This chapter discusses the following topics:
Before performing any installation, you should read the following documents to ensure that your Oracle Fusion Middleware environment meets the minimum installation requirements for the products you are installing.
Oracle Fusion Middleware System Requirements and Specifications document is available at:
http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-requirements-100147.html
This document covers information such as hardware and software requirements, database schema requirements, minimum disk space and memory requirements, and required system libraries, packages, or patches.
Oracle Fusion Middleware Supported System Configurations document is available at:
http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-certification-100350.html
This document contains certification information related to supported 32-bit and 64-bit operating systems, databases, web servers, LDAP servers, adapters, IPv6, JDKs, and third-party products.
To configure only Oracle Unified Directory (OUD), refer to the following topics of the Oracle Fusion Middleware Installation Guide for Oracle Unified Directory 11g Release 1 (11.1.1):
"Installing the Software", available at:
http://download.oracle.com/docs/cd/E22289_01/html/821-1274/installing-the-software.html#scrolltoc
"Setting Up the Directory Server", available at:
http://download.oracle.com/docs/cd/E22289_01/html/821-1274/setting-up-ds.html#scrolltoc
To configure Oracle Unified Directory (OUD) with Oracle Directory Services Manager (ODSM), refer to the following topics:
Installing Oracle WebLogic Server 11g Release 1 (10.3.5 or 10.3.6). For more information, see "Install Oracle WebLogic Server" in the Oracle Fusion Middleware Installation Planning Guide. In addition, see Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server for complete information about installing Oracle WebLogic Server.
"Installing the Software" in the Oracle Fusion Middleware Installation Guide for Oracle Unified Directory 11g Release 1 (11.1.1), available at:
http://download.oracle.com/docs/cd/E22289_01/html/821-1274/installing-the-software.html#scrolltoc
Note:
In the Specify Installation Location screen enter the location of the Oracle Middleware Home for the OUD Base Location Home.
"Setting Up the Directory Server" in the Oracle Fusion Middleware Installation Guide for Oracle Unified Directory 11g Release 1 (11.1.1), available at:
http://download.oracle.com/docs/cd/E22289_01/html/821-1274/setting-up-ds.html#scrolltoc
"Managing Oracle Unified Directory With Oracle Directory Services Manager" in the Oracle Fusion Middleware Installation Guide for Oracle Unified Directory 11g Release 1 (11.1.1), available at:
http://download.oracle.com/docs/cd/E22289_01/html/821-1273/managing-ojd-with-odsm.html
This topic describes how to configure Oracle Unified Directory (OUD), Oracle Directory Services Manager (ODSM), Oracle Directory Integration Platform (ODIP) and Fusion Middleware Control in a new WebLogic administration domain (for example: domain1); and Oracle Virtual Directory(OVD) and Oracle Directory Services Manager (ODSM) in a separate WebLogic administration domain (for example: domain2). It includes the following sections:
This topic describes how to configure Oracle Virtual Directory (OVD) with Oracle Directory Services Manager (ODSM) and Fusion Middleware Control in a new WebLogic administration domain. It includes the following sections:
Note:
Part I is optional if you do not wish to use Oracle Virtual Directory (OVD).
The configuration in this section depends on Oracle WebLogic Server.
Perform the following steps to configure Oracle Virtual Directory with Oracle Directory Services Manager and Fusion Middleware Control in a new domain:
Ensure that Oracle WebLogic Server 11g Release 1 (10.3.5 or 10.3.6) is installed. For more information, see "Install Oracle WebLogic Server" in the Oracle Fusion Middleware Installation Planning Guide. In addition, see Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server for complete information about installing Oracle WebLogic Server.
Note:
After installing Oracle WebLogic Server, ensure that you complete the following steps:
Open the setNMProps file (located at <MW_HOME>/oracle_common/common/bin directory), and ensure that the StartScriptEnabled property is set to true.
Run the <MW_HOME>/oracle_common/common/bin/setNMProps.sh script (on UNIX) or <MW_HOME>\oracle_common\common\bin\setNMProps.cmd (on Windows).
Start the Node Manager by executing the following command:
On UNIX:
Run startNodeManager.sh (Located at <WL_HOME>/server/bin directory).
On Windows:
Run startNodeManager.cmd (Located at <WL_HOME>\server\bin directory).
Ensure that Oracle Virtual Directory is installed, as described in Installing Oracle Identity Management Using "Install and Configure" Option.
Note:
If you selected Install and Configure option in the Select Installation Type screen while installing Oracle Identity Management 11g Release 1 (11.1.1.7.0), as described in Installing and Configuring Oracle Identity Management 11g Release 1 (11.1.1.7.0) Software, the Select Domain screen is displayed.
If you selected Install Software - Do Not Configure option in the Select Installation Type screen while installing Oracle Identity Management 11g Release 1 (11.1.1.7.0), as described in Installing and Configuring Oracle Identity Management 11g Release 1 (11.1.1.7.0) Software, you must now start the Oracle Identity Management Configuration Wizard. Run <ORACLE_HOME>/bin/config.sh (on UNIX) or <ORACLE_HOME>\bin\config.bat (on Windows) to start the Oracle Identity Management Configuration Wizard. The Select Domain screen is displayed.
On the Select Domain screen, select Create New Domain and enter the following information:
Enter the user name for the new domain in the User Name field.
Enter the user password for the new domain in the User Password field.
Enter the user password again in the Confirm Password field.
Enter a name for the new domain in the Domain Name field.
Click Next. The Specify Installation Location screen appears.
Identify the Homes, Instances, and the WebLogic Server directory by referring to Section 2.6, "Identifying Installation Directories". After you enter information for each field, click Next. The Specify Security Updates screen appears.
Choose how you want to be notified about security issues:
If you want to be notified about security issues through email, enter your email address in the Email field.
If you want to be notified about security issues through My Oracle Support (formerly MetaLink), select the My Oracle Support option and enter your My Oracle Support Password.
If you do not want to be notified about security issues, leave all fields empty.
Click Next. The Configure Components screen appears.
Select only Oracle Virtual Directory. The Oracle Directory Services Manager and Fusion Middleware Control management components are automatically selected for this installation.
Ensure no other components are selected and click Next. The Configure Ports screen appears.
Choose how you want the Installer to configure ports:
Select Auto Port Configuration if you want the Installer to configure ports from a predetermined range.
Select Specify Ports using Configuration File if you want the Installer to configure ports using the staticports.ini file. You can click View/Edit File to update the settings in the staticports.ini file.
Click Next. The Specify Oracle Virtual Directory Information screen appears.
Enter the following information:
LDAP v3 Name Space: Enter the name space for Oracle Virtual Directory. The default value is dc=myhost,dc=mycompany,dc=com.
HTTP Web Gateway: Select this option to enable the Oracle Virtual Directory HTTP Web Gateway.
Secure: Select this option if you enabled the HTTP Web Gateway and you want to secure it using SSL.
Administrator User Name: Enter the user name for the Oracle Virtual Directory administrator. The default value is cn=orcladmin.
Password: Enter the password for the Oracle Virtual Directory administrator.
Confirm Password: Enter the password for the Oracle Virtual Directory administrator again.
Configure Administrative Server in secure mode: Select this option to secure the Oracle Virtual Directory Administrative Listener using SSL. This option is selected by default. Oracle recommends selecting this option.
Click Next.
The Installation Summary screen appears. Verify the information on this screen. Click Configure to begin the configuration.
The Configuration Progress screen appears. Click Next to continue.
The Installation Complete screen appears. Click Save to save the configuration information to a file, and then click Finish to exit the installer.
A new WebLogic domain (for example: domain2) is created to support Oracle Virtual Directory (OVD) with Oracle Directory Services Manager (ODSM) and Fusion Middleware Control in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.
For managing Oracle Virtual Directory (OVD) with Oracle Directory Services Manager (ODSM), refer to the "Getting Started with Administering Oracle Virtual Directory" chapter in the Oracle Fusion Middleware Administrator's Guide for Oracle Virtual Directory.
This topic describes how to configure Oracle Unified Directory (OUD), Oracle Directory Services Manager (ODSM), Oracle Directory Integration Platform (ODIP) and Fusion Middleware Control in a New WebLogic administration domain. It includes the following sections:
Ensure that the following prerequisites are met.
Ensure that Oracle WebLogic Server 11g Release 1 (10.3.5 or 10.3.6) is installed. For more information, see "Install Oracle WebLogic Server" in the Oracle Fusion Middleware Installation Planning Guide. In addition, see Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server for complete information about installing Oracle WebLogic Server.
Ensure that Oracle Unified Directory is installed, as described in "Installing the Software" in the Oracle Fusion Middleware Installation Guide for Oracle Unified Directory 11g Release 1 (11.1.1), available at the following link:
http://download.oracle.com/docs/cd/E22289_01/html/821-1274/installing-the-software.html#scrolltoc
Note:
In the Specify Installation Location screen enter the location of the Oracle Middleware Home for the OUD Base Location Home.
For the first directory server in your replication topology, follow the instructions in "To Set Up the Directory Server Using the GUI" in the Oracle Fusion Middleware Installation Guide for Oracle Unified Directory 11g Release 1 (11.1.1), available at the following link:
Note:
To enable the changelog adapter, ensure that Oracle Unified Directory instance is setup with the replication topology option. Enabling the changelog adapter is a prerequisite for Oracle Directory Integration Platform (ODIP).
The configuration in this section depends on the following:
Oracle WebLogic Server
Oracle Unified Directory
Perform the following steps to configure Oracle Unified Directory (OUD), Oracle Directory Services Manager (ODSM), Oracle Directory Integration Platform (ODIP) and Fusion Middleware Control in one domain.
Ensure that all the prerequisites are met as described in Prerequisites.
Ensure that Oracle Directory Integration Platform is installed using Install Software - Do Not Configure option, as described in Installing and Configuring Oracle Identity Management 11g Release 1 (11.1.1.7.0) Software.
Run the <MW_HOME>/oracle_common/common/bin/config.sh script (on UNIX) or <MW_HOME>\oracle_common\common\bin\config.cmd (on Windows). The Oracle Fusion Middleware Configuration Wizard appears.
On the Welcome screen, select the Create a new WebLogic domain option. Click Next.
On the Select Domain Source screen, select Generate a domain configured automatically to support the following products: option. Select the following domain configuration options:
Oracle Enterprise Manager - 11.1.1.0 [oracle_common]
Oracle Directory Services Manager - 11.1.1.5.0 [Oracle_OUD1]
Oracle Directory Integration Platform - 11.1.1.2.0 [Oracle_IDM1]
Note:
When you select Oracle Enterprise Manager - 11.1.1.0 [oracle_common] and Oracle Directory Integration Platform - 11.1.1.2.0 [Oracle_IDM1], Oracle Identity Management - 11.1.1.2.0 [Oracle_IDM1] and Oracle JRF 11.1.1.0 [oracle_common] is also selected by default.
Click Next. The Specify Domain Name and Location screen appears.
On the Specify Domain Name and Location screen, enter a name and location for the domain to be created. In addition, enter a location to store applications for the domain. Click Next. The Configure Administrator User Name and Password screen is displayed.
Configure a user name and a password for the administrator. The default user name is weblogic. Click Next. The Configure Server Start Mode and JDK screen is displayed.
Choose JRockit SDK 1.6.0_24 and Production Mode in the Configure Server Start Mode and JDK screen. Click Next. The Select Optional Configuration Screen is displayed.
On the Select Optional Configuration screen, select Administration Server and Managed Servers, Clusters, and Machines option. Click Next. The Configure the Administration Server screen appears.
On the Configure the Administration Server screen, specify the Administration Server name and the Listen port (the default port is 7001). Click Next. The Configure Managed Servers screen appears.
Note:
If you used the default values for the Administration Server name and the Listen port for the Oracle Directory Services Manager (ODSM) that is managing Oracle Virtual Directory (OVD), then you must use a different Administration Server name and Listen port for the Oracle Directory Services Manager (ODSM) that is managing Oracle Directory Integration Platform (ODIP).
For example, you can use 8001 as the Listen port for the Administration Server for Oracle Directory Services Manager (ODSM) that is managing Oracle Directory Integration Platform (ODIP).
On the Configure Managed Servers screen, specify the Managed Server name and the Listen port (the default port is 7005). Click Next.
Note:
If you used the default values for the Managed Server name and the Listen port for the Oracle Directory Services Manager (ODSM) that is managing Oracle Virtual Directory (OVD), then you must use a different Managed Server name and Listen port for the Oracle Directory Services Manager (ODSM) that is managing Oracle Directory Integration Platform (ODIP).
For example, you can use wls_ods2 as the Managed Server name and 8005 as the Listen port for the Managed Server for Oracle Directory Services Manager (ODSM) that is managing Oracle Directory Integration Platform (ODIP).
On the Configure Clusters screen, configure Clusters as required. Click Next.
On the Configure Machines screen, select the Machine or Unix Machine tab. Click on Add and specify the machine name. Click Next.
If you added a machine on the Configure Machines screen, then the Assign Servers to Machines screen appears. On the Assign Servers to Machines screen, assign the Administration Server and the Managed server to the specified machine. Click Next.
On the Configuration Summary screen, review the domain configuration, and click Create to start creating the domain.
Click Done, once the domain is created successfully.
A new WebLogic domain (for example: domain1) is created to support Oracle Unified Directory (OUD), Oracle Directory Services Manager (ODSM), Oracle Directory Integration Platform (ODIP) and Fusion Middleware Control in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.
After configuring Oracle Directory Integration Platform, perform the following tasks:
If the Administration Server and the Managed Server is not up and running then start the Administration Server and the Managed Server (wls_ods2) as described in Starting the Stack.
Verify the Oracle Unified Directory (OUD) server is up and running using the status command, which is located in the <OUD_INSTANCE>/bin/ directory.
Set the JAVA_HOME, WL_HOME and ORACLE_HOME environment variables and execute <ORACLE_HOME>/bin/dipConfigurator. Provide the following information when prompted for input.
WebLogic host, port, username and password details.
Oracle Unified Directory (OUD) host, port, username and password details. Also provide Oracle Unified Directory (OUD) admin port which is required to add global acis to access Changelog for DIP account.
Specify the suffix under which DIP metadata is to be stored.
Following is a sample output for the dipConfigurator command:
Enter WLS Admin Server Host Name : myhost1.mycompany.com Enter WLS Admin Server Port : 8001 Enter username to contact WebLogic Server : weblogic [Enter password to contact WebLogic Server : ] Enter backend LDAP Server HostName : myhost1.mycompany.com Enter backend LDAP Server Port : 4389 Enter username to contact LDAP server : cn=directory manager [Enter password to contact LDAP Server : ] Enter backend LDAP Server Admin Port : 4444 Enter SUFFIX to store DIP metadata : dc=us,dc=mycompany,dc=com
Note:
dipConfigurator script creates a new ASInstance, and a new EMAgent component in that ASInstance. These agents are required for DIP metrics to display in Fusion Middleware Control. The instance, such as dip_inst1, is created under the MW_HOME directory.
Verify the Oracle Directory Integration Platform (ODIP) installation and configuration. For more information, see Verifying ODIP.
The dipConfigurator will set the below ACIs for the specified metadata suffix. But for the other suffixes, set the below ACIs for the containers in OUD, in order to write the changes imported from the other sources:
dn: <Container DN> changetype:modify add: aci aci: (target="ldap:///<Container DN>")(version 3.0; acl "Anonymous read-search access"; allow (read,add,delete,search,write,compare,proxy) groupdn="ldap:///cn=dipadmingrp,cn=DIPadmins,cn=Directory Integration Platform,<metadata suffix>"; allow (read,add,delete,search,write,compare,proxy) groupdn="ldap:///cn=odipigroup,cn=DIPadmins,cn=Directory Integration Platform,<metadata suffix>"; ) - add: aci aci: (targetattr="*")(version 3.0; acl "Anonymous read-search access"; allow (search,read,write,compare,add) groupdn="ldap:///cn=dipadmingrp,cn=DIPadmins,cn=Directory Integration Platform,<metadata suffix>"; allow (search,read,write,compare,add) groupdn="ldap:///cn=odipigroup,cn=DIPadmins,cn=Directory Integration Platform,<metadata suffix>";)
Note:
ODIP configuration can be recreated any number of times if ODIP configuration is deleted or corrupted, for example, while setting up OUD Replication Gateway or OUD Proxy Server. However, if there are any sync profiles that already exists, the connected directory password of the existing profiles needs to be reset after executing dipConfigurator.
For recreating the ODIP configuration, re-run step 3.