2 Understanding Oracle Internet Directory in Oracle Fusion Middleware

Features of Oracle Fusion Middleware that affect Oracle Internet Directory is described in the following sections. Since 11g Release 1 (11.1.1.0.0), Oracle Internet Directory was integrated with Oracle Fusion Middleware, a common management infrastructure that uses Oracle WebLogic Server.

• Understanding WebLogic Server Domain

• Oracle Internet Directory as a System Component

• Oracle Internet Directory Deployment Options

• Middleware Home

• WebLogic Server Home

• Oracle Home

• Oracle Instance in 12c Release 2

• Oracle Enterprise Manager Fusion Middleware Control

• Known Limitations of Oracle Enterprise Manager for Oracle Internet Directory

• Logging, Auditing and Diagnostics Using Fusion Middleware Control

• MBeans and the WebLogic Scripting Tool

See Also:

Introduction to Oracle Fusion Middleware in Administering Oracle Fusion Middleware.

2.1 Understanding WebLogic Server Domain

A WebLogic Server administration domain is a logically related group of Java components. Domains include a special WebLogic Server instance called the Administration Server, which is the central point from which you configure and manage all resources in the domain.

Usually, you configure a domain to include additional WebLogic Server instances called managed servers. You deploy Java components, such as Web applications and Web services, and other resources onto the managed servers and use the Administration Server for configuration and management purposes only. The managed servers can be grouped together into a cluster.

2.2 Oracle Internet Directory as a System Component

Oracle Internet Directory is a system component. That is, it is a manageable process that is not an Oracle WebLogic Server.System components can use the WebLogic Administrative Domain for management services, including Oracle Enterprise Manager Fusion Middleware Control, Audit Framework, configuration management through MBeans and Secure Sockets Layer and Wallet Management. The Oracle WebLogic Server Administration Server controls Oracle Internet Directory and other system components.

Oracle Internet Directory itself is a C-based process. Its only run time dependency is the Oracle Database. To be managed by the Oracle Fusion Middleware management framework, Oracle Internet Directory must register itself with a local or a remote Oracle WebLogic Server administration domain during installation or from the command line after installation. Therefore, an Oracle Internet Directory 11g installation requires either a local or a remote installation of Oracle WebLogic Server. Also, the Directory Management user interface, ODSM, is a Java component deployed on Oracle WebLogic Server.

If you must manage Oracle Internet Directory in your deployment using only command-line tools and a remote ODSM, there is also an option to install and configure Oracle Internet Directory without registering with a Oracle WebLogic Server Domain.

2.3 Oracle Internet Directory Deployment Options

During installation, you can choose deployment options for Oracle Internet Directory.

The four deployment options are:

1. Create New Domain–Oracle Internet Directory with a local Oracle WebLogic Server Domain. Oracle WebLogic Server is installed locally with Oracle Internet Directory and an admin domain is created for Oracle Internet Directory.

2. Extend Existing Domain–Oracle Internet Directory with a remote Oracle WebLogic Server Domain. Oracle WebLogic Server admin server and domain have been installed and created separately and Oracle Internet Directory registers with the Domain remotely.

3. Expand Cluster–Oracle Internet Directory in an Oracle WebLogic Server cluster for High Availability. This option will not be discussed here.

4. Configure Without Domain–Oracle Internet Directory without an Oracle WebLogic Server Domain. Oracle Internet Directory can be installed and configured without Oracle WebLogic Server Server and without registering to any Oracle WebLogic Server Admin Domains. In this case, Oracle Internet Directory cannot be managed by Oracle Enterprise Manager Fusion Middleware Control, Oracle WebLogic Scripting Tool (WLST), or other common Oracle Fusion Middleware management services. You must rely on command-line utilities such as wlst and the LDAP tools. ODSM can be deployed separately and used to manage Oracle Internet Directory.

If you choose Create New Domain or Extend Existing Domain, the Oracle Internet Directory component you create is registered with that domain when the installation is complete.

If you choose Configure Without Domain, the Oracle Internet Directory component is not registered with any domain when the installation is complete. You will be unable to manage Oracle Internet Directory, or any other component in that Oracle instance, with Oracle Enterprise Manager Fusion Middleware Control until you register the component with a WebLogic domain by using the command-line tool wlst.

2.4 Middleware Home

A Middleware home consists of the WebLogic Server home, and optionally one or more other Oracle product homes (also known as Oracle homes).

A middleware home can reside on a local file system or on a remote shared disk that is accessible through NFS. The Oracle Fusion Middleware home is represented in path names as MW_HOME.

2.5 WebLogic Server Home

A WebLogic Server home contains installed files necessary to host a WebLogic Server.

The WebLogic Server home directory is a peer of other Oracle home directories underneath the middleware home directory. In path names, it is represented as WLS_HOME.

2.6 Oracle Common Home

The Oracle home that contains the binary and library files required for the Oracle Enterprise Manager Fusion Middleware Control and Java Required Files (JRF).

There can be only one Oracle Common home within each Middleware home. In path names, it is represented as ORACLE_COMMON_HOME.

2.7 Oracle Home

An Oracle home contains installed files necessary to host a specific software suite. An Oracle home resides within the directory structure of the Middleware home. Each Oracle home can be associated with multiple Oracle instances.

The Oracle home is usually represented in path names as ORACLE_HOME. Each Oracle home can be associated with multiple Oracle instances or WebLogic server domains.

2.8 Oracle Instance in 12c Release 2

In 12c Release 2, product configuration data has been separated from product binaries. The product binaries reside in the Oracle home, ORACLE_HOME, while updatable files reside in an Oracle instance, represented in path names as DOMAIN_HOME.

Most Oracle Internet Directory commands require that you set the environment variable DOMAIN_HOME to the value of DOMAIN_HOME. You dereference this variable as $DOMAIN_HOME on UNIX or Linux systems and as %DOMAIN_HOME% on Windows.

All configuration files, repositories, log files, deployed applications, and temporary files reside in a oracle instance. Keeping updatable files separate from non-updatable files facilitates administrative tasks such as patching, upgrades, backup and restore, and cloning. It allows administrators to have their run-time and install-time binaries follow independent life cycles.

Domain refers not only to a physical location on disk but also encompasses the associated processes. The domain contains one or more active middleware system components, such as Oracle Virtual Directory or Oracle Internet Directory. You determine which components are part of an instance, either at install time or by creating and configuring an instance at a later time.

When you install Oracle Internet Directory on a host computer, Oracle Identity Management 12c Installer creates an Oracle Fusion Middleware component of type OID in a new or existing domain. The component name for the first Oracle Internet Directory component is oid1.

Oracle Identity Management 12c Installer also creates some directories in the file system under the domain, including the following, when you install Oracle Internet Directory:

$DOMAIN_HOME/config/fmwconfig/components/OID/config/componentName
$DOMAIN_HOME/servers/OID/logs/componentName
$DOMAIN_HOME/tools/OID/logs
$DOMAIN_HOME/config/fmwconfig/components/OID/admin
$DOMAIN_HOME/config/fmwconfig/components/OID/admin 
$DOMAIN_HOME/tools/OID/load

2.9 Oracle Enterprise Manager Fusion Middleware Control

As of release 11g, you create, configure, and manage many Oracle Internet Directory features by using Oracle Enterprise Manager Fusion Middleware Control and Oracle Directory Services Manager.

Fusion Middleware Control enables you to configure and manage all Oracle products from one user interface. You can perform most configuration functions in Fusion Middleware Control that you can perform from the command line.

Oracle Directory Services Manager is an additional administrative interface for Oracle Internet Directory and Oracle Virtual Directory. It is accessible from Oracle Enterprise Manager Fusion Middleware Control or directly from its own URL.

2.10 Known Limitations of Oracle Enterprise Manager for Oracle Internet Directory

Oracle Enterprise Manager Fusion Middleware Control has the following limitations for Oracle Internet Directory in 19c:

• The wizard for setting up replication is no longer available in Oracle Enterprise Manager Fusion Middleware Control 19c Administration menu. You can use the command line tools for setting up LDAP-based replication. You can use the command line tools for setting up LDAP-based replication. See Command-line Tools to Setup and Modify Replication.

• The wizard for estimating sizing and tuning needs is no longer available in Oracle Enterprise Manager Fusion Middleware Control 19c Administration menu. For recommendations on sizing and tuning Oracle Internet Directory, see Tuning and Sizing Oracle Internet Directory.

• The wallet option is no longer available in Oracle Enterprise Manager Fusion Middleware Control 19c Security menu. You can use the orapki tool or the keystore service to create a wallet, see Wallet Management and Keystore Management in Administering Oracle Fusion Middleware.

2.11 Logging, Auditing and Diagnostics Using Fusion Middleware Control

Using Oracle Enterprise Manager Fusion Middleware Control, you can monitor the Oracle Internet Directory Server and related components and activities. Using the monitoring functions, you can gain insight into system activity and performance, for example, total logins, successful and unsuccessful logins, average login time, request latencies, LDAP connections, and so on.

You can monitor the following items:

• Metrics: To monitor system health

• General: A high-level rollup of load, performance, security, login, CPU utilization, and other data

• Performance: Key metrics for the directory server and its host

• Reports: Data on operation success and failure

• Topology: Information on the Oracle HTTP Server instances, directory server instances, associated databases, and other components

2.12 MBeans and the WebLogic Scripting Tool

The Oracle WebLogic Scripting Tool (WLST) is a command-line scripting environment that you can use to create, manage, and monitor Oracle WebLogic Server domains. It is based on the Java scripting interpreter, Jython. You can use WLST to perform some Oracle Internet Directory management operations.

A managed bean (MBean) is a Java object that represents a JMX manageable resource in a distributed environment, such as an application, a service, a component or a device. When Oracle Internet Directory is registered with an Oracle WebLogic Server Admin Domain, Oracle Internet Directory MBeans are deployed in the Oracle WebLogic Server Admin Server. These MBeans enable management of Oracle Internet Directory configuration through Oracle Enterprise Manager Fusion Middleware Control or WLST.

See Also:

Getting Started Using the Oracle WebLogic Scripting Tool (WLST) in Administering Oracle Fusion Middleware