This chapter describes how to upgrade your existing Oracle Identity Manager 11g Release 1 (11.1.1.5.0) and 11g Release 1 (11.1.1.7.0) environments to Oracle Identity Manager 11g Release 2 (11.1.2.3.0) on Oracle WebLogic Server, using the manual upgrade procedure.
Note:
If your existing Oracle Identity and Access Management environment was deployed using the Life Cycle Management (LCM) Tools, you must use the automated upgrade procedure to upgrade to Oracle Identity and Access Management 11g Release 2 (11.1.2.3.0).For information about automated upgrade procedure, supported starting points and topologies, see Chapter 2, "Understanding the Oracle Identity and Access Management Automated Upgrade".
Note:
This chapter refers to Oracle Identity Manager 11g Release 1 (11.1.1.5.0) and 11g Release 1 (11.1.1.7.0) environments as 11.1.1.x.x.This chapter includes the following sections:
Section 14.4, "Creating Necessary Schemas and Upgrading the Existing Schemas"
Section 14.5, "Upgrading Oracle Identity Manager Middle Tier"
Section 14.6, "Upgrade Other Oracle Identity Manager Installed Components"
Section 14.8, "Verifying the Oracle Identity Manager Upgrade"
Note:
Oracle Identity Manager upgrade scripts from 11.1.1.x.x to 11.1.2.3.0 create application instances during the upgrade process. The application instances that are created will be based on the existing accounts and their data. For active accounts that have an IT Resource field on the process form, whose value is populated on the process form, corresponding application instances will be created for the specific Resource Object+ITResource combination.The procedure for upgrading Oracle Identity Manager 11.1.1.x.x to 11.1.2.3.0 involves the following high-level steps:
Performing the Required Pre-Upgrade Tasks: This step involves tasks like generating the pre-upgrade report, analyzing the report and performing the necessary pre-upgrade tasks described in the report, shutting down the servers, backing up the 11.1.1.x.x environment and so on.
Upgrading Oracle Home: This step involves tasks like upgrading Oracle WebLogic Server to 10.3.6, upgrading Oracle SOA Suite to 11.1.1.9.0, and upgrading Oracle Identity Manager to 11.1.2.3.0.
Creating Necessary Schemas and Upgrading the Existing Schemas: This step involves tasks like creating necessary schemas like Oracle BI Publisher (BIP) schema and Oracle Platform Security Services (OPSS) schema using Repository Creation Utility 11.1.2.3.0, and upgrading the existing schemas using the Patch Set Assistant.
Upgrading Oracle Identity Manager Middle Tier: This step involves tasks like upgrading Oracle Identity Manager middle tier, starting the servers, patching the Oracle Identity Manager MDS metadata and so on.
Upgrading Other Oracle Identity Manager Installed Components: This step involves tasks like upgrading Oracle Identity Manager Design Console, Oracle Identity Manager Remote Manger, and configuring BI Publisher Reports.
Performing the Required Post-Upgrade Tasks: This step involves the post-upgrade tasks like enabling Oracle Identity Manager - Oracle Access Manager integration, upgrading user UDF, customizing event handlers, upgrading SOA composites and so on.
Table 14-1 lists the steps to upgrade Oracle Identity Manager 11.1.1.x.x.
Note:
If you do not follow the exact sequence provided in this task table, your Oracle Identity Manager upgrade may not be successful.| Sl No | Task | For More Information |
|---|---|---|
|
1 |
Complete the following pre-upgrade tasks.
|
|
|
2 |
Upgrade the Oracle Home by complete the following tasks:
|
|
|
3 |
Create the Oracle BI Publisher (BIP) schema and Oracle Platform Security Services (OPSS) schema using the Repository Creation Utility (RCU), and upgrade your existing database schemas using the Patch Set Assistant (PSA). |
See, Creating Necessary Schemas and Upgrading the Existing Schemas |
|
4 |
Upgrade the Oracle Identity Manager middle tier. This is done by running the OIM middle tier upgrade utility |
See, Upgrade Other Oracle Identity Manager Installed Components |
|
5 |
Upgrade other Oracle Identity Manager installed components like Oracle Identity Manager Design Console and Oracle Identity Manager Remote Manager to 11.1.2.3.0. |
See, Upgrade Other Oracle Identity Manager Installed Components |
|
6 |
Complete the required post-upgrade tasks. |
|
|
7 |
Verify the upgraded environment. |
This section describes the pre-upgrade tasks that you must complete before you upgrade the Oracle Identity Manager 11.1.1.x.x environments:
Comparing the Features of Oracle Identity Manager 11.1.1.x.x and 11.1.2.3.0
Reviewing the Customizations that are Lost or Overwritten as Part of Upgrade
Ensuring That getPlatformTransactionManager() Method is Not Used in Custom Code
Shutting Down Node Manager, Administration Server and Managed Servers
Backing Up Oracle Identity Manager 11g Release 1 (11.1.1.x.x)
Table 14-2 lists the key differences in functionality between Oracle Identity Manager 11.1.1.x.x and Oracle Identity Manager 11g Release 2 (11.1.2.3.0).
Table 14-2 Features Comparison
| Oracle Identity Manager 11.1.1.x.x | Oracle Identity Manager 11.1.2.3.0 |
|---|---|
|
Oracle Identity Manager 11.1.1.x.x provided separate interfaces for end user self-service and delegated administration. User Interface (UI) relied on the classic UI customization model where developers would edit the back end code, deploy it to an application server, and finally validate the changes from a browser. This was required for minor changes such as changes to logos, label, font, button, etc. |
In Oracle Identity Manager 11.1.2.3.0, the end user self-service and delegated administration consoles are unified into a single self-service console to simplify administration and self service. Oracle Identity Manager 11.1.2.3.0 uses the Alta skin which is business (mobile, cloud) friendly. OIM 11.1.2.3.0 has a new Home page, new my profile page with user friendly inbox. UI customization is simplified using Sandboxing and web composer. Most of the customizations need to be redone to match the look and feel of Oracle Identity Manager 11.1.2.3.0. |
|
In Oracle Identity Manager 11.1.1.x.x, administrators configured request templates to control what an end user could request. End users have to navigate through a series of menus to select entitlement before they can submit and access request. An end user's access to request templates was controlled by his/her role memberships. |
Oracle Identity Manager 11.1.2.3.0 provides a new user interface with a shopping cart-type request model through which end users can search and browse through the catalog, and directly request any item such as roles, entitlements, or applications, without having to navigate through a series of menus. In addition to this, several business-friendly metadata such as description, audit objective, tags, owner, approver, technical glossary, and so on, can be associated to each access item, to display business-friendly and rich contextual information to a business user at the time of self service access request and access review. UDFs which are marked as searchable will automatically be part of advance search form. You can customize the search form. Attributes can be used to search catalog items. Catalog as single point for managing access. |
|
In Oracle Identity Manager 11.1.1.x.x, Resource and IT resource names are named in a manner such that it is easy for the IT users to manage them. The problem with this approach is that, if a business user has to request access, the resource name will not make sense to the user. These incomprehensible Resource and IT resource names make the access request process non-intuitive. |
Oracle Identity Manager 11.1.2.3.0 provides an abstraction entity called Application Instance. It is a combination of IT resource instance (target connectivity and connector configuration) and resource object (provisioning mechanism). Administrators can assign business friendly names to Application instances and map them to corresponding IT resources and Resource Objects. End users who request for accounts through the catalog will search for an account by providing the business friendly Application Instance Name. Application instances are automatically created as part of the upgrade procedure. Administrators are expected to define organization publishing for these Application Instances to control who has access to request for access to the application. |
|
Oracle Identity Manager 11.1.1.x.x had to be integrated with Oracle Identity Analytics (OIA) to leverage the advanced access review capabilities. |
In 11.1.2.3.0, the functionality of Oracle Identity Analytics is ported into Oracle Identity Governance (OIG). You can define and manage identity audit policies based on IDA rules. You can define owners and remediators for a policy, which can be a specific user, a list of users, or an OIM role. You can use preventive and detective scan capabilities which can create actionable policy violations. Oracle Identity Manager 11.1.2.3.0 has comprehensive role lifecycle management and workflow approval capabilities with direct involvement from business, featuring a business friendly User Interface. It also includes detailed Role Analytics to aid with the composition and modifications of roles. |
|
In Oracle Identity Manager 11.1.1.x.x, authorization policies were used to control a user's access to the functions within Oracle Identity Manager. Policy administration was done through a UI that was built specifically for Oracle Identity Manager |
Oracle Identity Manager 11.1.2.3.0 provides a fine grained authorization engine to help you create various admin roles. For example, by using attributes to define membership, you can restrict an administrator to managing home organization members only. |
|
The existing 11.1.1.x.x certification feature provides certifier selection based on User Manager, Organization Manager, Catalog Owner and Selected User. |
Oracle Identity Manager 11.1.2.3.0 introduces additional certifier selection where role can be used to define certifiers. All members of a certifier role can see the certification in their inbox, but the first member who 'claims' the certification will be the primary reviewer for that certification. |
|
Till Oracle Identity Manager 11.1.1.x.x, policies were implemented and customized using OIM plug-in, and pre-pop adapters implemented via plug-in framework, which required writing custom java code to extend and customize OOTB policies. |
Oracle Identity Manager 11.1.2.3.0 introduces declarative policies that enable you to define and configure various policy types that are evaluated at run time. Policy is configured via a UI/API rather than customized via Java plug-in or pre-pop adapter. |
|
Oracle Identity Manager 11.1.1.x.x had SOA based approval workflows. Request templates are provided to create various request. |
Oracle Identity Manager 11.1.2.3.0 includes a number of enhancements to the request workflow. Temporal grants allow the requester to specify the start and end date (grant duration) of the role, account and entitlements at the time of assignment. Administrators can configure approvals by creating workflow policy rules instead of approval policies. It also supports role requests (create, modify, delete etc).Also, now enabling SOA is optional. |
|
In Oracle Identity Manager 11.1.1.x.x, Lookup queries were supported. |
In Oracle Identity Manager 11.1.2.3.0, Lookup queries are not supported. |
Before you start the upgrade process, review the Oracle Fusion Middleware System Requirements and Specifications and Oracle Fusion Middleware Supported System Configurations documents to ensure that your system meets the minimum requirements for the products you are installing or upgrading to. For more information see Section 24.1.1, "Verifying Certification, System Requirements, and Interoperability".
Ensure that you are using a Java Development Kit (JDK) version that is supported and certified with Oracle Identity and Access Management 11.1.2.3.0.
You can verify the required JDK version by reviewing the certification information on the Oracle Fusion Middleware Supported System Configurations page.
The JDK can be downloaded from the Java SE Development Kit 7 Downloads page on Oracle Technology Network (OTN).
Note:
For more information about JDK version requirements, see the "Oracle WebLogic Server and JDK Considerations" topic in the Oracle Fusion Middleware System Requirements and Specifications for Oracle Identity and Access Management 11g Release 2 (11.1.2) document.This section lists the customizations that will be lost or overwritten as part of the upgrade process.
The following customizations will be lost or overwritten as part of the Oracle Identity Manager upgrade process:
The configuration files like web.xml that are directly manipulated for changing the session time out will be overwritten as part of the binary upgrade.
The custom JARs included in the OIM Home will be lost as part of the binary upgrade.
Oracle Identity Manager Design Console configuration settings will be lost as part of the binary upgrade.
Oracle Identity Manager Remote Manager configuration settings will be lost as part of the binary upgrade.
Customizations done to Email Validation Pattern will be overwritten as part of the upgrade process.
All UI customizations will be lost as Oracle Identity Manager 11.1.2.3.0 uses a different UI model compared to Oracle Identity Manager 11.1.1.x.x.
The following scripts will be modified as part of the Oracle Identity Manager middle tier upgrade offline.
Startup scripts - startWebLogic.sh and startManagedWebLogic.sh located at DOMAIN_HOME/bin/ (on UNIX), startWebLogic.cmd and startManagedWebLogic.cmd located at DOMAIN_HOME\bin\ (on Windows)
Domain environment script - setDomainEnv.sh located at DOMAIN_HOME/bin/(on UNIX), setDomainEnv.bat located at DOMAIN_HOME\bin\ (on Windows)
Unprotected Metadata files
For the list of protected metadata files for which the customizations will be retained after upgrade, see Section 24.2.1, "Protected Metadata Files for Which Customization will be Retained After Upgrade".
Any manual edits done to these scripts will be overwritten. Therefore, you must revisit these after middle tier upgrade offline.
If you have SSL configured environment, the file ORACLE_HOME\designconsole\config\xl.policy will be overwritten as part of the Oracle Identity Manager binary upgrade. Therefore, backup the xl.policy file if you have customized it, before you begin with the upgrade process.
You must run the pre-upgrade utility before you begin the upgrade process, and address all the issues listed as part of this report with the solution provided in the report.
The pre-upgrade utility analyzes your existing Oracle Identity Manager 11.1.1.x.x environment, and provides information about the mandatory prerequisites that you must complete before you upgrade environment. The information in the pre-upgrade report is related to the invalid approval policies, requests and event handlers that are affected by the upgrade, list of mandatory Database components that need to be installed before upgrade, cyclic groups in LDAP directory, deprecated authorization policies, and issues in creating potential application instance.
For information about generating the pre-upgrade report, and analyzing it, see Section 24.2.2, "Generating and Analyzing Pre-Upgrade Report for Oracle Identity Manager".
Note:
It is important to address all the issues listed in the pre-upgrade report, before you can proceed with the upgrade, as upgrade might fail if the issues are not fixed.Run this report until no pending issues are listed in the report.
Ensure that the method getPlatformTransactionManager() is not used in the custom event handler code, as this method is not available in 11.1.2.3.0.
If you are using the method getPlatformTransactionManager() in the custom event handler code, set the attribute tx to TRUE in the event handler XML definition.
For more information on setting the attributes in the event handler XML definition, see "Defining Custom Events Definition XML" in the Oracle Fusion Middleware Developer's Guide for Oracle Identity Manager.
Offline Provisioning is not supported in Oracle Identity Manager 11.1.2.3.0, as it is no longer needed on Oracle Identity Manager 11.1.2.3.0.
Empty the oimProcessQueue JMS queue to ensure that JMS messages are processed before you start upgrading. To do so, complete the following:
Shut down applications to disable accessing of Oracle Identity Manager offline provisioning by end-users, SPML, and API clients.
Monitor the oimProcessQueue JMS queue from the WebLogic Administration Console and allow Oracle Identity Manager to run, till oimProcessQueue JMS queue is empty.
This is a list of checks you must run and set before you begin upgrading:
The OOTB applications in Oracle Identity Manager are deployed in NO_STAGE mode. Check if oracle.idm.uishell is in No Stage mode. If oracle.idm.uishell is in Stage mode, you must re-deploy it to NO_STAGE mode.
Complete the following steps to change the mode to No Stage:
Set the WL_HOME and OIM_HOME.
Undeploy oracle.idm.uishell by running the following command:
java -cp $WL_HOME/server/lib/weblogic.jar weblogic.Deployer -adminurl t3://localhost:8005 -username weblogic -password weblogic1 -undeploy -name oracle.idm.uishell
Deploy oracle.idm.uishell in stage mode by running the following command:
java -cp $WL_HOME/server/lib/weblogic.jar weblogic.Deployer -adminurl t3://localhost:8005 -username weblogic -password weblogic1 -deploy -name oracle.idm.uishell -source $OIM_HOME/modules/oracle.idm.uishell_11.1.1/oracle.idm.uishell.war -nostage -library -targets AdminServer,$OIM_SERVER_NAME
In case of a migrated, upgraded, or restored database in the Oracle Identity Manager environment, you must synchronize all the Oracle Identity Manager Schema Privileges (SYSTEM and OBJECT Grants) from the source to the target (restored) schema by doing the following:
Capture the OIM Database Schema user constituent grants from the source schema by executing the following SQLs as SYS database user:
SELECT DBMS_METADATA.GET_GRANTED_DDL ('SYSTEM_GRANT','<OIM_Schema_Name>') FROM DUAL;
SELECT DBMS_METADATA.GET_GRANTED_DDL ('OBJECT_GRANT', '<OIM_Schema_Name>') FROM DUAL;
In the schema restoration phase prior to schema upgrade, execute the grants output of the SQLs captured in step-1, as post schema restoration step.
Recompile any INVALID objects in the OIM schema using the following steps:
a. Identify INVALID schema objects as SYS user by running the following SQL:
SELECT owner,object_type,object_name,status FROM dba_objects WHERE status = 'INVALID' AND owner in ('<OIM_Schema_Name1>') ORDER BY owner, object_type, object_name;
b. Compile the INVALID schema objects using any appropriate method. The following is an example of compiling INVALID schema objects by executing the method UTL_RECOMP as SYS user for the OIM schema:
BEGIN
UTL_RECOMP.recomp_serial('<OIM_SCHEMA_NAME>');
END
Note:
For information on schema backup and restoration using Data Pump Client Utility for Oracle Identity Manager 11g Release 1, see My Oracle Support document ID 1359656.1.For information on schema backup and restoration using Data Pump Client Utility for Oracle Identity Manager 11g Release 2, see My Oracle Support document ID 1492129.1.
All account reconciliation Field Mapping configurations must have at least one Reconciliation field of type ITResource defined. This can be done by adding a mapping from the Oracle Identity Manager Design Console. Complete the following steps for those resource objects which do not have ITResource filed in reconciliation field mapping:
Create reconciliation field of type IT Resource by doing the following:
Log in to the Oracle Identity Manager Design Console by running the following command from the location ORACLE_HOME/designconsole/:
On UNIX: ./xlclient.sh
On Windows: xlclient.cmd
Expand Resource Management.
Click Resource Objects.
Search for and select the Resource Object that you wish to modify.
Go to the Object Reconciliation tab.
Click Add Field under Reconciliation Fields tab.
Enter the Field Name, and select IT Resource as the Field Type.
Click Save icon.
Define mapping for the field ITResource by doing the following:
On the Oracle Identity Manager Design Console, expand Process Management on the left navigation pane.
Click Process Definition.
Go to the Reconciliation Field Mapping tab in the Process Definition form.
Search for the Resource Object.
Define mapping for the field IT Resource.
Save the form.
Note:
This step is required if you are using connector for account reconciliation or if you wish to use connector for account reconciliation after you upgrade to 11.1.2.3.0.The upgrade process involves changes to the binaries and to the schema. Therefore, before you begin the upgrade process, you must shut down the Managed Servers, Administration Server, and the Node Manager.
Note:
When shutting down the servers, the following error message might be displayed:** SOA specific environment is already set. Skipping ... *********************************************************** OIM specific environment is already set. Skipping ... The input line is too long. The syntax of the command is incorrect.
It is recommended that you open a new command prompt and then run the commands for shutting down the servers.
Note:
If you are upgrading highly available environment, you must shut down the servers on all of the hosts.For information about stopping the servers, see Section 24.1.9, "Stopping the Servers".
You must back up your old Oracle Identity Manager 11.1.1.x.x environment before you upgrade to Oracle Identity Manager 11g Release 2 (11.1.2.3.0).
After stopping the servers, back up the following:
MW_HOME directory, including the Oracle Home directories inside Middleware Home
Domain Home directory
Oracle Identity Manager schemas
MDS schema
ORASDPM schema
SOAINFRA schemas
For more information about backing up schemas, see Oracle Database Backup and Recovery User's Guide.
Note:
If you are upgrading highly available environment, you must back up the Oracle Home directories and the domain home directories on all of the hosts.This section describes the tasks to be completed to upgrade the existing Oracle home.
Note:
Before you begin with the upgrade process, make sure that you have read and write permission to the domain including the/security/SerializedSystemIni.dat file.This section includes the following topics:
Oracle Identity and Access Management 11.1.2.3.0 is certified with Oracle WebLogic Server 11g Release 1 (10.3.6). Therefore, if your existing Oracle Identity Manager environment is using Oracle WebLogic Server 10.3.5 or any earlier version, you must upgrade it to Oracle WebLogic Server 10.3.6.
Note:
If you are already using Oracle WebLogic Server 10.3.6, ensure that you apply the mandatory patches to fix specific issues with Oracle WebLogic Server 10.3.6.To identify the required patches that you must apply for Oracle WebLogic Server 10.3.6, see "Downloading and Applying Required Patches" in the Oracle Fusion Middleware Infrastructure Release Notes.
The patches listed in the release notes are available from My Oracle Support. The patching instructions are mentioned in the README.txt file that is provided with each patch.
For information about upgrading Oracle WebLogic Server, see Section 24.1.5, "Upgrading Oracle WebLogic Server to 11g Release 1 (10.3.6)".
Oracle Identity Manager 11.1.2.3.0 is certified with Oracle SOA Suite 11.1.1.9.0. Therefore, you must upgrade Oracle SOA Suite to 11.1.1.9.0 if you are using any earlier version.
For information about upgrading Oracle SOA Suite, see Section 24.2.3, "Upgrading Oracle SOA Suite to 11g Release 1 (11.1.1.9.0)".
To upgrade Oracle Identity Manager binaries to 11.1.2.3.0, you must use the Oracle Identity and Access Management 11g Release 2 (11.1.2.3.0) Installer. During the procedure, point the Middleware Home to your existing 11.1.1.x.x Middleware Home. Your Oracle Home is upgraded from 11.1.1.x.x to 11.1.2.3.0.
Note:
Before upgrading the Oracle Identity Manager binaries to 11g Release 2 (11.1.2.3.0), you must ensure that the OPatch version inORACLE_HOME and MW_HOME/oracle_common is 11.1.0.10.3. Different OPatch version might cause patch application failure. If you have upgraded opatch to a newer version, you will have to roll back to version 11.1.0.10.3.For information about upgrading Oracle Identity Manager 11g Release 1 (11.1.1.x.x), see Section 24.1.6, "Updating Oracle Identity and Access Management Binaries to 11g Release 2 (11.1.2.3.0)".
After the binary upgrade, check the installer logs at the following location:
On UNIX: ORACLE_INVENTORY_LOCATION/logs
To find the location of the Oracle Inventory directory on UNIX, check the file ORACLE_HOME/oraInst.loc.
On Windows: ORACLE_INVENTORY_LOCATION\logs
The default location of the Oracle Inventory Directory on Windows is C:\Program Files\Oracle\Inventory\logs.
The following install log files are written to the log directory:
installDATE-TIME_STAMP.log
installDATE-TIME_STAMP.out
installActionsDATE-TIME_STAMP.log
installProfileDATE-TIME_STAMP.log
oraInstallDATE-TIME_STAMP.err
oraInstallDATE-TIME_STAMP.log
This section describes the tasks to be completed to upgrade Database schemas.
This section includes the following topics:
You must create the following database schemas using Repository Creation Utility (RCU) 11.1.1.9.0.
Oracle Platform Security Store (OPSS) schema
Oracle BI Publisher (BIP) schema
Oracle Identity Manager upgrade process involves OPSS schema policy store changes. Keys, roles, permissions, and other artifacts used by the applications must migrate to the policy store.
For more information about creating schemas, see Section 24.1.3, "Creating Database Schemas Using Repository Creation Utility".
Note:
When you create schemas using Repository Creation Utility, select only Oracle Platform Security Store (OPSS) and Oracle BI Publisher (BIP) schemas on the Select Components screen.Do not select any other schema.
You must upgrade the existing Oracle Identity Manager (OIM) schema using Patch Set Assistant (PSA). When you select the Oracle Identity Manager Schema, it automatically selects all dependent schemas and upgrades them too.
For information about upgrading schemas using the Patch Set Assistant, see Upgrading Schemas Using Patch Set Assistant.
After you upgrade schemas, verify the upgrade by checking the version numbers of the schemas as described in Version Numbers After Upgrading Schemas.
Run select version,status,upgraded from schema_version_registry where owner=<SCHEMA_NAME>; and ensure that the version numbers are upgraded, as listed in Table 14-3:
Table 14-3 Component Version Numbers After Upgrading the Schemas
| Component | Version No. |
|---|---|
|
OPSS |
11.1.1.9.0 |
|
MDS |
11.1.1.9.0 |
|
Oracle Identity Manager |
11.1.2.3.0 |
|
ORASDPM |
11.1.1.9.0 |
|
SOAINFRA |
11.1.1.9.0 (Make sure that you have upgraded SOA schemas as described in Section 24.1.4, "Upgrading Schemas Using Patch Set Assistant") |
To upgrade Oracle Identity Manager middle tier, you must run the middle tier upgrade utility OIMUpgrade in offline and online mode. For more information about upgrading the Oracle Identity Manager middle tier, see Section 24.2.4, "Upgrading Oracle Identity Manager Middle Tier".
After you upgrade the Oracle Identity Manager middle tier, you must upgrade the other Oracle Identity Manager installed components like Oracle Identity Manager Design Console and Oracle Identity Manager Remote Manager to 11.1.2.3.0.
For more information about upgrading Oracle Identity Manager Design Console and Oracle Identity Manager Remote Manager, see Section 24.2.5, "Upgrading Other Oracle Identity Manager Installed Components".
After you upgrade Oracle Identity Manager 11.1.1.x.x to 11.1.2.3.0, you must perform the following post-upgrade tasks described in Section 24.2.6, "Performing Oracle Identity Manager Post-Upgrade Tasks":
Impact of Removing Approver-Only Attribute in Request Data Set
Changes to Request API After Upgrading to Oracle Identity Manager 11g Release 2 (11.1.2.3.0)
Verifying the Compatibility of Oracle Identity Manager Integrated with Oracle Access Manager
Migrating Customized Oracle Identity Manager Reports Built on BI Publisher 10g to BI Publisher 11g
Rebuilding the Indexes of Oracle Identity Manager Table to Change to Reverse Type
Updating the URI of the Human Task Service Component with Oracle HTTP Server Details
To verify your Oracle Identity Manager upgrade, perform the following steps:
Verify that Oracle Identity Manager 11.1.2.3.0 is running using the following URL:
http://oim_host:oim_port/sysadmin
http://oim_host:oim_port/identity
where
oim_host is the host on which Oracle Identity Manager is running.
oim_port is the port number.
Verify that Oracle BI Publisher 11.1.1.9.0 is running using the following URLs:
http://bip_host:bip_port/xmlpserver
where
bip_host is the host on which Oracle BI Publisher is running.
bip_port is the port number. The default HTTP port for BI Publisher is 9704, if not changed during upgrade.
Use Fusion Middleware Control to verify that Oracle Identity Manager and any other Oracle Identity Management components are running in the Oracle Fusion Middleware environment.
For the list of common issues that you might encounter during the Oracle Identity Manager upgrade process, and their workaround, see Section 25.1, "Troubleshooting Oracle Identity Manager Upgrade Issues".
For the list of known issues related to upgrade, and their workaround, see "Upgrade and Migration Issues for Oracle Identity and Access Management" in the Oracle Fusion Middleware Release Notes for Identity Management.