14 Configuring Oracle Unified Directory Service Manager

Install and configure Oracle Unified Directory Service Manager (OUDSM) in order to manage Oracle Unified Directory (OUD).

Oracle Unified Directory Service Manager (OUDSM) is a Graphical User Interface (GUI) tool used to manage Oracle Unified Directory. It is not mandatory to be installed in the production environments; however, OUDSM makes managing Oracle Unified Directory easier.

It is recommended that, if you are installing OUDSM, create it in its own light-weight domain. As OUDSM is a management tool that does not need web access, it need not be accessed via the Oracle HTTP Server.

This chapter includes the following topics:

• Variables Used When Configuring Oracle Unified Directory
  The procedures for installing and configuring Oracle Unified Directory reference use a series of variables that you can replace with the actual values used in your environment.
• Setting Environment Variables
  Set environment variables used in this chapter.
• Installing the Oracle Fusion Middleware Infrastructure
  Use the following sections to install the Oracle Fusion Middleware Infrastructure software in preparation for configuring a new domain for Oracle Unified Directory Services Manager.
• Creating a Domain for Oracle Unified Directory Service Manager
  You can create a domain for Oracle Unified Directory Service Manager (OUDSM) without depending on the Oracle Database or the Repository Creation Utility (RCU) using the WebLogic Scripting Tool (WLST) command.
• Starting the Oracle Unified Directory Service Manager Domain
  After configuring the Oracle Unified Directory Service Manager domain, start the Administration Server to manage the domain.
• Configuring Oracle HTTP Server for Oracle Unified Directory Services Manager
  If you want to access the Oracle Unified Directory Services Manager (OUDSM) console through Oracle Web Servers, then you must add the necessary entry to one of your administrative virtual hosts.

Variables Used When Configuring Oracle Unified Directory

The procedures for installing and configuring Oracle Unified Directory reference use a series of variables that you can replace with the actual values used in your environment.

The following directory location variables are used in these procedures:

Table 14-1 Variables Used in This Chapter

Variable	Sample Value	Description
ORACLE_HOME	/u02/oracle/products/oudsm	Oracle Home for the Oracle Unified Directory Services Manager.
JAVA_HOME	/u02/oracle/products/jdk	The JDK home directory.

Setting Environment Variables

Set environment variables used in this chapter.

To help navigate this guide and so you are able to copy sample commands without modification, you can set the following environment variables replacing the values with values appropriate to your environment.

export ORACLE_HOME=/u02/oracle/products/oud
export JAVA_HOME=/u02/oracle/products/jdk
export PATH=$JAVA_HOME/bin:$PATH
export LOCAL_CONFIG_DIR=/u02/oracle/config

Installing the Oracle Fusion Middleware Infrastructure

Use the following sections to install the Oracle Fusion Middleware Infrastructure software in preparation for configuring a new domain for Oracle Unified Directory Services Manager.

• Installing a Supported JDK
  
• Starting the Oracle Identity Management Quick Installer
  
• Navigating the Installation Screens
  
• Starting the Oracle Unified Directory Installer
  
• Navigating the Oracle Unified Directory Installation Screens
  
• Installing the Stack Bundle Patch
  
• Checking the Directory Structure
  

Installing a Supported JDK

Oracle Fusion Middleware requires that a certified Java Development Kit (JDK) is installed on your system.

• Locating and Downloading the JDK Software
  
• Installing the JDK Software
  

Locating and Downloading the JDK Software

To find a certified JDK, see the certification document for your release on the Oracle Fusion Middleware Supported System Configurations page.

After you identify the Oracle JDK for the current Oracle Fusion Middleware release, you can download an Oracle JDK from the following location on Oracle Technology Network:

https://www.oracle.com/java/technologies/downloads/

Be sure to navigate to the download for the Java SE JDK.

Installing the JDK Software

Oracle Fusion Middleware requires you to install a certified Java Development Kit (JDK) on your system.

For more information about the recommended location for the JDK software, see Understanding the Recommended Directory Structure for an Enterprise Deployment.

To install JDK 21.0:

1. Change directory to the location where you downloaded the JDK archive file.

   cd download_dir

2. Unpack the archive into the JDK home directory, and then run the following commands:

   tar -xzvf jdk-21.0.4+8_linux-x64_bin.tar.gz

   Note that the JDK version listed here was accurate at the time this document was published. For the latest supported JDK, see the Oracle Fusion Middleware System Requirements and Specifications for the current Oracle Fusion Middleware release.
3. Move the JDK directory to the recommended location in the directory structure.
   For example:

   ln -s jdk-21.0.4 /u02/oracle/products/jdk

   See File System and Directory Variables Used in This Guide.
4. Run the following command to verify that the appropriate java executable is in the path and your environment variables are set correctly:

   java -version

   The Java version in the output should be displayed as “21.0.4”.

Starting the Oracle Identity Management Quick Installer

To start the installation program, perform the following steps.

1. Log into LDAPHOST1.
2. Go to the directory where you downloaded the installation program.
3. Launch the installation program by invoking the java executable from the JDK directory on your system, as shown in the example below.

   $JAVA_HOME/bin/java -jar fmw_14.1.2.0.0_infrastructure_generic.jar
   

   In this example:

   • If you download the distribution from the Oracle Technology Network (OTN), then the JAR file is typically packaged inside a downloadable ZIP file.

     To install the software required for the initial Infrastructure domain, the distribution you want to install is:

     fmw_14.1.2.0.0_infrastructure_generic.jar.

     For more information about the actual file names of each distribution, see Identifying and Obtaining Software Downloads for an Enterprise Deployment.

When the installation program appears, you are ready to begin the installation. See Navigating the Installation Screens for a description of each installation program screen.

Navigating the Installation Screens

The installation program displays a series of screens, in the order listed in the following table.

If you need additional help with any of the installation screens, click the screen name or click the Help button on the screen.

Table 14-2 Navigating the Infrastructure Installation Screens

Screen	Description
Installation Inventory Setup	On UNIX operating systems, this screen appears if you are installing any Oracle product on this host for the first time. Specify the location where you want to create your central inventory. Ensure that the operating system group name selected on this screen has write permissions to the central inventory location. See Understanding the Oracle Central Inventory in Installing Software with the Oracle Universal Installer. Note: Oracle recommends that you configure the central inventory directory on the products shared volume. Example: /u02/oracle/products/oraInventory You may also need to execute the createCentralinventory.sh script as root from the oraInventory folder after the installer completes.
Welcome	This screen introduces you to the product installer.
Auto Updates	Use this screen to search My Oracle Support automatically for available patches or automatically search a local directory for patches that you have already downloaded for your organization.
Installation Location	Use this screen to specify the location of your Oracle home directory. For the purposes of an enterprise deployment, enter the value of the $ORACLE_HOME variable for the product listed in Table 9-2. For example, /u02/oracle/products/oudsm
Prerequisite Checks	This screen verifies that your system meets the minimum requirements. If there are any warning or error messages, refer to the Oracle Fusion Middleware System Requirements and Specifications document on the Oracle Technology Network (OTN).
Installation Summary	Use this screen to verify the installation options that you have selected. If you want to save these options to a response file, click Save Response File and provide the location and name of the response file. Response files can be used later in a silent installation situation. For more information about silent or command-line installation, see Using the Oracle Universal Installer in Silent Mode in Installing Software with the Oracle Universal Installer.
Installation Progress	This screen allows you to see the progress of the installation.
Installation Complete	This screen appears when the installation is complete. Review the information on this screen, then click Finish to dismiss the installer.

Starting the Oracle Unified Directory Installer

To start the installation program:

1. Log in to LDAPHOST1 as the user you wish to install the software as, for example oracle.
2. Go to the directory in which you downloaded the installer.
3. Run the following Java command to launch the installation wizard:

   java -jar fmw_14.1.2.1.0_oud.jar

   Replace the JDK location in the above command with the actual JDK location on your system. For information about downloading the software and locating the actual installer file name for your product, see Identifying and Obtaining Software Distributions for an Enterprise Deployment.

Navigating the Oracle Unified Directory Installation Screens

The following table describes how to use the installer screens to install Oracle Unified Directory.

If you need additional help with any of the installation screens, click the screen name.

Screen	Description
Welcome	This screen introduces you to the product installer. Click Next.
Auto Updates	Select whether or not you want to receive automatic updates for this product.
Installation Location	For the purposes of this enterprise deployment, enter the value of the DIR_ORACLE_HOME variable listed in Table 9-2. Note that run-time processes cannot write to this directory.
Installation Type	Use this screen to select the type of installation and as a consequence, the products and feature sets you want to install. If you plan to manage OUD through WebLogic server or OUDSM, select Collocated Oracle Unified Directory Server (Managed through WebLogic server). Note: If you select Collocated mode, you must also install Oracle Fusion Middleware Infrastructure. See Installing the Oracle Fusion Middleware Infrastructure. If you plan to manage OUD independently of WebLogic server, select Standalone Oracle Unified Directory Server (Managed independently of WebLogic server). Click Next.
Prerequisite Checks	The installer analyzes the host computer to ensure that the prerequisites are fulfilled. The results of the prerequisite checks are displayed on this screen. If a prerequisite check fails, an error or warning message is displayed. Fix the error and click Rerun. To ignore the error or warning and continue with the installation, click Skip. To stop the prerequisite checking process, click Stop. Click Next to continue.
Installation Summary	This screen displays the Oracle home directory that you specified earlier. It also indicates the amount of disk space that will be used for the installation and the free space available. Review information on this screen. To save the settings specified so far in the installation wizard in a text file (called a response file), click Save. If necessary, you can use the response file to perform the same installation from the command line. Click Install to begin the installation. For more information about silent or command line installation, see "Using the Oracle Universal Installer in Silent Mode" in Installing Software with the Oracle Universal Installer.
Installation Progress	This screen shows the progress and status of the installation process. If you want to cancel the installation, click Cancel. The files that were copied to your system before you canceled the installation will remain on the system; you should remove them manually. Click Next to continue.
Installation Complete	Click Finish.

Installing the Stack Bundle Patch

After installing the software binaries, you must apply the latest Stack Bundle Patch.

For an enterprise deployment you must download and apply the July 2025 Stack Bundle Patch or later. For more details, see Identifying and Obtaining Software Distributions for an Enterprise Deployment.

To apply the patch run the following commands:

1. After downloading the patch, unzip it to your preferred location. For example:

   unzip p38184742_141210_Linux-x86-64.zip

   This location will be known as $PATCH_DIR.

2. Peform the prestop phase:

   ./spbat.sh -type oud -phase prestop -mw_home $DIR_ORACLE_HOME

3. Navigate to the $PATCH_DIR:

   cd $PATCH_DIR/tools/spbat/generic/SPBAT/

4. Apply the patch using the command:

   ./spbat.sh -type oud -phase downtime -mw_home $ORACLE_HOME -spb_download_dir $PATCH_DIR

Checking the Directory Structure

After you install the Oracle Identity and Access Management and create the Oracle home, you should see the directory and sub-directories listed in this topic. The contents of your installation vary based on the options that you selected during the installation.

To check the directory structure:

1. Navigate to the $ORACLE_HOME:

   cd $ORACLE_HOME

2. Enter the following command:

   ls --format=single-column

   The directory structure on your system must match the structure shown in the following example:

   bin
   cfgtoollogs
   coherence
   domain-registry.xml
   em
   envPropertiesCache
   idm
   install
   inventory
   jdeveloper
   jlib
   lib
   mft
   OPatch
   opmn
   oracle_common
   oraInst.loc
   osb
   oui
   root.sh
   soa
   wlserver
   

   See What are the Key Oracle Fusion Middleware Directories? in Understanding Oracle Fusion Middleware.

Creating a Domain for Oracle Unified Directory Service Manager

You can create a domain for Oracle Unified Directory Service Manager (OUDSM) without depending on the Oracle Database or the Repository Creation Utility (RCU) using the WebLogic Scripting Tool (WLST) command.

Note:

This is the Oracle preferred approach to set up a domain for OUDSM. It is recommended not to extend this domain with any other products or components. In this approach, you do not have to run config.sh.

To set up the OUDSM domain using the WLST, do the following:

1. Launch the WLST by running the following command:
   On UNIX:

   $ORACLE_HOME/oracle_common/common/bin/wlst.sh

2. Run the following command to create a compact domain for Oracle Unified Directory Services Manager:

   createOUDSMDomain(domainLocation=path_to_domain_home,weblogicPort=wls_port,weblogicSSLPort=ssl_port,weblogicUserName=wls_user,weblogicUserPassword=wls_password)

   In the above command, specify the values for the following parameters:

   • domainLocation: This is the absolute path to the domain home. For example, $LOCAL_CONFIG_DIR/domains/OUDSMDomain.

   • weblogicPort: This is the WebLogic port. This value must be unique to the server.

   • weblogicSSLPort: This is the WebLogic SSL port. This parameter is optional and is not enabled if not passed.

   • weblogicUserName: This is the WebLogic user name. This parameter is optional. If not specified, the default value weblogic is passed.

   • weblogicUserPassword: This is the WebLogic Administration Server user password.

   For example:

   createOUDSMDomain(domainLocation="/u02/oracle/config/domains/OUDSMDomain",weblogicPort=7001,weblogicSSLPort=7002,weblogicUserPassword='<password>')

3. Enter exit() to exit out of wlst.

Starting the Oracle Unified Directory Service Manager Domain

After configuring the Oracle Unified Directory Service Manager domain, start the Administration Server to manage the domain.

To do this, complete the following steps:

1. Start the Administration Server using the following command:
   $LOCAL_CONFIG_DIR/domains/OUDSMDomain/bin/startWebLogic.sh
2. Verify that the Administration Server is up and running by accessing the Oracle Unified Directory Services Manager at the following URL:

   http://ldaphost1.example.com:7001/oudsm

Configuring Oracle HTTP Server for Oracle Unified Directory Services Manager

If you want to access the Oracle Unified Directory Services Manager (OUDSM) console through Oracle Web Servers, then you must add the necessary entry to one of your administrative virtual hosts.

Once you have configured your Oracle HTTP server as described in Configuring Oracle HTTP Server for an Enterprise Deployment, then you can configure the Oracle HTTP Server to route requests to the Oracle Unified Directory Services Manager. To do this:

1. Add the following entries to the oudsm.conf file located at $OHS_DOMAIN_HOME/config/fmwconfig/components/OHS/ohs1/moduleconf/:

   Listen 4450
   <VirtualHost webhost1.example.com:4450>
       ServerName https://oudsm.example.com:443
       ServerAdmin you@your.address
       RewriteEngine On
       RewriteOptions inherit
       UseCanonicalName On
   
       <Location /oudsm>
         WebLogicHost ldaphost1.example.com
         WebLogicPort 7001
       </Location>
   </VirtualHost>

   Note:

   There are separate directories for configuration and runtime instance files. The runtime files under the .../OHS/instances/ohsn/* folder should not be edited directly. Edit only the .../OHS/ohsn/* configuration files.
2. Copy the oudsm.conf file to the following configuration directory of the second Oracle HTTP Server instance (ohs2):
   $OHS_DOMAIN_HOME/config/fmwconfig/components/ohs2/moduleconf/
3. Restart the Oracle HTTP server instances on WEBHOST1 and WEBHOST2.