This chapter describes tasks you must perform after you have completed Oracle Identity and Access Management Deployment.
This chapter contains the following sections:
To access help on the WebLogic Administration Console, you must complete the following steps:
Note:
This section is not applicable if you have created the OIM only topology by performing tasks listed in Creating a Deployment Response File for an Oracle Identity Manager (OIM) Topology.Log in to the Oracle Access Manager Console using the following URL:
http://hostname:port/oamconsole
In the Access Manager pane, click on Application Domains.
A Search Application Domains tab opens. In the Name field, enter IAM Suite, and click on Search.
In the Search Results, click on IAM Suite.
Click on the Resources tab.
Click on New Resource and enter the following information:
Type: HTTP
Description: All resources for WLS console help
Host Identifier: IAMSuiteAgent
Resource URL : /consolehelp/**
Query: Name Value list
Operations Available: All
Protection Level: Excluded
Click on Apply.
At the end of the Oracle Identity and Access Management automated deployment, all the domains and software are started automatically.
However, if you later need to stop or restart the environment, then it is important that you use the provided start and stop scripts, which stop and start the various components of the deployment in the required order.
For more information, see the following topics:
The following sections provide information about the provided start and stop scripts that you can use to start and stop the Oracle Identity and Access Management software after an automated deployment:
Section 6.2.1.1, "Locating the Provided Start and Stop Scripts"
Section 6.2.1.2, "About Password Management When Using the Start and Stop Scripts"
Section 6.2.1.3, "Starting Components Using the Provided Scripts"
Section 6.2.1.4, "Stopping Components Using the Provided Scripts"
Section 6.2.1.5, "Optional Arguments When Using the Start and Stop Scripts"
Section 6.2.1.6, "Changing the Passwords in the credconfig Wallet"
After you complete an automated installation of Oracle Identity Manager with the LCM Tools, a set of scripts are installed in the configuration directory. Based on the recommended directory structure, the scripts are installed in the following directory:
IDMTOP/config/scripts/
For more information about the standard directories in an LCM Tools automated installation, see Section 2.5, "About the Deployment Repository and LCM Tools Directory Structure".
Inside the scripts folder, you should find two scripts:
startall.sh stopall.sh
The command line for using the provided start and stop scripts has an optional argument for entering the password for the domain administrator account.
However, this argument is not required because, by default, the passwords required to start and stop the Oracle Identity and Access Management components is saved in a secure wallet file. The wallet file is referenced automatically by the start and stop scripts, so there is no need to enter the password on the command line.
The wallet file used by the start and stop scripts (cwallet.sso) is located in the following directory after an automated deployment:
LCM_STORE/lcmconfig/config/credconfig/
For information about changing the value of the password in the wallet file, see Section 6.2.1.6.
To stop all the Oracle Identity and Access Management components after an automated deployment:
Change directory to the scripts directory in the shared configuration directory.
For example:
cd IDMTOP/config/scripts
Run the script as follows:
sh startall.sh
To stop all the Oracle Identity and Access Management components after an automated deployment:
Change directory to the scripts directory in the shared configuration directory.
For example:
cd IDMTOP/config/scripts
Run the script as follows:
sh stopall.sh
In most cases, you don't need to enter any arguments to the start and stop scripts. However, if necessary, Table 6-1 lists the optional arguments can be used when running the scripts.
Table 6-1 Optional Arguments When Using the Start and Stop Scripts
| Argument | Description | Example |
|---|---|---|
|
domain_name= |
Allows you to specify a specific domain. When you use this argument, only components in the specified domain will be started. |
sh startall domain=IAMAccessDomain |
|
weblogic_pwd= |
Allows you to enter the weblogic administration password on the command line. Note that Oracle recommends that you do not enter clear passwords on the command line and instead use the wallet file provided by the LCM Tools. For more information, see Section 6.2.1.6. |
sh startall weblogic_pwd=mypassword |
|
nodemanager_pwd= |
Allows you to enter the Node Manager password on the command line. Note that Oracle recommends that you do not enter clear passwords on the command line and instead use the wallet file provided by the LCM Tools. For more information, see Section 6.2.1.6. |
sh startall nodemanager_pwd=my_nm_password |
|
-help |
Displays online help that describes the usage of the script. |
sh startall -help |
If you change the Oracle WebLogic Server administration password or the Node Manager password after you perform an automated deployment, you can update the passwords stored in the start and stop script wallet:
Change directory to the directory where the wallet resides:
cd LCM_STORE/lcmconfig/credconfig/
Display the list of keys in the wallet and the credentials for each key:
sh csf-util.sh list
Change the password for one of the keys in the wallet:
sh csf-util.sh add
The script prompts you for the name of the key, the user, and then for the new password.
Oracle recommends that you use the scripts provided by the LCM Tools to start and stop the Oracle Identity Manager components after an automated deployment.
However, if there are situations where you cannot run the provided scripts, refer to the following topics before attempting to manually start or stop the Oracle Identity and Access Management components:
Before you manually start and stop the Oracle Identity Manager components after an automated deployment, you must understand the order in which components must be started.
When stopping the Oracle Identity and Access Management environment, stop the components in the following order:
Oracle Mobile Security Access Server
Oracle HTTP Server
Business Intelligence Publisher (BIP) Server
Oracle Identity Manager
Oracle SOA Suite
The Oracle Identity Manager Administration Server
Oracle Policy Manager Server
Oracle Mobile Security Manager Server (OMSM)
Oracle Access Manager
The Oracle Access Manager Administration Server
Node Manager
Oracle Unified Directory (OUD) or Oracle Internet Directory (OID)
When starting the components in an Oracle Identity and Access Management environment, stop the components in this order:
Oracle Unified Directory (OUD) or Oracle Internet Directory (OID)
Node Manager
Oracle Access Manager Administration Server
Oracle Access Manager
Oracle Mobile Security Manager Server (OMSM)
Oracle Policy Manager Server
Oracle Identity Manager Administration Server
Oracle SOA Suite
Oracle Identity Manager
Business Intelligence Publisher (BIP) Server
Oracle HTTP Server
Oracle Mobile Security Access Server
For general information on starting and stopping Oracle Fusion Middleware products and components, see "Starting and Stopping Components" in the Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity and Access Management.