Skip Headers
Oracle® Application Server Enterprise Deployment Guide
10g Release 3 (10.1.3.2.0)
Part Number B32125-02
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to next page
Next
View PDF

2 Configuring the Data Tier

Installing the Oracle Application Server Metadata Repository for the Security Infrastructure

Installing the Oracle Internet Directory Instances in the Data Tier

Configuring the Virtual Server to Use the Load Balancing Router

Testing the Oracle Internet Directory Instances

Installing the Oracle Application Server Metadata Repository for the Security Infrastructure

You must install the 10g(10.1.4.0.1) OracleAS Metadata Repository into the Real Application Clusters database before you install components into the Security DMZ. Oracle Application Server provides a tool, the Oracle Application Server Repository Creation Assistant, to create the OracleAS Metadata Repository in an existing database.

The 10g (10.1.4.0.1) OracleAS RepCA is available on the OracleAS RepCA CD-ROM or the Oracle Application Server DVD-ROM. You install the OracleAS RepCA in its own, separate Oracle home.

To install and execute the OracleAS Metadata Repository, you must perform these steps:

  1. Install the OracleAS RepCA into the Real Application Clusters database, following the steps in the Oracle Application Server Metadata Repository Creation Assistant User's Guide for Microsoft Windows for the platform you are using. You can find this guide in the Oracle Application Server documentation library (Getting Started tab).

  2. Ensure that the database meets the requirements specified in the "Database Requirements" section of the Oracle Application Server Metadata Repository Creation Assistant User's Guide for Microsoft Windows. In addition, ensure that the database computer has at least 512 MB of swap space available for execution of the OracleAS RepCA

  3. Execute the OracleAS RepCA.

    The RepCA creates the schemas listed in the Oracle Application Server Metadata Repository Creation Assistant User's Guide for Microsoft Windows.

  4. Perform the post-installation step described in Chapter2.

Configuring the Time out Value in the sqlnet.ora File

You must configure the SQLNET.EXPIRE_TIME parameter in the sqlnet.ora file on the application infrastructure database.

  1. Open the file ORACLE_HOME/network/admin/sqlnet.ora file (UNIX) or the ORACLE_BASE/ ORACLE_HOME/network/admin/sqlnet.ora file (Windows).

  2. Set the SQLNET.EXPIRE_TIME parameter to a value lower than the TCP session time out value for the Load Balancing Router and firewall.

  3. Restart the listener by issuing these commands in ORACLE_HOME/bin:

    lsnrctl stop

    lsnrctl start

Installing the Oracle Internet Directory Instances in the Data Tier

Follow these steps to install the Oracle Internet Directory components (OIDHOST1 and OIDHOST2) on the Data Tier with the Metadata Repository. The procedures for the installations are very similar, but the selections in the configuration options screen differ.

Note:

Ensure that the clocks are synchronized between the two computers on which you intend to install the Oracle Internet Directory instances. Errors will occur if this is not done.

Installing the First Oracle Internet Directory Instance

The OracleAS Metadata Repository must be running before you perform this task. Follow these steps to install the 10g (10.1.4.0.1)Oracle Internet Directory on OIDHOST1:

  1. Ensure that the system, patch, kernel and other requirements are met. These are listed in the Oracle Application Server Quick Installation Guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Ensure that ports 389 and 636 are not in use by any service on the computer by issuing these commands for the operating system you are using. (If the port is not in use, no output is returned from the command.)

    On UNIX:

    netstat -an | grep "389"

    netstat -an | grep "636"

    On Windows:

    netstat -an | findstr :389

    netstat -an | findstr :636

    If the port is in use (if the command returns output identifying the port), you must free the port.

    In UNIX:

    Remove the entries for ports 389 and 636 in the /etc/services file and restart the services, or restart the computer.

    In Windows:

    Stop the component that is using the port.

  3. Copy the staticport.ini file from the Disk1/stage/Response directory to the Oracle home directory.

  4. Edit the staticport.ini file to assign the following custom ports:

    Oracle Internet Directory port = 389
Oracle Internet Directory (SSL) port = 636

  5. Start the Oracle Universal Installer as follows:

    On UNIX, issue this command: runInstaller

    On Windows, double-click setup.exe

    The Welcome screen appears.

  6. Click Next.

    On UNIX systems, the Specify Inventory Directory and Credentials screen appears.

  7. Specify the directory you want to be the oraInventory directory and the operating system group that has permission to write to it.

  8. Click Next.

    On UNIX systems, a dialog appears, prompting you to run the oraInstRoot.sh script.

  9. Open a window and run the script, following the prompts in the window.

  10. Return to the Oracle Universal Installer screen and click Next.

    The Specify File Locations screen appears with default locations for:

    • The product files for the installation (Source)

    • The name and path to an Oracle home (Destination)

      • Note:

        It is a good idea to make the Oracle home directory path for OIDHOST1 the same as the path to the Oracle home location of OIDHOST2. For example, if the path to the Oracle home on OIDHOST1 is:

        /u01/app/oracle/product/AS10gOID

        then the path to the Oracle home on OIDHOST2 should be:

        /u01/app/oracle/product/AS10gOID

  11. Specify the Destination Name and Path, if different from the default, and click Next.

    The Select a Product to Install screen appears.

  12. Select OracleAS Infrastructure 10g and click Next.

    The Select Installation Type screen appears.

  13. Select Identity Management and click Next.

    The Upgrade Existing Oracle Application Server (10.1.2) Infrastructure screen appears.

  14. Select Install New Oracle Application Server Infrastructure 10g (10.1.4.0.1) and click Next.

    The Product-Specific Prerequisite Checks screen appears.

  15. Click Next.

    The Confirm Pre-Installation Requirements screen appears.

  16. Ensure that the requirements are met, check the box for each, and click Next.

    The Select Configuration Options screen appears.

  17. Select Oracle Internet Directory, OracleAS Directory Integration and Provisioning, and High Availability and Replication and click Next.

    The Specify Port Configuration Options screen appears.

  18. Select Manual and click Next.

    The Specify Repository screen appears.

  19. Provide the DBA login and computer information and click Next.

    Note:

    The syntax for the hostname and port field for a RAC database is: 
    infradbhost1.mycompany.com:1521^infradbhost2.mycompany.com:1521^

    The Select High Availability or Replication Option screen appears.

  20. Select OracleAS Cluster (Identity Management) and click Next.

    The Specify Namespace in Internet Directory screen appears.

  21. Click Next to specify the default Suggested Namespace, or enter values for the Custom Namespace and click Next.

    The Specify Instance Name and ias_admin Password screen appears.

  22. Specify the instance name and password and click Next.

    The Summary screen appears.

  23. Review the selections to ensure that they are correct (if they are not, click Back to modify selections on previous screens), and click Install.

    The Install screen appears with a progress bar. On UNIX systems, a dialog opens prompting you to run the root.sh script.

  24. Open a window and run the script.

    The Configuration Assistants screen appears. Multiple configuration assistants are launched in succession; this process can be lengthy. When it completes, the End of Installation screen appears.

  25. Click Exit, and then confirm your choice to exit.

Installing the Second Oracle Internet Directory Instance

The OracleAS Metadata Repository and the first Oracle Internet Directory instance must be running before you perform this task. Follow these steps to install the 10g Release 2 (10.1.2) Oracle Internet Directory on OIDHOST2:

  1. Ensure that the system, patch, kernel and other requirements are met. These are listed in the Oracle Application Server Quick Installation Guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Ensure that ports 389 and 636 are not in use by any service on the computer by issuing these commands for the operating system you are using. (If the port is not in use, no output is returned from the command.)

    On UNIX:

    netstat -an | grep "389"

    netstat -an | grep "636"

    On Windows:

    netstat -an | findstr :389

    netstat -an | findstr :636

    If the port is in use (if the command returns output identifying the port), you must free the port.

    In UNIX:

    Remove the entries for ports 389 and 636 in the /etc/services file and restart the services, or restart the computer.

    In Windows:

    Stop the component that is using the port.

  3. Copy the staticport.ini file from the Disk1/stage/Response directory to the Oracle home directory.

  4. Edit the staticport.ini file and uncomment, and update these entries:

    Oracle Internet Directory port = 389
Oracle Internet Directory (SSL) port = 636

  5. Start the Oracle Universal Installer as follows:

    On UNIX, issue this command: runInstaller

    On Windows, double-click setup.exe

    The Welcome screen appears.

  6. Click Next.

    On UNIX systems, the Specify Inventory Directory and Credentials screen appears.

  7. Specify the directory you want to be the oraInventory directory and the operating system group that has permission to write to it.

  8. Click Next.

    On UNIX systems, a dialog appears, prompting you to run the oraInstRoot.sh script.

  9. Open a window and run the script, following the prompts in the window.

  10. Return to the Oracle Universal Installer screen and click Next.

    The Specify File Locations screen appears with default locations for:

    • The product files for the installation (Source)

    • The name and path to an Oracle home (Destination)

      Note:

      It is a good idea to make the Oracle home directory path for OIDHOST1 the same as the path to the Oracle home location of OIDHOST2. For example, if the path to the Oracle home on OIDHOST1 is:

      /u01/app/oracle/product/AS10gOID

      then the path to the Oracle home on OIDHOST2 should be:

      /u01/app/oracle/product/AS10gOID

  11. Specify the Destination Name and Path, if different from the default, and click Next.

    The Select a Product to Install screen appears.

  12. Select OracleAS Infrastructure 10g and click Next.

    The Select Installation Type screen appears.

  13. Select Identity Management and click Next.

    The Upgrade Existing Oracle Application Server (10.1.2) Infrastructure screen appears.

  14. Select Install New Oracle Application Server Infrastructure 10g (10.1.4.0.1) and click Next.

    The Product-Specific Prerequisite Checks screen appears.

  15. Click Next.

    The Confirm Pre-Installation Requirements screen appears.

  16. Ensure that the requirements are met, check the box for each, and click Next.

    The Select Configuration Options screen appears.

  17. Select Oracle Internet Directory, OracleAS Directory Integration and Provisioning, and High Availability and Replication and click Next.

    The Specify Port Configuration Options screen appears.

  18. Select Manual and click Next.

    The Specify Repository screen appears.

  19. Provide the DBA login and computer information and click Next.

    Note:

    The syntax for the hostname and port field for a RAC database is: 
    infradbhost1.mycompany.com:1521^infradbhost2.mycompany.com:1521^

    A dialog opens, prompting you to synchronize the system time of the primary Oracle Internet Directory computer and the system time on the computer on which you are installing.

  20. Synchronize the system time on the computers and click OK.

    The Specify ODS Password screen appears.

  21. Specify the ODS password (by default, the ias_admin password) and click Next.

  22. Specify the user name and password and click Next.

    The Specify OID Login screen appears.

    The Specify Instance Name and ias_admin Password screen appears.

  23. Specify the instance name and password and click Next.

    The Summary screen appears.

  24. Review the selections to ensure that they are correct (if they are not, click Back to modify selections on previous screens), and click Install.

    The Install screen appears with a progress bar. On UNIX systems, a dialog opens prompting you to run the root.sh script.

  25. Open a window and run the script.

    The Configuration Assistants screen appears. Multiple configuration assistants are launched in succession; this process can be lengthy. When it completes, the End of Installation screen appears.

  26. Click Exit, and then confirm your choice to exit.

Configuring the Virtual Server to Use the Load Balancing Router

If you plan to use the Enterprise Deployment Architecture for myWebCenter.com with JAZN-SSO/DAS, you must configure the Load Balancing Router to perform these functions:

Note:

Some tuning of the Load Balancing Router's monitoring interval and time out values may be required to ensure system availability. If the interval or time out value is too long, the Load Balancing Router will not detect service failures in time; if it is too short, the Load Balancing Router may erroneously detect that a server is down.

For example, suppose the Load Balancing Router maps the virtual IP address oid.mycompany.com to the two Oracle Internet Directory servers for round robin load balancing, and the monitoring scheme attempts an ldapbind at 10-second intervals.

If the Oracle Internet Directory on APPHOST1 is down, then the Load Balancing Router directs all traffic to the Oracle Internet Directory on APPHOST2 only.However, there is a10-second interval during which the Load Balancing Router is unaware that the Oracle Internet Directory on APPHOST1 is down. There is also a 30-second time out period. During this period, the Load Balancing Router continues to direct traffic to both Oracle Internet Directory servers in round robin mode, and ldapbind failures will occur when it attempts connections to the Oracle Internet Directory on APPHOST1.

Testing the Oracle Internet Directory Instances

  1. Ensure that you can connect to each Oracle Internet Directory instance and the Load Balancing Router, using this command:

    ldapbind -p 389 -h OIDHOST1

    ldapbind -p 389 -h OIDHOST2

    ldapbind -p 389 -h oid.mycompany.com

  2. Start the oidadmin tool on each Oracle Internet Directory instance in ORACLE_HOME/bin with this command:

    oidadmin

The Data Tier configuration is now as shown in Figure 2-1.

Figure 2-1 Data Tier Configuration

Data Tier configuration
Description of "Figure 2-1 Data Tier Configuration"

Go to previous page
Previous		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us