Oracle® Application Server Upgrade and Compatibility Guide 10g (10.1.4.0.1) for Microsoft Windows Part Number B28235-01 |
|
|
View PDF |
This chapter describes considerations, restrictions, and recommended procedures for upgrading an Oracle Application Server environment that has been configured for high availability.
This chapter contains the following sections:
Summary of High Availability Upgrade Options, Restrictions, and Prerequisites
Transforming a Distributed 10g (9.0.4) Rack-Mounted Identity Management Environment
Upgrading an OracleAS Cluster (Identity Management) 10g Release 2 (10.1.2) Colocated Configuration
Upgrading an OracleAS Cluster (Identity Management) 10g Release 2 (10.1.2) Distributed Configuration
Oracle Application Server 10g (9.0.4) introduced high availability configurations that you could install as part of the Oracle Application Server installation procedure. These configurations were also available as part of 10g Release 2 (10.1.2.0.0), 10g Release 2 (10.1.2.1.0), and 10g Release 2 (10.1.2.0.2).
Table B-1 shows the upgrade paths supported for the high availability configurations.
Table B-1 Summary of the High Availability Upgrade Options
Existing Configuration | Upgrade Path | More Information |
---|---|---|
10g (9.0.4) and 10g Release 2 (10.1.2) Oracle Application Server Cold Failover Clusters |
Upgrade to Oracle Application Server Cold Failover Clusters for 10g (10.1.4.0.1). |
Section B.2, "Upgrading an OracleAS Cold Failover Cluster Infrastructure" |
10g (9.0.4) Rack-Mounted Identity Management |
Transform the environment into a 10g (10.1.4.0.1) OracleAS Cluster (Identity Management) environment. |
Section B.3, "Transforming 10g (9.0.4) Rack-Mounted Identity Management" |
10g (9.0.4) Distributed Rack-Mounted Identity Management |
Transform the environment into a 10g (10.1.4.0.1) OracleAS Cluster (Identity Management) environment. |
Section B.4, "Transforming a Distributed 10g (9.0.4) Rack-Mounted Identity Management Environment" |
10g Release 2 (10.1.2) colocated OracleAS Cluster (Identity Management) |
Upgrade the cluster to OracleAS Cluster (Identity Management) 10g (10.1.4.0.1) |
|
10g Release 2 (10.1.2) Distributed OracleAS Cluster (Identity Management) |
Upgrade the distributed Oracle homes to OracleAS Cluster (Identity Management) 10g (10.1.4.0.1) |
|
Upgrade the production site and the standby site separately. |
"Oracle Application Server Disaster Recovery" in the Oracle Application Server High Availability Guide |
The procedures provided in this chapter assume that you used the Oracle Application Server 10g (9.0.4) or 10g Release 2 (10.1.2) installation guide (depending upon the upgrade options you select) to install and configure your high availability configuration and that you have met all of the prerequisites described in the 10g (9.0.4) or 10g Release 2 (10.1.2) installation guide.
For example, the procedure for upgrading your Oracle Application Server Cold Failover Clusters assumes that you have already installed and configured Microsoft Cluster Server (MSCS) and that you have obtained a virtual address to associate with the cluster. A virtual address consists of a virtual hostname and an IP address. Clients access the OracleAS Cold Failover Cluster using the virtual hostname. The virtual address is in addition to each node's own hostname and IP address.
These procedures also assume you are using the seed database that was installed automatically with the 10g (9.0.4) or 10g Release 2 (10.1.2) installation procedure or with the OracleAS RepCA.
See Also: The Oracle Application Server 10g (9.0.4) installation guide for your platform, which is available as part of the platform-specific documentation library on the Oracle Technology Network:http://www.oracle.com/technology/documentation/appserver10g.html The Oracle Application Server 10g Release 2 (10.1.2) installation guide for your platform, which is available as part of the platform-specific documentation library on the Oracle Technology Network: http://www.oracle.com/technology/documentation/appserver101402.html |
The following sections describe how to upgrade an OracleAS Cold Failover Cluster infrastructure:
Overview of the OracleAS Cold Failover Cluster Infrastructure Upgrade
Backing Up the Source OracleAS Cold Failover Cluster Infrastructure
Cleaning Up the OracleAS Cold Failover Cluster Infrastructure on Node 1
Configuring the Windows Registry, Oracle Inventory, and Services on Node 2
Special Instructions for Updating Node 2 When Using Asymmetrical Configurations
Using MRUA to Upgrade the OracleAS Metadata Repository from Node 2
Performing Required Post-Upgrade Procedures for the OracleAS Cold Failover Cluster
This section provides an outline of the steps you must perform to upgrade your OracleAS Cold Failover Cluster environment to 10g (10.1.4.0.1).
Note that this procedure assumes that your OracleAS Cold Failover Cluster consists of two nodes (Node 1 and Node 2) and a single shared disk that is used by both nodes. The procedure also assumes that you use Microsoft Cluster Administrator to manage the cluster environment.
Table Table B-2 summarizes the major steps in the OracleAS Cold Failover Cluster upgrade process.
Table B-2 Summary of OracleAS Cold Failover Cluster Upgrade Process
Step | Description | Detailed Instructions |
---|---|---|
1 |
Back up the existing OracleAS Cold Failover Cluster Infrastructure. |
Section B.2.2, "Backing Up the Source OracleAS Cold Failover Cluster Infrastructure" |
2 |
From Node 1, prepare to upgrade the Infrastructure. |
Section B.2.3, "Preparing to Upgrade to 10g (10.1.4.0.1) From Node 1" |
3 |
From Node 1, use Oracle Universal Installer to upgrade the Infrastructure on the shared disk to 10g (10.1.4.0.1). |
Section B.2.4, "Upgrading to 10g (10.1.4.0.1) From Node 1" |
4 |
From Node 1, clean up the OracleAS Infrastructure upgrade and prepare to update Node 2. |
Section B.2.5, "Cleaning Up the OracleAS Cold Failover Cluster Infrastructure on Node 1" |
5 |
From Node 2, configure the Windows registry, Oracle inventory, and required Windows services. |
Section B.2.6, "Configuring the Windows Registry, Oracle Inventory, and Services on Node 2" |
6 |
From Node 2, use the Metadata Repository Upgrade Assistant (MRUA) to upgrade the OracleAS Metadata Repository. |
Section B.2.8, "Using MRUA to Upgrade the OracleAS Metadata Repository from Node 2" |
7 |
Perform the post-upgrade procedures, which are described in the 10g (10.1.4.0.1) Oracle Application Server Installation Guide. |
Section B.2.10, "Performing Required Post-Upgrade Procedures for the OracleAS Cold Failover Cluster" |
Before you upgrade the Infrastructure it is important that you perform a full backup of the entire OracleAS Cold Failover Cluster environment. You will use this backup to restore the source Infrastructure later in the upgrade procedure.
Caution: You must back up the source Infrastructure directories before you start the upgrade process.Later in the upgrade procedure, you will be asked to restore the directories to their previous state. If a valid backup of the source Infrastructure is not available, you will not be able to complete the upgrade to 10g (10.1.4.0.1). |
To backup the OracleAS Cold Failover Cluster infrastructure:
Start the Microsoft Cluster Server (MSCS) Cluster Adminstrator.
Windows 2000: Start > Programs > Administrative Tools > Cluster Administrator
Windows 2003: Start > Administrative Tools > Cluster Administrator
Take the Oracle Application Server resources offline:
In the left pane of Cluster Administrator, expand the Groups folder and select the name of the cluster group that contains your Oracle Application Server resources.
For example, if you named the cluster group as904
, then click as904.
In the right pane, take each of the resources shown in Table B-3 offline by right-clicking the resource and then selecting Take Offline from the context menu.
Table B-3 Oracle Application Server Services and Corresponding Cluster Administrator Resources
Service | Format of Service Name | Format of Resource Name |
---|---|---|
Application Server Control |
OracleORACLE_HOMEASControl
|
OracleORACLE_HOMEASControl
|
Oracle Process Manager and Notification Server (OPMN) |
OracleORACLE_HOMEProcessManager
|
OracleORACLE_HOMEProcessManager
|
OracleAS Metadata Repository database |
OracleServiceSID
|
SID
|
OracleAS Metadata Repository database listener |
OracleORACLE_HOMETNSListenerFslvirtual_host_name |
OracleORACLE_HOMETNSListenerFslvirtual_host_name |
From the Services control panel, check to be sure that the services shown in Table B-3 are stopped.
Display the Services control panel as follows:
Windows 2000: Select Start > Programs > Administrative Tools > Services.
Windows 2003: Select Start > Administrative Tools > Services.
When you are sure all the required services and cluster groups are stopped, back up the Infrastructure by copying the entire Infrastructure directory structure on the shared disk to a new directory.
For example, if the Oracle home for your OracleAS Infrastructure is F:\oracle\as904
, then use the following command to backup the entire directory:
copy F:\oracle\as904 G:\backup\as904
Important Notes: Consider the following before starting the upgrade to 10g (10.1.4.0.1):
|
Use the Windows Services control panel to start all the Infrastructure services shown in Table B-3.
Start the database and listener as follows:
ORACLE_HOME\bin\lsrnctl start ORACLE_HOME\bin\sqlplus "/ as sysdba" SQL> startup SQL> exit
Use the following procedure to perform the pre-installation steps on Node 1.
Step 1 Be Sure You Have Backed Up the Oracle Application Server Cold Failover Clusters Infrastructure Directories
You must back up the Infrastructure directories as directed in Section B.2.2, "Backing Up the Source OracleAS Cold Failover Cluster Infrastructure" before you start the upgrade process.
Later in the upgrade procedure, you will be asked to restore the directories to their previous state. If a valid backup of the source Infrastructure is not available, you will not be able to complete the upgrade to 10g (10.1.4.0.1).
Step 2 From Cluster Administrator, Delete the Application Server Resources
In Cluster Administrator, open the application server group and delete each of the resources that you took offline in Section B.2.2, "Backing Up the Source OracleAS Cold Failover Cluster Infrastructure".
The resources include:
The OracleAS Metadata Repository database (for example, asdb
)
The database listener
Oracle Process Manager and Notification Server (OPMN)
Application Server Control
Use Table B-3 to identify the name of each resource, since the resource name is the same as the resource name used in the Services control panel.
To delete a resource, right-click the resource and select Delete from the context menu; then, click Yes in the confirmation prompt.
Step 3 Make Sure that All the Infrastructure Services are Up and Running
From the Services control panel, check to be sure that the services shown in Table B-3 are up and running on Node 1.
Note that in this step, you are starting the Windows services from the Windows operating system. The components have already been removed from Cluster Administrator and are no longer being managed by Microsoft Cluster Server.
Step 4 Verify that a Password File Exists and that the remote_login_passwordfile Parameter is Set to EXCLUSIVE mode
If you are not already using a password file for the OracleAS Metadata Repository database, create one using the ORAPWD
command.
For example, if your database data files reside in the Oracle home, and your Oracle home is F:\oracle\as904
, you can create a password file in the ORACLE_HOME\database
directory called pwdasdb.ora
by entering the following command:
ORAPWD FILE=F:\oracle\as904\database\pwdasdb.ora PASSWORD=sys_password
To check the remote_login_passwordfile
database parameter value:
Execute the following SQL command:
prompt> sqlplus "sys/sys_password@database_SID as sysdba"
In this example, replace sys_password with the password for the database SYS account and replace database_SID with the database system identifier (SID).
Execute the following command in the SQL plus prompt:
SQL> show parameter remote_login_passwordfile
If the value is set to NONE
, then update the init.ora
file parameter as follows:
remote_login_passwordfile=EXCLUSIVE
The init.ora
is located on your installation hard drive. For example, if ORACLE_HOME
is set to F:\oracle\as904
, then the init.ora
file would be in the following location:
F:\oracle\as904\admin\database_name\pfile\init.ora
In the preceding example, replace database_name with the database system identifier (SID).
You must restart the database after making this change to the init.ora
file.
To upgrade Oracle Application Server Cold Failover Clusters (Infrastructure), you use Oracle Universal Installer. During the installation procedure, you must select Identity Management and Metadata Repository from the Select Installation Type screen. Oracle Universal Installer then locates the existing installation and prompts you to upgrade the existing Infrastructure.
When you upgrade the Infrastructure, Oracle Universal Installer creates a new database for the 10g (10.1.4.0.1) OracleAS Metadata Repository and a new Oracle Internet Directory instance in a new Oracle home on the shared disk.
The new Oracle home is referred to as the destination Oracle home. The existing Oracle home is referred to as the source Oracle home.
The Oracle Universal Installer then upgrades the content and data in the source Oracle home to the 10g (10.1.4.0.1) destination Oracle home.
Stop all the middle tiers that are using the services of the OracleAS Identity Management installation.
Log in to the computer on which instance is installed, as the same operating system user that performed the installation.
Note: The account you log in to install or upgrade the OracleAS Metadata Repository must be listed as a member of the Administrators group. |
Make sure that the OracleAS Metadata Repository database and database listener are up and running.
For example, you can use the Services control panel to verify that the OracleAS Metadata Repository database service and the database listener service are started. Use Table B-3 to locate the name of the database and listener services in the Services control panel.
Make sure the Oracle Internet Directory server is up and running.
To verify that Oracle Internet Directory is running, enter one of the following commands.
If you are running Oracle Internet Directory on a non-secure port:
SOURCE_ORACLE_HOME\bin\ldapbind -p Non-SSL_port -h oid_host_name
If you are running Oracle Internet Directory on a secure port:
SOURCE_ORACLE_HOME\bin\ldapbind -p SSL_port -h oid_host_name -U 1
These commands should return a "bind successful" message.
See Also: "Syntax for LDIF and Command-Line Tools" in the Oracle Internet Directory Administrator's Guide for more information about theldapbind utility |
Set the required environment variables, as defined in the section "Environment Variables" in the "Requirements" chapter of the Oracle Application Server Installation Guide.
In particular, be sure the following environment variables are not set:
If the ORACLE_HOME environment variable was previously set, restart the host computer after unsetting the variable.
The system restart is necessary to clear the ORACLE_HOME variable from the system registry. If you do not restart the computer after clearing the ORACLE_HOME variable, the installation might report an error and prevent you from finishing the installation.
Mount the CD-ROM and start the installer.
See Also: Oracle Application Server Installation Guide for detailed instructions about starting Oracle Universal Installer on your platform |
Refer to Table B-4 for information on the options you should select on each screen.
After the End of Installation screen appears, exit Oracle Universal Installer and then verify that Oracle Internet Directory and Oracle Application Server Single Sign-On are functioning and accessible in the new 10g (10.1.4.0.1) Oracle home.
See Also: Oracle Application Server Administrator's Guide, Chapter 1, "Accessing the Single Sign-On Server" |
Table B-4 Summary of the Oracle Universal Installer Screens During the OracleAS Identity Management Upgrade in a Colocated infrastructure
Screen | Description and Recommended Options to Select |
---|---|
Welcome |
Welcomes you to Oracle Universal Installer and the Oracle Application Server installation procedure. |
Specify File Locations |
Enter a name and path for the new Oracle home. For example, This new Oracle home will be the destination Oracle home for your Oracle Application Server 10g (10.1.4.0.1) upgrade. |
Select a Product to Install |
Select OracleAS Infrastructure 10g. If multiple languages are used in the OracleAS Infrastructure you are upgrading, then click Product Languages. |
Language Selection |
The screen appears only if you clicked Product Languages on the Select a Product to Install screen. If multiple languages are used in the OracleAS Infrastructure you are upgrading, select those languages. If you are not sure which languages were installed, but want languages other than English, click the double arrow button (>>) to select all languages. |
Select Installation Type |
Select Identity Management and OracleAS Metadata Repository. Note: It is very important that you select the same installation type that is used in the Oracle home you are upgrading. |
Upgrade Existing Infrastructure |
This screen appears when Oracle Universal Installer detects an existing Oracle Application Server installation of the same type as the one you selected on the Select Installation Type screen. Select the option to upgrade an existing OracleAS Infrastructure, and then select the Oracle home you want to upgrade from the drop-down list. (If there is only one Infrastructure of the selected time on the computer, then the drop-down list is inactive.) |
Specify OID Login |
Enter the Oracle Internet Directory superuser distinguished name (DN) in the Username field. The superuser DN Enter the password for the superuser DN in the Password field. |
Specify Infrastructure Database Connection Information |
Enter |
Warning dialog box |
This dialog box warns you that all the clients of the OracleAS Metadata Repository database must now be stopped. Oracle Universal Installer will automatically stop any clients within the source Oracle home.Foot 1 However, you must manually stop any database clients and OracleAS Metadata Repository clients that reside in another Oracle home. Clients of the OracleAS Metadata Repository include:
Within each middle tier that uses this OracleAS Metadata Repository, you must be sure to stop all components, including Oracle HTTP Server and OracleAS Web Cache. For more information, see the chapter "Starting and Stopping " in the Oracle Application Server Administrator's Guide. |
Database Listener Warning Dialog Box |
If a database listener is running on the host, a warning dialog box displays. Review the dialog box to determine whether or not you need to stop the listener manually. For more information, see "Stopping the Database Listener When Prompted During the OracleAS Identity Management Upgrade". |
Specify Instance Name and ias_admin Password |
Enter a name for the new Oracle Application Server 10g (10.1.4.0.1) instance and a password for the You use the In general, the minimum length of the For more information, see the section "The ias_admin User and Restrictions on its Password" in the Oracle Application Server Installation Guide. |
Summary |
Use this screen to confirm the choices you've made. Click Install to begin upgrading to the new 10g (10.1.4.0.1) Oracle home. |
The Configuration Assistants |
After the initial software is installed, a set of configuration assistants automatically set up the components in the new 10g (10.1.4.0.1) Oracle home. Use this screen to follow the progress of each assistant and to identify any problems during this phase of the installation. Notes:
|
End of Installation |
When the installation and upgrade is complete, this screen provides important details about the 10g (10.1.4.0.1) Oracle home, such as the URL for the Application Server Control Console and the location of the After you review the information on this screen, you can exit Oracle Universal Installer and proceed to the post-upgrade tasks. |
Footnote 1 You can access a log of the automated shutdown procedure executed by Oracle Universal Installer in the shutdownprocesses.log
file, which is located in the cfgtoollogs
directory in the destination Oracle home.
Use the following steps to clean up the OracleAS Cold Failover Cluster Infrastructure on Node 1 and prepare to update Node 2.
Step 1 Stop the OracleAS Infrastructure Services on Node 1, and Set the Startup Type to Manual
Display the Services window.
Windows 2000: Select Start > Programs > Administrative Tools > Services.
Windows 2003: Select Start > Administrative Tools > Services.
Stop the 10g (10.1.4.0.1) services:
Oracle
<OracleHomeName>
ASControl
Oracle
<OracleHomeName>
ClientCache
Oracle
<OracleHomeName>
ProcessManager
Oracle
<OracleHomeName>
TNSListenerFsl
<VirtualHostName>
OracleService
<SID>
To stop a service, right-click the service and select Stop from the pop-up menu.
Set the start type of the 10g (10.1.4.0.1) services listed above to manual.
Right-click the service, and select Properties.
Select Manual from the "Startup Type" section, and click OK.
Step 2 Restart Node 1
When you restart Node 1, the shared disk is moved to Node 2. If an error occurs while adding the database service to Oracle Fail Safe, then restart Node 2 and try adding the database to Oracle Fail Safe again.
After you upgrade the OracleAS Infrastructure on Node 1, the next step in the OracleAS Cold Failover Cluster upgrade procedure is to update Node 2 so that the required Windows registry settings, Oracle inventory entries, and Windows services are available for the OracleAS Cold Failover Cluster.
Step 1 Review Your Options for Updating Node 2
Review the following information to determine whether or not the two nodes of your cluster are symmetrical.
The two nodes of an OracleAS Cold Failover Cluster are symmetrical if they have an identical:
Hardware configuration (for example, the same memory and CPU specifications)
Software configuration (for example, the same operating system version and patch level)
Oracle configuration (for example, the same Oracle products and Oracle homes are installed on both nodes
If the two nodes of your OracleAS Cold Failover Cluster are not symmetrical, then skip the remaining steps in this section and go directly to Section B.2.7, "Special Instructions for Updating Node 2 When Using Asymmetrical Configurations".
Step 2 Export the Oracle Registry Settings From Node 1
From Node 1, select Run from the Windows Start menu, and enter regedit
in the resulting text field.
Locate and select the HKEY_LOCAL_MACHINE\SOFTWARE\Oracle
entry in the Windows registry.
Select Export Registry File from the Registry menu.
In the resulting dialog box, make sure that the Selected Branch radio button is selected and that the HKEY_LOCAL_MACHINE\SOFTWARE\Oracle
branch is selected.
Enter a name for the exported registry file and click Save.
For example, enter oracle_registry_entries
.
Step 3 Remove the Database Instance from Node 1
On node 1, run the following command to remove the OracleAS Metadata Repository database instance that you just upgraded:
F:\oracle\as1014\bin> oradim -delete -sid sid
Step 4 Import the Registry Settings into the Windows Registry on Node 2
Log in to Node 2.
Double-click the oracle_registry_entries.reg file you created when you exported the registry entries from Node 1.
When prompted to add the registry entries, click Yes.
Step 5 Create and Start the Required Windows Services for 10g (10.1.4.0.1)
To create the Windows services on Node 2, you can use the SC tool (sc.exe
), which is a services control management tool provided by Microsoft.
Note: Before you use this procedure, make sure that the version of thesc.exe program you are using is version 5.0.2134.1 or later. For more information, refer to the Microsoft Web site. |
To use the SC tool to create the required services on Node 2:
Oracle Process Manager and Notification Server (OPMN):
sc create Oracle<home name>ProcessManager binPath= "ORACLE_HOME\opmn\bin\opmn.exe -S"
For example:
sc create OracleINFRAProcessManager binPath= "C:\oracle\appserv1\opmn\bin\opmn.exe -S"
Oracle Enterprise Manager 10g Application Server Control:
sc create Oracle<home name>ASControl binPath= "ORACLE_HOME\bin\nmesrvc.exe"
For example:
sc create OracleINFRAASControl binPath= "C:\oracle\appserv1\bin\nmesrvc.exe"
The OracleAS Metadata Repository database listener:
sc create Oracle<home name>TNSListener binPath= "ORACLE_HOME\bin\TNSLSNR"
For example:
sc create OracleINFRATNSListener binPath= "C:\oracle\appserv1\bin\TNSLSNR"
The OracleAS Metadata Repository database:
sc create OracleService<oracle_sid> binPath= "ORACLE_HOME\bin\oracle.exe oracle_sid"
Note that oracle_sid should be in upper case. For example:
sc create OracleServiceORCL binPath= "C:\oracle\appserv1\bin\ORACLE.EXE ORCL"
Note: The service used to manage the Oracle Enterprise Manager 10g Database Control is not included in this procedure because the Database Control is not configured automatically during the upgrade procedure. For more information, refer to "Task 5: Configure Oracle Enterprise Manager 10g Database Control". |
Step 6 Copy the Oracle Inventory from Node 1 to Node 2
The Oracle Universal Installer inventory stores information about all Oracle software products installed in all Oracle homes on a host, provided the product was installed using Oracle Universal Installer.
The Oracle inventory information is stored in Extensible Markup Language (XML) format in a single directory structure on the host. The inventory is usually located in the following directory on Windows systems:
C:\Program Files\Oracle\Inventory
You can always find the location of the inventory by selecting the following registry key in the Windows registry and viewing the value of the inst_loc
string:
\\HKEY_LOCAL_MACHINE\\Software\Oracle\
To copy the Oracle Inventory to Node 2, select the entire directory (for example, C:\Program Files\Oracle\Inventory
) and copy it to the same location on Node 2.
Step 7 Add Required Paths to the PATH Environment Variable
Use the System control panel to add the following to the beginning of the Windows PATH variable:
%ORACLE_HOME%\bin;%ORACLE_HOME%\jlib;
See Also: The Windows online help for instructions on how to set the PATH variable for your specific Windows platform |
Step 8 Skip to Section B.2.8, "Using MRUA to Upgrade the OracleAS Metadata Repository from Node 2"
Unless the nodes of the cluster are asymmetrical, skip Section B.2.7 and go directly to Section B.2.8.
If the two nodes in your OracleAS Cold Failover Cluster are not symmetrical, refer to the following procedures to update the configuration of Node 2.
Step 1 Remove the Database Instance from Node 1
On node 1, run the following command to remove the 10g (10.1.4.0.1) OracleAS Metadata Repository database instance that you just upgraded:
F:\oracle\as1014\bin> oradim -delete -sid sid
Step 2 From Node 1, Delete the 10g (10.1.4.0.1) Oracle Home and Restore the source Oracle Home
On Node 1, delete the 10g (10.1.4.0.1) destination Oracle home from the shard disk.
Delete the source Oracle home from the shared disk.
Restore the Infrastructure directories that you backed up in Section B.2.2, "Backing Up the Source OracleAS Cold Failover Cluster Infrastructure".
For example, copy the following backed up directories described in Step 1 to their original locations:
copy G:\backup\as904 F:\oracle\as904
Note: If theoradata and admin directories were stored outside of the Infrastructure source Oracle home, be sure to restore them to their original directories. |
Step 3 From Node 2, Start the Source Infrastructure Services
Log in to Node 2 as the same operating system user that performed the source Oracle home installation.
Note: The account you log in to install or upgrade the OracleAS Metadata Repository must be listed as a member of the Administrators group. |
Display the Services window.
Windows 2000: Select Start > Programs > Administrative Tools > Services.
Windows 2003: Select Start > Administrative Tools > Services.
Start the source Oracle home services:
OracleService
<SID>
Oracle
<OracleHomeName>
TNSListenerFsl
<VirtualHostName>
Oracle
<OracleHomeName>
ProcessManager
Oracle
<OracleHomeName>
ClientCache
Oracle
<OracleHomeName>
ASControl
To start a service, right-click the service and select Start from the pop-up menu.
Step 4 Verify that a Password File Exists and that the remote_login_passwordfile Parameter is Set to EXCLUSIVE mode
If you are not already using a password file for the OracleAS Metadata Repository database, create one using the ORAPWD
command.
For example, if your database data files reside in the Oracle home, and your Oracle home is F:\oracle\as904
, you can create a password file in the ORACLE_HOME\database
directory called pwdasdb.ora
by entering the following command:
ORAPWD FILE=F:\oracle\as904\database\pwdasdb.ora PASSWORD=sys_password
See Also: "Creating and Maintaining a Password File" in the Oracle Database Administrator's Guide |
To check the remote_login_passwordfile
database parameter value:
Execute the following SQL command:
prompt> sqlplus "sys/sys_password@database_SID as sysdba"
In this example, replace sys_password with the password for the database SYS account and replace database_SID with the database system identifier (SID).
Execute the following command in the SQL plus prompt:
SQL> show parameter remote_login_passwordfile
If the value is set to NONE
, then update the init.ora
file parameter as follows:
remote_login_passwordfile=EXCLUSIVE
The init.ora
is located on your installation hard drive. For example, if ORACLE_HOME
is set to F:\oracle\as904
, then the init.ora
file would be in the following location:
F:\oracle\as904\admin\database_name\pfile\init.ora
In the preceding example, replace database_name with the database system identifier (SID).
You must restart the database after making this change to the init.ora
file.
Step 5 From Node 2, Upgrade the Infrastructure to 10g (10.1.4.0.1)
Make sure that the OracleAS Metadata Repository database and database listener are up and running.
Make sure the Oracle Internet Directory server is up and running.
To verify that Oracle Internet Directory is running, enter one of the following commands.
If you are running Oracle Internet Directory on a non-secure port:
SOURCE_ORACLE_HOME\bin\ldapbind -p Non-SSL_port -h oid_host_name
If you are running Oracle Internet Directory on a secure port:
SOURCE_ORACLE_HOME\bin\ldapbind -p SSL_port -h oid_host_name -U 1
These commands should return a "bind successful" message.
See Also: "Syntax for LDIF and Command-Line Tools" in the Oracle Internet Directory Administrator's Guide for more information about theldapbind utility |
Set the required environment variables, as defined in the section "Environment Variables" in the "Requirements" chapter of the Oracle Application Server Installation Guide.
In particular, be sure the following environment variables are not set:
If the ORACLE_HOME environment variable was previously set, restart the host computer after unsetting the variable.
The system restart is necessary to clear the ORACLE_HOME variable from the system registry. If you do not restart the computer after clearing the ORACLE_HOME variable, the installation might report an error and prevent you from finishing the installation.
Mount the CD-ROM and start the installer.
See Also: Oracle Application Server Installation Guide for detailed instructions about starting Oracle Universal Installer on your platform |
Refer to Table B-4 for information on the options you should select on each screen.
Note: Be sure to select and enter the same instance name, password, and other selected options you used in the previous upgrade that you performed from Node 1. |
After the End of Installation screen appears, exit Oracle Universal Installer and then verify that Oracle Internet Directory and Oracle Application Server Single Sign-On are functioning and accessible in the new 10g (10.1.4.0.1) Oracle home.
See Also: Oracle Application Server Administrator's Guide, Chapter 1, "Accessing the Single Sign-On Server" |
Step 6 Restart Node 2
After you have upgraded the Infrastructure and exited Oracle Universal Installer, perform the following procedure:
Restart Node 2.
From Cluster Administrator, move the application server group, including the shared disk, to Node 2.
Log in to Node 2 and use the procedure in Chapter 8, "Using MRUA to Upgrade the OracleAS Metadata Repository" to upgrade the component schemas in the OracleAS Metadata Repository.
A pfile is a text file that contains the database initialization parameters. Oracle Fail Safe requires a "pfile" for your database. You enter the full path to the pfile in the Parameter File field when you add the database to the group.
To create a pfile:
Create a file called init
<SID>
.ora
in the ORACLE_HOME
\database
directory.
Populate the file with the following lines:
spfile=ORACLE_HOME\database\spfileSID.ora remote_login_passwordfile=EXCLUSIVE local_listener="(ADDRESS=(PROTOCOL=TCP)(HOST=Virtual_IP)(PORT=1521))"
In this example:
Replace ORACLE_HOME with the full path of your Oracle home directory.
Replace SID with the SID of your database.
Replace Virtual_IP with the virtual IP for the virtual hostname.
This section lists the post-upgrade procedures you must perform in order to finish upgrading a OracleAS Cold Failover Cluster on a Windows system.
From Node 2, use the Services control panel to set all the source Infastructure services to Manual startup mode.
These services will be removed later, when you decommission and deinstall the source Oracle homes.
Make sure the "Oracle Services for MSCS" is online.
Perform the following procedures, which are documented in the Oracle Application Server Installation Guide.
In particular, refer to the following sections of that guide:
Section 12.11.1, "Edit the ORACLE_HOME\Apache\htdocs\index.html File"
Section 11.12.2, "Make OracleAS Metadata Repository Highly Available"
Section 11.12.3, "Add the Shared Disk as a Dependency for the Listener"
Section 11.12.4, "Add the Shared Disk as a Dependency for OPMN"
Section 11.12.5, "Make OPMN Highly Available"
Section 11.12.6, "Make Application Server Control Highly Available"
Section 11.12.7, "Check that the Correct Listener Is Active"
From Node 2, use the Services control panel to set all the upgraded Infastructure services to automatic startup mode.
Use Table B-3 to identify the name of each resource, since the resource name is the same as the resource name used in the Services control panel.
Use the procedure described in "Task 5: Configure Oracle Enterprise Manager 10g Database Control" to configure the Oracle Enterprise Manager 10g Database Control.
Besides the post-upgrade tasks specific to configuring an upgraded OracleAS Cold Failover Cluster environment, you must also perform the typical post-upgrade tasks required when upgrading any OracleAS Identity Management environment.
For more information, refer to the following:
The following sections describe how to transform a 10g (9.0.4) Rack-Mounted Identity Management environment to OracleAS Cluster (Identity Management):
About Rack-Mounted Identity Management and OracleAS Cluster (Identity Management)
Task 1: Review the Requirements for Transforming the 10g (9.0.4) Rackmounted Identity Management
Task 2: Upgrade the Database That Hosts the OracleAS Metadata Repository
Task 3: If Necessary, Upgrade Any Middle Tiers That Use the OracleAS Metadata Repository
Task 4: Upgrade the First OracleAS Identity Management Instance
Task 6: Install Subsequent OracleAS Cluster (Identity Management) Instances
Task 7: Verify the Upgrade and Decommission the 10g (9.0.4) Oracle Homes
Following the release of Oracle Application Server 10g (9.0.4), a procedure was released for deploying multiple Identity Management instances against one Infrastructure Metadata Repository. This procedure was released in the form of a whitepaper titled Highly Available Identity Management example - Rack Mounted Identity Management and it was made available to customers on the Oracle Technology Network (OTN) at:
http://www.oracle.com/technology/products/ias/hi_av/index.html
Note that the link to the whitepaper on OTN might actually be shown as Highly Available Identity Management Deployment Example - Multi-box Identity Management.
Starting with the release of Oracle Application Server 10g Release 2 (10.1.2), an "out-of-the-box" Multiple Identity Management solution is now available. This configuration is known as OracleAS Cluster (Identity Management).
See Also: "Installing in High Availability Environments: OracleAS Cluster (Identity Management)" in the Oracle Application Server Installation Guide |
The following sections provide step-by-step instructions for customers who wish to upgrade their 10g (9.0.4) Multiple Identity Management deployment to an OracleAS Clusters (Identity Management) 10g (10.1.4.0.1) deployment.
The testing and steps provided in this document are based upon an OracleAS Identity Management implementation deployed on RedHat Linux 3.0. The steps provided in this document, however, apply to any Unix platform.
The following sections describe the requirements you must meet in order to transform your highly available environment from 10g (9.0.4) Rack-Mounted Identity Management to OracleAS Cluster (Identity Management):
Before you use this procedure, you must consider the following configuration requirements:
You must have followed the exact set of steps outlined in the paper Highly Available Identity Management example - Rack Mounted Identity Management
The Identity Management instances you are upgrading must be 10g (9.0.4) intances; previous releases of OracleAS are not supported for this configuration.
The Metadata Repository must have been created in an Oracle9i Release 2 (9.2.0.1) or greater database, using the 10g (9.0.4) OracleAS RepCA (MRCA).
OracleAS Identity Management consists of components that can also be installed separately:
Oracle Internet Directory (OID)
OracleAS Single Sign-On (SSO)
Oracle Delegated Administration Services (DAS)
Oracle Directory Integration Platform (DIP)
This procedure does not include support for Oracle Application Server Certificate Authority (OCA).
In this procedure, the primary focus is on installations where all Identity management components are installed in one Oracle home. This is known as a colocated OracleAS Infrastructure, which includes Oracle Internet Directory, Oracle Delegated Administration Services, and OracleAS Single Sign-On, all installed within the same Oracle home.
To upgrade a distributed OracleAS Identity Management configuration where the Identity Management components are separated into two tiers, see Section B.4, "Transforming a Distributed 10g (9.0.4) Rack-Mounted Identity Management Environment". Such a configuration might be required, for example, where an organization needs the OracleAS Single Sign-On and Oracle Delegated Administration Services components running in a the DMZ and the Oracle Internet Directory running on the internal network inside the firewall.
This procedure assumes the database that hosts the OracleAS Metadata Repository is an Oracle Real Application Clusters (RAC) Database. Specifically, the procedure described in this section was tested on a two-node RAC environment. However, it is assumed that this procedure also applies to:
A single-instance database
A Real Application Clusters database consisting of more than two nodes
The requirement for Real Application Clusters is a shared-storage configuration. The implementation of the shared volume is vendor-specific. The procedures in this section should be applicable to all Operating systems and clusters but were developed and tested in a Linux environment. Specifically, the following shared storage options are supported:
Raw devices
Cluster filesystem (for example, OCFS on Linux)
Network filesystem (for example, supported NAS devices)
Although cluster and volume management software is vendor-specific, the steps and considerations provided in this section apply specifically to customers wishing to optionally implement Oracle's Automated Storage Management (ASM).
Before you begin this transformation procedure, take a complete, full software backup of everything in the Oracle Home and related directories for the OracleAS Metadata Repository and the OracleAS Identity Management instances.
In addition, shut down all processes and perform a full cold database backup of the middle tiers and Infrastructure Oracle homes.
Before you can upgrade to OracleAS Cluster (Identity Management), you must upgrade the database that hosts the OracleAS Metadata Repository to a supported database.
For detailed instructions on upgrading the database that hosts the OracleAS Metadata Repository, see Chapter 6, "Upgrading the Database That Hosts the OracleAS Metadata Repository".
Note: When applying database patchsets, be sure to carefully review the patchset README for your specific platform. The instructions for installing patchsets can vary significantly from platform to platform. For example, some platforms, such as Linux, might require you to install a specific version of Oracle Universal Installer before proceeding with the patchset installation. |
There are certain upgrade scenarios where you might have to upgrade any 10g (9.0.4) middle tiers in your Oracle Application Server environment to 10g Release 2 (10.1.2).
For more information, refer to Chapter 5, "Upgrading 10g (9.0.4) Middle Tiers to 10g Release 2 (10.1.2)".
After the database that hosts the OracleAS Metadata Repository has been upgraded to a supported version, and after any middle tiers have been upgraded to 10g Release 2 (10.1.2), you can now upgrade the first OracleAS Identity Management Oracle home in the Rack-Mounted Identity Management configuration.
When you upgrade the first OracleAS Identity Management Oracle home, you also upgrade the OracleAS Identity Management schemas in the OracleAS Metadata Repository.
Note that in an OracleAS Cluster (Identity Management), the Identity Management instances are clustered together in a Distributed Configuration Management (DCM) Cluster. This ensures synchronization between the configurations of the different Identity Management components on all of the Identity Management instances.
To upgrade the first OracleAS Identity Management Oracle home, use the following steps.
Make sure that the other OracleAS Identity Management Instances in the Rack-Mounted Identity Management environment are down.
Only the OracleAS Identity Management instance that you are upgrading first should be up and running. If necessary, shut down the other OracleAS Identity Management instances.
Configure the Load Balancer to direct traffic only to the OracleAS Identity Management instance you are about to upgrade
All Requests should be directed only to the OracleAS Identity Management instance you are about to upgrade. The other OracleAS Identity Management instances in the Rack-Mounted Identity Management environment should be shut down.
Use the Oracle Application Server 10g (10.1.4.0.1) installation procedure to upgrade the OracleAS Identity Management instance.
Refer to Chapter 7, "Using Oracle Universal Installer to Upgrade Oracle Identity Management" for complete instructions on upgrading the first OracleAS Identity Management Oracle home.
Perform any post-upgrade procedures that apply to your OracleAS Identity Management environment.
Refer to Chapter 9, "Component-Specific Post-Upgrade Procedures" for more information.
Perform the steps described in Section B.5.4.3.3, "Configuration Steps When Oracle HTTP Server and the Load Balancer are Not Using SSL".
Create a Distributed Configuration Management (DCM) cluster that the other OracleAS Identity Management instances can join:
Enter the DCM command-line shell:
ORACLE_HOME\dcm\bin\dcmctl shell
Create a new Cluster:
DCM> createcluster -cl IMcluster
In this example, IMCluster is the name you assign to the cluster.
Join the DCM cluster as the first instance:
DCM> joincluster -cl IMcluster
At this point the instance will be stopped.
Restart the instance:
opmnctl startall
A new cluster has now been created with the upgraded IM instance as its sole member.
Perform the steps described in Section B.5.4.4, "Task 4d: Finish the Upgrade of the First OracleAS Identity Management Instance".
Make sure that the OracleAS Identity Management instance (including Oracle Internet Directory) that you upgraded in Section B.3.5, "Task 4: Upgrade the First OracleAS Identity Management Instance" is up and running.
If it is not running, start the Identity Management instance (including Oracle Internet Directory) as follows:
ORACLE_HOME/opmn/bin/opmnctl startall
Upgrade the Metadata Repository in the newly upgraded database as described in Chapter 8, "Using MRUA to Upgrade the OracleAS Metadata Repository", with the following exception:
On the MRUA command line, enter the address of the load balancer in place of the oid_host
and oid_ssl_port
arguments.
Note that the values you enter for the -oid_host
argument and -oid_ssl_port
arguments must match the value of the corresponding properties defined in following configuration file in the Identity Management Oracle home:
IDENTITY_MANAGEMENT_HOME/config/ias.properties
For example:
OIDhost=sys42.acme.com OIDsslport=636
When MRUA finishes processing, verify that the schemas have been upgraded, as described in Section 8.3, "Task 3: Verify the Success of the OracleAS Metadata Repository Upgrade".
Complete the OracleAS Metadata Repository upgrade using the instructions in the section, Section 9.4, "Task 4: Perform OracleAS Portal Post-Upgrade Steps".
After you upgrade the first OracleAS Identity Management instance in the cluster, and after you upgrade the OracleAS Metadata Repository, you can then install the additional OracleAS Identity Management instances in the OracleAS Cluster (Identity Management):
Make sure that the Oracle Internet Directory is up and running on the first OracleAS Identity Management instance.
Make sure that the OracleAS Metadata Repository database and listener are up and running.
Make sure that the Load Balancer is configured to direct traffic only to the first Identity Management instance.
Install the new 10g (10.1.4.0.1) OracleAS Identity Management Oracle home by following the instructions in the section "Installing OracleAS Cluster (Identity Management) on Subsequent Nodes," in the Oracle Application Server Installation Guide.
Reconfigure Load Balancer and test the installation.
After a successful installation of the subsequent OracleAS Identity Management Oracle home, configure the Load Balancer to route requests to the new instance.
Repeat this procedure for any additional and subsequent OracleAS Identity Management installations that will be part of the cluster.
After you have upgraded the first Oracle Identity Management instance in the cluster and you have added the remaining cluster members, you can then verify that the upgrade was successful and then decommission the 10g (9.0.4) Oracle homes.
For more information, refer to Chapter 10, "Verifying the Upgrade and Decommissioning the Source Oracle Homes".
In a distributed Rack-Mounted Identity Management environment, the Oracle Internet Directory is installed in a separate Oracle home from the other OracleAS Identity Management components.
The procedure for transforming distributed Rack-Mounted Identity Management components is the same as that for transforming a colocated Rack-Mounted Identity Management installation, except for the following exceptions. The following steps summarize the distributed transformation procedure:
Table B-5 Summary of the Steps for Transforming a Distributed Rack-Mounted Identity Management Environment to OracleAS Cluster (Identity Management)
Task No. | Description | More Information |
---|---|---|
1 |
Review the requirements for transforming Rack-Mounted Identity Management. |
|
2 |
Upgrade the database that hosts the OracleAS Metadata Repository. |
Section B.3.3, "Task 2: Upgrade the Database That Hosts the OracleAS Metadata Repository" |
3 |
If necessary, upgrade any 10g (9.0.4) middle tiers. |
|
4 |
Upgrade the first Oracle Internet Directory Oracle home. |
Steps 1 through 4 of Section B.3.5, "Task 4: Upgrade the First OracleAS Identity Management Instance" |
5 |
Upgrade the first OracleAS Single Sign-On Oracle home. |
Steps 1 through 4 of Section B.6.5, "Task 5: Upgrade the First OracleAS Single Sign-On Oracle Home" |
6 |
Create a Distributed Configuration Management (DCM) cluster for the OracleAS Single Sign-On instances. |
Step 6 of Section B.3.5, "Task 4: Upgrade the First OracleAS Identity Management Instance". |
7 |
Configure Oracle HTTP Server and OracleAS Single Sign-On in the OracleAS Single Sign-On Oracle home. |
|
8 |
Finish the upgrade of the first OracleAS Single Sign-On instance. |
Section B.5.4.4, "Task 4d: Finish the Upgrade of the First OracleAS Identity Management Instance" |
9 |
Use the Metadata Repository Upgrade Assistant to Upgrade the Component Schemas in the OracleAS Metadata Repository |
|
10 |
Install Subsequent OracleAS Cluster (Identity Management) Instances |
Section B.3.7, "Task 6: Install Subsequent OracleAS Cluster (Identity Management) Instances" |
11 |
Verify the Upgrade and Decommission the 10g (9.0.4) Oracle Homes |
Section B.3.8, "Task 7: Verify the Upgrade and Decommission the 10g (9.0.4) Oracle Homes" |
A colocated OracleAS Identity Management installation includes all the OracleAS Identity Management components in each Oracle home. Compare the procedures in this section with those in Section B.6, "Upgrading an OracleAS Cluster (Identity Management) 10g Release 2 (10.1.2) Distributed Configuration".
The following sections describe how to upgrade a colocated 10g Release 2 (10.1.2) OracleAS Cluster (Identity Management) environment to 10g (10.1.4.0.1).
Task 1: Review the OracleAS Cluster (Identity Management) Upgrade Requirements
Task 2: Upgrade the Database That Hosts the OracleAS Metadata Repository
Task 3: If Necessary, Upgrade any 10g (9.0.4) Middle Tiers to 10g Release 2 (10.1.2.0.2)
Task 4: Upgrade the First OracleAS Identity Management Instance
Task 6: Installing Subsequent OracleAS Cluster (Identity Management) Instances
Task 7: Verify the Upgrade and Decommission the 10g Release 2 (10.1.2) Oracle Homes
The following sections describe the requirements you must meet in order to upgrade your 10g Release 2 (10.1.2) colocated OracleAS Cluster (Identity Management) configuration to OracleAS Cluster (Identity Management) 10g (10.1.4.0.1):
Before you use this procedure, note that the Identity Management instances you are upgrading must be 10g Release 2 (10.1.2) intances that were installed using the procedures documented in "Installing in High Availability Environments: OracleAS Cluster (Identity Management)" in the 10g Release 2 (10.1.2) Oracle Application Server Installation Guide.
OracleAS Identity Management consists of components that can also be installed separately:
Oracle Internet Directory (OID)
OracleAS Single Sign-On (SSO)
Oracle Delegated Administration Services (DAS)
Oracle Directory Integration Platform (DIP)
This procedure does not include support for Oracle Application Server Certificate Authority (OCA).
This procedure describes how to upgrade installations where all Identity management components are installed in each Oracle home. This is known as a colocated OracleAS Infrastructure, where Oracle Internet Directory, Oracle Delegated Administration Services, Oracle Directory Integration Platform, and OracleAS Single Sign-On are installed within the same Oracle home.
See Also: Section B.6, "Upgrading an OracleAS Cluster (Identity Management) 10g Release 2 (10.1.2) Distributed Configuration" for information about upgrading a distributed OracleAS Identity Management configuration. |
Figure B-1 shows a typical colocated OracleAS Cluster (Identity Management) 10g Release 2 (10.1.2) environment.
Figure B-1 10g Release 2 (10.1.2) Colocated OracleAS Cluster (Identity Management) Upgrade Starting Point
Before you begin this procedure, perform a complete, full software backup of everything in the Oracle Home and related directories for the OracleAS Metadata Repository and the OracleAS Identity Management instances.
In addition, shut down all processes and perform a full cold database backup of the middle tiers and Infrastructure Oracle homes.
Before you can upgrade to OracleAS Cluster (Identity Management), you must upgrade the database that hosts the OracleAS Metadata Repository to a supported database.
For detailed instructions on upgrading the database that hosts the OracleAS Metadata Repository, see Chapter 6, "Upgrading the Database That Hosts the OracleAS Metadata Repository".
Note: When applying database patchsets, be sure to carefully review the patchset README for your specific platform. The instructions for installing patchsets can vary significantly from platform to platform. For example, some platforms, such as Linux, might require you to install a specific version of Oracle Universal Installer before proceeding with the patschset installation. |
There are certain upgrade scenarios where you might have to upgrade any 10g (9.0.4) middle tiers in your Oracle Application Server environment to 10g Release 2 (10.1.2).
For more information, refer to Chapter 5, "Upgrading 10g (9.0.4) Middle Tiers to 10g Release 2 (10.1.2)".
After the database that hosts the OracleAS Metadata Repository has been upgraded to a supported version, and after any middle tiers have been upgraded to 10g Release 2 (10.1.2), you can now upgrade the first OracleAS Identity Management Oracle home in the OracleAS Cluster (Identity Management) configuration.
When you upgrade the first OracleAS Identity Management Oracle home, you also upgrade the OracleAS Identity Management schemas in the OracleAS Metadata Repository.
Note that in a colocated OracleAS Cluster (Identity Management), all the OracleAS Identity Management instances are clustered in a Distributed Configuration Management (DCM) Cluster. This ensures synchronization between the configurations of the different Identity Management components on all of the Identity Management instances.
To upgrade the first OracleAS Identity Management Oracle home, refer to the following sections:
Task 4c: Configure Oracle HTTP Server and OracleAS Single Sign-On
Task 4d: Finish the Upgrade of the First OracleAS Identity Management Instance
Use the following steps to upgrade the first OracleAS Identity Management instance in the OracleAS Cluster (Identity Management) environment:
Make sure that the other OracleAS Identity Management Instances in the environment are down.
Only the OracleAS Identity Management instance that you are upgrading first should be up and running. If necessary, shut down the other OracleAS Identity Management instances.
Configure the Load Balancer to direct traffic only to the OracleAS Identity Management instance you are about to upgrade.
All Requests should be directed only to the OracleAS Identity Management instance you are about to upgrade. The other OracleAS Identity Management instances in the environment should be shut down.
Use the Oracle Universal Installer and the Oracle Application Server 10g (10.1.4.0.1) installation procedure to upgrade the OracleAS Identity Management instance.
Refer to Chapter 7, "Using Oracle Universal Installer to Upgrade Oracle Identity Management" for complete instructions on upgrading the first OracleAS Identity Management instance.
Perform any post-upgrade procedures that apply to the Oracle Internet Directory Oracle home.
Refer to Section 9.2, "Task 2: Perform Oracle Internet Directory Post-Upgrade Steps" for more information.
Use the following steps to reconfigure the cluster and to prepare for installing the remaining OracleAS Identity Management instances:
Remove the OracleAS Identity Management 10g Release 2 (10.1.2) instances from the cluster:
Start the Distributed Configuration Management (DCM) shell:
DESTINATION_ORACLE_HOME/dcm/bin/dcmctl shell
Display a list of the currently defined clusters:
DCM> listclusters
Note the name of the OracleAS Cluster (Identity Management) and then list the OracleAS Identity Management instances that are members of the cluster:
DCM> listInstances -cl name_of_Identity_Management_cluster
For each OracleAS Identity Management instance in the cluster, enter the following command:
DCM> leavecluster -i 1012_instance_name
Add the newly upgraded Oracle Identity Management 10g (10.1.4.0.1) instance to the cluster:
Join the cluster using the following command:
DCM> joincluster -cl name_of_Identity_Management_cluster
Note that the joincluster
command stops the 10g (10.1.4.0.1) instance and all of its processes.
Start the Oracle Identity Management 10g (10.1.4.0.1) instance:
DESTINATION_ORACLE_HOME\opmn\bin\opmnctl stopall DESTINATION_ORACLE_HOME\opmn\bin\opmnctl startall
Use the following steps to configure Oracle HTTP Server, OracleAS Single Sign-On, and OPMN after you have upgraded the first OracleAS Identity Management instance.
The steps you follow to configure these components vary, depending upon whether or not you have configured Oracle HTTP Server or your load balancer to accept HTTPS requests.
Refer to the following sections for more information:
Configuration Steps When Both Oracle HTTP Server and the Load Balancer Are Configured for SSL
Configuration Steps When Only the Load Balancer Is Configured for SSL
Configuration Steps When Oracle HTTP Server and the Load Balancer are Not Using SSL
The following steps apply if both the Oracle HTTP Server and the load balancer are configured to listen for the HTTPS protocol;
Configure the Oracle HTTP Server listener as follows:
Edit the following Oracle HTTP Server configuration file:
DESTINATION_ORACLE_HOME\Apache\Apache\conf\ssl.conf
Make sure that the ServerName
directive is set to the virtual host (for example, imhost.domain.com
) and not to the physical host.
Save and close the ssl.conf configuration file.
Update DCM to recognize the changes made to the Oracle HTTP Server component using the following command:
DESTINATION_ORACLE_HOME\dcm\bin\dcmctl updateConfig -ct ohs -d -v
Configure OracleAS Single Sign-On to accept authentication requests on the SSL port over the HTTPS protocol by using the following command:
ORACLE_HOME\sso\bin\ssocfg.bat https imhost.domain.com 4444
In this example:
imhost.domain.com is the address configured at the load balancer for HTTPS requests.
The default HTTPS Listener port is 4444
, but this port may differ for your specific installation. You can obtain the correct value for your installation by examining the assigned to the "port" variable in the ssl.conf
configuration file.
Edit the OPMN configuration file to enable SSL for the Oracle HTTP Server:
Locate and open the following OPMN configuration file with a text editor:
DESTINATION_ORACLE_HOME\opmn\conf\opmn.xml
Locate the following entry for the HTTP_Server
component:
<ias-component id="HTTP_Server">
<process-type id="HTTP_Server" module-id="OHS">
<module-data>
<category id="start-parameters">
<data id="start-mode" value="ssl-disabled"/>
</category>
</module-data>
<process-set id="HTTP_Server" numprocs="1"/>
</process-type>
</ias-component>
Change the value of the start-mode
entry to ssl-enabled
.
The resulting entry in the opmn.xml file should appear as follows:
<ias-component id="HTTP_Server">
<process-type id="HTTP_Server" module-id="OHS">
<module-data>
<category id="start-parameters">
<data id="start-mode" value="ssl-enabled"/>
</category>
</module-data>
<process-set id="HTTP_Server" numprocs="1"/>
</process-type>
</ias-component>
Re-register the instance with OracleAS Single Sign-On:
Set the ORACLE_HOME environment variable to the new 10g Release 2 (10.1.2) OracleAS Single Sign-On Oracle home, as follows:
set ORACLE_HOME=oracle_home_path
For example:
set ORACLE_HOME=C:\ORACLE\product\IM_1014
Run the following command to re-register the instance with OracleAS Single Sign-On:
ORACLE_HOME\sso\bin\ssoreg.bat -oracle_home_path orcl_home_path -site_name instance_name_you_specified_during_upgrade -config_mod_osso TRUE -mod_osso_url effective_URL_of_the_partner_application -u userid
In this example:
The effective_URL_of_the_partner_application is in this URL format:
http://virtual_servername:ssl_port
Replace userid with the Oracle owner.
Note that at this point in the procedure, the upgraded OracleAS Identity Management Oracle home should be a fully working 10g (10.1.4.0.1) OracleAS Identity Management instance running against the OracleAS Metadata Repository database. The load balancer is still pointing to only this new, upgraded instance.
Change the Oracle Delegated Administration Services orcldasurlbase
attribute in the directory server, using the following steps:
Start Oracle Directory Manager (oidadmin)
and connect to the Oracle Internet Directory.
The oidadmin
tool is located in the following directory in the destination Oracle home:
DESTINATION_ORACLE_HOME\bin\
Make sure you select the SSL Enabled check box when connecting to the directory server.
In the System Objects Navigator, navigate to the cn=OperationURLs
entry as follows:
Entry Management -> cn=OracleContext -> cn=Products -> cn=DAS -> cn=OperationURLs
After you select the cn=OperationURLs
entry, locate the orcldasurl attribute on the Properties tab in the right pane of the Oracle Directory Manager window.
Change the orcldasurlbase
attribute so it references the SSL URL for the Oracle Delegated Administration Services:
https://virtual_server_name:load_balancer_ssl_listen_port
The following steps apply if both the Oracle HTTP Server and the load balancer are configured to listen for the HTTPS protocol:
Configure the Oracle HTTP Server listener as follows:
Use a text editor to locate and open the following Oracle HTTP Server configuration file:
DESTINATION_ORACLE_HOME\Apache\Apache\conf\httpd.conf
Make sure that the ServerName
directive is set to the virtual host (for example, imhost.domain.com
) and not to the physical host.
Save and close the httpd.conf
configuration file.
Update DCM to recognize the changes made to the Oracle HTTP Server component using the following command:
DESTINATION_ORACLE_HOME\dcm\bin\dcmctl updateConfig -ct ohs -d -v
Configure OracleAS Single Sign-On to accept authentication requests on the SSL port over the HTTPS protocol by using the following command:
ORACLE_HOME\sso\bin\ssocfg.bat https imhost.domain.com 4444
In this example:
imhost.domain.com is the virtual host address configured at the load balancer for HTTPS requests.
The default HTTPS Listener port is 4444
, but this port may differ for your specific installation. You can obtain the correct value for your installation by examining the assigned to the "port" variable in the ssl.conf
configuration file.
Re-register the instance with OracleAS Single Sign-On:
Set the ORACLE_HOME environment variable to the new 10g Release 2 (10.1.2) OracleAS Single Sign-On Oracle home, as follows:
set ORACLE_HOME=oracle_home_path
For example:
set ORACLE_HOME=C:\ORACLE\product\IM_1014
Run the following command to re-register the instance with OracleAS Single Sign-On:
ORACLE_HOME\sso\bin\ssoreg.bat -oracle_home_path orcl_home_path -site_name instance_name_you_specified_during_upgrade -config_mod_osso TRUE -mod_osso_url effective_URL_of_the_partner_application -u userid
In this example:
The effective_URL_of_the_partner_application is in this URL format:
http://virtual_servername:load_blancer_ssl_port
Replace userid with the Oracle owner.
Note that at this point in the procedure, the upgraded OracleAS Identity Management Oracle home should be a fully working 10g (10.1.4.0.1) OracleAS Identity Management instance running against the OracleAS Metadata Repository database. The load balancer is still pointing to only this new, upgraded instance.
Change the Oracle Delegated Administration Services orcldasurlbase
attribute in the directory server, using the following steps:
Start Oracle Directory Manager (oidadmin)
and connect to the Oracle Internet Directory.
The oidadmin
tool is located in the following directory in the destination Oracle home:
DESTINATION_ORACLE_HOME\bin\
Make sure you select the SSL Enabled check box when connecting to the directory server.
In the System Objects Navigator, navigate to the cn=OperationURLs
entry as follows:
Entry Management -> cn=OracleContext -> cn=Products -> cn=DAS -> cn=OperationURLs
After you select the cn=OperationURLs
entry, locate the orcldasurl attribute on the Properties tab in the right pane of the Oracle Directory Manager window.
Change the orcldasurlbase
attribute so it references the SSL URL for the Oracle Delegated Administration Services:
https://virtual_server_name:load_balancer_ssl_listen_port
The following steps apply if both the Oracle HTTP Server and the load balancer are configured to listen for the HTTPS protocol;
Configure the Oracle HTTP Server listener as follows:
Use a text editor to locate and open the following Oracle HTTP Server configuration file:
DESTINATION_ORACLE_HOME\Apache\Apache\conf\httpd.conf
Make sure that the ServerName
directive is set to the virtual host (for example, imhost.domain.com
) and not to the physical host.
Save and close the httpd.conf
configuration file.
Update DCM to recognize the changes made to the Oracle HTTP Server component using the following command:
DESTINATION_ORACLE_HOME\dcm\bin\dcmctl updateConfig -ct ohs -d -v
Configure OracleAS Single Sign-On to accept authentication requests on the SSL port over the HTTPS protocol by using the following command:
ORACLE_HOME\sso\bin\ssocfg.bat http imhost.domain.com 7777
In this example:
imhost.domain.com is the address configured at the load balancer for HTTP requests.
The default HTTP Listener port is 7777
, but this port may differ for your specific installation. You can obtain the correct value for your installation by examining the assigned to the "port" variable in the httpd.conf
configuration file.
Re-register the instance with OracleAS Single Sign-On:
Set the ORACLE_HOME environment variable to the new 10g Release 2 (10.1.2) OracleAS Single Sign-On Oracle home, as follows:
set ORACLE_HOME=oracle_home_path
For example:
set ORACLE_HOME=C:\ORACLE\product\IM_1014
Run the following command to re-register the instance with OracleAS Single Sign-On:
ORACLE_HOME\sso\bin\ssoreg.bat -oracle_home_path orcl_home_path -site_name instance_name_you_specified_during_upgrade -config_mod_osso TRUE -mod_osso_url effective_URL_of_the_partner_application -u userid
In this example:
The effective_URL_of_the_partner_application is in this URL format:
http://virtual_servername:load_balancer_port
Replace userid with the Oracle owner.
Note that at this point in the procedure, the upgraded OracleAS Identity Management Oracle home should be a fully working 10g (10.1.4.0.1) OracleAS Identity Management instance running against the OracleAS Metadata Repository database. The load balancer is still pointing to only this new, upgraded instance.
Change the Oracle Delegated Administration Services orcldasurlbase
attribute in the directory server, using the following steps:
Start Oracle Directory Manager (oidadmin)
and connect to the Oracle Internet Directory.
The oidadmin
tool is located in the following directory in the destination Oracle home:
DESTINATION_ORACLE_HOME\bin\
In the System Objects Navigator, navigate to the cn=OperationURLs
entry as follows:
Entry Management -> cn=OracleContext -> cn=Products -> cn=DAS -> cn=OperationURLs
After you select the cn=OperationURLs
entry, locate the orcldasurl attribute on the Properties tab in the right pane of the Oracle Directory Manager window.
Change the orcldasurlbase
attribute so it references the URL for the Oracle Delegated Administration Services:
http://virtual_server_name:load_balancer_non_ssl_listen_port
Perform the following steps to finish the upgrade of the first OracleAS Identity Management instance in the OracleAS Cluster (Identity Management) environment:
Enable the monitoring of the instance by Oracle Enterprise Manager Application Server Control by following the instructions in Section 9.1.2.1, "Enabling Monitoring of OracleAS Single Sign-On and Oracle Delegated Administration Services in Application Server Control".
Update the mod_oc4j
load balancing directive in the destination Oracle home:
Update the DCM configuration:
DESTINATION_ORACLE_HOME\dcm\bin\dcmctl updateConfig -d -v
Note that using only the -d
and -v
arguments to the dcmctl updateConfig
command updates all the component information for DCM. The command also stops some of the processes in the Oracle Identity Management Oracle home.
Stop and then start all the processes in the Oracle Identity Management Oracle home:
DESTINATION_ORACLE_HOME\opmn\bin\opmnctl stopall DESTINATION_ORACLE_HOME\opmn\bin\opmnctl startall
To ensure that Oracle Application Server maintains the state of stateful Web applications across DCM-Managed OracleAS Cluster, you need to configure state replication for the Web applications.
Configure state replication only on the first node where Oracle Delegated Administration Services is installed.
To configure state replication for the OC4J_Security instance, do the following:
Using the Application Server Control Console, navigate to the Application Server Home page for the instance that contains Oracle Delegated Administration Services.
Click OC4J_SECURITY link on the Application Server Home page.
Click Administration link on the OC4J Home Page.
Click Replication Properties link in the Instance Properties area.
Scroll to the Web Applications section of the page (Figure B-2).
Select the Replicate session state checkbox.
Optionally, you can provide the multicast host IP address and port number. If you do not provide the host and port for the multicast address, it defaults to host IP address 230.230.0.1 and port number 9127. The host IP address must be between 224.0.0.2 through 239.255.255.255. Do not use the same multicast address for both HTTP and EJB multicast addresses.
Note: When choosing a multicast address, ensure that the address does not collide with the addresses listed in:
Also, if the low order 23 bits of an address is the same as the local network control block, |
Figure B-2 Web State Replication Configuration
Make sure that the OracleAS Identity Management instance (including Oracle Internet Directory) that you upgraded in Section B.3.5, "Task 4: Upgrade the First OracleAS Identity Management Instance" is up and running.
If it is not running, start the Identity Management instance (including Oracle Internet Directory) as follows:
ORACLE_HOME\opmn\bin\opmnctl startall
Upgrade the Metadata Repository in the newly upgraded database as described in Chapter 8, "Using MRUA to Upgrade the OracleAS Metadata Repository", with the following exception:
On the MRUA command line, enter the address of the load balancer in place of the oid_host
and oid_ssl_port
arguments.
Note that the values you enter for the -oid_host
argument and -oid_ssl_port
arguments must match the value of the corresponding properties defined in following configuration file in the Identity Management Oracle home:
IDENTITY_MANAGEMENT_HOME/config/ias.properties
For example:
OIDhost=sys42.acme.com OIDsslport=636
When MRUA finishes processing, verify that the schemas have been upgraded, as described in Section 8.3, "Task 3: Verify the Success of the OracleAS Metadata Repository Upgrade".
After you upgrade the first OracleAS Identity Management instance in the cluster, and after you upgrade the OracleAS Metadata Repository, you can then install the additional OracleAS Identity Management instances in the OracleAS Cluster (Identity Management):
Make sure that the Oracle Internet Directory is up and running on the first OracleAS Identity Management instance.
Make sure that the OracleAS Metadata Repository database and listener are up and running.
Make sure that the Load Balancer is configured to direct traffic only to the first Identity Management instance.
Install the new 10g (10.1.4.0.1) OracleAS Identity Management Oracle home by following the instructions in the section "Installing OracleAS Cluster (Identity Management) on Subsequent Nodes," in the Oracle Application Server Installation Guide.
Reconfigure Load Balancer and test the installation.
After a successful installation of the subsequent OracleAS Identity Management Oracle home, configure the Load Balancer to route requests to the new instance.
Repeat this procedure for any additional and subsequent OracleAS Identity Management installations that will be part of the cluster.
After you have upgraded the first Oracle Identity Management instance in the cluster and you have added the remaining cluster members, you can then verify that the upgrade was successful and then decommission the 10g Release 2 (10.1.2) Oracle homes.
For more information, refer to Chapter 10, "Verifying the Upgrade and Decommissioning the Source Oracle Homes".
The following sections describe how to upgrade from a distributed 10g Release 2 (10.1.2) OracleAS Cluster (Identity Management) environment to 10g (10.1.4.0.1):
Task 1: Review the Distributed OracleAS Cluster (Identity Management) Upgrade Requirements
Task 4: Upgrade the First Oracle Internet Directory Oracle Home in the Distributed Environment
Task 5: Upgrade the First OracleAS Single Sign-On Oracle Home
Task 7: Installing Subsequent Oracle Internet Directory Instances
Task 8: Installing Subsequent OracleAS Single Sign-On Instances
Task 9: Verify the Upgrade and Decommission the 10g Release 2 (10.1.2) Oracle Homes
The following sections describe the requirements you must meet in order to upgrade from a 10g Release 2 (10.1.2) distributed OracleAS Cluster (Identity Management) configuration to a 10g (10.1.4.0.1) distributed OracleAS Cluster (Identity Management) configuration:
Before you use this procedure, note that the Identity Management instances you are upgrading must be 10g Release 2 (10.1.2) intances that were installed using the procedures documented in "Installing in High Availability Environments: OracleAS Cluster (Identity Management)" in the 10g Release 2 (10.1.2) Oracle Application Server Installation Guide.
OracleAS Identity Management consists of components that can also be installed separately:
Oracle Internet Directory (OID)
OracleAS Single Sign-On (SSO)
Oracle Delegated Administration Services (DAS)
Oracle Directory Integration Platform (DIP)
This procedure does not include support for Oracle Application Server Certificate Authority (OCA).
This procedure describes how to upgrade a distributed OracleAS Cluster (Identity Management) 10g Release 2 (10.1.2) installation, where the Identity Management components are separated into two tiers. One tier contains the Oracle Application Server Single Sign-On and Oracle Delegated Administration Services components and the second tier contains the Oracle Internet Directory and Oracle Directory Integration Platform components.
See Also: Section B.5, "Upgrading an OracleAS Cluster (Identity Management) 10g Release 2 (10.1.2) Colocated Configuration" for information about upgrading a colocated OracleAS Identity Management configuration, where all Identity management components are installed in one Oracle home. |
A distributed OracleAS Cluster (Identity Management) configuration allows administrators to install the OracleAS Single Sign-On and Oracle Delegated Administration Services components in a the DMZ and the Oracle Internet Directory on the internal network inside the firewall.
Figure B-3 shows such a distributed OracleAS Cluster (Identity Management) 10g Release 2 (10.1.2) environment.
Figure B-3 10g Release 2 (10.1.2) OracleAS Cluster (Identity Management) Distributed Upgrade Starting Point
This procedure assumes the database that hosts the OracleAS Metadata Repository is an Oracle Real Application Clusters (RAC) Database. Specifically, the procedure described in this section was tested on a two-node RAC environment. However, it is assumed that this procedure also applies to:
A single-instance database
A Real Application Clusters database consisting of more than two nodes
The requirement for Real Application Clusters is a shared-storage configuration. The implementation of the shared volume is vendor-specific. The procedures in this section should be applicable to all Operating systems and clusters but were developed and tested in a Linux environment. Specifically, the following shared storage options are supported:
Raw devices
Cluster filesystem (for example, OCFS on Linux)
Network filesystem (for example, supported NAS devices)
Although cluster and volume management software is vendor-specific, the steps and considerations provided in this section apply specifically to customers wishing to optionally implement Oracle's Automated Storage Management (ASM).
Before you begin this transformation procedure, take a complete, full software backup of everything in the Oracle Home and related directories for the OracleAS Metadata Repository and the OracleAS Identity Management instances.
In addition, shut down all processes and perform a full cold database backup of the middle tiers and Infrastructure Oracle homes.
Before you can upgrade to OracleAS Cluster (Identity Management), you must upgrade the database that hosts the OracleAS Metadata Repository to a supported database.
For detailed instructions on upgrading the database that hosts the OracleAS Metadata Repository, see Chapter 6, "Upgrading the Database That Hosts the OracleAS Metadata Repository".
Note: When applying database patchsets, be sure to carefully review the patchset README for your specific platform. The instructions for installing patchsets can vary significantly from platform to platform. For example, some platforms, such as Linux, might require you to install a specific version of Oracle Universal Installer before proceeding with the patschset installation. |
There are certain upgrade scenarios where you might have to upgrade any 10g (9.0.4) middle tiers in your Oracle Application Server environment to 10g Release 2 (10.1.2).
For more information, refer to Chapter 5, "Upgrading 10g (9.0.4) Middle Tiers to 10g Release 2 (10.1.2)".
After the database that hosts the OracleAS Metadata Repository has been upgraded to a supported version, and after any middle tiers have been upgraded to 10g Release 2 (10.1.2), you can now upgrade the first OracleAS Identity Management Oracle home in the Rack-Mounted Identity Management configuration.
When you upgrade the first OracleAS Identity Management Oracle home, you also upgrade the OracleAS Identity Management schemas in the OracleAS Metadata Repository.
Note that in a distributed OracleAS Cluster (Identity Management) configuration, the OracleAS Single Sign-On instances are clustered together in a Distributed Configuration Management (DCM) Cluster. This ensures synchronization between the configurations of the different Identity Management components on all of the Identity Management instances.
To upgrade the first Oracle Internet Directory Oracle home, use the following steps.
Note: If you are upgrading a distributed OracleAS Cluster (Identity Management) environment, be sure that the first OracleAS Identity Management instance you upgrade represents one of the OracleAS Single Sign-On Oracle homes. |
Make sure that the other OracleAS Identity Management Instances in the environment are down.
Only the Oracle Internet Directory instance that you are upgrading first should be up and running. If necessary, shut down the other OracleAS Identity Management instances.
Configure the Oracle Internet Directory Load Balancer to direct traffic only to the OracleAS Identity Management instance you are about to upgrade.
All Requests should be directed only to the Oracle Internet Directory instance you are about to upgrade. The other OracleAS Identity Management instances in the environment should be shut down.
Use the Oracle Universal Installer and the Oracle Application Server 10g (10.1.4.0.1) installation procedure to upgrade the Oracle Internet Directory instance.
Refer to Section 7.5.3, "Upgrading Distributed OracleAS Identity Management Configurations" for complete instructions on upgrading the first Oracle Internet Directory instance.
Perform any post-upgrade procedures that apply to your OracleAS Identity Management environment.
Refer to Section 9.2, "Task 2: Perform Oracle Internet Directory Post-Upgrade Steps" for more information.
Follow the steps described in Table B-6 to upgrade the first OracleAS Single Sign-On Oracle home in the distributed OracleAS Cluster (Identity Management) 10g Release 2 (10.1.2) environment.
Table B-6 Steps Required to Upgrade the First OracleAS Single Sign-On Oracle Home in a Distributed OracleAS Cluster (Identity Management) Environment
Step | Description | More Information |
---|---|---|
1 |
Start the OracleAS Single Sign-On instance that you are about to upgrade. |
Only the Oracle Internet Directory instance that you upgraded first and the current OracleAS Single Sign-On instance that you plan to upgrade next should be up and running. If necessary, shut down the other OracleAS Identity Management instances. |
2 |
Configure the OracleAS Single Sign-On Load Balancer to direct traffic only to the OracleAS Identity Management instance you are about to upgrade. |
All requests should be directed only to the OracleAS Single Sign-On instance you are about to upgrade. The other OracleAS Single Sign-On instances in the environment should be shut down. |
3 |
Use the Oracle Universal Installer and the Oracle Application Server 10g (10.1.4.0.1) installation procedure to upgrade the OracleAS Single Sign-On instance. |
Refer to Section 7.5.3, "Upgrading Distributed OracleAS Identity Management Configurations" for complete instructions on upgrading the first OracleAS Single Sign-On instance. |
4 |
Perform any post-upgrade procedures that apply to the OracleAS Single Sign-On Oracle home. |
Refer to Section 9.3, "Task 3: Perform OracleAS Single Sign-On Post-Upgrade Steps" for more information. |
5 |
Reconfigure the DCM cluster to which the OracleAS Single Sign-On instance belongs. |
Refer to Section B.5.4.2, "Task 4b: Reconfigure the DCM Cluster" and perform the steps defined in that section in the OracleAS Single Sign-On Oracle home. |
6 |
Configure the Oracle HTTP Server and OracleAS Single Sign-On to work with the newly upgraded OracleAS Single Sign-On instance. |
Refer to Section B.5.4.3, "Task 4c: Configure Oracle HTTP Server and OracleAS Single Sign-On" and perform the steps defined in that section in the OracleAS Single Sign-On Oracle home. |
7 |
Complete the upgrade of the first OracleAS Single Sign-On Oracle home. |
Refer to Section B.5.4.4, "Task 4d: Finish the Upgrade of the First OracleAS Identity Management Instance" and perform the steps in that section in the OracleAS Single Sign-On Oracle home. |
Make sure that the OracleAS Identity Management instance (including Oracle Internet Directory) that you upgraded in Section B.3.5, "Task 4: Upgrade the First OracleAS Identity Management Instance" is up and running.
If it is not running, start the Identity Management instance (including Oracle Internet Directory) as follows:
ORACLE_HOME\opmn\bin\opmnctl startall
Upgrade the Metadata Repository in the newly upgraded database as described in Chapter 8, "Using MRUA to Upgrade the OracleAS Metadata Repository", with the following exception:
On the MRUA command line, enter the address of the load balancer in place of the oid_host
and oid_ssl_port
arguments.
Note that the values you enter for the -oid_host
argument and -oid_ssl_port
arguments must match the value of the corresponding properties defined in following configuration file in the Identity Management Oracle home:
IDENTITY_MANAGEMENT_HOME/config/ias.properties
For example:
OIDhost=sys42.acme.com OIDsslport=636
When MRUA finishes processing, verify that the schemas have been upgraded, as described in Section 8.3, "Task 3: Verify the Success of the OracleAS Metadata Repository Upgrade".
After you upgrade the first Oracle Internet Directory instance, upgrade the first OracleAS Single Sign-On instance, and upgrade the OracleAS Metadata Repository, you can then install the second Oracle Internet Directory and Oracle Delegated Administration Services instance in the OracleAS Cluster (Identity Management):
Make sure that the first Oracle Internet Directory is up and running on the first OracleAS Identity Management instance.
Make sure that the OracleAS Metadata Repository database and listener are up and running.
Make sure that the Oracle Internet Directory Load Balancer is configured to direct traffic only to the first Oracle Internet Directory instance.
Install a new 10g (10.1.4.0.1) Oracle Internet Directory Oracle home by following the instructions specific to Oracle Internet Directory installation in the section "Installing OracleAS Cluster (Identity Management) on Subsequent Nodes," in the Oracle Application Server Installation Guide.
This step involves running Oracle Universal Installer and installing a new 10g (10.1.4.0.1) Oracle Internet Directory and Oracle Delegated Administration Services Oracle home. During the installation, respond to the installation prompts. In particular, be sure to do the following:
On the Select Installation Type screen, select Oracle Identity Management.
On the Select Configuration Options screen:
Select Oracle Internet Directory. Do not select Oracle Application Server Single Sign-On.
Do not select Oracle Application Server Delegated Administration Services.
Select Oracle Directory Integration Platform if you need this component.
Do not select Oracle Application Server Certificate Authority (OCA).
Select High Availability and Replication.
Reconfigure the Load Balancer and test the installation.
After a successful installation of the subsequent Oracle Internet Directory Oracle home, configure the Load Balancer to route requests to the new instance.
Repeat this procedure for any additional and subsequent Oracle Internet Directory installations that will be part of the cluster.
After you upgrade the first Oracle Internet Directory instance, upgrade the first OracleAS Single Sign-On instance, upgrade the OracleAS Metadata Repository, and install any subsequent Oracle Internet Directory instances, you can then install any subsequent OracleAS Single Sign-On instances in the OracleAS Cluster (Identity Management):
Make sure that the Oracle Internet Directory instances and the first OracleAS Single Sign-On is up and running.
Make sure that the OracleAS Metadata Repository database and listener are up and running.
Make sure that the OracleAS Single Sign-On Load Balancer is configured to direct traffic only to the first OracleAS Single Sign-On instance.
Install a new 10g (10.1.4.0.1) OracleAS Single Sign-On Oracle home by following the instructions specific to OracleAS Single Sign-On installation in the section "Installing OracleAS Cluster (Identity Management) on Subsequent Nodes," in the Oracle Application Server Installation Guide.
This step involves running Oracle Universal Installer and installing a new 10g (10.1.4.0.1) Oracle Internet Directory and Oracle Delegated Administration Services Oracle home. During the installation, answer the installation prompts. In particular, be sure to do the following points:
On the Select Installation Type screen, select Oracle Identity Management.
On the Select Configuration Options screen:
Do not select Oracle Internet Directory.
Select Oracle Application Server Single Sign-On.
Select Oracle Application Server Delegated Administration Services.
Select Oracle Directory Integration Platform if you need this component.
Do not select Oracle Application Server Certificate Authority (OCA).
Select High Availability and Replication.
On the Create or Join an OracleAS Cluster (Identity Management) page, select Join an Existing Cluster.
On the Specify Existing OracleAS Cluster Name screen enter the name of the Oracle Identity Management cluster you want to join.
On the Specify HTTP Load Balancer Host and Ports screen, be sure to enter the same values for every OracleAS Single Sign-On node in the cluster:
HTTP Listener: Port: Enter the port number that you want Oracle HTTP Server to listen on. Enable SSL: Select this option if you want to configure Oracle HTTP Server for SSL on this port.
HTTP Load Balancer: Hostname: Enter the name of the HTTP virtual server configured on your load balancer. Enter the same virtual server name that you configured on the load balancer.
HTTP Load Balancer: Port: Enter the port for the HTTP virtual server. Enable SSL: Select this option if this port is for SSL communications only.
Reconfigure the Load Balancer and test the installation.
After a successful installation of the subsequent Oracle Internet Directory Oracle home, configure the Load Balancer to route requests to the new instance.
Repeat this procedure for any additional and subsequent Oracle Internet Directory installations that will be part of the cluster.
After you have upgraded the first Oracle Identity Management instance in the cluster and you have added the remaining cluster members, you can then verify that the upgrade was successful and then decommission the 10g Release 2 (10.1.2) Oracle homes.
For more information, refer to Chapter 10, "Verifying the Upgrade and Decommissioning the Source Oracle Homes".