2 Understanding Oracle Internet Directory in Oracle Fusion Middleware

As of 11g Release 1 (11.1.1), Oracle Internet Directory has been integrated with a common management infrastructure that in turn uses Oracle WebLogic Server. This product set is called Oracle Fusion Middleware.

See Also:

The chapter entitled "Understanding Oracle Fusion Middleware Concepts" in Oracle Fusion Middleware Administrator's Guide.

This chapter describes some features of Oracle Fusion Middleware that affect Oracle Internet Directory management.

This chapter contains the following sections:

2.1 WebLogic Server Domain

A WebLogic Server administration domain is a logically related group of Java components. Domains include a special WebLogic Server instance called the Administration Server, which is the central point from which you configure and manage all resources in the domain. Usually, you configure a domain to include additional WebLogic Server instances called managed servers. You deploy Java components, such as Web applications and Web services, and other resources onto the managed servers and use the Administration Server for configuration and management purposes only. The managed servers can be grouped together into a cluster.

2.2 Oracle Internet Directory as a System Component

Oracle Internet Directory is a system component. That is, it is a manageable process that is not an Oracle WebLogic Server. System components can use the WebLogic Administrative Domain for management services, including Oracle Enterprise Manager Fusion Middleware Control, Audit Framework, configuration management through MBeans and Secure Sockets Layer and Wallet Management. The Oracle WebLogic Server Administration Server controls Oracle Internet Directory and other system components through OPMN.

Oracle Internet Directory itself is a C-based process. Its only run time dependency is the Oracle Database. To be managed by the Oracle Fusion Middleware management framework, Oracle Internet Directory must register itself with a local or a remote Oracle WebLogic Server administration domain during installation or from the command line after installation. Therefore, an Oracle Internet Directory 11g installation requires either a local or a remote installation of Oracle WebLogic Server. Also, the Directory Management user interface, ODSM, is a Java component deployed on Oracle WebLogic Server.

If you must manage Oracle Internet Directory in your deployment using only command-line tools and a remote ODSM, there is also an option to install and configure Oracle Internet Directory without registering with a Oracle WebLogic Server Domain.

2.3 Oracle Internet Directory Deployment Options

During installation, there are four deployment options for Oracle Internet Directory:

  1. Create New Domain–Oracle Internet Directory with a local Oracle WebLogic Server Domain. Oracle WebLogic Server is installed locally with Oracle Internet Directory and an admin domain is created for Oracle Internet Directory.

  2. Extend Existing Domain–Oracle Internet Directory with a remote Oracle WebLogic Server Domain. Oracle WebLogic Server admin server and domain have been installed and created separately and Oracle Internet Directory registers with the Domain remotely.

  3. Expand Cluster–Oracle Internet Directory in an Oracle WebLogic Server cluster for High Availability. This option will not be discussed here.

  4. Configure Without Domain–Oracle Internet Directory without an Oracle WebLogic Server Domain. Oracle Internet Directory can be installed and configured without Oracle WebLogic Server Server and without registering to any Oracle WebLogic Server Admin Domains. In this case, Oracle Internet Directory cannot be managed by Oracle Enterprise Manager Fusion Middleware Control, Oracle WebLogic Scripting Tool (WLST), or other common Oracle Fusion Middleware management services. You must rely on command-line utilities such as opmnctl and the LDAP tools. ODSM can be deployed separately and used to manage Oracle Internet Directory.

If you choose Create New Domain or Extend Existing Domain, the Oracle Internet Directory component you create is registered with that domain when the installation is complete.

If you choose Configure Without Domain, the Oracle Internet Directory component is not registered with any domain when the installation is complete. You will be unable to manage Oracle Internet Directory, or any other component in that Oracle instance, with Oracle Enterprise Manager Fusion Middleware Control until you register the component with a WebLogic domain by using the command-line tool opmnctl.

2.4 Middleware Home

A Middleware home consists of the WebLogic Server home, and optionally one or more other Oracle product homes (also known as Oracle homes). A middleware home can reside on a local file system or on a remote shared disk that is accessible through NFS. The Oracle Fusion Middleware home is represented in path names as MW_HOME.

2.5 WebLogic Server Home

A WebLogic Server home contains installed files necessary to host a WebLogic Server. The WebLogic Server home directory is a peer of other Oracle home directories underneath the middleware home directory. In path names, it is represented as WLS_HOME.

2.6 Oracle Common Home

The Oracle home that contains the binary and library files required for the Oracle Enterprise Manager Fusion Middleware Control and Java Required Files (JRF). There can be only one Oracle Common home within each Middleware home. In path names, it is represented as ORACLE_COMMON_HOME.

2.7 Oracle Home

An Oracle home contains installed files necessary to host a specific software suite. An Oracle home resides within the directory structure of the Middleware home. Each Oracle home can be associated with multiple Oracle instances

The Oracle home is usually represented in path names as ORACLE_HOME. Each Oracle home can be associated with multiple Oracle instances or WebLogic server domains.

2.8 Oracle Instance

In 11g Release 1, product configuration data has been separated from product binaries. The product binaries reside in the Oracle home, ORACLE_HOME, while updatable files reside in an Oracle instance, represented in path names as ORACLE_INSTANCE.

Most Oracle Internet Directory commands require that you set the environment variable ORACLE_INSTANCE to the value of ORACLE_INSTANCE. You dereference this variable as $ORACLE_INSTANCE on UNIX or Linux systems and as %ORACLE_INSTANCE% on Windows.

All configuration files, repositories, log files, deployed applications, and temporary files reside in a oracle instance. Keeping updatable files separate from non-updatable files facilitates administrative tasks such as patching, upgrades, backup and restore, and cloning. It allows administrators to have their run-time and install-time binaries follow independent life cycles.

Oracle instance refers not only to a physical location on disk but also encompasses the associated processes. An Oracle instance contains one or more active middleware system components, such as Oracle Virtual Directory or Oracle Internet Directory. You determine which components are part of an instance, either at install time or by creating and configuring an instance at a later time.

When you install Oracle Internet Directory on a host computer, Oracle Identity Management 11g Installer creates an Oracle Fusion Middleware component of type OID in a new or existing Oracle instance. The component name for the first Oracle Internet Directory component is oid1.

Oracle Identity Management 11g Installer also creates some directories in the file system under the Oracle instance, including the following, when you install Oracle Internet Directory:


2.9 Oracle Enterprise Manager Fusion Middleware Control

As of release 11g, you create, configure, and manage many Oracle Internet Directory features by using Oracle Enterprise Manager Fusion Middleware Control and Oracle Directory Services Manager.

Fusion Middleware Control enables you to configure and manage all Oracle products from one user interface. You can perform most configuration functions in Fusion Middleware Control that you can perform from the command line. Oracle Enterprise Manager Fusion Middleware Control also includes wizards for setting up replication and for estimating sizing and tuning needs.

Oracle Directory Services Manager is an additional administrative interface for Oracle Internet Directory and Oracle Virtual Directory. It is accessible from Oracle Enterprise Manager Fusion Middleware Control or directly from its own URL.

2.10 Logging, Auditing, and Diagnostics

Using Oracle Enterprise Manager Fusion Middleware Control, you can monitor the Oracle Internet Directory Server and related components and activities.

Using the monitoring functions, you can gain insight into system activity and performance, for example, total logins, successful and unsuccessful logins, average login time, request latencies, LDAP connections, and so on.

You can monitor the following items:

  • Metrics: To monitor system health

  • General: A high-level rollup of load, performance, security, login, CPU utilization, and other data

  • Performance: Key metrics for the directory server and its host

  • Reports: Data on operation success and failure

  • Topology: Information on the Oracle HTTP Server instances, directory server instances, associated databases, and other components

2.11 MBeans and the WebLogic Scripting Tool

The Oracle WebLogic Scripting Tool (WLST) is a command-line scripting environment that you can use to create, manage, and monitor Oracle WebLogic Server domains. It is based on the Java scripting interpreter, Jython. You can use WLST to perform some Oracle Internet Directory management operations.

A managed bean (MBean) is a Java object that represents a JMX manageable resource in a distributed environment, such as an application, a service, a component or a device. When Oracle Internet Directory is registered with an Oracle WebLogic Server Admin Domain, Oracle Internet Directory MBeans are deployed in the Oracle WebLogic Server Admin Server. These MBeans enable management of Oracle Internet Directory configuration through Oracle Enterprise Manager Fusion Middleware Control or WLST.