPolicies.
Create OPSS Policy Store JPS Root Node: Select this option to create the OPSS JPS Root Node. For this release, this option must be enabled.
Identity Management Keystore Configuration
The IDM Keystore file and password value fields are enabled if either the Identity Store, the OPSS Store, or the OIM endpoint is SSL-enabled. These fields are populated by the values from the IDM properties file (for example,idmDomainConfig.param), if you have this file that contains these values. You can also edit these values if the fields are enabled.
IDM Keystore File: Enter the location of the JKS keystore containing the certificates for the Oracle Identity Management components.
IDM Keystore Password: Enter the password that you set up for the IDM Keystore File.
Note: The wizard warns if the OPSS Policy Store LDAP connection and the Keystore connection information is not valid and does not allow a connection to the database. If this warning represents an exception, you can ignore it and continue creating the response file. However, you must fix all issues before you start to provision an environment. You cannot successfully run provisioning until all validations have passed.
Enter the database parameters you established when you installed Oracle Database for the Oracle Identity Manager (OIM). The wizard validates whether the database you installed is a single instance of Oracle Database or Oracle Real Application Clusters (Oracle RAC). For a Single Instance Database, enter:
Host Name: The name of the host where the OIM database is installed.
Port: The listening port for the database.
Service Name: A unique Oracle Fusion Applications name for the OIM database.
If you have installed Oracle RAC, select Real Application Clusters Database and enter the Service Name that you specified when you installed this database.
Click Add to create a new row for each instance. Select a row and click Remove to delete the row. Enter the following information for each instance:
Host Name: The name of the host for each Oracle RAC instance.
Port: The listening port of the database.
Instance Name: The name of the Oracle RAC instance used to manage this database.
Enter the database schema owner and password that you set up to store the Oracle Metadata Services (MDS) Repository data for the Oracle Web Services Policy Manager.
Schema Owner: The owner of the MDS schema in the OIM database that is to be used by the Oracle Web Services Policy Manager.
Schema Owner Password: The password for the MDS schema.
For more information about using Oracle Identity Management in an applications environment, see Section 2.1.4.
Verify that the installation represented on this screen is what you expect. Click Back to return to the interview screens that require changes. If you are satisfied with the details presented here, complete the following information:
Response File Name: Specify a unique file name for this response file. This is the executable file that you supply to the wizard when prompted.
Provisioning Summary: Specify a unique name for the summary details file. You cannot use this file to execute the response file.
Directory: Enter the directory where you want to save this response file and the summary file. Choose a location that is visible to all servers accessing shared storage. Ensure that the location is not read-only.
Record the name of the response file and its location. You may want to supply it to your system administrator to use when performing system maintenance tasks.
During the response file creation process, you can create a partial response file, which contains an incomplete set of configuration details. To create a partial response file, click Save at any point during the interview. When you are ready to continue with the creation of the response file, start the wizard and select Update an Existing Response File from the Installation Options screen. Page through the screens and continue where you left off.
Clicking Cancel is another way to create a partial response file, or, alternatively, exit the wizard without saving any response file details:
Start the Provisioning Wizard and choose Create a New Applications Environment Response File from the Installation Options screen.
Begin the interview process and continue to the point where you want to end the session. Click Cancel.
Choose one of the following options:
Save and Exit: Save the details that you have created for this response file. Creates a partial response file.
Exit: Exits the wizard without saving any details. Does not create a partial response file.
Cancel: Does not exit the wizard and keeps you on the page that you are. You can continue with the interview by returning to the Welcome screen in the wizard interview. Does not save the details that you entered and does not create a partial response file.
Choose Save and Exit. The partial response file is saved in the directory where you started the wizard.
When you are ready to add more details to the response file, start the Provisioning Wizard and choose Update an Existing Response File. Specify the Response File location, or click Browse to navigate to the partial response file.
Page through the interview screens until you come to the point where you stopped the last session and move through the rest of the interview as described in Table 4-1 until you finish the process.
You can save a partial response file and return to the wizard as many times as necessary to complete it. The wizard does not recognize a response file as being complete or valid until you have clicked Finish on the Summary screen.
You can also update a completed response file if it has not been implemented. Note that once you select product offerings for a partial or completed response file, you cannot change the mix by updating the response file. You must start a new wizard session and create a new response file.
Once you have saved the response file, you can return to the Installation Options screen and select the Provision an Applications Environment option to perform the physical installation. Or, you can create another response file to use for another type of installation, for example, to create a test or demonstration environment.
To create another response file, repeat the tasks Section 4.3. Save the new response file.
To use a response file to provision a new environment, go to Chapter 5.
|
 Copyright © 2011, 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|