20 Configuring Oracle Managed File Transfer in an Enterprise Deployment

The procedures explained in this chapter guide you through the process of adding Oracle Managed File Transfer to your enterprise deployment.

20.1 About Oracle Managed File Transfer

Oracle Managed File Transfer (MFT) provides a standards-based file gateway. It features design, deployment, and monitoring of file transfers using a web-based design-time console that includes transfer prioritization, file encryption, scheduling, and embedded FTP and sFTP servers.

For more information about Oracle MFT, see Understanding Oracle Managed File Transfer in Using Oracle Managed File Transfer.

20.1.1 About Managed File Transfer in an Enterprise Deployment

Managed File Transfer runs in its own domain, separate from other components, such as Oracle SOA Suite, Oracle Service Bus, and Business Activity Monitoring. Typically, you create the domain and configure the Managed Servers for Managed File Transfer in a single configuration wizard session.

Managed File Transfer uses Oracle Web Services Manager (OWSM), and runs the OWSM services on the same servers as the Managed File Transfer applications.

If you are configuring a Web tier, then Managed File Transfer requires Oracle Traffic Director, which provide TCP communication load balancing for the Managed File Transfer SFTP requests.

The Managed File Transfer domain can be configured on the same host as other FMW components. For this reason, Oracle recommends that you use a per host Node Manager configuration. In this configuration, a single Node Manager can control different domains on the same machine. For more information, see Configuring a Per Host Node Manager for an Enterprise Deployment.

20.1.2 Characteristics of the Managed File Transfer Domain

The following table lists some of the key characteristics of the domain you are about to create. By reviewing and understanding these characteristics, you can better understand the purpose and context of the procedures used to configure the domain.

Many of these characteristics are described in more detail in Understanding a Typical Enterprise Deployment.

Characteristic of the Domain More Information

Uses a separate virtual IP (VIP) address for the Administration Server.

Configuration of the Administration Server and Managed Servers Domain Directories

Uses separate domain directories for the Administration Server and the Managed Servers in the domain.

Configuration of the Administration Server and Managed Servers Domain Directories

Uses Oracle Web Services Manager, which is deployed to the same servers as Managed File Transfer

Using Oracle Web Services Manager in the Application Tier

Requires Oracle Traffic Director for routing SFT requests from the Web tier.

About Oracle Traffic Director in an Enterprise Deployment

Uses a single Configuration Wizard session to configure the Infrastructure and Managed File Transfer software on the Managed File Transfer Managed Servers. The domain is later extended to include Oracle Traffic Director.

Creating the Managed File Transfer Domain for an Enterprise Deployment

Uses a per host Node Manager configuration.

About the Node Manager Configuration in a Typical Enterprise Deployment

Requires a separately installed LDAP-based authentication provider.

Understanding OPSS and Requests to the Authentication and Authorization Stores

20.2 Variables Used When Configuring Managed File Transfer

The procedures for installing and configuring Managed File Transfer reference use a series of variables that you can replace with the actual values used in your environment.

The following directory location variables are used in these procedures:

  • WEB_ORACLE_HOME

  • ASERVER_HOME

  • MSERVER_HOME

  • WEB_DOMAIN_HOME

  • JAVA_HOME

  • NM_HOME

For more information, see File System and Directory Variables Used in This Guide.

In addition, you'll be referencing the following virtual IP (VIP) address defined in Reserving the Required IP Addresses for an Enterprise Deployment:

  • ADMINVHN

Actions in this chapter will be performed on the following host computers:

  • APPHOST1

  • APPHOST2

  • WEBHOST1

  • WEBHOST2

Note:

Note that for this chapter, APPHOST1 and APPHOST2 provide a more generic variable for the application tier hosts. This is because, depending upon the domain you are creating, the host name variable will vary.

For example, if you are configuring Oracle Traffic Director for an Oracle SOA Suite domain, APPHOST1 is the same as SOAHOST1. However, if you are configuring Oracle Traffic Director for an Oracle Managed File Transfer domain, which is typically configured in its own domain, then APPHOST1 is the same as MFTHOST1.

20.3 Synchronizing the System Clocks

Before you extend the domain to include Oracle SOA Suite, verify that the system clocks on each host computer are synchronized. You can do this by running the date command as simultaneously as possible on the hosts in each cluster.

Alternatively, there are third-party and open-source utilities you can use for this purpose.

20.4 Prerequisites for Creating the Managed File Transfer Domain

Before creating the Managed File Transfer domain, ensure that your existing deployment meets the following prerequisites.

  • Verify that you have installed a supported JDK.

  • You must have an existing Oracle home where you have installed the Oracle Fusion Middleware Infrastructure software binaries. This must be a dedicated Oracle home for the Managed File Transfer domain. The Oracle home is typically on shared storage and is available from MFTHOST1 and MFTHOST2. For more information, see Shared Storage Recommendations When Installing and Configuring an Enterprise Deployment.

    Note that you should not configure the Infrastructure domain, only install the Oracle Fusion Middleware Infrastructure software.

    To create the Infrastructure Oracle home, see Installing the Oracle Fusion Middleware Infrastructure in Preparation for an Enterprise Deployment.

  • Back up the installation - If you have not yet backed up the existing Fusion Middleware Home, Oracle recommends backing it up now.

    To back up the existing Fusion Middleware Home and domain, see Performing Backups and Recoveries in the SOA Enterprise Deployments.

  • If you haven't done so already, verify that the system clocks on each host computer are synchronized. You can do this by running the date command as simultaneously as possible on the hosts in each cluster.

    Alternatively, there are third-party and open-source utilities you can use for this purpose.

20.5 Installing the Software for an Enterprise Deployment

The following sections describe how to install the software for an enterprise deployment.

20.5.1 Starting the Managed File Transfer Installer on MFTHOST1

To start the installation program:

  1. Log in to MFTHOST1.
  2. Go to the directory where you downloaded the installation program.
  3. Launch the installation program by invoking the java executable from the JDK directory on your system, as shown in the example below.
    JAVA_HOME/bin/java -d64 -jar Installer File Name
    

    Be sure to replace the JDK location in these examples with the actual JDK location on your system.

    Replace Installer File Name with the name of the actual installer file for your product listed in Identifying and Obtaining Software Downloads for an Enterprise Deployment.

When the installation program appears, you are ready to begin the installation.

20.5.2 Navigating the Installation Screens When Installing Managed File Transfer

The installation program displays a series of screens, in the order listed in the following table.

If you need additional help with any of the installation screens, click the screen name.

Screen Description

Welcome

This screen introduces you to the product installer.

Auto Updates

Use this screen to automatically search My Oracle Support for available patches or automatically search a local directory for patches that you’ve already downloaded for your organization.

Installation Location

Use this screen to specify the location of your Oracle home directory. This Oracle home should already contain Oracle Fusion Middleware Infrastructure.

For more information about Oracle Fusion Middleware directory structure, see Selecting Directories for Installation and Configuration in Planning an Installation of Oracle Fusion Middleware.

Installation Type

Use this screen to select the type of installation and consequently, the products and feature sets you want to install.

  • Select Managed File Transfer

Prerequisite Checks

This screen verifies that your system meets the minimum necessary requirements.

If there are any warning or error messages, you can refer to one of the documents in the Roadmap for Verifying Your System Environment section in Installing and Configuring the Oracle Fusion Middleware Infrastructure.

Installation Summary

Use this screen to verify the installation options you selected.

Click Install to begin the installation.

Installation Progress

This screen allows you to see the progress of the installation.

Click Next when the progress bar reaches 100% complete.

Installation Complete

Review the information on this screen, then click Finish to dismiss the installer.

20.5.3 Verifying the Installation

After you complete the installation, you can verify it by successfully completing the following tasks.

20.5.3.1 Reviewing the Installation Log Files

Review the contents of the installation log files to make sure that no problems were encountered. For a description of the log files and where to find them, see Understanding Installation Log Files in Installing Software with the Oracle Universal Installer.

20.5.3.2 Checking the Directory Structure for Managed File Transfer

The contents of your installation vary based on the options you selected during the installation.

The addition of Managed File Transfer adds the following directory and sub-directories:

/u01/oracle/products/fmw

cfgtoollogs
coherence
em
install
inventory
mft
OPatch
oracle_common
oraInst.loc
osb
oui
soa
wlserver

For more information about the directory structure you should see after installation, see What are the Key Oracle Fusion Middleware Directories? in Understanding Oracle Fusion Middleware.

20.6 Creating the Managed File Transfer Database Schemas

Before you can configure an Managed File Transfer domain, you must install the required schemas in a certified database for use with this release of Oracle Fusion Middleware.

20.6.1 Starting the Repository Creation Utility (RCU)

To start the Repository Creation Utility (RCU):

  1. Navigate to the ORACLE_HOME/oracle_common/bin directory on your system.
  2. Make sure the JAVA_HOME environment variable is set to the location of a certified JDK on your system. The location should be up to but not including the bin directory. For example, if your JDK is located in /u01/oracle/products/jdk:

    On UNIX operating systems:

    export JAVA_HOME=/u01/oracle/products/jdk
    
  3. Start RCU:

    On UNIX operating systems:

    ./rcu
    

20.6.2 Navigating the RCU Screens to Create the Managed File Transfer Schemas

Schema creation involves the following tasks:

Task 1   Introducing RCU

Click Next.

Task 2   Selecting a Method of Schema Creation

If you have the necessary permission and privileges to perform DBA activities on your database, select System Load and Product Load. This procedure assumes that you have the necessary privileges.

If you do not have the necessary permission or privileges to perform DBA activities in the database, you must select Prepare Scripts for System Load on this screen. This option will generate a SQL script, which can be provided to your database administrator to create the required schema. See Understanding System Load and Product Load in Creating Schemas with the Repository Creation Utility.

Task 3   Providing Database Connection Details

Provide the database connection details for RCU to connect to your database.

In the Host Name field, enter the SCAN address of the Oracle RAC Database.

Enter the DBMS/Service details.

Enter the Schema Owner and Schema Password details.

Click Next to proceed, then click OK on the dialog window confirming that connection to the database was successful.

Task 4   Specifying a Custom Prefix and Selecting Schemas

On this page, do the following:

  1. Choose Create new prefix, and then enter the prefix you want to use for the Managed File Transfer schemas. A unique schema prefix is required because you are creating a new domain for Managed File Transfer.

  2. From the list of schemas, select the Managed File Transfer schema.

    This will automatically select the following dependent schemas:

    • User Messaging Service

    • Metadata Services

    • Oracle Platform Security Services

    • Audit Services

    • Audit Services Append

    • Audit Services Viewer

    • Oracle Enterprise Scheduler

  3. Select WebLogic Services.

    Note:

    The WebLogic Services schema is not selected automatically, ensure that you select it manually.

The custom prefix is used to logically group these schemas together for use in this domain only; you must create a unique set of schemas for each domain as schema sharing across domains is not supported.

Tip:

For more information about custom prefixes, see Understanding Custom Prefixes in Creating Schemas with the Repository Creation Utility.

For more information about how to organize your schemas in a multi-domain environment, see Planning Your Schema Creation in Creating Schemas with the Repository Creation Utility.

Click Next to proceed, then click OK on the dialog window confirming that prerequisite checking for schema creation was successful.

Task 5   Specifying Schema Passwords

Specify how you want to set the schema passwords on your database, then specify and confirm your passwords.

Tip:

You must make a note of the passwords you set on this screen; you will need them later on during the domain creation process.

Task 6   Verifying the Tablespaces for the Required Schemas

On the Map Tablespaces screen, review the information, and then click Next to accept the default values.

Click OK in the confirmation dialog box.

Task 7   Completing Schema Creation

Navigate through the remainder of the RCU screens to complete schema creation. When you reach the Completion Summary screen, click Close to dismiss RCU.

Task 8   Verifying the Schema Creation

To verify that the schemas were created successfully, and to verify the database connection details, use SQL*Plus or another utility to connect to the database, using the Managed File Transfer schema name and the password you provided.

For example:

./sqlplus

SQL*Plus: Release 11.2.0.4.0 Production on Fri Nov 1 08:44:18 2013

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

Enter user-name: FMW12211_MFT
Enter password: mft_schema_password

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL>

20.7 Creating the Managed File Transfer Domain for an Enterprise Deployment

You create a separate Managed File Transfer domain, using the Fusion Middleware Configuration Wizard.

20.7.1 Starting the Configuration Wizard

To start the Configuration Wizard:

  1. Shut down the domain completely before extending the domain. From the WebLogic Server Console, stop all managed servers and verify, and then stop the Administration Server.
  2. Navigate to the following directory and start the WebLogic Server Configuration Wizard.
    cd ORACLE_HOME/oracle_common/common/bin
    ./config.sh
    

20.7.2 Navigating the Configuration Wizard Screens for MFT

Follow the instructions in these sections to create and configure the domain for the topology, with static clusters.

20.7.2.1 Extending the Domain with Static Clusters

Follow the instructions in this section to create and configure the domain for the topology.

Domain creation and configuration includes the following tasks.
Task 1   Selecting the Domain Type and Domain Home Location

You must select a Domain home directory location, optimally outside the Oracle home directory.

Oracle recommends that you locate your Domain home in accordance with the directory structure in What Are the Key Oracle Fusion Middleware Directories? in Understanding Oracle Fusion Middleware, where the Domain home is located outside the Oracle home directory. This directory structure helps avoid issues when you need to upgrade or reinstall software.

To specify the Domain type and Domain home directory:

  1. On the Configuration Type screen, select Create a new domain.

  2. In the Domain Location field, specify your Domain home directory.

For more information about this screen, see Configuration Type in Creating WebLogic Domains Using the Configuration Wizard

Task 2   Selecting the Configuration Templates

On the Templates screen, make sure Create Domain Using Product Templates is selected, then select the following templates:

  • Oracle Managed File Transfer - 12.2.1.3.0 [mft]

    Selecting this template automatically selects the following dependencies:

    • Oracle B2B Client

    • Oracle Enterprise Manager

    • Oracle WSM Policy Manager

    • Oracle JRF

    • WebLogic Coherence Cluster Extension

For more information about the options on this screen, see Templates in Creating WebLogic Domains Using the Configuration Wizard.

Task 3   Selecting the Application Home Location

On the Application Location screen, specify the value of the APPLICATION_HOME variable, as defined in File System and Directory Variables Used in This Guide.

For more information about the options on this screen, see Application Location in Creating WebLogic Domains Using the Configuration Wizard.

Task 4   Configuring the Administrator Account

On the Administrator Account screen, specify the user name and password for the default WebLogic Administrator account for the domain.

Make a note of the user name and password specified on this screen; you will need these credentials later to boot and connect to the domain's Administration Server.

Task 5   Specifying the Domain Mode and JDK

On the Domain Mode and JDK screen:

  • Select Production in the Domain Mode field.

  • Select the Oracle Hotspot JDK in the JDK field.

Selecting Production Mode on this screen gives your environment a higher degree of security, requiring a user name and password to deploy applications and to start the Administration Server.

For more information about the options on this screen, including the differences between development mode and production mode, see Domain Mode and JDK in Creating WebLogic Domains Using the Configuration Wizard.

In the production mode, a boot identity file can be created to bypass the need to provide a user name and password when starting the Administration Server. For more information, see Creating the boot.properties File.

Task 6   Specifying the Database Configuration Type

Select RCU Data to activate the fields on this screen.

The RCU Data option instructs the Configuration Wizard to connect to the database and Service Table (STB) schema to automatically retrieve schema information for the schemas needed to configure the domain.

Note:

If you select Manual Configuration on this screen, you must manually fill in the parameters for your schema on the JDBC Component Schema screen.

After selecting RCU Data, fill in the fields as shown in the following table.

Field Description

DBMS/Service

Enter the service name for the Oracle RAC database where you will install the product schemas. For example:

orcl.example.com

Be sure this is the common service name that is used to identify all the instances in the Oracle RAC database; do not use the host-specific service name.

Host Name

Enter the Single Client Access Name (SCAN) Address for the Oracle RAC database, which you entered in the Enterprise Deployment Workbook.

Port

Enter the port number on which the database listens. For example, 1521.

Schema Owner

Schema Password

Enter the user name and password for connecting to the database's Service Table schema.

This is the schema user name and password that was specified for the Service Table component on the Schema Passwords screen in RCU. For more information, see Creating the Database Schemas.

The default user name is prefix_STB, where prefix is the custom prefix that you have defined in RCU.

Click Get RCU Configuration when you are finished specifying the database connection information. The following output in the Connection Result Log indicates that the operating succeeded:

Connecting to the database server...OK
Retrieving schema data from database server...OK
Binding local schema components with retrieved data...OK

Successfully Done.

Click Next if the connection to the database is successful.

For more information about the RCU Data option, see Understanding the Service Table Schema in Creating Schemas with the Repository Creation Utility.

For more information about the other options on this screen, see Datasource Defaults in Creating WebLogic Domains Using the Configuration Wizard.

Task 7   Specifying JDBC Component Schema Information

Verify that the values on the JDBC Component Schema screen are correct for all schemas.

The schema table should be populated, because you selected Get RCU Data on the previous screen. As a result, the Configuration Wizard locates the database connection values for all the schemas required for this domain.

At this point, the values are configured to connect to a single-instance database. However, for an enterprise deployment, you should use a highly available Real Application Clusters (RAC) database, as described in Preparing the Database for an Enterprise Deployment.

In addition, Oracle recommends that you use an Active GridLink datasource for each of the component schemas. For more information about the advantages of using GridLink data sources to connect to a RAC database, see Database Considerations in the High Availability Guide.

To convert the data sources to GridLink:

  1. Select all the schemas by selecting the checkbox at in the first header row of the schema table.

  2. Click Convert to GridLink and click Next.

Task 8   Providing the GridLink Oracle RAC Database Connection Details

On the GridLink Oracle RAC Component Schema screen, provide the information required to connect to the RAC database and component schemas, as shown in following table.

Element Description and Recommended Value

SCAN, Host Name, and Port

Select the SCAN check box.

In the Host Name field, enter the Single Client Access Name (SCAN) Address for the Oracle RAC database.

In the Port field, enter the SCAN listening port for the database (for example, 1521)

ONS Host and Port

In the ONS Host field, enter the SCAN address for the Oracle RAC database.

In the Port field, enter the ONS Remote port (typically, 6200).

Enable Fan

Verify that the Enable Fan check box is selected, so the database can receive and process FAN events.

For more information about specifying the information on this screen, as well as information about how to identify the correct SCAN address, see Configuring Active GridLink Data Sources with Oracle RAC in the High Availability Guide.

You can also click Help to display a brief description of each field on the screen.

Task 9   Testing the JDBC Connections

A green check mark in the Status column indicates a successful test. If you encounter any issues, see the error message in the Connection Result Log section of the screen, fix the problem, then try to test the connection again.

By default, the schema password for each schema component is the password you specified while creating your schemas. If you want different passwords for different schema components, manually edit them in the previous screen (JDBC Component Schema) by entering the password you want in the Schema Password column, against each row. After specifying the passwords, select the check box corresponding to the schemas that you changed the password in and test the connection again.

For more information about the other options on this screen, see Test Component Schema in Creating WebLogic Domains Using the Configuration Wizard.

Task 10   Specifying the Keystore

Use the Keystore screen in the Configuration Wizard to specify details about the keystore to be used in the domain.

For a typical enterprise deployment, you can leave the default values.

For more information, see Keystore in Creating WebLogic Domains Using the Configuration Wizard.

Task 11   Selecting Advanced Configuration

To complete domain configuration for the topology, select the following options on the Advanced Configuration screen:

  • Administration Server

    This is required to properly configure the listen address of the Administration Server.

  • Node Manager

    This is required to configure Node Manager.

  • Topology

    This is required to add, delete, or modify the Settings for Server Templates, Managed Servers, Clusters, Virtual Targets, and Coherence.

  • File Store

    This is required to configure the appropriate shared storage for JMS persistent stores.

Note:

When using the Advanced Configuration screen in the Configuration Wizard, if any of the above options are not available on the screen, then return to the Templates screen and ensure that you have selected the required templates for this topology.

Task 12   Configuring the Administration Server Listen Address

On the Administration Server screen:

  1. In the Server Name field, retain the default value - AdminServer.

  2. In the Listen Address field, enter the virtual host name that corresponds to the VIP of the ADMINVHN that you had procured in Procuring Resources for an Enterprise Deployment and had enabled in Preparing the Host Computers for an Enterprise Deployment.

    For more information on the reasons for using the ADMINVHN virtual host, see Reserving the Required IP Addresses for an Enterprise Deployment.

  3. Leave the other fields at their default values.

    In particular, be sure that no server groups are assigned to the Administration Server.

Task 13   Setting the Node Manager Type (Per Host)

Select Manual Node Manager Setup as the Node Manager type.

Note:

Task 14   Configuring Managed Servers

Use the Managed Servers screen to create to create the Managed Servers required in the Managed File Transfer domain.

  1. Click the Add button to create a new Managed Server.

  2. Specify WLS_MFT1 in the Server name column.

  3. In the Listen Address column, enter MFTHOST1.

    Be sure to enter the host name that corresponds to MFTHOST1; do not use the IP address.

  4. In the Listen Port column, enter 7500.

  5. In the Server Groups drop-down list, select MFT-MGD-SVRS.

    The selected server group ensures that the Managed File Transfer and Oracle Web Services Manager (OWSM) software is targeted to the Managed Server.

    There is another server group called MFT-MGD-SVRS-ONLY that targets only MFT but not Oracle Web Services Manager (OWSM) to the server. This is typically used if you want to have Oracle Web Services Manager (OWSM) in a different server rather than with the MFT server.

    The server groups target Fusion Middleware applications and services to one or more servers by mapping defined groups of application services to each defined server group. Any application services that are mapped to a given server group are automatically targeted to all servers that are assigned to that group. For more information, see Application Service Groups, Server Groups, and Application Service Mappings in Domain Template Reference.

  6. Click Add and repeat this process to create a second Managed Server named WLS_MFT2.

    For the Listen Address, enter MFTHOST2. For the Listen Port, enter 7010. Associate the same server group that you associated with the first managed server, to WLS_MFT2 also.

The Managed Server names suggested in this procedure (WLS_MFT1 and WLS_MFT2) will be referenced throughout this document; if you choose different names then be sure to replace them as needed,

For more information about the options on this screen, see Managed Servers in Creating WebLogic Domains Using the Configuration Wizard.

Task 15   Configuring a Cluster

Use the Clusters screen to create a new cluster:

  1. Click the Add button.

  2. Specify MFT_Cluster in the Cluster Name field.

  3. Leave the Address field blank.

  4. Specify mft.example.com in the Frontend Host field.

  5. Specify 80 as the Frontend HTTP port and 443 as the Frontend HTTPS port.
  6. From the Dynamic Server Groups drop-down list, select Unspecified.

For more information about the options on this screen, see Clusters in Creating WebLogic Domains Using the Configuration Wizard.

Task 16   Assigning Server Templates

Click Next to continue.

Task 17   Configuring Dynamic Servers
Verify that all dynamic server options are disabled for clusters that are to remain as static clusters.
  1. Confirm that the Dynamic Cluster, Calculated Listen Port, and Calculated Machine Names checkboxes on this screen are unchecked.

  2. Confirm the Server Template selection is Unspecified.

  3. Click Next.

Task 18   Assigning Managed Servers to the Cluster

Use the Assign Servers to Clusters screen to assign Managed Servers to the new cluster.

  1. In the Clusters pane, select the cluster to which you want to assign the servers; in this case, MFT_Cluster.

  2. In the Servers pane, assign WLS_MFT1 to MFT_Cluster by doing one of the following:

    • Click once on WLS_MFT1 to select it, then click on the right arrow to move it beneath the selected cluster (MFT_Cluster)) in the Clusters pane.

      OR

    • Double-click on WLS_MFT1 to move it beneath the selected cluster (MFT_Cluster) in the clusters pane.

  3. Repeat these steps to assign the WLS_MFT2 Managed Server to MFT_Cluster.

For more information about the options on this screen, see Assign Servers to Clusters in Creating WebLogic Domains Using the Configuration Wizard.

Task 19   Configuring Coherence Clusters

Use the Coherence Clusters screen to configure the Coherence cluster that is automatically added to the domain.

In the Cluster Listen Port, enter 9991.

For Coherence licensing information, Oracle Coherence Products in Oracle Fusion Middleware Licensing Information User Manual.

Task 20   Creating Machines

Use the Machines screen to create five new machines in the domain. A machine is required in order for the Node Manager to be able to start and stop the servers.

  1. Select the Unix Machine tab.

  2. Click the Add button to create five new UNIX machines.

    Use the values in Table 20-1 to define the Name and Node Manager Listen Address of each machine.

  3. Verify the port in the Node Manager Listen Port field.

    The port number 5556, shown in this example, may be referenced by other examples in the documentation. Replace this port number with your own port number as needed.

    Note:

    If you are installing on a host where additional domains were already configured, and you have already configured a per host Node Manager, then the address and port configured in this screen must be for the existing per host Node Manager.

Table 20-1 Values to Use When Creating Unix Machines

Name Node Manager Listen Address Node Manager Listen Port

MFTHOST1

The value of the MFTHOST1 host name variable. For example, MFTHOST1.example.com.

5556

MFTHOST2

The value of the MFTHOST2 host name variable. For example, MFTHOST2.example.com.

5556

ADMINHOST

Enter the value of the ADMINVHN variable.

5556

For more information about the options on this screen, see Machines in Creating WebLogic Domains Using the Configuration Wizard.

Task 21   Assigning Servers to Machines

Use the Assign Servers to Machines screen to assign the Administration Server and the two Managed Servers to the appropriate machine.

The Assign Servers to Machines screen is similar to the Assign Managed Servers to Clusters screen. Select the target machine in the Machines column, select the Managed Server in the left column, and click the right arrow to assign the server to the appropriate machine.

Assign the servers as follows:

  • Assign the AdminServer to the ADMINHOST machine.

  • Assign the WLS-MFT1 Managed Server to the MFTHOST1 machine.

  • Assign the WLS-MFT2 Managed Server to the MFTHOST2 machine.

For more information about the options on this screen, see Assign Servers to Machines in Creating WebLogic Domains Using the Configuration Wizard.

Task 22   Creating Virtual Targets

Click Next to continue.

Task 23   Creating Partitions

Click Next to continue.

Task 24   Configuring the JMS File Store

When you configure a domain using the Oracle WSM Policy Manager configuration template, you should select the proper location of the Metadata Services (MDS) JMS File Store, especially when you are configuring an enterprise deployment.

Enter the following location in the Directory column of the JMS File Store screen:

ORACLE_RUNTIME/domain_name/cluster_name

Replace ORACLE_RUNTIME with the actual value of the variable, as defined in File System and Directory Variables Used in This Guide.

Replace domain_name with the name of the domain you are creating.

Replace cluster_name with the name of the cluster you have configured for this domain.

Task 25   Reviewing Your Configuration Specifications and Configuring the Domain

The Configuration Summary screen contains the detailed configuration information for the domain you are about to create. Review the details of each item on the screen and verify that the information is correct.

You can go back to any previous screen if you need to make any changes, either by using the Back button or by selecting the screen in the navigation pane.

Domain creation will not begin until you click Create.

For more information about the options on this screen, see Configuration Summary in Creating WebLogic Domains Using the Configuration Wizard.

Task 26   Writing Down Your Domain Home and Administration Server URL

The Configuration Success screen will show the following items about the domain you just configured:

  • Domain Location

  • Administration Server URL

You must make a note of both items as you will need them later; the domain location is needed to access the scripts used to start the Administration Server.

Click Finish to dismiss the Configuration Wizard.

20.8 Configuring Node Manager for the Managed File Transfer Domain

The Managed File Transfer domain uses a per host Node Manager, which allows the Node Manager to control multiple domains on the same host.

If you are configuring Node Manager for the first time on MFTHOST1, then follow the steps described in Configuring a Per Host Node Manager for an Enterprise Deployment. Note that the domain name and directories must match the values for the Managed File Transfer domain.

If you have already configured a per host Node Manager on MFTHOST1, then you can add the new domain to the existing Node Manager configuration:

  1. Change directory to the per host Node Manager home directory on MFTHOST1:
    cd NM_HOME
  2. Open the nodemanager.domains file with a text editor.
  3. Add the path to the both the Administration Server domain home and the Managed Server domain home to the nodemanager.domains file.

    Separate the domain paths with a semicolon. For example:

    mftedg_domain=/u02/oracle/config/domains/mftedg_domain;/u01/oracle/config/domains/mftedg_domain
  4. Perform steps 1 to 2 on MFTHOST2 and add the following domain home paths in the nodemanager.domains file:
    mftedg_domain=/u02/oracle/config/domains/mftedg_domain
  5. Start the per host Node Manager.
(Optional) Enter the result of the procedure here.

20.9 Creating the boot.properties File

You must create a boot.properties if you want start the Node Manager without being prompted for the Node Manager credentials. This step is required in an enterprise deployment. The credentials you enter in this file are encrypted when you start the Administration Server.

To create a boot.properties file for the Administration Server:

  1. Create the following directory structure:
    mkdir -p ASERVER_HOME/servers/AdminServer/security
    
  2. In a text editor, create a file called boot.properties in the security directory created in the previous step, and enter the Administration Server credentials that you defined when you ran the Configuration Wizard to create the domain:
    username=adminuser
    password=password
    

    Note:

    When you start the Administration Server, the username and password entries in the file get encrypted.

    For security reasons, minimize the amount of time the entries in the file are left unencrypted; after you edit the file, you should start the server as soon as possible so that the entries get encrypted.

  3. Save the file and close the editor.

20.10 Starting the Node Manager on MFTHOST1

After you manually set up the Node Manager to use a per-host Node Manager configuration, you can start the Node Manager on MFTHOST1, using the startNodeManager.sh script.

To start the Node Manager on MFTHOST1:
  1. Change directory to the Node Manager home directory:
    cd NM_HOME
    
  2. Run the following command to start the Node Manager and send the output of the command to an output file, rather than to the current terminal shell:
    nohup ./startNodeManager.sh > ./nodemanager.out 2>&1 &
    
  3. Monitor the the nodemanager.out file; make sure the NodeManager starts successfully. The output should eventually contain a string similar to the following:
    <INFO><Plain socket listener started on port 5556>

20.11 Configuring the Node Manager Credentials and Type

By default, a per-host Node Manager configuration does not use Secure Socket Layer (SSL) for Node Manager-to-server communications. As a result, you must configure each machine in the domain to use a communication type of “plain,” rather than SSL. In addition, you should set the Node Manager credentials so you can connect to the Administration Server and Managed Servers in the domain.

The following procedure temporarily starts the Administration Server with the default start script, so you can perform these tasks. After you perform these tasks, you can stop this temporary session and use the Node Manager to start the Administration Server.

  1. Start the Administration Server, using the default start script:
    1. Change directory to the following directory:
      cd ASERVER_HOME/bin
      
    2. Run the start script:
      ./startWebLogic.sh
      

      Watch the output to the terminal, until you see the following:

      <Server state changed to RUNNING>
      
  2. Log in to the WebLogic Server Administration Console, using the WebLogic administrator user and password.
  3. Configure the Node Manager type:

    Note:

    Be sure to perform this task for each WebLogic Server machine in the domain.

    1. Click Lock & Edit.
    2. In the Domain Structure navigation tree, expand Domain, and then Environment.
    3. Click Machines.
    4. Click the link for the ADMINHOST machine.
    5. Click the Node Manager tab.
    6. Change the Type property from SSL to Plain.
    7. Click Save.
    8. Repeat this task for each machine in the domain.
    9. Click Activate Changes.
  4. Set the Node Manager credentials:
    1. Click Lock & Edit.
    2. In the Domain Structure navigation pane, click the name of the domain.
    3. Select the Security tab.
      The Security > General tab should be selected.
    4. Scroll down and expand the Advanced security options.
    5. Make a note of the user name in the NodeManager Username field.
      Optionally, you can edit the value to create a new Node Manager user name.
    6. Enter a new password in the NodeManager Password and Confirm NodeManager Password fields
    7. Click Save and then Activate Changes.
  5. Restart Node Manager.
  6. In a new terminal window, use the following steps to refresh the SystemSerialized.dat file. Without this step, you won’t be able to connect to the Node Manager and use it to start the servers in domain:
    1. Change directory to the
      cd ORACLE_COMMON_HOME/common/bin
    2. Start the WebLogic Server Scripting Tool (WLST):
      ./wlst.sh
    3. Connect to the Administration Server, using the following WLST command:
      connect('admin_user','admin_password','admin_url')

      For example:

      connect('weblogic','mypassword','t3://ADMINVHN:7001')

    4. Use the nmEnroll command to enables the Node Manager to manage servers in a specified WebLogic domain.
      nmEnroll('ASERVER_HOME')

      For example:

      nmEnroll('/u01/oracle/config/domains/mftedg_domain')

  7. Optionally, if you want to customize any startup properties for the Administration Server, you can use the following WLST command to create a startup.properties file for the Administration Server:
    nmGenBootStartupProps('AdminServer')

    The startup.properties file is created in the following directory:

    ASERVER_HOME/servers/AdminServer/data/nodemanager/
    
  8. Return to the terminal window where you started the Administration Server with the start script.
  9. Press Ctrl/C to stop the Administration Server process.

    Wait for the Administration Server process to end and for the terminal command prompt to appear.

20.12 Configuring the Domain Directories and Starting the Servers on MFTHOST1

After the domain is created and the node manager is configured, you can then configure the additional domain directories and start the Administration Server and the Managed Servers on MFTHOST1.

20.12.1 Starting the Administration Server Using the Node Manager

After you have configured the domain and configured the Node Manager, you can start the Administration Server, using the Node Manager. In an enterprise Deployment, the Node Manager is used to start and stop the Administration Server and all the Managed Servers in the domain.

To start the Administration Server using the Node Manager:

  1. Start the WebLogic Scripting Tool (WLST):
    cd ORACLE_COMMON_HOME/common/bin
    ./wlst.sh
    
  2. Connect to Node Manager using the Node Manager credentials:
    wls:/offline>nmConnect('nodemanager_username','nodemanager_password',
                'ADMINVHN','5556','domain_name',
                'ASERVER_HOME','PLAIN')
    

    Note:

    This user name and password are used only to authenticate connections between Node Manager and clients. They are independent of the server administrator ID and password and are stored in the nm_password.properties file located in the following directory:

    ASERVER_HOME/config/nodemanager
    
  3. Start the Administration Server:
    nmStart('AdminServer')
    

    Note:

    When you start the Administration Server, it attempts to connect to Oracle Web Services Manager for WebServices policies. It is expected that, since the WSM-PM Managed Servers are not yet started, the following message will appear in the Administration Server log:

    <Warning><oracle.wsm.resources.policymanager>
    <WSM-02141><Unable to connect to the policy access service due to Oracle WSM policy manager host server being down.>
    
  4. Exit WLST:
    exit()
    

20.12.2 Validating the Administration Server

Before proceeding with the configuration steps, validate that the Administration Server has started successfully by making sure you have access to the Oracle WebLogic Server Administration Console and Oracle Enterprise Manager Fusion Middleware Control, which both are installed and configured on the Administration Servers.

To navigate to Fusion Middleware Control, enter the following URL, and log in with the Oracle WebLogic Server administrator credentials:

ADMINVHN:7001/em

To navigate to the Oracle WebLogic Server Administration Console, enter the following URL, and log in with the same administration credentials:

ADMINVHN:7001/console

20.12.3 Disabling the Derby Database

Before you create the Managed Server directory and start the Managed Servers, disable the embedded Derby database, which is a file-based database, packaged with Oracle WebLogic Server. The Derby database is used primarily for development environments. As a result, you must disable it when you are configuring a production-ready enterprise deployment environment; otherwise, the Derby database process will start automatically when you start the Managed Servers.
To disable the Derby database:
  1. Navigate to the following directory in the Oracle home.
    WL_HOME/common/derby/lib
  2. Rename the Derber library jar file:
    mv derby.jar disable_derby.jar
  3. Complete steps 1 through 2 on each ORACLE_HOME for MFTHOST1 and MFTHOST2 if they use separate shared file systems.

20.12.4 Creating a Separate Domain Directory for Managed Servers on MFTHOST1

When you initially create the domain for enterprise deployment, the domain directory resides on a shared disk. This default domain directory will be used to run the Administration Server. You can now create a copy of the domain on the local storage for both MFTHOST1 and MFTHOST2. The domain directory on the local (or private) storage will be used to run the Managed Servers.

Placing the MSERVER_HOME on local storage is recommended to eliminate the potential contention and overhead cause by servers writing logs to shared storage. It is also faster to load classes and jars need from the domain directory, so any tmp or cache data that Managed Servers use from the domain directory is processed quicker.

As described in Preparing the File System for an Enterprise Deployment, the path to the Administration Server domain home is represented by the ASERVER_HOME variable, and the path to the Managed Server domain home is represented by the MSERVER_HOME variable.

To create the Managed Server domain directory:

  1. Log in to MFTHOST1 and run the pack command to create a template as follows:
    cd ORACLE_COMMON_HOME/common/bin
     
    ./pack.sh -managed=true 
              -domain=ASERVER_HOME 
              -template=complete_path/mftdomaintemplate.jar 
              -template_name=soa_domain_template
    

    In this example:

    • Replace ASERVER_HOME with the actual path to the domain directory you created on the shared storage device.

    • Replace complete_path with the complete path to the location where you want to create the domain template jar file. You will need to reference this location when you copy or unpack the domain template jar file.

    • mftdomaintemplate is a sample name for the jar file you are creating, which will contain the domain configuration files.

    • mft_domain_template is the name assigned to the domain template file.

  2. Make a note of the location of the template jar file you created with the pack command.

    You must specify a full path for the template jar file as part of the -template argument to the pack command:

    ORACLE_COMMON_HOME/common/bin/
    

    Tip:

    For more information about the pack and unpack commands, see Overview of the Pack and Unpack Commands in Creating Templates and Domains Using the Pack and Unpack Commands.

  3. If you haven't already, create the recommended directory structure for the Managed Server domain on the MFTHOST1 local storage device.
  4. Run the unpack command to unpack the template in the domain directory onto the local storage, as follows:
    cd ORACLE_COMMON_HOME/common/bin
    
    ./unpack.sh -domain=MSERVER_HOME \
                -overwrite_domain=true \
                -template=complete_path/mftdomaintemplate.jar \ 
                -log_priority=DEBUG \
                -log=/tmp/unpack.log \
                -app_dir=APPLICATION_HOME \
    

    Note:

    The -overwrite_domain option in the unpack command allows unpacking a managed server template into an existing domain and existing applications directories. For any file that is overwritten, a backup copy of the original is created. If any modifications had been applied to the start scripts and ear files in the managed server domain directory, they must be restored after this unpack operation.

    Additionally, to customize server startup parameters that apply to all servers in a domain, you can create a file called setUserOverrides.sh and configure it to, for example, add custom libraries to the WebLogic Server classpath, specify additional java command line options for running the servers, or specify additional environment variables. Any customizations you add to this file are preserved during domain upgrade operations, and are carried over to remote servers when using the pack and unpack commands.

    In this example:

    • Replace MSERVER_HOME with the complete path to the domain home to be created on the local storage disk. This is the location where the copy of the domain will be unpacked.

    • Replace complete_path with the complete path to the location where you created or copied the template jar file.

    • mftdomaintemplate.jar is the name of the template jar file you created when you ran the pack command to pack up the domain on the shared storage device.

    Tip:

    For more information about the pack and unpack commands, see Overview of the Pack and Unpack Commands in Creating Templates and Domains Using the Pack and Unpack Commands.

  5. Change directory to the newly created Managed Server directory and verify that the domain configuration files were copied to the correct location on the MFTHOST1 local storage device.

20.12.5 Starting and Validating the WLS_MFT1 Managed Server on MFTHOST1

After you have configured Node Manager and created the Managed Server domain directory, you can use Oracle Enterprise Manager Fusion Middleware Control to start the WLS_MFT1 Managed Server on MFTHOST1.

  1. Enter the following URL into a browser to display the Fusion Middleware Control login screen:
    http://ADMINVHN:7001/em
    

    In this example:

  2. Log in to Fusion Middleware Control using the Administration Server credentials.
  3. Select the Servers pane to view the Managed Servers in the domain.
  4. Select only the WLS_MFT1 Managed Server, and then click Control > Start on the tool bar.
  5. To verify that the Managed Server is working correctly, open your browser and enter the following URLs:
         MFTHOST1:7500/wsm-pm/
            MFTHOST1:7500/mftconsole/
    

    Enter the domain admin user name and password when prompted.

20.13 Propagating the Domain and Starting the Servers on MFTHOST2

After you start and validate the Administration Server and WLS_MFT1 Managed Server on MFTHOST1, you can then perform the following tasks on MFTHOST2.

20.13.1 Unpacking the Domain Configuration on MFTHOST2

Now that you have the Administration Server and the first WLS_WSM1 Managed Server running on MFTHOST1, you can configure the domain on MFTHOST2.

  1. Log in to MFTHOST2.
  2. If you haven't already, create the recommended directory structure for the Managed Server domain on the MFTHOST2 storage device.
  3. Make sure the mftedgdomaintemplate.jar accessible to MFTHOST2.
    For example, if you are using a separate shared storage volume or partition for MFTHOST2, then copy the template to the volume or partition mounted to MFTHOST2.
  4. Run the unpack command to unpack the template in the domain directory onto the local storage, as follows:
    cd ORACLE_COMMON_HOME/common/bin
    
    ./unpack.sh -domain=MSERVER_HOME
                -overwrite_domain=true
                -template=/full_path/mftedgdomaintemplate.jar 
                -log_priority=DEBUG
                -log=/tmp/unpack.log
                -app_dir=APPLICATION_HOME
    

    In this example:

    • Replace MSERVER_HOME with the complete path to the domain home to be created on the local storage disk. This is the location where the copy of the domain will be unpacked.

    • Replace full_path with the complete path and file name of the domain template jar file that you created when you ran the pack command to pack up the domain on the shared storage device.

    • Replace APPLICATION_HOME with the complete path to the Application directory for the domain on shared storage. For more information, see File System and Directory Variables Used in This Guide.

    Tip:

    For more information about the pack and unpack commands, see Overview of the Pack and Unpack Commands in Creating Templates and Domains Using the Pack and Unpack Commands.

  5. Change directory to the newly created MSERVER_HOME directory and verify that the domain configuration files were copied to the correct location on the MFTHOST2 local storage device.

20.13.2 Starting the Node Manager on MFTHOST2

After you manually set up the Node Manager to use a per host Node Manager configuration, you can start the Node Manager using the following commands on MFTHOST2:
  1. Change directory to the Node Manager home directory:
    cd NM_HOME
    
  2. Run the following command to start the Node Manager and send the output of the command to an output file, rather than to the current terminal shell:
    nohup ./startNodeManager.sh > nodemanager.out 2>&1 &
    

20.13.3 Starting and Validating the WLS_MFT2 Managed Server on MFTHOST2

Use the procedure that is explained in Starting and Validating the WLS_MFT1 Managed Server on MFTHOST1 to start and validate the WLS_MFT2 Managed Server on MFTHOST2.

20.14 Modifying the Upload and Stage Directories to an Absolute Path

After configuring the domain and unpacking it to the Managed Server domain directories on all the hosts, verify and update the upload and stage directories for the new Managed Servers.

This step is necessary to avoid potential issues when performing remote deployments and for deployments that require the stage mode.

To update these directory paths for all the Managed Servers in the Managed Server domain home directory:

  1. Log in to the Oracle WebLogic Server Administration Console.

  2. In the left navigation tree, expand Domain, and then Environment.

  3. Click Lock & Edit.

  4. Click Servers.

  5. For each new Managed Server in the Managed Server domain home directory:

    1. Click the name of the Managed Server.

    2. Click the Configuration tab, and then click the Deployment tab.

    3. Verify that the Staging Directory Name is set to the following:

      MSERVER_HOME/servers/server_name/stage
      

      Replace MSERVER_HOME with the directory path for the MSERVER_HOME directory; replace server_name with the name of the Server you are editing.

    4. Update the Upload Directory Name to the following value:

      ASERVER_HOME/servers/AdminServer/upload
      

      Replace ASERVER_HOME with the directory path for the ASERVER_HOME directory.

    5. Click Save.

    6. Return to the Summary of Servers screen.

  6. When you have modified these values for each Managed Server, click Activate Changes.

  7. Restart all Managed Servers.

20.15 Configuring and Enabling the SSH-FTP Service for Managed File Transfer

The Oracle Managed File Transfer enterprise deployment topology is based on the Secure File Transfer Protocol (SFTP) for file transfer. SFTP is a separate protocol, packaged with SSH and designed to work like FTP, but over a secure connection.

SFTP allows you to limit the number of ports used for file transfer connections. It is preferable to FTP because of its underlying security features and ability to use a standard SSH connection.

20.15.1 Configuring the SFTP Ports

Before you can use the Secure File Transfer Protocol (SFTP) for Oracle Managed File Transfer, you must configure the SFTP Ports.

  1. Connect to the Managed File Transfer console, using the domain admin user name and password:
    mft.example.com:80/mftconsole
  2. Select the Administration tab.
  3. In the left navigation pane, expand Embedded Servers.
  4. Click Ports.
  5. Enter 7501 as the Configured Port for the Managed File Transfer servers.
  6. Click Save.
  7. Click Restart to restart the service.

20.15.2 Generating the Required SSH Keys

To enable SFTP, you must generate SSH keys. This procedure needs to be done only once on one of the Managed Servers, because Managed File Transfer shares the same SFTP key for all the servers in the cluster.

Without a valid private key, SSH-FTP server will fail to start. To comply with security best practices, you should always use a password-protected private key. The password you use must match the one specified in the Managed File Transfer Console. To locate the password in the Console, select Keystores > SSH Keystores > Private Key Password.

  1. a. Run the ssh-keygen command to generate a key.

    For example:

    ssh —keygen \-t rsa \-b 2048

    ssh-keygen is a standard Unix/Linux command. Refer to your Operating System documentation for more information.

    Make a note of the location of the generated key. You will need this information later.

  2. Import the key into the Managed File Transfer keystore:
    1. Make sure the Managed File Transfer Managed Servers are up and running.
    2. Change directory to the following location:
      ORACLE_COMMON_HOME/common/bin
    3. Start the WebLogic Server Scripting Tool (WLST):
      ./wlst.sh
    4. Connect to the first Managed Server, using the following command syntax:
      connect('admin_user','admin_password','server_url')

      For example:

      connect('weblogic','mypassword','t3://MFTHOST1:7500')
    5. Run the following WLST command to import the key:
      importCSFKey('SSH', 'PRIVATE', 'alias', 'pvt_key_file_path')

      Replace alias with the a name you can use to identify the Managed Server.

      Replace pvt_key_file_path with the name and directory location of the key you generated it earlier in this procedure.

      For more information, see importCSFKey in WLST Command Reference for SOA Suite.

  3. After you successfully import the SSH key, enable SSH-FTP and select the private key alias:
    1. Connect to the Managed File Transfer console at the following URL, using the domain administration user and password:
      mft.mycompany.com:80/mftconsole
    2. In the SSH Keystore field, enter the keystore password you created earlier in this procedure.
    3. Save the changes you just made.
    4. Select the Administration tab, and in the navigation tree, expand Embedded Servers.
    5. On the SSH-FTP tab, select Enabled.
    6. Select the private key alias you created earlier in this procedure from the Host Key Alias drop-down menu.
    7. Save your changes.
    8. Click Start to start the SSH-FTP service.
  4. Use any standard SFTP client application to verify that you can use SFTP to access the Managed File Transfer servers.

20.15.3 Additional SFTP Configuration Steps for Managed File Transfer

There are several additional configuration steps that you should perform when you are using SFTP with Managed File Transfer.

  1. Connect to the Managed File Transfer console at the following URL:
    mft.example.com:80/mftconsole
  2. Select Administration, and then in the navigation tree, select Server Properties.
  3. Update the High Availability Properties:
    1. Update the payload and callout directories so they point to a shared storage location that can be accessed by the different servers in the cluster.

      For example:

      ORACLE_RUNTIME/mftedg_domain/MFT_Cluster/storage

      ORACLE_RUNTIME/mftedg_domain/MFT_Cluster/callouts

    2. Set the Control Directory to a shared location.

      For example:

      ORACLE_RUNTIME/mftedg_domain/MFT_Cluster/control_dir

      The Control Directory is the directory path that the Managed File Transfer File and FTP adapters use to handle high availability use cases. This field is required if the MFT is running in HA environment. You must set it to a shared location if multiple Oracle WebLogic Server instances run in a cluster.
    3. If the Control Directory is not provided, then you must verify the values of the Inbound Datasource and Outbound Datasource fields.

      The default (and valid) value for Inbound Datasource is jdbc/MFTLocalTxDataSource.

      The default (and valid) value for Outbound Datasource is jdbc/MFTDataSource.

    4. Save the changes you made so far.
    5. In the Navigation tree, expand Advanced Delivery Properties .

      The Advanced Delivery Properties capture the Internal Address and External Address (IP addresses) and the FTP, FTPS, and SFTP ports that the load balancer uses.

      Use these settings when Oracle Managed File Transfer sends a payload as an FTP or SFTP reference. If the values are set, they are used to construct the FTP reference (FTP/SFTP host address and ports).

      If Managed File Transfer is running behind internal and external proxies, then the Internal and External IP addresses are required.

      • Internal Address: Leave this field blank, unless you are using an internal load balancer for SFTP. The default enterprise deployment uses an external load balancer, but not an internal load balancer.

      • External Address: Enter the address that will be used as the entry point for your SFT requests through the external load balancer.

        For example, enter sftp.example.com as the address and 7503 as SFTP port.

        sftp.mycompany.com

    6. Save the changes you made and exit the console.
  4. Restart the WLS_MFT Managed servers.
  5. Use any standard SFTP client application to verify that you can use SFTP to access the Managed File Transfer servers.

20.16 Configuring Oracle Traffic Director for Managed File Transfer

Oracle Traffic Director can be used as an alternative to Oracle HTTP Server on the Web tier. Like Oracle HTTP Server, it can route HTTP requests from the front-end load balancer to the application-tier WebLogic Managed Servers. However, only Oracle Traffic Director provides TCP load balancing and failover. As a result, Oracle Traffic Director is required by Oracle Managed File Transfer, which requires TCP for the routing of secure FTP requests.

For complete instructions on configuring Oracle Traffic Director, see Extending the Domain with Oracle Traffic Director.

20.17 Creating a New LDAP Authenticator and Provisioning Users for Managed File Transfer

When you configure an Oracle Fusion Middleware domain, the domain is configured by default to use the WebLogic Server authentication provider (DefaultAuthenticator). However, for an enterprise deployment, Oracle recommends that you use a dedicated, centralized LDAP-compliant authentication provider.

This procedure is required for each new Oracle Fusion Middleware domain. For an Oracle Managed File Transfer domain, you can perform this task as follows:
  1. Review Creating a New LDAP Authenticator and Provisioning Enterprise Deployment Users and Group to understand the required concepts and to create the new LDAP Authenticator.
  2. When you provision the users and groups, use the following user and group names for Managed File Transfer administration authentication:
    Administrative user: weblogic_mft
    Administrative group: MFT Administrators
  3. Assign product-specific administration role to the group by logging in to Oracle Enterprise Manager Fusion Middleware Control.

20.18 Enabling Automatic Service Migration and JDBC Persistent Stores for Managed File Transfer

To ensure that your software is configured for high availability, configure the Oracle Managed File Transfer Managed Servers for automatic service migration.

For more information on enabling server migration, see Configuring Automatic Service Migration in an Enterprise Deployment.

For additional high availability, you can also configure your transaction logs store and JMS store in a database. For more information, see Using JDBC Persistent Stores for TLOGs and JMS in an Enterprise Deployment.