| Oracle® Fusion Middleware System Requirements and Specifications for Oracle Identity and Access Management 11g Release 2 (11.1.2) E38978-03 |
|
 Previous |
| Oracle® Fusion Middleware System Requirements and Specifications for Oracle Identity and Access Management 11g Release 2 (11.1.2) E38978-03 |
|
Previous |
System Requirements and Specifications for Oracle Identity and Access Management
11g Release 2 (11.1.2)
E38978-03
June 2017
This document contains system and platform-specific information for Oracle Fusion Middleware Identity and Access Management 11g Release 2 (11.1.2.x).
The following topics are covered in this document:
Section 1, "Using This Document with the Certification Matrix and Product Installation Guides"
Section 10, "Repository Creation Utility (RCU) Requirements"
This document is intended for use in conjunction with the various Oracle Identity and Access Management product installation guides and the Oracle Fusion Middleware 11g Release 2 Certifications.
Consider the following pre-installation workflow:
The corresponding System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.x) certification matrices should be used to determine the proper combination of the following items that should be used for your product installation:
Systems
Clients
LDAP
Mobile
Web Server
OAM Webgates and ASDK
OES Admin Server and SM
ESSO Strong Authentication Support
ESSO HLLAPI Emulator Support
IPv6
Oracle has tested and verified the performance of your product on all certified systems and environments; whenever new certifications occur, they are added to the proper certification document right away.
Use the following links to find the certification matrix for the version of Oracle Identity and Access Management 11g Release 2 (11.1.2.x) you are using:
New certifications can occur at any time. The most recent certification documents are available on Oracle Technology Network, under the Oracle Fusion Middleware 11g Release 2 Certifications section, at the following URL: http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-certification-100350.html
The Oracle Fusion Middleware System Requirements and Specifications for Oracle Identity and Access Management (this document) should be used to verify that the requirements of the certification are met.
For example, if the certification document indicates that your product is certified for installation on 64-Bit Oracle Linux 5, this document should be used to verify that your Oracle Linux 5 system has met the required minimum specifications, like disk space, available memory, specific platform packages and patches, and other operating system-specific items.
This document is updated as needed and therefore also resides outside of the documentation libraries and is available on Oracle Technology Network.
Refer to the Appendix P for information on the required patches before installing on the Operating system.
After you have verified that your environment meets the requirements specified in both the certification documents and system requirements, you are ready to begin your installation.
Your product installation guides contain the step-by-step instructions to get your product physically installed and configured on your system. These guides are available only from the documentation library (http://docs.oracle.com/) and therefore are not updated unless there is a subsequent product release. Both the certification and system requirement documents can be updated multiple times in between product releases, depending on whether or not new information is available.
The certification information for Oracle Fusion Middleware 11g Release 2 (11.1.2) identifies SPARC processors as part of a supported configuration. However, Oracle also recommends that you run Oracle Fusion Middleware products only on supported Solaris operating system releases, and those supported Solaris operating systems support specific versions of the SPARC processors.
Regardless of the operating system, Oracle recommends at least a SPARC T4 or T5 processor, which is also a requirement of the certified Solaris operating system releases.
This section contains the minimum memory and disk space requirements for Oracle Fusion Middleware products. The following topics are covered:
Section 3.1, "Minimum Memory Requirements for Oracle Identity and Access Management"
Section 3.2, "Using a Formula to Determine Memory Requirements for a Specific Deployment"
Section 3.4, "Considering the Impact of Open File and Process Limits on Memory Requirements"
Section 3.6, "Additional Memory Tuning Considerations for Oracle Identity Manager"
Unless otherwise noted, Table 1 lists the general minimum memory requirements for installing Oracle Identity and Access Management products. These minimum requirements are based on the general formula and examples shown in Section 3.2 and Section 3.3.
|
Notes: For the purposes of this document, memory requirements fall into two categories: physical memory (the amount of physical RAM installed on host) and the minimum available memory, which includes swap space in addition to the physical memory.The memory requirements listed here are minimum requirements; the actual required memory will vary, depending upon the number of Managed Servers and the number of Oracle Fusion Middleware products you configure in the domains on each host. For more information, and some examples of determining memory requirements see Section 3.2 and Section 3.3. If you plan to install and configure a database instance on the same server, you should add at least an additional 2 GB of physical and 2 GB of available memory. For more information about memory requirements for the database, see the documentation for your database software. |
Oracle Fusion Middleware installations vary widely in terms of how the Oracle WebLogic Server domains that support them are configured. For example, in some highly available production environments, you might have several Managed Servers running on a each host.
To estimate the amount of required memory required to run Oracle Identity and Access Management in a particular deployment configuration, consider the amount of memory required by the operating system and other software, and then add a set amount of memory that will be required for each Java Virtual Machine (JVM) that you plan to configure on the host. Each Managed Server configured in a domain represents a single JVM instance.
In general, you can use the following formula as a general guideline to predict the minimum available memory requirements for Oracle Identity and Access Management:
4 GB of available memory for the operating system and other software
+ 4 GB of available memory for each Managed Server (or Administration Server)
---------------------------------------------------------------------------------
Total required available memory
It is important to note that this is a general guideline and the actual memory required for the operating system or a specific Managed Server can vary widely, depending on the resources and services targeted to the host or to the Managed Server.
The following components were added in 11g Release 2 (11.1.2.3):
Oracle Mobile Security Suite
Oracle Mobile Security Access Server
Oracle Business Intelligence (BI)
Oracle Adaptive Access Manager (OAAM)
Oracle Privileged Account Manager
If you install any combination of the components listed above, your memory requirements will be larger than the default Oracle Identity and Access Management installation.
In a production environment, Oracle recommends as a best practice that you target products and services to specific Managed Servers and clusters, based on the resources required by the products and services.
For example, in a typical deployment of Oracle Identity Manager there are at least two clusters. Oracle Identity Manager is targeted to one cluster and Oracle SOA Suite is targeted to the second cluster. This results in a domain with multiple Managed Servers on each host. As you add additional managed clusters, the memory requirements increase.
For example, suppose you are deploying an environment similar to the one shown in "Only Oracle Identity Manager in an HA Environment" in the Oracle Fusion Middleware Deployment Guide for Oracle Identity and Access Management. In this topology, OIMHOST1 is hosting an Administration Server and two Managed Servers. To estimate the suggested memory requirements, you could use the following formula:
4 GB for the operating system and other software 4 GB for the Administration Server + 8 GB for the two Managed Servers (OIM Server and SOA Server) ---------------------------------------------------------------- 16 GB
For another example, suppose you installed and configured the split domain, consolidated topology for both Oracle Access Manager and Oracle Identity Manager, as described in "Deployment Topology" in the Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity and Access Management. In this split domain topology, IAMHOST1 contains two Administration Servers (one for each domain) and the additional Managed Server for Oracle Access Manager.
The formula for determining the minimum amount of memory for IAMHOST1 would be as follows:
4 GB for the operating system and other software
4 GB for the Governence (OIM) Domain Administration Server
4 GB for the Access (OAM) Domain Administration Server
+ 12 GB for the three Managed Servers (OIM Server, SOA Server, and OAM Server)
--------------------------------------------------------------------------------
24 GB
When determining the memory requirements for a production environment, you should also take into account other operating system settings, including the number of file descriptors (open files) allowed per process and the number of processes required for each product or service that is targeted to a Managed Server.
For information about the recommended minimum open file and process limits for Oracle Fusion Middleware, see Section 6.1.2, "Checking and Changing the Open File Limit".
This section summarizes the hardware requirements for an enterprise deployment of Oracle Identity and Access Management. For additional information, see the Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity and Access Management.
You can deploy either a distributed or a consolidated topology. The consolidated topology uses a small number of powerful servers, which makes the deployment simpler. It is, however, not mandatory to use such powerful servers. The distributed topology uses a larger number of smaller servers.
Hardware requirements for a distributed topology are shown below in Table 2.
Hardware requirements for a consolidated topology are shown below in Table 3.
These are the typical hardware requirements. For each tier, carefully consider the load, throughput, response time and other requirements to plan the actual capacity required. The number of nodes, CPUs, and memory required can vary for each tier based on the deployment profile. Production requirements may vary depending on applications and the number of users.
Table 2 Typical Hardware Requirements for a Distributed Topology
| Server | Processor | Disk | Memory | TMP Directory | Swap |
|---|---|---|---|---|---|
|
Database Host IAMDBHOSTn |
4 or more X Pentium 1.5 GHz or greater |
nXm n=Number of disks, at least 4 (striped as one disk). m=Size of the disk (minimum of 30 GB) |
6 - 16 GB |
Default |
Default |
|
WEBHOSTn |
2 or more X Pentium 1.5 GHz or greater |
10 GB |
4 GB |
Default |
Default |
|
OAMHOSTn OIMHOSTn |
6 or more X Pentium 1.5 GHz or greater |
10 GB |
8 GB |
Default |
Default |
|
LDAPHOSTn |
2 or more X Pentium 1.5 GHz or greater |
10 GB |
4 GB |
Default |
Default |
Table 3 Typical Hardware Requirements for a Consolidated Topology
| Server | Processor | Disk | Memory | TMP Directory | Swap |
|---|---|---|---|---|---|
|
Database Host IAMDBHOSTn |
4 or more X Pentium 1.5 GHz or greater |
nXm n=Number of disks, at least 4 (striped as one disk). m=Size of the disk (minimum of 30 GB) |
6 - 16 GB |
Default |
Default |
|
WEBHOSTn |
2 or more X Pentium 1.5 GHz or greater |
10 GB |
4 GB |
Default |
Default |
|
IAMHOSTn |
6 or more X Pentium 1.5 GHz or greater |
30 GB |
25 GB |
Default |
Default |
In addition to the memory and disk space guidelines described in this document, consider the following additional resources for memory and performance tuning Oracle Identity Manager when it is installed as part of an overall Oracle Identity Management environment:
"Tuning JVM Memory Settings for Oracle Identity Manager" in the Oracle Fusion Middleware Performance and Tuning Guide
Most Oracle Identity and Access Management 11g Release 2 (11.1.2.x) installations require 64-bit JDK 7 (1.7.x), which can be downloaded at the following URL: http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html
However, you should verify the minimum JDK requirement for your specific Oracle product with the appropriate System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 matrix. Do the following:
Use the following links to find the certification matrix for the version of Oracle Identity and Access Management 11g Release 2 (11.1.2.x) you are using:
These documents can also be found on the Oracle Fusion Middleware Supported System Configurations page.
Use the menu on the spreadsheet's landing page to find the Current System Certifications page.
Use the Server Certification table to find the minimum compatible JDK vendor/version for the desired product. A plus sign '+' in the version number indicates that this and its subsequent versions are supported.
Oracle Identity and Access Management 11g Release 2 (11.1.2.x) is certified on 64-bit operating systems only. Make sure that your JDK is a 64-bit JDK.
JDK 7 Considerations
If you use JDK 7 to install Oracle WebLogic Server 11gR1, see "Using WebLogic Server with JDK 7" in the Oracle WebLogic Server Installation Guide in the 11g Release 1 (11.1.1) documentation library.
Oracle WebLogic Server Includes JDK 6
Some Oracle Identity and Access Management 11g Release 2 products can be installed with a 64-bit JDK 6 (1.6.x), which is included with an Oracle WebLogic Server 11gR1 (10.3.5) and 11gR1 (10.3.6) installation.
Oracle WebLogic Server is a prerequisite for installing Oracle Identity and Access Management and can be obtained from the following URL:
http://www.oracle.com/technetwork/middleware/weblogic/downloads/
Typically, the computer on which you want to install Oracle Fusion Middleware is connected to the network. The computer has local storage to store the Oracle Fusion Middleware installation and also contains a display monitor and DVD drive.
If your environment is not a typical scenario, you should read the "Oracle Fusion Middleware Network Requirements" section in the 11g Release 1 (11.1.1) System Requirements and Specification document:
http://docs.oracle.com/html/E18558_01/fusion_requirements.htm
This section contains system requirement information for UNIX operating systems.
In some cases, a particular platform may be de-supported for use with Oracle Fusion Middleware products. While this particular platform's requirements may remain in this document for legacy purposes, it would no longer be listed in the certification document and would no longer be considered a "certified" platform.
The System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.x) is located on the Oracle Fusion Middleware Supported System Configurations page, as described in Section 1, "Using This Document with the Certification Matrix and Product Installation Guides".
All packages listed are minimum versions.
The following topics are covered in this section:
Section 6.2, "Supported Linux Operating System Versions, Packages, and Patches"
Section 6.3, "Supported Solaris Operating System Versions, Packages, and Patches"
Section 6.4, "Supported HP-UX Operating System Versions, Packages, and Patches"
Section 6.5, "Supported IBM AIX Operating System Versions, Packages, and Patches"
This section contains the following topics:
The kernel parameter and shell limit values shown in this section are recommended values only. For production systems, Oracle recommends that you tune these values to optimize the performance of the system. See your operating system documentation for more information about tuning kernel parameters.
Kernel parameters must be set to a minimum of those below on all nodes in the topology.
If you are deploying a database onto the host, you might need to modify additional kernel parameters. Refer to the 11g Release 2 Oracle Grid Infrastructure Installation Guide for your platform.
Table 4 UNIX Kernel Parameters
| Parameter | Value |
|---|---|
|
|
256 32000 100 142 |
|
|
10737418240 or higher |
To set these parameters:
Log in as root and add or amend the entries in the /etc/sysctl.conf file.
Save the file.
Activate the changes by issuing the following command:
/sbin/sysctl -p
On all UNIX and Linux operating systems, verify the values that are currently set for Open File Limit. The minimum Open File Limit should be at 4096, but you should also consider the number of processes required for each host.
The following examples are for Linux operating systems. Equivalent commands should be followed for other UNIX operating systems.
To verify how many files are open, use the following command:
/usr/sbin/lsof | wc -l
To check your open file limits, use the following comands:
For C-shell:
limit descriptors
For Bash:
ulimit -n
To change the open file limits:
Log in as the root user.
Locate and open the following operating system configuration file:
/etc/security/limits.conf
Look for or modify the following lines in the limits.conf file:
* soft nofile 4096 * hard nofile 65536 * soft nproc 2047 * hard nproc 16384
Save your changes and close the limits.conf file.
If you are running Oracle Enterprise Linux 6 or Red Hat Linux 6, locate the following operating system configuration file:
/etc/security/limits.d/90-nproc.conf
Make sure the same values are added to the 90-nproc.conf file; otherwise, the values in the 90-nproc.conf file can override the values in the limits.conf file.
Reboot the machine.
On UNIX operating systems, the installation of Fusion Middleware products is owned and controlled as a known user (for example, "oracle"). The file permissions associated with this installation are configured to ensure the highest level of security possible, which by default are 700 (meaning all files are owned and accessible by the owner only).
Changing the default permissions settings will reduce the security of the installation and possibly your system. Therefore, making such a change is not recommended. If access to particular files or executables is required by other users, the UNIX sudo command (or other similar command) should be considered in lieu of changing file permissions.
Refer to your UNIX operating system Administrator's Guide or contact your operating system vendor if you need further assistance.
Table 5 lists the platform, operating system, package, and patch information for Linux operating systems that are either currently supported or were supported in a previous release.
|
Note: When installing Oracle Fusion Middleware on 64-bit Oracle Enterprise Linux 6 machines, 32-bit versions of some packages are required in order to run the Repository Creation Utility (RCU).For more information, see Section 10.1.1, "Running RCU on 64-Bit Platforms". |
In addition, you should also review the following Linux-specific issues to see if they are applicable to your environment:
Section 6.2.2, "Obtaining the openmotif22 Package on SUSE 10 and SUSE 11 Operating Systems"
Section 6.2.4, "Installing Oracle HTTP Server on Linux Operating Systems Requires NPTL"
Table 5 Supported Linux Operating Systems
| Platform | Operating System Version | Required Packages | Required Operating System Kernel |
|---|---|---|---|
|
x86-64 |
Oracle Linux 7 (UL0+) Red Hat Linux 7 (UL0+) |
binutils-2.23.52.0.1 compat-libcap1-1.10 compat-libstdc++-33-3.2.3 for x86_64 gcc-4.8.2 gcc-c++-4.8.2 glibc-2.17 for x86_64 glibc-devel-2.17 for x86_64 libaio-0.3.109 for x86_64 libaio-devel-0.3.109 for x86_64 libgcc-4.8.2 for x86_64 libstdc++-4.8.2 for x86_64 libstdc++-devel-4.8.2 for x86_64 ksh make-3.82 ocfs2-tools-1.2.7 sysstat-10.1.5 redhat-lsb-4.1-27.0.1.el7 for x86_64 redhat-lsb-core-4.1-27.0.1.el7 for x86_64 |
How to Obtain the Required Kernel Version for Linux Operating Systems |
|
Linux x86-64 |
Oracle Enterprise Linux 6 (UL1+) Red Hat Linux 6 (UL1+) |
binutils-2.20.51.0.2-5.28.el6 compat-libcap1-1.10-1 compat-libstdc++-33-3.2.3-69.el6 for x86_64 compat-libstdc++-33-3.2.3-69.el6 for i686 gcc-4.4.4-13.el6 gcc-c++-4.4.4-13.el6 glibc-2.12-1.7.el6 for x86_64 glibc-2.12-1.7.el6 for i686 glibc-devel-2.12-1.7.el6 for i686 libaio-0.3.107-10.el6 libaio-devel-0.3.107-10.el6 libgcc-4.4.4-13.el6 libstdc++-4.4.4-13.el6 for x86_64 libstdc++-4.4.4-13.el6 for i686 libstdc++-devel-4.4.4-13.el6 libXext for i686 libXtst for i686 libXext for x86_64 libXtst for x86_64 openmotif-2.2.3 for x86_64 openmotif22-2.2.3 for x86_64 sysstat-9.0.4-11.el6 xorg-x11-utils* xorg-x11-apps* xorg-x11-xinit* xorg-x11-server-Xorg* xterm redhat-lsb-core-4.0-3.el6 for x86_64 redhat-lsb-4.0-3.el6 for x86_64 |
How to Obtain the Required Kernel Version for Linux Operating Systems |
|
Linux x86-64 |
Oracle Linux 5 (UL3+) Red Hat Linux 5 (UL3+) |
binutils-2.17.50.0.6 compat-libstdc++-33-3.2.3 for x86-64 compat-libstdc++-33-3.2.3 for i386 elfutils-libelf-0.125 elfutils-libelf-devel-0.125 gcc-4.1.1 gcc-c++-4.1.1 glibc-2.5-12 for x86_64 glibc-2.5-12 for i686 glibc-common-2.5 glibc-devel-2.5 for x86-64 glibc-devel-2.5-12 for i386 libaio-0.3.106 for x86_64 libaio-0.3.106 for i386 libaio-devel-0.3.106 libgcc-4.1.1 for x86_64 libgcc-4.1.1 for i386 libstdc++-4.1.1 for x86_64 libstdc++-4.1.1 for i386 libstdc++-devel-4.1.1 make-3.81 openmotif-2.2.3 for x86_64 openmotif22-2.2.3 for x86_64 redhat-lsb-3.1-12.3.EL.0.2 sysstat-7.0.0 xorg-x11-utils* redhat-lsb for x86-64 |
Kernel 2.6.18 |
|
Linux x86-64 |
SUSE 12 SP1+ |
binutils-2.19-11.28 gcc 4.8-6.189 gcc-c++ 4.8-6.189 glibc 2.19-17.72 glibc-devel 2.19-17.72 mksh 50-2.13 libaio1 0.3.109-17.15 libaio-devel 0.3.109-17.15 libcap2 2.22-11.709 libstdc++6 4.8.3+r212056-6.3 libstdc++48-devel 4.8.3+r212056-6.3 libgcc_s1 4.8.3+r212056-6.3 libstdc++48-devel-32bit 4.8.3+r212056-6.3 libgcc_s1-32bit 4.8.3+r212056-6.3 libstdc++6-32bit 4.8.3+r212056-6.3 make 4.0-2.107 xorg-x11-libs 7.6-45.14 sysstat-10.2.1-3.1.x86_64 |
Kernel 3.12.28-4-default |
|
Linux x86-64 |
SUSE 11 (all SP levels included) |
binutils-2.19-11.28 gcc-4.3-62.198 gcc-c++-4.3-62.198 gcc-32bit-4.3 glibc-2.9-13.2 glibc-32bit-2.9-13.2 glibc-devel-2.9 glibc-devel-32bit-2.9-13.2 ksh-93t libaio-0.3.104-140.22 libaio-devel-0.3.104-140.22 libaio-32bit-0.3.104 libaio-devel-32bit-0.3.104 libgcc43-4.3.3_20081022 libstdc++43-4.3.3_20081022-11.18 libstdc++43-devel-4.3.3_20081022-11.18 libstdc++33-3.3.3 libstdc++33-32bit-3.3.3 libstdc++43-32bit-4.3.3_20081022 libstdc++43-devel-32bit-4.3.3_20081022 libstdc++-devel-4.3 make-3.81 openmotif-2.3.1-3.13 openmotif-devel-32bit-2.3.1-3.13 openmotif22-libs-32bit-2.2.4-138.17 openmotif-libs-2.3.1-3.13 openmotif-devel-2.3.1-3.13 openmotif-libs-32bit-2.3.1-3.13 openmotif21-libs-32bit-2.1.30MLI4-143.2 openmotif22-libs-2.2.4-138.17 sysstat-8.1.5-7.8 |
Kernel 2.6.27.19-5-default |
|
Linux x86-64 |
SUSE 10 (SP3+) |
binutils-2.16.91.0.5 libstdc++33 gcc-4.1.2 gcc-c++-4.1.2 glibc-2.4-31 glibc-devel-2.4-31 ksh-93r-12.9 libaio-0.3.104 libaio-devel-0.3.104 libelf-0.8.5 libgcc-4.1.2 libstdc++-4.1.2 libstdc++-devel-4.1.2 make-3.80 sysstat-8.0.4 |
Kernel 2.6.16.21 |
* Not required for a silent install. Required for a GUI install.
To identify the required Kernel version for each supported version of Oracle Linux, refer to the following resources:
For Oracle Linux 6 (UL5+) and Oracle Linux 7 (UL0+) Containers, refer to Table 1 on "Supported Virtualization and Partitioning Technologies for Oracle Fusion Middleware" on the Oracle Technology Network.
The openmotif22 package is not included by default on SUSE 10 and SUSE 11 operating systems. If you need to obtain this package, you must go to the Novell website to obtain the package and then perform the installation using the instructions provided by Novell.
Install the patch mentioned below before you install the Oracle Identity and Access Management products.
Apply patch 22757185 to handle this problem.
Use the following procedure to use the patch:
Download patch 22757185 from My Oracle Support.
Unzip the patch archive, using the following command:
unzip -d PATCH_DIR p22757185_11.1.1.9.0_generic.zip
In this example, replace PATCH_DIR with the name of a local directory. This is typically a top-level directory used for storing patches you have downloaded from My Oracle Support.
Change directory to the following directory where you unpacked the software archive:
cd unpacked_IDM_directory/Disk1
Locate and run the following command:
On Linux installer (runInstaller):
./runInstaller PREREQ_CONFIG_LOCATION=PATCH_DIR/prereq
In this example, replace PATCH_DIR with the path to the local directory where you unzipped patch 22757185 in Step 3.
If you are installing Oracle HTTP Server on a Linux operating system, the operating system needs to set Native POSIX Threads Library (NPTL) as the default threads-implementation. To check for this, run the following command:
getconf GNU_LIBPTHREAD_VERSION
The expected results should be "NPTL 2.3.4". Failing to have NPTL can result in unexpected behavior for the Oracle HTTP Server, especially if the Multi-Processing Module (MPM) is the Worker MPM.
Before installing Oracle Identity and Access Management 11g Release 2 (11.1.2.2) on Red Hat Linux 6 (UL1+) (RHEL6), apply Patch 18231786. If you do not install this patch before installation, you may encounter an error during package validation.
Before installing Oracle Mobile Security Access Server, ensure that you have installed the operating system-supported package compat-libtermcap-2.0.8* for Linux x86_64.
Table 6 lists the platform, operating system, package, and patch information for Solaris operating systems that are either currently supported or were supported in a previous release.
|
Note: The SRU 11.3.3.6.0 or later (mandatory patch) is required for the Solaris 11 Update 3 on SPARC or x86-64. |
In addition, you should also review the following Solaris-specific issue to see if it is applicable to your environment:
Section 6.3.1, "Applying Solaris Patches in Non-Global Zones"
Section 6.3.2, "Checking for the SUNWxcu4 Package to Avoid Erroneous Disk Space Errors"
Table 6 Supported Solaris Operating Systems
| Platform | Operating System Version | Required Packages | Required Operating System Patches |
|---|---|---|---|
|
SPARC64 |
Solaris 10 (Update 4+) |
SUNWarc SUNWbtool SUNWhea SUNWlibC SUNWlibm SUNWlibms SUNWsprot SUNWtoo SUNWi1of SUNWi1cs SUNWi15cs SUNWxwfnt SUNWxcu4 |
127111-02 137111-04 |
|
Solaris 11 Solaris 11 Update 2+ Solaris 11.3 (SRU 11.3.3.6.0 or higher) |
SUNWlibC developer/assembler SUNWxcu4 |
||
|
x86-64 |
Solaris 10 (Update 6+) |
SUNWarc SUNWbtool SUNWhea SUNWlibC SUNWlibm SUNWlibms SUNWsprot SUNWtoo SUNWi1of SUNWi1cs SUNWi15cs SUNWxwfnt SUNWxcu4 |
127111-02 137111-04 |
|
Solaris 11 Solaris 11 Update 2+ Solaris 11.3 (SRU 11.3.3.6.0 or higher) |
SUNWlibC developer/assembler SUNWxcu4 |
On Solaris operating systems, the prerequisite patches that are applied in the global zone can be considered applied in the non-global zones. There is only one kernel running on the system, and all zones must be at the same patch level with respect to the kernel and other Solaris system components. Kernel patches can only be applied from the global zone, and they affect the global and all non-global zones equally.
To check if a kernel patch is applied in the global zone, use the following command:
showrev -p | grep patch_number
For example, to check if patch 137111-04 is applied:
showrev -p | grep 137111
On Solaris operating systems, the SUNWcxu4 package is required before you can install Oracle Identity and Access Management successfully. The SUNWcxu4 package is installed on most Solaris systems by default, but there are situations where the package is not installed automatically.
If the SUNWcxu4 package is not found, it can result in the following error, when you attempt to start the Oracle Identity and Access Management installer:
ERROR: Extracting 0%.......................................................................................100% Insufficient disk space! The installer requires: 190MB for the MW_HOME_LOCATION 450MB for the product at PRODUCT_LOCATION and 1139MB temporary work space at TMP_LOCATION.There is only 1MB available at MW_HOME_LOCATION.
To check for the availability of this package on your Solaris system:
$ pkginfo -l SUNWxcu4
Table 7 lists the platform, operating system, package, and patch information for Solaris operating systems that are either currently supported or were supported in a previous release.
Table 7 Supported HP-UX Operating Systems
| Platform | Operating System Version | Required Packages | Required Operating System Patches |
|---|---|---|---|
|
Itanium |
11i (11.31) B.11.31.0803.318a Base Quality Pack Bundle for HP-UX 11i v3, March 2008+ |
B3394BA (version 2.1.0) |
PHKL_36248 PHKL_36249 PHSS_37202 PHSS_37501 PHCO_38050 PHSS_38139 |
Table 8 lists the platform, operating system, package, and patch information for Solaris operating systems that are either currently supported or were supported in a previous release.
Table 8 Supported IBM AIX Operating Systems
| Platform | Operating System Version | Required Packages | Required Operating System Patches |
|---|---|---|---|
|
AIX |
6.1 (TL2+) |
bos.adt.base bos.adt.lib bos.adt.libm bos.perf.libperfstat bos.perf.perfstat bos.perf.proctools rsct.basic.rte rsct.compat.clients.rte xlC.aix50.rte (version 9.0.0.0) xlC.rte (version 9.0.0.0) |
|
|
7.1 (TL0+) |
bos.adt.base bos.adt.lib bos.adt.libm bos.perf.libperfstat bos.perf.perfstat bos.perf.proctools rsct.basic.rte rsct.compat.clients.rte xlC.aix61.rte (version 10.1.0.0) xlC.rte (version 10.1.0.0) |
||
|
7200-00 |
bos.adt.base 7.2.0.0 bos.adt.lib 7.2.0.0 bos.adt.libm 7.2.0.0 bos.perf.libperfstat 7.2.0.0 bos.perf.perfstat 7.2.0.0 bos.perf.proctools 7.2.0.0 rsct.basic.rte 3.2.1.0 rsct.compat.clients.rte 3.2.1.0 xlC.aix61.rte 13.1.2.0 xlC.rte 13.1.2.0 |
Install the patch mentioned below before you install the Oracle Identity and Access Management products.
Apply patch 22757185 to handle this problem.
Use the following procedure to use the patch:
Download patch 22757185 from My Oracle Support.
Unzip the patch archive, using the following command:
unzip -d PATCH_DIR p22757185_11.1.1.9.0_generic.zip
In this example, replace PATCH_DIR with the name of a local directory. This is typically a top-level directory used for storing patches you have downloaded from My Oracle Support.
Change directory to the following directory where you unpacked the software archive:
cd unpacked_IDM_directory/Disk1
Locate and run the following command:
./runInstaller PREREQ_CONFIG_LOCATION=PATCH_DIR/prereq
In this example, replace PATCH_DIR with the path to the local directory where you unzipped patch 22757185 in Step 3.
This section contains the following:
Refer to the System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.x) document for the latest information on certified Windows operating systems.
Install the patch mentioned below before you install the Oracle Identity and Access Management products on Windows 10.
The operating system prerequisite check might fail while installing the Oracle Identity and Access Management Products on Windows 10.
Apply patch 22757185 to handle this problem.
Use the following procedure to use the patch:
Download patch 22757185 from My Oracle Support.
Unzip the patch archive, using the following command:
unzip -d PATCH_DIR p22757185_11.1.1.9.0_generic.zip
In this example, replace PATCH_DIR with the name of a local directory. This is typically a top-level directory used for storing patches you have downloaded from My Oracle Support.
Change directory to the following directory where you unpacked the software archive:
cd unpacked_IDM_directory/Disk1
Locate and run the following command:
setup.exe PREREQ_CONFIG_LOCATION=<Full path to PATCH_DIR>\prereq
In this example, replace PATCH_DIR with the path to the local directory where you unzipped patch 22757185 in Step 3.
If you encounter issues related to anti-virus software during your Fusion Middleware product installation, disable your anti-virus software for the entire duration of the installation. If the system is restarted before the installation is complete, ensure the anti-virus software was not restarted before continuing with the installation.
Anti-virus software can be re-enabled when the installation is complete.
On Microsoft Windows operating systems, you must enable User Account Control (UAC) so that the correct permissions are applied to the cwallet.sso file.
To enable UAC:
Run secpol.msc from the command prompt.
Select Security Settings > Local Policies > Security Options.
Set the User Account Control:Run all Administrator in Admin Approval Mode option to enabled.
Restart the host.
Restart the servers.
Install the Weblogic 10.3.6 patch mentioned below before you configure the domain of Oracle Identity and Access Management Products on Windows 10.
The domain creation might fail while configuring the Oracle Identity and Access Management Products on Windows 10.
Apply Generic Patch 22138883 to WLS 10.3.6.0 release to handle this problem.
Download Patch 22138883 from My Oracle Support. Select Release WLS 10.3.6.
Refer to the patch README instructions to apply the patch.
This section contains prerequisite information for the Oracle Universal Installer (OUI). The requirements in this section must be met in order for the installer to start:
The environment variables on your system must be set as described in Table 9:
Table 9 Oracle Universal Installer Environment Variable Requirements
| Variable | Description |
|---|---|
|
|
Applies to: all configuration tools for all products on all platforms. This variable is automatically set by the configuration tool to the Oracle home from where the configuration tool is started. This is true even if the |
|
|
Applies to: all installers for products with system components only on all platforms. If you are installing on a Windows operating system, see "Resolving PATH and Directory Issues on Windows" in the Oracle Fusion Middleware Release Notes for Microsoft Windows x64 document for important additional information. This variable is automatically set by the installer and prepended with NOTE: make sure this variable does not contain a reference to any other Oracle home directory. |
|
|
Applies to: all installers for products with system components only on HP-UX and HP-IA operating systems. This variable is automatically set by the installer and prepended with |
|
|
Applies to: all installers for products with system components only on AIX operating systems. This variable is automatically set by the installer and prepended with |
|
|
Applies to: all installers for products with system components only on Linux and Solaris operating systems. This variable is automatically set by the installer and prepended with NOTE: make sure this variable does not contain a reference to any other Oracle home directory. |
|
|
Applies to: all installers for all products on all platforms. If you are installing with a graphical user interface (GUI), this variable must be set to the monitor where you want the installer GUI to appear. Refer to your operating system documentation for specific instructions on how to do this, as procedures vary depending on your exact operating system. |
|
|
Applies to: all installers for all products on all platforms. Optional variable. If not set, then the default value is |
The items in Table 10 are checked as the installer is being started:
Table 10 Oracle Universal Installer Startup Requirements
| Category | Accepted or Minimum Values |
|---|---|
|
Platforms |
For a complete list of supported platforms, refer to System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.x). |
|
CPU Speed |
At least 300MHz |
|
Temp Space |
At least 270MB |
|
Swap Space |
At least 500MB |
|
Monitor |
At least 256 colors |
If you are running Oracle Universal Installer on a Linux x86-64 operating system, you must modify the value of the SHMMAX kernel parameter to avoid seeing errors generated by the Oracle Universal Installer. To do so:
Change the value of SHMMAX to 4294967295 by including the following line in /etc/sysctl.conf:
kernel.shmmax = 4294967295
Activate the new SHMMAX setting by running the command:
/sbin/sysctl -p
Start the Oracle Universal Installer and install your software.
Refer to the System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.x) document for the latest information on certified databases.
This section contains the following topics:
Section 9.1, "Using Oracle Database 11g (11.1.0.7) with Oracle Identity Manager"
Section 9.2, "Using Oracle Database 11g (11.2.0.1) with OID and Oracle Data Vault"
Section 9.3, "Using Oracle Database 12c with Oracle Identity Management"
If you are using Oracle Database 11g (11.1.0.7) with Oracle Identity Management 11g, there are certain database patches that must be applied.
See "Patch Requirements for Oracle Database 11g (11.1.0.7)" in the "Oracle Identity Manager" chapter of the Oracle Fusion Middleware Release Notes for Linux x86 or Oracle Fusion Middleware Identity Management Release Notes. Patches for all operating systems (Linux, 32-bit Windows and 64-bit Windows) are identified.
If you are using Oracle Database 11g (11.2.0.1) and you choose to configure Oracle Internet Directory (OID) with Oracle Data Vault:
Apply patch 8897382 (see the README file in the patch for instructions).
In the ORACLE_HOME/ldap/datasecurity/dbv_oid_command_rules.sql (on UNIX operating systems) or ORACLE_HOME\ldap\datasecurity\dbv_oid_command_rules.sql (on Windows operating systems) file, find the following code:
/declare . begin . dvsys.dbms_macadm.CREATE_COMMAND_RULE( command => 'CONNECT' ,rule_set_name => 'OID App Access' ,object_owner => 'ODS' ,object_name => '%' ,enabled => 'Y'); . commit; . end;/
Change the following line:
,object_owner => 'ODS'
to:
,object_owner => '%'
The following packages must be installed as SYS user on Oracle databases prior to creating Oracle Identity Management schemas:
DBMS_SHARED_POOL
XAVIEWS
To create the XAVIEW database object explicitly, run xaview.sql from $ORACLE_HOME/rdbms/admin as SYS user for the connected database (regular or PDB).
For more information, see the following:
For more information on XAVIEWS, see "Using JDBC XA Drivers with WebLogic Server" in Oracle Fusion Middleware Programming JTA for Oracle WebLogic Server.
For more information on DBMS_SHARED_POOL, see "DBMS_SHARED_POOL" in Oracle Database PL/SQL Packages and Types Reference.
This section contains the following topics:
This section contains the following:
RCU for Oracle Identity and Access Management 11g Release 2 (11.1.2.x) can be run on any 64-bit x86 Linux and 64-bit Microsoft Windows operating system that runs Oracle Fusion Middleware.
However, on 64-bit Linux operating systems, you must run the following command before starting RCU:
set linux32 bash
In addition, on Oracle Enterprise Linux 6, 64bit, you must ensure that 32-bit versions of the following packages are installed each 64-bit Linux machine. Without these 32-bit packages, RCU will fail. Some installations of the Oracle Enterprise Linux operating system include only the 64-bit versions of these files:
glibc.i686 libXext.i686 libXtst.i686 libaio.i686
If these requirements are met, then you can run RCU from a supported machine and connect to any certified local or remote database to create the schemas required by Oracle Identity and Access Management. The database can be running on any operating system platform that is supported by that particular database
This section contains information pertaining to running RCU and creating schemas on Oracle databases. The following topics are covered:
Section 10.2.2, "Setting the parallel_max_servers Parameter for the ODS Schema"
Section 10.2.3, "Component-Specific Requirements for Oracle Databases"
RCU checks for the following on Oracle databases:
Database version is equal to or higher than 10.2.0.4.0 in 10g or equal to or higher than 11.1.0.7.0 in 11g.
Database is installed with Oracle JVM enabled. Refer to your database documentation for information about how to do this.
Database user has SYSDBA role.
If you are creating schemas on an Oracle database, you must have SYSDBA privileges. For example, you can use the default database user SYS with SYSDBA privileges, or you must use a database user that has been granted the role of SYSDBA.
If you using a user other than SYS with SYSDBA privileges, you must grant the user permissions as follows:
GRANT execute on sys.dbms_lock to user_name with grant option
For example, if you have created and are using the user named system, you would use the following command to grant the necessary privileges to system:
GRANT execute on sys.dbms_lock to system with grant option
Refer to your Oracle database documentation for more information about database users and roles.
Character set is AL32UTF8.
If your database does not use the AL32UTF8 character set, you will see the following warning when running RCU:
The database you are connecting is with non-AL32UTF8 character set. Oraclestrongly recommends using AL32UTF8 as the database character set.
You can ignore this warning and continue using RCU.
The SGA_MAX_SIZE is greater than or equal to 147456KB.
The DB_BLOCK_SIZE is greater than or equal to 8KB
For the Oracle Internet Directory (ODS) schema, set parallel_max_servers=1. This setting should be used for 11gR2 Oracle RAC systems with more than 32 CPUs.
After Oracle Internet Directory is up and running, you should set the parallel_max_servers parameter to a higher value. For more information, see "PARALLEL_MAX_SERVERS" in the Oracle Database VLDB and Partitioning Guide.
Table 11 lists all of the related Oracle Identity and Access Management schemas for Oracle databases, along with any component-specific prerequisite information that must be met for RCU to be able to create the schema. Refer to the Oracle Database Administrator's Guide to find instructions on how to modify database parameters.
Some of the AS Common Schemas and SOA and BPM Infrastructure Schemas are required for certain Identity Management products so they are included in this table. The schema dependencies can be found in the Oracle Fusion Middleware Repository Creation Utility User's Guide.
When the tablespaces are created, RCU will automatically create them with the necessary tablespace sizes.
The "Oracle EBR?" column indicates whether or not the schema is also supported on Oracle Databases with Edition-Based Redefinition (EBR).
All requirements listed are the minimum requirements; please read them carefully as some components within the same product have different requirements. For example, if you are performing a full Oracle Identity Management installation including Oracle Identity Manager, then the open_cursors parameter must be set to 800. However, if you are installing Oracle Identity Management without Oracle Identity Manager, then open_cursors can be set to 500, which is required for Oracle Internet Directory.
Table 11 RCU Component-Specific Requirements for Oracle Databases
| Component | Schema Owner | Requirement | Oracle EBR? |
|---|---|---|---|
|
AS Common Schemas |
|||
|
Metadata Services |
|
None. |
Yes |
|
Audit Services |
|
None. |
Yes |
|
Audit Services for OES |
|
None. |
Yes |
|
Enterprise Scheduler Services |
|
None. |
Yes |
|
Oracle Platform Security Services |
|
None. |
Yes |
|
Identity Management Schemas |
|||
|
Oracle Internet Directory |
|
|
No |
|
Oracle Identity Federation |
|
None. |
Yes |
|
Oracle Identity Manager |
|
|
Yes |
|
Oracle Access Manager |
|
None. |
Yes |
|
Oracle Adaptive Access Manager |
|
Oracle Database must be Enterprise Edition. |
Yes |
|
Oracle Adaptive Access Manager (Partition Support) |
|
Oracle Database must be Enterprise Edition. |
Yes |
|
Authorization Policy Manager |
|
None. |
Yes |
|
SOA and BPM Infrastructure Schemas |
|||
|
Oracle BAM |
|
None. |
No |
|
SOA Infrastructure |
|
|
Yes |
|
User Messaging Server (ORASDPM) |
|
None. |
Yes |
For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.
Access to Oracle Support
Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.
Oracle Fusion Middleware System Requirements and Specifications for Oracle Identity and Access Management 11g Release 2 (11.1.2)
E38978-03
Copyright © 2013, 2017, Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable:
U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.
This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.
This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle.
