9 Changing Infrastructure Services

This chapter provides procedures for changing the Infrastructure Services used by a middle-tier instance.

It contains the following topics:

• Overview of Procedures for Changing Infrastructure Services

• Changing the Oracle Internet Directory or Oracle HTTP Server Ports on Identity Management

• Changing Oracle Internet Directory from Dual Mode to SSL Mode

• Moving Identity Management to a New Host

• Changing the Metadata Repository Used by a Middle-Tier Instance

• Changing the Metadata Repository Used by Identity Management

9.1 Overview of Procedures for Changing Infrastructure Services

Most middle-tier instances use Infrastructure Services, such as Identity Management Services and the Metadata Repository. These services are usually assigned during installation.

After installation, you may want to change the Infrastructure Services used by a middle-tier instance. For example, you may want to use an Identity Management Service on a different host. Or, you may want to use a different Metadata Repository.

You can change Infrastructure Services using the Infrastructure page on the Application Server Control Console. Figure 9-1 shows the page for a Release 2 (10.1.2.0.2) middle-tier instance. Notice that you can use this page to change the Identity Management or the Metadata Repository used by a middle-tier instance.

Figure 9-1 Application Server Control Console Infrastructure Page

Description of "Figure 9-1 Application Server Control Console Infrastructure Page"

You must change Infrastructure Services when you change any of the following:

• The HTTP OracleAS Single Sign-On port number on an Identity Management installation

• The Oracle Internet Directory non-SSL or SSL port number

• The Oracle Internet Directory Mode (Dual-mode or SSL)

• The host on which Identity Management or the OracleAS Metadata Repository resides

If you have disabled anonymous binds in Oracle Internet Directory, you must enable them before you make configuration changes. See Section 7.5 for more information.

Note that if you change between a File-based farm and a Database-based farm, you must restart Application Server Control Console, using the emctl command, to see the change reflected in the console.

You cannot simply use the wizard to change from one Infrastructure service to another. You must first perform manual tasks to create and prepare the new Infrastructure service. This chapter describes the following supported procedures for changing Infrastructure Services:

• Changing the Oracle Internet Directory or Oracle HTTP Server Ports on Identity Management

  Use this procedure if you need to change the Oracle Internet Directory listener port or the HTTP listener port for Oracle Internet Directory on an Identity Management installation. In addition to changing the port numbers, you must update middle-tier instances with the new port information, which requires changing Infrastructure Services.

• Changing Oracle Internet Directory from Dual Mode to SSL Mode

  Use this procedure if you want to change the Oracle Internet Directory mode from non-SSL to SSL. In addition to changing the mode, you must update middle-tier instances with the new mode, which requires changing Infrastructure Services.

• Moving Identity Management to a New Host

  Use this procedure if you want to move your Identity Management installation, and its associated Metadata Repository, to a new host. After you perform the move, you must update middle-tier instances with the new host information for Identity Management, which requires changing Infrastructure Services.

• Changing the Metadata Repository Used by a Middle-Tier Instance

  Use this procedure if you want to move the Metadata Repository used for product metadata by middle-tier instances to a new host.

• Changing the Metadata Repository Used by Identity Management

  Use this procedure if you want to move the Metadata Repository used by Identity Management to a different host.

9.2 Changing the Oracle Internet Directory or Oracle HTTP Server Ports on Identity Management

To change the Oracle Internet Directory non-SSL or SSL port on an Identity Management installation, refer to Section 4.3.11.2.

To change the Oracle HTTP Server non-SSL or SSL Listen port on an Identity Management installation, which effectively changes the OracleAS Single Sign-On port, refer to Section 4.3.3.

9.3 Changing Oracle Internet Directory from Dual Mode to SSL Mode

When you install Identity Management, you are asked to choose a mode for Oracle Internet Directory. The default mode is dual mode, which allows some components to access Oracle Internet Directory using non-SSL connections. During the installation, you can choose SSL mode, which specifies that all components must use SSL when connecting to the directory.

If you did not choose SSL mode during the installation, and want to change to SSL mode after installation, follow the procedure in this section. It includes changing the mode of the Oracle Internet Directory, and updating middle-tier instances to use the new mode.

9.3.1 Procedure

To change Oracle Internet Directory to SSL mode, perform the following tasks:

• Task 1: Stop Middle-Tier Instances

• Task 2: Change the Oracle Internet Directory Mode

• Task 3: Change Middle-Tier Instances to Use SSL Mode

Task 1: Stop Middle-Tier Instances

Stop all middle-tier instances that use Oracle Internet Directory. Using the Application Server Control Console, navigate to the Home page for each middle-tier instance and click Stop All. Be sure to leave Application Server Control running.

Task 2: Change the Oracle Internet Directory Mode

Perform this task on the Infrastructure that contains Oracle Internet Directory.

1. Create a file named mod.ldif and enter the following lines in the file:

   dn:cn=configset0,cn=osdldapd,cn=subconfigsubentry
   
   changetype:modify
   
   replace:orclsslenable
   
   orclsslenable:1
   
   

2. Run the following command:

   ldapmodify -D cn=orcladmin -w orcladmin_passwd -p oid_port -v -f mod.ldif
   
   

   In the example, oid_port is the non-SSL Oracle Internet Directory port. This is listed as OIDport in ORACLE_HOME/config/ias.properties.

   Note that if you are using OracleAS Cold Failover Cluster, you must use the following command:

   ldapmodify -D cn=orcladmin -w orcladmin_passwd -h virtual_hostname
   
   -p oid_port -v -f mod.ldif
   
   

   In the example, virtual_hostname is the virtual hostname of the OracleAS Cold Failover Cluster.

3. Stop the entire instance that contains Oracle Internet Directory:

   • On UNIX systems:

     ORACLE_HOME/bin/emctl stop iasconsole
     
     ORACLE_HOME/opmn/bin/opmnctl stopall
     
     

   • On Windows systems:

     ORACLE_HOME\bin\emctl stop iasconsole
     
     ORACLE_HOME\opmn\bin\opmnctl stopall
     
     

4. Edit the following file:

   (UNIX) ORACLE_HOME/ldap/admin/ldap.ora
   
   (Windows) ORACLE_HOME\ldap\admin\ldap.ora
   
   

   1. Modify the following line to remove the non-SSL port number:

      DIRECTORY_SERVERS=(myhost.myco.com::sslport)
      
      

   2. Save and close the file.

5. If the OracleAS Metadata Repository was created using OracleAS RepCA, take the following steps:

   1. Copy the ldap.ora file from the Identity Management Oracle home to the Oracle home for the OracleAS Metadata Repository. For example, for 10g (10.1.4.0.1), the location is:

      (UNIX) ORACLE_HOME/ldap/admin
      
      (Windows) ORACLE_HOME\ldap\admin
      
      

   2. Edit the sqlnet.ora file that is located in the following location in the Oracle home for the OracleAS Metadata Repository:

      (UNIX) ORACLE_HOME/network/admin
      
      (Windows) ORACLE_HOME\network\admin
      
      

      Add LDAP to the NAMES.DIRECTORY_PATH entry, as shown in the following example:

      NAMES.DIRECTORY_PATH= (LDAP, TNSNAMES, ONAMES, HOSTNAME)
      
      

6. Edit the following file:

   (UNIX) ORACLE_HOME/config/ias.properties
   
   (Windows) ORACLE_HOME\config\ias.properties
   
   

   1. In the file, change the SSLOnly parameter as follows:

      SSLOnly=true
      
      

   2. Save and close the file.

7. Start the entire instance that contains Oracle Internet Directory:

   • On UNIX systems:

     ORACLE_HOME/opmn/bin/opmnctl startall
     
     ORACLE_HOME/bin/emctl start iasconsole
     
     

   • On Windows systems:

     ORACLE_HOME\opmn\bin\opmnctl startall
     
     ORACLE_HOME\bin\emctl start iasconsole
     

Task 3: Change Middle-Tier Instances to Use SSL Mode

In each middle-tier instance, run the Change Identity Management wizard and restart the instance:

1. Using the Application Server Control Console, navigate to the Home page for the middle-tier instance.

2. Click Infrastructure.

3. On the Infrastructure Page, in the Identity Management section, click Change.

4. On the Internet Directory page:

   • Host: Enter the fully-qualified name of the Oracle Internet Directory host.

   • Port: Enter the SSL Oracle Internet Directory port number.

   • Use only SSL connections with Internet Directory: Check this box.

   Click Next.

5. On the Login page:

   • User Name: Enter cn=orcladmin, or the distinguished name of a user in the iASAdmins group.

   • Password: Enter the password for the user.

   Click Next.

6. On the Validation page, you will receive informational messages regarding the validation of this operation. If you receive any error message, follow the instructions for investigating them. Otherwise, if the operation is valid, click Finish.

7. When the operation is finished, start the components in the middle-tier instance:

   1. Click Home to navigate to the Home page for the instance.

   2. Click Start All.

      
      

      Note: Now that you have disabled the non-SSL Oracle Internet Directory port, you must provide the "-U 1" option when using LDAP command-line utilities (such as ldapsearch, ldapmodify, and ldapaddmt) to connect to the SSL port.

      
      

9.4 Moving Identity Management to a New Host

This section provides a procedure for moving Identity Management to a new host. This procedure involves creating a replica (or copy) of the original Identity Management on a different host, along with its own new Metadata Repository, and then changing the middle-tier instance to use the new Identity Management.

9.4.1 Sample Uses for This Procedure

The following are sample uses for this procedure:

• You have an existing Identity Management and associated Metadata Repository that is used by one or more middle-tier instances. Your organization intends to replace the current Identity Management host with a new system. You can use this procedure to create a replica of the Identity Management, along with its own Metadata Repository, and change the middle-tier instances to use the new Identity Management. You can then retire the original host.

• You want to create a failover environment for your Identity Management. You can use this procedure to create a replica of the current Identity Management, along with its own Metadata Repository. You can keep the replica running so it stays synchronized with the original Identity Management. You can perform regular exports of data in the original Metadata Repository and save them. In the event that you lose the original Identity Management, you can import the data to the new Metadata Repository, and change the middle-tier instances to use the new Identity Management. Refer to Section 9.4.4, "Strategy for Performing Failover with This Procedure" for more information.

9.4.2 Assumptions and Restrictions

• For both the original and new installations, Identity Management and Metadata Repository can exist in the same Oracle home, or in separate Oracle homes (same or different host). If they are in separate Oracle homes, perform the operations on each in their own Oracle home.

• For both the original and new installations, the Identity Management components (OracleAS Single Sign-On, Oracle Internet Directory, Delegated Administration Services, Oracle Directory Integration Platform) can exist in the same Oracle home, or can exist in separate Oracle homes (same or different host). If they exist in separate Oracle homes, perform the operations on each in their own Oracle home.

• The middle-tier instances can be either Release 2 (10.1.2.0.2) or Release 3 (10.1.3).

• The Metadata Repository used by middle-tier instances for product metadata is not affected by this procedure.

  • If the middle-tier instances store product metadata in the same Metadata Repository that the original Identity Management uses, they will continue to use that Metadata Repository after you have changed them to the new Identity Management. If you want, you can change them to use a different Metadata Repository after you have finished moving Identity Management. Refer to Section 9.5.

  • If the middle-tier instances store product metadata in a separate Metadata Repository, they will continue to use that Metadata Repository after you have changed them to the new Identity Management.

• Oracle Identity Federation may or may not be associated with the Identity Management instance.

• This procedure does not take OracleAS Certificate Authority into consideration.

  
  

  See Also: Oracle Application Server Certificate Authority Administrator's Guide for information on updating OracleAS Certificate Authority when changing Identity Management services

  
  

9.4.3 Procedure

This section describes how to move an Identity Management installation to a new host.

The following presents an overview of the procedure:

1. You have an original Identity Management (also called the Master) used by one or more middle-tier instances. The Identity Management instance has a Metadata Repository. You install and set up a new Identity Management (also called the Replica). This Identity Management instance has its own Metadata Repository. The Oracle Internet Directory in the new Identity Management is an LDAP-based replica of the original Oracle Internet Directory. Replication takes place constantly from the original Oracle Internet Directory to the new Oracle Internet Directory.

   Figure 9-2 illustrates this scenario.

   Figure 9-2 Original Host (Master) and New Host (Replica)

   
   Description of "Figure 9-2 Original Host (Master) and New Host (Replica)"
   
   

   See: "Task 1: Install and Set Up the New Identity Management and Metadata Repository"

2. You migrate OracleAS Single Sign-On and Oracle Directory Integration Platform data from the original Metadata Repository (Master) to the new Metadata Repository (Replica).

   See: "Task 2: Migrate OracleAS Single Sign-On and Oracle Directory Integration Platform Data"

3. You change the middle-tier instances to use the new Identity Management.

   See: "Task 3: Change Middle-Tier Instances to the New Identity Management"

4. If your environment includes Oracle Identity Federation, change it to use the new Identity Management.

   See "Task 4: Change Oracle Identity Federation to the New Identity Management"

5. You stop the LDAP-based replication.

   See: "Task 5: Stop Replication"

Figure 9-3 illustrates the steps described.

Figure 9-3 Changing from Original to New Identity Management

Description of "Figure 9-3 Changing from Original to New Identity Management"

Task 1: Install and Set Up the New Identity Management and Metadata Repository

In this task, you install and set up the new Identity Management and its associated Metadata Repository. The new Identity Management is an LDAP-based replica of the original Identity Management.

1. Read Section H.1, "About LDAP-Based Replicas" to learn about LDAP-based replicas and how they are used for this procedure.

2. Follow the procedure in Section H.2, "Installing and Setting Up an LDAP-Based Replica" to install and set up the new Identity Management and Metadata Repository.

3. After installation, the replica is in read-only mode. To change it to read-write mode, take the following steps:

   1. Create a file named mod.ldif and enter the following lines in the file:

      dn:
      
      changetype:modify
      
      replace:orclservermode
      
      orclservermode:rw
      
      

   2. Run the following command in the replica Oracle home:

      ldapmodify -D cn=orcladmin -w replica_orcladmin_passwd -p replica_oid_port -v -f mod.ldif
      
      

      In the example, replica_oid_port is the non-SSL Oracle Internet Directory port for the replica. This is listed as OIDport in ORACLE_HOME/config/ias.properties.

Task 2: Migrate OracleAS Single Sign-On and Oracle Directory Integration Platform Data

In this task, you migrate the OracleAS Single Sign-On andOracle Directory Integration Platform data from the original Metadata Repository to the new Metadata Repository. The source for the migration is the original Metadata Repository (Master) and the target for the migration is the new Metadata Repository (Replica).

This task contains the following subtasks:

• Migrate the OracleAS Single Sign-On Data

• Migrate the Oracle Directory Integration Platform Data

  
  

  Note: Make sure the ORACLE_HOME and ORACLE_SID environment variables are set before you begin. This applies to all platforms.

  
  

Migrate the OracleAS Single Sign-On Data 

To migrate the OracleAS Single Sign-On data:

1. Obtain the ORASSO schema password on the master:

   MASTER_HOME/bin/ldapsearch -p master_oid_port -h master_host 
   
   -D "cn=orcladmin" -w master_orcladmin_passwd 
   
   -b "orclresourcename=orasso,  orclreferencename=master_global_db_name,
   
   cn=ias infrastructure databases, cn=ias, cn=products, cn=oraclecontext" 
   
   -s base "objectclass=*" orclpasswordattribute
   
   

   This command prints the ORASSO password in a line like the following:

   orclpasswordattribute=LAetjdQ5
   
   

2. Export the OracleAS Single Sign-On data from the master, ensuring that the ORACLE_HOME environment variable is set before you run this command:

   MASTER_HOME/sso/bin/ssomig -export -s orasso -p master_orasso_passwd 
   
   -c master_db_name -log_d $MASTER_HOME/sso/log
   
   

   In the example, master_orasso_passwd is the ORASSO password obtained in the previous step.

3. Copy the ssomig.dmp and ssoconf.log files from the master to the replica, preserving the exact full path for each file:

   UNIX:
   
   cp MASTER_HOME/sso/log/ssomig.dmp REPLICA_HOME/sso/log/ssomig.dmp
   
   cp MASTER_HOME/sso/log/ssoconf.log REPLICA_HOME/sso/log/ssoconf.log
   
   
   Windows:
   
   copy MASTER_HOME\sso\log\ssomig.dmp REPLICA_HOME\sso\log\ssomig.dmp
   
   copy MASTER_HOME\sso\log\ssoconf.log REPLICA_HOME\sso\log\ssoconf.log
   
   

4. Obtain the ORASSO schema password on the replica:

   REPLICA_HOME/bin/ldapsearch -p replica_oid_port -h replica_host 
   
   -D "cn=orcladmin" -w replica_orcladmin_password 
   
   -b "orclresourcename=orasso, orclreferencename=replica_global_db_name,
   
    cn=ias infrastructure databases, cn=ias, cn=products, cn=oraclecontext" 
   
   -s base "objectclass=*" orclpasswordattribute
   
   

5. Import the OracleAS Single Sign-On data to the replica:

   REPLICA_HOME/sso/bin/ssomig -import -overwrite -s orasso 
   
   -p replica_orasso_passwd -c replica_db_name 
   
   -log_d $REPLICA_HOME/sso/log -discoforce
   
   

   In the example, replica_orasso_passwd is the ORASSO password obtained in the previous step.

6. Verify that the export and import of OracleAS Single Sign-On succeeded.

   Check the following log files for errors:

   MASTER_HOME/sso/log/ssomig.log
   
   REPLICA_HOME/sso/log/ssomig.log
   

   
   

   See Also: Oracle Application Server Single Sign-On Administrator's Guide for information on interpreting messages in the log files

   
   

Migrate the Oracle Directory Integration Platform Data 

Run the Oracle Directory Integration Platform configuration assistant command to migrate the profile data and restart the Oracle Directory Integration Platform instance on the new host (the replica). For example, on UNIX, the command takes the following format:

REPLICA_HOME/bin/oidca mode=DIP

  -silent

  oidhost=replica_oid_host connstr=replica_oid_db_connect_string

  sslport=replica_oid_ssl_port

  sudn=replica_oid_user_dn

  supwd=replica_oid_user_password

  iaspwd=replica_ias_admin_password

  odspwd=oid_db_schema_password

  iasinstance=1014_iasinstance_name -ldapreadonly

  masteroidhost=master_oid_host

  masteroidport=master_oid_ssl_or_nonssl_port [-ssl]

  mastersudn=master_user_dn  

  mastersupwd=master_user_password

In the example:

• replica_oid_host is the hostname of the replica Oracle Internet Directory.

• replica_oid_db_connect_string is the short name of database connection string. For example, if the connection string is orcl.mydomain.com, the value of this parameter is orcl.

• replica_oid_ssl_port is the SSL port number of the replica Oracle Internet Directory.

• replica_oid_user_dn is the DN of the replica Oracle Internet Directory user needed to bind to the directory (for example, cn=orcladmin).

• replica_oid_user_password is the user password needed to bind to the replica directory.

• replica_iasadmin_password is the password for the ias_admin user.

• oid_db_schema_password is the password for the Oracle Internet Directory schema.

• 1014_iasinstance_name is the name for the new instance.

• master_oid_host is the hostname of the master Oracle Internet Directory.

• master_oid_ssl_or_nonssl_port is the SSL or non-SSL port number of the master Oracle Internet Directory.

• master_user_dn is the DN of the master Oracle Internet Directory user needed to bind to the directory (for example, cn=orcladmin).

• master_user_password is the user password needed to bind to the master directory.

Task 3: Change Middle-Tier Instances to the New Identity Management

In each middle-tier instance, run the Change Identity Management wizard and restart the instance.

For each Release 2 (10.1.2.0.2) middle-tier instance, take the following steps:

1. Using the Application Server Control Console, navigate to the Home page for the middle-tier instance.

2. Click Infrastructure.

3. On the Infrastructure Page, in the Identity Management section, click Change.

4. Follow the steps in the wizard for supplying the new Identity Management information.

5. When the wizard is finished, navigate to the Home page for the instance and start your instance by clicking Start All.

For each Release 3 (10.1.3) middle-tier instance, take the following steps:

1. Using the Application Server Control Console, navigate to the OC4J Home page for the middle-tier instance.

2. Click Administration.

3. In the Task Name column of the table, expand Security if it is not already expanded. Then, in the Identity Management row, click the Go to Task icon.

4. On the Identity Management page, click Change.

5. Follow the steps in the wizard for supplying the new Identity Management information. See Section 7.4.4 for more information.

6. When the operation is finished, you need to restart the OC4J instance. Do not click Restart on the Confirmation page. Instead, navigate to the Cluster Topology page, select the OC4J instance, and click Restart.

Task 4: Change Oracle Identity Federation to the New Identity Management

If Oracle Identity Federation uses the Identity Management instance, change it to use the new Identity Management, by taking the steps in "Task 8: Update Oracle Identity Federation" in Section 8.2.2.

See Also: Oracle Identity Federation Administrator's Guide

Task 5: Stop Replication

Stop the replication between the original Identity Management and the new Identity Management (Replica) by running the following command in the new Identity Management Oracle home:

oidctl connect=global_db_name server=oidrepld instance=1 flags="-p oid_port" stop

In the example, global_db_name is the global database name of the new Identity Management. (This is referred to as replica_db_name in Section H.2.)

In the example, oid_port is the non-SSL Oracle Internet Directory port in the new Identity Management.

9.4.4 Strategy for Performing Failover with This Procedure

As mentioned in Section 9.4.1, you can modify this procedure to perform failover for Identity Management. This enables you to move your middle-tier instances to the new Identity Management in case the original is lost.

To perform failover:

1. Install and set up the new Identity Management as described in "Task 1: Install and Set Up the New Identity Management and Metadata Repository".

2. Export Oracle Application Server Single Sign-On and Oracle Directory Integration Platform data on a regular basis from the original Metadata Repository. You do not need to import the data into the new Metadata Repository. You only need to export the data and copy the files to the new Metadata Repository Host. Refer to "Task 2: Migrate OracleAS Single Sign-On and Oracle Directory Integration Platform Data".

3. If you lose the original Identity Management:

   1. Stop replication. Refer to "Task 5: Stop Replication".

   2. Import your most recent copy of the Oracle Application Server Single Sign-On and Oracle Directory Integration Platform data into the new Identity Management repository. Refer to "Task 2: Migrate OracleAS Single Sign-On and Oracle Directory Integration Platform Data".

   3. Change the middle-tier instances to use the new Identity Management. Refer to "Task 3: Change Middle-Tier Instances to the New Identity Management".

9.5 Changing the Metadata Repository Used by a Middle-Tier Instance

This section provides a procedure for changing the Metadata Repository used by a Release 2 (10.1.2.0.2) middle-tier instance. This procedure involves making a copy of the original Metadata Repository on a different host, and then changing the middle-tier instance to use the new Metadata Repository.

9.5.1 Sample Uses for This Procedure

The following are sample uses for this procedure:

• You have an existing Metadata Repository that is used by one or more middle-tier instances. Your organization intends to replace the current Metadata Repository host with a new system. You can use this procedure to copy the Metadata Repository to the new host and change your middle-tier instances to use the new Metadata Repository. You can then retire the original host.

• You want to move a Metadata Repository from a host in your test environment to a host in your Production Environment. You can use this procedure to copy the Metadata Repository from the test-to-production host, and change your test middle-tier instances to use the new Metadata Repository.

9.5.2 Assumptions and Restrictions

In this scenario:

• The middle-tier instances use Identity Management.

• The Identity Management installation does not use the original Metadata Repository for its Identity Management schemas; it uses a separate Metadata Repository.

• The original Metadata Repository:

  • Is used for product metadata and DCM management only (it is not used by Identity Management)

  • Must be registered with Oracle Internet Directory

• The new Metadata Repository:

  • Must not be registered with Oracle Internet Directory initially. During the procedure, you will register it with the same Oracle Internet Directory as the original Metadata Repository.

  • Must be created with the same Oracle home, datafile location, SID, and global database name as the original Metadata Repository. You will eventually change the global database name to a unique name.

• OracleAS Certificate Authority is not supported by this procedure and must not be configured in your environment.

• If the Metadata Repository is used for OracleAS Clusters, the cluster members will not be accessible until all members of the cluster have been changed to the new Metadata Repository.

9.5.3 Overview

An overview of the procedure is as follows:

1. You have an original Metadata Repository. It is used by one or more middle-tier instances for product metadata. The middle-tier instances use Identity Management, and the Metadata Repository is registered with Oracle Internet Directory in that Identity Management.

   Figure 9-4 shows the original Metadata Repository (orcl1.myco.com).

   Figure 9-4 Original Metadata Repository

   
   Description of "Figure 9-4 Original Metadata Repository"
   
   

2. You create a copy of the original Metadata Repository by installing a new Metadata Repository, backing up the original Metadata Repository, and restoring to the new Metadata Repository.

   Figure 9-5 shows the original and new Metadata Repositories.

   Figure 9-5 Original Metadata Repository and New Metadata Repository

   
   Description of "Figure 9-5 Original Metadata Repository and New Metadata Repository"
   
   

   The following table shows sample attributes for the original and new Metadata Repositories after you installed the new Metadata Repository:

   Attribute	Original Metadata Repository	New Metadata Repository
   Oracle home	/private/oraHome	/private/oraHome
   Datafile location	/private/oraHome/oradata	/private/oraHome/oradata
   SID	orcl1	orcl1
   Global database name	orcl1.myco.com	orcl1.myco.com
   Registered with Oracle Internet Directory?	Yes	No

   
   

3. You perform the following general procedures to change to the new Metadata Repository. The tasks are shown in Figure 9-6.

   • 1: Change the global database name of the new Metadata Repository to a unique name (in this sample, orcl2.myco.com).

   • 2: Register the new Metadata Repository with the same Oracle Internet Directory as the old Metadata Repository.

   • 3: Change the middle-tier instances to use the new Metadata Repository.

   Figure 9-6 Changing from the Original to the New Metadata Repository

   
   Description of "Figure 9-6 Changing from the Original to the New Metadata Repository"
   
   

   The following table shows the sample attributes for the original Metadata Repository and the attributes for the new Metadata Repository after you perform this step.

   Attribute	Original Metadata Repository	New Metadata Repository
   Oracle home	/private/oraHome	/private/oraHome
   Datafile location	/private/oraHome/oradata	/private/oraHome/oradata
   SID	orcl1	orcl1
   Global database name	orcl1.myco.com	orcl2.myco.com
   Registered with Oracle Internet Directory?	Yes	Yes

   
   

4. If you are using the scenario where you no longer require the original Metadata Repository, you can deinstall the original Metadata Repository.

9.5.4 Procedure

To change the Metadata Repository, perform the following tasks:

• Task 1: Install the New Metadata Repository

• Task 2: Back Up the Original Metadata Repository

• Task 3: Restore the Backup to the New Metadata Repository

• Task 4: Configure Oracle Ultra Search Metadata in the New Metadata Repository

• Task 5: Change the Global Database Name for the New Metadata Repository

• Task 6: Register the New Metadata Repository with Oracle Internet Directory

• Task 7: Change Middle-Tier Instances to the New Metadata Repository

• Task 8: Update the Farm Name

Before You Begin

If your middle-tier instances use OracleAS Portal and Oracle Ultra Search, you will need to supply the WKSYS schema password later in this procedure. You should obtain this password now from the old Metadata Repository.

Note: For information on how to obtain the WKSYS password, see Section 6.3.

Task 1: Install the New Metadata Repository

Install the new Metadata Repository as follows:

1. Make sure you install the Metadata Repository into an Oracle home that has the same path as the old Metadata Repository Oracle home.

2. Use Oracle Universal Installer to install the Metadata Repository.

3. Choose to install an Infrastructure.

4. Choose to install a Metadata Repository only.

5. Do not register the Metadata Repository with Oracle Internet Directory.

6. Specify the same SID and global database name as the old Metadata Repository.

7. Specify the same datafile location as the old Metadata Repository.

Task 2: Back Up the Original Metadata Repository

In this task, you create a backup of the original Metadata Repository. This section provides the steps for creating the backup using Oracle Recovery Manager; however, if you are an experienced DBA, you can back up the Metadata Repository according to your standard practices.

Perform all of the steps in this task on the original Metadata Repository host:

1. Create directories to store backup files and log files. For example:

   mkdir -p BACKUP_DIR/log_files
   
   mkdir -p BACKUP_DIR/db_files
   
   

2. Make sure the original Metadata Repository is started.

3. Make sure you have set the ORACLE_HOME and ORACLE_SID environment variables.

4. Connect to the database as a user with SYSDBA privileges.

5. Obtain the DBID of the original Metadata Repository using SQL*Plus:

   SQL> SELECT DBID FROM v$database;
   
   

   Make note of this value; you will use it later in the procedure.

6. Create a file named BACKUP_DIR/cold_backup.rcv. Enter the following lines in the file:

   shutdown immediate;
   
   startup mount;
   
   configure controlfile autobackup on;
   
   configure controlfile autobackup format for device type disk to 'BACKUP_DIR/db_files/%F';
   
   
   run {
   
   allocate channel dev1 device type disk format
   
   'BACKUP_DIR/db_files/%U';
   
   backup database plus archivelog;
   
   release channel dev1;
   
   }
   
   

   In the file, substitute the full path for BACKUP_DIR.

7. Run Oracle Recovery Manager to back up the Metadata Repository.

   • You can run Oracle Recovery Manager on the Metadata Repository host as follows (the following is a single command; type it all on one line):

     ORACLE_HOME/bin/rman target / 
     
     cmdfile=BACKUP_DIR/cold_backup.rcv > BACKUP_DIR/log_files/backup.log
     
     

     Note that the preceding command contains a forward slash "/" character.

   • You can run Oracle Recovery Manager from another host on the network as follows (the following is a single command; type it all on one line):

     ORACLE_HOME/bin/rman target SYS/oracle@trgt
     
     cmdfile=BACKUP_DIR/cold_backup.rcv > BACKUP_DIR/log_files/backup.log
     
     

8. Copy the backup directories to the new host.

   
   

   Note: If you copy the files to a different location on the new host, you must use the CATALOG command to update the RMAN repository with the new filenames and use the CHANGE ... UNCATALOG command to uncatalog the old filenames. See Oracle Database Backup and Recovery Advanced User's Guide in the Oracle Database documentation for more information about the CATALOG command.

   
   

Task 3: Restore the Backup to the New Metadata Repository

In this task, you restore the backup to the new Metadata Repository.

Perform all of the steps in this task on the new Metadata Repository host:

1. Make sure the new Metadata Repository is shut down:

   sqlplus "SYS/sys_password as SYSDBA"
   
   SQL> SHUTDOWN IMMEDIATE;
   
   

2. Regenerate the password file:

   • On UNIX:

     mv ORACLE_HOME/dbs/orapwORACLE_SID ORACLE_HOME/dbs/orapwORACLE_SID.old
     
     
     ORACLE_HOME/bin/orapwd file=ORACLE_HOME/dbs/orapwORACLE_SID password=new_password
     
     

   • On Windows:

     move ORACLE_HOME\database\PWDORACLE_SID.ora
     
     ORACLE_HOME\database\PWDORACLE_SID.ora.old
     
     
     ORACLE_HOME\bin\orapwd file=ORACLE_HOME\database\PWDORACLE_SID.ora password=new_password
     
     

   In the examples, new_password is the new SYS password. You can use the old SYS password, or set it to a new password.

3. Start the new Metadata Repository but do not mount it:

   SQL> STARTUP NOMOUNT;
   
   

4. Create a file named BACKUP_DIR/restore.rcv that contains the following lines. In the file, substitute the full path for BACKUP_DIR and the DBID value you obtained in the previous task for dbid.

   set dbid=DBID;
   
   connect target /;
   
   set controlfile autobackup format for device type disk to 'BACKUP_DIR/db_files/%F';
   
   restore controlfile from autobackup;
   
   startup mount force;
   
   
   run {
   
   allocate channel dev1 device type disk format
   
   'BACKUP_DIR/db_files/%U';
   
   restore database;
   
   release channel dev1;
   
   alter database open resetlogs;
   
   }
   
   

5. Run Oracle Recovery Manager to restore the Metadata Repository.

   • If you are logged into the host machine for the Metadata Repository, run the following command:

     ORACLE_HOME/bin/rman cmdfile=BACKUP_DIR/restore.rcv >
     
     BACKUP_DIR/log_files/restore.log
     
     

   • If you are accessing the host machine for the Metadata Repository from another machine on the network, edit the following file:

     BACKUP_DIR/restore.rcv
     
     

     Make sure the file contains the following line:

     TARGET SYS/oracle@trgt
     
     

     Run the following command:

     ORACLE_HOME/bin/rman cmdfile=BACKUP_DIR/restore.rcv >
     
     BACKUP_DIR/log_files/restore.log
     
     

6. After you restore using Oracle Recovery Manager, determine if the TEMP tablespace has a datafile by connecting to the database as a user with SYSDBA privileges and running the following command in SQL*Plus:

   SQL> SELECT file_name FROM dba_temp_files WHERE tablespace_name LIKE 'TEMP';
   
   

   If the preceding command does not return any files, take the following steps:

   1. Check if the following file exists on your system:

      ORADATA_DIRECTORY/db_name/temp01.dbf
      
      

   2. If the file exists, enter the following command:

      SQL> ALTER TABLESPACE "TEMP" ADD TEMPFILE 'ORADATA_DIRECTORY/
      
      db_name/temp01.dbf' 
      
      SIZE 5120K REUSE AUTOEXTEND ON NEXT 8k MAXSIZE unlimited;
      
      

      If the file does not exist, enter the following command:

      SQL> ALTER TABLESPACE "TEMP" ADD TEMPFILE 'ORADATA_DIRECTORY/
      
      db_name/temp01.dbf' SIZE 5120K AUTOEXTEND ON NEXT 8k MAXSIZE unlimited;
      
      

      Note that you must type the preceding commands on one line, and db_name is the first portion of the new global database name.

Task 4: Configure Oracle Ultra Search Metadata in the New Metadata Repository

Perform this task on the new Metadata Repository:

1. Make sure the ORACLE_HOME and ORACLE_SID environment variables are set.

2. Run the following commands:

   (UNIX)    cd ORACLE_HOME/ultrasearch/admin
   
   (Windows) cd ORACLE_HOME\ultrasearch\admin
   
   
   sqlplus "SYS/sys_password as SYSDBA"
   
   SQL> @wk0config.sql WksysPw JDBC_ConnStr LAUNCH_ANYWHERE ""
   
   

   (Note the two double quotes at the end of the preceding command.)

   In the example:

   • WksysPw is the password of the WKSYS schema that you obtained at the beginning of this procedure.

   • JDBC_ConnStr is the JDBC connection string host:port:SID, for example: myhost:1521:testdb.

   • LAUNCH_ANYWHERE is TRUE if the Metadata Repository is in Real Application Clusters mode, otherwise FALSE. For this procedure, set it to FALSE.

Task 5: Change the Global Database Name for the New Metadata Repository

In this task, you change the global database name of the new Metadata Repository to a new, unique name so you can register it with Oracle Internet Directory.

Perform all of the steps in this task on the new Metadata Repository host:

1. Run the following commands to set up the database:

   sqlplus "SYS/sys_password as SYSDBA"
   
   SQL> ALTER SYSTEM SWITCH logfile;
   
   SQL> ALTER DATABASE BACKUP CONTROLFILE TO TRACE RESETLOGS;
   
   

2. Check the spfile using SQL*Plus:

   SQL> SELECT value FROM v$parameter WHERE name='spfile';
   
   

3. If the previous command returns no rows, skip this step.

   Check if the previous command returns output like the following:

   VALUE
   
   ----------------------------------
   
   ?/dbs/spfile@.ora
   
   

   If it does, run the following command to create a pfile from the spfile:

   • On Unix:

     SQL> CREATE pfile='ORACLE_HOME/dbs/initORACLE_SID.ora' FROM spfile;
     
     

   • On Windows:

     SQL> CREATE pfile='%ORACLE_HOME%\database\initORACLE_SID.ora' FROM spfile;
     
     

   In the example, ORACLE_SID is the SID of the original and new Metadata Repository.

4. Shut down the new Metadata Repository:

   SQL> SHUTDOWN IMMEDIATE;
   
   

   The database must be shut down with SHUTDOWN NORMAL or SHUTDOWN IMMEDIATE. Do not use SHUTDOWN ABORT.

5. Rename the spfile so the pfile will be used when the database instance is restarted:

   • On Unix:

     cd ORACLE_HOME/dbs
     
     mv spfileORACLE_SID.ora spfileORACLE_SID.ora.save
     
     

   • On Windows:

     cd ORACLE_HOME\database
     
     rename spfileORACLE_SID.ora spfileORACLE_SID.ora.save
     
     

6. Edit the following file:

   (UNIX) ORACLE_HOME/dbs/initORACLE_SID.ora
   
   (Windows) ORACLE_HOME\database\initORACLE_SID.ora
   
   

   Update the db_name to the new db_name (the first portion of the new global database name). For example, if the new global database name is orcl1.myco.com, the value of db_name should be orcl1. Note that this is not necessarily (nor likely) the same value as the SID on the new Metadata Repository.

   Also, update all other instances of the old db_name to the new db_name. Specifically, you should update directory paths that contain the old db_name. If the directory paths are not updated, when you run the ccf.sql script in step 16, the script will fail.

7. Rename the following directory with the new db_name:

   (UNIX)  ORADATA_DIRECTORY/db_name
   
   (Windows) ORADATA_DIRECTORY\db_name
   
   

8. Rename the control files so they do not exist later when the new ones are created:

   (UNIX)   cd ORADATA_DIRECTORY/db_name
   
   (Windows) cd ORADATA_DIRECTORY\db_name
   
   
   mv control01.ctl control01.ctl.old
   
   mv control02.ctl control02.ctl.old
   
   mv control03.ctl control03.ctl.old
   
   

9. Rename the following directory with the new db_name:

   (UNIX)   ORACLE_HOME/admin/db_name
   
   (Windows) ORACLE_HOME\..\admin\db_name
   
   

   Note that on Windows, the admin directory is in the same directory as the Oracle home.

10. Edit the following file:

    (UNIX)   ORACLE_HOME/admin/db_name/pfile/init.ora.NNNNNNNNNNNNN
    
    (Windows) ORACLE_HOME\..\admin\db_name\pfile\init.ora.NNNNNNNNNNNNN
    
    

    Note that the filename includes a random number at the end.

    Change all instances of the old db_name to the new db_name; do not update the SID. To do this, change the old db_name in all directory paths and the db_name parameter.

11. Change to the trace file directory:

    (UNIX)    cd ORACLE_HOME/admin/db_name/udump
    
    (Windows) cd ORACLE_HOME\..\admin\db_name\udump
    
    

    Note that the preceding is the default location for the trace file directory. This location can be overridden by the user_dump_dest parameter in initORACLE_SID.ora or spfileORACLE_SID.ora.

12. Locate the trace file; it has a name of the form ORACLE_SID_ora_NNNNN.trc, where NNNNN is a number. Choose the trace file with the most recent modification date.

13. Copy the contents of the trace file, starting from the line with STARTUP NOMOUNT to the end of the file, into a new file named BACKUP_DIR/ccf.sql.

    Do not copy any the following lines, if they exist:

    *** TIMESTAMP kcrr.c
    
    ARCH: Archival disabled due to shutdown: 1089
    
    

14. Edit BACKUP_DIR/ccf.sql as follows. (Example 9-1 shows an example of the ccf.sql file after performing the edits in this step.)

    1. Update the following line with the new global database name and change REUSE to SET:

       Before modification:

       CREATE CONTROLFILE REUSE DATABASE "Old_Global_DB_Name" RESETLOGS ...
       
       

       After modification:

       CREATE CONTROLFILE SET DATABASE "New_Global_DB_Name" RESETLOGS ...
       
       

    2. Remove the line that appears in one of the following two forms:

       # STANDBY LOGFILE
       
       -- STANDBY LOGFILE
       
       

    3. Comment out the following lines, if they exist, with "REM", as shown:

       REM RECOVER DATABASE USING BACKUP CONTROLFILE
       
       
       REM VARIABLE RECNO NUMBER;
       
       
       REM EXECUTE :RECNO := SYS.DBMS_BACKUP_RESTORE.SETCONFIG('CONTROLFILE
       
       AUTOBACKUP','ON');
       
       
       REM VARIABLE RECNO NUMBER;
       
       
       REM EXECUTE :RECNO := SYS.DBMS_BACKUP_
       
       RESTORE.SETCONFIG('CONTROLFILEAUTOBACKUP FORMAT FOR DEVICE TYPE','DISK TO
       
        BACKUP_DIR/db_files/%F');
       
       
       REM ALTER TABLESPACE TEMP ADD TEMPFILE
       
       'ORACLE_HOME/TEMP01.DBF' SIZE 5242880 AUTOEXTEND ON MAXSIZE 4294950912 REUSE;
       
       

    4. Change all comment symbols to REM. Depending on your platform, the comment symbol may be # or --.

    Example 9-1 Example ccf.sql File after Edits

    STARTUP NOMOUNT
    
    CREATE CONTROLFILE set DATABASE "NEW DATABASE" RESETLOGS ARCHIVELOG
    
       MAXLOGFILES 50
    
       MAXLOGMEMBERS 5
    
       MAXDATAFILES 100
    
       MAXINSTANCES 1
    
       MAXLOGHISTORY 226
    
    LOGFILE
    
     GROUP 1 '/private1/inst/oradata/orcl/redo01.log'  SIZE 50M,
    
     GROUP 2 '/private1/inst/oradata/orcl/redo02.log'  SIZE 50M,
    
     GROUP 3 '/private1/inst/oradata/orcl/redo03.log'  SIZE 50M
    
    DATAFILE
    
     '/private1/inst/oradata/orcl/system01.dbf',
    
     '/private1/inst/oradata/orcl/undotbs01.dbf',
    
     '/private1/inst/oradata/orcl/drsys01.dbf',
    
     '/private1/inst/oradata/orcl/dcm.dbf',
    
     '/private1/inst/oradata/orcl/portal.dbf',
    
     '/private1/inst/oradata/orcl/ptldoc.dbf',
    
     '/private1/inst/oradata/orcl/ptlidx.dbf',
    
     '/private1/inst/oradata/orcl/ptllog.dbf',
    
     '/private1/inst/oradata/orcl/oca.dbf',
    
     '/private1/inst/oradata/orcl/discopltc1.dbf',
    
     '/private1/inst/oradata/orcl/discopltm1.dbf',
    
     '/private1/inst/oradata/orcl/oss_sys01.dbf',
    
     '/private1/inst/oradata/orcl/wcrsys01.dbf',
    
     '/private1/inst/oradata/orcl/uddisys01.dbf',
    
     '/private1/inst/oradata/orcl/ip_dt.dbf',
    
     '/private1/inst/oradata/orcl/ip_rt.dbf',
    
     '/private1/inst/oradata/orcl/ip_idx.dbf',
    
     '/private1/inst/oradata/orcl/ip_lob.dbf',
    
     '/private1/inst/oradata/orcl/attrs1_oid.dbf',
    
     '/private1/inst/oradata/orcl/battrs1_oid.dbf',
    
     '/private1/inst/oradata/orcl/gcats1_oid.dbf',
    
     '/private1/inst/oradata/orcl/gdefault1_oid.dbf',
    
     '/private1/inst/oradata/orcl/svrmg1_oid.dbf',
    
     '/private1/inst/oradata/orcl/ias_meta01.dbf'
    
    CHARACTER SET WE8MSWIN1252
    
    ;
    
    REM Configure RMAN configuration record 1
    
    REM VARIABLE RECNO NUMBER;
    
    REM EXECUTE :RECNO := SYS.DBMS_BACKUP_RESTORE.SETCONFIG('CONTROLFILE
    
    AUTOBACKUP','ON');
    
    REM Configure RMAN configuration record 2
    
    REM VARIABLE RECNO NUMBER;
    
    REM EXECUTE :RECNO := SYS.DBMS_BACKUP_RESTORE.SETCONFIG('CONTROLFILE AUTOBACKUP
    
    FORMAT FOR DEVICE TYPE','DISK TO /private1/inst/backup_dir/db_files/%F');
    
    REM Recovery is required if any of the datafiles are restored backups,
    
    REM or if the last shutdown was not normal or immediate.
    
    REM RECOVER DATABASE USING BACKUP CONTROLFILE
    
    REM Database can now be opened zeroing the online logs.
    
    ALTER DATABASE OPEN RESETLOGS;
    
    REM No tempfile entries found to add.
    
    

15. Edit the following script:

    BACKUP_DIR/ccf.sql
    
    

    Replace the old global database name with the new global database name throughout the script.

16. Run the ccf.sql script:

    SQL> @BACKUP_DIR/ccf.sql
    
    

17. Change the global database name in the database, specifying the New_Global_DB_Name:

    SQL> ALTER DATABASE RENAME global_name TO New_Global_DB_Name;
    
    

18. Determine if the TEMP tablespace has a datafile by connecting to the database as a user with SYSDBA privileges and running the following command in SQL*Plus:

    SQL> SELECT file_name FROM dba_temp_files WHERE tablespace_name LIKE 'TEMP';
    
    

    If the preceding command does not return any files, take the following steps:

    1. Check if the following file exists on your system:

       ORADATA_DIRECTORY/db_name/temp01.dbf
       
       

    2. If the file exists, enter the following command:

       SQL> ALTER TABLESPACE "TEMP" ADD TEMPFILE 'ORADATA_DIRECTORY/
       
       db_name/temp01.dbf' 
       
       SIZE 5120K REUSE AUTOEXTEND ON NEXT 8k MAXSIZE unlimited;
       
       

       If the file does not exist, enter the following command:

       SQL> ALTER TABLESPACE "TEMP" ADD TEMPFILE 'ORADATA_DIRECTORY/
       
       db_name/temp01.dbf' SIZE 5120K AUTOEXTEND ON NEXT 8k MAXSIZE unlimited;
       
       

       Note that you must type the preceding commands on one line, and db_name is the first portion of the new global database name.

19. Update the service name and the global database name to the new global database name in the following file:

    (UNIX) ORACLE_HOME/network/admin/tnsnames.ora
    
    (Windows) ORACLE_HOME\network\admin\tnsnames.ora
    
    

    Note that you should not change the SID.

20. Edit the following file:

    (UNIX) ORACLE_HOME/config/ias.properties
    
    (Windows) ORACLE_HOME\config\ias.properties
    
    

    Change the InfrastructureDBCommonName parameter to the new global database name.

Task 6: Register the New Metadata Repository with Oracle Internet Directory

In this task, you register the new Metadata Repository with the same Oracle Internet Directory used by the original Metadata Repository. To do this, you run Oracle Application Server Repository Creation Assistant (OracleAS RepCA), a wizard that guides you through the registration.

Note: OracleAS RepCA is available on the "OracleAS RepCA" CD-ROM.

1. Using SQL*Plus, log in to the new Metadata Repository as SYS with SYSDBA privileges.

   1. Run the following SQL commands:

      SQL> EXECUTE dbms_ias_version.set_component_loading(component_id=>'MRC',
      
      component_name=>'Oracle Application Server Metadata Repository Version',
      
      schema_name=>'SYS');
      
      
      SQL> EXECUTE dbms_ias_version.set_component_valid(component_id=>'MRC');
      
      

   2. Verify that the following command returns the following value:

      SQL> SELECT comp_name, version, status FROM app_registry WHERE comp_id='MRC';
      
      
      COMP_NAME                                               VERSION     STATUS
      
      -----------------------------------------------------   ---------   -------
      
      Oracle Application Server Metadata Repository Version-R  10.1.4.0.1  VALID
      
      

2. Register the new Metadata Repository with Oracle Internet Directory:

   
   

   See Also: Oracle Application Server Metadata Repository Creation Assistant User's Guide for more information on how to perform the following steps

   
   

   1. Install OracleAS RepCA into its own Oracle home on the host where the new Metadata Repository resides. In the Select a Product to Install screen, choose Oracle Application Server Repository Creation Assistant.

   2. Run OracleAS RepCA as follows:

      (UNIX)  ORACLE_HOME_RepCA/runRepca
      
      (Windows) ORACLE_HOME_RepCA\runRepca.bat
      
      

      The wizard guides you through the process.

   3. When the process is finished, an ldap.ora file is created in the OracleAS RepCA Oracle home. Copy this file to the new Metadata Repository Oracle home.

      Copy the file from:

      (UNIX)  ORACLE_HOME_RepCA/network/admin/ldap.ora
      
      (Windows) ORACLE_HOME_RepCA\network\admin\ldap.ora
      
      

      To:

      (UNIX)  ORACLE_HOME_NEW_METADATA_REPOSITORY/network/admin/ldap.ora
      
      (Windows) ORACLE_HOME_NEW_METADATA_REPOSITORY\network\admin\ldap.ora
      

Task 7: Change Middle-Tier Instances to the New Metadata Repository

On each middle-tier instance you want to change to the new Metadata Repository, run the Change Metadata Repository wizard and restart the instance. For example, for a 10.1.2 middle tier:

1. Using the Application Server Control Console, navigate to the Home page for the middle-tier instance.

2. Make sure all components except Management are down. If not, click Stop All to stop them. Note that this will not stop Management.

3. Click Infrastructure.

4. On the Infrastructure Page, in the Metadata Repository section, click Change.

5. Follow the steps in the wizard for supplying the new Metadata Repository information.

6. When the wizard is finished, navigate to the Home page for the instance and start your instance by clicking Start All.

Task 8: Update the Farm Name

Run the following command in the Oracle home of one of the middle-tier instances that you changed to use the new Metadata Repository in the previous task:

(UNIX)  ORACLE_HOME/dcm/bin/dcmctl resetFarmName new_farm_name

(Windows) ORACLE_HOME\dcm\bin\dcmctl resetFarmName new_farm_name

In the example, new_farm_name is the global database name of the new Metadata Repository.

Note: You only need to run the command in one middle-tier instance. The command updates all other instances.

9.6 Changing the Metadata Repository Used by Identity Management

This section provides a procedure for changing the Metadata Repository used by Identity Management. This procedure applies if the Metadata Repository is also used by a Release 2 (10.1.2.0.2) middle-tier instance that is connected to the Identity Management instance.

The procedure involves making a copy of the original Metadata Repository on a different host, and then changing the Identity Management and middle-tier components to use the new Metadata Repository.

9.6.1 Sample Uses for This Procedure

The following are sample uses for this procedure:

• You have an Identity Management installation using a Metadata Repository, and a middle-tier instance connected to the Identity Management instance may be using the same Metadata Repository. You want to move the Metadata Repository to a different host so you can retire the original Metadata Repository.

• Your current Metadata Repository host is overloaded and you want to move the Metadata Repository to a host that can handle a heavier load.

9.6.2 Assumptions and Restrictions

In this scenario:

• The Identity Management installation can reside in one Oracle home, or its components can be distributed across several Oracle homes.

• A middle-tier instance that is connected to Identity Management can use the same Metadata Repository.

• The new Metadata Repository:

  • Must reside on a different host than the original Metadata Repository. That host must use the same operating system platform as the original.

  • Must use the same Oracle home, datafile location, SID, and global database name as the original Metadata Repository.

  • Can use a different database listener port than the original.

9.6.3 Procedure

To change the Metadata Repository, perform the following tasks:

• Task 1: Install the New Metadata Repository

• Task 2: Shut Down Your Environment

• Task 3: Back Up the Original Metadata Repository

• Task 4: Restore the Backup to the New Metadata Repository

• Task 5: Configure Oracle Ultra Search Metadata in the New Metadata Repository

• Task 6: Update Oracle Internet Directory

• Task 7: Shut Down the Original Metadata Repository

• Task 8: Start Oracle Internet Directory Using Special Commands

• Task 9: Update the Oracle Internet Directory Database Registration

• Task 10: Stop Oracle Internet Directory Using Special Commands

• Task 11: Start Your Environment

• Task 12: Update OracleAS Certificate Authority

Before You Begin

If your middle-tier instances use OracleAS Portal and Oracle Ultra Search, you will need to supply the WKSYS schema password later in this procedure. You should obtain this password now from the old Metadata Repository.

Note: For information on how to obtain the WKSYS password, see Section 6.3.

Task 1: Install the New Metadata Repository

Install the new Metadata Repository on a different host, as follows:

1. Make sure you install the Metadata Repository into an Oracle home that has the same path as the old Metadata Repository Oracle home.

2. Use Oracle Universal Installer to install the Metadata Repository.

3. Choose to install an Infrastructure.

4. Choose to install a Metadata Repository only.

5. Do not register the Metadata Repository with Oracle Internet Directory.

6. Specify the same SID and global database name as the old Metadata Repository.

7. Specify the same datafile location as the old Metadata Repository.

Task 2: Shut Down Your Environment

Shut down your environment:

1. Shut down all middle-tier instances that use this instance of Identity Management.

   ORACLE_HOME/opmn/bin/opmnctl stopall
   
   ORACLE_HOME\opmn\bin\opmnctl stopall
   
   

2. Run the following command in the Identity Management Oracle home:

   ORACLE_HOME/opmn/bin/opmnctl stopall
   
   ORACLE_HOME\opmn\bin\opmnctl stopall
   
   

   If the Identity Management installation is distributed across several Oracle homes, also run the command in the Oracle Internet Directory Oracle home.

3. If you use OracleAS Certificate Authority, stop it as follows:

   (UNIX)  ORACLE_HOME/oca/bin/ocactl stop
   
   (Windows)  ORACLE_HOME\oca\bin\ocactl stop
   

Task 3: Back Up the Original Metadata Repository

In this task, you create a backup of the original Metadata Repository. This section provides the steps for doing this using Oracle Recovery Manager; however, if you are an experienced DBA, you can back up the Metadata Repository according to your standard practices.

Perform all of the steps in this task on the original Metadata Repository host:

1. Create directories to store backup files and log files. For example:

   mkdir -p BACKUP_DIR/log_files
   
   mkdir -p BACKUP_DIR/db_files
   
   

2. Make sure the original Metadata Repository is started.

3. Make sure you have set the ORACLE_HOME and ORACLE_SID environment variables before you run the SQL*Plus command.

4. Obtain the DBID of the original Metadata Repository using SQL*Plus:

   sqlplus "SYS/sys_password as SYSDBA"
   
   SQL> SELECT DBID FROM v$database;
   
   

   Make note of this value; you will use it later in the procedure.

5. Create a file named BACKUP_DIR/cold_backup.rcv. Enter the following lines in the file:

   shutdown immediate;
   
   startup mount;
   
   configure controlfile autobackup on;
   
   configure controlfile autobackup format for device type disk to
   
   'BACKUP_DIR/db_files/%F';
   
   
   run {
   
   allocate channel dev1 device type disk format
   
   'BACKUP_DIR/db_files/%U';
   
   backup database plus archivelog;
   
   release channel dev1;
   
   }
   
   

   In the file, substitute the full path for BACKUP_DIR.

6. Run Oracle Recovery Manager to back up the Metadata Repository.

   • You can run Oracle Recovery Manager on the Metadata Repository host as follows (the following is a single command; type it all on one line):

     ORACLE_HOME/bin/rman target / 
     
     cmdfile=BACKUP_DIR/cold_backup.rcv > BACKUP_DIR/log_files/backup.log
     
     

     Note that the preceding command contains a forward slash "/" character.

   • You can run Oracle Recovery Manager from another host on the network as follows (the following is a single command; type it all on one line):

     ORACLE_HOME/bin/rman target SYS/oracle@trgt
     
     cmdfile=BACKUP_DIR/cold_backup.rcv > BACKUP_DIR/log_files/backup.log
     
     

7. Copy the backup directories to the new host.

   
   

   Note: If you copy the files to a different location on the new host, you must use the CATALOG command to update the RMAN repository with the new filenames and use the CHANGE ... UNCATALOG command to uncatalog the old filenames. See Oracle Database Backup and Recovery Advanced User's Guide in the Oracle Database documentation for more information about the CATALOG command.

   
   

Task 4: Restore the Backup to the New Metadata Repository

In this task, you restore the backup to the new Metadata Repository.

Perform all of the steps in this task on the new Metadata Repository host:

1. Make sure the new Metadata Repository is shut down:

   sqlplus "SYS/sys_password as SYSDBA"
   
   SQL> SHUTDOWN IMMEDIATE;
   
   

2. Regenerate the password file:

   • On UNIX:

     mv ORACLE_HOME/dbs/orapwORACLE_SID ORACLE_HOME/dbs/orapwORACLE_SID.old
     
     ORACLE_HOME/bin/orapwd file=ORACLE_HOME/dbs/orapwORACLE_SID password=new_password
     
     

   • On Windows:

     mv ORACLE_HOME\database\PWDORACLE_SID.ora ORACLE_HOME\database\PWDORACLE_SID.ora.old
     
     ORACLE_HOME\bin\orapwd file=ORACLE_HOME\database\PWDORACLE_SID.ora password=new_password
     
     

   In the example, new_password is the new SYS password. You can use the old SYS password, or set it to a new password.

3. Start the new Metadata Repository, but do not mount it:

   SQL> STARTUP NOMOUNT;
   
   

4. Create a file named BACKUP_DIR/restore.rcv that contains the following lines. In the file, substitute the full path for BACKUP_DIR and the DBID obtained in the previous task.

   set dbid=DBID;
   
   connect target /;
   
   set controlfile autobackup format for device type disk to
   
    'BACKUP_DIR/db_files/%F';
   
   restore controlfile from autobackup;
   
   startup mount force;
   
   
   run {
   
   allocate channel dev1 device type disk format
   
   'BACKUP_DIR/db_files/%U';
   
   restore database;
   
   release channel dev1;
   
   alter database open resetlogs;
   
   }
   
   

5. Run Oracle Recovery Manager to restore the Metadata Repository:

   ORACLE_HOME/bin/rman cmdfile=BACKUP_DIR/restore.rcv > 
   
   BACKUP_DIR/log_files/restore.log
   
   

6. After you restore using Oracle Recovery Manager, determine if the TEMP tablespace has a datafile by connecting to the database as a user with SYSDBA privileges and running the following command in SQL*Plus:

   SQL> SELECT file_name FROM dba_temp_files WHERE tablespace_name LIKE 'TEMP';
   
   

   If the preceding command does not return any files, take the following steps:

   1. Check if the following file exists on your system:

      ORADATA_DIRECTORY/db_name/temp01.dbf
      
      

   2. If the file exists, enter the following command:

      SQL> ALTER TABLESPACE "TEMP" ADD TEMPFILE 'ORADATA_DIRECTORY/
      
      db_name/temp01.dbf' 
      
      SIZE 5120K REUSE AUTOEXTEND ON NEXT 8k MAXSIZE unlimited;
      
      

      If the file does not exist, enter the following command:

      SQL> ALTER TABLESPACE "TEMP" ADD TEMPFILE 'ORADATA_DIRECTORY/
      
      db_name/temp01.dbf' SIZE 5120K AUTOEXTEND ON NEXT 8k MAXSIZE unlimited;
      
      

      Note that you must type the preceding commands on one line, and db_name is the first portion of the new global database name.

Task 5: Configure Oracle Ultra Search Metadata in the New Metadata Repository

If a middle-tier instance uses this Metadata Repository, perform this task on the new Metadata Repository:

1. Make sure the ORACLE_HOME and ORACLE_SID environment variables are set.

2. Run the following commands:

   (UNIX)  cd ORACLE_HOME/ultrasearch/admin
   
   (Windows) cd ORACLE_HOME\ultrasearch\admin
   
   
   sqlplus "SYS/sys_password as SYSDBA"
   
   SQL> @wk0config.sql WksysPw JDBC_ConnStr LAUNCH_ANYWHERE ""
   
   

   (Note the two double quotes at the end of the preceding command.)

   In the example:

   • WksysPw is the password of the WKSYS schema that you obtained at the beginning of this procedure.

   • JDBC_ConnStr is the JDBC connection string host:port:SID, for example: myhost:1521:testdb.

   • LAUNCH_ANYWHERE is TRUE if the Metadata Repository is in Real Application Clusters mode, otherwise FALSE. For this procedure, set it to FALSE.

Task 6: Update Oracle Internet Directory

In the Oracle Internet Directory home, update the following file with the new Metadata Repository hostname (and, optionally, the new port number):

(UNIX) ORACLE_HOME/network/admin/tnsnames.ora

(Windows) ORACLE_HOME\network\admin\tnsnames.ora

After you modify the file, use the tnsping command to make sure you can reach the new Metadata Repository:

(UNIX)  ORACLE_HOME/bin/tnsping net_service_name

(Windows) ORACLE_HOME\bin\tnsping net_service_name

For example, on UNIX:

ORACLE_HOME/bin/tnsping orcl

Task 7: Shut Down the Original Metadata Repository

Shut down the original Metadata Repository using your usual procedure.

Task 8: Start Oracle Internet Directory Using Special Commands

Start Oracle Internet Directory by taking the following steps (do not use opmnctl):

1. Change directory to the Oracle Internet Directory home.

2. Set the ORACLE_SID environment variable to the new Metadata Repository SID (the default is orcl).

3. Start the Oracle Internet Directory monitor:

   (UNIX) ORACLE_HOME/bin/oidmon connect=connectstring start
   
   (Windows) ORACLE_HOME\bin\oidmon connect=connectstring start
   
   

   For example, on Windows:

   OraHome1_AS\bin\oidmon connect=orcl start
   

Task 9: Update the Oracle Internet Directory Database Registration

Update Oracle Internet Directory with the new Metadata Repository hostname and, optionally, new port number:

1. Start Oracle Directory Manager:

   • On UNIX, use the following command:

     ORACLE_HOME/bin/oidadmin
     
     

   • On Windows, navigate to Oracle Directory Manager (Start, Programs, Oracle Application Server Infrastructure - Oracle_Home, Integrated Management Tools, Oracle Directory Manager.)

2. Log in to Oracle Directory Manager.

3. In the System Objects frame:

   1. Expand Entry Management.

   2. Expand cn=Oracle Context.

   3. Select the DBName for the OracleAS Metadata Repository. For example, if the DBName is the default, orcl, select cn=ORCL.

4. On the Properties tab, update the HOST parameter in the orclnetdescstring field with the new hostname. Update the PORT parameter if you have changed the port number.

5. Click Apply.

Task 10: Stop Oracle Internet Directory Using Special Commands

Stop Oracle Internet Directory by taking the following steps (do not use opmnctl):

1. Change directory to the Oracle Internet Directory Oracle home.

2. Set the ORACLE_SID environment variable to the new Metadata Repository SID (the default is orcl).

3. Stop the Oracle Internet Directory monitor:

   (UNIX) ORACLE_HOME/bin/oidmon connect=connectstring stop
   
   (Windows) ORACLE_HOME\bin\oidmon connect=connectstring stop
   
   

   For example, on Windows:

   OraHome1_AS\bin\oidmon connect=orcl stop
   

Task 11: Start Your Environment

Start your environment as follows:

1. Start the Identity Management installation by running the following command in the Identity Management Oracle home:

   ORACLE_HOME/opmn/bin/opmnctl startall
   
   ORACLE_HOME\opmn\bin\opmnctl startall
   
   

   If the Identity Management installation is distributed across several Oracle homes, run the command in the Oracle Internet Directory home.

2. Start all middle-tier instances that use Identity Management by running the following command in the middle tier Oracle home:

   ORACLE_HOME/opmn/bin/opmnctl startall
   
   ORACLE_HOME\opmn\bin\opmnctl startall
   

Task 12: Update OracleAS Certificate Authority

If you use OracleAS Certificate Authority, update it as follows:

1. Associate it with the new Metadata Repository:

   (UNIX)  ORACLE_HOME/oca/bin/ocactl updateconnection
   
   (Windows) ORACLE_HOME\oca\bin\ocactl updateconnection
   
   

2. Start OracleAS Certificate Authority:

   (UNIX) ORACLE_HOME/oca/bin/ocactl start
   
   (Windows) ORACLE_HOME\oca\bin\ocactl start