11 Installing Oracle Fusion Middleware in Preparation for an Enterprise Deployment

This chapter describes the software installations required for an Oracle Identity Management enterprise deployment.

This chapter contains the following topics:

11.1 Overview of the Software Installation Process

The installation is divided in two sections. In the first one, the WebTier required installations are addressed. In the second, the required Oracle Fusion Middleware components are installed. Later chapters describe the configuration steps to create the Oracle Identity Management topology.

See Also:

Oracle Fusion Middleware Download, Installation, and Configuration Readme for this release.

This section includes the following topics:

11.1.1 Software to Install

Different topologies use different servers and require different software to be installed. For information about the different enterprise deployment topologies, see Chapter 2, "Understanding the IAM Enterprise Deployment".

The subsequent sections explain how to install various software.

Where two different pieces of Oracle binary software are installed onto the same host (for example OIM11g and SOA11g), this software is installed in the same Middleware home location, but in different Oracle homes.

Notes:

  • When using shared storage, ensure that users and groups used in the installation have the same ID on all hosts that use the storage. If you fail to do this, some hosts might not be able to see or execute some all the files.

  • Some products, such as Oracle Internet Directory and Oracle Virtual Directory, require you to run a script that sets the permissions of some files to root.

Note:

  • OHS is required for on-premise and Exalogic deployments with an external OHS.

  • OTD is only required if you are installing on Exalogic.

  • OUD is only required if you are creating a new OUD directory.

  • IDM is only required if you are creating a new OID directory.

  • If you are performing an automated deployment using IDM Life Cycle Management (LCM) tool, you must install LDAP directory and Oracle Traffic Director if deploying on Exalogic.

For more information on various Middleware homes (MW_HOME), refer to Chapter 7, "Preparing Storage for an Enterprise Deployment".Oracle Identity Management products are bundled as two product sets: Oracle Identity Management and Oracle Identity and Access Management. (See Software versions). The relevant Identity Management software is installed into separate Oracle homes.

11.1.2 Summary of Homes

Oracle binaries are installed into an Oracle Fusion Middleware home. Individual products are installed into Oracle homes within the Middleware home. Table 11-1 is a summary of the Middleware homes and Oracle homes used in this document.

Table 11-1 Summary of Homes

Home Name Home Description Products Installed

IAD_MW_HOME

The Oracle Middleware Home containing the ORACLE_HOMEs required by Oracle Identity Manager.

  

IGD_MW_HOME

The Oracle Middleware Home containing the ORACLE_HOMEs required by Oracle Access Manager.

  

DIR_MW_HOME

The Oracle Middleware Home containing the ORACLE_HOMEs required by Oracle Unified Directory.

  

WL_HOME

This is the root directory in which Oracle WebLogic Server is installed. The WL_HOME directory is a peer of Oracle home directory and resides within the MW_HOME.

Oracle WebLogic Server

JAVA_HOME

Contains the Oracle Java installation. This is the jdk installed in the MW_HOME when the MW_HOME was created. This will be the version in REPOS_HOME/jdk when invoking the Oracle Universal Installer (runInstaller).

  

IAD_ORACLE_HOME

Contains the binary and library files required for Oracle Identity and Access Management and is located in IAD_MW_HOME/iam.

Access Manager

OUD_ORACLE_HOME

Contains the binary and library files required for Oracle Unified Directory and is located in MW_HOME/oud.

Oracle Unified Directory

IGD_ORACLE_HOME

Contains the binary and library files required for Oracle Identity and Access Management and is located in IGD_MW_HOME/iam.

Oracle Identity Manager

OUD_ORACLE_HOME

Contains the binary and library files required for Oracle Unified Directory and is located in DIR_MW_HOME/oud.

Oracle Unified Directory

OID_ORACLE_HOME

Contains the binary and library files required for Oracle Unified Directory and is located in DIR_MW_HOME/oid.

  

SOA_ORACLE_HOME

Contains the binary and library files required for the Oracle SOA Suite. Located in IGD_MW_HOME/soa.

Oracle SOA Suite

ORACLE_COMMON_HOME

Contains the generic Oracle home files. This Oracle home is created automatically by any product installation and is located in MW_HOME/oracle_common.

Generic commands

LCM_HOME

Lifecycle Repository.

  

REPOS_HOME

Software Repository.

  

WEB_MW_HOME

The Oracle Middleware Home containing the ORACLE_HOMEs required by the web tier.

  

OHS_ORACLE_HOME

Contains the binary and library files required for Oracle HTTP server.

  

WEBGATE_ORACLE_HOME

Contains the binaries for Oracle WebGate and is located in WEB_MW_HOME/web.

Oracle WebGate

MSAS_ORACLE_HOME

Contains the binary and library files required by Mobile Security Access Server

  

OTD_WEBGATE_ORACLE_HOME

Contains the binary and library files required for Oracle Traffic Director.

  

OTD_WEBGATE_ORACLE_HOME

Contains the binaries for Oracle WebGate for Oracle Traffic Director and is located in WEB_MW_HOME.

  

11.2 Installing the Web Tier

This section describes how to install the Web tier:

This section contains the following topics:

11.2.1 Installing Oracle HTTP Server

This section and the ones following provide a brief overview of how to install Oracle Traffic Director and the Oracle Fusion Middleware Software.

Note:

If you are using IDM Life Cycle Management (LCM) tool for deploying Oracle Identity and Access Management, skip this task.

This section explains how to install Oracle HTTP Server on WEBHOST1 and WEBHOST2.

This section contains the following topics:

11.2.1.1 Running the Installer

As described in Section 7, "Preparing Storage for an Enterprise Deployment," you install the Oracle HTTP Server onto a private disk. You can install it on shared storage, but if you do that, you must allow access from the Web Tier DMZ to your shared disk array, which is undesirable. If you decide to install onto shared disk then please see the Release Notes for further configuration information.

Before Starting the install, ensure that the following environment variables are not set on Linux platforms.

  • LD_ASSUME_KERNEL

  • ORACLE_INSTANCE

To start Oracle Universal Installer on Linux, go to the following directory:

REPOS_HOME/installers/webtier/Disk1

Run the following command:

./runInstaller

Follow the instructions on screen to execute createCentralInventory.sh as root.

Click OK.

Proceed as follows:

  1. On the Specify Oracle Inventory Directory screen, enter HOME/oraInventory, where HOME is the home directory of the user performing the installation. (This is the recommended location).

    Enter the OS group for the user performing the installation.

    Click Next.

  2. On the Welcome screen, click Next.

  3. On the Select Installation Type screen, select Install Software –> Do Not Configure

    Click Next.

  4. On the Prerequisite Checks screen, click Next.

  5. On the Specify Installation Location screen, specify the following values:

    • Fusion Middleware Home Location (Installation Location) For example:

      WEB_MW_HOME

    • Oracle Home Location Directory: ohs

  6. On the Specify Security Updates screen, choose whether to receive security updates from Oracle support.

    Click Next.

  7. On the Installation Summary screen, review the selections to ensure that they are correct (if they are not, click Back to modify selections on previous screens), and click Install.

11.2.1.2 Backing Up the Installation

Back up the Fusion Middleware Home now (make sure no server is running at this point).

11.2.2 Installing Oracle Traffic Director

This section describes how to install Oracle Traffic Director software on WEBHOST1 and WEBHOST2. This step is required only if you are deploying on Oracle Exalogic.

Note:

Be sure that you are not logged in as root user before installing or performing any action on Oracle Traffic Director.

Note:

Be sure to verify you have obtained all required patches. For more info, see Release Notes for Oracle Identity and Access Management.

To install Oracle Traffic Director:

  1. Extract the contents of the installer zip file to a directory on WEBHOST1. It is recommended that this location is REPOS_HOME/installers/otd.

  2. Change directory to the Disk1 subdirectory in the directory in which you unzipped the installer.

  3. Set the DISPLAY in your machine if not already done, and then run the following command:

    ./runInstaller -jreLoc REPOS_HOME/installers/jdk

  4. Follow the instructions on the screen to install the software.

    When the Specify Installation Location screen appears, enter the value of the OTD_ORACLE_HOME variable in the Oracle Home Directory field.

    The recommended directory location for the OTD_ORACLE_HOME is listed in Table 7-4, "Private Storage Directories - Distributed Topology"

    If you need help with any of the other options on the installer screens, click Help, or refer to "Installing Oracle Traffic Director in Graphical Mode" in the Oracle Traffic Director Installation Guide.

  5. If you are using Private or Local Storage for your web tier binaries, repeat steps 1 through 4 on WEBHOST2.

Note:

If this is the first time you have installed any software on this host, you may be asked to create an inventory location file.

To create an inventory location, run the following command as root:

REPOS_HOME/installers/otd/Disk1/stage/Response/createCentralInventory.sh SW_ROOT oinstall

In this command, oinstall is the name of the group you created in Section 13.5.2, "Creating Users and Groups".

11.2.3 Installing Oracle Mobile Security Access Server

This section explains how to install Oracle Mobile Security Access Server (MSAS) on WEBHOST1 and WEBHOST2.

Note:

If you are deploying Oracle Identity and Access Management using IDM LCM tool, or if you do not require Oracle Mobile Security Suite, skip this task.

As described in Section 7, "Preparing Storage for an Enterprise Deployment," you install the MSAS onto a private disk.

Before Starting the install, ensure that the following environment variables are not set on Linux platforms.

  • LD_ASSUME_KERNEL

  • ORACLE_INSTANCE

To install MSAS:

  1. Start the installer using the following command:

    cd REPOS_HOME/installers/omsas/Disk1./runInstaller -jreLoc $JAVA_HOME

    If the $JAVA_HOME is not set, replace $JAVA_HOME with the absolute path to the Java home.

  2. On the Specify Inventory Directory screen, do the following:

    • Enter HOME/oraInventory, where HOME is the home directory of the user performing the installation (this is the recommended location).

    • Enter the OS group for the user performing the installation and click Next.

    • Follow the instructions on screen to execute createCentralInventory.sh as root and click OK.

  3. On the Welcome screen, click Next.

  4. On the install Software Updates Screen choose to either search for updates by entering you're my Oracle support account details or select Skip Software Updates and click Next.

  5. On the Prerequisite Checks screen, if all the pre-checks have completed successfully, click Next.

  6. On the Specify Installation Location screen, specify the following values:

    • Fusion Middleware Home Location (Installation Location) For example:

      WEB_MW_HOME

    • Oracle Home Location Directory: omsas

    Click Next.

  7. On the Installation Summary screen, review the selections to ensure that they are correct (if they are not, click Back to modify selections on previous screens), and click Install.

  8. In the Installation Complete Screen click Finish.

  9. Back up the installation (WEB_MW_HOME).

11.3 Creating an Oracle Fusion Middleware Home

As described in Chapter 7, "Preparing Storage for an Enterprise Deployment," you install Oracle Fusion Middleware software in at least two storage locations for redundancy.

11.3.1 Installing a Supported JDK

Perform the following tasks to install a supported JDK:

  1. Section 11.3.1.1, "Identifying and Downloading the JDK Software"

  2. Section 11.3.1.2, "Installing JDK"

11.3.1.1 Identifying and Downloading the JDK Software

To identify a certified JDK for Oracle Identity and Access Management 11g Release 2 (11.1.2.3.0), see the certification document for 11g Release 2 (11.1.2.3.0) on the Oracle Fusion Middleware Supported System Configurations page.

After you identify the supported Oracle JDK, download it from the following location on Oracle Technology Network:

http://www.oracle.com/technetwork/java/index.html

Make sure that you navigate to the download for the Java SE JDK.

Note:

If you have downloaded the software repository, Java will be included in it.

Copy the downloaded zip file to the location REPOS_HOME/installers/jdk.

11.3.1.2 Installing JDK

This section describes how to install JDK.

Note:

If you are performing an automated deployment using IDM LCM tool, then this step is only necessary if you need to create an Oracle LDAP directory.

To install the JDK you downloaded in the earlier sections, or to install the JDK that is available in the software repository, complete the following steps:

  1. Create a new directory MW_HOME using the following command:

    mkdir MW_HOME

    In this command, MW_HOME is the MW_HOME you are creating. For example, IAD_MW_HOME.

  2. Change directory to MW_HOME.

  3. Do one of the following:

    • Unzip the JDK from the software repository using the following command:

      unzip REPOS_HOME/installers/jdk/jdk.zip

      OR

    • Extract the jdk from the downloaded tar file using the following command:

      tar -xzvf REPOS_HOME/installers/jdk/jdk-7u55-linux-x64.tar.gz

    This creates a directory named jdk_version. To reduce confusion in the future if your java is upgraded, it is recommended to rename this directory to simply jdk or to create a symbolic link from jdk_version to jdk.

  4. Install the JDK in the following MW_HOME directories:

    • IAD_MW_HOME install from OAMHOST1

    • IGD_MW_HOME install from OIMHOST1

    • DIR_MW_HOME install from LDAPHOST1

  5. Validate the installation by running the following command:

    set JAVA_HOME to MW_HOME/jdk

    Add JAVA_HOME to your PATH variable.

  6. Run the following command to verify that the appropriate java executable is in the PATH, and your environment variables are set correctly:

    java -version

    Sample Output:

    java version "1.7.0_55"
Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.55-b03, mixed mode)

11.3.2 Installing Oracle WebLogic Server

Perform these steps to install the Oracle WebLogic Server.

Install the WebLogic Server in the following MW_HOME directories:

  • IAD_MW_HOME install from OAMHOST1

  • IGD_MW_HOME install from OIMHOST1

  • DIR_MW_HOME install from LDAPHOST1

To install WebLogic Server:

  1. Add Java to your system path using the following command:

    export PATH=MW_HOME/jdk/bin:PATH

    Where MW_HOME is the MW_HOME into which you are installing the software. For example: IAD_MW_HOME.

  2. Check the version of java using the following command:

    java -version

    Ensure that the 64-bit version is displayed if you are using a 64-bit operating system.

  3. Start the WebLogic installer using the following command:

    cd REPOS_HOME/installers/weblogic
java -d64 -jar wls_generic.jar

  4. In the Welcome screen, click Next.

  5. In the Choose Middleware Home Directory screen:

    • Select Create a new Middleware Home.

    • For Middleware Home Directory, enter IAD_MW_HOME

    Click Next.

  6. In the Register for Security Updates screen, enter your contact information so that you can be notified of security updates. Click Next.

    Note:

    If you decide to be notified of security updates, the server will try to contact www.oracle.com; if it cannot do so, it may display a dialogue box asking you to provide proxy details to connect to the internet. Either enter these details which will be specific to your organization or check the box - I wish to remain uniformed of security issues in my configuration or this machine has no internet access.

  7. In the Choose Install Type screen, select Typical, and click Next.

  8. On the JDK Selection screen, select the jdk you added to your path in Step 1.

    It should be listed by default.

    Click Next.

  9. In the Choose Product Installation Directories screen, accept the following directories:

    Middleware Home Directory: IAD_MW_HOME

    Product Installation Directories for WebLogic Server: IAD_MW_HOME/wlserver_10.3

    Oracle Coherence: IAD_MW_HOME/coherence_3.7

    Click Next.

  10. In the Installation Summary screen, click Next.

    The Oracle WebLogic Server software is installed.

  11. In the Installation Complete screen, clear the Run Quickstart check box and click Done.

  12. Repeat for Each Middleware Home.

11.4 Installing the Directory Tier

This section describes how to install the Directory Tier.

This section contains the following topics:

11.4.1 Installing Oracle Unified Directory

If you are creating a new Oracle Unified Directory, Install Oracle Unified Directory (OUD) into the DIR_MW_HOME on the host LDAPHOST1.

To install Oracle Unified Directory:

  1. Start the Oracle Fusion Middleware 11g Oracle Unified Directory Installer using the following commands:

    cd REPOS_HOME/installers/oud/Disk1
./runInstaller -jreLoc $JAVA_HOME

    If $JAVA_HOME is not set, replace it with the location of the Java JDK. For example, IGD_MW_HOME/jdk

  2. If displayed, on the Specify Inventory Directory screen, enter values for the Oracle Inventory Directory and the Operating System Group Name. For example:

    • Enter HOME/oraInventory, where HOME is the home directory of the user performing the installation (this is the recommended location).

    • Enter the OS group for the user performing the installation and click OK.

  3. On the Welcome screen, click Next.

  4. On the Install Software Updates screen, choose whether to register with Oracle Support for updates or search for updates locally.

    Click Next.

  5. On the Prerequisite Checks screen, verify that the checks complete successfully and click Next.

  6. On the Specify Installation Location screen, enter the following values:

    • OUD Base Location Home: /u01/oracle/products/dir (DIR_MW_HOME)

    • Oracle Home Directory: Enter oud as the Oracle home directory name.

    Click Next.

  7. On the Installation Summary screen, click Install.

  8. On the Installation Progress screen, click Next.

  9. On the Installation Complete screen, click Finish.

11.4.2 Installing Oracle Internet Directory

If you are creating a new Oracle Internet Directory, Install Oracle Identity Management (IDM) into the DIR_MW_HOME on the host LDAPHOST1.

To install Oracle Internet Directory:

  1. Start the Oracle Fusion Middleware 11g Oracle Internet Directory Installer using the following commands:

    cd REPOS_HOME/installers/idm/Disk1
./runInstaller -jreLoc JAVA_HOME

    Where JAVA_HOME is the location of the Java JDK for example DIR_MW_HOME/jdk

  2. If displayed, on the Specify Inventory Directory screen, enter values for the Oracle Inventory Directory and the Operating System Group Name. For example:

    • Enter HOME/oraInventory, where HOME is the home directory of the user performing the installation (this is the recommended location).

    • Enter the OS group for the user performing the installation and click OK.

  3. On the Welcome screen, click Next.

  4. On the Install Software Updates screen, choose whether to register with Oracle Support for updates or search for updates locally.

    Click Next.

  5. On the Select Installation Type screen, select Install Software - Do Not Configure, and then click Next.

  6. On the Prerequisite Checks screen, verify that the checks complete successfully and click Next.

  7. On the Specify Installation Location screen, enter the following values:

    • Oracle Middleware Home: Select the previously installed Middleware home from the list for MW_HOME, for example:

      DIR_MW_HOME

    • Oracle Home Directory: Enter oid as the Oracle home directory name.

    Click Next.

  8. On the Installation Summary screen, click Install.

  9. On the Installation Progress screen, click Next.

  10. On the Installation Complete screen, click Finish.

  11. When the installation completes you are prompted to run the oracleRoot.sh script located in the OID_ORACLE_HOME directory:

    Run this script on LDAPHOST1 and LDAPHOST2 as the root user.

11.5 Installing the Application Tier

This section describes how to install the Application Tier.

This section contains the following topics:

11.5.1 Installing Oracle Identity and Access Management

Oracle Identity and Access Management consists of the following products:

  • Oracle Access Management Access Manager

  • Oracle Identity Manager

Perform the steps in this section to install Oracle Identity and Access Management into the directories IAD_MW_HOME and IGD_MW_HOME on the hosts OAMHOST1 and OIMHOST1.

To install Oracle Identity and Access Management into IGD_MW_HOME perform the following steps:

  1. Start the Oracle Fusion Middleware 11g Oracle Identity and Access Management using the following commands:

    cd REPOS_HOME/installers/iamsuite/Disk1
./runInstaller -jreLoc JAVA_HOME

    Where JAVA_HOME is the location of the Java JDK. For example, IGD_MW_HOME/jdk

  2. If displayed, on the Specify Inventory Directory screen, enter values for the Oracle Inventory Directory and the Operating System Group Name. For example:

    • Enter HOME/oraInventory, where HOME is the home directory of the user performing the installation (this is the recommended location).

    • Enter the OS group for the user performing the installation and click Next.

  3. On the Welcome screen click Next.

  4. On the Prerequisite Checks screen, verify that the checks complete successfully, then click Next.

  5. On the Specify Installation Location screen, enter the following values:

    • Oracle Middle Ware Home: Select a previously installed Middleware Home from the drop-down list. For example: /u01/oracle/products/identity

    • Oracle Home Directory: Enter iam as the Oracle home directory name.

    Click Next.

  6. On the Installation Summary screen, click Install.

  7. On the Installation Progress screen, click Next.

  8. On the Installation Complete screen, click Finish.

  9. Repeat for each MW_HOME

11.5.2 Installing Oracle SOA Suite

Oracle SOA suite is only required if you are deploying Oracle Identity Governance. To Install Oracle SOA Suite into IGD_MW_HOME, perform the following steps on OIMHOST1.

Then perform these installation steps:

  1. Start the Oracle Fusion Middleware 11g Oracle SOA Suite using the following commands:

    cd REPOS_HOME/installers/soa/Disk1
./runInstaller -jreLoc JAVA_HOME

    Where JAVA_HOME is the location of the Java JDK for example IGD_MW_HOME/jdk

  2. If displayed, on the Specify Inventory Directory screen, enter values for the Oracle Inventory Directory and the Operating System Group Name. For example:

    • Enter HOME/oraInventory, where HOME is the home directory of the user performing the installation (this is the recommended location).

    • Enter the OS group for the user performing the installation and click OK.

  3. On the Welcome screen, click Next.

  4. On the Install Software Updates screen, choose whether to register with Oracle Support for updates or search for updates locally.

    Click Next.

  5. On the Prerequisite Checks screen, verify that the checks complete successfully, and then click Next.

  6. On the Specify Installation Location screen, enter the following values:

    • Oracle Middleware Home: Select a previously installed Middleware Home from the drop-down list. For example: /u01/oracle/products/identity (IGD_MW_HOME)

    • Oracle Home Directory: Enter soa as the Oracle home directory name.

  7. Click Next.

  8. If the Application Server screen appears, click Next.

  9. On the Installation Summary screen, click Install.

  10. On the Installation Process screen, click Next.

  11. On the Installation Complete screen, click Finish.

11.5.3 Creating the wlfullclient.jar File

Oracle Identity Manager uses the wlfullclient.jar library for certain operations. Oracle does not ship this library, so you must create this library manually. Oracle recommends creating this library under the following directory on all the machines hosting Oracle Identity Manager in the application tier of your environment:

IGD_MW_HOME/wlserver_10.3/server/lib

To create the wlfullclient.jar file:

  1. Navigate to the IGD_MW_HOME/wlserver_10.3/server/lib directory

  2. Set your JAVA_HOME environment variable and ensure that the JAVA_HOME/bin directory is in your path.

  3. Create the wlfullclient.jar using the following command:

    java -jar wljarbuilder.jar

11.6 Backing Up the Installation

Back up the Fusion Middleware Home now (make sure no server is running at this point).

11.7 Creating a Redundant Middleware Home

If you wish to create a redundant Middleware home to protect from binary corruptions, you can do so by following the steps described in Appendix A, "Creating a Redundant Middleware Home".