Skip Headers

Oracle Content Management Software Development Kit (Oracle CM SDK) Installation Guide
Release 9.0.3 for Windows NT/2000
Part Number B10053-01
Go To Table Of Contents
Contents		 Go To Index
Index

Go to previous page Go to next page

4
Post-configuration

The instructions in this chapter presume that you have completed all pre-installation and configuration tasks described in previous chapters. Topics in this chapter include:

Required Post-Configuration Tasks

The instructions presume that the Oracle Content Management SDK Configuration Assistant has successfully completed and that the Oracle CM SDK Configuration Complete page is displayed. You must perform these tasks to complete the configuration and start the domain, and to ensure that your system is operational and secure:

Grant the Administrator Account "Logon as Batch Job" Privileges

You need to grant the Windows NT and 2000 Administrator account (or other account you're using to install and configure Oracle 9iAS) the Logon as Batch Job privilege in order to start the Domain Controller and Nodes from the Oracle Enterprise Manager Web Site.

These instructions presume you are still logged on to the Windows NT or Windows 2000 machine as the Administrator (or other user account with administration privileges).

For Windows NT

  1. Open the User Manager (Start > Administrative Tools (Common) > User Manager).

    The User Manager (or User Manager for Domains for Windows NT Server) displays.

  2. Select Policies > User Rights.

    The User Rights Policy screen displays.

  3. Select the Show Advanced User Rights box, located in the lower-left corner of the display.

  4. Select Logon as Batch Job from the drop-down menu of rights.

  5. Click Add.

  6. Add the user account that was used to install Oracle 9iAS, typically Administrator or another user account from the Administrators group.

  7. Click OK to close the dialog.

  8. Click OK to save the change and exit the User Rights Policy dialog.

For Windows 2000

  1. Open Local Security Policy (Start > Settings > Control Panel).

  2. Click Open Administrative Tools.

  3. Click Local Security Policy.

    The Local Security Settings window appears.

  4. From the tree on the left side pane, open Local Policies and select User Rights Assignment.

    A list of policies will appear in the right side panel.

  5. Click the Logon as Batch Job policy.

  6. Click the Add button.

  7. Add the user account that was used to install Oracle 9iAS, typically Administrator or another user account from the Administrators group.

  8. Click OK to close the dialog.

  9. Click OK to save the change and exit the Local Security Settings window.

Start All Necessary Processes

These instructions presume that Oracle9i Application Server and Oracle CM SDK have been installed and configured properly, and that the database and listener are running.

Oracle CM SDK uses the Oracle9iAS Containers for J2EE (OC4J) component of Oracle9iAS to support the DAV Servlet, which is deployed to OC4J automatically at the end of the configuration process.

  1. Reboot your machine.

  2. Re-start the Oracle Enterprise Manager Web siteFoot 1 service, OracleHOME_NAMEEMWebsite, by stopping it and then starting it again. 

    If your Oracle CM SDK domain comprises multiple physical machines, you 
must perform this task on each machine.
  3. From a Web browser on the server machine or from another machine on the network, access the URL to connect to the Oracle Enterprise Manager Web site on the machine where the Oracle CM SDK domain controller is configured: 

    http://hostname:1810

    Alternatively, you can go directly to the Oracle9i Application Server page by entering: 

    http://hostname:1810/emd/console/targets

    If you enter this URL, the page listed in step 4 displays.

  4. A Username and Password Required or Enter Network Password prompt displays. You must enter the Oracle9iAS logon and password before you can proceed.

    Enter ias_admin as the user name with the appropriate password for the Oracle9iAS instance. If no infrastructure has been configured, the Oracle9iAS Home page displays (otherwise, the farm page displays); the name shows as simply Enterprise Manager. You see a Targets tab in the upper-right area of the page.

    The Web page displays a list of all Oracle9i Application Server components (these are the Targets) running on the specified host. By default, Oracle9i Business Components for Java (BC4J), OC4J Demos, Clickstream Collector, and several other components are installed on every Oracle9i Application Server instance, regardless of install type and selections you make.)

  5. Click on the name of the Oracle9iAS instance that is hosting the Oracle CM SDK software. You may be prompted for the Oracle9iAS instance user name and password again. Enter the user name (ias_admin/password) to continue.

    A page displays all the Oracle9iAS system components running on the instance. This list should include the Oracle CM SDK domain, which displays as a concatenation of IFS_ and the database instance's hostname, port number, service name, and the name of the schema for Oracle CM SDK. For example: 

    IFS_myMachineHostname.mycompany.com:1521:myDBServiceName:myCMSDKSchemaName

    Note that although you see Start and Stop buttons on this page, you cannot control Oracle CM SDK from this page. You must follow the next few steps.

  6. Click on the domain name link. On the subsequent page, click the Start Local Components button. A page prompting you for the host credential to launch the Oracle CM SDK node displays.

    • Enter the OS (operating system) account name and password for the machine. On NT systems this is typically the Administrator username and password.

    • Click the OK button to continue.

    If your domain comprises multiple nodes across multiple machines, repeat this step for each machine. You must enter the OS account name and password on each machine running a node that you want to start.

  7. From the Oracle9iAS system components page, click on the link to display the top-level management page for Oracle CM SDK domain. The Oracle CM SDK top-level management page displays. You'll see the domain name (such as myHostname.mycompany.com:1521:myDBServiceName:myCMSDKSchemaName) displayed in the upper-left area of the page.

  8. Ensure that the OC4J instance is running. To start the OC4J instance:

    1. Select OC4J_IFS_CMSDK.

    2. Click Restart.

    3. Click Confirm.

    The Oracle CM SDK domain starts.

    Note:

    The Oracle CM SDK instance can be started using Enterprise Manager (as detailed above), or by entering ifsctl start at the command line.

    See the Oracle Content Management SDK Administration Guide for more information about starting, stopping, and generally managing Oracle CM SDK.

Create Private (Oracle CM SDK-specific) Passwords

If you configured an OidCredentialManager for this Oracle CM SDK domain (rather than the native Oracle CM SDK credential manager), you must create Oracle CM SDK-specific passwords to enable users to access Oracle CM SDK using AFP, CUP, FTP, IMAP, or NTFS.

Note that this requirement also applies to Oracle CM SDK users system, scott, and guest--by default, the Oracle CM SDK-specific password for these three accounts is null, so protocols such as FTP and CUP won't allow access (if you're using Oracle Internet Directory) until you create an Oracle CM SDK-specific password for these accounts.

  1. Launch Internet File System Manager from a Web browser: 

    http://hostname.mycompany.com:7778/cmsdk/admin

    Note:

    The port number may vary depending on whether or not you have configured Webcache.

  1. When prompted for account and password, login in as system/password (using the password created during configuration.)

    The Welcome to Internet File System Manager page displays. You'll see tabs labeled Home, Basic, Advanced in the upper-right-hand corner, and the domain name in the center of the page: 

    ifs://hostname:1521:service_name:schema_name

    Note:

    Port 1521 is the default. If your database instance is running on a different port, you'll see that instead.

  2. Click the Basic tab to go to basic administrative task section of Internet File System Manager.

  3. Click the Users tab to display the Users page. You'll see a list of users that exist in the system (for a new installation, this will likely be only the system, guest, and scott accounts).

    • If you are creating a new user account rather than editing an existing account, click the New User button and create the user account.

      • Use single-byte characters only when creating user account names. Although Oracle CM SDK supports multi-byte character sets, users whose account names are created with multi-byte characters are unable to access content through many of the Oracle CM SDK protocol servers.

    • See the Oracle Content Management SDK Administration Guide for additional information about creating users.

  4. On the General tab, enter the "9iFS Private Password" for this user.

  5. Confirm the password by entering the password again in the "Confirm" field.

    This additional password is stored in Oracle Internet Directory for use with the specific protocols. This password is different from (and, in addition to) the regular Oracle Internet Directory password. The result is added security -- if a cleartext password is intercepted, it will not provide access to other applications using Oracle Internet Directory, because it uses a different password verifier in Oracle Internet Directory. See Oracle Internet Directory Administrator's Guide for complete details about Oracle Internet Directory and password verifiers.

    Note that only Admin users can access the Internet File System Manager and change/set Oracle CM SDK-specific passwords.

    See Oracle Content Management SDK Administration Guide for more information about creating users.

    Run Oracle CM SDK With SSL Enabled

    To set up Oracle CM SDK to work with https, perform the following steps after configuring Oracle CM SDK:

    1. Go to http://hostname:port/pls/orasso/ where hostname is the hostname of the infrastructure machine to which the middle-tier computer is pointing, and port number corresponds to the Oracle HTTP Server Port, typically 7777.

    2. Logon to the SSO Server as orcladmin.

    3. Click SSO Server Administration.

    4. Select Administer Partner Applications.

    5. Click Add Partner Application to add a new partner application, or click the pencil icon corresponding to the middle-tier instance to edit an existing application.

    6. Enter or edit the Home URL as follows: 

      https://mid-tier_hostname:Oracle9iAS_WebCacheHTTP_Listen(SSL)_port
    7. Enter or edit the Success URL as follows: 

      https://mid-tier_hostname:Oracle9iAS_WebCacheHTTP_Listen(SSL)_ port/osso_
login_success
    8. Enter or edit the Logout URL as follows: 

      https://mid-tier_hostname:Oracle9iAS_WebCacheHTTP_Listen(SSL)_port/osso_
logout_success.
    9. Click Apply and confirm to save the changes.

    Validate Basic Operations

    To validate that the domain and node started and that the core Oracle CM SDK components are working, you can attempt to connect to the system from another machine on the network.

    Table 4-1 Basic Functionality
    Protocol or Server Access Address or Method Expected Result

    HTTP

    http://hostname:7778/cmsdk/admin

    Prompts for administrative user account (system/password) and upon authentication, displays the Internet File System Manager.

    NTFS

    At the command prompt, enter:

    C:\> dir O: where O is the mapped drive

    A directory listing appears

    Note that if you attempt to connect to the Web server (HTTP) and get a "503 Service Temporarily Unavailable" message, it means that the domain hasn't started (in particular, the HTTP node hasn't fully started). You must start the HTTP node.

    Optional Post-configuration Tasks

    Depending on the specifics of your Oracle CM SDK deployment, you may perform this post-installation task.

    This task is not required to get Oracle CM SDK up and running.

    Configure the NFS Server

    There are three different configuration changes you may want to make to the Oracle CM SDK NFS Protocol Server:

    • UNIX-UID-to-Oracle Content Management SDK-User Account Client Mapping. Creates a mapping between UNIX UIDs and Oracle CM SDK user accounts so that users can access Oracle CM SDK after logging on to their UNIX user accounts.

    • Set Up a Trusted Client List. Explicitly grants or revokes access privileges to a specific IP address (or host machine) or domains. The Trusted Client list is an Oracle-exclusive capability to enhance NFS protocol security.

    • Enable NIS Authentication. If your environment uses NIS for user, group, and password information, you can configure the Oracle CM SDK NFS protocol server to use the NIS server to authenticate users.

    In most environments, you should map the UNIX and Oracle CM SDK accounts. The user account map is a domain property, and it is able to be updated dynamically--you need not restart the server to have the mappings take effect. In addition, the changes are persistent, even after you restart the server.

    The Trusted Client List or NIS authentication are NFS server configuration properties. They also appear as dynamic domain properties at runtime.

    UNIX-UID-to-Oracle Content Management SDK-User Account Client Mapping

    Oracle CM SDK NFS Protocol Server uses the UNIX system authentication process to authenticate users; that is, the UNIX UID (user identification) number is passed to the Oracle CM SDK NFS protocol server.

    Users can login once to the UNIX operating system, and then access Oracle CM SDK without having to undergo an additional login process, as long as their UNIX accounts are mapped to Oracle CM SDK accounts.

    UNIX-UID to-Oracle Content Management SDK client mapping is configured in the IFS.DOMAIN.PROTOCOL.NFS.UidToUserMap domain property.

    1. From a Web browser, connect to the Oracle Enterprise Manager Web site running on the machine where the Oracle CM SDK domain controller is configured: 

      http://hostname:1810
    2. Enter the Oracle9iAS logon username and password to continue.

      • Enter ias_admin as the username with the appropriate password for the Oracle9iAS instance.

      A page displays all the Oracle9iAS system components running on the instance. This list should include the Oracle CM SDK domain: 

      IFS_hostname.companyname.com:1521:DBServiceName:CMSDKSchemaName
    3. Click on the domain name link. The General page displays, listing the Domain Controller and nodes that comprise the domain. Toward the lower-left hand area of the page are links to Configuration objects for the domain.

    4. Click on the Domain Properties link (under the Configuration heading). The Domain Properties page displays, listing 25 property bundles at a time. Scroll down until you find IFS.DOMAIN.PROTOCOL.NFS.UidToUserMap (you may need to move to the second or subsequent page to find this object).

    5. Click on the hyperlinked name IFS.DOMAIN.PROTOCOL.NFS.UidToUserMap in the list. The Edit 'IFS.DOMAIN.PROTOCOL.NFS.UidToUserMap' page displays.

      By default, the UID 60001 (default UNIX guest account) is listed on the page.

    6. Click the Add button to add a UNIX UID and create a mapping to an Oracle CM SDK user account:

      • Enter the UID in the Name field.

      • Enter the Oracle CM SDK user account name in the Value field.

      • Leave the Type setting as 'String.'

    7. Continue adding users in this manner until you have added all users with UNIX client accounts that will access Oracle CM SDK NFS protocol server.

    Unlike service, node, and server configuration object properties, changes to the domain property are dynamically updated, so you need not restart the server. In addition, these changes persist, even after a restart.

    Set Up a Trusted Client List

    You can create a list of trusted clients for the Oracle CM SDK to enhance security. Oracle recommends that you change these settings in the Configuration Object and then load the server on the service using the modified configuration object so that the client list is used after a restart. (Optionally, you can modify these properties dynamically).

    1. From a Web browser, connect to the Oracle Enterprise Manager Web site running on the machine where the Oracle CM SDK domain controller is configured: 

      http://hostname:1810
    2. Enter the Oracle9iAS logon username and password to continue.

      • Enter ias_admin as the username with the appropriate password for the Oracle9iAS instance.

      The list should include the Oracle CM SDK domain: 

      IFS_hostname.companyname.com:1521:DBServiceName:CMSDKSchemaName
    3. Click on the domain name link. The General page displays, listing the Domain Controller and nodes that comprise the domain.

    4. Click on the Server Configurations link (under the Configuration heading). The Server Configurations page displays, listing 25 property bundles at a time. Scroll down until you find NfsServerConfiguration.

    5. Click on the NfsServerConfiguration object link. The Edit 'NfsServerConfiguration' page displays.

    6. Scroll down to the Properties section of the page to the IFS.SERVER.PROTOCOL.NFS.TrustedClientList and the IFS.SERVER.PROTOCOL.NFS.TrustedClientsEnabled properties. (You may need to move to the subsequent page for these properties.)

    7. Select the IFS.SERVER.PROTOCOL.NFS.TrustedClientsEnabled property by clicking the radio button next to its name and then clicking the Edit button. The Edit Property page for this property displays.

    8. Change the Value from False to True (in the drop-down selector). Click OK to save the change and redisplay the Edit 'NfsServerConfiguration' page.

    9. Select the IFS.SERVER.PROTOCOL.NFS.TrustedClientList property by clicking the radio button next to its name and then clicking the Edit button. Each entry can be specified by the following format:

      • Client address, specified by a hostname or an IP address, such as smith.oracle.com or 130.35.59.9

      • Domain suffix, specified as a string starting with a period character, for example, ".us.oracle.com".

      • Subnet, specified as an "@" character followed by an IP address, with an optional subnet bit length (/n) specifying the number of significant bits in the subnet address. Low order zero bytes of the subnet address may be omitted.

        If an entry is preceded by a hyphen, then that specific client will be denied access through the iFS NFS server.

    10. Click OK to save the change and redisplay the Edit 'NfsServerConfiguration' page.

    11. Click OK to save and exit the Server Configuration page.

    After modifying the NfsServerConfiguration object, you must navigate (while still in Oracle Enterprise Manager Web interface) to the node to load the modified configuration object:

    1. Click on the Node where the NFS protocol server (NfsServer) is running. The General page displays. The top portion of the page shows the Services, with Servers listed lower on the page.

    2. Stop the existing NfsServer server (if one is already running on the service).

    3. Unload this NfsServer.

    4. Load the modified NFS protocol server object.

    5. Start the new, modified NfsServer.

    6. Restart the NfsServer.

    See the Oracle Content Management SDK Administration Guide for additional information.

    Enable NIS Authentication

    NIS (Network Information System) is a centralized management facility that consolidates UNIX password, group, and host file information. It's essentially a distributed database of information that is easier to maintain than individual files (/etc/group, /etc/passwd, /etc/hosts) in large UNIX networks.

    1. Using a Web browser, connect to the Oracle Enterprise Manager Web site running on the machine where the Oracle CM SDK domain controller is configured: 

      http://hostname:1810
    2. Enter the Oracle9iAS logon and password to continue.

      • Enter ias_admin as the user name with the appropriate password for the Oracle9iAS instance.

      The list should include the Oracle CM SDK domain: 

      IFS_hostname.companyname.com:1521:DBServiceName:CMSDKSchemaName
    3. Click on the domain name link. The General page displays, listing the Domain Controller and nodes that comprise the domain.

    4. Click on the Server Configurations link (under the Configuration heading). The Server Configurations page displays, listing 25 property bundles at a time. Scroll down until you find NfsServerConfiguration.

    5. Click on the NfsServerConfiguration object link. The Edit 'NfsServerConfiguration' page displays.

    6. Scroll down to the Properties section of the page to the IFS.SERVER.PROTOCOL.NFS.NISEnabled and IFS.SERVER.PROTOCOL.NFS.NISServiceProvider properties.

    7. Select the IFS.SERVER.PROTOCOL.NFS.NISEnabled property by clicking the radio button next to its name and then clicking the Edit button. The Edit Property page for this property displays.

    8. Change the Value from False to True (in the drop-down selector). Click OK to save the change and redisplay the Edit 'NfsServerConfiguration' page.

    9. Select the IFS.SERVER.PROTOCOL.NFS.NISServiceProvider property by clicking the radio button next to its name and then clicking the Edit button.

      • Specify the name of the NIS server in your network that should be used to authenticate users. The format is: 

        nis://NIS_Server_Name/domain_name
    10. Click OK to save the change and redisplay the Edit 'NfsServerConfiguration' page.

    11. Click OK to save and exit the Server Configuration page.

    After modifying the NfsServerConfiguration object, you must navigate (while still in Oracle Enterprise Manager Web interface) to the node to load the modified configuration object:

    1. Click on the Node where the NFS protocol server (NfsServer) is running. The General page displays. The top portion of the page shows the Services, with Servers listed lower on the page.

    2. Stop the existing NfsServer server (if one is already running on the service).

    3. Unload this NfsServer.

    4. Load the modified NFS protocol server object.

    5. Start the new, modified NfsServer.

    6. Restart the service.

    See the Oracle Content Management SDK Administration Guide for additional information.

    Additional Post-configuration Tasks for Upgrades from 1.1.x Only

    If you upgrade a 1.1.x Oracle Internet File System instance with Oracle Text support to Oracle CM SDK, you must perform additional post-configuration tasks to repopulate and synchronize the Oracle Text index after the upgrade.

    Re-populating the Oracle Text Index After an Upgrade

    Re-populate the Oracle Text index for all existing documents in the Oracle Internet File System schema. To do this, log on to the database server through SQL*Plus as the Oracle Internet File System schema user (the database user that owns the schema, typically IFSSYS), and execute these commands and stored procedures: 

    exec ctx_output.start_log('ifsidx.log');
update odmz_context_router set contentprocedure = contentprocedure;
commit;
exec ctx_ddl.sync_index('ifs_text');
exec ctx_output.end_log;
exit

    This process can take several hours or longer, depending on the number of documents in the Oracle Internet File System schema. If you don't follow this step, the Oracle Internet File System servers will operate but you won't be able to search on the content of any documents. Monitor the file ifsidx.log located in the ORACLE_HOME\ctx\log directory for any problems during the re-indexing.

    Modifying Oracle Text Indexing Scripts After an Upgrade

    In Oracle CM SDK, a new Oracle Text index replaces the old 1.1.x Oracle Text index. The new index uses the USER_DATASTORE feature to use multiple content stores with only one Text index. The name of the Text index, IFS_TEXT, is no longer derived from internal content store objects.

    You must also change any scripts, such as DMBS_JOB procedures, to use the new index name. For Oracle Internet File System 1.1.x, the index was named GLOBALINDEXEDBLOB_I.

    See Oracle Content Management SDK Administration Guide for additional information about Oracle Text and maintaining its index.

    1 Some Oracle documentation may refer to the Oracle Enterprise Manager Web site as the "Enterprise Manager Daemon" (EMD), or the Oracle Enterprise Manager.

Go to previous page Go to next page
Oracle
Copyright © 1999, 2002 Oracle Corporation.
All Rights Reserved.
Go To Table Of Contents
Contents		 Go To Index
Index