| Oracle® Identity Manager Installation and Upgrade Guide for WebLogic Release 9.0 B28761-01 |
|
 Previous |
| Oracle® Identity Manager Installation and Upgrade Guide for WebLogic Release 9.0 B28761-01 |
|
Previous |
Use the additional information in this Appendix as a supplement the information in Chapter 13, "Upgrading to Oracle Identity Manager 9.0.1 from Versions 8.5.2 or 8.5.3" when performing the upgrade.
User Profile Audit is one of the new features introduced in Oracle Identity Manager 9.0.1. For performance reasons, User Profile Audit tables are placed in a separate file group called XELL_UPA, which must be created by your database administrator before you upgrade Oracle Identity Manager. Complete the following steps to create the new file group.
From the Windows Start Menu, select Programs, select Microsoft SQL Server, then select Enterprise Manager.
In the left pane of the SQL Server Enterprise Manager application window, select Console Root, select Microsoft SQL Servers. select the server group to which your server belongs, then double-click the icon representing the server on which your database is running.
Double-click Databases, right-click the database that needs to be upgraded, then click Properties.
Click the Data Files tab, specify the filename and location of the .NDF file as well as the amount of space allocated for this file.
Add a new filegroup named XELL_UPA.
Click OK.
The upgrade package includes command line scripts that will upgrade the Oracle Xellerate Identity Provisioning 8.5.x SQL Server database and associated stored procedures to Oracle Identity Manager 9.0.1. These command line scripts execute a set of SQL Server scripts through the OSQL interface on the SQL Server database. All the command line scripts take the following five parameters.
Table A-1 Parameters for Command Line Scripts
| Arguments | Description |
|---|---|
|
<server-name[\instance-name]> |
The name of the server under the ÒSQL Server GroupÓ in Enterprise Manager. \instance-name represents the instance running under the server. |
|
<db-user> |
The database user ID |
|
<password> |
The password of db-user |
|
<db-name> |
The name of the database |
|
<script-location> |
The absolute path to the command line script |
For Example:
To upgrade the database, run the batch file <Patch>/Database/SQLServer/Scripts/upg_852_853_to_901.bat with the following command-line arguments:
<Patch>/Database/SQLServer/Scripts/upg_852_853_to_901.bat<server-name[\instance-name]> <db-user> <password> db-name><Patch>/Database/SQLServer/Scripts
To compile the new stored procedures, run <Patch>/Database/SQLServer/StoredProcedures/compile_all_XL_SP.bat with the following command-line arguments:
<Patch>/Database/SQLServer/StoredProcedures/compile_all_XL_SP.bat <server-name[\instance-name]> <db-user> <password> <db-name> <Patch>/Database/SQLServer/StoredProcedures
To enable the Oracle Identity Manager Audit and Compliance module, run the batch file <Patch>/Database /SQLServer/Scripts/SQLServer_Enable_XACM.bat, with the following command-line arguments:
SQLServer_Enable_XACM.bat <server-name[\instance-name]> <db-user> <password> <db-name> <Patch>/Database/SQLServer/Scripts
You must load certain metadata into your database by completing the following steps:
As appropriate for the operating system of the machine hosting your Oracle Identity Manager server, edit either LoadXML.bat or LoadXML.sh located in <Patch>/Database/Utilities/, and update the JAVA_HOME variable.
As appropriate for your database and operating system of the machine hosting your Oracle Identity Manager server, complete one of the following sub-steps:
SQL Server and Windows
Launch a plain-text editor, open the file LoadXML.bat, and uncomment the following line:
REM SET SQL_SERVER_DRIVER_DIR=
Assign the path to the SQL Server driver directory that contains the msbase.jar, msutil.jar and mssqlserver.jar files:
SET SQL_SERVER_DRIVER_DIR=<PATH_TO_SQL_DRIVER>
Oracle and Windows
Launch a plain-text editor, open the file LoadXML.bat, and uncomment the following line:
REM SET ORACLE_DRIVER_DIR=
Assign the path to the Oracle driver directory containing the Oracle JDBC drivers:
SET ORACLE_DRIVER_DIR=<PATH_TO_ORACLE_DRIVER>
Oracle and UNIX
Launch a plain-text editor, open the file LoadXML.sh, then uncomment the following lines:
#ORACLE_DRIVER_DIR=#export ORACLE_DRIVER_DIR
Assign the path to the JDBC driver for Oracle, so that the line reads something like the following:
ORACLE_DRIVER_DIR=<PATH_TO_ORACLE_DRIVER>export ORACLE_DRIVER_DIR
Open a command prompt or console and run the <Patch>/Database/Utilities/LoadXML.bat or LoadXML.sh script with the following command line parameters in the specified order for the type of database you are using:
Oracle
JDBC URL (example: jdbc:oracle:thin:@<db_host_ip>:<port>:<SID>)
Database user name
Password
SQL Server
JDBC URL (example: jdbc:microsoft:sqlserver://<ipaddress>:<port>)
Database name
Database user name
Password
The primary configuration file for Oracle Identity Manager, which is named xlconfig.xml, has been updated for the 9.0.1 release. If you are upgrading from Oracle Xellerate Identity Provisioning version 8.5.x to Oracle Identity Manager 9.0.1, you must add or modify parameters in this file as follows:
Launch a plain-text editor, then open xlconfig.xml, which resides in the directory <XL_HOME>/xellerate/config/.
Locate the tag <xl-configuration>.<Offlining>. .<MessageHandlerMDB>.<message-handler-task>
|
Note: Refer to Table 1-1, ÒFormatting Conventions,Ó on page 2 for more information on identifying and locating xml tags. |
Insert the following block of lines:
<AuditorOfflineMessage>com.thortech.xl.audit.engine.jms.XLAuditMessageHandler</AuditorOfflineMessage> <AttestationRequestMessage>com.thortech.xl.schedule.jms.attestation.processOfflinedAttestationRequests</AttestationRequestMessage> <AttestationTaskMessage>com.thortech.xl.schedule.jms.attestation.processOfflinedAttestationTasks</AttestationTaskMessage> <AttestationWorkflowTaskMessage>com.thortech.xl.schedule.jms.attestation.processOfflinedAttestationWorkflowTasks</AttestationWorkflowTaskMessage> <ProcessOfflineMessage>com.thortech.xl.schedule.jms.processOfflineProcesses.processOfflinedProvisioningProcesses</ProcessOfflineMessage> <ProcessTaskOfflineMessage>com.thortech.xl.schedule.jms.processTaskOffline.processOfflinedProcessTask</ProcessTaskOfflineMessage>
after the string:
<xl-configuration>.<Offlining>.<MessageHandlerMDB>.<message-handler-task>.<ReconOfflineMessage>.
but before the string:
<xl-configuration>.<Offlining>.<MessageHandlerMDB>.<message-handler-task>.<TestMessage>.
Locate the configuration parameter <xl-configuration>.<Offlining>, then navigate to the space that starts after the following string:
<xl-configuration>.<Offlining>.</recon_offline_queue>
and before the following string:
<xl-configuration>.<Offlining>.<test_queue>
|
Note: Refer to Table 1-1, ÒFormatting Conventions,Ó on page 2 for more information on identifying and locating xml tags. |
Insert the following block of lines into the space between the preceding two strings:
<auditor_offline_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</auditor_offline_queue>
<attestation_request_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</attestation_request_queue>
<attestation_task_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</attestation_task_queue>
<attestation_workflow_task_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</attestation_workflow_task_queue>
<process_offline_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</process_offline_queue>
<process_task_offline_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</process_task_offline_queue>
Add the XML tag <BlockMode> ECB </BlockMode> under the following two locations:
<xl-configration>.<Security>.<XLSymmetricProvider>.<Keys>.<DBSecretKey>
<xl-configration>.<Security>.<XLSymmetricProvider>.<Keys>.<JMSKey>
Locate the following XML tag:
<xl-configuration>.<RMSecurity>.<LoggerConfigFilePath>
Change it to the following value:
<XL_RM_HOME>/xlremote/config/log.properties
Save and close the file.
The metadata file containing information related to user interface forms has been updated for Oracle Identity Manager 9.0.1. Complete the following steps to configure this metadata file:
Launch a plain-text editor, then open the file FormMetaData.xml, which resides in the directory <XL_HOME>/xellerate/config/.
Locate the XML element <FormManagementMetaData>.<Attribute name="-30">.
Change the value of dataLength from 256 to 30. For example, change something like the following string:
<Attribute name="-30" label="Group Name" displayComponentType="TextField" variantType="String" dataLength="256" map="Groups.Group Name" />
to something like the following:
<Attribute name="-30" label="Group Name" displayComponentType="TextField" variantType="String" dataLength="30" map="Groups.Group Name" />
Navigate to the end of the file, then locate the following line:
</FormManagementMetaData>
Insert the following block preceding the </FormManagementMetaData> line. (In other words, the inserted block should become the last XML elements under the document root <FormManagementMetaData>).
This is the block to insert:
<!-- List of attributes that will be displayed in the "Attestation Wizard" --> <Attribute name="-31" label="Groups" displayComponentType="LookupField" variantType="long" dataLength="50" map="Groups.Group Name"> <ValidValues lookupMethod="findGroups" operationClass="Thor.API.Operations.tcGroupOperationsIntf" displayColumns="Groups.Group Name" selectionColumn="Groups.Group Name" permission="write"/> </Attribute> <Attribute name="-32" label="Groups1" displayComponentType="LookupField" variantType="long" dataLength="50" map="Groups.Group Name"> <ValidValues lookupMethod="findGroups" operationClass="Thor.API.Operations.tcGroupOperationsIntf" displayColumns="Groups.Group Name" selectionColumn="Groups.Group Name"/> </Attribute> <Attribute name="-33" label="Resources" displayComponentType="LookupField" variantType="long" dataLength="50" map="Objects.Name"> <ValidValues lookupMethod="findObjects" operationClass="Thor.API.Operations.tcObjectOperationsIntf" displayColumns="Objects.Name" selectionColumn="Objects.Name"/> </Attribute> <Attribute name="-34" label="Users" displayComponentType="LookupField" variantType="long" dataLength="50" map="Users.User Name"> <ValidValues lookupMethod="getActiveUsers" operationClass="Thor.API.Operations.tcUserOperationsIntf" displayColumns="Users.User ID,Users.Last Name,Users.First Name" selectionColumn="Users.User ID" permission="write"/> </Attribute>
The primary configuration file for the Remote Manager has been updated for the 9.0.1 release. If you are upgrading from Oracle Xellerate Identity Provisioning version 8.5.x to Oracle Identity Manager 9.0.1, you must add or modify parameters in the file xlconfig.xml, as detailed in the following sub-sections.
Complete the following steps to add JMS-related parameters to the Remote Manager configuration file:
Launch a plain-text editor, then open xlconfig.xml, which resides in the directory <XL_RM_HOME>/xlremote/config.
Locate the parameter <xl-configuration>.<Offlining>, then find the line:
<xl-configuration>.<Offlining>.<MessageHandlerMDB>.<message-handler-task>
Insert the following block:
<AuditorOfflineMessage>com.thortech.xl.audit.engine.jms.XLAuditMessageHandler</AuditorOfflineMessage> <AttestationRequestMessage>com.thortech.xl.schedule.jms.attestation.processOfflinedAttestationRequests</AttestationRequestMessage> <AttestationTaskMessage>com.thortech.xl.schedule.jms.attestation.processOfflinedAttestationTasks</AttestationTaskMessage> <AttestationWorkflowTaskMessage>com.thortech.xl.schedule.jms.attestation.processOfflinedAttestationWorkflowTasks</AttestationWorkflowTaskMessage> <ProcessOfflineMessage>com.thortech.xl.schedule.jms.processOfflineProcesses.processOfflinedProvisioningProcesses</ProcessOfflineMessage> <ProcessTaskOfflineMessage>com.thortech.xl.schedule.jms.processTaskOffline.processOfflinedProcessTask</ProcessTaskOfflineMessage>
after the following line:
<xl-configuration>.<Offlining>.<MessageHandlerMDB>.<message-handler-task>.<ReconOfflineMessage>
and preceding the following line:
<xl-configuration>.<Offlining>.<MessageHandlerMDB>.<message-handler-task>.<TestMessage>
Locate the following parameter:
<xl-configuration>.<Offlining>
Insert the following block:
<auditor_offline_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</auditor_offline_queue>
<attestation_request_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</attestation_request_queue>
<attestation_task_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</attestation_task_queue>
<attestation_workflow_task_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</attestation_workflow_task_queue>
<process_offline_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</process_offline_queue>
<process_task_offline_queue>
<queueName>queue/xlQueue</queueName>
<autoAcknowledge>true</autoAcknowledge>
<replyTo></replyTo>
<persistentFlag>true</persistentFlag>
<disableMessageId>true</disableMessageId>
<disableTimeStampe>false</disableTimeStampe>
<messageEncrypt>false</messageEncrypt>
</process_task_offline_queue>
after the following line:
<xl-configuration>.<Offlining>.</recon_offline_queue>
and preceding the following line:
<xl-configuration>.<Offlining>.<test_queue>
|
Note: Refer to Table 1-1, ÒFormatting Conventions,Ó on page 2 for more information on identifying and locating xml tags. |
Save and close the file.
To update Remote Manager-related configuration parameters.
Launch a plain-text editor, then open xlconfig.xml, which resides in the directory <XL_RM_HOME>/xlremote/config.
Locate the tag:
<xl-configuration>.<RMSecurity>.<LoggerConfigFilePath>
and change it to the following value:
<XL_RM_HOME>/xlremote/config/log.properties
