Business Operations Center Pre-Installation Tasks

4 Business Operations Center Pre-Installation Tasks

Learn about the tasks that you must perform before running the Oracle Communications Billing and Revenue Management (BRM) Business Operations Center installer.

Topics in this document:

Overview of Production Pre-Installation Tasks

Overview of Production Pre-Installation Tasks

In production installations, the Business Operations Center installer deploys Business Operations Center on a running Oracle Platform Security Services (OPSS) JRF-enabled domain. The installer assumes that the following required software pre-installation tasks, including applying patches and workarounds, have already been completed successfully.

Note:

A test installation without OPSS security can be performed on a basic WebLogic domain. Do not use a test installation in production.

Pre-installation tasks for Business Operations Center consist of the following steps:

Connecting to Oracle BRM

Business Operations Center connects to BRM when retrieving operational data and submitting job requests. The connected BRM instance must have Revenue Assurance Manager installed. The Business Operations Center installer connects to the BRM database and creates the required schema.

See BRM Installation Guide for information on installing BRM.

See "Installing Revenue Assurance Manager" in BRM Collecting Revenue Assurance Data for more information.

Installing and Configuring Oracle Enterprise Database

Oracle recommends that an experienced database administrator install and configure your database. To install and configure Oracle Database, see the Oracle Database installation documentation at: https://docs.oracle.com/en/database/.

Configuring SSL for the Oracle Enterprise Database

You can configure secure sockets layer (SSL) for the Oracle Enterprise Database by creating the necessary wallets for storing certificates and then modifying the following configuration files to point to the appropriate wallet:

sqlnet.ora
tnsnames.ora
listener.ora

You can use the Orapki utility to create the wallets.

Creating the Business Operations Center User

The Business Operations Center installer provides the option to automatically create the Business Operations Center user for you. If you want the installer to create the user, you can skip this step.

If you want to create the user manually before you install Business Operations Center, do the following:

Log in to your database as user sysdba:
```
sqlplus system/@databaseAlias as sysdba
Enter password: password
```
where:
- databaseAlias is the Oracle system database alias.
- password is the Oracle system database user password.
Create the default tablespaces for Business Operation Center:
```
SQL> CREATE TABLESPACE BOCtablespace DATAFILE 'BOCtablespaceDataFile' size 1000 M REUSE autoextend on next 50M extent management local;
SQL> CREATE TEMPORARY TABLESPACE BOCtempTablespace TEMPFILE 'BOCtempDataFile' size 1000 M REUSE autoextend on next 50M extent management local;
```
where:
- BOCtablespace is the name of the data tablespace.
- BOCtablespaceDataFile is the name and location of the data file for the data tablespace.
- BOCtempTablespace is the name of the temporary tablespace.
- BOCtempDataFile is the name and location of the data file for the temporary tablespace.
Create your Business Operations Center user:
```
SQL> CREATE BOCuser IDENTIFIED BY BOCpassword DEFAULT tablespace BOCtablespace TEMPORARY tablespace BOCtempTablespace;
SQL> ALTER USER BOCuser quota unlimited ON BOCtablespace;
```
where BOCuser is the name of your Business Operations Center user, and BOCpassword is the password for the Business Operations Center user.

Grant permissions to your Business Operations Center user:

SQL> GRANT CONNECT, RESOURCE TO BOCuser;
SQL> GRANT CREATE SEQUENCE TO BOCuser;
SQL> GRANT CREATE VIEW TO BOCuser;
SQL> GRANT CREATE TYPE TO BOCuser;
SQL> GRANT CREATE TRIGGER TO BOCuser;
SQL> GRANT CREATE ANY PROCEDURE TO BOCuser;
SQL> GRANT CREATE ANY TABLE TO BOCuser;
SQL> GRANT CREATE ANY CONTEXT TO BOCuser;
SQL> GRANT EXECUTE ANY TYPE TO BOCuser;
SQL> GRANT CREATE ANY JOB TO BOCuser;
SQL> GRANT MANAGE SCHEDULER TO BOCuser;
SQL> GRANT EXECUTE ON DBMS_SCHEDULER TO BOCuser;
SQL> GRANT SELECT ON DBA_USERS TO BOCuser;
SQL> GRANT SELECT ON DBA_SEGMENTS TO BOCuser;
SQL> GRANT CREATE SESSION TO BOCuser;
SQL> GRANT CREATE TABLE TO BOCuser;
SQL> GRANT EXECUTE ON SYS.DBMS_LOCK TO BOCuser;
SQL> GRANT EXECUTE ON dbms_crypto TO BOCuser;

Installing and Configuring Oracle WebLogic Server

Business Operations Center requires a pre-existing Oracle WebLogic Server middleware home directory. You must download and install Oracle WebLogic Server using the Fusion Middleware Infrastructure installer.

If you are using Oracle Identity Management (IDM) for user authentication and authorization, download and install WebLogic Server before installing IDM.

For information about installing WebLogic Server, see "Installing the Oracle WebLogic Server and Coherence Software" in Oracle Fusion Middleware Installing and Configuring Oracle WebLogic Server and Coherence.

Configuring the OPSS JRF-Enabled Business Operations Center Application Domain

You deploy Business Operations Center on a JRF-enabled Oracle WebLogic Server domain configured as an Oracle Platform Security Services (OPSS) client domain. Create a JRF-enabled domain in Oracle WebLogic Server and configure an application domain policy that controls access to the Business Operations Center application.

For information about creating the domain and configuring the domain policy, see "Configuring the Oracle Fusion Middleware Infrastructure Domain" in Oracle Fusion Middleware Installing and Configuring the Oracle Fusion Middleware Infrastructure.

Installing and Configuring Oracle Unified Directory

Download and install the Oracle Unified Directory software. For more information, see "Installing the Oracle Unified Directory Software" in Oracle Fusion Middleware Installing Oracle Unified Directory.

After installing Oracle Unified Directory, configure the OPSS Administration Server to use Oracle Unified Directory as the authentication provider. For information about:

Setting up Oracle Unified Directory as your authentication provider, see "Configuring an Authentication Provider for Oracle Unified Directory" in Oracle Fusion Middleware Administering Security for Oracle WebLogic Server.
Setting up Oracle Unified Directory, including how to synchronize Oracle Unified Directory with existing directories that you may already have, see "Introduction to Oracle Unified Directory" in Oracle Fusion Middleware Administering Oracle Unified Directory.

Installing and Configuring Oracle Access Management

Download and install the Oracle Access Management (OAM) software. For more information, see the tutorial about installing and configuring Oracle Access Management at:

https://docs.oracle.com/en/middleware/idm/suite/12.2.1.3/index.html

Configuring the Oracle Access Manager Business Operations Center Application Domain

Create a Business Operations Center application domain in OAM and configure an application domain policy that controls access to the Business Operations Center application.

To create your Business Operations Center application domain in OAM, complete the following steps:

For more information about application domains and policies, see "Introduction to Application Domain and Policy Creation" in Oracle Fusion Middleware Administering Oracle Access Management.

Creating the Business Operations Center Application Domain

Create the Business Operations Center application domain by following the instructions in "Creating a New Application Domain" in Oracle Fusion Middleware Administering Oracle Access Management.

As you create the application domain, ensure that you do the following:

Define the following resources for your Business Operations Center application domain:
- The /opsdashboard**, /opsdashboard*, and /** resources:
  - Type: HTTP
  - Host Identifier: IdMSuiteAgent
  - Protection Level: Protected
  - Authentication Policy: Protected Policy
  - Resource URL (String): /opsdashboard**, /opsdashboard*, or /**
- The /fav.ico resource:
  - Type: HTTP
  - Host Identifier: IdMSuiteAgent
  - Protection Level: Excluded
  - Resource URL (String): /favicon.ico
For more information, see "Adding and Managing Policy Resource Definitions" in Oracle Fusion Middleware Administering Oracle Access Management.
Create an LDAP authentication module for authenticating Business Operations Center users. Set its user identity store to OIMIDStore.

For more information, see "Native LDAP Authentication Modules" in Oracle Fusion Middleware Administering Oracle Access Management.
Add the LDAP authentication module to an authentication scheme in your Business Operations Center application domain. The authentication scheme should include these values:
- Authentication Level: 2
- Challenge Method: Form
- Challenge Redirect URL: /oam/server
- Challenge URL: /pages/login.jsp
- Context Type: default
- Context Value: /oam
For more information, see "Creating an Authentication Scheme" in Oracle Fusion Middleware Administering Oracle Access Management.
Create an authentication policy and then add the resources you created in step 1 and the authentication scheme you created in step 3 to it.

For more information, see "Defining Authentication Policies for Specific Resources" in Oracle Fusion Middleware Administering Oracle Access Management.
Create an authorization policy and then add the resources you created in step 1 to it.

For more information, see "Creating an Authorization Policy and Specific Resources" in Oracle Fusion Middleware Administering Oracle Access Management.

Configuring and Restarting the Oracle HTTP Server

After configuring the required Business Operations Center OAM components, edit the Oracle HTTP Server (OHS) idm.conf file in your OAM instance to specify the handler, host, and port for the /opsdashboard resource. Restart your OHS instance after editing this file.

To configure the /opsdashboard resource in the OHS idm.conf file:

Open a secure shell or terminal window to your OAM host as a user with administrative permissions.
Go to the Middleware_home/config/OHS/OHS_Instance/moduleconf directory, where Middleware_home is the middleware home directory of the OAM WebLogic Server instance and OHS_Instance is the OHS instance where OAM is hosted.

In the idm.conf file, append the following entry before the </VirtualHost> closing tag:

<Location /opsdashboard>
     SetHandler weblogic-handler
     WebLogicHost host name or IP address of your OPSS Administration Server
     WeblogicPort port number the WebLogic host is listening on
</Location>

Save the file.
Go to the OHS_home/bin directory, where OHS_home is the Oracle home directory of your OHS installation.

Restart OHS with the following commands:

./opmnctl status
./opmnctl stopall
./opmnctl startall

For more information about the OHS idm.conf file, see "Using the idm.conf File" in Oracle Fusion Middleware Integration Guide for Oracle Identity Management Suite.

Installing and Configuring Oracle Identity Governance

Download and install the Oracle Identity Governance software. For more information, see the tutorial about installing and configuring Oracle Identity Governance at: https://docs.oracle.com/en/middleware/idm/suite/12.2.1.3/index.html.