| Oracle® Fusion Applications Installation Guide 11g Release 1 (11.1.2) Part Number E16600-03 |
|
|
PDF · Mobi · ePub |
| Oracle® Fusion Applications Installation Guide 11g Release 1 (11.1.2) Part Number E16600-03 |
|
|
PDF · Mobi · ePub |
This chapter describes the process of creating a provisioning plan for a new Oracle Fusion Applications environment using the Provisioning Wizard interview process.
This chapter includes the following sections:
Oracle Fusion Applications Provisioning orchestrates the physical installation and configuration of the product offerings that you choose and deploys those offerings and their dependent middleware components to predetermined Oracle WebLogic Server domains. Provisioning needs certain conditions to perform the installation tasks: the provisioning repository of installers, the provisioning framework, and a provisioning plan.
When you create a provisioning plan, you choose provisioning configurations and specify the configuration details for the product offerings and their dependent middleware components. You save the plan and specify its location when you are ready to use it to provision a new environment.
You must have downloaded the provisioning repository, installed the provisioning framework, and installed a database and the identity management components before you can create a provisioning plan. See Section 2.1.
Once the prerequisite setup is complete, you run the Provisioning Wizard and select the Create a New Applications Environment Provisioning Plan option. During the plan interview process, you choose product offerings to install. The wizard "knows" which middleware dependencies must be installed for each product offering, and which host must be provisioned first. It detects common products that each offering relies on, as well as the presence of the transaction database and identity-related components, and prompts for the appropriate configuration parameters.
Using a question and answer interview format, the wizard collects information about:
Provisioning configurations (product offerings)
Node Manager credentials and installation and configuration directories
Database connections and schema passwords
Host names and ports for the offerings and their middleware dependencies
Common configuration details for components, such as web tier, virtual hosts, email, and security
Once you complete the provisioning plan, save it. Then, when you are ready to perform the physical installation, choose the Provision a New Environment option from the Provisioning Wizard and indicate the location of the plan. The wizard uses the details in the plan as a guide to what must be retrieved from the provisioning repository.
An installation of Oracle Fusion Applications is logically broken up into groups of features known as product offerings, which represent the highest-level collection of functionality that you can license and implement. A provisioning configuration is a collection of one or more product offerings.
Product offerings have interdependencies on companion applications (for example Oracle Fusion Human Capital Management relies on Oracle Financials payroll), as well as middleware dependencies (for example, Oracle SOA Suite) required for runtime execution. The wizard prompts for applications and middleware configuration details at the domain level.
When you select individual product offerings within a configuration instead of selecting all offerings within the configuration, the wizard starts the Managed Servers only for the offerings that you selected. However, because the interdependent details for the entire configuration are included in the plan, you can "turn on" additional functionality later by using the Oracle Fusion Applications Functional Setup Manager to start the other Managed Servers. See Oracle Fusion Applications Information Technology Management, Implement Applications Guide.
The provisioning configurations are as follows:
Oracle Fusion Customer Relationship Management (Sales and Marketing)
Oracle Fusion Financials (Financials, Oracle Fusion Procurement, and Oracle Fusion Projects)
Oracle Fusion Human Capital Management (Workforce Deployment, Workforce Development, and Compensation Management)
Oracle Fusion Supply Chain Management (Product Management, Order Orchestration, Material Management and Logistics)
You can also choose several standalone product offerings. For this group of offerings, only the direct dependencies are installed, configured, and deployed:
Customer Data Hub
Enterprise Contracts
Fusion Accounting Hub
Oracle Fusion Incentive Compensation
During the Provisioning Wizard interview process, the wizard collects information that is necessary to connect to the Oracle Identity Management components you have previously installed and configured. This information includes:
The user designated as the Super User. This user must already exist in the policy store.
The existence of the system administrators group. This information determines if the group was created during the Oracle Identity Management component installation and configuration process, or if it needs to be created during provisioning.
The distinguished name (DN) of the system administrators group (if it exists).
The authenticator that will serve as the LDAP identity store: Oracle Internet Directory (OIDAuthenticator) or Oracle Virtual Directory (OVDAuthenticator).
There are numerous scenarios for the environments you can create — from a small demonstration system, to a full production system provisioned on multiple hosts. The Provisioning Wizard can accommodate the creation of provisioning plans for specific environments so that you can create a separate plan for each type of environment.
Frequency, details for a provisioning plan are not final, and so cannot be specified during a single pass through the Provisioning Wizard interview. Or, a completed plan has not been implemented, and requires changes before it is. The wizard options include the choice to save a partially completed plan and update it later. Note that a plan is not complete or available for provisioning until you click Finish on the Summary screen.
However, once you select product offerings and save them in a plan, regardless of whether it is partially or fully complete, you cannot update or change the product offerings in that plan. To add or change the mix of offerings, you must create a new plan and specify the new or additional offerings.
Before you create a provisioning plan, you must have completed the following tasks:
Complete the wizard interview screens and save the plan in a location that is accessible to the various installers. Record the location, as you must supply it when you provision the environment.
Note:
The wizard warns if it cannot connect to the database or any of the hosts specified in the plan and if any of the passwords are not valid. If this warning represents an exception, you can ignore it and continue creating the plan. However, you must fix all issues flagged in the warnings before you start to provision an environment. You cannot successfully run provisioning until all validations have passed.To start the Provisioning Wizard, do the following:
Set the JAVA_HOME environment variable to point to the JDK location in the provisioning repository, for example:
(UNIX)
export JAVA_HOME=repository_location/jdk6
export PATH=$JAVA_HOME/bin:$PATH
(Windows)
set JAVA_HOME=repository_location\jdk6
set PATH=%JAVA_HOME%\bin;%PATH%
Run the following command on the primordial host:
(UNIX)
cd framework_location/provisioning/bin
./provisioningWizard.sh
(Windows)
cd framework_location\provisioning\bin
provisioningWizard.bat
Table 4-1 shows the steps necessary to create a provisioning plan using the Provisioning Wizard. For help with any of the interviews, see Appendix D or click Help on any Provisioning Wizard interview screen.
Table 4-1 Creating a Provisioning Plan
| Screen | Description and Action Required |
|---|---|
|
Welcome |
No action is required on this read-only screen. Click Next to continue. |
|
Installation Options |
Presents the list of valid installation actions that you can perform using the wizard. Select Create a New Applications Environment Provisioning Plan. Click Next to continue. |
|
Specify Security Updates |
Set up a notification preference for security-related updates and installation-related information from My Oracle Support. You can receive the notifications in two ways:
Click Next to continue. |
|
Provisioning Configurations |
Select one or more offerings, either within a configuration, or from the list of standalone product offerings. See Section 4.1.2 for details. Click Details in the message pane to see a breakdown of servers for each offering. Once you click Next, you cannot change the selections on this screen. To make changes, click Cancel, open a new wizard session, and create a new plan. |
|
Plan Description |
Enter information to describe this plan. This description is not associated in any way with the executable plan file, or the summary file, that you save when you finish creating this plan.
To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Installation Location |
Specify credentials for the Node Manager and supply the location of the various directories required for installation and configuration actions. See Section 4.3.3 for the list of parameters. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
System Port Allocation |
Accept the default values or set a custom value for the Applications Base Port. The application domain port ranges are derived from this value. If you change the base port value, the domain port ranges adjust accordingly. Ranges must not overlap and must be set in ascending order. The high and low port ranges are assigned by default to each domain in the Application Domain Port Ranges list. The default range allotment is 399. Each range is sequential, in ascending order, for example; 11601 – 12000 is a valid range. For port range validation rules, see Section 4.3.4. Ports listed under Other Ports are not derived from the Applications Base Port value. These "individual" ports can be defined using custom port values. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Database Configuration |
Enter the database parameters that you established when you installed Oracle Database. The wizard validates whether the database you installed is a single instance of Oracle Database or Oracle Real Application Clusters (Oracle RAC). If a Single Instance Database, enter:
If you have installed Oracle RAC, select Real Application Clusters Database and enter the Service Name that you specified when you installed this database. Click Add to create a new row in the table for each instance. Select a row and click Remove to delete it. Enter the following values for the previously installed database:
To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Schema Passwords |
The database that you installed contains preloaded schemas required for runtime execution. Select one of the following options and enter the database schema passwords set up when you installed the database:
To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
ODI Password Configuration |
Enter the ODI Supervisor Password that you created when you installed Oracle Data Integrator. This screen does not appear if you selected Oracle Fusion Financials or Financial Control and Reporting as product offerings. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Domain Topology Configuration |
To determine the flow for the remaining wizard interview screens, choose one of the options. Note that all hosts must use the same operating system; that is, you cannot install "domain1" on Windows and "domain2" on Linux. See Section 4.3.5 for details. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Common Domain |
Note: Individual domain screens appear only if you selected the One host per application and middleware component option on the Domain Topology Configuration screen. Specify values for this domain and its middleware dependencies. All hosts must use the same operating system and share a common mount point for network storage. The host specified for the Admin Server is the default for all servers. You can change the default.
To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Product Family Domains |
Note: Individual domain screens appear based on which options you select on the Domain Topology Configuration screen. For example, the Incentive Compensation Domain screen does not appear unless you selected that product offering for installation. All product family domain screens prompt for the same types of values. Specify values for this domain and its middleware dependencies. All hosts must use the same operating system and share a common mount point for network storage. The host specified for the Admin Server is the default for all servers. You can change the default.
Note: See Section 4.3.6 for Oracle Business Intelligence configuration requirements. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Web Tier Configuration |
Use this screen to configure Oracle HTTP Server and choose a virtual host type. You can deploy the web tier to a host inside the firewall, or outside the firewall (demilitarized zone, known as DMZ). See Section 4.3.7 for the list of parameters. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Virtual Hosts Configuration |
Provisioning determines the application domains to be deployed based on your product offering choices and lists them on this screen. Specify domain-specific values for the type of virtual host mode that you selected on the Web Tier Configuration screen. See Section 4.3.8 for the list of parameters. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Load Balancer Configuration |
Load balancing enables you to distribute a workload evenly across two or more hosts, network links, CPUs, hard drives, or other resources. Check Load Balancing Enabled to take advantage of this feature, and specify:
To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Web Proxy Configuration |
Create Proxy Settings to enable users who want to use a proxy server to connect to the Internet. See Section 4.3.9 for details. Take note of the special instructions for Oracle Customer Relationship Management customers. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Identity Management Configuration |
Provisioning loads roles, policies, and application IDs that you created during the prerequisite Oracle Identity Management installation. To share the identity management environment across multiple Oracle Fusion Applications installations, and make the policies and roles accessible to all environments, you must populate identity management configuration details during the first installation. See Section 4.3.11 for the list of parameters. See also Section 4.3.10 for information about Distinguished Names conventions. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Access and Policy Management Configuration |
Configure Oracle Fusion Applications for integration with existing Oracle Access Manager components. See Section 4.3.12 for the list of parameters. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
IDM Database Configuration |
Enter the configuration details that you specified when you installed the database for Oracle Identity Manager (OIM). See Section 4.3.13 for the list of parameters. To stop creating this plan and resume later, click Save. This action creates a partial plan. A partial plan cannot be used to provision an environment. Click Next to continue. |
|
Summary |
Displays the applications and middleware components that will be installed when you perform a physical installation using this plan. Includes details such as required disk space and the installation locations. See Section 4.3.14 for a description of the parameters. Click Finish to save the plan. The plan is complete and can be used as the basis for provisioning of a new environment. |
Specify credentials for the Node Manager and supply the location of the various directories required for installation and configuration actions on the Installation Location screen.
Node Manager Credentials
User Name: Specify a user name for the Node Manager role.
Password: Specify a password for the Node Manager and retype it in the Confirm Password field.
Provide locations of various directories that the administrator needs access to.
Installation and Configuration
Installers Directory Location: Enter the path to the repository_location directory you created when you downloaded the provisioning repository. For Windows, the location must be a symbolically linked directory. See Section 2.2.5 for additional details. Note that a symbolic link is not necessary if the repository and the database are on the same node.
Oracle Fusion Application Home: Enter the directory path to the Oracle home that you specified when you installed the provisioning framework. This is the Fusion Applications Oracle home. It is the root directory for all Oracle Fusion Applications and Oracle Fusion Middleware products.
In a Windows environment, this name cannot exceed eight characters, and must be a symbolically linked directory. See Section 2.2.5 for additional details.
Application Configuration Directory: This directory is automatically populated based on the value you specify in the Oracle Fusion Applications Home field. It is the path to the directory where the configuration files for the domain will be written. For Windows, the location must be a symbolically linked directory. See Section 2.2.5 for additional details.
Enable Local Application Configuration: Select this check box to run the Managed Servers from a non-networked (local) disk on the host, visible only to the processes running on that host. If you enable this option, the wizard copies the domain configuration from the shared location and places it on the local disk you specify. This configures all Managed Servers to run from the non-networked location.
Local Application Config Directory: Specify the location for the local domain directory you want to set up. This field is required if you selected Enable Local Application Configuration. The specified directory must initially be empty.
WebGate Library Location: Oracle Fusion Applications (WebGate component) requires special versions of gcc libraries to be installed. These library files must exist somewhere on the Linux system. To make these libraries available, download them from http://gcc.gnu.org, as described in "Installing Third-Party GCC Libraries (Linux and Solaris Operating Systems Only)" in Oracle Fusion Applications Middleware Installation Guide for Oracle Identity Management.
In Linux x86-64 (64-Bit) and Oracle Solaris environments, enter the location where you installed the libraries. This field does not appear for Microsoft Windows x64 (64-Bit) or IBM AIX on POWER Systems (64-Bit).
For more information, see also "GCC Run-Time Libraries for Linux and Solaris" at: http://www.oracle.com/technetwork/middleware/ias/downloads/10gr3-webgates-integrations-readme-154689.pdf.
Middleware Dependencies
Font Directory: Appears only if you have selected Oracle Sales, Oracle Marketing, or Oracle Financials offerings. Enter the directory where the TrueType fonts are installed. The location varies on different operating systems, but is typically found here:
Microsoft Windows x64 (64-Bit): C:\WINDOWS\Fonts
Linux x86-64: /usr/X11R6/lib/X11/fonts/TTF
Oracle Solaris: /usr/X11R6/lib/X11/fonts/TrueType
IBM AIX on POWER Systems (64-Bit): /usr/X11R6/lib/X11/fonts/TrueType
Some systems may not have TrueType fonts installed. If you cannot locate the fonts on your system, verify that they have been installed. In addition, you can use the fonts directory shipped as part of the JRE installed in the repository. Regardless of which path you specify, you must have access to .ttf (.TTF) files.
Default IDM Configuration Using IDM Properties File: Select this check box if you want the values on the Identity Management Configuration screen and the Access and Policy Management Configuration screen to default to the values in the IDM properties file (idmDomainConfig.param). See Section 2.1.4.2 for more information about this file.
IDM Properties file: Enter the location of the (idmDomainConfig.param) file, for example, IDM_ORACLE_HOME/idmtools/bin/idmDomainDonfig.param.
Oracle Business Intelligence Repository Password
RPD Password: Specify and Confirm a password to allow access to the metadata repository (RPD) for both Oracle Business Intelligence Applications and Oracle Transactional Business Intelligence. The password must be between 8 and 30 characters and contain at least one digit. It can include letters, numbers, pound sign (#), dollar sign ($), or underscore (_).
In addition, if you are provisioning an environment that is pointed to an existing seeded identity management infrastructure, the RPD password must match the one that you specified when identity management was seeded. Provisioning sets up this password, but does not actually access the repository.
If the environment created is Windows-based, the wizard prompts for these values:
Windows Domain\Windows User Name: Specify a user name to use for running provisioning.
Windows Domain Password: Specify a password for running provisioning. Retype the password to Confirm it.
The values entered on any of the common domain or product domain screens are validated against the ports ranges that you set up on this screen.
For more information about setting port values, see "Viewing and Changing Ports for Components" in the Oracle Fusion Applications Administrator's Guide.
Validation rules for port ranges are as follows:
The number of ports per domain varies according to the number of applications and middleware components installed. You can calculate the minimum port range (sum of standard and secure ports required for all components), or you can set the range to the upper boundary for the largest domain.
Port ranges must not overlap. Gaps between the ranges are acceptable.
Port ranges must be in ascending order. For example, 11601 – 12000 is a valid order.
The lowest port value must be less than the highest port value of each domain.
The value must be unique within a domain.
If you create multiple plans for the same IP subnet, you could introduce port conflicts in the multicasting addresses set for clusters across plans. Examine and resolve such port conflicts before you execute a provisioning plan.
Ephemeral or dynamic ports for the operating system must be set to a port range between 32768 and 61000.
To determine the flow for the remaining wizard interview screens, choose one of the following options:
One host for all domains: Select this option to specify the Host Name to provision all applications domains and their middleware dependencies on a single host. The wizard continues the interview at the Web Tier Configuration screen when you click Next.
One host per domain: Select this option and then select a Host Name for each domain to be created. Provisioning installs and configures the Managed Servers for each Application Domain and the middleware dependencies on the host that you specify. The wizard continues the interview at the Web Tier Configuration screen when you click Next.
One host per application and middleware component: Select this option to specify the host for each application and middleware component individually. The wizard displays the Common Domain screen when you click Next, and includes all domain-specific screens in the interview.
If you select the last option, you cannot change the selections on this screen once you click Next. You must click Cancel, open a new wizard session, and create a new plan to change the configuration domain topology later.
Oracle Business Intelligence products are integrated with, and accessible from, Oracle Fusion Applications. Products include:
Oracle Business Intelligence Enterprise Edition
Oracle Business Intelligence Applications
Oracle Transactional Business Intelligence
Oracle Essbase
Oracle Business Intelligence Publisher
Oracle Real-Time Decisions
Enter the Host where you want Oracle Business Intelligence products to be installed. You specified an RPD password on the Installation Location screen. Provisioning creates this password and makes it available so that Oracle Business Intelligence Applications and Oracle Transactional Business Intelligence can access the metadata repository in your new environment.
You can create virtual hosts on a single web tier. There are three options (IP-based, name-based, and port-based) for each domain that is created during installation. The values assigned during installation are derived from the default HTTP port that you name on this screen.
Web Tier
Install Web Tier in DMZ: Select this option if you set up a separate host for web tier installation as a demilitarized zone (DMZ). This host does not have access to the shared file system. It cannot be used for any other host deployed, regardless of domain. See Section 2.6.
Host: Enter the name of the host where Oracle HTTP Server will be installed and configured.
Virtual Host Mode: Select one of the following:
IP Based: Created on the basis of an IP or IP:host combination (the default).
Name Based: Create new DNS entries, such as fin.example.com and crm.example.com to use as virtual hosts.
Port Based: Created based on the internal and external port for each domain.
Domain Name: Specify a domain name (using the format my.example.com) to configure the domain in which Oracle Fusion Applications will receive requests. This value is also used as the default domain name for name-based virtual hosts.
HTTP Port: The default port for the web tier. Should not require operating system administrator privileges.
HTTPS (SSL) Port: Secure port for the web tier. Should not require operating system administrator privileges.
SMTP Server
Host: Specify the host for email marketing. This field appears only if you selected the Oracle Fusion Customer Relationship Management offering.
Port: Default port for the SMTP server.
Specify the configuration parameters for the domains to be installed on the virtual hosts that you selected on the Web Tier Configuration screen.
If you selected IP Based, specify the following information for each application domain listed:
Internal Name: The host name or IP address where the web tier listens on the internal virtual host for this domain.
Internal Port: The port for this internal virtual host. Visible only from inside the firewall.
External Name: The host name or IP address for the external virtual host for this domain or middleware dependency. The host:port should be visible from outside the firewall.
External Port: The port to be used for this external virtual host. The host:port should be visible from outside the firewall.
If you selected Name Based, specify the following information for each domain listed:
Internal.Name: The DNS name for this internal virtual host. For example, for Oracle Fusion Financials, the name might be fin-internal.
External.Name: The DNS name for this external virtual host. For example, for Oracle Fusion Financials, the name might be fin.
If you selected Port Based, specify the following information for each domain listed:
Internal Port: The port that is visible only from inside the firewall for this domain.
External Port: The port that is visible from outside the firewall for this domain.
Create Proxy Settings to enable users who want to use a proxy server to connect to the Internet.
Enable Web Proxy: Select to enable proxy-related values to set up access to the Internet. Note: If you are a CRM customer and have a web proxy for external HTTP(S) traffic, you must select Enable Web Proxy on this screen and specify your web proxy configuration.
Web Proxy Host: Enter the name of the host where the proxy server is installed.
Web Proxy Port: The listening port assigned to the proxy server.
Enable Secure Web Proxy: Select to have the proxy server SSL-enabled. If you select this check box, the Secure Web Proxy Host and Secure Web Proxy Port fields are enabled and become mandatory.
Secure Web Proxy Host: Enter the SSL host used for secure communications.
Secure Web Proxy Port: Enter the SSL port used for internal communications.
No Proxy Hosts: Defaults to hosts that are connected directly. If there are multiple hosts, they are listed and separated by a vertical bar (|). You can use a wildcard character (*) to specify hosts that should be bypassed. For example, *.example.com would bypass all hosts whose name ends with .example.com.
Proxy Server Requires Authentication: To enable authentication for the proxy server, select this option.
User Name: Enter the user name that you set up for accessing the proxy server.
Password: Enter the password that you set up for accessing the proxy server.
A Distinguished Name (DN) identifies an entry in a Lightweight Directory Access Protocol (LDAP) directory. Because directories are hierarchical, DNs identify the entry by its location as a path in a hierarchical tree (much as a path in a file system identifies a file). Generally, a DN begins with a specific common name, and proceeds with increasingly broader areas of identification until the country name is specified.
Table 4-2 provides definitions for distinguished name components (defined in the X.520 standard).
Table 4-2 Distinguished Name Components
| Component | Definition |
|---|---|
|
Common Name (CN) |
Identifies the person or object defined by the entry. For example, |
|
Organizational Unit (OU) |
Identifies a unit within the organization. For example, |
|
Organization (O) |
Identifies the organization where the entry resides. For example, |
|
Locality (L) |
Identities the place where the entry resides. The locality can be a city, county, township, or any other geographic region. For example, |
|
State of Province Name (ST) |
Identifies the state or province in which the entry resides. For example, |
|
Country (C) |
Identifies the name of the country where the entry resides. For example, |
|
Domain Component (DC) |
Identifies the components of a domain. For example, if the domain is example.com, the domain components would be: |
For more information about using Oracle Identity Management in an applications environment, see Section 2.1.4.
For nonseeded environments, provide the following files from a previously provisioned environment that was seeded in the same way as the Oracle Identity Management components that you are installing. The files are in the domain-home/config/fmwconfig directory or in a previously provisioned environment.
jps-config-jse.xml – located in the domain.
cwallet.sso – copy this file from the same domain as the jps-config-jse.xml. It is located in this directory: domain-home/config/fmwconfig/bootstrap/cwallet.sso.
Copy the files to the following location:
repository_location/keystore
/jps-config-jse.xml
/bootstrap
/cwallet.sso
Enter the parameters necessary to integrate applications with a previously installed Oracle Identity Management infrastructure. If you chose to use the values in the IDM properties file (idmDomainConfig.param) on the Installation Location screen, they appear as defaults in the corresponding fields. You can replace the default values if your original configuration has changed. See Section 2.1.4.
Super User Name: Enter the name of an existing user that should be granted administrator and functional setup privileges. The uid attribute must be set to be the same as the cn attribute.
Enable Seeding of Security Data: Controls the uploading of Oracle Fusion Applications security policies and user credentials into the Lightweight Directory Access Protocol (LDAP) as a part of provisioning. This option is selected by default. Deselecting it disables this action during provisioning.
Create Administrators Group: Indicate whether you created an "Administrators" group, whose members have specialized privileges for all Oracle Fusion Middleware components.
Create Monitors Group: Indicate whether you created a "Monitors" group, whose members have read-only administrative privileges to Oracle WebLogic Server domains.
Create Operators Group: Indicate whether you created an "Operators" group, whose members have Monitors privileges to Oracle WebLogic Server domains.
Identity Store Server Type: Indicate the type of identity store that you set up: OID (Oracle Internet Directory) or OVD (Oracle Virtual Directory).
Identity Store Host: Enter the host or DNS name for your identity store LDAP service.
Identity Store Port: The port assigned to the identity store.
Identity Store Secure Port: The SSL port assigned to the identity store.
Identity Store User DN: Enter the Distinguished Name of the user that you set up with read-write access to the LDAP.
Identity Store Password: Enter the password that you set up for the user with read-write access to the LDAP.
Identity Store Read-only User DN: Enter the Distinguished Name (DN) of the user that you set up with read-only access to the Identity Store LDAP.
Identity Store Read-only Password: Enter the password that you set up for the identity store read-only user.
Identity Store Enabled SSL: Select this option if your identity store is SSL-enabled and if the required certificates are provided in the IDM keystore file.
Identity Store User Name Attribute: Choose the type of user name attribute that you configured in the identity store. Valid values are: user ID (uid), common name (CN), or email address.
Identity Store User Base DN: Enter the root Distinguished Name assigned to the upload of applications user data. This is the root for all the user data in your identity store.
Identity Store Group Base DN: Enter the root Distinguished Name for all the group data in your identity store.
OIM Admin Server Host: Enter the name of the host where the OIM Administration Server is installed.
OIM Admin Server Port: The port where the OIM Administration Server listens.
OIM Administrator User Name: Enter the name you set up as the OIM administrator.
OIM Administrator Password: Enter the password you set up for the OIM administrator.
OIM Managed Server Host: Enter the virtual or real host name of the Oracle Identity Manager Managed Server where SPML callback and other OIM services are running.
OIM Managed Server Port: Enter the virtual or real port where the Oracle Identity Manager Managed Server listens.
OIM Endpoint Host: The access point on the Oracle HTTP Server for Oracle Identity Manager services in an Oracle Identity Management enterprise deployment, or the Oracle Identity Manager Managed Server access point for a non-enterprise deployment.
Enter the HTTP termination address of Oracle Access Manager. Terminates at either a load balancer or the Oracle HTTP Server.
OIM Endpoint Port: The port where the endpoint host listens.
OIM Endpoint Enabled SSL: Select this option if the endpoint host is SSl-enabled.
IDM Keystore File: Enter the location of the JKS keystore containing the certificates for the Oracle Identity Management components. If SSL is not enabled, you can supply a "dummy" .jks file name. The file can be of any type, with or without content. Validation is only for the existence of the file.
IDM Keystore Password: Enter the password that you set up for the IDM Keystore File. If you set up a "dummy" file, enter a "dummy" password. It can be of any format, as there is no validation other than for its existence.
Enter the parameters necessary to integrate applications with a previously installed Oracle Identity Management infrastructure. If you chose to use the values in the IDM properties file (idmDomainConfig.param) on the Installation Location screen, they appear as defaults in the corresponding fields. You can replace the default values if your original configuration has changed. See Section 2.1.4.
Oracle Access Manager Configuration
OAM Administrator User Name: Enter the name you assigned this user when you installed OAM.
OAM Administrator Password: Enter the password you assigned this user when you installed OAM.
OAM AAA Server Host: Enter the name of the proxy host where the Oracle Access Manager is installed.
OAM AAA Server Port: The port number for the Oracle Access Manager listener on the OAM proxy host.
Access Server Identifier: Name used to identify the Oracle Access Server.
Enable Second Primary Oracle Access Manager: Select this check box to name a second Primary Oracle Access Manager for high availability.
Second Access Server Identifier: Enter the name of the second Primary Oracle Access Manager Server.
OAM Security Mode: Enter the OAM transport security mode that you set up for this access server when you installed OAM. Values are Simple or Open. For IBM AIX on POWER Systems (64-Bit), you must use the Open mode for setup.
OAM Simple Mode Passphrase: Enter the passphrase that you set up to secure the communication with the OAM Server. Required only if the mode is specified as Simple.
Webgate Password: Specify a password for the Resource WebGate. It must contain at least eight alphanumeric characters and at least one digit or punctuation mark. Retype to Confirm the password. If seeding of security data is disabled, the password must be the existing WebGate password.
Oracle Platform Security Services
OPSS Policy Store Host: Enter the host name for OID where Oracle Platform Security Services (OPSS) policies are to be seeded.
OPSS Policy Store Port: Number of the OID port for the OPSS policy store.
OPSS Policy Store Secure Port: The secure port for OID.
OPSS Policy Store Read-Write User Name: Enter the Distinguished Name of the user that you set up with write privileges to the OPSS policy store.
OPSS Policy Store Password: Enter the password that you set up for the OPSS policy store user with read-write privileges.
OPSS Policy Store JPS Root Node: Enter the Distinguished Name of the node that you set up to be used as the OPSS policy root.
Create OPSS Policy Store JPS Root Node: Enabled only if the Enable Seeding of Security Data check box on the Identity Management Configuration screen is selected. Select this option to create the OPSS JPS Root Node.
OPSS Policy Store SSL Enabled: Select this option if the OID used for storing OPSS policies is SSL-enabled and the required certificates are provided in the IDM keystore.
Enter the database parameters you established when you installed Oracle Database for the Oracle Identity Manager (OIM). The wizard validates whether the database you installed is a single instance of Oracle Database or Oracle Real Application Clusters (Oracle RAC). If a Single Instance Database, enter:
Host Name: The name of the host where the OIM database is installed.
Port: The listening port for the database.
Service Name: A unique Oracle Fusion Applications name for the OIM database.
If you have installed Oracle RAC, select Real Application Clusters Database and enter the Service Name that you specified when you installed this database.
Click Add to create a new row for each instance. Select a row and click Remove to delete the row. Enter the following information for each instance:
Host Name: The name of the host for each Oracle RAC instance.
Port: The listening port of the database.
Instance Name: The name of the Oracle RAC instance used to manage this database.
Enter the database schema owner and password that you set up to store the Oracle Metadata Services (MDS) Repository data for the Oracle Web Services Policy Manager.
Schema Owner: The owner of the MDS schema in the OIM database that is to be used by the Oracle Web Services Policy Manager.
Schema Owner Password: The password for the MDS schema.
For more information about using Oracle Identity Management in an applications environment, see Section 2.1.4.
Verify that the installation represented on this screen is what you expected. Click Back to return to the interview screens that require changes. If you are satisfied with the details presented here, complete the following information:
Provisioning Plan Name: Specify a unique file name for this plan. This is the executable file that you supply to the wizard when prompted.
Provisioning Summary: Specify a unique name for the summary details file. You cannot use this file to execute the plan.
Directory: Enter the directory where you want to save this plan and the summary file. Choose a location that is visible to all servers accessing shared storage. Ensure that the location is not read-only.
Record the name of the plan and its location. You may want to supply it to your system administrator to use when performing system maintenance tasks.
During the provisioning plan creation process, you can create a partial provisioning plan, which contains an incomplete set of configuration details. To create a partial plan, click Save at any point during the interview. When you are ready to continue with the plan, start the wizard and select Update an Existing Provisioning Plan from the Installation Options screen. Page through the screens and continue where you left off.
Clicking Cancel is another way to create a partial plan, or, alternatively, exit the wizard without saving any plan details:
Start the Provisioning Wizard and choose Create a New Applications Environment Provisioning Plan from the Installation Options screen.
Begin the interview process and continue to the point where you want to end the session. Click Cancel.
Choose one of the following options:
Save and Exit: Save the details that you have created for this plan. Creates a partial plan.
Exit: Exits the wizard without saving any details. Does not create a partial plan.
Cancel: Returns you to the Welcome screen in the wizard interview. Does not save the details that you have entered and does not create a partial plan.
Choose Save and Exit. The partial plan is saved in the directory where you started the wizard.
When you are ready to add more details to the plan, start the Provisioning Wizard and choose Update an Existing Provisioning Plan. Specify the Provisioning Plan location, or click Browse to navigate to the partial plan.
Page through the interview screens until you come to the point where you stopped the last session and move through the rest of the interview as described in Table 4-1 until you finish the process.
You can save a partial plan and return to the wizard as many times as necessary to complete it. The wizard does not recognize a plan as being complete or valid until you have clicked Finish on the Summary screen.
You can also update a completed plan if it has not been implemented. Note that once you select product offerings for a partial or completed plan, you cannot change the mix by updating the plan. You must start a new wizard session and create a new plan.
Once you have saved the provisioning plan, you can return to the Installation Options screen and select the Provision an Applications Environment option to perform the physical installation. Or, you can create another plan to use for another type of installation, for example, to create a test or demonstration environment.
To create another provisioning plan, repeat the tasks Section 4.3. Save the new plan.
To use a provisioning plan to provision a new environment, go to Chapter 5.
|
 Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|