This chapter describes how to install the latest version of Oracle Identity Management 11g Release 1 (11.1.1). It also describes how to configure the Oracle Identity Management components.
This chapter includes the following topics:
Installing and Configuring the Latest Version of OID, OVD, ODSM, ODIP, and OIF
OID with ODIP, ODSM, and Fusion Middleware Control in a New WebLogic Domain
OVD with ODSM and Fusion Middleware Control in a New WebLogic Domain
OIF with OID in a New WebLogic Domain for LDAP Authentication, User Store, and Federation Store
Follow the instructions in this section to install and configure the latest version of Oracle Internet Directory (OID), Oracle Virtual Directory (OVD), Oracle Directory Services Manager (ODSM), Oracle Directory Integration Platform, and Oracle Identity Federation (OIF).
Installing and configuring the latest version of Oracle Identity Management 11g component involves the following steps:
Obtaining the Latest Oracle WebLogic Server and Oracle Fusion Middleware 11g Software
Installing Oracle WebLogic Server and Creating the Middleware Home
Installing the 11.1.1.2.0 Version of Oracle Identity Management Software
Refer to the following for more information about the latest Oracle WebLogic Server and Oracle Fusion Middleware 11g software:
You can download the latest Oracle Fusion Middleware 11g software from the Oracle Technology Network (OTN):
http://www.oracle.com/technology/
Note that you must download both 11.1.1.2.0 and 11.1.1.3.0 versions of the software if you have not installed Oracle Fusion Middleware 11.1.1.2.0 on your machine. You must install the 11.1.1.2.0 version by choosing the Install Software - Do Not Configure option. Then you must patch the 11.1.1.2.0 software by running the 11.1.1.3.0 Patch Set Installer.
For information about downloading Oracle WebLogic Server, see "Product Distribution" in the Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server.
At the time this document was published, the latest release of Oracle Fusion Middleware 11g was 11g Release 1 (11.1.1.3.0), which provides new features and capabilities that supersede those available in Oracle Fusion Middleware 11g Release 1 (11.1.1.1.0) and 11g Release 1 (11.1.1.2.0).
Oracle Fusion Middleware 11g also requires the latest version of Oracle WebLogic Server. At the time this document was published, the latest version of Oracle WebLogic Server was Oracle WebLogic Server 11g (10.3.3).
For complete information about patching your Oracle Fusion Middleware 11g to the latest release, refer to the Oracle Fusion Middleware Patching Guide.
Oracle Identity Management requires Oracle WebLogic Server and a Middleware home directory.
For more information, see "Install Oracle WebLogic Server" in Oracle Fusion Middleware Installation Planning Guide. In addition, see "Running the Installation Program in Graphical Mode" in Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server.
Before you can install Oracle Identity Management 11g Release 1 (11.1.1) components, you must install Oracle WebLogic Server and create the Oracle Middleware Home directory.
Note:
If you are installing Oracle Internet Directory 11g Release 1 (11.1.1) without an Oracle WebLogic administration domain, you do not need to install Oracle WebLogic.Perform the following steps to install Oracle WebLogic Server and create the Oracle Middleware Home directory. You can refer to the Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server for complete information about installing Oracle WebLogic Server.
Insert the Oracle WebLogic Server CD-ROM or download the Oracle WebLogic Server Installer from the following Web site:
http://www.oracle.com/technology/software/products/ias/htdocs/wls_main.html
Locate the appropriate executable file for your system, such as:
wls1033_linux32.bin for 32-bit Linux systems
wls1033_win32.exe for 32-bit Windows systems
wls1033_generic.jar for all 64-bit platforms
The 32-bit executable files are bundled with the appropriate JDK version. If you use the 64-bit installer, you will need to invoke the installer with a supported JDK for your platform. This JDK must be installed on your system before you install Oracle WebLogic Server. Refer to the Oracle Fusion Middleware certification document for a list of supported JDKs for your platform:
http://www.oracle.com/technology/software/products/ias/files/fusion_certification.html
For more information about downloading Oracle WebLogic Server, see "Product Distribution" in the Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server.
Run the Oracle WebLogic Server Installer directly from the CD-ROM, or copy the file to your local system and run it locally. For 64-bit installations:
Before running the installer, set the DISPLAY environment variable on your system.
Replace JAVA_HOME with the installation location of the supported JDK you installed for your platform.
Use the -d64 flag when using 32/64-bit hybrid JDKs (such as the HP JDK for HP-UX and SUN JDK for Solaris SPARC).
Execute JAVA_HOME/bin/java -version (or JAVA_HOME/bin/java -d64 -version on 32/64-bit hybrid JDKs) to ensure that your JAVA_HOME refers to a 64-bit JDK.
Examples for 32-bit systems:
Linux:
./wls1033_linux32.bin
Windows:
wls1033_win32.exe
Examples for 64-bit systems:
UNIX:
JAVA_HOME/bin/java -jar wls1033_generic.jar
or
JAVA_HOME/bin/java -d64 -jar wls1033_generic.jar
Windows:
JAVA_HOME\bin\java -jar wls1033_generic.jar
Note:
After you start the Oracle WebLogic Server Installer, the Welcome screen appears.Click Next. The Choose Middleware Home Directory screen appears.
Select Create a new Middleware Home and identify the desired location for your new Middleware Home directory, which is the top-level directory for all Oracle Fusion Middleware products. The WebLogic Home directory will be created inside the Middleware Home directory.
Note:
If the Middleware Home directory already exists on your system, it must be an empty directory.Click Next. The Register for Security Updates screen appears.
Select whether or not you want to receive the latest product and security updates. If you choose not to receive anything, you will be asked to verify your selection before continuing.
Click Next. The Choose Install Type screen appears.
Select Typical and click Next. The Choose Product Installation Directories screen appears.
Specify the desired location for your WebLogic Server Home directory and click Next.
If you are installing Oracle WebLogic Server on a UNIX system, the Installation Summary screen appears. Go to step 9 now.
If you are installing Oracle WebLogic Server on a Windows system, the Choose Shortcut Location screen appears. Specify a location where you want Windows to create a shortcut to Oracle products and click Next. The Installation Summary screen appears.
Click Next on the Installation Summary screen.
The Installation Progress screen appears.
Click Next. The Installation Complete screen appears.
De-select Run Quickstart and click Done to exit the Installer.
Notes:
The same user that installed Oracle WebLogic Server must install Oracle Identity Management.
Do not log in to the Oracle WebLogic Server Administration Console during Oracle Identity Management installation.
Follow the instructions in Table 4-1 to install Oracle Identity Management 11.1.1.2.0.
If you need additional help with any of the installation screens, click Help to access the online help.
Table 4-1 Installation Flow for Install Only Option
| No. | Screen | Description and Action Required |
|---|---|---|
|
1 |
Welcome Screen |
Click Next to continue. |
|
2 |
Select Installation Type Screen |
Select Install Software - Do Not Configure. Click Next to continue. |
|
3 |
Prerequisite Checks Screen |
Click Next to continue. |
|
4 |
Specify Installation Location Screen |
Specify the Middleware Home and Oracle Home locations. For more information about these directories, see "Oracle Fusion Middleware Directory Structure and Concepts" in Oracle Fusion Middleware Installation Planning Guide. Click Next to continue. |
|
5 |
Specify Security Updates Screen |
Provide your E-mail address to be informed of the latest product issues. Click Next to continue. |
|
6 |
Installation Summary Screen (Install Only Option) |
Verify the information on this screen. Click Install to begin the installation. |
|
7 |
Installation Progress Screen |
If you are installing on a UNIX system, you may be asked to run the Click Next to continue. |
|
8 |
Installation Complete Screen |
Click Finish to dismiss the installer. |
After the installation is complete, you must run the Patch Set Installer for Oracle Identity Management to update your 11.1.1.2.0 software to 11.1.1.3.0, which is the latest version.
For instructions, go to "Applying the Latest Oracle Fusion Middleware Patch Set with the Patch Set Installers" in Oracle Fusion Middleware Patching Guide.
After you have patched your software to the latest version, you are ready to configure your components.
Run the Configuration Tool to create your WebLogic Domain and configure your components.
On UNIX systems:
ORACLE_HOME/bin/config.sh
On Windows systems:
ORACLE_HOME\bin\config.bat
The Oracle Identity Management 11g Configuration Wizard is displayed. You can use this wizard to configure your component in a new domain, in an existing domain, or without a domain. Note that you can install and configure only Oracle Internet Directory and Oracle Virtual Directory without a domain. For more information, see the following topics:
This topic describes how to configure Oracle Internet Directory (OID) with Oracle Directory Integration Platform (ODIP), Oracle Directory Services Manager (ODSM), and Fusion Middleware Control in a new WebLogic administration domain. It includes the following sections:
The configuration described in this topic is appropriate for environments that have both of the following conditions:
You want to install Oracle Internet Directory and Oracle Directory Integration Platform colocated on the same host.
There is no WebLogic Administration Server managing other 11g Release 1 (11.1.1) Oracle Directory Services components.
Performing the configuration in this section deploys the following components:
WebLogic Administration Server
Oracle Internet Directory
WebLogic Managed Server
Oracle Directory Integration Platform
Oracle Directory Services Manager
Fusion Middleware Control
The configuration in this section depends on the following:
Oracle WebLogic Server
Oracle Database
If you want to use an existing schema, Identity Management - Oracle Internet Directory schema existing in the Oracle Database.
Perform the following steps to configure Oracle Internet Directory with Oracle Directory Integration Platform, Oracle Directory Services Manager, and Fusion Middleware Control in a new domain:
Ensure that Oracle Internet Directory is installed, as described in Installing and Configuring the Latest Version of OID, OVD, ODSM, ODIP, and OIF.
Run <Oracle_Home>/bin/config.sh (On UNIX) or <Oracle_Home>\bin\config.bat to start the Oracle Identity Management Configuration Wizard. Click Next to continue.
On the Select Domain screen, select Create New Domain and enter the following information:
Enter the user name for the new domain in the User Name field.
Enter the user password for the new domain in the User Password field.
Enter the user password again in the Confirm Password field.
Enter a name for the new domain in the Domain Name field.
Click Next. The Specify Installation Location screen appears.
Identify the Homes, Instances, and the WebLogic Server directory by referring to Identifying Installation Directories. After you enter information for each field, click Next. The Specify Security Updates screen appears.
Choose how you want to be notified about security issues:
If you want to be notified about security issues through email, enter your email address in the Email field.
If you want to be notified about security issues through My Oracle Support (formerly MetaLink), select the My Oracle Support option and enter your My Oracle Support Password.
If you do not want to be notified about security issues, leave all fields empty.
Click Next. The Configure Components screen appears.
Select Oracle Internet Directory and Oracle Directory Integration Platform. The Oracle Directory Services Manager and Fusion Middleware Control management components are automatically selected for this installation.
Ensure no other components are selected and click Next. The Configure Ports screen appears.
Choose how you want the Installer to configure ports:
Select Auto Port Configuration if you want the Installer to configure ports from a predetermined range.
Select Specify Ports using Configuration File if you want the Installer to configure ports using the staticports.ini file. You can click View/Edit File to update the settings in the staticports.ini file.
Click Next. The Specify Schema Database screen appears.
Choose whether to use an existing schema or to create a new one using the Installer.
Note:
If you want to use an existing schema, it must currently reside in the database to continue with the installation. If it does not currently reside in the database, you must create it using the Repository Creation Utility now.Refer to Creating Database Schema Using the Repository Creation Utility (RCU) for more information.
To use an existing schema:
Select Use Existing Schema.
Enter the database connection information in the Connect String field. The connection string must be in the form: hostname:port:servicename. For Oracle Real Application Clusters (RAC), the connection string must be in the form: hostname1:port1:instance1^hostname2:port2:instance2@servicename.
Enter the password for the existing ODS schema in the Password field.
Click Next.
Note:
If your existing ODS and ODSSM schemas have different passwords, the Specify ODSSM Password screen will appear after you click Next. Enter the password for your existing ODSSM schema and click Next.The Create Oracle Internet Directory screen appears.
Continue the installation by going to step 9 now.
To create a new schema:
Select Create Schema.
Enter the database connection information in the Connect String field. The connection string must be in the form: hostname:port:servicename. For Oracle Real Application Clusters (RAC), the connection string must be in the form: hostname1:port1:instance1^hostname2:port2:instance2@servicename.
Enter the name of the database user in the User Name field. The user you identify must have DBA privileges.
Enter the password for the database user in the Password field.
Click Next. The Enter OID Passwords screen appears.
Create a password for the new ODS schema by entering it in the ODS Schema Password field.
Enter it again in the Confirm ODS Schema Password field.
Create a password for the new ODSSM schema by entering it in the ODSSM Schema Password field.
Enter it again in the Confirm ODSSM Schema Password field.
Click Next. The Create Oracle Internet Directory screen appears.
Enter the following information for Oracle Internet Directory:
Realm: Enter the location for your realm.
Administrator Password: Enter the password for the Oracle Internet Directory administrator.
Confirm Password: Enter the administrator password again.
Click Next. The Installation Summary screen appears.
Complete the installation by performing all the steps in Completing an Installation.
This topic describes how to configure only Oracle Internet Directory (OID) without a WebLogic administration domain. It includes the following sections:
The configuration described in this topic is appropriate for environments that have both of the following conditions:
You do not want to include Oracle Internet Directory in a WebLogic administration domain for management purposes.
You do not want to manage Oracle Internet Directory using Fusion Middleware Control.
Performing the configuration in this section deploys only Oracle Internet Directory.
The configuration in this section depends on the following:
Oracle Database
If you want to use an existing schema, Identity Management - Oracle Internet Directory schema existing in the Oracle Database.
Perform the following steps to configure only Oracle Internet Directory without a domain:
Ensure that Oracle Internet Directory is installed, as described in Installing and Configuring the Latest Version of OID, OVD, ODSM, ODIP, and OIF.
Note that installing Oracle WebLogic Server is optional in this particular scenario. Instead, you can create the Middleware Home by using the Oracle Identity Management Configuration Wizard, as described later in Step 4 of the procedure.
Run <Oracle_Home>/bin/config.sh (On UNIX) or <Oracle_Home>\bin\config.bat to start the Oracle Identity Management Configuration Wizard. Click Next to continue.
Select Configure without a Domain on the Select Domain screen and click Next. The Specify Installation Location screen appears.
Enter the following information in each field:
Oracle Middleware Home Location: If an Oracle Middleware Home directory already exists, enter the path to it in this field. If an Oracle Middleware Home directory does not exist, enter a path to the location where you want the Installer to create the directory that will contain the Oracle Common Home and Oracle Home directories. The Installer creates an Oracle Common Home directory and an Oracle Home directory inside the directory you identify in this field.
The Oracle Middleware Home directory is commonly referred to as MW_HOME.
Note:
The Oracle Middleware Home directory is not required to contain an Oracle WebLogic Server installation.Oracle Home Directory: Enter a name for the Oracle Home directory. The Installer uses the name you enter in this field to create the Oracle Home directory under the location you enter in the Oracle Middleware Home Location field. The Oracle Home directory is commonly referred to as ORACLE_HOME.
Oracle Instance Location: Enter the directory path to the location where you want to create the Oracle Instance directory. The Installer creates the Oracle Instance directory using the location you enter in this field and using the name you enter in the Oracle Instance Name field. You can identify any location on your system for the Oracle Instance directory—it does not have to reside inside the Oracle Middleware Home directory.
Oracle Instance Name: Enter a name for the Oracle Instance directory. The Installer uses the name you enter in this field to create the Oracle Instance directory at the location you specify in the Oracle Instance Location field. This directory is commonly referred to as ORACLE_INSTANCE.
After you enter information for each field, click Next. The Specify Security Updates screen appears.
Choose how you want to be notified about security issues:
If you want to be notified about security issues through email, enter your email address in the Email field.
If you want to be notified about security issues through My Oracle Support (formerly MetaLink), select the My Oracle Support option and enter your My Oracle Support Password.
If you do not want to be notified about security issues, leave all fields empty.
Click Next. The Configure Components screen appears.
On the Configure Components screen, select only Oracle Internet Directory. Ensure no other components are selected and click Next. The Configure Ports screen appears.
Choose how you want the Installer to configure ports:
Select Auto Port Configuration if you want the Installer to configure ports from a predetermined range.
Select Specify Ports using Configuration File if you want the Installer to configure ports using the staticports.ini file. You can click View/Edit File to update the settings in the staticports.ini file.
Click Next. The Specify Schema Database screen appears.
Choose whether to use an existing schema or to create a new one using the Installer.
Note:
If you want to use an existing schema, it must currently reside in the database to continue with the installation. If it does not currently reside in the database, you must create it using the Repository Creation Utility now.Refer to Creating Database Schema Using the Repository Creation Utility (RCU) for more information.
To use an existing schema:
Select Use Existing Schema.
Enter the database connection information in the Connect String field. The connection string must be in the form: hostname:port:servicename. For Oracle Real Application Clusters (RAC), the connection string must be in the form: hostname1:port1:instance1^hostname2:port2:instance2@servicename.
Enter the password for the existing ODS schema in the Password field.
Click Next.
Note:
If your existing ODS and ODSSM schemas have different passwords, the Specify ODSSM Password screen will appear after you click Next. Enter the password for your existing ODSSM schema and click Next.The Create Oracle Internet Directory screen appears.
Continue the installation by going to step 9 now.
To create a new schema:
Select Create Schema.
Enter the database connection information in the Connect String field. The connection string must be in the form: hostname:port:servicename. For Oracle Real Application Clusters (RAC), the connection string must be in the form: hostname1:port1:instance1^hostname2:port2:instance2@servicename.
Enter the name of the database user in the User Name field. The user you identify must have DBA privileges.
Enter the password for the database user in the Password field.
Click Next. The Enter OID Passwords screen appears.
Create a password for the new ODS schema by entering it in the ODS Schema Password field.
Enter it again in the Confirm ODS Schema Password field.
Create a password for the new ODSSM schema by entering it in the ODSSM Schema Password field.
Enter it again in the Confirm ODSSM Schema Password field.
Click Next. The Create Oracle Internet Directory screen appears.
Enter the following information for Oracle Internet Directory:
Realm: Enter the location for your realm.
Administrator Password: Enter the password for the Oracle Internet Directory administrator.
Confirm Password: Enter the administrator password again.
Click Next. The Installation Summary screen appears.
Complete the installation by performing all the steps in Completing an Installation.
Note:
If you perform this installation and configuration, but later decide you want to manage Oracle Internet Directory using Fusion Middleware Control, you must register Oracle Internet Directory with a WebLogic Administration Server.Refer to the "Registering an Oracle Instance or Component with the WebLogic Server" section in the Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory for more information.
This topic describes how to configure Oracle Virtual Directory (OVD) with Oracle Directory Services Manager (ODSM) and Fusion Middleware Control in a new WebLogic administration domain. It includes the following sections:
The configuration described in this topic is appropriate for environments that have all of the following conditions:
You want to manage Oracle Virtual Directory using Fusion Middleware Control.
You want Oracle Virtual Directory to be in a WebLogic administration domain.
There is no WebLogic Administration Server managing other 11g Release 1 (11.1.1) Oracle Directory Services components.
You want to install Oracle Virtual Directory and a WebLogic Administration Server colocated on the same host.
Performing the configuration in this section deploys the following components.
WebLogic Administration Server
Oracle Virtual Directory
Oracle Directory Services Manager
Fusion Middleware Control
The configuration in this section depends on Oracle WebLogic Server.
Perform the following steps to configure Oracle Virtual Directory with Oracle Directory Services Manager and Fusion Middleware Control in a new domain:
Ensure that Oracle Virtual Directory and Oracle Directory Services Manager are installed, as described in Installing and Configuring the Latest Version of OID, OVD, ODSM, ODIP, and OIF.
Run <Oracle_Home>/bin/config.sh (On UNIX) or <Oracle_Home>\bin\config.bat to start the Oracle Identity Management Configuration Wizard. Click Next to continue.
On the Select Domain screen, select Create New Domain and enter the following information:
Enter the user name for the new domain in the User Name field.
Enter the user password for the new domain in the User Password field.
Enter the user password again in the Confirm Password field.
Enter a name for the new domain in the Domain Name field.
Click Next. The Specify Installation Location screen appears.
Identify the Homes, Instances, and the WebLogic Server directory by referring to Identifying Installation Directories. After you enter information for each field, click Next. The Specify Security Updates screen appears.
Choose how you want to be notified about security issues:
If you want to be notified about security issues through email, enter your email address in the Email field.
If you want to be notified about security issues through My Oracle Support (formerly MetaLink), select the My Oracle Support option and enter your My Oracle Support Password.
If you do not want to be notified about security issues, leave all fields empty.
Click Next. The Configure Components screen appears.
Select only Oracle Virtual Directory. The Oracle Directory Services Manager and Fusion Middleware Control management components are automatically selected for this installation.
Ensure no other components are selected and click Next. The Configure Ports screen appears.
Choose how you want the Installer to configure ports:
Select Auto Port Configuration if you want the Installer to configure ports from a predetermined range.
Select Specify Ports using Configuration File if you want the Installer to configure ports using the staticports.ini file. You can click View/Edit File to update the settings in the staticports.ini file.
Click Next. The Specify Oracle Virtual Directory Information screen appears.
Enter the following information:
LDAP v3 Name Space: Enter the name space for Oracle Virtual Directory. The default value is dc=us,dc=oracle,dc=com.
HTTP Web Gateway: Select this option to enable the Oracle Virtual Directory HTTP Web Gateway.
Secure: Select this option if you enabled the HTTP Web Gateway and you want to secure it using SSL.
Administrator User Name: Enter the user name for the Oracle Virtual Directory administrator. The default value is cn=orcladmin.
Password: Enter the password for the Oracle Virtual Directory administrator.
Confirm Password: Enter the password for the Oracle Virtual Directory administrator again.
Configure Administrative Server in secure mode: Select this option to secure the Oracle Virtual Directory Administrative Listener using SSL. This option is selected by default. Oracle recommends selecting this option.
Click Next. The Installation Summary screen appears.
Complete the installation by performing all the steps in Completing an Installation.
After configuring Oracle Virtual Directory, you must complete the following task to update the Oracle Virtual Directory Version Number in Oracle Directory Service Manager:
Set the JAVA_HOME and ANT_HOME environment variables and add them to the PATH environment variable.
Go to the ORACLE_HOME/ovd/patchset (on UNIX operating systems) or ORACLE_HOME\ovd\patchset (on Windows operating systems) directory and run the following command:
ant updateOVDVersion -Dovd_instance=<ovd_instance_location>
Restart the Oracle Virtual Directory instance.
This section describes how to configure Oracle Identity Federation (OIF) with Oracle Internet Directory (OID) in a new WebLogic administration domain for LDAP Authentication, User Store, and Federation Store.
Note:
When you configure Oracle Identity Federation with Oracle Internet Directory, the Installer automatically configures connection, credential, attribute, and container settings using the Oracle Internet Directory configuration.This section includes the following information about this configuration:
Perform the configuration in this topic to quickly deploy Oracle Identity Federation with Oracle Internet Directory as the LDAP repository for Authentication, User Store, and Federation Store.
Performing the configuration in this section deploys the following components:
WebLogic Managed Server
Oracle Identity Federation
Oracle Internet Directory
Oracle Directory Services Manager
WebLogic Administration Server
Fusion Middleware Control
Optionally, Oracle HTTP Server
The configuration in this section depends on the following components:
Oracle WebLogic Server
Oracle Database for Oracle Internet Directory
Identity Management - Oracle Internet Directory schema existing in the database for Oracle Internet Directory.
Oracle Database for Oracle Identity Federation, if using RDBMS for Session Store, Message Store, or Configuration Store.
New Identity Management - Oracle Identity Federation schema existing in the database for Oracle Identity Federation, if using RDBMS for Session Store, Message Store, or Configuration Store.
Perform the following steps to configure Oracle Identity Federation with Oracle Internet Directory in a new domain for LDAP Authentication, User Store, and Federation Store:
Decide if you want to use RDBMS for Session Store, Message Store, or Configuration Store. If you do, perform the following steps a and b:
Install the database for Oracle Identity Federation. Refer to Installing Oracle Database for more information.
Create the Identity Management - Oracle Identity Federation schema in the database. Refer to Creating Database Schema Using the Repository Creation Utility (RCU) for more information.
Install the Oracle Database for Oracle Internet Directory. Refer to Installing Oracle Databasefor more information.
Create the Identity Management - Oracle Internet Directory schema in the database for Oracle Internet Directory. Refer to Creating Database Schema Using the Repository Creation Utility (RCU) for more information.
Ensure that Oracle Identity Federation and Oracle Internet Directory are installed, as described in Installing and Configuring the Latest Version of OID, OVD, ODSM, ODIP, and OIF.
Run <Oracle_Home>/bin/config.sh (On UNIX) or <Oracle_Home>\bin\config.bat to start the Oracle Identity Management Configuration Wizard. Click Next to continue.
On the Select Domain screen, select Create New Domain and enter the following information:
User Name: Enter the user name for the new domain.
User Password: Enter the user password for the new domain.
Enter the user password again in the Confirm Password field.
Domain Name: Enter a name for the new domain.
Click Next. The Specify Installation Location screen appears.
Identify the Homes, Instances, and the WebLogic Server directory by referring to Identifying Installation Directories. After you enter information for each field, click Next. The Specify Security Updates screen appears.
Choose how you want to be notified about security issues:
If you want to be notified about security issues through email, enter your email address in the Email field.
If you want to be notified about security issues through My Oracle Support (formerly MetaLink), select the My Oracle Support option and enter your My Oracle Support Password.
If you do not want to be notified about security issues, leave all fields empty.
Click Next. The Configure Components screen appears.
Select Oracle Internet Directory, Oracle Identity Federation, and optionally, Oracle HTTP Server.
Note:
Oracle HTTP Server is required when using Oracle Identity Federation for enterprise level single sign-on with Oracle Single Sign-On and Oracle Access Manager. Although Oracle Identity Federation can function without Oracle HTTP Server, there are advantages to configuring it as a proxy for Oracle Identity Federation.When you select Oracle HTTP Server and Oracle Identity Federation on this Configure Components screen, the Configuration Wizard configures the Oracle HTTP Server so that the Oracle Identity Federation application can be accessed through Oracle HTTP Server ports.
Refer to the "Deploying Oracle Identity Federation with Oracle HTTP Server" section in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation for more information.
The Oracle Directory Services Manager and Fusion Middleware Control management components are automatically selected for this installation.
Ensure no other components are selected and click Next. The Configure Ports screen appears.
Choose how you want the Installer to configure ports:
Select Auto Port Configuration if you want the Installer to configure ports from a predetermined range.
Select Specify Ports using Configuration File if you want the Installer to configure ports using the staticports.ini file. You can click View/Edit File to update the settings in the staticports.ini file.
Click Next. The Specify Schema Database screen appears.
Identify the ODS schema for Oracle Internet Directory that you created in step 3 by selecting Use Existing Schema and entering the following information:
Enter the database connection information in the Connect String field. The connection string must be in the form: hostname:port:servicename. For Oracle Real Application Clusters (RAC), the connection string must be in the form: hostname1:port1:instance1^hostname2:port2:instance2@servicename.
Enter the password for the ODS schema in the Password field and click Next.
Note:
If your existing ODS and ODSSM schemas have different passwords, the Specify ODSSM Password screen will appear after you click Next. Enter the password for your existing ODSSM schema and click Next.The Create Oracle Internet Directory screen appears.
Enter the following information for Oracle Internet Directory:
Realm: Enter the location for your realm.
Administrator Password: Enter the password for the Oracle Internet Directory administrator.
Confirm Password: Enter the administrator password again.
Click Next. The Specify OIF Details screen appears.
Enter the following information:
PKCS12 Password: Enter the password Oracle Identity Federation will use for encryption and for signing wallets. The Installer automatically generates these wallets with self-signed certificates. Oracle recommends using the wallets only for testing.
Confirm Password: Enter the PKCS12 password again.
Server ID: Enter a string that will be used to identify this Oracle Identity Federation instance. A prefix of oif will be added to the beginning of the string you enter. Each logical Oracle Identity Federation instance within an Oracle WebLogic Server administration domain must have a unique Server ID. Clustered Oracle Identity Federation instances acting as a single logical instance will have the same Server ID.
Click Next. The Select OIF Advanced Flow Attributes screen appears.
Notes:
Notice that the options for Authentication Type, User Store and Federation Store are automatically set to LDAP because you are installing Oracle Internet Directory with Oracle Identity Federation.
The Installer sets the User Federation Record Context to cn=fed,BASE_REALM, where BASE_REALM is typically dc=us,dc=oracle,dc=com.
Select the appropriate option for each configuration item and click Next:
Note:
User Session Store and Message Store appear in the Installer as separate configuration items, however, most deployments use the same type of repository for both stores.User Session Store: Memory or RDBMS
Select Memory to store transient runtime session state data in in-memory tables.
Select RDBMS to store transient runtime session state data in a relational database.
Message Store: Memory or RDBMS
Select Memory to store transient protocol messages in in-memory tables
Select RDBMS to store transient protocol messages in a relational database.
Configuration Store: File or RDBMS
Select File to store Oracle Identity Federation configuration data on the local file system.
Select RDBMS to store Oracle Identity Federation configuration data in a relational database.
Note:
The screens that appear next depend on the options you selected for the configuration items.Enter the following information on the Specify Transient Store Database Details screen:
HostName: Enter the connection string to the database host in the form: hostname:port:servicename. For Oracle Real Application Clusters (RAC), the connection string must be in the form: hostname1:port1:instance1^hostname2:port2:instance2@servicename.
Username: Enter the name of the schema owner created by RCU, which is of the form PREFIX_OIF.
Password: Enter the password for the database user.
Complete the installation by performing all the steps in Completing an Installation.
Note:
To configure Oracle Identity Federation so that it is integrated with Oracle HTTP Server, refer to the "Deploying Oracle Identity Federation with Oracle HTTP Server" section in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation.