1/18
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Part I Understanding Oracle Identity Management
1
Overview
1.1
Oracle Identity Management Overview
1.2
Components that can be Upgraded to Oracle Identity Management 11
g
Release 1 (11.1.1.7.0)
Part II Upgrading Oracle Identity Management Environments
2
Summary of the Upgrade Process for Oracle Identity Management
2.1
Flow Chart of the Oracle Identity Management Upgrade Process
2.2
Steps in the Oracle Identity Management Upgrade Process
3
Supported Starting Points for Upgrading Oracle Identity Management
3.1
Supported Starting Points for Oracle Internet Directory and Oracle Directory Integration Platform Upgrade
3.2
Supported Starting Points for Oracle Virtual Directory Upgrade
3.3
Supported Starting Points for Oracle Identity Federation Upgrade
4
Types of Environments for Oracle Identity Management
4.1
Summary of the Oracle Identity Management 10
g
and 11
g
Components
4.1.1
Identity Management Components Available in Oracle Application Server 10
g
Release 2 (10.1.2)
4.1.2
Identity Management Components Available in Oracle Identity Management 10
g
(10.1.4)
4.1.3
Identity Management Components Available in Oracle Fusion Middleware 11
g
4.2
Oracle Internet Directory and Oracle Directory Integration Platform Topology
4.2.1
Upgrading a Colocated Identity Management Environment
4.2.2
Upgrading a Non-Colocated Identity Management Environment
4.3
Oracle Virtual Directory Topologies
4.4
Oracle Identity Federation Topologies
5
Upgrading Oracle Internet Directory Environments
5.1
Task 1: Understand Your Upgrade Options for SSO and Oracle Delegated Administration Services
5.2
Task 2: If Necessary, Upgrade the Database that Contains the 10
g
Identity Management Schemas
5.3
Task 3: Install and Configure the Oracle Internet Directory and Oracle Directory Integration Platform 11
g
Components
5.3.1
Understanding the Implications of Installing Oracle Internet Directory 11
g
Against the Oracle Internet Directory 10
g
Schema
5.3.2
Install the Oracle WebLogic Server Software and Creating the Middleware Home
5.3.2.1
When is Oracle WebLogic Server Required?
5.3.2.2
Install Oracle WebLogic Server Software and Create the Middleware Home
5.3.3
Install and Configure Oracle Internet Directory and Oracle Directory Integration Platform 11
g
in Preparation for Upgrade
5.3.3.1
Before you Begin Installing Oracle Internet Directory and Oracle Directory Integration Platform
5.3.3.2
Install Oracle Internet Directory and Oracle Directory Integration Platform 11
g
Release 1 (11.1.1.7.0)
5.4
Task 4: Use Upgrade Assistant to Upgrade Oracle Internet Directory
5.4.1
Task 4a: Perform Required Pre-Upgrade Tasks
5.4.1.1
Verifying the Status of Oracle Application Server Identity Management 10
g
Schemas
5.4.1.2
Backing Up the Database Where the Oracle Application Server Identity Management 10
g
Schema Resides
5.4.1.3
Modifying the SSL Port Configuration When Using SSL Authentication Mode on the Windows Operating System
5.4.2
Task 4b: Start the Upgrade Assistant for an OracleAS Identity Management Upgrade
5.4.3
Task 4c: Upgrade the Oracle Internet Directory and Oracle Directory Integration Platform Instance
5.4.3.1
Using the Upgrade Assistant to Upgrade Oracle Internet Directory and Oracle Directory Integration Platform
5.4.3.2
About Specifying Real Application Clusters (RAC) Database Details on the Specify Database Details Screen
5.4.3.3
Recovering From an Oracle Internet Directory Error During the Upgrade Assistant Examine Phase
5.5
Task 5: Complete Any Required Oracle Internet Directory and Oracle Directory Integration Platform Post-Upgrade Tasks
5.5.1
Recreating Any Non-Default Oracle Internet Directory Instances
5.5.2
Disabling the Oracle Internet Directory and Oracle Directory Integration Platform 10
g
Components
5.5.3
Configuring OPMN in the 10
g
Oracle Home After Upgrading Oracle Internet Directory to 11
g
5.5.4
Enabling Oracle Internet Directory Referential Integrity After Upgrade
5.5.5
Reviewing Configuration Attributes that are not Upgraded to Oracle Internet Directory 11
g
5.5.6
Removing Oracle Internet Directory and Oracle Directory Integration Platform 10
g
from Application Server Control
5.5.7
Removing Unneeded Oracle Directory Integration Platform Template Profiles After Upgrade
5.5.8
Deleting Oracle Internet Directory 10
g
Audit Log Container
5.5.9
Updating Oracle Internet Directory 10
g
Port Number in Oracle Enterprise Manager
5.5.10
Configuring Oracle Single Sign-On 10
g
for Oracle Internet Directory 11
g
5.6
Task 6: Verify the Oracle Internet Directory and Oracle Directory Integration Platform Upgrade
6
Upgrading Oracle Virtual Directory Environments
6.1
Task 1: Decide Upon an Oracle Virtual Directory Topology
6.2
Task 2: Install and Configure Oracle Fusion Middleware 11
g
6.2.1
Installing Oracle WebLogic Server Software and Creating the Middleware Home
6.2.2
Installing Oracle Virtual Directory 11
g
Release 1 (11.1.1.7.0)
6.3
Task 3: Use Upgrade Assistant to Upgrade Oracle Virtual Directory
6.3.1
Task 3a: Stop the Oracle Virtual Directory Instances
6.3.2
Task 3b: Start the Upgrade Assistant for an Oracle Virtual Directory Upgrade
6.3.3
Task 3c: Upgrade Oracle Virtual Directory
6.4
Task 4: Complete Any Required Oracle Virtual Directory Post-Upgrade Tasks
6.4.1
Configuring Anonymous Ciphers for Oracle Virtual Directory SSL Listeners
6.4.2
Starting Oracle Virtual Directory After Upgrade When Using Privileged Ports
6.4.3
Upgrading Oracle Virtual Directory Logging Configuration Settings
6.5
Task 5: Verify the Oracle Virtual Directory Upgrade
7
Upgrading Oracle Identity Federation Environments
7.1
Task 1: Decide Upon an Oracle Identity Federation Topology
7.2
Task 2: Use the Repository Creation Utility to Install the Oracle Identity Federation Schema in the Database
7.2.1
Verifying that the Database Meets the Minimum Requirements for the Oracle Identity Federation Schema
7.2.2
Running the Repository Creation Utility in Preparation for Upgrading Oracle Identity Federation
7.3
Task 3: Install and Configure Oracle Fusion Middleware 11
g
7.3.1
Task 3a: Install Oracle WebLogic Server Software and Create the Middleware Home
7.3.2
Task 3b: Install Oracle Identity Federation 11
g
Release 1 (11.1.1.7.0)
7.3.3
Task 3e: Create an Oracle HTTP Server Instance and Link It to Oracle Identity Federation 11
g
7.4
Task 4: Use the Upgrade Assistant to Upgrade Oracle Identity Federation
7.4.1
Task 4a: Start the Upgrade Assistant for an Oracle Identity Federation Upgrade
7.4.2
Task 4b: Upgrade Oracle Identity Federation
7.5
Task 5: Complete Any Required Oracle Identity Federation Post-Upgrade Tasks
7.5.1
Integrating Oracle Identity Federation 11
g
with Oracle Access Manager 10
g
7.5.2
Using a Custom Authentication Engine or Custom SP Engine with Oracle Identity Federation 11
g
7.5.2.1
Modifying the Authentication Engine Code
7.5.2.2
Modifying the SP Engine Code
7.5.2.3
Changes to the Logout Service for Authentication or SP Engines
7.5.2.4
Deploying the Authentication or SP Engine
7.5.2.5
Creating the Authentication Engine in Oracle Identity Federation 11
g
7.5.2.6
Creating the SP Engine in Oracle Identity Federation 11
g
7.5.3
Reconfiguring Oracle Single Sign-On Server After Upgrade to Work with Oracle Identity Federation 11
g
7.5.4
About Backwards Compatibility for ShareID Service URLs
7.5.5
Upgrading Oracle Identity Federation SSL Configuration
7.5.6
Setting Oracle Identity Federation System Properties After Upgrade
7.5.7
Updating the Configuration File
7.5.8
Additional Oracle Identity Federation Post-Upgrade Tasks
7.6
Task 6: Verify the Oracle Identity Federation Upgrade
Part III Upgrading Oracle Identity Management High Availability Environments
8
Upgrading Oracle Internet Directory High Availability Environments
8.1
Summary of Oracle Internet Directory High Availability Upgrade Starting Points
8.1.1
High Availability Topologies Based on a Distributed Identity Management Environment
8.1.2
High Availability Topologies Based on a Colocated Identity Management Environment
8.1.3
High Availability Environments Based on Standalone Oracle Internet Directory Instances
8.2
Before You Begin Upgrading Your Oracle Identity Management High Availability Environment
8.2.1
Conventions Used in This Chapter
8.2.2
Prerequisites for Oracle Identity Management High Availability Upgrade
8.2.3
Supported High Availability Environments for Upgrade
8.2.4
Reducing Downtime During Upgrade With Directory Replication
8.3
Upgrading Oracle Internet Directory and Oracle Directory Integration Platform in a High Availability Environment
8.3.1
Task 1: On IDMHOST1, Install Oracle WebLogic Server and Create the Middleware Home
8.3.2
Task 2: On IDMHOST1, Install and Configuring Oracle Internet Directory and Oracle Directory Integration Platform 11
g
Release 1 (11.1.1.7.0)
8.3.3
Task 3: On IDMHOST1, Upgrade Oracle Internet Directory and Oracle Directory Integration Platform to 11
g
8.3.4
Task 4: On IDMHOST1, Configure Oracle Directory Integration Platform to Use the Oracle Internet Directory Virtual Host
8.3.5
Task 5: On IDMHOST1, Verify the Oracle Internet Directory and Oracle Directory Integration Platform Upgrade
8.3.6
Task 6: On IDMHOST2, Install Oracle WebLogic Server and Create the Middleware Home
8.3.7
Task 7: On IDMHOST2, Install and Configure the Oracle Internet Directory and Oracle Directory Integration Platform 11
g
Release 1 (11.1.1.7.0)
8.3.8
Task 8: Copy the Oracle Directory Integration Platform Directory from IDMHOST1 to IDMHOST2
8.3.9
Task 9: On IDMHOST2, Set the Anonymous Bind Property to Allow
8.3.10
Task 10: Start the Managed Server on IDMHOST2
8.3.11
Task 11: Verify That the Components Are Up and Running on IDMHOST2
8.4
Upgrading Oracle Internet Directory and Oracle Directory Integration Platform in a Colocated High Availability Environment
8.4.1
Task 1: On IDMHOST1, Install Oracle WebLogic Server and Create the Middleware Home
8.4.2
Task 2: On IDMHOST1, Install and Configure the Oracle Internet Directory and Oracle Directory Integration Platform 11
g
Release 1 (11.1.1.7.0)
8.4.3
Task 3: On IDMHOST1, Upgrade Oracle Internet Directory and Oracle Directory Integration Platform to 11
g
8.4.4
Task 4: On IDMHOST1, Configure Oracle Directory Integration Platform to Use the Oracle Internet Directory Virtual Host
8.4.5
Task 5: On IDMHOST1, Disable Oracle Internet Directory and Oracle Directory Integration Platform in the 10
g
Oracle Home
8.4.6
Task 6: On IDMHOST1, Verify the Oracle Internet Directory and Oracle Directory Integration Platform Upgrade
8.4.7
Task 7: On IDMHOST2, Install Oracle WebLogic Server and Create the Middleware Home
8.4.8
Task 9: On IDMHOST2, Install and Configure Oracle Internet Directory and Oracle Directory Integration Platform 11
g
Release 1 (11.1.1.7.0)
8.4.9
Task 10: Copy the Oracle Directory Integration Platform Directory from IDMHOST1 to IDMHOST2
8.4.10
Task 11: On IDMHOST2, Set the Anonymous Bind Property to Allow
8.4.11
Task 12: On IDMHOST2, Disable Oracle Internet Directory and Oracle Directory Integration Platform in the 10
g
Oracle Home
8.4.12
Task 13: Start the Managed Server on IDMHOST2
8.4.13
Task 14: Verify That the Components Are Up and Running on IDMHOST2
8.5
Upgrading Oracle Internet Directory Only
8.5.1
Upgrading Oracle Internet Directory With a Local Oracle WebLogic Server Domain
8.5.1.1
Task 1: On IDMHOST1, Install Oracle WebLogic Server and Create the Middleware Home
8.5.1.2
Task 2: On IDMHOST1, Install and Configure Oracle Internet Directory 11
g
Release 1 (11.1.1.7.0)
8.5.1.3
Task 3: On IDMHOST1, Upgrade Oracle Internet Directory to 11
g
8.5.1.4
Task 4: On IDMHOST1, Verify the Upgraded Oracle Internet Directory Instance
8.5.1.5
Task 5: On IDMHOST2, Install Oracle Internet Directory 11
g
Release 1 (11.1.1.7.0)
8.5.1.6
Task 6: On IDMHOST2, Register the Oracle Internet Directory Instance with the Domain on IDMHOST1
8.5.1.7
Task 7: On IDMHOST2, Verify the Oracle Internet Directory Instance
8.5.2
Upgrading Oracle Internet Directory With a Remote Domain or No Domain
8.5.2.1
Task 1: On IDMHOST1, Install and Configure Oracle Internet Directory 11
g
Release 1 (11.1.1.7.0)
8.5.2.2
Task 2: On IDMHOST1, Upgrade Oracle Internet Directory to 11
g
8.5.2.3
Task 3: On IDMHOST1, Verify the Oracle Internet Directory Instance
8.5.2.4
Task 4: On IDMHOST2, Install and Configure Oracle Internet Directory 11
g
Release 1 (11.1.1.7.0)
8.5.2.5
Task 5: Verify the Oracle Internet Directory Instances on IDMHOST1 and IDMHOST2
8.5.2.6
Task 6: Optionally, Register the Oracle Internet Directory Instances on IDMHOST1 and OIDHOST2 with an Existing Remote Domain
9
Upgrading Oracle Identity Management Cold Failover Cluster Environments
9.1
Task 1: Preparing for Upgrading Your Oracle Fusion Middleware Cold Failover Cluster Environment
9.2
Task 2: Install Oracle WebLogic Server and Create the Middleware Home
9.3
Task 3: Install and Configure the Oracle Internet Directory and Oracle Directory Integration Platform 11
g
Release 1 (11.1.1.7.0)
9.4
Task 4: Verify the Oracle Internet Directory and Oracle Directory Integration Platform Installation
9.5
Task 5: Upgrade Oracle Internet Directory and Oracle Directory Integration Platform
9.6
Task 6: Verify the Upgrade of Oracle Internet Directory and Oracle Directory Integration Platform
9.7
Task 7: Configuring the Upgraded Components for Active-Passive Deployments
9.7.1
Task 7a: Transform the Infrastructure Components for Cold Failover Clusters
9.7.2
Task 7b: Transforming Oracle Internet Directory and Its Clients for Cold Failover Clusters
9.8
Task 8: Configure Fusion Middleware Control to Monitor the Upgraded Components
9.9
Task 9: Verify the Upgraded High Availability Environment
10
Performing Oracle Identity Management Multimaster and Fan-Out Replication Upgrade
10.1
Task 1: Review the Terminology, Prerequisites, and Key Concepts For Upgrading a Replication Environment
10.1.1
Terminology Conventions for This Chapter
10.1.2
Valid Starting Points When Upgrading a Replication Environment
10.1.3
Oracle Recommendations When Upgrading a Replication Environment
10.2
Task 2: Prepare for the Oracle Identity Management Multimaster or Fan-Out Replication Upgrade
10.3
Task 3: Perform the Oracle Internet Directory Replica Upgrade
10.3.1
Selecting a Replica Upgrade Method
10.3.2
Upgrading One Replica at a Time
10.3.3
Upgrading Oracle Internet Directory on Multiple Replicas Simultaneously
10.4
Task 4: Completing the Upgrade of Each Replica
10.4.1
Changing the Replication DN Password in the Oracle Internet Directory Wallet for Each Replica
10.4.1.1
Changing the Replication DN Password
10.4.1.2
Resetting the Replication DN Password
10.4.2
Setting the orclreplicationid Attribute in the Upgraded 11
g
Directory
11
Upgrading Oracle Virtual Directory High Availability Environments
11.1
Understanding the Oracle Virtual Directory High Availability Upgrade
11.2
Upgrading Oracle Virtual Directory When Using a Local Oracle WebLogic Server Domain
11.2.1
Task 1: On IDMHOST1, Optionally Install Oracle WebLogic Server and Create the Middleware Home
11.2.2
Task 2: On IDMHOST1, Install and Configure the Oracle Virtual Directory 11
g
Release 1 (11.1.1.7.0)
11.2.3
Task 3: On IDMHOST1, Upgrade the Oracle Virtual Directory Instance to 11
g
11.2.4
Task 4: On IDMHOST2, Install and Configure the Oracle Virtual Directory 11
g
Release 1 (11.1.1.7.0)
11.2.5
Task 5: On IDMHOST2, Upgrade the Second Oracle Virtual Directory Instance
11.2.6
Task 6: On IDMHOST2, Register the Second Oracle Virtual Directory Instance with the Domain on IDMHOST1
11.2.7
Task 7: On IDMHOST1 and IDMHOST2, Import the Oracle Virtual Directory Listener keystore Certificates
11.3
Upgrading Oracle Virtual Directory When Using a Remote Oracle WebLogic Server Domain or No Domain
11.3.1
Task 1: On IDMHOST1, Install and Configure the Oracle Virtual Directory 11
g
Release 1 (11.1.1.7.0)
11.3.2
Task 2: On IDMHOST1, Upgrade the Oracle Virtual Directory Instance to 11
g
11.3.3
Task 3: On IDMHOST2, Install and Configure the Oracle Virtual Directory 11
g
Release 1 (11.1.1.7.0)
11.3.4
Task 4: On IDMHOST2, Upgrade the Second Oracle Virtual Directory Instance
11.3.5
Task 5: On IDMHOST2, Optionally Register the Second Oracle Virtual Directory Instance with the Domain on WLSHOST1
11.3.6
Task 6: On IDMHOST1 and IDMHOST2, Import the Oracle Virtual Directory Listener keystore Certificates
12
Upgrading Oracle Identity Federation High Availability Environments
12.1
Task 1: Understand the Oracle Identity Federation High Availability Upgrade
12.1.1
Prerequisites for Oracle Identity Federation High Availability Upgrade
12.1.2
Conventions Used in This Chapter
12.2
Task 2: Install the Oracle Identity Federation Schema in the Database
12.3
Task 3: Install Oracle WebLogic Server and Create the Middleware Home
12.4
Task 4: Install Oracle Identity Federation 11
g
Release 1 (11.1.1.7.0)
12.5
Task 5: Configure the Oracle WebLogic Server Domain with Only Oracle Enterprise Manager Fusion Middleware Control
12.6
Task 6: Extend the Domain and Create the First Oracle Identity Federation 11
g
Oracle Instance
12.6.1
Extending the Domain and Configuring Oracle Identity Federation
12.6.2
About Selecting and Configuring Oracle HTTP Server with Oracle Identity Federation
12.7
Task 7: Use the Upgrade Assistant to Upgrade the First Oracle Identity Federation Oracle Instance
12.7.1
Task 7a: Start the Upgrade Assistant for an Oracle Identity Federation Upgrade
12.7.2
Task 7b: Upgrade Oracle Identity Federation
12.8
Task 8: Install Oracle WebLogic Server and Create the Middleware Home on IDMHOST2
12.9
Task 9: Deinstall the Oracle Identity Federation 10
g
Instance on IDMHOST2
12.9.1
Procedure for Deinstalling the Oracle Identity Federation 10
g
Instance
12.9.2
Alternative Procedure to Avoid Port Conflicts
12.10
Task 10: Install Oracle Identity Federation 11
g
Release 1 (11.1.1.7.0) on the Second Instance IDMHOST2
12.11
Task 11: Configure the Oracle WebLogic Server Domain on IDMHOST2
12.12
Task 12: Copy the Oracle Identity Federation Application from IDMHOST1 to IDMHOST2
12.13
Task 13: Start the Managed Server on IDMHOST2
12.14
Task 14: Complete Post-Upgrade Procedures
12.14.1
Configuring Routing Between Oracle Identity Federation and Oracle HTTP Server
12.14.2
Configuring the Load Balancer
12.14.3
Set Oracle Identity Federation Configuration Properties
12.14.4
Additional High Availability Tasks Associated
12.15
Task 15: Verify the Oracle Identity Federation High Availability Upgrade
Scripting on this page enhances content navigation, but does not change the content in any way.