5 Database Setup

Oracle Identity Manager requires a database. You must have your database set up and installed before you begin the Oracle Identity Manager installation. Refer to the section that applies to your particular database:

• "Setting Up the Oracle Database"

• "Setting Up the SQL Server"

Setting Up the Oracle Database

To use Oracle for your database, you must:

1. Install Oracle—see "Installing Oracle" for more information.

2. Create an Oracle database—see "Creating an Oracle Database" for more information.

3. Prepare the Database—see "Preparing the Oracle Database" for more information.

Installing Oracle

Install Oracle9i or 10g Release 2 (see "Supported Databases" for the specific supported databases). Oracle recommends using the Typical installation.

Note: If you choose a Custom installation, you must include the JVM option, which is required for XA transaction support.

Creating an Oracle Database

You need to create a new Oracle database instance for Oracle Identity Manager. When creating the database, make sure to configure the Oracle JVM feature and enable query rewrite.

You can use the Database Configuration Assistant (DBCA) tool to create the database. To configure the Oracle JVM feature, select the Oracle JVM feature on the Standard Database Features page of the DBCA.

To enable the database for query rewrite, set the init.ora parameters QUERY_REWRITE_ENABLED to TRUE and QUERY_REWRITE_INTEGRITY to TRUSTED in the "All Initialization Parameters" screen of the DBCA.

Consult Oracle documentation for detailed instructions on creating a database instance.

Preparing the Oracle Database

Once you have installed Oracle and created a database instance, you must prepare it for Oracle Identity Manager by completing the following tasks:

• Verify that query rewrites is enabled

• Enable XA transactions support

  
  

  Note: The Java JVM is required to enable XA transaction support. If you did not install the JVM during your Oracle installation, you must install it now. Consult Oracle documentation for specific instructions.

  
  

• Create at least one tablespace for storing Oracle Identity Manager data

• Create a database user account for Oracle Identity Manager

You can perform the preceding tasks to prepare your Oracle database for Oracle Identity Manager by running one of the following scripts:

• prepare_xl_db.sh (for Unix)

• prepare_xl_db.bat (for Windows)

Both of these scripts ship with the Oracle Identity Manager installation and reside in the directory \installServer\Xellerate\db\oracle\.

You must observe the following prerequisites when using these scripts:

• The script must be run by the user holding dba privilege (For example, the oracle user on Unix typically holds these privileges).

• The script must be run on the machine where the database resides.

To prepare your Oracle database for Oracle Identity Manager, complete the steps associated with the operating system on the machine hosting your Oracle database:

Unix:

1. Copy the scripts prepare_xl_db.sh and xell_db_prepare.sql from the distribution CD to a directory on the machine hosting your database where you (as the account user performing this task) have write permission.

2. Run the following command to enable execute permission for the script:

   $ chmod 755 prepare_xl_db.sh

3. Run the script prepare_xl_db.sh by entering the following command:

   $ ./prepare_xl_db.sh

4. Provide information appropriate for your database and host machine when the script prompts you for the following items:

   1. The location of your Oracle home (ORACLE_HOME)

   2. The name of your database (ORACLE_SID)

   3. The name of the Oracle Identity Manager database user to be created

   4. The password for the Oracle Identity Manager database user

   5. The name of the tablespace to be created for storing Oracle Identity Manager data

   6. The directory in which to store the data file for the Oracle Identity Manager tablespace

   7. The name of the data file (you do not need to append the .dbf extension)

   8. The name of the temporary tablespace.

5. Check the prepare_xell_db.lst log file located in the directory where you ran the xell_db_prepare script from to see execution status and additional information.

Windows:

1. Copy the scripts prepare_xl_db.bat and xell_db_prepare.sql from the distribution CD to a directory on the machine hosting your database where you (as the account user performing this task) have write permission.

2. Open a command window, navigate to the directory where you just copied the scripts, then run prepare_xl_db.bat with the following arguments:

   prepare_xl_db.bat <ORACLE_SID> <ORACLE_HOME> <XELL_USER> <XELL_USER_PWD> <TABLESPACE_NAME> <DATAFILE_DIRECTORY> <DATAFILE_NAME> <XELL_USER_TEMP_TABLESPACE> <SYS_USER_PASSWORD>

   For example, the string you type on the command line might look something like the following:

   prepare_xl_db.bat XELL C:\oracle\ora92 xladm xladm xeltbs C:\oracle\oradata xeltbs_01 TEMP manager

   where, XELL is the database name, ÒC:\oracle\ora92Ó is ORACLE_HOME, xladm is the name of the Oracle Identity Manager user to be created, xladm is the password for the Oracle Identity Manager user, xeltbs is the name of the tablespace to be created, ÒC:\oracle\oradataÓ is the directory where the datafiles will be placed, xeltbs_01 is the name of the datafile (you do not need to give .dbf extension), TEMP is the name of the temporary tablespace that already exists in your database, and manager is the password for the SYS user.

3. Check the prepare_xell_db.lst log file located in the directory where you ran the xell_db_prepare script from to see execution status and additional information

If the script returns a message indicating successful execution, you can continue to the next task, which is Oracle Identity Manager installation.

If the script does not succeed, you must manually fix all fatal errors so that the database is prepared successfully.

You can ignore non-fatal errors. For example, when the script tries to drop a non-existent view, it will return the error "ORA-00942: table or view does not exist". This can be ignored without adverse consequences.

Make sure to scan all the errors in the log file and ignore or resolve them on an individual basis. Remember that you must successfully prepare the database for Oracle Identity Manager before you can install Oracle Identity Manager.

Setting Up the SQL Server

To use SQL Server for your database, you must:

1. Install and configure SQL Server—see "Installing and Configuring SQL Server" for more information.

2. Register your SQL Server—see"Registering SQL Server" for more information.

3. Create a database for Oracle Identity Manager—see "Creating an SQL Server Database" for more information.

4. Create a database account for Oracle Identity Manager—see "Creating an SQL Server Database Account" for more information.

After you have completed these tasks, proceed to install Oracle Identity Manager.

Installing and Configuring SQL Server

To install and configure SQL Server for Oracle Identity Manager, complete the following steps:

1. Install Microsoft SQL Server 2000 with Service Pack 3a.

   During installation, choose mixed authentication mode, then set the password to sa.

   
   

   Note: Perform steps 2–4 on the machine hosting the application server.

   
   

2. Download the SQL Server 2000 Driver for JDBC Service Pack 3 from the following Web site:

   http://www.microsoft.com

3. Install SQL Server 2000 Driver for JDBC Service Pack 3

   
   

   Note: Make sure to specify a short path for the installation folder, such as C:\JDBCjars, so that you can easily add the path to your CLASSPATH. (See next step). If your classpath is more than 256 characters, the installer does not work properly.

   
   

4. Locate the JDBC driver files (mssqlserver.jar, msbase.jar, and msutil.jar). Add their location to the system CLASSPATH environment variable. If the CLASSPATH environment variable does not exist, you must create it. The string you add should look something like the following:

   C:\<jdbc_install_folder>\lib\mssqlserver.jar;

   C:\<jdbc_install_folder>\lib\msbase.jar;

   C:\<jdbc_install_folder>\lib\msutil.jar

   where <jdbc_install_folder> is the location where the SQL Server 2000 Driver for JDBC files are installed.

5. Enable distributed transactions by installing SQL Server JDBC XA procedures. This involves copying the sqljdbc.dll file in the <SQLServer JDBC Driver>\ SQLServer JTA\ directory to the following directory:

   C:\Program Files\Microsoft SQl Server\MSSQL\Binn

6. Run the script instjdbc.sql. Follow the instructions for installing stored procedures for Java Transaction APIs (JTA). These instructions are bundled with the SQL Server 2000 Driver for JDBC (see the help file jdbcsqlsrv9.html)

7. Make sure the Distributed Transaction Coordinator (MSDTC) service for your SQL Server is running. If necessary, use the SQL Server Service Manager to start it.

Registering SQL Server

1. Start the Microsoft SQL Server Enterprise Manager application. From the Windows Start Menu, select Programs, select Microsoft SQL Server, then select Enterprise Manager.

2. In the left pane of the SQL Server Enterprise Manager application window, select Console Root, then select Microsoft SQL Servers.

3. Right-click SQL Server Group and select New SQL Server Registration.

4. In the Register SQL Server Wizard dialog, click Next.

5. On the Select a SQL Server page, perform on of the three following sub-steps:

   1. Select your server from the list in the right pane, click Add, then click Next.

   2. Select LOCAL, then click Add, then click Next.

   3. Type the host name of your server in the text entry box, click Add, then click Next.

6. On the Select an Authentication Mode page, select The SQL Server login information that was assigned to me by the administrator [SQL Server Authentication], then click Next.

7. On the Register Connection Option page, select Login automatically using my SQL server account information, then complete the following sub-steps

   1. In the text box labelled Login name, type the account name used to connect to your SQL server. Typically, this is sa.

   2. In the Password text box, type the password associated with the account name you specified, then click Next.

8. On the Select SQL Server Group page, select Add the SQL Server(s) to an existing SQL Server Group, select a group from the drop-down list labelled Group name, then click Next.

9. On the Completing the Register SQL Server Wizard page, click Finish, then click Done.

Creating an SQL Server Database

Complete the following steps to create a new database for Oracle Identity Manager:

1. Start the Microsoft SQL Server Enterprise Manager application. From the Windows Start Menu, select Programs, select Microsoft SQL Server, then select Enterprise Manager.

2. In the left pane of the SQL Server Enterprise Manager application window, select Console Root, select Microsoft SQL Servers, select the server group to which your server belongs, then double-click the icon representing your server.

3. Right-click Databases, then select New Database.

4. In the Database Properties dialog, select the General tab, then type XELL in the text box labelled Name.

   
   

   Note: You are not required to use XELL as the name for the database. This document refers to the name of the database as XELL throughout.

   
   

5. Select the Data Files tab, then, for the Initial Size and Filegroup columns in the Database files matrix, enter the information from the corresponding columns in Table 5-1.

   
   

   Note: Table 5-1 lists initial sizes for a production environment. For non-production installations, you can use the default initial sizes provided for the filegroups.

   
   

   Table 5-1 Database Files

   File Name	Initial Size	Filegroup Name	Content
   XELL_PRIMARY	100	PRIMARY	System objects required for SQL Server operation
   XELL_DATA	500	XELL_DATA	Physical data and primary keys
   XELL_INDEX	300	XELL_INDEX	Indexes
   XELL_TEXT	500	XELL_TEXT	Large text fields
   XELL_UPA	1000	XELL_UPA	Keys for the User Profile Audit component

   
   
   
   

   Important: To ensure successful installation of Oracle Identity Manager, filegroup names must be entered exactly as they appear in Table 5-1. You can vary the File Name and Location strings to match the database name and the location of your SQL Server installation.

   
   

   1. Select Automatically Grow File.

   2. Select By Percent, then type 10 in the associated text box.

   3. Select Unrestricted file growth.

      
      

      Tip: The PRIMARY filegroup contains the system objects required for SQL Server to operate. The XELL_DATA filegroup stores the physical data and primary keys, XELL_INDEX filegroup stores indexes, XELL_TEXT stores large text fields and XELL_UPA stores physical data and primary keys of the User Profile Audit component.

      
      

6. Select the Transaction Log tab, then change the initial size to 500MB. Leave all the other options on the tab at their default values.

   
   

   Note: For non-production installations you can use the default initial size for the log file.

   
   

7. Click OK to trigger database creation.

Creating an SQL Server Database Account

Complete the following procedure to create a database account for Oracle Identity Manager and assign appropriate permissions to that account:

Note: The following procedure assumes the account name Òxladm.Ó If you want an account name other than xladm, make sure to specify that login instead of xladm throughout the following procedure and also when installing Oracle Identity Manager

1. Launch the Microsoft SQL Server Enterprise Manager application. From the Windows Start Menu, select Programs, select Microsoft SQL Server, then select Enterprise Manager.

2. In the left pane of the SQL Server Enterprise Manager application window, select Console Root, select Microsoft SQL Servers, select the server group to which your server belongs, then double-click the icon representing your server.

3. Select Security, right-click Logins, then select New Login.

4. In the SQL Server Login Properties dialog, select the General tab. In the Name field type xladm (or whatever account name you prefer).

5. Select SQL Server Authentication, then type the password associated with the account you specified in the Password text box.

6. In the Database combo box within the Defaults section, select XELL from the drop-down list. Leave the Language text box set to <default>.

7. Select the Database Access tab. In the upper panel, select the check box associated with XELL.

8. In the lower panel, select the check-boxes associated with all of the following:

   • public

   • db_owner

   • db_accessadmin

   • db_securityadmin

   • db_ddladmin

   • db_datareader

   • db_datawriter

9. Click OK to commit your changes. When prompted, confirm the password and click OK.

10. To check your database settings, right-click the icon representing your server, then select Properties from the shortcut menu.

11. On the SQL Server Properties page, select the Security tab, then verify that Authentication is set to SQL Server and Windows.

12. Click the General tab, then verify that the check boxes associated with Autostart SQL Server and Autostart MSDTC are selected. If Autostart SQL Server Agent is selected, do not change the existing setting, because that setting may be required by other applications. Click OK to close the SQL Server Properties page.