This chapter provides an overview of the Oracle Identity Management 11g Release 1 (11.1.1.7.0) installation. This chapter includes the following topics:
Oracle Identity Management 11g Release 1 (11.1.1.7.0) Components
Installation Types: "Install Software - Do Not Configure" vs. "Install and Configure"
Understanding Oracle WebLogic Server Administration Domain Options
Understanding the State of Oracle Identity Management Components After Installation
Oracle Identity Management 11g Release 1 (11.1.1.7.0) includes the following components:
Oracle Internet Directory
Oracle Virtual Directory
Oracle Directory Services Manager
Oracle Directory Integration Platform
Oracle Identity Federation
Note:
This document does not cover the information for installing Oracle Identity and Access Management components. For information on installing Oracle Identity and Access Management components, refer to Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management.
Table 1-1 describes the high-level tasks for installing and configuring Oracle Identity Management. The table also provides information on where to get more details about each task.
Table 1-1 Tasks in the Oracle Identity Management Installation Procedure
| Task | Description | Documentation | Mandatory or Optional? |
|---|---|---|---|
|
Task 1 - Prepare your environment for installation. |
Ensure that your system environment meets the general installation requirements for Oracle Fusion Middleware as well as Oracle Identity Management and RCU. |
For system requirements information, go to: http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-requirements-100147.html For certification information, go to:
|
Mandatory |
|
Task 2 - Run RCU to create the necessary schemas. |
Oracle Identity Management components require schemas that must be installed in an Oracle database. You create and load these schemas in your database by using RCU. |
Make sure you have a supported Oracle database up and running. See Instructions for creating the schema are provided in "Running Oracle Fusion Middleware Repository Creation Utility (RCU)" in the Oracle Fusion Middleware Repository Creation Utility User's Guide. In addition, refer to Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU) in this guide. |
Mandatory |
|
Task 3 - Install Oracle WebLogic Server 11g Release 1 (10.3.6) or Oracle WebLogic Server 11g Release 1 (10.3.5), and create a Middleware home. |
Oracle Identity Management requires a Middleware home directory. The Middleware home is created during the Oracle WebLogic Server installation. The WebLogic Server installer also creates the WebLogic home directory within the Oracle Middleware home directory. |
Installation instructions are provided in Oracle WebLogic Server Installation Guide. For more information about the Middleware home and WebLogic home directories, see Oracle Fusion Middleware Concepts Guide. |
Mandatory |
|
Task 4 - Install Oracle Identity Management |
Use the installer to install Oracle Identity Management 11.1.1.7.0 |
See Installing Oracle Identity Management Using "Install and Configure" Option. For more information about the installation types, see Installation Types: "Install Software - Do Not Configure" vs. "Install and Configure". |
Mandatory |
|
Task 5 - Configure Oracle Identity Management |
After installing, run the Configuration Tool to configure your Oracle Identity Management components. Note: This step applies if you selected Install Software - Do Not Configure option in the Select Installation Type screen while installing Oracle Identity Management 11g Release 1 (11.1.1.7.0) |
See the following topics in this guide:
|
Optional |
The Select Installation Type screen in the Installer presents two options: Install and Configure and Install Software - Do Not Configure. This section describes both options:
Choose the Install Software - Do Not Configure option to install Oracle Identity Management components without configuring them during installation. If you choose the Install Software - Do Not Configure option, the Installer installs the component software and then closes. Oracle Identity Management components will not start running after deploying them using the Install Software - Do Not Configure option, as additional configuration is needed.
After you install components using the Install Software - Do Not Configure option, you can configure them at a later time using the Oracle Identity Management 11g Release 1 (11.1.1.7.0) Configuration Wizard. To start the Oracle Identity Management 11g Release 1 (11.1.1.7.0) Configuration Wizard, execute the ORACLE_HOME/bin/config.sh script (config.bat on Windows).
The Install and Configure option allows you to install Oracle Identity Management components and simultaneously configure some of their fundamental elements, such as passwords, user names, and so on. Oracle Identity Management components start running and are immediately ready for use after deploying them using the Install and Configure option.
During installation, you have several options for choosing how the Oracle Identity Management components are installed in relation to an Oracle WebLogic Server administration domain. A domain includes a special WebLogic Server instance called the Administration Server, which is the central point from which you configure and manage all resources in the domain.
This section describes each domain option for installing Oracle Identity Management components:
See:
The "Understanding Oracle WebLogic Server Domains" chapter in the Oracle Fusion Middleware Understanding Domain Configuration for Oracle WebLogic Server guide for more information about Oracle WebLogic Server administration domains.
Select the Create New Domain option to create a new Oracle WebLogic Server administration domain and install Oracle Identity Management components in it. When you install Oracle Identity Management components in a new domain, the Fusion Middleware Control management component and the Oracle WebLogic Administration Server are automatically deployed with them.
Select the Extend Existing Domain option to install Oracle Identity Management components in an existing Oracle WebLogic Server administration domain. When you install Oracle Identity Management components using this option, they are essentially "joining" an existing domain.
Note:
To install Oracle Identity Management components in an existing Oracle WebLogic Server administration domain, each Oracle WebLogic Server Home, Oracle Middleware Home, and Oracle Home directory in the domain must have identical directory paths and names.
If you want to install and configure Oracle Identity Management components in an existing Oracle WebLogic Server administration domain, by using either the Installer or the Oracle Identity Management 11g Release 1 Configuration Wizard, the existing domain must have been created using the Oracle Identity Management 11g Release 1 Installer. You cannot extend an existing domain for Oracle Identity Management components if the domain was created by another program, such as the Oracle SOA Installer or the Oracle Fusion Middleware Configuration Wizard.
Note:
When you install components using the Extend Existing Domain option, you must provide some credentials for the existing domain, including the user name for the domain. You must enter the user name in ASCII characters only.
Select the Expand Cluster option to install Oracle Identity Management components in an Oracle WebLogic Server cluster for High Availability (HA). This document does not explain how to install Oracle Identity Management components in HA configurations. Refer to the following documents for more information:
Select the Configure without a Domain option to install Oracle Identity Management components and configure them to be without domain membership.
Note:
Only the Oracle Internet Directory and Oracle Virtual Directory components are certified for installation without a domain.
For Oracle Internet Directory, the Configure without a Domain option is appropriate for environments that have both of the following conditions:
You do not want to include Oracle Internet Directory in a WebLogic Server administration domain for management purposes.
You do not want to manage Oracle Internet Directory and Oracle Directory Services Manager using Fusion Middleware Control.
For Oracle Virtual Directory, the Configure without a Domain option is appropriate if you want to register Oracle Virtual Directory with a remote WebLogic Administration Server for management purposes, but you do not want to install Oracle WebLogic Server locally.
You can install Oracle Fusion Middleware instances on separate systems. You can also distribute Oracle Fusion Middleware components over multiple systems, which is especially useful for Oracle Identity Management components. You might want to distribute components to improve performance, security, scalability, and availability of Oracle Identity Management services.
The following are two (of many) examples of Oracle Identity Management deployments that benefit from distributing components over multiple systems:
Oracle Internet Directory on one system, and Oracle Directory Services Manager and Oracle Directory Integration Platform on a separate system.
Oracle Identity Management components use an Oracle Database to contain the Oracle Metadata Repository. The Oracle Identity Management components and the Oracle Database are installed on separate systems.
Note:
If you install Oracle Identity Management components on a separate system from the database containing the Oracle Metadata Repository, the Oracle Identity Management components will need network access to the repository.
See:
The following documents if you want to configure more than one Oracle Internet Directory against the same Oracle Metadata Repository:
This topic provides information about the state of Oracle Identity Management components after installation, including:
By default, Oracle Internet Directory and Oracle Virtual Directory are installed with SSL configured. You must configure SSL for the Oracle WebLogic Administration Server and Oracle WebLogic Managed Server after installation.
See:
The Oracle Fusion Middleware Administrator's Guide for more information.
By default, the passwords for all Oracle Identity Management components are set to the password for the Oracle Identity Management Instance. For security reasons, after installation, you should change the passwords of the various components so they have different values.
See:
The following documents for information about changing passwords for Oracle Identity Management components:
Component-specific guides listed in the "Related Documents" section in this guide's Preface.
When you use the Auto Port Configuration option during installation, the Installer follows specific steps to assign ports. The following information describes the default ports and port assignment logic the Installer uses to assign ports for various Oracle Identity Management components when you use the Auto Port Configuration option during installation.
Oracle Virtual Directory:
Non-SSL LDAP port: 6051
SSL LDAP port: 6052
HTTP Admin port: 8899
HTTP Web Gateway port: 2223
First, the Installer attempts to assign the default port. If the default port is unavailable, the Installer tries ports within a range of 50 from the default port. For example, when the Installer assigns the non-SSL port for Oracle Virtual Directory, it first attempts to assign 6501. If 6501 is unavailable, it tries ports from 6501 to 6551. The Installer uses this approach to assign all Oracle Virtual Directory ports.
Oracle Internet Directory:
Non-SSL port: 3060
SSL port: 3131
First, the Installer attempts to assign default ports. If the non-SSL port is unavailable, the Installer tries ports from 3061 to 3070, then from 13060 to 13070. Similarly, the Installer first attempts to assign 3131 as the SSL port, then ports from 3132 to 3141, and then from 13131 to 13141.
Oracle Identity Federation: 7499
First, the Installer attempts to assign the default port. If the default port is unavailable, the Installer tries ports in increments of one, that is: 7500, then 7501, then 7502, and so on. The Installer tries ports up until 9000 to find an available port.
Oracle Directory Services Manager: 7005
First, the Installer attempts to assign the default port. If the default port is unavailable, the Installer tries ports in increments of one, that is: 7006, then 7007, then 7008, and so on. The Installer tries ports up until 9000 to find an available port.
Oracle WebLogic Administration Server: 7001
Oracle Process Manager and Notification Server:
OPMN Local Port: 6800
OPMN Remote Port: 6801
OPMN Request Port: 6802
This topic describes additional sources for 11g Release 1 (11.1.1) deployment information, including documentation on the following subjects:
Upgrading to Oracle Identity Management 11g Release 1 (11.1.1.7.0)
Installing Oracle Identity Management 11g Release 1 (11.1.1.7.0) for High Availability
This guide does not explain how to upgrade previous versions of Oracle Identity Management components, including any previous database schemas, to 11g Release 1 (11.1.1.7.0). To upgrade an Oracle Identity Management component that is earlier than 11g, refer to Oracle Fusion Middleware Upgrade Guide for Oracle Identity Management.
If you have an existing Oracle Identity Management 11g Release 1 installation, refer to the "Applying the Latest Oracle Fusion Middleware Patch Set" topic in the Oracle Fusion Middleware Patching Guide.
This guide does not explain how to install Oracle Identity Management components in High Availability (HA) configurations. To install an Oracle Identity Management component in a High Availability configuration, refer to Oracle Fusion Middleware High Availability Guide.
Specifically, see the "Configuring High Availability for Identity Management Components" topic in the Oracle Fusion Middleware High Availability Guide.
In addition, you may also refer to the Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management.
Each document in the Oracle Fusion Middleware Documentation Library has a specific purpose. The specific purpose of this guide is to explain how to:
Install single instances of Oracle Identity Management 11g Release 1 (11.1.1) components.
Verify the installation was successful.
Get started with the component after installation.
This guide covers the most common, certified Oracle Identity Management deployments. The following information is provided for each of these deployments:
Appropriate Installation Environment: Helps you determine which installation is appropriate for your environment.
Components Installed: Identifies the components that are installed in each scenario.
Dependencies: Identifies the components each installation depends on.
Procedure: Explains the steps for the installation.
Part II of this guide explains how to install Oracle Internet Directory, Oracle Virtual Directory, Oracle Directory Services Manager, Oracle Directory Integration Platform, and Oracle Identity Federation Management by using the Oracle Identity Management 11.1.1.7.0 Installer and the Oracle Identity Management Configuration Wizard.
The following is a list of recommendations on how to use the information in this guide to install Oracle Identity Management 11g Release 1 (11.1.1.7.0):
Review Chapter 1, "Introduction," for context.
Review Chapter 2, "Preparing to Install," for information about what you should consider before you deploy Oracle Identity Management.
Review Chapter 4, "Installing and Configuring Oracle Identity Management (11.1.1.7.0)," for general installation and configuration information which applies to all Oracle Identity Management 11g Release 1 (11.1.1.7.0) products.
Install, verify, and get started with your Oracle Identity Management component by referring to its specific chapter in this guide.
Use the appendixes in this guide as needed.
See Also:
The "Related Documents" section in this guide's Preface for a list of documents that provide additional information about Oracle Identity Management components.