This chapter describes how to upgrade Oracle Access Management highly available environments to Oracle Access Management 11g Release 2 (11.1.2.3.0) on Oracle WebLogic Server, using the manual upgrade procedure.
Note:
If your existing Oracle Identity and Access Management environment was deployed using the Life Cycle Management (LCM) Tools, you must use the automated upgrade procedure to upgrade to Oracle Identity and Access Management 11g Release 2 (11.1.2.3.0). For information about automated upgrade procedure, supported starting points and topologies, see Chapter 2, "Understanding the Oracle Identity and Access Management Automated Upgrade".If you wish to upgrade Oracle Access Management multi-data center environments, refer to Chapter 18, "Upgrading Oracle Access Management Multi-Data Center Environments".
Note:
Before you proceed, check if your existing Oracle Access Management version is supported for high availability upgrade. For more information on supported starting points for high availability upgrade, see Section 3.3, "Supported Starting Points for Oracle Identity and Access Management Manual Upgrade".This chapter includes the following sections:
Section 17.1, "Understanding Oracle Access Management High Availability Upgrade Topology"
Section 17.3, "Shutting Down Administration Server and Managed Servers on OAMHOST1 and OAMHOST2"
Section 17.7, "Updating Binaries of WebLogic Server and Access Manager on OAMHOST2"
Section 17.8, "Replicating Domain Configuration on OAMHOST2"
Section 17.9, "Redeploying Access Manager Server Applications and Shared Libraries on OAMHOST1"
Section 17.10, "Starting Administration Server and Managed Servers on OAMHOST1 and OAMHOST2"
Figure 17-1 shows the Oracle Access Management cluster set up that can be upgraded to 11.1.2.3.0 by following the procedure described in this chapter.
Figure 17-1 Oracle Access Management High Availability Upgrade Topology
On OAMHOST1
, the following installations have been performed:
An Oracle Access Management Access Manager instance has been installed in the WLS_OAM1
Managed Server.
A WebLogic Server Administration Server has been installed. Under normal operations, this is the active Administration Server.
On OAMHOST2
, the following installations have been performed:
An Oracle Access Management Access Manager instance has been installed in the WLS_OAM2
Managed Server.
A WebLogic Server Administration Server has been installed. Under normal operations, this is the passive Administration Server. You make this Administration Server active if the Administration Server on OAMHOST1
becomes unavailable.
The instances in the WLS_OAM1
and WLS_OAM2
Managed Servers on OAMHOST1
and OAMHOST2
are configured in a cluster named OAM_CLUSTER
.
Table 17-1 lists the steps to upgrade Oracle Access Management high availability environment illustrated in Figure 17-1 to 11.1.2.3.0.
Table 17-1 Oracle Access Management High Availability Upgrade Roadmap
Task No | Task | For More Information |
---|---|---|
1 |
Review the Oracle Access Management high availability upgrade topology, and identify |
See, Understanding Oracle Access Management High Availability Upgrade Topology |
2 |
Shut down the Administration Server and all the Managed Servers on |
See, Shutting Down Administration Server and Managed Servers on OAMHOST1 and OAMHOST2 |
3 |
Back up the existing environment. |
|
4 |
Upgrade |
|
5 |
If your starting point is Oracle Access Manager 11g Release 1 (11.1.1.5.0), you must upgrade the OAM packages to 11.1.2.3.0 on |
|
6 |
Update the binaries of Oracle WebLogic Server and Access Manager on |
See, Updating Binaries of WebLogic Server and Access Manager on OAMHOST2 |
7 |
If your starting point is Oracle Access Manager 11.1.1.5.0, after you upgrade |
|
8 |
If you are upgrading Oracle Access Manager 11.1.1.5.0 environments, redeploy Access Manager Server applications and shared libraries on |
See, Redeploying Access Manager Server Applications and Shared Libraries on OAMHOST1 |
9 |
Start the WebLogic Administration Server and the Managed Servers on |
See, Starting Administration Server and Managed Servers on OAMHOST1 and OAMHOST2 |
Before you begin the upgrade process, you must stop the WebLogic Administration Server and all of the Access Manager Managed Servers on OAMHOST1
and OAMHOST2
in the following order:
Stop the Access Manager Managed Servers on both OAMHOST1
and OAMHOST2
.
Stop the WebLogic Administration Server on OAMHOST1
.
For information about stopping the Managed Server, see Section 24.1.9.1, "Stopping the Managed Server(s)".
For information about stopping the Administration Server, see Section 24.1.9.2, "Stopping the WebLogic Administration Server".
After stopping all the servers, you must back up the following before proceeding with the upgrade process:
MW_HOME
directory (Middleware home directory), including the Oracle Home directories inside Middleware home on both OAMHOST1
and OAMHOST2
.
Oracle Access Management Domain Home directory on both OAMHOST1
and OAMHOST2
.
Following Database schemas:
Oracle Access Manager schema
MDS schema
Audit and any other dependent schema
For more information about backing up schemas, see Oracle Database Backup and Recovery User's Guide.
In order to upgrade the Oracle Access Management high availability environment to 11.1.2.3.0, you must first upgrade OAMHOST1
which has the active Administration Server. The following are some of the important tasks involved in upgrading OAMHOST1
to 11.1.2.3.0:
Upgrading Oracle WebLogic Server to 10.3.6 if you are using a previous version.
Upgrading Oracle Access Management binaries to 11.1.2.3.0.
Upgrading the database schemas.
Copying the modified domain mbean configurations.
Upgrading the system configuration.
The procedure to upgrade OAMHOST1
depends on your starting point.
If your starting point is Oracle Access Management 11g Release 2 (11.1.2.2.0), 11g Release 2 (11.1.2.1.0), follow the instructions described in Chapter 8, "Upgrading Oracle Access Management 11g Release 2 (11.1.2.x.x) Environments" to upgrade OAMHOST1
to 11.1.2.3.0.
If your starting point is Oracle Access Manager 11g Release 1 (11.1.1.5.0), follow the instructions described in Chapter 12, "Upgrading Oracle Access Manager 11g Release 1 (11.1.1.x.x) Environments" to upgrade OAMHOST1
to 11.1.2.3.0.
If your starting point is Oracle Access Manager 11g Release 1 (11.1.1.5.0) and if you are using Oracle Access Manager - Oracle Adaptive Access Manager integrated setup, you must upgrade the following packages from 11g Release 1 (11.1.1.5.0) to 11g Release 2 (11.1.2.3.0):
oracle.dogwood.top
oracle.oam.server
oracle.idm.oinav
oracle.sdp.client
oracle.oaam.suite
oracle.oaam.oaam_admin
oracle.oaam.oaam_server
oracle.oaam.oaam_offline
Note:
If your starting point is Access Manager 11g Release 2 (11.1.2.2.0), 11g Release 2 (11.1.2.1.0) or 11g Release 2 (11.1.2), skip this task.To upgrade the packages, you must run the domain updater utility (com.oracle.cie.domain-update_1.0.0.0.jar
) on OAMHOST1
which updates the domain-info.xml
. OAMHOST1
is the host on which Administration Server is running.
To upgrade the necessary Oracle Access Manager packages to 11.1.2.3.0, complete the following steps on OAMHOST1
:
Go to the directory $ORACLE_HOME
/oaam/upgrade
. The domain updater utility com.oracle.cie.domain-update_1.0.0.0.jar
file is located in this directory.
Upgrade the packages using the following command:
java -cp
MW_HOME
/utils/config/10.3/config-launch.jar:./com.oracle.cie.domain-update_1.0.0.0.jar com.oracle.cie.external.domain.DomainUpdater
<DOMAIN_HOME>
<package_name>
:11.1.1.5.0,:11.1.2.3.0
In this command, <DOMAIN_HOME>
refers to the absolute path to the Oracle Access Management domain, and <package_name>
refers to the package that you are upgrading.
Run this command for all of the following packages:
oracle.dogwood.top
oracle.oam.server
oracle.idm.oinav
oracle.sdp.client
oracle.oaam.suite
oracle.oaam.oaam_admin
oracle.oaam.oaam_server
oracle.oaam.oaam_offline
After you upgrade the Access Manager environment on OAMHOST1
, you must update the binaries of Oracle WebLogic Server on OAMHOST2
(if you are using any previous version). Also, you must update the binaries of Oracle Access Manager to11.1.2.3.0 on OAMHOST2
using the Oracle Identity and Access Management 11.1.2.3.0 installer.
For information about upgrading Oracle WebLogic Server to 10.3.6, see Section 24.1.5, "Upgrading Oracle WebLogic Server to 11g Release 1 (10.3.6)".
For information about upgrading Oracle Access Manager binaries to 11.1.2.3.0, see Section 24.1.6, "Updating Oracle Identity and Access Management Binaries to 11g Release 2 (11.1.2.3.0)".
This step is applicable if you are upgrading Oracle Access Manager 11g Release 1 (11.1.1.5.0) to 11.1.2.3.0.
After you upgrade Oracle Access Manager 11.1.1.5.0 to 11.1.2.3.0 on OAMHOST1
, you must replicate the configurations on OAMHOST2
. This task involves packing the upgraded domain on OAMHOST1
and unpacking it on OAMHOST2
.
Note:
Make sure that the Managed Servers are stopped before you perform this step. Do not start the Managed Servers until you complete this task.To do this, complete the following steps:
On OAMHOST1
, run the following command from the location $MW_HOME
/oracle_common/common/bin
to pack the upgraded domain:
On UNIX:
sh pack.sh -domain=
<Location_of_OAM_domain>
-template=
<Location_where_domain_configuration_jar_to_be_created>
-template_name="OAM Domain" -managed=true
On Windows:
pack.cmd -domain=
<Location_of_OAM_domain>
-template=
<Location_where_domain_configuration_jar_needs_to_be_created>
-template_name="OAM Domain" -managed=true
Copy the domain configuration jar file created by the pack
command on OAMHOST1
to any accessible location on OAMHOST2
.
On OAMHOST2
, run the following command from the location $MW_HOME
/oracle_common/common/bin
to unpack the domain:
On UNIX:
sh unpack.sh -domain=
<Location_of_OAM_domain>
-template=
<Location_on_OAMHOST2_where _you_copied_jar_file_created_by_pack_command>
-overwrite_domain=true
On Windows:
unpack.cmd -domain=
<Location_of_OAM_domain>
-template=
<Location_on_OAMHOST2_where _you_copied_jar_file_created_by_pack_command>
-overwrite_domain=true
If you are upgrading Oracle Access MAnager 11.1.1.5.0 on OAMHOST1
, then you must redeploy Access Manager server applications and shared libraries, and target the applications and shared libraries to OAM_CLUSTER
, for the following reasons:
To uptake new shared libraries that Access Manager server applications are dependent on.
To uptake newer versions of Access Manager Administration and Managed Server applications.
For information about redeploying Access Manager server applications and shared libraries, see Section 12.13, "Redeploying Access Manager Server Applications and Shared Libraries".
Note:
redeployOAM
command, ensure that the Access Manager Managed Server(s) are in RUNNING
state and not in the ADMIN
state.
If the servers are in ADMIN
state, do the following:
Log in to the WebLogic Administration Server using the following URL:
http://
host
:
port
/console
Click Deployments.
Click oam_server(11.1.2.0.0) on the Summary of Deployments page.
Click OAM_SERVER
on the Summary of Servers page.
Go to the Control tab and click RESUME.
If you had redeployed Access Manager server applications and shared libraries as part of Section 17.5, "Upgrading OAMHOST1 to 11.1.2.3.0", skip this task.
Start the WebLogic Administration Server and the Access Manager Managed Servers on OAMHOST1
and OAMHOST2
in the following order:
Start the WebLogic Administration Server on OAMHOST1
.
Start the Access Manager Managed Servers on OAMHOST1
and OAMHOST2
.
For more information about starting the WebLogic Administration Server, see Section 24.1.8.2, "Starting the WebLogic Administration Server".
For more information about starting the Managed Servers, see Section 24.1.8.3, "Starting the Managed Server(s)".