This chapter includes the following topics:
Installing Oracle Identity Management Using "Install and Configure" Option
Configuring Oracle Identity Management for "Install Software - Do Not Configure" Option
Before you start installing and configuring Oracle Identity Management products, keep the following points in mind:
This chapter provides information for installing and configuring Oracle Identity Management (11.1.1.7.0) for new users. If you are an existing Oracle Identity Management 11g user, refer to "Applying the Latest Oracle Fusion Middleware Patch Set" in the Oracle Fusion Middleware Patching Guide.
For complete information about patching your Oracle Fusion Middleware 11g to the latest release, refer to the Oracle Fusion Middleware Patching Guide.
The Select Installation Type screen in the Installer presents two options: Install and Configure and Install Software - Do Not Configure. For more information about these options, see Installation Types: "Install Software - Do Not Configure" vs. "Install and Configure".
Follow the instructions in this section to install and configure the latest Oracle Identity Management software.
Installing and configuring the latest version of Oracle Identity Management 11g components involves the following steps:
Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU)
Installing Oracle WebLogic Server and Creating the Middleware Home
Installing and Configuring Oracle Identity Management 11g Release 1 (11.1.1.7.0) Software
For installing Oracle Identity Management, you must obtain the following software:
Oracle WebLogic Server 11g Release 1 (10.3.6) or Oracle WebLogic Server 11g Release 1 (10.3.5)
Oracle Database
Oracle Repository Creation Utility
Oracle Identity Management Suite
For more information on obtaining Oracle Fusion Middleware 11g software, see Oracle Fusion Middleware Download, Installation, and Configuration ReadMe available at:
http://download.oracle.com/docs/cd/E23104_01/download_readme.htm
Note:
Oracle Identity Management 11g Release 1 (11.1.1.7.0) installer is platform specific.
To install Oracle Identity Management 11g Release 1 (11.1.1.7.0) on a 32-bit operating system, you must use the 32-bit installer and to install Oracle Identity Management 11g Release 1 (11.1.1.7.0) on a 64-bit operating system, you must use the 64-bit installer.
You must install an Oracle Database before you can install some Oracle Identity Management components, such as:
Oracle Internet Directory
Oracle Identity Federation, if you want to use an RDBMS data store
For latest information about supported databases, refer to the Oracle Fusion Middleware Supported System Configurations document.
The database must be up and running to install the relevant Oracle Identity Management component. The database does not have to be on the same system where you are installing the Oracle Identity Management component.
The database must also be compatible with Oracle Fusion Middleware Repository Creation Utility (RCU), which is used to create the schemas that Oracle Identity Management components require.
Note:
For information about RCU requirements for Oracle Databases, see "RCU Requirements for Oracle Databases" topic in the Oracle Fusion Middleware System Requirements and Specifications document.
You must create and load the appropriate Oracle Fusion Middleware schema in your database before installing the following Oracle Identity Management components and configurations:
Oracle Internet Directory, if you want to use an existing schema rather than create a new one using the Installer during installation.
Note:
When you install Oracle Internet Directory, you have the choice of using an existing schema or creating a new one using the Installer. If you want to use an existing schema, you must create it using the Oracle Fusion Middleware Repository Creation Utility (RCU) before you can install Oracle Internet Directory. If you choose to create a new schema during installation, the Installer creates the appropriate schema for you and you do not need to use the RCU.
Oracle Identity Federation Advanced configurations that use RDBMS for the Federation Store, Session Store, Message Store, or Configuration Store.
You create and load Oracle Fusion Middleware schema in your database using the RCU, which is available in the Oracle Fusion Middleware 11g Release 1 (11.1.1) release media and on the Oracle Technology Network (OTN) Web site. You can access the OTN Web site at:
http://www.oracle.com/technetwork/index.html
For information on RCU requirements, refer to the "Repository Creation Utility (RCU) Requirements" topic in the Oracle Fusion Middleware System Requirements and Specifications document.
Note:
Use the Linux RCU to create schemas on supported UNIX databases. Use Windows RCU to create schemas on supported Windows databases.
When you run RCU, create and load only the following schema for the Oracle Identity Management component you are installing—do not select any other schema available in RCU:
For Oracle Internet Directory, select only the Identity Management - Oracle Internet Directory schema
For Oracle Identity Federation, select only the Identity Management - Oracle Identity Federation schema
Note:
When you create schema, be sure to remember the schema owner and password that is shown in RCU. For Oracle Identity Federation, it is of the form PREFIX
_OIF
. You will need to provide this information when configuring Oracle Identity Federation with RDBMS stores.
See:
The Oracle Fusion Middleware Repository Creation Utility User's Guide for complete information.
In order to install Oracle WebLogic Server and Oracle Identity Management on a Microsoft Windows Vista or newer operating system, the operating system user must have Windows "Administrator" privileges.
Even when a user with "Administrator" privileges logs in to the machine, the administrative role is not granted for default tasks. In order to access the Oracle home files and folders, the user must launch the command prompt or Windows Explorer as "Administrator" explicitly, even if the user is logged in as the administrator.
To do so, you can do either one of the following:
Find the Command Prompt icon (for example, from the Start menu or from the Desktop), right-click on the icon, and select Run as Administrator. Then you can run the executables (for example, the WebLogic Server installer) from the command line.
Start Windows Explorer, find the executable you want to run (for example, rcu.bat
for RCU, config.bat
for the Configuration Wizard, or setup.exe
for the installer), right-click on the executable, and select Run as Administrator.
Oracle Identity Management requires Oracle WebLogic Server and a Middleware home directory. Before you install Oracle Identity Management 11g Release 1 (11.1.1.7.0) components, you must ensure that you have installed Oracle WebLogic Server 11g Release 1 (10.3.6) or Oracle WebLogic Server 11g Release 1 (10.3.5), and created a Middleware Home directory.
For more information, see "Installing Oracle WebLogic Server" in Oracle Fusion Middleware Installation Planning Guide. In addition, see Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server for complete information about installing Oracle WebLogic Server.
For information on installing the Oracle WebLogic Server, see "Preparing for Installation" and "Running the Installation Program in Graphical Mode" in the Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server.
Notes:
If you are installing Oracle Internet Directory without an Oracle WebLogic administration domain, you do not need to install Oracle WebLogic.
The same user who installed Oracle WebLogic Server must install Oracle Identity Management.
Do not log in to the Oracle WebLogic Server Administration Console during Oracle Identity Management installation.
If you want to configure the minimum amount for Oracle WebLogic Server's maximum heap size, see Section 2.8, "Optional: Configuring the Minimum Amount for Oracle WebLogic Server's Maximum Heap Size".
If you are installing on a UNIX system, and if this is the first time any Oracle product is being installed on your system with the Oracle Universal Installer, you will be asked to provide the location of an inventory directory. This is where the installer will set up subdirectories and maintain inventory data for each Oracle product that is installed on this system.
Follow the instructions in Table 4-1 to configure the inventory directory information:
Table 4-1 Inventory Directory and Group Screens
Screen | Description |
---|---|
Specify Inventory Directory |
Specify the Oracle inventory directory and group permissions for that directory. The group must have write permissions to the Oracle inventory directory. Click OK to continue. |
Inventory Location Confirmation |
Run the createCentralInventory.sh script as root. Click OK to continue. |
Note:
If you do not want to use the central inventory, you can create the oraInst.loc
file, add the custom location of the inventory, and run the runInstaller by using the following command:
runInstaller -invPtrLoc <full location to oraInst.loc>
Perform the following steps to start an Oracle Identity Management installation:
Note:
You must be logged in to the UNIX operating system as a non-root user to start the Installer.
If you are using Sun JDK, start the Installer by executing one of the following commands:
UNIX: <full path to the runInstaller directory>/runInstaller
Windows: <full path to the setup.exe directory>\setup.exe
If you are using Oracle JRockit JDK, start the Installer by executing one of the following commands:
UNIX: <full path to the runInstaller directory>/runInstaller -jreLoc <Middleware Home>/jrockit_1.6.0_24/jre
Windows: <full path to the setup.exe directory>\setup.exe -jreLoc <Middleware Home>\jrockit_1.6.0_24\jre
Notes:
If you are using Oracle JRockit JDK, the installer prompts you to enter the absolute path of the JDK that is installed on your system. When you install Oracle WebLogic Server, the jrockit_1.6.0_24
directory is created under your Middleware Home. You must enter the absolute path of the JRE folder located in this JDK when launching the installer. For example, on Windows, if the JDK is located in D:\oracle\Middleware\jrockit_1.6.0_24
, then launch the installer from the command prompt as follows:
D:\setup.exe -jreLoc D:\oracle\Middleware\jrockit_1.6.0_24\jre
If you do not specify the -jreLoc
option on the command line when using the Oracle JRockit JDK, the following warning message is displayed:
-XX:MaxPermSize=512m is not a valid VM option. Ignoring
This warning message does not affect the installation. You can continue with the installation.
On 64 bit platforms, when you install Oracle WebLogic Server using the generic jar file, the jrockit_1.6.0_24
directory will not be created under your Middleware Home. You must enter the absolute path of the JRE folder from where your JDK is located.
On 64 bit platforms, the MaxPermSize
should be set to 512M
. Before launching the Installer, you can set the MaxPermSize in the environment as follows:
export _JAVA_OPTIONS=-XX:MaxPermSize=512m
If the MaxPermSize is not set to 512M, you will see the following error message:
java.lang.OutOfMemoryError: PermGen space
Follow the instructions in Table 4-2 to install and configure Oracle Identity Management 11.1.1.7.0.
If you need additional help with any of the installation screens, click Help to access the online help.
Table 4-2 Installation and Configuration Flow for Install and Configure Option
No. | Screen | When Does This Screen Appear? | Description and Action Required |
---|---|---|---|
1 |
Always |
Click Next to continue. |
|
2 |
Always |
Specify any software updates to install before you install Oracle Identity Management. To get updates from My Oracle Support, you can select Search My Oracle Support for Updates, specify a user name and password, and then click Search for Updates. Before you search, you can click Proxy Settings to change the settings for the proxy server and Test Connection to test the credentials. To get updates that you have saved to your computer, you can select Search Local Directory for Updates, specify a directory, and then click Search for Updates. If you do not want to update any software, select Skip Software Updates, and then click Next to continue the installation. |
|
3 |
Always |
Select Install and Configure option. Notes:
Click Next to continue. |
|
4 |
Always |
Ensure that all the prerequisites are met. Click Next to continue. |
|
5 |
This screen is displayed if you select Install and Configure option. |
Select one of the following options:
|
|
6 |
Always |
Specify the Oracle Middleware Home location, Oracle Home Directory, WebLogic Server Directory, Oracle Instance Location, and Oracle Instance Name. For more information about these directories, see "Understanding Oracle Fusion Middleware Concepts and Directory Structure" in Oracle Fusion Middleware Installation Planning Guide. Click Next to continue. |
|
7 |
Always |
This screen allows you to decide how you want to be notified about security issues:
Click Next to continue. |
|
8 |
This screen is displayed if you select Install and Configure option. |
Click Next to continue. |
|
9 |
This screen is displayed if you select Install and Configure option. |
Choose how you want the Installer to configure ports:
Click Next to continue. |
|
10 |
This screen is displayed if you select Install and Configure option and choose to configure Oracle Internet Directory. |
Choose whether to use an existing schema or to create a new one using the Installer. Note: If you want to use an existing schema, it must currently reside in the database to continue with the installation. If it does not currently reside in the database, you must create it now using the Oracle Fusion Middleware Repository Creation Utility. To use an existing schema:
To create a new schema:
|
|
11 |
This screen is displayed if you select Install and Configure option and choose to configure Oracle Virtual Directory. |
Enter the following information:
Click Next to continue. |
|
12 |
This screen is displayed if you select Install and Configure option and choose to configure Oracle Internet Directory. |
Enter the password for the Oracle Internet Directory administrator. Click Next to continue. |
|
13 |
This screen is displayed if you select Install and Configure option and choose to configure Oracle Identity Federation. |
Select one of the following configuration types:
|
|
14 |
This screen is displayed if you select Install and Configure option and choose to configure Oracle Identity Federation. |
Enter the following information:
Click Next to continue. |
|
15 |
Always |
Verify the information on this screen. If you want to change any options, you can return to a previous screen by clicking a link in the navigation tree on the left or by clicking Back until you get to the screen. After you edit the required options, you can continue the installation from the previous screen. Click Save if you want to save a response file. You will be prompted for a name and location for the response file, which will contain information specific to your installation. After the installer creates the response file, you can use it exactly as is to replicate the installation on other systems, or you can modify the response file in a text editor. Click Install to begin the installation. |
|
16 |
Always |
If you are installing on a UNIX system, you may be asked to run the Click Next to continue. |
|
17 |
This screen is displayed if you select Install and Configure option. |
Click Next to continue. |
|
18 |
Always |
Click Save to save the installation configuration, and then click Finish to exit the installer. |
Oracle Identity Management 11g Release 1 (11.1.1.7.0) is installed and configured if you selected Install and Configure option in the Select Installation Type screen. By default Oracle_IDM1
is created as the Oracle Identity Management Oracle home directory. This home directory is also referred to as IDM_Home
in this guide.
To locate the installation log files, see Section 2.10, "Locating Installation Log Files".
If you selected Install Software - Do Not Configure option in the Select Installation Type screen while installing Oracle Identity Management 11g Release 1 (11.1.1.7.0), as described in Installing and Configuring Oracle Identity Management 11g Release 1 (11.1.1.7.0) Software, you must now start the Oracle Identity Management Configuration Wizard to configure the following components:
Oracle Internet Directory (OID)
Oracle Virtual Directory (OVD)
Oracle Directory Services Manager (ODSM)
Oracle Directory Integration Platform (ODIP)
Oracle Identity Federation (OIF)
Run the Oracle Identity Management 11g Configuration Wizard as follows:
On UNIX systems:
ORACLE_IDM1/bin/config.sh
On Windows systems:
ORACLE_IDM1\bin\config.bat
The Oracle Identity Management 11g Configuration Wizard is displayed. You can use this wizard to configure your component in a new domain, in an existing domain, or without a domain. Note that you can install and configure only Oracle Internet Directory and Oracle Virtual Directory without a domain. For more information, see the following topics:
OID with ODSM and Fusion Middleware Control in a New WebLogic Domain
OID with ODIP, ODSM, and Fusion Middleware Control in a New WebLogic Domain
OVD with ODSM and Fusion Middleware Control in a New WebLogic Domain
Performing Advanced Oracle Identity Federation Configurations
ODIP with Fusion Middleware Control in a New WebLogic Domain
Configuring ODIP when OID is Running in SSL Mode 2 - Server Only Authentication