The following sections describe basic configuration scenarios for Oracle Identity Manager (OIM):
Note:
For additional configuration scenarios, see Oracle Identity Management Suite-Level Installation Scenarios.This topic describes how to configure Oracle Identity Manager (OIM) without LDAP Synchronization in a new WebLogic domain. It includes the following sections:
Perform the configuration in this topic if you want to install only Oracle Identity Manager in an environment where you may use Oracle Identity Manager as a provisioning or request solution. This option is also appropriate for Oracle Identity Manager environments that do not use Single Sign-On (SSO) or Oracle Access Manager.
Performing the configuration in this section installs the following components:
Administration Server
A Managed Server for Oracle Identity Manager
Oracle Identity Administration Console, Oracle Identity Manager Self Service Console, and Oracle Identity Manager Advanced Administration Console on the Oracle Identity Manager Managed Server
The configuration in this section depends on the following:
Oracle WebLogic Server.
Installation of the Oracle Identity Management 11g software.
Installation of the latest version of Oracle SOA Suite.
Database schemas for Oracle Identity Manager and Oracle SOA 11g Suite. For more information, see Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU).
Complete the following steps to configure Oracle Identity Manager in a new WebLogic administration domain and to configure Oracle Identity Manager Server, Design Console, and Remote Manager:
Ensure that all the prerequisites, listed in Prerequisites, are satisfied. In addition, see Important Notes Before You Start Configuring OIM.
Run the <Oracle_IDM2>/common/bin/config.sh script (on UNIX). (<Oracle_IDM2>\common\bin\config.cmd on Windows). The Welcome screen of the Oracle Fusion Middleware Configuration Wizard appears.
On the Welcome screen, select Create a new WebLogic domain, and click Next. The Select Domain Source screen appears.
On the Select Domain Source screen, ensure that the Generate a domain configured automatically to support the following products: option is selected.
Select Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2].
The Oracle SOA Suite - 11.1.1.1.0 [Oracle_SOA1] option, the Oracle JRF 11.1.1.0 [oracle_common] option, the Oracle Enterprise Manager - 11.1.1.0 [oracle_common], and the Oracle WSM Policy Manager 11.1.1.0 [oracle_common] option are also selected, by default.
Click Next. The Specify Domain Name and Location screen appears.
Enter a name and a location for the domain to be created, and click Next. The Configure Administrator User Name and Password screen appears.
Configure a user name and a password for the administrator. The default user name is weblogic. Click Next.
Choose JRockit SDK 160_17_R28.0.0-679 and Production Mode in the Configure Server Start Mode and JDK screen of the Oracle Fusion Middleware Configuration Wizard. Click Next. The Configure JDBC Component Schema screen appears. This screen displays a list of the following component schemas:
SOA Infrastructure
User Messaging Service
OIM MDS Schema
OWSM MDS Schema
SOA MDS Schema
OIM Infrastructure
On the Configure JDBC Component Schema screen, select a component schema that you want to modify. You can set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Select the driver as Oracle's Driver (Thin) for Instance connections; Versions:9.0.1,9.2.0,10,11. Click Next. The Test JDBC Component Schema screen appears. After the test succeeds, the Select Optional Configuration screen appears.
On the Select Optional Configuration screen, you can configure the Administration Server, JMS Distributed Destination, Managed Servers, Clusters, and Machines, Deployments and Services. Click Next.
Optional: Configure the following Administration Server parameters:
Name
Listen address
Listen port
SSL listen port
SSL enabled or disabled
Click Next.
Optional: Configure JMS Distributed Destination, as required. Click Next.
Optional: Configure Managed Servers, as required. Click Next.
Optional: Configure Clusters, as required. Click Next.
For more information about configuring clusters for Oracle Identity Management products, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.
Optional: Assign Managed Servers to Clusters, as required. Click Next.
Optional: Configure Machines, as needed. This step is useful when you want to run the Administration Server on one machine and Managed Servers on another physical machine.Click Next.
Tip:
Before configuring a machine, use theping command to verify whether the machine or host name is accessible.Optional: Assign servers to machines. Click Next.
Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server. Click Next.
On the Configuration Summary screen, you can view summaries of your configuration for deployments, application, and service. Review the domain configuration, and click Create to start creating the domain.
After the domain configuration is complete, click Done to close the configuration wizard.
A new WebLogic domain to support Oracle Identity Manager is created in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.
Start the Administration Server, as described in Starting or Stopping the Oracle Stack.
Start the Oracle Identity Manager Configuration Wizard, as described in Starting the Oracle Identity Manager 11g Configuration Wizard.
Configure the Oracle Identity Manager Server, Design Console, or Remote Manager, as described in Configuring OIM Server, Configuring OIM Design Console, and Configuring OIM Remote Manager.
Note:
If weblogic is not your WebLogic administrator user name, you must complete a set of manual steps after starting the servers. For more information, see Optional: Updating the WebLogic Administrator Server User Name in Oracle Enterprise Manager Fusion Middleware Control (OIM Only).This topic describes how to configure Oracle Identity Manager (OIM) with LDAP Synchronization in a new or existing WebLogic domain. It includes the following sections:
This section discusses the following topics:
Perform the configuration in this topic if you want to install only Oracle Identity Manager (OIM) in an environment where you may install Oracle Access Manager at a later time and set up integration between Oracle Identity Manager and Oracle Access Manager.
Performing the configuration in this section installs the following components:
Administration Server
A Managed Server for Oracle Identity Manager
Oracle Identity Administration Console, Oracle Identity Manager Self Service Console, and Oracle Identity Manager Advanced Administration Console on the Oracle Identity Manager Managed Server
The configuration in this section depends on the following:
Oracle WebLogic Server.
Installation of the Oracle Identity Management 11g software.
Installation of the latest version of Oracle SOA Suite.
Installation of the latest version of Oracle Internet Directory and Oracle Virtual Directory under the same Middleware Home directory or on a different machine.
Database schemas for Oracle Identity Manager and Oracle SOA 11g Suite. For more information, see Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU).
Complete the following steps to configure Oracle Identity Manager in a new WebLogic administration domain, to enable LDAP sync, and to configure Oracle Identity Manager Server, Design Console, and Remote Manager:
Ensure that all the prerequisites, listed in Prerequisites, are satisfied. In addition, see Important Notes Before You Start Configuring OIM.
Run the <Oracle_IDM2>/common/bin/config.sh script (on UNIX). (<Oracle_IDM2>\common\bin\config.cmd on Windows). The Welcome screen of the Oracle Fusion Middleware Configuration Wizard appears.
On the Welcome screen, select Create a new WebLogic domain, and click Next. The Select Domain Source screen appears.
On the Select Domain Source screen, ensure that the Generate a domain configured automatically to support the following products: option is selected.
Select Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2].
The Oracle SOA Suite - 11.1.1.1.0 [Oracle_SOA1] option, the Oracle JRF 11.1.1.0 [oracle_common] option, the Oracle Enterprise Manager - 11.1.1.0 [oracle_common], and the Oracle WSM Policy Manager 11.1.1.0 [oracle_common] option are also selected, by default.
Click Next. The Specify Domain Name and Location screen appears.
Enter a name and a location for the domain to be created, and click Next. The Configure Administrator User Name and Password screen appears.
Configure a user name and a password for the administrator. The default user name is weblogic. Click Next.
Choose JRockit SDK 160_17_R28.0.0-679 and Production Mode in the Configure Server Start Mode and JDK screen of the Oracle Fusion Middleware Configuration Wizard. Click Next. The Configure JDBC Component Schema screen appears. This screen displays a list of the following component schemas:
SOA Infrastructure
User Messaging Service
OIM MDS Schema
OWSM MDS Schema
SOA MDS Schema
OIM Infrastructure
On the Configure JDBC Component Schema screen, select a component schema that you want to modify. You can set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Select the driver as Oracle's Driver (Thin) for Instance connections; Versions:9.0.1,9.2.0,10,11. Click Next. The Test JDBC Component Schema screen appears. After the test succeeds, the Select Optional Configuration screen appears.
On the Select Optional Configuration screen, you can configure the Administration Server, JMS Distributed Destination, Managed Servers, Clusters, and Machines, Deployments and Services. Click Next.
Optional: Configure the following Administration Server parameters:
Name
Listen address
Listen port
SSL listen port
SSL enabled or disabled
Click Next.
Optional: Configure JMS Distributed Destination, as required. Click Next.
Optional: Configure Managed Servers, as required. Click Next.
Optional: Configure Clusters, as required. Click Next.
For more information about configuring clusters for Oracle Identity Management products, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.
Optional: Assign Managed Servers to Clusters, as required. Click Next.
Optional: Configure Machines, as needed. This step is useful when you want to run the Administration Server on one machine and Managed Servers on another physical machine.Click Next.
Tip:
Before configuring a machine, use theping command to verify whether the machine or host name is accessible.Optional: Assign servers to machines. Click Next.
Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server. Click Next.
On the Configuration Summary screen, you can view summaries of your configuration for deployments, application, and service. Review the domain configuration, and click Create to start creating the domain.
After the domain configuration is complete, click Done to close the configuration wizard.
A new WebLogic domain to support Oracle Identity Manager is created in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.
Start the Administration Server, as described in Starting or Stopping the Oracle Stack.
Set up LDAP Synchronization, as described in Setting Up LDAP Synchronization.
Start the Oracle Identity Manager Configuration Wizard, as described in Starting the Oracle Identity Manager 11g Configuration Wizard.
Configure the Oracle Identity Manager Server, Design Console, or Remote Manager, as described in Configuring OIM Server, Configuring OIM Design Console, and Configuring OIM Remote Manager.
Note:
If weblogic is not your WebLogic administrator user name, you must complete a set of manual steps after starting the servers. For more information, see Optional: Updating the WebLogic Administrator Server User Name in Oracle Enterprise Manager Fusion Middleware Control (OIM Only).This section discusses the following topics:
Perform the configuration in this topic if you want to install only Oracle Identity Manager (OIM) in an existing Oracle Identity Management environment where you have installed and configured Oracle Internet Directory (OID) and Oracle Virtual Directory (OVD). You can enable LDAP Synchronization for Oracle Identity Manager. At a later time, you may install Oracle Access Manager and set up integration between Oracle Identity Manager and Oracle Access Manager.
Performing the configuration in this section installs the following components:
A Managed Server for Oracle Identity Manager
Oracle Identity Administration Console, Oracle Identity Manager Self Service Console, and Oracle Identity Manager Advanced Administration Console on the Oracle Identity Manager Managed Server
The configuration in this section depends on the following:
Oracle WebLogic Server.
Installation of the Oracle Identity Management 11g software.
Installation of the latest version of Oracle SOA Suite.
Database schemas for Oracle Identity Manager and Oracle SOA 11g Suite. For more information, see Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU).
Complete the following steps to configure Oracle Identity Manager in an existing Oracle Identity Management 11.1.1.3.0 domain that has Oracle Internet Directory and Oracle Virtual Directory installed and configured:
Install Oracle WebLogic Server and create a Middleware Home, as described in Installing Oracle WebLogic Server 10.3.3 and Creating the Oracle Middleware Home.
Ensure that your Oracle Identity Management 11g installation is patched to 11.1.1.3.0, as described in Installing OID, OVD, ODSM, ODIP, and OIF (11.1.1.4.0).
Run the <Oracle_IDM1>/bin/config.sh on UNIX operating systems to start the Oracle Identity Management Configuration Wizard. On Windows, run the <Oracle_IDM1>\bin\config.bat to start the wizard.
On the Select Domain screen, select the Create New Domain option. Set the Administrator user name and password, as required.
Ensure that you select Oracle Internet Directory and Oracle Virtual Directory on the Configure Components screen.
Follow the wizard, provide the necessary input, and configure the domain.
A new WebLogic domain to support Oracle Internet Directory and Oracle Virtual Directory is created in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.
Ensure that all the prerequisites, listed in Prerequisites, are satisfied. In addition, see Important Notes Before You Start Configuring OIM.
Run the <Oracle_IDM2>/common/bin/config.sh script (on UNIX). (<Oracle_IDM2>\common\bin\config.cmd on Windows). The Oracle Fusion Middleware Configuration Wizard appears.
On the Welcome screen, select the Extend an existing WebLogic domain option. Click Next. The Select a WebLogic Domain Directory screen is displayed.
On the Select a WebLogic Domain Directory screen, select the Oracle Identity Management 11.1.1.3.0 domain in which you configured Oracle Internet Directory and Oracle Virtual Directory. Click Next. The Select Extension Source screen is displayed.
On the Select Extension Source screen, select the following domain configuration options:
Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2]
Note:
When you select the Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2] option, the following options are also selected, by default: Oracle SOA Suite - 11.1.1.0 [Oracle_SOA1], and Oracle WSM Policy Manager - 11.1.1.0 [oracle_common].After selecting the domain configuration options, click Next. The Configure JDBC Component Schema screen is displayed.
On the Configure JDBC Component Schema screen, select a component schema, such as the SOA Infrastructure Schema, the User Messaging Service Schema, the OWSM MDS Schema, the OIM MDS Schema, the OIM Schema, or the SOA MDS Schema, that you want to modify.
You can set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Click Next. The Test JDBC Component Schema screen appears. After the test succeeds, the Select Optional Configuration screen appears.
On the Select Optional Configuration screen, you can configure JMS Distributed Destination, Managed Servers, Clusters, and Machines, Deployments and Services, and JMS File Store. Select the relevant check boxes and click Next.
Optional: Select a JMS Distributed Destination Type, as required.
Optional: Configure Managed Servers, as required.
Optional: Configure Clusters, as required.
For more information about configuring clusters for Oracle Identity Management products, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.
Optional: Assign Managed Servers to Clusters, as required.
Optional: Configure Machines, as needed. This step is useful when you want to run the Administration Server on one machine and Managed Servers on another physical machine.
Tip:
Before configuring a machine, use theping command to verify whether the machine or host name is accessible.Optional: Assign the Administration Server to a machine.
Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server.
Optional: Configure JMS File Store, as required.
On the Configuration Summary screen, review the domain configuration, and click Extend to start extending the domain.
Your existing Oracle Identity Management 11.1.1.1.3.0 domain with Oracle Internet Directory and Oracle Virtual Directory is extended to support Oracle Identity Manager.
Start the Administration Server, as described in Starting or Stopping the Oracle Stack.
Set up LDAP Synchronization, as described in Setting Up LDAP Synchronization.
Verify LDAP Synchronization, as described in Verifying the LDAP Synchronization.
Restart the Administration Server, as described in Restarting Servers.
Start the Oracle Identity Manager Configuration Wizard, as described in Starting the Oracle Identity Manager 11g Configuration Wizard.
Configure Oracle Identity Manager Server, as described in Configuring OIM Server. When configuring Oracle Identity Manager Server, ensure that you select the Enable LDAP Sync option on the BI Publisher and OAM Screen in the Oracle Identity Manager Configuration Wizard.
Follow the wizard and the steps described in Configuring OIM Server to complete the server configuration. Similarly, follow the wizard to configure Oracle Identity Manager Design Console (Windows only) and to configure Oracle Identity Manager Remote Server, as described in Configuring OIM Design Console, and Configuring OIM Remote Manager.
Note:
If weblogic is not your WebLogic administrator user name, you must complete a set of manual steps after starting the servers. For more information, see Optional: Updating the WebLogic Administrator Server User Name in Oracle Enterprise Manager Fusion Middleware Control (OIM Only).This topic describes how to configure Oracle Identity Manager (OIM) and Oracle Identity Navigator (OIN) together in a new WebLogic administration domain. It includes the following sections:
Perform the configuration in this topic if you want to install Oracle Identity Manager in an environment where you want to use Oracle Identity Navigator as a centralized user interface to discover Oracle Identity Manager. You can also launch the Oracle Identity Administration Console, Oracle Identity Manager Self Service Console, or Oracle Identity Manager Advanced Administration Console from within the Oracle Identity Navigator user interface.
Performing the configuration in this section deploys the following:
Administration Server
Managed Server for Oracle Identity Manager
Oracle Identity Administration Console, Oracle Identity Manager Self Service Console, and Oracle Identity Manager Advanced Administration Console on the Managed Server
Oracle Identity Navigator application on the Administration Server
The configuration in this section depends on the following:
Oracle WebLogic Server.
Installation of the Oracle Identity Management 11g software.
Installation of the latest version of Oracle SOA Suite.
Database schemas for Oracle Identity Manager and Oracle SOA Suite. For more information, see Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU).
Perform the following steps to configure Oracle Identity Manager and Oracle Identity Navigator together in a new WebLogic domain:
Ensure that all the prerequisites, listed in Prerequisites, are satisfied. In addition, see Important Notes Before You Start Configuring OIM.
Run the <Oracle_IDM2>/common/bin/config.sh script (on UNIX). (<Oracle_IDM2>\common\bin\config.cmd on Windows). The Oracle Fusion Middleware Configuration Wizard appears.
On the Welcome screen, select the Create a new WebLogic domain option. Click Next. The Select Domain Source screen is displayed.
On the Select Domain Source screen, select the Generate a domain configured automatically to support the following products: option.
Select the following domain configuration options:
Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2]
Note:
When you select the Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2] option, the following options are also selected, by default:Oracle JRF - 11.1.1.0 [oracle_common], Oracle SOA Suite - 11.1.1.0 [Oracle_SOA1], Oracle WSM Policy Manager - 11.1.1.0 [oracle_common], and Oracle Enterprise Manager - 11.1.1.0 [oracle_common]
Oracle Identity Navigator - 11.1.1.3.0 [Oracle_IDM2]
After selecting the domain configuration options, click Next. The Specify Domain Name and Location screen is displayed.
On the Specify Domain Name and Location screen, enter a name and location for the domain to be created. In addition, enter a location to store applications for the domain. Click Next. The Configure Administrator User Name and Password screen is displayed.
Configure a user name and a password for the administrator. The default user name is weblogic. Click Next. The Configure Server Start Mode and JDK screen is displayed.
Choose JRockit SDK 160_17_R28.0.0-679 and Production Mode in the Configure Server Start Mode and JDK screen of the Oracle Fusion Middleware Configuration Wizard. Click Next. The JDBC Component Schema screen appears.
On the Configure JDBC Component Schema screen, select a component schema, such as the OIM Infrastructure Schema, the SOA Infrastructure Schema, the User Messaging Service Schema, the OWSM MDS Schema, the OIM MDS Schema, or the SOA MDS Schema, that you want to modify.
You can set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Click Next. The Test JDBC Component Schema screen appears. After the test succeeds, the Select Optional Configuration screen appears.
On the Select Optional Configuration screen, you can configure Administration Server, Managed Servers, Clusters, and Machines, Deployments and Services, JMS File Store, and RDBMS Security Store. Select the relevant check boxes and click Next.
Optional: Configure Administration Server, as required.
Optional: Configure Managed Servers, as required.
Optional: Configure Clusters, as required.
For more information about configuring clusters for Oracle Identity Management products, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.
Optional: Assign Managed Servers to Clusters, as required.
Optional: Configure Machines, as needed. This step is useful when you want to run the Administration Server on one machine and Managed Servers on another physical machine.
Tip:
Before configuring a machine, use theping command to verify whether the machine or host name is accessible.Optional: Assign the Administration Server to a machine.
Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server.
Optional: Configure JMS File Store, as required.
Optional: Configure RDBMS Security Store, as required.
On the Configuration Summary screen, review the domain configuration, and click Create to start creating the domain. After the domain configuration is complete, click Done.
A new WebLogic domain to support Oracle Identity Manager and Oracle Identity Navigator is created in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.
Note:
If you want to start the SOA Server on a remote machine, then you must manually copy the composite files from the<DOMAIN_HOME>/soa/autodeploy directory on the local machine to the <DOMAIN_HOME>/soa/autodeploy directory on the remote machine after running the unpack command on the remote machine. If the <DOMAIN_HOME>/soa/autodeploy directory does not exist on the remote machine, you must create this directory before copying the composite files.Start the Oracle Identity Manager Configuration Wizard, as described in Starting the Oracle Identity Manager 11g Configuration Wizard.
Configure Oracle Identity Manager Server, as described in Configuring OIM Server.
Follow the wizard and the steps described in Configuring OIM Server to complete the Oracle Identity Manager Server configuration. Similarly, follow the wizard to configure Oracle Identity Manager Design Console (Windows only) and to configure Oracle Identity Manager Remote Server, as described in Configuring OIM Design Console, and Configuring OIM Remote Manager.
Note:
If weblogic is not your WebLogic administrator user name, you must complete a set of manual steps after starting the servers. For more information, see Optional: Updating the WebLogic Administrator Server User Name in Oracle Enterprise Manager Fusion Middleware Control (OIM Only).This topic describes how to configure Oracle Identity Manager (OIN) and Oracle Access Manager (OAM) together in a WebLogic administration domain that has Oracle Identity Navigator (OIN) installed. It includes the following sections:
Perform the configuration in this topic if you want to install Oracle Identity Manager and Oracle Access Manager in an environment where Oracle Identity Navigator is already installed. You can set up integration between Oracle Identity Manager and Oracle Access Manager, as described in Integration Between OIM and OAM. You can use the Oracle Identity Navigator user interface to discover and access product consoles for Oracle Identity Manager and Oracle Access Manager.
Performing the configuration in this section deploys the following:
Managed Servers for Oracle Identity Manager and Oracle Access Manager
Oracle Identity Administration Console, Oracle Identity Manager Self Service Console, and Oracle Identity Manager Advanced Administration Console on the Oracle Identity Manager Managed Server
Oracle Access Manager Console on the Administration Server
The configuration in this section depends on the following:
Oracle WebLogic Server.
Installation of the Oracle Identity Management 11g software.
Installation of the latest version of Oracle SOA Suite (this is required by Oracle Identity Manager)
Database schemas for Oracle Identity Manager, Oracle SOA Suite, and Oracle Access Manager. For more information, see Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU).
Configuration of Oracle Identity Navigator in a new WebLogic domain.
Perform the following steps to configure Oracle Identity Manager and Oracle Access Manager in a WebLogic domain that has Oracle Identity Navigator installed:
Ensure that all the prerequisites, listed in Prerequisites, are satisfied. In addition, see Important Notes Before You Start Configuring OIM.
Configure only Oracle Identity Navigator in a new WebLogic domain, as described in Configuring Only OIN in a New WebLogic Domain.
Verify the installation of Oracle Identity Navigator, as described in Verifying OIN.
Install Oracle SOA Suite under the same Middleware Home. Refer to Installing the Latest Version of Oracle SOA Suite (Oracle Identity Manager Users Only) for more information.
Run the <Oracle_IDM2>/common/bin/config.sh script (on UNIX). (<Oracle_IDM2>\common\bin\config.cmd on Windows). The Oracle Fusion Middleware Configuration Wizard appears.
On the Welcome screen, select the Extend an existing WebLogic domain option. Click Next.
On the Select a WebLogic Domain Directory screen, browse to the directory that contains the WebLogic domain in which you configured Oracle Identity Navigator. Click Next. The Select Extension Source screen appears.
On the Select Extension Source screen, select the following domain configuration options:
Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2]
Note:
When you select the Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2] option, the following options are also selected, by default: Oracle SOA Suite - 11.1.1.0 [Oracle_SOA1], Oracle Enterprise Manager - 11.1.1.0 [oracle_common], and Oracle WSM Policy Manager - 11.1.1.0 [oracle_common].Oracle Access Manager with Database Policy Store - 11.1.1.3.0 [Oracle_IDM2]
After selecting the domain configuration options, click Next. The Specify Domain Name and Location screen is displayed.
On the Specify Domain Name and Location screen, enter a location to store applications for the domain. Click Next. The Configure JDBC Component Schema screen is displayed.
On the Configure JDBC Component Schema screen, select a component schema, such as the OIM Infrastructure Schema, the SOA Infrastructure Schema, the User Messaging Service Schema, the OWSM MDS Schema, the OIM MDS Schema, or the SOA MDS Schema, that you want to modify.
You can set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Click Next. The Test JDBC Component Schema screen appears. After the test succeeds, the Select Optional Configuration screen appears.
On the Select Optional Configuration screen, you can configure Managed Servers, Clusters, and Machines, Deployments and Services, and JMS File Store. Select the relevant check boxes and click Next.
Optional: Configure Managed Servers, as required.
Optional: Configure Clusters, as required.
For more information about configuring clusters for Oracle Identity Management products, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.
Optional: Assign Managed Servers to Clusters, as required.
Optional: Configure Machines, as needed. This step is useful when you want to run the Administration Server on one machine and Managed Servers on another physical machine.
Tip:
Before configuring a machine, use theping command to verify whether the machine or host name is accessible.Optional: Assign the Administration Server to a machine.
Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server.
Optional: Configure JMS File Store, as required.
On the Configuration Summary screen, review the domain configuration, and click Extend to start extending the domain. When the domain configuration is complete, click Done.
The existing Oracle Identity Navigator domain is configured to support Oracle Identity Manager and Oracle Access Manager.
Note:
If you want to start the SOA Server on a remote machine, then you must manually copy the composite files from the<DOMAIN_HOME>/soa/autodeploy directory on the local machine to the <DOMAIN_HOME>/soa/autodeploy directory on the remote machine after running the unpack command on the remote machine. If the <DOMAIN_HOME>/soa/autodeploy directory does not exist on the remote machine, you must create this directory before copying the composite files.Restart the Administration Server, as described in Restarting Servers.
Start the Oracle Identity Manager Configuration Wizard, as described in Starting the Oracle Identity Manager 11g Configuration Wizard.
Configure Oracle Identity Manager Server, as described in Configuring OIM Server.
Follow the wizard and the steps described in Configuring OIM Server to complete the Oracle Identity Manager Server configuration. Similarly, follow the wizard to configure Oracle Identity Manager Design Console (Windows only) and to configure Oracle Identity Manager Remote Server, as described in Configuring OIM Design Console, and Configuring OIM Remote Manager.
Note:
If weblogic is not your WebLogic administrator user name, you must complete a set of manual steps after starting the servers. For more information, see Optional: Updating the WebLogic Administrator Server User Name in Oracle Enterprise Manager Fusion Middleware Control (OIM Only).This topic describes how to configure Oracle Identity Manager (OIM) and Oracle Identity Navigator (OIN) together in a WebLogic domain that has Oracle Access Manager (OAM) installed. It includes the following sections:
Perform the configuration in this topic if you want to install Oracle Identity Manager and Oracle Identity Navigator in an Oracle Identity Management environment where Oracle Access Manager is already installed. You can set up integration between Oracle Identity Manager and Oracle Access Manager, as described in Integration Between OIM and OAM. You can use the Oracle Identity Navigator user interface to discover and access product consoles for both Oracle Identity Manager and Oracle Access Manager.
Performing the configuration in this section deploys the following:
Managed Server for Oracle Identity Manager
Oracle Identity Administration Console, Oracle Identity Manager Self Service Console, and Oracle Identity Manager Advanced Administration Console on the Oracle Identity Manager Managed Server
Oracle Identity Navigator application on the existing Administration Server
The configuration in this section depends on the following:
Oracle WebLogic Server.
Installation of the Oracle Identity Management 11g software.
Installation of the latest version of Oracle SOA Suite.
Database schemas for Oracle Identity Manager, Oracle SOA Suite, and Oracle Access Manager. For more information, see Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU).
Configuration of Oracle Access Manager in a new WebLogic domain.
Perform the following steps to configure Oracle Identity Manager and Oracle Identity Navigator together in a WebLogic administration domain that has Oracle Access Manager installed:
Ensure that all the prerequisites, listed in Prerequisites, are satisfied. In addition, see Important Notes Before You Start Configuring OIM.
Configure only Oracle Access Manager in a new WebLogic domain, as described in OAM in a New WebLogic Domain.
Verify the installation of Oracle Access Manager, as described in Verifying the OAM Installation.
Run the <Oracle_IDM2>/common/bin/config.sh script (on UNIX). (<Oracle_IDM2>\common\bin\config.cmd on Windows). The Oracle Fusion Middleware Configuration Wizard appears.
On the Welcome screen, select the Extend an existing WebLogic domain option. Click Next.
On the Select a WebLogic Domain Directory screen, browse to the directory that contains the WebLogic domain in which you configured Oracle Access Manager. Click Next. The Select Extension Source screen appears.
On the Select Extension Source screen, select the following domain configuration options:
Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2]
Note:
When you select the Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2] option, the following options are also selected, by default: Oracle SOA Suite - 11.1.1.0 [Oracle_SOA1], Oracle Enterprise Manager - 11.1.1.0 [oracle_common], and Oracle WSM Policy Manager - 11.1.1.0 [oracle_common].Oracle Identity Navigator - 11.1.1.3.0 [Oracle_IDM2]
After selecting the domain configuration options, click Next. The Specify Domain Name and Location screen is displayed.
On the Specify Domain Name and Location screen, enter a location to store applications for the domain. Click Next. The Configure JDBC Component Schema screen is displayed.
On the Configure JDBC Component Schema screen, select a component schema, such as the OIM Infrastructure Schema, the SOA Infrastructure Schema, the User Messaging Service Schema, the OWSM MDS Schema, the OIM MDS Schema, or the SOA MDS Schema, that you want to modify.
You can set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Click Next. The Test JDBC Component Schema screen appears. After the test succeeds, the Select Optional Configuration screen appears.
On the Select Optional Configuration screen, you can configure Managed Servers, Clusters, and Machines, Deployments and Services, and JMS File Store. Select the relevant check boxes and click Next.
Optional: Configure Managed Servers, as required.
Optional: Configure Clusters, as required.
For more information about configuring clusters for Oracle Identity Management products, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.
Optional: Assign Managed Servers to Clusters, as required.
Optional: Configure Machines, as needed. This step is useful when you want to run the Administration Server on one machine and Managed Servers on another physical machine.
Tip:
Before configuring a machine, use theping command to verify whether the machine or host name is accessible.Optional: Assign the Administration Server to a machine.
Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server.
Optional: Configure JMS File Store, as required.
On the Configuration Summary screen, review the domain configuration, and click Extend to start extending the domain.
Your existing WebLogic domain with Oracle Access Manager is extended to support Oracle Identity Manager and Oracle Identity Navigator.
Note:
If you want to start the SOA Server on a remote machine, then you must manually copy the composite files from the<DOMAIN_HOME>/soa/autodeploy directory on the local machine to the <DOMAIN_HOME>/soa/autodeploy directory on the remote machine after running the unpack command on the remote machine. If the <DOMAIN_HOME>/soa/autodeploy directory does not exist on the remote machine, you must create this directory before copying the composite files.Restart the Administration Server, as described in Restarting Servers.
Start the Oracle Identity Manager Configuration Wizard, as described in Starting the Oracle Identity Manager 11g Configuration Wizard.
Configure Oracle Identity Manager Server, as described in Configuring OIM Server.
Follow the wizard and the steps described in Configuring OIM Server to complete the Oracle Identity Manager Server configuration. Similarly, follow the wizard to configure Oracle Identity Manager Design Console (Windows only) and to configure Oracle Identity Manager Remote Server, as described in Configuring OIM Design Console, and Configuring OIM Remote Manager.
Note:
If weblogic is not your WebLogic administrator user name, you must complete a set of manual steps after starting the servers. For more information, see Optional: Updating the WebLogic Administrator Server User Name in Oracle Enterprise Manager Fusion Middleware Control (OIM Only).This topic describes how to configure Oracle Identity Manager (OIM), Oracle Access Manager (OAM), and Oracle Identity Navigator (OIN) together in a new WebLogic administration domain. It includes the following sections:
Perform the configuration in this topic if you want to install Oracle Identity Manager, Oracle Access Manager, and Oracle Identity Navigator together in an Oracle Identity Management environment. You can set up integration between Oracle Identity Manager and Oracle Access Manager, as described in Integration Between OIM and OAM. You can use the Oracle Identity Navigator user interface to discover and access product consoles for Oracle Identity Manager and Oracle Access Manager.
At a later time, you can also add Oracle Adaptive Access Manager to this environment and set up integration between Oracle Access Manager and Oracle Adaptive Access Manager.
Performing the configuration in this section deploys the following:
Administration Server
Managed Servers for Oracle Identity Manager and Oracle Access Manager
Oracle Identity Administration Console, Oracle Identity Manager Self Service Console, and Oracle Identity Manager Advanced Administration Console on the Oracle Identity Manager Managed Server
Oracle Identity Navigator application and Oracle Access Manager Console on the Administration Server
The configuration in this section depends on the following:
Oracle WebLogic Server.
Installation of the Oracle Identity Management 11g software.
Installation of the latest version of Oracle SOA Suite
Database schemas for Oracle Identity Manager, Oracle SOA Suite, and Oracle Access Manager. For more information, see Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU).
Perform the following steps to configure Oracle Identity Manager, Oracle Access Manager, and Oracle Identity Navigator together in a new WebLogic domain:
Ensure that all the prerequisites, listed in Prerequisites, are satisfied. In addition, see Important Notes Before You Start Configuring OIM.
Run the <Oracle_IDM2>/common/bin/config.sh script (on UNIX). (<Oracle_IDM2>\common\bin\config.cmd on Windows). The Oracle Fusion Middleware Configuration Wizard appears.
On the Welcome screen, select the Create a new WebLogic domain option. Click Next. The Select Domain Source screen is displayed.
On the Select Domain Source screen, select the Generate a domain configured automatically to support the following products: option.
Select the following domain configuration options:
Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2]
Note:
When you select the Oracle Identity Manager - 11.1.1.3.0 [Oracle_IDM2] option, the following options are also selected, by default: Oracle SOA Suite - 11.1.1.0 [Oracle_SOA1], Oracle Enterprise Manager - 11.1.1.0 [oracle_common], Oracle JRF - 11.1.1.0 [oracle_common], and Oracle WSM Policy Manager - 11.1.1.0 [oracle_common].Oracle Access Manager with Database Policy Store - 11.1.1.3.0 [Oracle_IDM2]
Oracle Identity Navigator - 11.1.1.3.0 [Oracle_IDM2]
After selecting the domain configuration options, click Next. The Specify Domain Name and Location screen is displayed.
On the Specify Domain Name and Location screen, enter a name and location for the domain to be created. In addition, enter a location to store applications for the domain. Click Next. The Configure Administrator User Name and Password screen is displayed.
Configure a user name and a password for the administrator. The default user name is weblogic. Click Next. The Configure Server Start Mode and JDK screen is displayed.
Choose JRockit SDK 160_17_R28.0.0-679 and Production Mode in the Configure Server Start Mode and JDK screen of the Oracle Fusion Middleware Configuration Wizard. Click Next. If you selected Oracle Access Manager with Database Policy Store - 11.1.1.3.0 [Oracle_IDM2] option on the Select Extension Source screen, the Configure JDBC Data Sources Screen is displayed. Configure the oamDS data source, as required. After the test succeeds, the Configure JDBC Component Schema screen is displayed.
On the Configure JDBC Component Schema screen, select a component schema, such as the OIM Infrastructure Schema, the SOA Infrastructure Schema, the User Messaging Service Schema, the OWSM MDS Schema, the OIM MDS Schema, or the SOA MDS Schema, that you want to modify.
You can set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Click Next. The Test JDBC Component Schema screen appears. After the test succeeds, the Select Optional Configuration screen appears.
On the Select Optional Configuration screen, you can configure Administration Server, Managed Servers, Clusters, and Machines, Deployments and Services, JMS File Store, and RDBMS Security Store. Select the relevant check boxes and click Next.
Optional: Configure Administration Server, as required.
Optional: Configure Managed Servers, as required.
Optional: Configure Clusters, as required.
For more information about configuring clusters for Oracle Identity Management products, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.
Optional: Assign Managed Servers to Clusters, as required.
Optional: Configure Machines, as needed. This step is useful when you want to run the Administration Server on one machine and Managed Servers on another physical machine.
Tip:
Before configuring a machine, use theping command to verify whether the machine or host name is accessible.Optional: Assign the Administration Server to a machine.
Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server.
Optional: Configure JMS File Store, as required.
Optional: Configure RDBMS Security Store, as required.
On the Configuration Summary screen, review the domain configuration, and click Create to start creating the domain.
A new WebLogic domain to support Oracle Identity Manager, Oracle Access Manager, and Oracle Identity Navigator is created in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.
Note:
If you want to start the SOA Server on a remote machine, then you must manually copy the composite files from the<DOMAIN_HOME>/soa/autodeploy directory on the local machine to the <DOMAIN_HOME>/soa/autodeploy directory on the remote machine after running the unpack command on the remote machine. If the <DOMAIN_HOME>/soa/autodeploy directory does not exist on the remote machine, you must create this directory before copying the composite files.Start the Oracle Identity Manager Configuration Wizard, as described in Starting the Oracle Identity Manager 11g Configuration Wizard.
Configure Oracle Identity Manager Server, as described in Configuring OIM Server.
Follow the wizard and the steps described in Configuring OIM Server to complete the Oracle Identity Manager Server configuration. Similarly, follow the wizard to configure Oracle Identity Manager Design Console (Windows only) and to configure Oracle Identity Manager Remote Server, as described in Configuring OIM Design Console, and Configuring OIM Remote Manager.
Note:
If weblogic is not your WebLogic administrator user name, you must complete a set of manual steps after starting the servers. For more information, see Optional: Updating the WebLogic Administrator Server User Name in Oracle Enterprise Manager Fusion Middleware Control (OIM Only).