3 Upgrading Oracle Access Manager Single Node Environments

You can upgrade Oracle Access Manager from Release 12c (12.2.1.3.0) to Oracle Access Manager 12c (12.2.1.4.0) .

Note:

If you are using an earlier version of Oracle Access Manager, you must upgrade to Oracle Access Manager 12c (12.2.1.3.0) first, and then to 12c (12.2.1.4.0).

Complete the steps in the following topics to perform the upgrade:

• About the Oracle Access Manager Single Node Upgrade Process
  Review the roadmap for an overview of the upgrade process for Oracle Access Manager single node deployments.
• Completing the Pre-Upgrade Tasks for Oracle Access Manager
  Complete the pre-upgrade tasks described in this section before you upgrade Oracle Access Manager.
• Stopping Servers and Processes
  Before you upgrade the configurations, you must shut down all of the pre-upgrade processes and servers, including the Weblogic Admin, Managed, and Node Manager servers that are running on the intended OAMHOST.
• Uninstalling the Software
  Follow the instructions in this section to start the Uninstall Wizard and remove the software.
• Installing Product Distributions
  
• Reconfiguring a WebLogic Domain
  To reconfigure a domain using the Reconfiguration Wizard, you first launch it from a DOS command prompt or UNIX shell, and then provide the required upgrade details in a sequence of screens that are displayed.
• Starting the Servers on an OAMHOST
  After you upgrade Oracle Access Manager on an OAMHOST, start the servers.

About the Oracle Access Manager Single Node Upgrade Process

Review the roadmap for an overview of the upgrade process for Oracle Access Manager single node deployments.

The steps you take to upgrade your existing domain will vary depending on how your domain is configured and which components are being upgraded. Follow only those steps that are applicable to your deployment.

Table 3-1 Tasks for Upgrading Single Node Oracle Access Manager Deployments

Task	Description
Required If you have not done so already, review the introductory topics in this guide and complete the required pre-upgrade tasks.	See: Introduction to Upgrading Oracle Access Manager to 12c (12.2.1.4.0) Pre-Upgrade Requirements
Required Complete the necessary pre-upgrade tasks specific to Oracle Access Manager.	See Completing the Pre-Upgrade Tasks for Oracle Access Manager.
Required Shut down the 12c environment (stop all Administration and Managed Servers). Ensure that the Database is up during the upgrade.	WARNING: Failure to shut down your servers during an upgrade may lead to data corruption. See Stopping Servers and Processes.
Required Uninstall Oracle Fusion Middleware Infrastructure and Oracle Access Manager 12c (12.2.1.3.0) in the existing Oracle home.	See Uninstalling the Software.
Required Install Fusion Middleware Infrastructure and Oracle Access Manager 12c (12.2.1.4.0) in the existing Oracle home.	Install Fusion Middleware Infrastructure and Oracle Access Manager in the same Oracle home on the same host as the 12c (12.2.1.3.0) production deployment before you begin the upgrade. In 12c (12.2.1.4.0), Oracle home is used to describe the 12c Middleware home. See Installing Product Distributions.
Required Start the node manager, administration server, and managed servers.	See Starting the Servers on an OAMHOST.

Completing the Pre-Upgrade Tasks for Oracle Access Manager

Complete the pre-upgrade tasks described in this section before you upgrade Oracle Access Manager.

• Checking the Supported Starting Point for Oracle Access Manager Upgrade
  The Oracle Access Manager version that is supported for upgrade is 12c (12.2.1.3.0).

Checking the Supported Starting Point for Oracle Access Manager Upgrade

The Oracle Access Manager version that is supported for upgrade is 12c (12.2.1.3.0).

If you are using an earlier version of Oracle Access Manager, you must upgrade to Oracle Access Manager 12c (12.2.1.3.0) first, and then to 12c (12.2.1.4.0).

Stopping Servers and Processes

Before you upgrade the configurations, you must shut down all of the pre-upgrade processes and servers, including the Weblogic Admin, Managed, and Node Manager servers that are running on the intended OAMHOST.

An Oracle Fusion Middleware environment can consist of an Oracle WebLogic Server domain, an Administration Server, multiple managed servers, Java components, system components such as Identity Management components, and a database used as a repository for metadata. The components may be dependent on each other, so they must be stopped in the correct order.

Note:

• The procedures in this section describe how to stop the existing, pre-upgrade servers and processes using the WLST command-line utility or a script. You can also use the Oracle Fusion Middleware Control and the Oracle WebLogic Server Administration Console. See Starting and Stopping Administration and Managed Servers and Node Manager.
• Stop all of the servers in your deployment, except for the Database. The Database must be up during the upgrade process.

To stop your pre-upgrade Fusion Middleware environment, navigate to the pre-upgrade domain and follow the steps below.

Step 1: Stop the Managed Servers

Depending on the method you followed to start the managed servers, follow one of the following methods to stop the WebLogic Managed Server:

Method 1: To stop a WebLogic Server Managed Server not managed by Node Manager:

• (UNIX) DOMAIN_HOME/bin/stopManagedWebLogic.sh managed_server_name admin_url

• (Windows) DOMAIN_HOME\bin\stopManagedWebLogic.cmd managed_server_name admin_url

When prompted, enter your user name and password.

Method 2: To stop a WebLogic Server Managed Server by using the Weblogic Console:

• Log into Weblogic console as a weblogic Admin.
• Go to Servers > Control tab.
• Select the required managed server.
• Click Shutdown.

Method 3: To stop a WebLogic Server Managed Server using node manager, run the following commands:

wls:/offline>nmConnect('nodemanager_username','nodemanager_password',
            'AdminServerHostName','5556','domain_name',
            'DOMAIN_HOME','nodemanager_type')

wls:/offline>nmKill('ManagedServerName')

Step 2: Stop the Administration Server

When you stop the Administration Server, you also stop the processes running in the Administration Server, including the WebLogic Server Administration Console and Fusion Middleware Control.

Follow one of the these methods to stop the Administration Server:

Method 1: To stop the Administration Server not managed by Node Manager:

• (UNIX) DOMAIN_HOME/bin/stopWebLogic.sh

• (Windows) DOMAIN_HOME\bin\stopWebLogic.cmd

When prompted, enter your user name, password, and the URL of the Administration Server.

Method 2: To stop the Administration Server by using the Weblogic Console:

• Log into Weblogic console as a weblogic Admin.
• Go to Servers > Control tab.
• Select the required admin server.
• Click Shutdown.

Method 3: To stop a WebLogic Server Managed Server using Node Manager, run the following commands:

wls:/offline>nmConnect('nodemanager_username','nodemanager_password',
            'AdminServerHostName','5556','domain_name',
            'DOMAIN_HOME','nodemanager_type')

wls:/offline>nmKill('AdminServer')

Step 3: Stop Node Manager

To stop Node Manager, run the following command:

kill $(ps -ef | grep nodemanager | awk '{print $2}')

Step 4: Validate if any WLS components are running

To validate if any WLS components, like, Administration Server, Managed Server, or Node Manager are running, run the following command:

$ ps -ef |grep java

The output must return only the grep process.

For example:

oracle   14709 14410  0 19:07
pts/0    00:00:00 grep --color=auto java

If any other java process is listed other than the above grep command, they identify and stop the listed java process.

Uninstalling the Software

Follow the instructions in this section to start the Uninstall Wizard and remove the software.

If you want to uninstall the product in a silent (command-line) mode, see Running the Oracle Universal Installer for Silent Uninstallation in Installing Software with the Oracle Universal Installer.

• Starting the Uninstall Wizard
  
• Selecting the Product to Uninstall
  
• Navigating the Uninstall Wizard Screens
  

Starting the Uninstall Wizard

Start the Uninstall Wizard:

1. Change to the following directory:
   (UNIX) ORACLE_HOME/oui/bin
   (Windows) ORACLE_HOME\oui\bin
2. Enter the following command:
   (UNIX) ./deinstall.sh
   (Windows) deinstall.cmd

Selecting the Product to Uninstall

Because multiple products exist in the Oracle home, ensure that you are uninstalling the correct product.

After you run the Uninstall Wizard, the Distribution to Uninstall screen opens.

From the drop-down menu, select the Oracle Fusion Middleware 12c (12.2.1.3.0) Identity and Access Management product and click Uninstall.

Note:

The Uninstall Wizard displays the Distribution to Uninstall screen only if it detects more than one product distribution in the Oracle home from where you initate the wizard. If only Oracle Fusion Middleware 12c (12.2.1.3.0) Identity and Access Management product distribution is available, the Uninstall Wizard will display the Deinstallation Summary screen.

Note:

Do not select Weblogic Server for FMW 12.2.1.3.0.

The uninstallation program shows the screens listed in Navigating the Uninstall Wizard Screens.

Note:

You can uninstall Oracle Fusion Middleware Infrastructure after you uninstall OIM or OAM software by running the Uninstall Wizard again. Before doing so, ensure that there are no other products using the Infrastructure, as those products will no longer function once the Infrastructure is removed. You will not encounter the Distribution to Uninstall screen if no other software depends on Oracle Fusion Middleware Infrastructure. See, Uninstalling Oracle Fusion Middleware Infrastructure in Installing and Configuring the Oracle Fusion Middleware Infrastructure

Navigating the Uninstall Wizard Screens

The Uninstall Wizard shows a series of screens to confirm the removal of the software.

If you need help on screen listed in the following table, click Help on the screen.

Table 3-2 Uninstall Wizard Screens and Descriptions

Screen	Description
Welcome	Introduces you to the product Uninstall Wizard.
Uninstall Summary	Shows the Oracle home directory and its contents that are uninstalled. Verify that this is the correct directory. If you want to save these options to a response file, click Save Response File and enter the response file location and name. You can use the response file later to uninstall the product in silent (command-line) mode. See Running the Oracle Universal Installer for Silent Deinstallation in Installing Software with the Oracle Universal Installer. Click Deinstall, to begin removing the software.
Uninstall Progress	Shows the uninstallation progress.
Uninstall Complete	Appears when the uninstallation is complete. Review the information on this screen, then click Finish to close the Uninstall Wizard.

Note:

• Repeat these steps for uninstalling Weblogic Server for FMW 12.2.1.3.0.

  You will be reinstalling the Oracle binaries into the same ORACLE_HOME location.

• After the product is uninstalled, ensure that the ORACLE_HOME folder exists. During the initial 12.2.1.3.0 install, if the default location was ORACLE_HOME, that is /user_projects, then the domain-registry.xml file will reside in ORACLE_HOME.

Complete the following steps to clean this directory:

1. After both OAM and WLS are uninstalled, run the following command:

   $ ls -al

   Following is an example of the output:

   total 28
   drwxr-x---. 6 <USER> <GROUP> 4096 Apr  2 20:27 .
   drwxr-x---. 6 <USER> <GROUP> 4096 Jul  9  2019 ..
   drwxr-x---. 5 <USER> <GROUP> 4096 Mar 23 17:48 cfgtoollogs
   -rw-r-----. 1 <USER> <GROUP>  225 Jul  9  2019 domain-registry.xml
   drwxr-x---. 7 <USER> <GROUP> 4096 Mar 26 17:12 .patch_storage
   drwxr-x---. 4 <USER> <GROUP> 4096 Jul  9  2019 user_projects
   drwxr-x---. 3 <USER> <GROUP> 4096 Apr  2 20:26 wlserver
   

2. Go to the ORACLE_HOME location. If the user_projects directory and the domain-registry.xml file are present, take their backup. They need to be restored after the upgrade is complete. After taking the backup, delete all the files in ORACLE_HOME.

Installing Product Distributions

Note:

When Infrastructure is required for the upgrade, you must install the Oracle Fusion Middleware distribution first before you install other Fusion Middleware products.

To install the 12c (12.2.1.4.0) distributions:

1. Sign in to the target system.
2. Download the following from Oracle Technology Network or Oracle Software Delivery Cloud to your target system:
   • If you not yet installed Oracle Fusion Middleware Infrastructure, then download Oracle Fusion Middleware Infrastructure (fmw_12.2.1.4.0_infrastructure.jar)
   • Oracle Identity and Access Management 12cPS4 (fmw_12.2.1.4.0_idm_Disk1_1of1.zip, which contains fmw_12.2.1.4.0_idm.jar) from OTN or Oracle Fusion Middleware 12c (12.2.1.4.0) Identity and Access Management from Oracle Software Delivery Cloud.
   • Any additional distributions for your pre-upgrade environment
3. Change to the directory where you downloaded the 12c (12.2.1.4.0) product distribution.
4. If you have already installed Oracle Fusion Middleware Infrastructure (fmw_12.2.1.4.0_infrastructure.jar), got to step 15.
5. Start the installation program for Oracle Fusion Middleware Infrastructure.
   Run the following commands:
   • (UNIX) JDK_HOME/bin/java -jar fmw_12.2.1.4.0_infrastructure.jar
   • (Windows) JDK_HOME\bin\java -jar fmw_12.2.1.4.0_infrastructure.jar

   Note:

   Restore the user_projects directory and the domain-registry.xml file from the backup taken during the cleaning up of the Oracle_Home directory, as part of the 12c (12.2.1.3.0) OAM uninstallation process.
6. If your existing 12c (12.2.1.3.0) DOMAIN_HOME resides within the 12c (12.2.1.3.0) Oracle home directory, do the following:
   1. Go to the 12c (12.2.1.3.0) Oracle home backup location.

      For example: /u01/app/fmw/ORACLE_HOME_old/

   2. Copy the user_projects folder.
   3. Go to the new installed 12c (12.2.1.4.0) Oracle home location.

      For example: /u01/app/fmw/ORACLE_HOME/

   4. Paste the copied user_projects folder.
7. On UNIX operating systems, the Installation Inventory Setup screen appears if this is the first time you are installing an Oracle product on this host.
   Specify the location where you want to create your central inventory. Make sure that the operating system group name selected on this screen has write permissions to the central inventory location, and click Next.

   Note:

   The Installation Inventory Setup screen does not appear on Windows operating systems.
8. On the Welcome screen, review the information to make sure that you have met all the prerequisites. Click Next.
9. On the Auto Updates screen, select an option:

   • Skip Auto Updates: If you do not want your system to check for software updates at this time.

   • Select patches from directory: To navigate to a local directory if you downloaded patch files.

   • Search My Oracle Support for Updates: To automatically download software updates if you have a My Oracle Support account. You must enter Oracle Support credentials then click Search. To configure a proxy server for the installer to access My Oracle Support, click Proxy Settings. Click Test Connection to test the connection.

   Click Next.
10. On the Installation Location screen, specify the location for the Oracle home directory and click Next.
    For more information about Oracle Fusion Middleware directory structure, see Understanding Directories for Installation and Configuration in Oracle Fusion Middleware Planning an Installation of Oracle Fusion Middleware.
11. On the Installation Type screen, select Fusion Middleware Infrastructure.
    Click Next.
12. The Prerequisite Checks screen analyzes the host computer to ensure that the specific operating system prerequisites have been met.
    To view the list of tasks that are verified, select View Successful Tasks. To view log details, select View Log. If any prerequisite check fails, then an error message appears at the bottom of the screen. Fix the error and click Rerun to try again. To ignore the error or the warning message and continue with the installation, click Skip (not recommended).
13. On the Installation Summary screen, verify the installation options that you selected.
    If you want to save these options to a response file, click Save Response File and enter the response file location and name. The response file collects and stores all the information that you have entered, and enables you to perform a silent installation (from the command line) at a later time.

    Click Install to begin the installation.

14. On the Installation Progress screen, when the progress bar displays 100%, click Finish to dismiss the installer, or click Next to see a summary.
15. The Installation Complete screen displays the Installation Location and the Feature Sets that are installed. Review this information and click Finish to close the installer.
16. After you have installed Oracle Fusion Middleware Infrastructure, enter the following command to start the installer for Oracle Access Manager 12c (12.2.1.4.0) and repeat the steps above to navigate through the installer screens:

    Note:

    On the Installation Type screen, for Oracle Access Manager, select Collocated Oracle Identity and Access Manager.

    • (UNIX) JDK_HOME/bin/java -jar fmw_12.2.1.4.0_idm.jar

    • (Windows) JDK_HOME\bin\java -jar fmw_12.2.1.4.0_idm.jar

    Note:

    For more information about installing Oracle Access Manager 12c (12.2.1.4.0), see Installing and Configuring the Oracle Access Manager Software in the Installing and Configuring Oracle Identity and Access Management.

Reconfiguring a WebLogic Domain

To reconfigure a domain using the Reconfiguration Wizard, you first launch it from a DOS command prompt or UNIX shell, and then provide the required upgrade details in a sequence of screens that are displayed.

To start the Reconfiguration Wizard in graphical mode from a Windows command prompt or on UNIX systems:

1. Log in to the system on which the domain resides.
2. Open an MS-DOS command prompt window (on Windows) or a command shell (on UNIX).
3. Go to the following directory, where ORACLE_HOME is your Oracle home directory:

   On Windows: ORACLE_HOME\oracle_common\common\bin

   On UNIX: ORACLE_HOME/oracle_common/common/bin

4. Run the following commands:

   On Windows: reconfig.cmd

   On UNIX: sh reconfig.sh

The Reconfiguration Setup Progress screen appear. Click Cancel when the progress bar reaches 100%. At this stage the config.xml file is updated though the Finish button is not enabled.

Starting the Servers on an OAMHOST

After you upgrade Oracle Access Manager on an OAMHOST, start the servers.

You must start the servers in the following order:

Note:

Prior to starting the Administration Server, download Patch 30729380 from My Oracle Support and apply using OPatch, to the OAM node and any other WLS node in the cluster.

1. Start the Node Manager on the required OAMHOST.

2. Start the Administration Server on the required OAMHOST.

3. Start the Oracle Access Manager Managed Servers on the required OAMHOST.

• Starting Servers and Processes
  After a successful upgrade, start all processes and servers, including the Administration Server and any Managed Servers.

Starting Servers and Processes

After a successful upgrade, start all processes and servers, including the Administration Server and any Managed Servers.

The components may be dependent on each other so they must be started in the correct order.

Note:

The procedures in this section describe how to start servers and process using the WLST command line or a script. You can also use the Oracle Fusion Middleware Control and the Oracle WebLogic Server Administration Console. See Starting and Stopping Administration and Managed Servers and Node Manager in Administering Oracle Fusion Middleware.

To start your Fusion Middleware environment, follow the steps below.

Step 1: Start Node Manager

Starting the Node Manager in the Administration Server domain home:

• (UNIX) nohup ./startNodeManager.sh > DOMAIN_HOME/nodemanager/nodemanager.out 2>&1 &

• (Windows) nohup .\startNodeManager.sh > DOMAIN_HOME\nodemanager\nodemanager.out 2>&1 &

Step 2: Start the Administration Server

When you start the Administration Server, you also start the processes running in the Administration Server, including the WebLogic Server Administration Console and Fusion Middleware Control.

To start the Administration Server, use the startWebLogic script:

• (UNIX) DOMAIN_HOME/bin/startWebLogic.sh

• (Windows) DOMAIN_HOME\bin\startWebLogic.cmd

When prompted, enter your user name, password, and the URL of the Administration Server.

Step 3: Start the Managed Servers

Method 1: Start a WebLogic Server Managed Server by using the Weblogic Console:

• Log into Weblogic console as a weblogic Admin.
• Go to Servers > Control tab.
• Select the required managed server.
• Click Start.

Method 2: Start a WebLogic Server Managed Server by using the startManagedWebLogic script:

• (UNIX) DOMAIN_HOME/bin/startManagedWebLogic.sh managed_server_name admin_url

• (Windows) DOMAIN_HOME\bin\startManagedWebLogic.cmd managed_server_name admin_url

When prompted, enter your user name and password.

Note:

• The startup of a Managed Server will typically start the applications that are deployed to it. Therefore, it should not be necessary to manually start applications after the Managed Server startup.
• The Mobile Security Manager (MSM) servers are not supported in 12c. After restarting the servers, the 11g configurations of MSM servers, like omsm_server1 or WLS_MSM1, might remain. Ignore these configurations and do not restart the MSM servers.