Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management (Oracle Fusion Applications Edition) 11g Release 7 (11.1.7) Part Number E21032-21 |
|
|
PDF · Mobi · ePub |
This chapter describes the software installations required for an Oracle Identity Management enterprise deployment.
This chapter contains the following topics:
Section 6.1, "Assembling Information for Identity Management Provisioning"
Section 6.3, "Creating an Oracle Fusion Applications Provisioning Repository"
Assemble the following information prior to provisioning. You can print out the table from the PDF version of this Guide and record your own values.
Table 6-1 Provisioning Information
Description | Variable | Documented Value | Customer Value |
---|---|---|---|
Software Repository Location |
|
|
|
Software Installation Location |
|
|
|
Shared Configuration Location |
|
||
Local Configuration Location |
|
|
|
Common IDM Password for IDM provisioning wizard |
|
||
Identity & Access Management Host 1 |
IDMHOST1.mycompany.com |
||
Admin Server virtual host |
ADMINVHN.mycompany.com |
||
Identity & Access Management Host 2 |
IDMHOST2.mycompany.com |
||
ODSM Port, Second ODSM PORT |
|
7005 |
|
Directory Host 1 |
LDAPHOST1.mycompany.com |
||
Directory Host 2 |
LDAPHOST2.mycompany.com |
||
OID Realm DN, |
|
|
|
OID Identity Store Service Name |
|
OIDEDG.mycompany.com |
|
OID Identity Store Schema Password |
|
||
OID Identity Store Host VIP Names/SCAN Address |
|
DB-SCAN.mycompany.com |
|
OID Identity Store Listener Port |
|
1521 |
|
OID Identity Store Instance Names |
OIDDB1, OIDDB2 |
||
OID Policy Store Realm DN |
|
|
|
First OIM Server virtual host |
OIMHOST1VHN.mycompany.com |
||
Second OIM Server virtual host |
OIMHOST2VHN.mycompany.com |
||
OIM Port, Second OIM Port |
|
14000 |
|
Email Outgoing Server Name |
|
EMAIL.mycompany.com |
|
Email Outgoing Server Port |
|
465 |
|
Email User Name |
|
username |
|
Email Password |
|
||
First SOA Server virtual host |
SOAHOST1VHN.mycompany.com |
||
Second SOA Server virtual host |
SOAHOST2VHN.mycompany.com |
||
SOA Ports, Hosts 1 and 2 |
|
8001 |
|
OIM DB Service Name |
|
OIMEDG.mycompany.com |
|
OIM DB Schema Password |
|
||
IAM DB VIP Names/SCAN Address |
|
MDB-SCAN.mycompany.com |
|
IAM Listener Port |
|
1521 |
|
IAM DB Instance Name |
MDB1, MDB2 |
||
Outgoing Email Server Name |
|
||
Outgoing Email Server Port |
|
||
Outgoing Email Security |
SSL |
||
Email Username |
|
||
Email Password |
|
||
OAM Port, Second OAM Port |
|
14100 |
|
OAM Transfer Mode |
Simple. (Open on AIX.) |
||
OAM Cookie Domain |
|
|
|
OAM WebGate |
|||
First OHS host |
WEBHOST1.mycompany.com |
||
Second OHS host |
WEBHOST2.mycompany.com |
||
OHS Port, Second OHS Port |
|
7777 |
|
OHS SSL Port, Second OHS SSL Port |
|
4443 |
|
Load Balancer Admiin Virtual Host Name |
ADMIN.mycompany.com |
||
Load Balancer Admin Port |
|
80 |
|
Load Balancer Admin Port is SSL? |
No |
||
Load Balancer Internal Callbacks Virtual Host Name |
IDMINTERNAL.mycompany.com |
||
Load Balancer Internal Callbacks Port |
|
80 |
|
Load Balancer Internal Callbacks Port is SSL? |
No |
||
Load Balancer SSO Virtual Host Name |
SSO.mycompany.com |
||
Load Balancer SSL Port |
|
443 |
|
Load Balancer ID Store Virtual Host Name |
IDSTORE.mycompany.com |
||
Load Balancer ID Store Port (OVD) |
|
389 |
|
Load Balancer ID Store SSL Port (OVD) |
|
636 |
|
Load Balancer Policy Store Virtual Host Name |
POLICYSTORE.mycompany.com |
||
LDAP Port |
|
389 |
|
LDAP SSL Port |
|
636 |
|
Before beginning Identity Management Provisioning, disable Oracle Internet Directory monitoring on the load balancer and leave it disabled until provisioning is complete.
The software required by Oracle Identity Management is located in the Oracle Fusion Applications Provisioning Repository. If you have not already done so then you need to create an Oracle Fusion Applications Provisioning Repository as described in "Creating the Provisioning Repository" in Oracle Fusion Applications Installation Guide.
Unzip the RCU zip file REPOS_HOME
/installers/fmw_rcu/linux/rcuHome.zip
to:
REPOS_HOME
/installers/rcu
Make sure that your Provisioning Repository contains Java. It should reside in a directory called jdk6
.
The IDM Provisioning Wizard must be visible to each host in the topology. The wizard is only required during the provisioning process, and can be removed after provisioning.
The installation script for the IDM Lifecycle Tools (IDM Provisioning Wizard and IDM Patching Tools) resides in the directory:
REPOS_HOME
/installers/idmlcm/idmlcm/Disk1
To begin installing the tools, change to that directory and start the script.
cd REPOS_HOME/installers/idmlcm/idmlcm/Disk1 ./runInstaller -jreLoc REPOS_HOME/jdk6
Then proceed as follows:
On the Welcome screen, click Next.
If you are running the Wizard on a UNIX platform, you are prompted for the location of the Inventory Directory, which is used to keep track of all Oracle products installed on this host.
In the Operating System Group ID field, select the group whose members you want to grant access to the inventory directory. All members of this group can install products on this host. Click OK to continue.
The Inventory Location Confirmation dialog prompts you to run the inventory_directory
/createCentralInventory.sh
script as root
to create the /etc/oraInst.loc
file. This file is a pointer to the central inventory and must be present for silent installations. It contains two lines:
inventory_loc=
path_to_central_inventory
inst_group=
install_group
The standard location for this file is /etc/oraInst.loc
, but it can be created anywhere. If you create it in a directory other than /etc
, you must include the -invPtrLoc
argument and enter the location of the inventory when you run the Identity Management Provisioning Wizard or the runIDMProvisioning
script.
If you do not have root
access on this host but want to continue with the installation, select Continue installation with local inventory.
Click OK to continue.
On the Prerequisite Checks screen, verify that checks complete successfully, then click Next.
On the Specify Install Location screen, enter the following information:
Oracle Middleware Home - This is the parent directory of the directory where the Identity Management Provisioning Wizard will be installed. This must be on shared storage for example:
/u01/provisioning/tools
Oracle Home Directory - This is a subdirectory of the above directory where the wizard will be installed. For example:
idmlcm
Click Next.
On the Installation Summary screen, click Install.
On the Installation Progress screen, click Next.
On the Installation Complete screen, click Finish.
Without this patch, the IDM Provisioning tools set up JMS queues incorrectly. Apply this patch before performing provisioning.
Before starting to provision your environment, you must ensure that none of the ports you intend to use is already in use.
To do this, perform the following steps:
Log on to the machine that the component will run on.
Check that no process is running using that port using the command:
netstat -an | grep port
where port
is the port number you are checking for.
For example, for Oracle HTTP server the command is:
netstat -an | grep 7777
For a full list of the default ports, see Table 3-3, "Ports Used in the Oracle Identity Management Enterprise Deployment Topologies".