A Preparing to Integrate Oracle Identity Manager and Oracle Identity Analytics on WebSphere

This appendix includes instructions that describe how to configure WebSphere so that Oracle Identity Manager (OIM) and Oracle Identity Analytics (OIA) can be installed on separate servers.

A.1 To Integrate OIM and OIA on WebSphere

Before You Begin -

• The following steps describe how to install Oracle Identity Manager (OIM) 9.1.0.2 BP17 and Oracle Identity Analytics (OIA) 11.1.1.5.0 on WebSphere.

• When installing OIM and OIA on different machines, OIM needs to be installed using the cluster install instructions (even if you need only one server of OIM), and the cell needs to be spread across the other machine as described in these steps.

1. Install the WebSphere Network Deployment binaries on the machine where you will run OIM and on the machine where you will run OIA.

2. Using the Upgrade Utility, upgrade the WebSphere Network Deployment Server software to the required version.

3. Install OIM 9.1.0.2 as documented in the Installation Guide for Oracle Identity Manager, "Deploying Oracle Identity Manager in a Clustered WebSphere Configuration" chapter.

   Note:

   Install OIM on the WebSphere cell before installing OIA or configuring the OIA server.

4. Zip up the entire contents of the OIM_HOME directory and copy it to the OIA machine and extract in the same location.

5. Create a new managed server profile on the OIA machine:

   • UNIX:

     WAS_NDS_HOME/AppServer/bin/manageprofiles.sh -create 
     -templatePath WAS_NDS_HOME/AppServer/profileTemplates/managed 
     -profileName oia-managed01 -profilePath WAS_NDS_HOME/profiles/oia-managed01
     -nodeName oia-managed01-node01 -hostname hostname
     

   • Windows:

     %WAS_NDS_HOME %\AppServer\bin\manageprofiles.bat –create 
     –templatePath %WAS_NDS_HOME %\AppServer\profileTemplates\managed
     -profileName oia-managed01 –profilePath %WAS_NDS_HOME
     %\profiles\oia-managed01 -nodeName oia-managed01-node01 -hostname hostname
     

6. Integrate the OIA node to the OIM Cell by typing the following command on the OIA Machine:

   • UNIX:

     cd OIM_HOME/xellerate/setup; ./xlAddNode.sh oia-managed01 oia-managed01-node01 192.168.21.9 8883 xelsysadm password1
     

   • Windows:

     cd %OIM_HOME%\xellerate\setup
             xlAddNode.bat oia-managed01 oia-managed01-node01 192.168.21.9 8883 xelsysadm password1
     

7. Login to the WebSphere Deployment Manager server and create a new server:

   1. Choose Servers >Application Servers >New.

   2. Type a name (for example, oia-managed01-server).

      Select your OIA managed node from the drop-down menu (for example, oia-managed01-node01) and click next.

   3. Choose the default server and click next.

   4. Verify that Generate Unique Ports is selected and click next.

   5. Click Finish.

   6. Click Review, check the synchronize nodes, and click Save.

8. Configure the default Java properties for the newly created server:

   1. Choose Servers >Application Servers and click the newly created server.

   2. Choose Java and ProcessManagement >Process Definition.

   3. Click Java Virtual Machine.

   4. Click Custom Properties.

   5. Click New and enter the following info:

      • UNIX:

        XL.HomeDir (For example: /opt/oim9102/xellerate)

      • Windows:

        OIM_HOME (For example: c:\oim9102\xellerate)

   6. Click New and enter the following info:

      • java.awt.headless

      • true

   7. Click Apply and Save.

   Note:

   The JVM properties needs to be set for all the servers created in the WebSphere cell for all the OIA servers.

9. Configure the OIA node(s) by setting the "CSIv2 outbound authentication" as follows:

   1. Choose Servers >Application Servers > yourOiaApplicationServerName > Server Security.

   2. Click CSIv2 outbound authentication.

      A new page opens.

   3. Select the Identity assertion option and verify that the sub-option User server trusted identity is selected.

   4. Click Apply and Save.

10. Configure the OIM node(s) by setting the "CSIv2 outbound authentication" as follows:

    1. Choose Servers >Application Servers > XL_SERVER1_ON_NODE1 > Server Security.

    2. Click CSIv2 outbound authentication.

       A new page opens.

    3. Select the Identity assertion option and type the OIA node name(s) in the Trusted identities box. (For example, oia-managed01-server.)

       Multiple nodes can be entered using a "|" as a separator.

    4. Click Apply and Save.

11. Restart both the OIA and the OIM servers.

12. Create the rbacx.war file by following the instructions in the Installation and Upgrade Guide for Oracle Identity Analytics, "Configuring Your Oracle Identity Analytics Installation Prior to Deployment" chapter.

13. Deploy the rbacx.war file by following the instructions in the Installation and Upgrade Guide for Oracle Identity Analytics, "Deploying Oracle Identity Analytics" chapter.

    Note:

    When deploying, make sure to assign only the OIA managed server to the rbacx application.

14. Complete the steps in Chapter 1, "Integrating With Oracle Identity Manager, Preferred Method."