Oracle® Fusion Middleware Identity Management Provisioning Guide (Oracle Fusion Applications Edition) 11g Release 7 (11.1.7) Part Number E41444-02 |
|
|
PDF · Mobi · ePub |
This chapter describes how to create a provisioning profile using the Identity Management Provisioning Wizard.
This chapter contains the following sections:
Before you can perform provisioning, you must provide information about your topology to the Identity Management Provisioning Wizard. Once you have provided all the necessary input, the wizard will create a provisioning file called provisioning.rsp
that you use to perform the provisioning operation.
Note:
Even if you select a single node install, the screens in the Identity Management Provisioning Wizard show multinode items such as Virtual Host Configuration and Load Balancer Configuration. Ignore the unused fields and click Next.
Before running the provisioning tool, set the following environment variables:
Set ANT_HOME
to: repository_location
/provisioning/ant
Set JAVA_HOME
to: repository_location
/jdk6
To start the Identity Management Provisioning Wizard, execute the following commands from: IDMLCM_HOME
/provisioning/bin
, where IDMLCM_HOME
is the place where you installed the Oracle Home Directory for Identity Management, using the installation script for the Identity Management Provisioning Wizard and Identity Management Patching Tools, as described in Section 2.6, "Installing the Identity Management Lifecycle Tools."
On Linux or UNIX, issue the command:
./idmProvisioningWizard.sh
On Windows, issue the command
idmProvisioningWizard.bat
When the wizard starts, proceed as described in the following sections:
Use the Welcome Page to learn more about the wizard, including some prerequisites for using it.
The Welcome Page provides a brief overview of the wizard and lists some requirements that must be met.
Click Next to continue.
If you are presented with the Specify Inventory Directory page, proceed as described in Step 2 in Section 2.6, "Installing the Identity Management Lifecycle Tools."
Click OK to continue.
Select Create a New Identity Management Environment Provisioning Response File if you are creating a response file for the first time.
Update an Existing Identity Management Environment Provisioning Response File is not supported.
Click Next to continue.
The check box should be unchecked, as this feature is not supported.
Click Next to continue.
The Product List Page is purely informational. It displays the list of products that are installed and configured by the Identity Management Provisioning Wizard.
Click Next to continue.
Specify descriptive information to identify this response file. This description is not associated in any way with the executable plan file, or the summary file, that you save at the end of the response file creation process.
Response File Name: The Identity Management Provisioning Wizard provides the default title Identity Management Provisioning Response File. You can change this.
Response File Version: The Identity Management Provisioning Wizard provides a default value, which you can change. You can use this to keep track of different file versions.
Created By: Defaults to the operating system user who invoked the Provisioning Wizard. Set when the response file is initially created and cannot be modified for the current response file.
Created Date: Defaults to the date that the response file was initially created. Set when the response file was initially created and cannot be modified for the current response file.
Response File Description: Provide a description of this response file. This is an optional field.
Click Next to continue.
Use the Install Location Configuration Page to supply the location of the various directories required for installation and configuration actions.
Installation and Configuration
Software Repository Location: Specify the location of the software repository, either by typing it in the field or by clicking the Browse button, navigating to the desired location, and selecting it. This location must contain a folder named installers
, which contains the software to install.
Software Installation Location: Specify the location on shared storage where you want the Middleware Homes to be placed, either by typing it in the field or by clicking the Browse button, navigating to the desired location, and selecting it. In a multinode scenario, this folder must be shared across all machines.
Ensure that this directory path is 45 characters or fewer in length. A longer pathname can cause errors during Identity Management provisioning. See Section 7.2.2, "Null Error Occurs When WebLogic Patches Are Applied."
Shared Configuration Location: Specify the shared configuration location, either by typing it in the field or by clicking the Browse button, navigating to the desired location, and selecting it. (In a single host environment, the shared configuration location is not actually shared.)
Enable Local Configuration Location: Do not select this option, as it is not relevant when provisioning a single host environment.
Click Next to continue.
Use the Node Topology Configuration Page to select configuration options and provide information about hosts and products.
Single Host: Select to provision a simple, single host topology.
Host Name: Specify the host where you want to provision Identity Management, as a fully-qualified host name.
EDG Topology: Do not select this topology. If you want to provision a multiple host topology, you should be using Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management (Oracle Fusion Applications Edition), not the current guide.
Install WebTier in DMZ: Do not select this option, as it is not relevant when provisioning a single-host environment.
Click Next to continue.
Use the Virtual Hosts Configuration Page to select virtual host configuration options. If you selected Single Host, the Virtual Hosts Configuration Page is not editable.
Click Next to continue.
Use the Common Passwords Page to select a common password.
Common Identity Management Password: Specify a password to be used for all administrative users in the Identity Management Suite and for keystores. The password must be at least eight characters long and must contain at least one uppercase letter and at least one number.
Confirm Common Identity Management Password: Reenter the password.
Click Next to continue.
Use the OID Configuration Page to select configuration options for Oracle Internet Directory.
Oracle Internet Directory Configuration Parameters
Identity Store Realm DN: Specify the Distinguished Name of the Oracle Internet Directory realm, for example: dc=mycompany,dc=com
Policy Store Realm DN: This field cannot be edited. The Policy Store and Identity Store will always be the same.
Click Next to continue.
Use the ODSM Configuration Page to select configuration options for Oracle Directory Services Manager (ODSM). Information about the second host will appear on the page only if Configure Second Instances Topology was selected in the Node Topology Configuration Page.
ODSM Host: This field is purely informational. The value is determined by the host entered in the Node Topology Configuration Page.
Port: Specify the port to be used by the first ODSM instance.
Second ODSM Host: This field is purely informational. The value is determined by the host entered in the Node Topology Configuration Page.
Second ODSM Port: Specify the port to be used by the second ODSM instance.
Click Next to continue.
Use the OHS Configuration Page to change the installation ports used for Oracle HTTP Server (OHS). Information about the second host will appear on the page only if Configure Second Instances Topology was selected in the Node Topology Configuration Page.
Oracle HTTP Server for Identity Management Configuration Parameters
Host: This field is purely informational. The value is determined by the host entered in the Node Topology Configuration Page.
Port: Specify the non-SSL port number to be used for the first instance of the Oracle HTTP Server.
SSL Port: Specify the SSL port number to be used for the first instance of the Oracle HTTP Server.
Instance Name: This field is purely informational. It displays the instance name of the first Oracle HTTP Server.
Second OHS Host: This field is purely informational. The value is determined by the host entered in the Node Topology Configuration Page.
Second OHS Port: Specify the non-SSL port number to be used for the second instance of the Oracle HTTP Server.
Second OHS SSL Port: Specify the SSL port number to be used for the second instance of the Oracle HTTP Server.
Second Instance Name: This field is purely informational. It displays the instance name of the second Oracle HTTP Server.
Protocol: This field is purely informational.
Click Next to continue.
Use the OIM Configuration Page to modify the ports used by Oracle Identity Manager and, optionally, to configure an email server. Information about the second host will appear on the page only if Configure Second Instances Topology was selected in the Node Topology Configuration Page.
Oracle Identity Manager Configuration Parameters
OIM Host: This field is purely informational. The value is determined by the host entered in the Node Topology Configuration Page.
OIM Port: Specify the port to be used by the Oracle Identity Manager managed servers.
Second OIM Host: This field is purely informational. The value is determined by the host entered in the Node Topology Configuration Page.
Second OIM Port: Specify the port to be used by the Oracle Identity Manager managed servers.
Configure Email Server: Select to configure the default email server on Linux. If you select this option on Windows, you must also select Custom Email Server.
Custom Email Server: Select to configure a custom email server. On Windows, you must select this option if you selected Configure Email Server.
Outgoing Server Name: Specify the name of your outgoing email server, for example: mail.mycompany.com
Outgoing Server Port: Specify the port that your outgoing email server uses. This is typically 465.
Outgoing Email Security: The security used by SMTP server. Possible values are None
, TLS
and SSL
.
Username: If you require a username to authenticate with the email server, enter that username.
Password: Enter the password for the username.
Click Next to continue.
Use the OAM Configuration Page to select installation options for Oracle Access Manager. Information about the second host will appear on the page only if Configure Second Instances Topology was selected in the Node Topology Configuration Page.
Oracle Access Manager Configuration Parameters
OAM Host: This field is purely informational. The value is determined by the host entered in the Node Topology Configuration Page.
OAM Port: Specify the port number of the first instance.
Second OAM Host: This field is purely informational. The value is determined by the host entered in the Node Topology Configuration Page.
Second OAM Port: Specify the port number of the second instance.
OAM Transfer Mode: Specify the transfer mode to be used by Oracle Access manager. This must be Open
on AIX and Simple
on other platforms.
Cookie Domain: Specify the cookie domain. For example: .mycompany.com
Click Next to continue.
Use the SOA Configuration Page to enter the ports to be used by the SOA Managed servers. Information about the second host will appear on the page only if Configure Second Instances Topology was selected in the Node Topology Configuration Page.
SOA Configuration Parameters
SOA Host: This field is purely informational
Port: This field specifies the port for the first SOA instance. You can change this.
Second SOA Host: This field is purely informational
Second SOA Port: This field specifies the port for the second SOA instance. You can change this
Click Next to continue.
Use the OID Identity Store DB Configuration Page to enter the database connection details for your Oracle Internet Directory Database.
OID Identity Store DB Configuration Parameters
Schema User Name: This field specifies the name of the Oracle Internet Directory schema user, ODS. You cannot change this name.
Service Name: Specify the service name of the database service, for example: oiddb.mycompany.com
Schema Password: Specify the password you used when creating the Oracle Internet Directory schema using the Identity Management RCU.
Single DB: Select if you are using a single Oracle Database.
Host VIP Name: Specify the host name of the Oracle Database.
Listener Port: Specify the database listener port.
RAC DB: Select if you are using an Oracle RAC Database. Up to four RAC instances are supported.
Host VIP Name: Specify the host name of the Oracle RAC Database instance. If you are using Oracle Database 11.2, this must be the SCAN address.
Listener Port: Specify the database listener port
Instance Name: Specify the database instance name, for example, oiddb1.
Click Next to continue.
The OID Policy Store DB Configuration page cannot be edited. The values are purely informational and are the same as those entered on the OID Identity Store DB Configuration Page.
Schema User Name: The name of the Oracle Internet Directory schema user, ODS.
Service Name: The service name of the database service, for example: oiddb.mycompany.com
Schema Password: The password you used when creating the Oracle Internet Directory schema using the Identity Management RCU.
Single DB: Selected if you are using a single Oracle Database.
Host VIP Name: The host name of the Oracle Database.
Listener Port: The database listener port.
RAC DB: Selected if you are using an Oracle RAC Database. Up to four RAC instances are supported.
Host VIP Name: The host name of the RAC database instance. If you are using Oracle Database 11.2, this must be the SCAN address.
Listener Port: The database listener port.
Instance Name: The database instance name, for example, oiddb1.
Click Next to continue.
Use the OIM DB Configuration Page to enter information about the Database that contains the schemas for Oracle Identity Manager, SOA, Oracle Access Manager, and Oracle Identity Federation.
OIM DB Configuration Page
Schema User Name: This field specifies the name of the schema user, FA_OIM
. You cannot change this name.
Service Name: Specify the service name of the database service, for example: oiddb.mycompany.com
Schema Password: Specify the password you used when creating the Oracle Internet Directory schema using the Identity Management RCU.
Single DB: Select if you are using a single Oracle Database.
Host VIP Name: Specify the host name of the Oracle Database.
Listener Port: Specify the database listener port.
RAC DB: Select if you are using an Oracle RAC Database.
Host VIP Name: Specify the host name of the RAC database instance. If you are using Oracle Database 11.2, this must be the SCAN address.
Listener Port: Specify the database listener port.
Instance Name: Specify the database instance name, for example, oiddb1.
Click Next to continue.
The OAM DB Configuration Page cannot be edited. The values are purely informational and are the same as those entered on the OIM DB Configuration Page, except for the Schema User Name.
Schema User Name: The name of the schema user, FA_OAM
.
Service Name: The service name of the database service, for example: oiddb.mycompany.com
Schema Password: The password you used when creating the Oracle Internet Directory schema using the Identity Management RCU.
Single DB: Selected if you are using a single Oracle Database.
Host VIP Name: The host name of the Oracle Database.
Listener Port: Specify the database listener port.
RAC DB: Selected if you are using an Oracle RAC Database. Up to four instances are supported.
Host VIP Name: The host name of the RAC database instance. If you are using Oracle Database 11.2, this must be the SCAN address.
Listener Port: The database listener port.
Instance Name: The database instance name, for example, oiddb1.
Click Next to continue.
In a single-host environment, the Load Balancer Page is not editable.
Click Next to continue.
Use the Summary Page to view a summary of your selections and enter additional information.
Response File Name: Provide the name of the response file to be created.
Provisioning Summary: Provide the name of the provisioning summary file to be created.
Directory: Specify the directory where you want this Provisioning Response File to be saved.