4 Configuring Oracle Internet Directory Domain

After you have installed Oracle Internet Directory, you can configure the domain, which you can also extend for high availability.

The configuration steps presented here assume that you have completed the installation steps covered in:

Refer to the following sections to create the database schemas, configure a WebLogic domain, and verify the configuration:

Creating the Database Schemas

Before you can configure an Oracle Internet Directory domain, you must install required schemas on a certified database for use with this release of Oracle Fusion Middleware.

Installing and Configuring a Certified Database

Before you create the database schemas, you must install and configure a certified database, and verify that the database is up and running.

Note:

For an Autonomous Transaction Processing database (both Oracle Autonomous Transaction Processing-Dedicated (ATP-D) and Oracle Autonomous Transaction Processing-Shared (ATP-S)), you must modify the wallet settings and set the environment variables, and apply patches on ORACLE HOME. For more information, see Settings to connect to Autonomous Transaction Processing Database for Oracle Internet Directory and Applying Patches on ORACLE HOME.

See About Database Requirements for an Oracle Fusion Middleware Installation.

Starting the Repository Creation Utility

Start the Repository Creation Utility (RCU) after you verify that a certified JDK is installed on your system.

To start the RCU:

  1. Verify that a certified JDK already exists on your system by running java -version from the command line. For 12c (12.2.1.4.0), the certified JDK is 1.8.0_211 and later.
  2. Ensure that the JAVA_HOME environment variable is set to the location of the certified JDK. For example:
    • (UNIX) setenv JAVA_HOME /home/Oracle/Java/jdk1.8.0_211
    • (Windows) set JAVA_HOME=C:\home\Oracle\Java\jdk1.8.0_211
  3. Change to the following directory:
    • (UNIX) ORACLE_HOME/oracle_common/bin
    • (Windows) ORACLE_HOME\oracle_common\bin
  4. Enter the following command:
    • (UNIX) ./rcu
    • (Windows) rcu.bat

Navigating the Repository Creation Utility Screens to Create Schemas

Enter required information in the RCU screens to create the database schemas.

Introducing the RCU

The Welcome screen is the first screen that appears when you start the RCU.

Click Next.

Selecting a Method of Schema Creation

Use the Create Repository screen to select a method to create and load component schemas into the database.

On the Create Repository screen, select System Load and Product Load. This procedure assumes that you have the necessary permissions and privileges to perform DBA activities on your database, that is the SYSDBA privileges.

Note:

For an Autonomous Transaction Processing database (both Oracle Autonomous Transaction Processing-Dedicated (ATP-D) and Oracle Autonomous Transaction Processing-Shared (ATP-S)), you must create schemas as a Normal user, and though, you do not have full SYS or SYSDBA privileges on the database, you must select System Load and Product Load.

Providing Database Connection Details

On the Database Connection Details screen, provide the database connection details for the RCU to connect to your database.

If you are unsure of the service name for your database, you can obtain it from the SERVICE_NAMES parameter in the initialization parameter file of the database. If the initialization parameter file does not contain the SERVICE_NAMES parameter, then the service name is the same as the global database name, which is specified in the DB_NAME and DB_DOMAIN parameters.

For an Oracle Autonomous Transaction Processing-Shared (ATP-S) database, you must use only one of the database service names, <databasename>_tpurgent or <databasename>_tp, specified in tnsnames.ora. For database service name details, see Database Service Names for Autonomous Transaction Processing and Autonomous JSON Database

To create schemas on an Autonomous Transaction Processing database (both Oracle Autonomous Transaction Processing-Dedicated (ATP-D) and Oracle Autonomous Transaction Processing-Shared (ATP-S)), you can specify the connection credentials using only the Connection String option. In this screen, a warning message is displayed. You can ignore the warning and continue with the schema creation. For more information, see SYS DBA Privileges Warning After Applying Patches.

To provide the database connection details:

  1. On the Database Connection Details screen, provide the database connection details.

    For example:

    • Database Type: Oracle Database
    • Connection String Format: Connection Parameters or Connection String
    • Connection String: examplehost.exampledomain.com:1521:Orcl.exampledomain.com
    • Host Name: examplehost.exampledomain.com
    • Port: 1521
    • Service Name: Orcl.exampledomain.com
    • User Name: sys
    • Password: ******
    • Role: SYSDBA

    For an Autonomous Transaction Processing database (both Oracle Autonomous Transaction Processing-Dedicated (ATP-D) and Oracle Autonomous Transaction Processing-Shared (ATP-S)), use the connect string specified in tnsnames.ora that is present in /<$ORACLE_HOME>/network/admin, which is the location of the wallet files, for your service name or TNS_alias.

    Example connect string for Oracle Autonomous Transaction Processing-Dedicated (ATP-D) database:

    (DESCRIPTION=(CONNECT_TIMEOUT=120)(RETRY_COUNT=20)(RETRY_DELAY=3)
    (TRANSPORT_CONNECT_TIMEOUT=3)(ADDRESS_LIST=(LOAD_BALANCE=on)
    (ADDRESS=(PROTOCOL=<protocol_name>)(HOST=<host_name>)(PORT=<port_number>)))
    (CONNECT_DATA=(SERVICE_NAME=<service_name>.atp.oraclecloud.com)))

    Example connect string for Oracle Autonomous Transaction Processing-Shared (ATP-S) database:

    (DESCRIPTION=(CONNECT_TIMEOUT=120)=(RETRY_COUNT=20)(RETRY_DELAY=3)(ADDRESS=(PROTOCOL=<protocol_name>)
    (PORT=<port_number>)(HOST=<host_name>))(CONNECT_DATA=(SERVICE_NAME=<service_name>.adb.oraclecloud.com))
    (security=(ssl_server_cert_dn="CN=example.com, 
    OU=<organizational_unit>, O=<organization>, L=<city>, ST=<state>, C=<country>")))

    Note:

    In this example for Oracle Autonomous Transaction Processing-Shared (ATP-S), you must use only one of the database service names, <databasename>_tpurgent or <databasename>_tp, specified in tnsnames.ora. For database service name details, see Database Service Names for Autonomous Transaction Processing and Autonomous JSON Database.
  2. Click Next to proceed, then click OK in the dialog window that confirms a successful database connection.
Specifying a Custom Prefix and Selecting Schemas

Select Create new prefix, specify a custom prefix, then select the Oracle Internet Directory schema. This action automatically selects the following schemas as dependencies:

Note:

Oracle Internet Directory (ODS) schema does not need a prefix. The prefix is required for the other schemas selected during the schema creation process.

You can load only one Oracle Internet Directory (ODS) schema per Database.

If you are configuring Oracle Internet Directory in a standalone mode, the following dependant schema is selected:
  • Common Infrastructure Service (STB)

If you are configuring Oracle Internet Directory in a collocated mode, the following dependant schemas are selected:

  • Oracle Platform Security Services (OPSS)

  • Audit Services (IAU)

  • Audit Services Append (IAU_Append)

  • Audit Services Viewer (IAU_Viewer)

  • WebLogic Services (WLS)

  • Common Infrastructure Service (STB)

The schema Common Infrastructure Services is automatically created. This schema is dimmed; you cannot select or deselect it. This schema enables you to retrieve information from RCU during domain configuration. For more information, see Understanding the Service Table Schema in Oracle Fusion Middleware Creating Schemas with the Repository Creation Utility.

The custom prefix is used to logically group these schemas together for use in this domain only; you must create a unique set of schemas for each domain. Schema sharing across domains is not supported.

Tip:

For more information about custom prefixes, see Understanding Custom Prefixes in Oracle Fusion Middleware Creating Schemas with the Repository Creation Utility.

For more information about how to organize your schemas in a multi-domain environment, see Planning Your Schema Creation in Oracle Fusion Middleware Creating Schemas with the Repository Creation Utility.

Tip:

You must make a note of the custom prefix you choose to enter here; you will need this later on during the domain creation process.

Click Next to proceed, then click OK on the dialog window confirming that prerequisite checking for schema creation was successful.

Specifying Schema Passwords

On the Schema Passwords screen, specify how you want to set the schema passwords on your database, then enter and confirm your passwords.

Note:

For an Autonomous Transaction Processing database (both Oracle Autonomous Transaction Processing-Dedicated (ATP-D) and Oracle Autonomous Transaction Processing-Shared (ATP-S)), the schema password must be minimum 12 characters, and must contain at least one uppercase, one lower case, and one number.

You must make a note of the passwords you set on this screen; you will need them later on during the domain creation process.

Click Next.

Completing Schema Creation

Navigate through the remaining RCU screens to complete schema creation.

For an Oracle Autonomous Transaction Processing-Shared (ATP-S) database, in the Map Tablespaces screen you must override the default tablespaces and the temporary tablespaces, and also override the additional tablespaces, if applicable. See Map Tablespaces.

When you reach the Completion Summary screen, click Close to dismiss the RCU.

Note:

If you encounter any issues when you create schemas on an Autonomous Transaction Processing database (both Oracle Autonomous Transaction Processing-Dedicated (ATP-D) and Oracle Autonomous Transaction Processing-Shared (ATP-S)), see Troubleshooting Tips for Schema Creation on an Autonomous Transaction Processing Database in Creating Schemas with the Repository Creation Utility and Issues Related to Product Installation and Configuration on an Autonomous Database in Release Notes for Oracle Fusion Middleware Infrastructure.

Configuring the Domain

Use the Configuration Wizard to create and configure a domain.

For information on other methods to create domains, see Additional Tools for Creating, Extending, and Managing WebLogic Domains in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Starting the Configuration Wizard

Start the Configuration Wizard to begin configuring a domain.

Note:

For an Oracle Autonomous Transaction Processing-Shared (ATP-S) database, before you start the Configuration Wizard, you must set the TNS_ADMIN property using the following command:

export TNS_ADMIN=/<$ORACLE_HOME>/network/admin.

You must change $ORACLE_HOME to your Oracle Home location. For example: export TNS_ADMIN=/users/test/network/admin

Where, /users/test/ is the Oracle Home location.

To start the Configuration Wizard:

  1. Change to the following directory:

    (UNIX) ORACLE_HOME/oracle_common/common/bin

    (Windows) ORACLE_HOME\oracle_common\common\bin

    where ORACLE_HOME is your 12c (12.2.1.4.0) Oracle home.

  2. Enter the following command:

    (UNIX) ./config.sh

    (Windows) config.cmd

Navigating the Configuration Wizard Screens to Create and Configure the Domain

Enter required information in the Configuration Wizard screens to create and configure the domain for the topology.

Note:

You can use this procedure to extend an existing domain. If your needs do not match the instructions in the procedure, be sure to make your selections accordingly, or see the supporting documentation for more details.

Selecting the Domain Type and Domain Home Location

Use the Configuration Type screen to select a Domain home directory location, optimally outside the Oracle home directory.

Oracle recommends that you locate your Domain home in accordance with the directory structure in What Are the Key Oracle Fusion Middleware Directories? in Oracle Fusion Middleware Understanding Oracle Fusion Middleware, where the Domain home is located outside the Oracle home directory. This directory structure helps avoid issues when you need to upgrade or reinstall software.

To specify the Domain type and Domain home directory:

  1. On the Configuration Type screen, select Create a new domain.
  2. In the Domain Location field, specify your Domain home directory.

For more details about this screen, see Configuration Type in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Selecting the Configuration Templates for Oracle Internet Directory

On the Templates screen, make sure Create Domain Using Product Templates is selected, then select the following templates:

For standalone mode, select the following template:
  • Oracle Internet Directory (Standalone) - [oid]

For collocated mode, select the following templates:

  • Oracle Internet Directory (Collocated) - [oid]

    Selecting this template automatically selects the following as dependencies:

    • Oracle Directory Services Manager - [oid]

    • Oracle JRF - [oracle_common]

    • WebLogic Coherence Cluster Extension - [wlserver]

    • Oracle Enterprise Manager - [em]

  • Oracle Directory Integration Platform - [dip]

    Optional. Select this template if you're using OID and ODIP in the same domain.

Tip:

More information about the options on this screen can be found in Templates in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Configuring the Administrator Account

Use the Administrator Account screen to specify the user name and password for the default WebLogic Administrator account for the domain.

Oracle recommends that you make a note of the user name and password that you enter on this screen; you need these credentials later to boot and connect to the domain's Administration Server.

Specifying the Domain Mode and JDK

Use the Domain Mode and JDK screen to specify the domain mode and Java Development Kit (JDK).

On the Domain Mode and JDK screen:

  • Select Production in the Domain Mode field.

  • Select the Oracle HotSpot JDK in the JDK field.

For more information about this screen, see Domain Mode and JDK in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.
Specifying the Database Configuration Type

Use the Database Configuration type screen to specify details about the database and database schema.

On the Database Configuration type screen, select RCU Data. This option instructs the Configuration Wizard to connect to the database and Service Table (STB) schema to automatically retrieve schema information for schemas needed to configure the domain.

Note:

If you select Manual Configuration on this screen, you must manually fill in parameters for your schema on the next screen.

For an Autonomous Transaction Processing database (both Oracle Autonomous Transaction Processing-Dedicated (ATP-D) and Oracle Autonomous Transaction Processing-Shared (ATP-S)), you must select only the RCU Data option.

After selecting RCU Data, specify details in the following fields:

Field Description

DBMS/Service

Enter the database DBMS name, or service name if you selected a service type driver.

Example: orcl.exampledomain.com

Host Name

Enter the name of the server hosting the database.

Example: examplehost.exampledomain.com

Port

Enter the port number on which the database listens.

Example: 1521

Schema Owner

Schema Password

Enter the username and password for connecting to the database's Service Table schema. This is the schema username and password entered for the Service Table component on the Schema Passwords screen in the RCU (see Specifying Schema Passwords).

The default username is prefix_STB, where prefix is the custom prefix that you defined in the RCU.

For an Autonomous Transaction Processing database (both Oracle Autonomous Transaction Processing-Dedicated (ATP-D) and Oracle Autonomous Transaction Processing-Shared (ATP-S)), specify the connection credentials using only the Connection URL String option and enter the connect string in the following format:

jdbc:oracle:thin:@TNS_alias?TNS_ADMIN=/<$ORACLE_HOME>/network/admin

In the connect string, you must pass TNS_alias as the database name found in tnsnames.ora, and TNS_ADMIN property to <$ORACLE_HOME>/network/admin, which is the location of the wallet files, ojdbc.properties, and tnsnames.ora.

Example connect string for Oracle Autonomous Transaction Processing-Dedicated (ATP-D) database :

jdbc:oracle:thin:@dbname_medium?TNS_ADMIN=/users/test/network/admin

Example connect string for Oracle Autonomous Transaction Processing-Shared (ATP-S) database:

jdbc:oracle:thin:@dbname_tp?TNS_ADMIN=/users/test/network/admin

Click Get RCU Configuration when you finish specifying the database connection information. The following output in the Connection Result Log indicates that the operation succeeded:

Connecting to the database server...OK
Retrieving schema data from database server...OK
Binding local schema components with retrieved data...OK

Successfully Done.

For more information about the schema installed when the RCU is run, see About the Service Table Schema in Oracle Fusion Middleware Creating Schemas with the Repository Creation Utility.

See Database Configuration Type in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard .

Specifying JDBC Component Schema Information

Use the JDBC Component Schema screen to verify or specify details about the database schemas.

Verify that the values populated on the JDBC Component Schema screen are correct for all schemas. If you selected RCU Data on the previous screen, the schema table should already be populated appropriately.

Note:

If you selected standalone mode, you must use the Datasources screen to specify details about the database schemas.

For an Autonomous Transaction Processing database (both Oracle Autonomous Transaction Processing-Dedicated (ATP-D) and Oracle Autonomous Transaction Processing-Shared (ATP-S)), specify the connection credentials using the Connection URL String option only, and enter the connect string specified in tnsnames.ora that is present in /<$ORACLE_HOME>/network/admin, which is the location of the wallet files, for your service name or TNS_alias.

Example connect string for Oracle Autonomous Transaction Processing-Dedicated (ATP-D) database:

jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=120)(RETRY_COUNT=20)(RETRY_DELAY=3)
(TRANSPORT_CONNECT_TIMEOUT=3)(ADDRESS_LIST=(LOAD_BALANCE=on)(ADDRESS=(PROTOCOL=<protocol_name>)
(HOST=<host_name>)(PORT=<port_number>)))(CONNECT_DATA=(SERVICE_NAME=<service_name>.atp.oraclecloud.com)))

Example connect string for Oracle Autonomous Transaction Processing-Shared (ATP-S) database:

jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=120)=(RETRY_COUNT=20)(RETRY_DELAY=3)(ADDRESS=(PROTOCOL=<protocol_name>)
(PORT=<port_number>)(HOST=<host_name>))(CONNECT_DATA=(SERVICE_NAME=<service_name>.adb.oraclecloud.com))
(security=(ssl_server_cert_dn="CN=example.com, 
OU=<organizational_unit>, O=<organization>, L=<city>, ST=<state>, C=<country>")))

For high availability environments, see the following sections in Oracle Fusion Middleware High Availability Guide for additional information on configuring data sources for Oracle RAC databases:

See JDBC Component Schema in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard for more details about this screen.

Testing the JDBC Connections

Use the JDBC Component Schema Test screen to test the data source connections.

A green check mark in the Status column indicates a successful test. If you encounter any issues, see the error message in the Connection Result Log section of the screen, fix the problem, then try to test the connection again.

By default, the schema password for each schema component is the password you specified while creating your schemas. If you want different passwords for different schema components, manually edit them in the previous screen (JDBC Component Schema) by entering the password you want in the Schema Password column, against each row. After specifying the passwords, select the check box corresponding to the schemas that you changed the password in and test the connection again.

For more information about this screen, see JDBC Component Schema Test in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Selecting Advanced Configuration

Use the Advanced Configuration screen to complete the domain configuration.

On the Advanced Configuration screen, select:

  • Administration Server

    Required to properly configure the listen address of the Administration Server.

  • Node Manager

    Required to configure Node Manager.

  • Topology

    Select Topology to configure machines and assign the Administration Server to a machine. Note that you cannot configure the oid system component using the Configuration Wizard. The oid instance is configured after the domain configuration. See Performing the Initial Oracle Internet Directory Setup.

Optionally, select other available options as required for your desired installation environment. The steps in this guide describe a standard installation topology, but you may choose to follow a different path. If your installation requirements extend to additional options outside the scope of this guide, you may be presented with additional screens to configure those options. For information about all Configuration Wizard screens, see Configuration Wizard Screens in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Configuring the Administration Server Listen Address

Use the Administration Server screen to select the IP address of the host.

Select the drop-down list next to Listen Address and select the IP address of the host where the Administration Server will reside, or use the system name or DNS name that maps to a single IP address. Do not use All Local Addresses.

Do not specify any server groups for the Administration Server.

Configuring Node Manager

Use the Node Manager screen to select the type of Node Manager you want to configure, along with the Node Manager credentials.

Select Per Domain Default Location as the Node Manager type, then specify Node Manager credentials.

For more information about this screen, see Node Manager in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

For more about Node Manager types, see About Node Manager in Oracle Fusion Middleware Administering Node Manager for Oracle WebLogic Server.

Configuring Managed Servers

If you do not plan to create a WebLogic managed server during installation, click Next and proceed. A WebLogic managed server is not required for OID 12c and Oracle Directory Services Manager (ODSM) gets deployed on the administration server.

Note:

If you are configuring Oracle Internet Directory and Oracle Directory Integration Platform in the same domain then you must configure the Managed Server. By default, wls_ods1 is the Managed Server for Oracle Directory Integration Platform.

If you plan to create a WebLogic managed server during installation, ensure that you associate the Server Groups to the managed server. This step deploys the ODSM/oiddms on the administration server.

Note:

Server Groups are WebLogic Server constructs that are used to organize resources such as hostname(s) being part of a 'machine'.

If you do not select any server groups for the managed server and ODSM/oiddms are deployed on the managed server, then use the Administration Server Console to remove oiddms from the managed sever and deploy them on the administration server.

Configuring a Cluster

You can skip this screen as it is not applicable to Oracle Internet Directory.

Click Next.

Tip:

For more information about this screen, see Clusters in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Defining Server Templates

Click Next and proceed, as this is not applicable to Oracle Internet Directory.

Configuring Coherence Clusters

You can skip this screen as it is not applicable to Oracle Internet Directory.

Click Next.
Creating a New Oracle Internet Directory Machine

Use the Machines screen to update the default machine listed on the screen — oidhost1. A machine is required so that Node Manager can start and stop servers.

If you plan to create a high availability environment and know the list of machines your target topology requires, you can follow the instructions in this section to create all the machines at this time. For more about scale out steps, see Optional Scale Out Procedure in Oracle Fusion Middleware High Availability Guide.

Select the default machine oidhost1 that is listed, and update the Listen Port to appropriate value based on the Node Manager listen port number.

Note:

Do not change the name of the default machine (oidhost1), as the WLST command oid_setup() run for setting up the OID instance, later during the post-configuration stage (as described in Performing the Initial Oracle Internet Directory Setup), relies on this name.

For more information about this screen, see Machines in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Assigning Servers to Oracle Internet Directory Machines

Use the Assign Servers to Machines screen to assign the Administration Server to the default machine oidhost1 that is listed.

On the Assign Servers to Machines screen:

  1. In the Machines pane, select the default machine oidhost1 that is listed.
  2. In the Servers pane, assign AdminServer to oidhost1 by doing one of the following:
    • Click once on AdminServer to select it, then click the right arrow to move it beneath the selected machine (oidhost1) in the Machines pane.

    • Double-click on AdminServer to move it beneath the selected machine (oidhost1) in the Machines pane.

Virtual Targets

You can skip this screen for Oracle Internet Directory configuration.

Click Next and proceed.

Partitions

Click Next as this is not applicable to Oracle Internet Directory.

For details about options on this screen, see Partitions in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Reviewing Your Configuration Specifications and Configuring the Domain

The Configuration Summary screen shows detailed configuration information for the domain you are about to create.

Review each item on the screen and verify that the information is correct. To make any changes, go back to a screen by clicking the Back button or selecting the screen in the navigation pane. Domain creation does not start until you click Create.

For more details about options on this screen, see Configuration Summary in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.

Writing Down Your Domain Home and Administration Server URL

The End of Configuration screen shows information about the domain you just configured.

Make a note of the following items because you need them later:

  • Domain Location

  • Administration Server URL

You need the domain location to access scripts that start Node Manager and Administration Server, and you need the URL to access the Administration Server.

Click Finish to dismiss the Configuration Wizard.

Prerequisites for an Oracle Autonomous Transaction Processing-Shared (ATP-S) database

In case of a standalone and collocated Oracle Internet Directory (OID) configuration, after configuring the domain, you must modify the wallet settings and update the classpath before you start the servers.

Refer to the following topics based on your configuration mode:

Prerequisites for Standalone Oracle Internet Directory Configuration with an Oracle Autonomous Transaction Processing-Shared (ATP-S) database

In case of a standalone Oracle Internet Directory (OID) configuration, after configuring the domain, you must modify the wallet settings and update the classpath before you start the Node Manager.

  1. Copy the wallet files from <$ORACLE_HOME>/network/admin to <$DOMAIN_HOME>/config/fmwconfig/components/OID/config .
  2. Update the ojdbc.properties file as follows:
    # Connection property while using Oracle wallets.
    #oracle.net.wallet_location=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=${TNS
    _ADMIN})))
    SSL_SERVER_DN_MATCH=yes
    # FOLLOW THESE STEPS FOR USING JAVA KEYSTORE (JKS)
    # (1) Uncomment the following properties to use JKS.
    # (2) Comment out the oracle.net.wallet_location property above
    # (3) Set the correct password for both trustStorePassword and
    keyStorePassword. 
    # The keyStorePassword and trustStorePassword are the passwords you specified when downloading the wallet from OCI Console
     or the Service Console..
    javax.net.ssl.trustStoreType=JKS
    javax.net.ssl.trustStore=<DOMAIN_HOME>/config/fmwconfig/components/OID/config/truststor
    e.jks
    javax.net.ssl.trustStorePassword=<trustStorePassword>
    javax.net.ssl.keyStoreType=JKS
    javax.net.ssl.keyStore=<DOMAIN_HOME>/config/fmwconfig/components/OID/config/keystore.jk
    s
    javax.net.ssl.keyStorePassword=<keyStorePassword>

    Note:

    Make sure to comment the wallet related property in ojdbc.properties

    For example:

    #oracle.net.wallet_location=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=${TNS_ADMIN})))
  3. Create the file ojdbc_OIDDB.properties in the wallet location, <DOMAIN_HOME>/config/fmwconfig/components/OID/config/, and copy contents of ojdbc.properties to the new file ojdbc_OIDDB.properties.
  4. Modify the wallet location in the sqlnet.ora file as follows:
    WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY="<DOMAIN_HOME>/config/fmwconfig/components/OID/config/")))
  5. Replace all contents of tnsnames.ora in <$DOMAIN_HOME>/config/fmwconfig/components/OID/config as follows:
    OIDDB=<connect string given in RCU>

    See Connection Credentials for an Autonomous Transaction Processing Database.

    For example:

    OIDDB=(DESCRIPTION=(CONNECT_TIMEOUT=120)=(RETRY_COUNT=20)(RETRY_DELAY=3)(ADDRESS=(PROTOCOL=<protocol_name>)
    (PORT=<port_number>)(HOST=<host_name>))(CONNECT_DATA=(SERVICE_NAME=<service_name>.adb.oraclecloud.com))
    (security=(ssl_server_cert_dn="CN=adwc.uscom-east-1.oraclecloud.com, 
    OU=Oracle BMCS US, O=Oracle Corporation, L=Redwood City, ST=California, C=US")))
  6. Update the classpath in <$DOMAIN_HOME>/bin/startNodeManager.sh.

    The classpath before update looks similar to:

    POST_CLASSPATH="/home/opc/idm/mwoc5/oid/../jdbc/lib/ojdbc7_g.jar${CLASSPATHSEP}${POST_CLASSPATH}"

    The classpath after update looks similar to:

    PRE_CLASSPATH="<ORACLE_HOME>/oracle_common/modules/oracle.jdbc/ojdbc8.jar"
    export PRE_CLASSPATH
    POST_CLASSPATH="<ORACLE_HOME>/oracle_common/modules/oracle.jdbc/ojdbc8.jar${CLASSPATHSEP}${POST_CLASSPATH}"
    export POST_CLASSPATH

Prerequisites for Collocated Oracle Internet Directory Configuration with an Oracle Autonomous Transaction Processing-Shared (ATP-S) database

In case of a collocated Oracle Internet Directory (OID) configuration, after configuring the domain, you must modify the wallet settings before you start the Administration Server and the Node Manager.

  1. Copy the wallet files from <$ORACLE_HOME>/network/admin to <$DOMAIN_HOME>/config/fmwconfig/components/OID/config .
  2. Replace all contents of tnsnames.ora in <$DOMAIN_HOME>/config/fmwconfig/components/OID/config as follows:
    OIDDB=<connect string given in RCU>

    See Connection Credentials for an Autonomous Transaction Processing Database.

    For example:

    OIDDB=(DESCRIPTION=(CONNECT_TIMEOUT=120)=(RETRY_COUNT=20)(RETRY_DELAY=3)(ADDRESS=(PROTOCOL=<protocol_name>)
    (PORT=<port_number>)(HOST=<host_name>))(CONNECT_DATA=(SERVICE_NAME=<service_name>.adb.oraclecloud.com))
    (security=(ssl_server_cert_dn="CN=adwc.uscom-east-1.oraclecloud.com, 
    OU=Oracle BMCS US, O=Oracle Corporation, L=Redwood City, ST=California, C=US")))
  3. Modify the wallet location in the sqlnet.ora file as follows:
    WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY="<DOMAIN_HOME>/config/fmwconfig/components/OID/config/")))

Starting Servers and Processes

After configuration is complete, start the servers and the processes.

For more information on additional tools you can use to manage your domain, see Overview of Oracle Fusion Middleware Administration Tools in Oracle Fusion Middleware Administering Oracle Fusion Middleware.

Refer to the following topics based on your configuration mode:

Starting the Servers for Standalone Oracle Internet Directory

In case of a standalone Oracle Internet Directory (OID) configuration, start the Node Manager. The OID instance will be started when you perform the initial OID setup in the later sections.

For an Oracle Autonomous Transaction Processing-Shared (ATP-S) database, you must modify the wallet settings and update the classpath before you start the Node Manager. See Prerequisites for Standalone Oracle Internet Directory Configuration with an Oracle Autonomous Transaction Processing-Shared (ATP-S) database.

To start the Node Manager, use the following command:

  • (UNIX) DOMAIN_HOME/bin/startNodeManager.sh

  • (Windows) DOMAIN_HOME\bin\startNodeManager.cmd

Note:

Before starting the Node Manager, make sure that any changes made to the default port in nodemanager.properties reflects in the corresponding associated machine as well.

For an Oracle Autonomous Transaction Processing-Shared (ATP-S) database, before starting the Node Manager, set TNS_ADMIN property to <$DOMAIN_HOME>/config/fmwconfig/components/OID/config/ using the following command:

export TNS_ADMIN=<$DOMAIN_HOME>/config/fmwconfig/components/OID/config.

Starting Servers and Processes for Collocated Oracle Internet Directory

In case of a collocated Oracle Internet Directory (OID) configuration, start the Administration Server and the Node Manager. The OID instance will be started when you perform the initial OID setup in the later sections.

The components may be dependent on each other so they must be started in the correct order.

Note:

The procedures in this section describe how to start servers and process using the WLST command line or a script. You can also use the Oracle Fusion Middleware Control and the Oracle WebLogic Server Administration Console. See Starting and Stopping Administration and Managed Servers and Node Manager in Administering Oracle Fusion Middleware.

For an Oracle Autonomous Transaction Processing-Shared (ATP-S) database, you must modify the wallet settings before you start the Administration Server and the Node Manager. See Prerequisites for Collocated Oracle Internet Directory Configuration with an Oracle Autonomous Transaction Processing-Shared (ATP-S) database.

To start your Fusion Middleware environment, follow the steps below:

Step 1: Start the Administration Server

When you start the Administration Server, you also start the processes running in the Administration Server, including the WebLogic Server Administration Console and Fusion Middleware Control.

Note:

For an Oracle Autonomous Transaction Processing-Shared (ATP-S) database, before starting the Administration Server, set TNS_ADMIN property to <$DOMAIN_HOME>/config/fmwconfig/components/OID/config/ using the following command:

export TNS_ADMIN=<$DOMAIN_HOME>/config/fmwconfig/components/OID/config

To start the Administration Server, use the startWebLogic script:

  • (UNIX) DOMAIN_HOME/bin/startWebLogic.sh

  • (Windows) DOMAIN_HOME\bin\startWebLogic.cmd

When prompted, enter your user name, password, and the URL of the Administration Server.

Note:

For an Oracle Autonomous Transaction Processing-Shared (ATP-S) database, the following error messages are displayed during the Administration Server startup:

Example messages:

java.io.FileNotFoundException: /<DOMAIN_HOME>/config/fmwconfig/components/OID/ admin/oidpwdlldap1 (No such file or directory)
oracle.simplefan.impl.FanManager configure SEVERE: attempt to configure ONS in FanManager failed with oracle.ons.NoServersAvailable: Subscription time out

These messages do not have any functional impact and can be ignored.

For an Autonomous Transaction Processing database (both Oracle Autonomous Transaction Processing-Dedicated (ATP-D) and Oracle Autonomous Transaction Processing-Shared (ATP-S)), the following error message may be displayed in the Administration Server logs.

<AdminServer> <[ACTIVE] ExecuteThread: '63' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> 
<16023522-e47f-40f4-a66f-7ea3729188d1-00000064> <1628079696204> 
<[severity-value: 8] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > 
<BEA-240003> <Administration Console encountered the following error: 
java.lang.NoSuchMethodError: 
org.glassfish.jersey.internal.LocalizationMessages.WARNING_PROPERTIES()Ljava/l ang/String; at
org.glassfish.jersey.internal.config.SystemPropertiesConfigurationModel.getProperties(SystemPropertiesConfigurationModel.java:122) at
org.glassfish.jersey.internal.config.SystemPropertiesConfigurationProvider.getProperties(SystemPropertiesConfigurationProvider.java:29) at
org.glassfish.jersey.internal.config.ExternalPropertiesConfigurationFactory.readExternalPropertiesMap(ExternalPropertiesConfigurationFactory.java:55) at
org.glassfish.jersey.internal.config.ExternalPropertiesConfigurationFactory.configure(ExternalPropertiesConfigurationFactory.java:72) at
org.glassfish.jersey.internal.config.ExternalPropertiesConfigurationFeature.configure(ExternalPropertiesConfigurationFeature.java:26) at
org.glassfish.jersey.model.internal.CommonConfig.configureFeatures(CommonConfig.java:730)

This message does not have any functional impact and can be ignored.

Step 2: Start Node Manager

Note:

For an Oracle Autonomous Transaction Processing-Shared (ATP-S) database, before starting the Node Manager, set TNS_ADMIN property to <$DOMAIN_HOME>/config/fmwconfig/components/OID/config/ using the following command:

export TNS_ADMIN=<$DOMAIN_HOME>/config/fmwconfig/components/OID/config.

To start Node Manager, use the startNodeManager script:

  • (UNIX) DOMAIN_HOME/bin/startNodeManager.sh

  • (Windows) DOMAIN_HOME\bin\startNodeManager.cmd

Note:

Before starting the Node Manager, make sure that any changes made to the default port in nodemanager.properties reflects in the corresponding associated machine as well.

Performing the Initial Oracle Internet Directory Setup

Use the wlst command from a different terminal to connect to Administration Server and set up Oracle Internet Directory.

To perform the initial setup of OID, do the following:
  1. Run the following command from the location ORACLE_HOME/oracle_common/common/bin to launch the WLST tool:
    ./wlst.sh
  2. In case of a standalone Oracle Internet Directory configuration, connect to the Node Manager using the following command:
    nmConnect(username='wls_user',password='password',domainName='base_domain')
    In case of a collocated Oracle Internet Directory configuration, connect to the Administration Server using the following command:
    connect('Admin_username','Admin_password','t3://Admin_host:Admin_port’)
  3. Run the following command to perform the initial setup of OID:
    From location:
    • For standalone mode: /base_domain
    • For collocated mode: /base_domain/serverConfig
    oid_setup(orcladminPassword='password',odsPassword='password',realmDN='<your realm>' port='nnnn', sslPort='nnnn', host='hostname' )

    where,

    realmDN='<dc=<xxxx>,dc=<company name>, dc=com>'

    Note:

    For information about the other optional arguments that can be used with oid_setup command, run the following command:

    help('oid_setup')

    You can use the appropriate arguments for running OID on custom SSL and non-SSL ports, setting instanceName, port, hostname, machineName as input parameters etc.

    The command oid_setup() performs the following operations:

    • Sets the password for cn=orcladmin user.

    • Creates the first oid1 instance. The following parameters are set by default when oid_setup is run:

      • instanceName = 'oid1'

      • host = 'hostname of the current machine'

      • port = '3060'

      • machine = 'oidhost1'

        This gets created automatically when you run config.sh.

      • sslPort = '3131'

    • Starts the OID instance oid1 .

    • Creates the realm.

      Note:

      If the realm is not provided then 'dc=us,dc=oracle,dc=com' realm is created automatically.

Note:

For more information about managing Oracle Internet Directory components using WLST commands, see Managing Oracle Internet Directory Components by Using WLST Commands in the Administering Oracle Internet Directory.

Verifying the Configuration

After completing all configuration steps, you can perform additional steps to verify that your domain is properly configured.

To verify the Oracle Internet Directory (OID) is configured successfully, do the following:

  1. Set the environment variable ORACLE_HOME to the new 12c ORACLE_HOME location.

  2. Run the following command to check on the OID instance:

    ORACLE_HOME/bin/ldapbind -h OID_HOST -p OID_PORT

For additional configuration and administration tasks, see Performing Additional Domain Configuration Tasks.