1. Installing and Configuring Oracle Internet Directory
  2. Configuring Oracle Internet Directory Domain

4 Configuring Oracle Internet Directory Domain

After you have installed Oracle Internet Directory, you can configure the domain, which you can also extend for high availability.

The configuration steps presented here assume that you have completed the installation steps covered in:

Refer to the following sections to create the database schemas, configure a WebLogic domain, and verify the configuration:

Creating the Database Schemas

Before you can configure an Oracle Internet Directory domain, you must install required schemas on a certified database for use with this release of Oracle Fusion Middleware.

Parent topic: Configuring Oracle Internet Directory Domain

Installing and Configuring a Certified Database

Before you create the database schemas, you must install and configure a certified database, and verify that the database is up and running.

See About Database Requirements for an Oracle Fusion Middleware Installation.

Parent topic: Creating the Database Schemas

Installing Pluggable Database

To install a pluggable database (PDB), see Installing the Oracle Database Software in the Database Installation Guide.

On the Select Install Type screen, select Typical Install.

On the Typical Installation screen, select the Create as Container Database option, and specify a container database name such as cdb1.

To create a pluggable database from an existing container database, see Creating PDBs on Oracle Technology Network.

Note:

  • OID is certified to be used with the following versions of Oracle Database: 12.1.0.1, 12.1.0.2, and 12.2.0.1.

  • Also, note that you need to configure at least one pluggable database in order to configure and use a container database.

  • When you install and use PDB, the data that you specify and the steps that you follow while running the RCU or the OID installer remain the same.

Starting the Repository Creation Utility

Start the Repository Creation Utility (RCU) after you verify that a certified JDK is installed on your system.

To start the RCU:

  1. Verify that a certified JDK already exists on your system by running java -version from the command line. For 12c (12.2.1.3.0), the certified JDK is 1.8.0_131 and later.
  2. Ensure that the JAVA_HOME environment variable is set to the location of the certified JDK. For example:
    • (UNIX) setenv JAVA_HOME /home/Oracle/Java/jdk1.8.0_131
    • (Windows) set JAVA_HOME=C:\home\Oracle\Java\jdk1.8.0_131
  3. Change to the following directory:
    • (UNIX) ORACLE_HOME/oracle_common/bin
    • (Windows) ORACLE_HOME\oracle_common\bin
  4. Enter the following command:
    • (UNIX) ./rcu
    • (Windows) rcu.bat

Parent topic: Creating the Database Schemas

Navigating the Repository Creation Utility Screens to Create Schemas

Enter required information in the RCU screens to create the database schemas.

Parent topic: Creating the Database Schemas

Introducing the RCU

The Welcome screen is the first screen that appears when you start the RCU.

Click Next.

Selecting a Method of Schema Creation

Use the Create Repository screen to select a method to create and load component schemas into the database.

On the Create Repository screen, select System Load and Product Load. This procedure assumes that you have the necessary permissions and privileges to perform DBA activities on your database, that is the SYSDBA privileges.
Providing Database Connection Details

On the Database Connection Details screen, provide the database connection details for the RCU to connect to your database.

Note:

If you are unsure of the service name for your database, you can obtain it from the SERVICE_NAMES parameter in the initialization parameter file of the database. If the initialization parameter file does not contain the SERVICE_NAMES parameter, then the service name is the same as the global database name, which is specified in the DB_NAME and DB_DOMAIN parameters.

For example:

  • Database Type: Oracle Database
  • Connection String Format: Connection Parameters or Connection String
  • Connection String: examplehost.exampledomain.com:1521:Orcl.exampledomain.com
  • Host Name: examplehost.exampledomain.com
  • Port: 1521
  • Service Name: Orcl.exampledomain.com
  • User Name: sys
  • Password: ******
  • Role: SYSDBA

Click Next to proceed, then click OK in the dialog window that confirms a successful database connection.

Specifying a Custom Prefix and Selecting Schemas

Select Create new prefix, specify a custom prefix, then select the Oracle Internet Directory schema. This action automatically selects the following schemas as dependencies:

Note:

Oracle Internet Directory (ODS) schema does not need a prefix. The prefix is required for the other schemas selected during the schema creation process.

You can load only one Oracle Internet Directory (ODS) schema per Database.

If you are configuring Oracle Internet Directory in a standalone mode, the following dependant schema is selected:

  • Common Infrastructure Service (STB)

If you are configuring Oracle Internet Directory in a collocated mode, the following dependant schemas are selected:

  • Oracle Platform Security Services (OPSS)

  • Audit Services (IAU)

  • Audit Services Append (IAU_Append)

  • Audit Services Viewer (IAU_Viewer)

  • WebLogic Services (WLS)

  • Common Infrastructure Service (STB)

The schema Common Infrastructure Services is automatically created. This schema is dimmed; you cannot select or deselect it. This schema enables you to retrieve information from RCU during domain configuration. For more information, see "Understanding the Service Table Schema" in Oracle Fusion Middleware Creating Schemas with the Repository Creation Utility.

The custom prefix is used to logically group these schemas together for use in this domain only; you must create a unique set of schemas for each domain. Schema sharing across domains is not supported.

Tip:

For more information about custom prefixes, see "Understanding Custom Prefixes" in Oracle Fusion Middleware Creating Schemas with the Repository Creation Utility.

For more information about how to organize your schemas in a multi-domain environment, see "Planning Your Schema Creation" in Oracle Fusion Middleware Creating Schemas with the Repository Creation Utility.

Description of odip_schemas.png follows
Description of the illustration odip_schemas.png

Tip:

You must make a note of the custom prefix you choose to enter here; you will need this later on during the domain creation process.

Click Next to proceed, then click OK on the dialog window confirming that prerequisite checking for schema creation was successful.

Specifying Schema Passwords

On the Schema Passwords screen, specify how you want to set the schema passwords on your database, then enter and confirm your passwords.

You must make a note of the passwords you set on this screen; you will need them later on during the domain creation process.

Completing Schema Creation

Navigate through the remaining RCU screens to complete schema creation.

When you reach the Completion Summary screen, click Close to dismiss the RCU.

Configuring the Domain

Use the Configuration Wizard to create and configure a domain.

For information on other methods to create domains, see Additional Tools for Creating, Extending, and Managing WebLogic Domains in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Parent topic: Configuring Oracle Internet Directory Domain

Starting the Configuration Wizard

Start the Configuration Wizard to begin configuring a domain.

To start the Configuration Wizard:

  1. Change to the following directory:

    (UNIX) ORACLE_HOME/oracle_common/common/bin

    (Windows) ORACLE_HOME\oracle_common\common\bin

    where ORACLE_HOME is your 12c (12.2.1.3.0) Oracle home.

  2. Enter the following command:

    (UNIX) ./config.sh

    (Windows) config.cmd

Parent topic: Configuring the Domain

Navigating the Configuration Wizard Screens to Create and Configure the Domain

Enter required information in the Configuration Wizard screens to create and configure the domain for the topology.

Note:

You can use this procedure to extend an existing domain. If your needs do not match the instructions in the procedure, be sure to make your selections accordingly, or see the supporting documentation for more details.

Parent topic: Configuring the Domain

Selecting the Domain Type and Domain Home Location

Use the Configuration Type screen to select a Domain home directory location, optimally outside the Oracle home directory.

Oracle recommends that you locate your Domain home in accordance with the directory structure in What Are the Key Oracle Fusion Middleware Directories? in Oracle Fusion Middleware Understanding Oracle Fusion Middleware, where the Domain home is located outside the Oracle home directory. This directory structure helps avoid issues when you need to upgrade or reinstall software.

To specify the Domain type and Domain home directory:

  1. On the Configuration Type screen, select Create a new domain.
  2. In the Domain Location field, specify your Domain home directory.

For more details about this screen, see Configuration Type in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Selecting the Configuration Templates for Oracle Internet Directory

On the Templates screen, make sure Create Domain Using Product Templates is selected, then select the following templates:

For standalone mode, select the following template:

  • Oracle Internet Directory (Standalone) - 12.2.1.3.0 [oid]

For collocated mode, select the following templates:

  • Oracle Internet Directory (Collocated) -12.2.1.3.0 [oid]

    Selecting this template automatically selects the following as dependencies:

    • Oracle Directory Services Manager -12.2.1.3.0 [oid]

    • Oracle JRF -12.2.1.3.0 [oracle_common]

    • WebLogic Coherence Cluster Extension -12.2.1.3.0 [wlserver]

    • Oracle Enterprise Manager - 12.2.1.3.0 [em]

  • Oracle Directory Integration Platform - 12.2.1.3.0 [dip]

    Optional. Select this template if you're using OID and ODIP in the same domain.

Tip:

More information about the options on this screen can be found in "Templates" in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Configuring the Administrator Account

Use the Administrator Account screen to specify the user name and password for the default WebLogic Administrator account for the domain.

Oracle recommends that you make a note of the user name and password that you enter on this screen; you need these credentials later to boot and connect to the domain's Administration Server.

Specifying the Domain Mode and JDK

Use the Domain Mode and JDK screen to specify the domain mode and Java Development Kit (JDK).

On the Domain Mode and JDK screen:

  • Select Production in the Domain Mode field.

  • Select the Oracle HotSpot JDK in the JDK field.

For more information about this screen, see Domain Mode and JDK in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.
Specifying the Database Configuration Type

Use the Database Configuration type screen to specify details about the database and database schema.

On the Database Configuration type screen, select RCU Data. This option instructs the Configuration Wizard to connect to the database and Service Table (STB) schema to automatically retrieve schema information for schemas needed to configure the domain.

Note:

If you select Manual Configuration on this screen, you must manually fill in parameters for your schema on the next screen.

After selecting RCU Data, specify details in the following fields:

Field Description

DBMS/Service

Enter the database DBMS name, or service name if you selected a service type driver.

Example: orcl.exampledomain.com

Host Name

Enter the name of the server hosting the database.

Example: examplehost.exampledomain.com

Port

Enter the port number on which the database listens.

Example: 1521

Schema Owner

Schema Password

Enter the username and password for connecting to the database's Service Table schema. This is the schema username and password entered for the Service Table component on the Schema Passwords screen in the RCU (see Specifying Schema Passwords).

The default username is prefix_STB, where prefix is the custom prefix that you defined in the RCU.

Click Get RCU Configuration when you finish specifying the database connection information. The following output in the Connection Result Log indicates that the operation succeeded: 

Connecting to the database server...OK
Retrieving schema data from database server...OK
Binding local schema components with retrieved data...OK

Successfully Done.

For more information about the schema installed when the RCU is run, see About the Service Table Schema in Oracle Fusion Middleware Creating Schemas with the Repository Creation Utility.

See Database Configuration Type in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard .

Specifying JDBC Component Schema Information

Use the JDBC Component Schema screen to verify or specify details about the database schemas.

Verify that the values populated on the JDBC Component Schema screen are correct for all schemas. If you selected RCU Data on the previous screen, the schema table should already be populated appropriately.

For high availability environments, see the following sections in Oracle Fusion Middleware High Availability Guide for additional information on configuring data sources for Oracle RAC databases:

See JDBC Component Schema in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard for more details about this screen.

Testing the JDBC Connections

Use the JDBC Component Schema Test screen to test the data source connections.

A green check mark in the Status column indicates a successful test. If you encounter any issues, see the error message in the Connection Result Log section of the screen, fix the problem, then try to test the connection again.

By default, the schema password for each schema component is the password you specified while creating your schemas. If you want different passwords for different schema components, manually edit them in the previous screen (JDBC Component Schema) by entering the password you want in the Schema Password column, against each row. After specifying the passwords, select the check box corresponding to the schemas that you changed the password in and test the connection again.

For more information about this screen, see JDBC Component Schema Test in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Selecting Advanced Configuration

Use the Advanced Configuration screen to complete the domain configuration.

On the Advanced Configuration screen, select:

  • Administration Server

    Required to properly configure the listen address of the Administration Server.

  • Node Manager

    Required to configure Node Manager.

  • Topology

    Select Topology to configure machines and assign the Administration Server to a machine. Note that you cannot configure the oid system component using the Configuration Wizard. The oid instance is configured after the domain configuration. See Performing the Initial Oracle Internet Directory Setup.

Optionally, select other available options as required for your desired installation environment. The steps in this guide describe a standard installation topology, but you may choose to follow a different path. If your installation requirements extend to additional options outside the scope of this guide, you may be presented with additional screens to configure those options. For information about all Configuration Wizard screens, see Configuration Wizard Screens in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Configuring the Administration Server Listen Address

Use the Administration Server screen to select the IP address of the host.

Select the drop-down list next to Listen Address and select the IP address of the host where the Administration Server will reside, or use the system name or DNS name that maps to a single IP address. Do not use All Local Addresses.

Do not specify any server groups for the Administration Server.

Configuring Node Manager

Use the Node Manager screen to select the type of Node Manager you want to configure, along with the Node Manager credentials.

Select Per Domain Default Location as the Node Manager type, then specify Node Manager credentials.

For more information about this screen, see Node Manager in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

For more information about Node Manager types, see Node Manager Overview in Oracle Fusion Middleware Administering Node Manager for Oracle WebLogic Server.

Configuring Managed Servers

If you do not plan to create a WebLogic managed server during installation, click Next and proceed. A WebLogic managed server is not required for OID 12c and Oracle Directory Services Manager (ODSM) gets deployed on the administration server.

If you plan to create a WebLogic managed server during installation, ensure that you associate the Server Groups to the managed server. This step deploys the ODSM/oiddms on the administration server.

Note:

Server Groups are WebLogic Server constructs that are used to organize resources such as hostname(s) being part of a 'machine'.

If you do not select any server groups for the managed server and ODSM/oiddms are deployed on the managed server, then use the Administration Server Console to remove oiddms from the managed sever and deploy them on the administration server.

Configuring a Cluster

You can skip this screen as it is not applicable to Oracle Internet Directory.

Click Next.

Tip:

For more information about this screen, see Clusters in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Defining Server Templates

Click Next and proceed, as this is not applicable to Oracle Internet Directory.

Configuring Coherence Clusters

You can skip this screen as it is not applicable to Oracle Internet Directory.

Click Next.
Creating a New Oracle Internet Directory Machine

Use the Machines screen to update the default machine listed on the screen — oidhost1. A machine is required so that Node Manager can start and stop servers.

If you plan to create a high availability environment and know the list of machines your target topology requires, you can follow the instructions in this section to create all the machines at this time. For more about scale out steps, see Optional Scale Out Procedure in Oracle Fusion Middleware High Availability Guide.

Select the default machine oidhost1 that is listed, and update the Listen Port to appropriate value based on the Node Manager listen port number.

Note:

Do not change the name of the default machine (oidhost1), as the WLST command oid_setup() run for setting up the OID instance, later during the post-configuration stage (as described in Performing the Initial Oracle Internet Directory Setup), relies on this name.

For more information about this screen, see Machines in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Assigning Servers to Oracle Internet Directory Machines

Use the Assign Servers to Machines screen to assign the Administration Server to the default machine oidhost1 that is listed.

On the Assign Servers to Machines screen:

  1. In the Machines pane, select the default machine oidhost1 that is listed.
  2. In the Servers pane, assign AdminServer to oidhost1 by doing one of the following:

    • Click once on AdminServer to select it, then click the right arrow to move it beneath the selected machine (oidhost1) in the Machines pane.

    • Double-click on AdminServer to move it beneath the selected machine (oidhost1) in the Machines pane.

Virtual Targets

You can skip this screen for Oracle Internet Directory configuration.

Click Next and proceed.

Partitions

Click Next as this is not applicable to Oracle Internet Directory.

For details about options on this screen, see Partitions in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Reviewing Your Configuration Specifications and Configuring the Domain

The Configuration Summary screen shows detailed configuration information for the domain you are about to create.

Review each item on the screen and verify that the information is correct. To make any changes, go back to a screen by clicking the Back button or selecting the screen in the navigation pane. Domain creation does not start until you click Create.

For more details about options on this screen, see Configuration Summary in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Writing Down Your Domain Home and Administration Server URL

The End of Configuration screen shows information about the domain you just configured.

Make a note of the following items because you need them later:

  • Domain Location

  • Administration Server URL

You need the domain location to access scripts that start Node Manager and Administration Server, and you need the URL to access the Administration Server.

Click Finish to dismiss the Configuration Wizard.

Starting Servers and Processes

After configuration is complete, start the servers and the processes.

For more information on additional tools you can use to manage your domain, see Overview of Oracle Fusion Middleware Administration Tools in Oracle Fusion Middleware Administering Oracle Fusion Middleware.

Refer to the following topics based on your configuration mode:

Parent topic: Configuring Oracle Internet Directory Domain

Starting the Servers for Standalone Oracle Internet Directory

In case of a standalone Oracle Internet Directory (OID) configuration, start the Node Manager. The OID instance will be started when you perform the initial OID setup in the later sections.

To start the Node Manager, use the following command:

  • (UNIX) DOMAIN_HOME/bin/startNodeManager.sh

  • (Windows) DOMAIN_HOME\bin\startNodeManager.cmd

Note:

Before starting the Node Manager, make sure that any changes made to the default port in nodemanager.properties reflects in the corresponding associated machine as well.

Parent topic: Starting Servers and Processes

Starting Servers and Processes for Collocated Oracle Internet Directory

In case of a collocated Oracle Internet Directory (OID) configuration, start the Administration Server and the Node Manager. The OID instance will be started when you perform the initial OID setup in the later sections.

The components may be dependent on each other so they must be started in the correct order.

Note:

The procedures in this section describe how to start servers and process using the WLST command line or a script. You can also use the Oracle Fusion Middleware Control and the Oracle WebLogic Server Administration Console. See Starting and Stopping Administration and Managed Servers and Node Manager in Administering Oracle Fusion Middleware.

To start your Fusion Middleware environment, follow the steps below.

Step 1: Start the Administration Server

When you start the Administration Server, you also start the processes running in the Administration Server, including the WebLogic Server Administration Console and Fusion Middleware Control.

To start the Administration Server, use the startWebLogic script:

  • (UNIX) DOMAIN_HOME/bin/startWebLogic.sh

  • (Windows) DOMAIN_HOME\bin\startWebLogic.cmd

When prompted, enter your user name, password, and the URL of the Administration Server.

Step 2: Start Node Manager

To start Node Manager, use the startNodeManager script:

  • (UNIX) DOMAIN_HOME/bin/startNodeManager.sh

  • (Windows) DOMAIN_HOME\bin\startNodeManager.cmd

Note:

Before starting the Node Manager, make sure that any changes made to the default port in nodemanager.properties reflects in the corresponding associated machine as well.

Parent topic: Starting Servers and Processes

Performing the Initial Oracle Internet Directory Setup

Use the wlst command from a different terminal to connect to Administration Server and set up Oracle Internet Directory.

To perform the initial setup of OID, do the following:
  1. Run the following command from the location $ORACLE_HOME/oracle_common/common/bin to launch the WLST tool:
    ./wlst.sh
  2. In case of a standalone Oracle Internet Directory configuration, connect to the Node Manager using the following command:
    nmConnect(username='wls_user',password='password',domainName='base_domain')
    In case of a collocated Oracle Internet Directory configuration, connect to the Administration Server using the following command:
    connect('Admin_username','Admin_password','t3://Admin_host:Admin_port’)
  3. Run the following command to perform the initial setup of OID:
    From location:
    • For standalone mode: /base_domain
    • For collocated mode: /base_domain/serverConfig
    oid_setup(orcladminPassword='password',odsPassword='password',realmDN='<your realm>' port='nnnn', sslPort='nnnn', host='hostname' )

    where,

    realmDN='<dc=<xxxx>,dc=<company name>, dc=com>'

    Note:

    For information about the other optional arguments that can be used with oid_setup command, run the following command:

    help('oid_setup')

    You can use the appropriate arguments for running OID on custom SSL and non-SSL ports, setting instanceName, port, hostname, machineName as input parameters etc.

    The command oid_setup() performs the following operations:

    • Sets the password for cn=orcladmin user.

    • Creates the first OID instance oid1. The following parameters are set by default when oid_setup is run:

      • instanceName = 'oid1'

      • host = 'hostname of the current machine'

      • port = '3060'

      • machine = 'oidhost1'

        This gets created automatically when you run config.sh.

      • sslPort = '3131'

    • Starts the newly created OID instance oid1 .

    • Creates the realm.

      Note:

      If the realm is not provided then 'dc=us,dc=oracle,dc=com' realm is created automatically.

Note:

For more information about managing Oracle Internet Directory components using WLST commands, see Managing Oracle Internet Directory Components by Using WLST Commands in the Administering Oracle Internet Directory.

Parent topic: Configuring Oracle Internet Directory Domain

Verifying the Configuration

After completing all configuration steps, you can perform additional steps to verify that your domain is properly configured.

To verify the Oracle Internet Directory (OID) is configured successfully, do the following:

  1. Set the environment variable ORACLE_HOME to the new 12c ORACLE_HOME location.

  2. Run the following command to check on the OID instance:

    ORACLE_HOME/bin/ldapbind -h OID_HOST -p OID_PORT

For additional configuration and administration tasks, see Performing Additional Domain Configuration Tasks.

Parent topic: Configuring Oracle Internet Directory Domain