ORACLE IDENTITY MANAGER 11gR2 PS3

System Requirements

10 GB of RAM
70 GB of free space on the hard disk;
This procedure was tested on 64-bit Windows 7.

Download Software

Download the following software.

Oracle Linux
Virtual Box (must be version 4.1.14 or later)
Oracle 11g R2 PS3(11.1.2.3.0)
Oracle Database (11.2.4.0)
Oracle Repository Creation Utility(11.1.1.9.0)
Weblogic Server 10.3
Oracle SOA(11.1.1.9.0)

Virtual Machine Setup

In this exercise, we are using VirtualBox installed on 64-bit Windows 7.

Start VirtualBox and click the "New" button on the toolbar. Click the "Next" button on the first page of the Virtual Machine Wizard.

Enter the name "rac1", OS "Linux" and Version "Oracle (64 bit)", and then click the "Next" button:

Set RAM to min 10 GB, then click the "Next" button:

Accept the default option to create a new virtual hard disk by clicking the "Next" button:

Accept the default VDI type and click the "Next" button on the Virtual Disk Creation Wizard welcome screen:

Accept the default "Dynamically allocated" option by clicking the "Next" button:

Accept the default location and set the size to "70G" and click the "Next" button:

Press the create button

The "rac1" VM will appear on the left hand pane. Click on the "Network" link on the right side:

Make sure "Adapter 1" is enabled, attached to "Internal Network" or "Host-only Adapter". This interface will be used for public network, for example, for connection to the database from other applications. On the screenshot below "Internal Network" is selected and name "pubnet" was given to this network:

Then click on the "Adapter 2" tab. Make sure "Adapter 2" is enabled and attach to "Internal Network". Name this network "privnet":

Then finally click on the "Adapter 3", enable it, and attach to "Bridged Adapter" or "NAT". This adapter will be used for internet. Then press "OK" button:

The virtual machine is now configured so we can start the guest operating system installation.

Move "Hard Disk" to the top of the boot order and uncheck the "Floppy" option Select Base Memory minimum of 9216MB, then click the "OK" button

Guest Operating System Installation

Please note that during installation Virtual Box will be keeping the mouse pointer inside VM area. To exit, press Right Control key on the keyboard.

Place the Oracle Linux 6.3 (or newer) DVD in the DVD drive and skip next two screenshots. If you don't have DVD, download the .iso image and place it into the virtual DVD. Select "Storage" link on the right hand pane of the VirtualBox Manager screen to open "Storage" screen. Then select DVD drive in the "Storage Tree" section:

In "Attributes" section click on the DVD disk icon and choose DVD .iso file. Note that name of the file shows in the Storage Tree. Then press 'OK":

Start the virtual machine by clicking the "Start" button on the toolbar. The resulting console window will contain the Oracle Linux boot screen. Proceed with the "Install or upgrade an existing system":

Do not perform the media test. Choose "Skip" button:

Continue through the Oracle Linux installation as you would for a normal server. On next three screens select Language, Keyboard, and Basic Storage Devices type. Confirm to discard any data.

Set "Hostname" to rac1.localdomain and press "Configure Network":

In the Network Connections screen select "System eth0" interface, which will be used for public network, and press "Edit":

Make sure that "Connect automatically" is checked. In "IPv6 Settings" tab make sure the Method is set to "Ignore". Select "IPv4 Settings" tab; change Method to "Manual"; Press "Add" and fill Address: 192.168.56.71; Netmask: 255.255.255.0; Gateway: 0.0.0.0. Press "Apply" then done:

In the Network Connections screen select "System eth1" interface, this will be used for private network, then press "Edit". Then check the box "Connect automatically". In "IPv6 Settings" tab make sure the Method is set to "Ignore". Select "IPv4 Settings" tab; change Method to "Manual". Press "Add" and fill Address: 192.168.10.1; Netmask: 255.255.255.0; Gateway: 0.0.0.0. When done, press "Apply":

Finally select "System eth2" interface, this will be used for Internet, then press "Edit". Check the box "Connect automatically". Select "IPv4 Settings" tab make sure the Method is set to "Automatic (DHCP)". In "IPv6 Settings" tab make sure the Method is set to "Ignore". Press "Apply" button:

Close Network Connections screen and proceed to next setup screen. Select time zone; Type in Root Password: oracle;

Select "Use All Space" type of installation and check "Review and modify partitioning layout":

Edit size of lv_swap device and lv_root as required. Press "Next":

Confirm through warnings and create partitions. Keep defaults in Boot loader screen.

In the software type installation screen select "Database Server" and check "Customize now" button. Press Next:

In the Customization screen select Database and uncheck all items; select Desktops and check "Desktop" and "Graphical Administration Tools"; then press Next and finish installation. Reboot.

When it comes back, there will be more setup screens obvious to handle. Don't create 'oracle' account, this will be done later. Congratulations! The Linux has been installed.

Check Internet Access

We will need Internet access because additional packages will be installed online. Open terminal and try to ping any Internet site, for example:

ping yahoo.com

If ping doesn't work, troubleshoot the problem using 'ifconfig' command and making changes in Network Connections (Linux desktop Main menu | System | Preferences | Network Connections). If you made changes in Network Connections, restart interface by rebooting VM or running these two commands:

# ifdown eth0

# ifup eth0

Then check the ping again.

All actions in this section must be performed by the root user.

Run Automatic Setup by installing 'oracle-rdbms-server-11gR2-preinstall' package. This package performs prerequisites including kernel parameter change and creation of Linux oracle account:

# yum install oracle-rdbms-server-11gR2-preinstall

Install Guest Additions

Guest Additions are optional, but highly recommended. Guest Additions allow better integration of mouse support and clipboard bidirectional copying. Another important feature is support of shared folders making files in Host OS visible to Guest. The remaining of this document assumes that Guest Additions are installed.

In order to install Guest Additions, reboot just created VM, login as root. Then in the window menu select Devices | Install Guest Additions. Go through the download until you see DVD Autorun screen:

Press "OK", then "Run" to start installation.

Note. The installation can fail complaining on missing kernel-uek-devel package. Install the missing package using yum command. Then reinstall Guest Additions by double-clicking on VBOXADDITIONS DVD icon on the desktop, and clicking "Open Autorun Prompt" button.

If error dont go, try below three commands:

1.yum update gcc
2. yum update

3. yum install kernel-uek-devel

Reboot the machine. Now you should be much happier about the VirtualBox!

Setup Virtual box share folder.

i) In Virtual box, click on settings and then click on share folder.

ii) Click on “+” button on right hand side. Below pop up will appear

iii) Make some folder anywhere in your host machine which you want to be a share folder and give some name to folder. Give Auto-mount permission to folder.

iv) Press "OK" to save this setting. Now Shared Folders should look like as below:

Create the directory in which the Oracle software will be installed.

mkdir -p /u01/app/oracle/product/11.2.0/db_1

chown -R oracle:oinstall /u01

chmod -R 775 /u01/

Add oracle account to dba and vboxsf groups. The vboxsf group was created by VirtualBox Guest Additions and will allow oracle user access folders in the Host OS:

Reset oracle user password to oracle:

# passwd oracle

Changing password for user oracle.

New password:

BAD PASSWORD: it is based on a dictionary word

BAD PASSWORD: is too simple

Retype new password:

passwd: all authentication tokens updated successfully.

Disable secure linux by editing the "/etc/selinux/config" file, making sure the SELINUX flag is set as follows.

SELINUX=disabled

Cleanup YUM repositories:

# yum clean all

Edit "/etc/hosts" file by appending the following information:

127.0.0.1 rac1.localdomain rac1

Now we need to disable the firewall: Linux Main menu | System | Administration | Firewall. Click on "Disable" icon, then on "Apply".

Create the new groups and users.

groupadd -g 1000 oinstall

groupadd -g 1200 dba

useradd -u 1100 -g oinstall -G dba oracle

Before starting Oracle database installation we have to install jdk1.7.55 or above.

JDK installation:

Installing the Oracle Database

Download Oracle Database 11.2.4.0.
Change user to oracle using su – oracle
Navigate to folder where you have kept oracle database file in local VM and run installer command as shown below: $ cd /downloads/oracle/linux64_database
$ ./runInstaller
Uncheck the security updates checkbox and click the "Next" button

Select “Skip software updates” and click next

Accept the "Create and configure a database" option by clicking the "Next" button

Select Server Class and click Next

Select Advanced install, and click Next>.

English is selected by default, if you want any other language, select that from Available Languages list and click >>, followed by Next>

Click on Enterprise Edition and click Select Options.

Select All except for “Oracle Label Security” and “Oracle Database Vault option”

Give the path which you created for installing software, click Next> :

Select database type as General Purpose/Transactional Processing, and click Next>

In global database name put orcl (the one that was created in pre-requisites) and a name for Oracle Service Identifier (SID) in our case it is orcl.

Click on character sets tab.

Select use Unicode, and click on Sample Schemas tab.

Check create database with sample schemas, and then click next>.

In Specify Management Options, select Use Oracle Enterprise Manager Database Control for database management, click on Next>.

Choose Do not enable automated backups, then click Next>

Set password for accounts, you can either choose a different password for each account or same password for all, after setting the password click Next>

Select "oinstall" group for both Database Administrator and Database Operator groups, then press the "Next" button:

Wait for the prerequisite check to complete. If there are any problems, either fix them, or check the "Ignore All" checkbox and click the "Next" button.

If you are happy with the summary information, click the "Install" button.

Installation progress screen.

Database Configuration Assistant screen.

Database Configuration Assistant progress screen.

Click OK.

When prompted, run the configuration scripts. When the scripts have been run then only click the "OK" button. Go to script location which we can get from below screen shot. After reaching to that location run the script using below command:

./root.sh

Click the "Close" button to exit the installation, database has been installed successfully.

You need to create the environment file use these commands:

#vi idm.env

export ORACLE_HOME= (your oracle installation path. it could be like /u01/app/oracle/product/11.2.0/db_home1)

export ORACLE_SID= (your oracle sid)

export PATH=$ORACLE_HOME/bin:$PATH

Save and exit this file (:wq) and issue this command.

# chmod 755 idm.env to source this environment file

Run the file by below command

. ./idm.env (two dots having space between each other)

Run the following command to see whether database has been installed successfully.

Sqlplus /as sysdba

Run the following command to check if Listener is up and running.

Lsnrctl status

The database creation is now complete

INSTALLING REPOSITORY CREATION UTILITY

In the RCU Welcome dialog box, click Next.

In the Create Repository dialog box, make sure that the Create option is selected. Click Next.

Use the following table to enter the parameter details in the Database Connection Details dialog box. Click Next.

Parameter Name	Value
Database Type	Oracle Database
Host Name	use below command to find hostname <>
Port	1521
Service Name	use below command to find service name lsnrctl status
Username	Sys
Password	Welcome1(or whatever password you have chosen for sys)
Role	SYSDBA

In the Checking Prerequisites window, RCU checks the connection parameters provided in the previous step. When the checks are complete, click OK

In the Select Components dialog box, perform the following:

Verify that the “Create a new Prefix” option is selected, and that the value DEV appears in the text field.

Expand the Identity Management node and select the Oracle Identity Manager check box. It will automatically select dependent object.

Select Business intelligence as that will not be selected automatically. Click Next.

In the Checking Prerequisites window, RCU checks the prerequisites for each schema selected in the previous step. Click OK.

If while checking prerequisites, you get some warning message as shown below: please note all error messages and keep pressing Ignore button. After collection all error we will fix them in one go.

Go to Unix terminal window and login as oracle user.

Run below commands:

Sqlplus /as sysdba

As in error screen shot it says “pre-requisite failure for processes. Current value is 150. It should be greater than or equal to 500”. So we will alter processes properties by below command:

Alter system set processes=500 scope=spfile;

Do same thing for all parameters for which you got error pop up.

After setting new values we need to bounce database. Use below command to do same.

Shut immediate

Startup

Go back and again check for pre requisite. It should not complain about anything and it should pass smoothly

Verify that the “Use same passwords for all schemas” option is selected. In the Password and Confirm Password fields, enter Welcome1. Click Next.

In the Map Tablespaces dialog box, click Next.

In the Confirmation window, click OK to confirm the creation of tablespaces.

RCU creates the tablespaces. Click OK in the Creating Tablespaces window when the operation completes

In the Summary dialog box, click Create to create the schemas

Repository Creation Utility – creation progress window.

When RCU completes the creation of schemas, click Close in the Completion Summary dialog box to exit RCU

RCU has been installed successfully.

INSTALLING WEBLOGIC SERVER

Navigate to folder where you have kept Weblogic server file in local VM and run installer command as shown below:

$ /u01/jdk7/bin/java –D64 –jar wls1036_generic.jar

Weblogic installation window will start, click Next.

Select create a new Middleware Home, give path as /u01/app/fmw and click Next.

Uncheck “I wish to receive security updates” and click Next.

Select Custom as installation type, click Next.

Select Server Examples and Coherence Examples as they are not selected by default and click Next.

Jdk installed in your system would be selected under Local JDK if not select browse to specify location, then click Next.

Path for weblogic Server and Oracle Coherence would be specified, just click Next.

Just click Next on Installation summary window.

Installation progress window.

Uncheck Run quick start and click done.

Weblogic server has been installed successfully.

INSTALLING ORACLE SOA

Navigate to folder where you have kept oracle SOA Suite file in local VM and navigate inside Disk1 and run installer command as shown below:

./runInstaller

It will ask for jdk path, please give complete JDK path. In our case it is /u01/jdk7

SOA Installation wizard is now starting.

In the Welcome dialog box, click Next.

In the Install Software Updates dialog box, select the Skip Software Updates option and click Next.

Prerequisite checks are being carried out.

Once done click on Next.

Note: If you get error of some packages missing

Click on the (+) sign in the bottom pane and look for the names of those package and install them using yum command as “root”, then retry.

In the Specify Installation Location dialog box, make sure that the Oracle Middleware Home field contains the value /u01/app/fmw, and that the Oracle Home Directory field contains the value Oracle_SOA1. Click Next.

In the Application Server dialog box, make sure that the WebLogic Server option is selected. Click Next.

In the Installation Summary dialog box, click Install.

When installation is complete, click Next.

In the Installation Complete dialog box, click Finish to exit the Oracle SOA Suite installer.

You have successfully installed the SOA Suite software.

INSTALLING ORACLE IDENTITY AND ACCESS MANAGER

Navigate to folder where you have kept oracle Identity Manager file in local VM and navigate inside Disk1 and run installer command as shown below:

./runInstaller

It will ask for jdk path, please give complete JDK path. In our case it is /u01/jdk7

Identity Installation wizard is now starting.

In the Welcome dialog box, click Next.

In the Install Software Updates dialog box, select the Skip Software Updates option and click Next.

Once done click on Next.

In the Installation Summary dialog box, click Install.

When installation is complete, click Next.

In the Installation Complete dialog box, click Finish to exit the Oracle Identity Manager installer.

You have successfully installed the Oracle Identity Manager.

CREATING WEBLOGIC DOMAIN FOR ORACLE IDENTITY MANAGER

Open a new Terminal window.

Navigate to the $OIM_HOME/common/bin directory. To do this, at the prompt, enter the following command:

$ cd /u01/app/Oracle/Middleware/Oracle_IDM1/common/bin

Run the configuration script. To do this, at the prompt, enter the following command:

$ ./config.sh

The Fusion Middleware Configuration Wizard starts. In the Welcome dialog box, make sure that the “Create a new WebLogic Domain” option is selected. Click Next.

Verify that the “Generate a domain configured automatically to support the following products” option is selected. Select the Oracle Identity Manager – 11.1.2.0.0 check box.

The following products are selected automatically:

Oracle SOA Suite – 11.1.1.0

Oracle Enterprise Manager – 11.1.1.0

Oracle Platform Security Service – 11.1.1.0

Oracle WSM Policy Manager – 11.1.1.0

Oracle JRF WebServices Asynchronous services – 11.1.1.0

Oracle JRF – 11.1.1.0

Select the Oracle Entitlements Server for Admin Server – 11.1.1.0 check box.

Select the Oracle Privileged Account Manager – 11.1.2.0 check box. The Oracle Identity

Navigator 11.1.2.0 check box is selected automatically.

Verify that the following options are selected:

Oracle Identity Manager – 11.1.2.0.0 [Oracle_IDM1]

Oracle SOA Suite – 11.1.1.0 [Oracle_SOA1]

Oracle Entitlements Server for Admin Server -11.1.1.0 [Oracle_IDM1]

Oracle Enterprise Manager – 11.1.1.0 [oracle_common]

Oracle Privileged Account Manager – 11.1.2.0.0 [Oracle_IDM1]

Oracle Identity Navigator – 11.1.2.0.0 [Oracle_IDM1]

Oracle Platform Security Service – 11.1.1.0 [Oracle_IDM1]

Oracle WSM Policy Manager – 11.1.1.0 [oracle_common]

Oracle JRF WebServices Asynchronous services – 11.1.1.0 [oracle_common]

Oracle JRF – 11.1.1.0 [oracle_common]

Click Next.

In the Specify Domain Name and Location dialog box, perform the following:

Please give correct domain name in the “Domain name” field.
Verify that the value /u01/app/Oracle/Middleware/user_projects/domains appears in the in the “Domain location” field.
Verify that the value
/u01/app/Oracle/Middleware/user_projects/applications appears in the “Application location” field.

Click Next.

In the Configure Administrator User Name and Password dialog box, verify that weblogic appears in the Name field. Enter Welcome1 in the “User password” and “Confirm user password” fields, and click Next.

In the Configure Server Start Mode and JDK dialog box, verify that the Production Mode option is selected. Click Next.

Populate the Configure JDBC Component Schema dialog box, as follows:

Select all check boxes in the dialog box. Note that all text fields in the top frame become enabled for editing.

Verify that Oracle appears in the Vendor field, Oracle’s Driver appears in the Driver field, and “Varies among component schemas” appears in the Schema Owner field.

Complete the rest of the fields using the following table

Field Name	Field Value
Schema Password	Welcome1
Host Name	Run command $hostname--> whatever name comes please put same in field
Service	Run command $lsnrctl status à whatever value comes for service put same in field

A JDBC Connectivity test will run. When it completes, click Next.

In the Select Optional Configuration dialog box, select the Administration Server and the

“Managed Servers, Clusters and Machines” check boxes. Click Next.

Click Next

In the Configure Clusters dialog box, click Next.

In configure machine, delete local machine

Go to Unix Machine Tab and add :

Name	<hostname>
Node Manager	All Local address

Then click Next.

See Unix Machine has the following localhost name, AdminServer, opam_server1, soa_server1, oim_server1. Then Click Next.

The progress window appears.

Click done

Configuring the Security Store

Open Terminal window.

Configure the security store. At the prompt, enter the following command, all on the one line:

$ $MW_HOME/oracle_common/common/bin/wlst.sh $OIM_HOME/common/tools/configureSecurityStore.py -d $DOMAIN_HOME -c IAM -p Welcome1 -m create

Validate the security store configuration. At the prompt, enter the following command:

$ $MW_HOME/oracle_common/common/bin/wlst.sh

$OIM_HOME/common/tools/configureSecurityStore.py -d $DOMAIN_HOME -m validate

Starting the Oracle WebLogic Admin Server Instance

Open Terminal window.

Navigate to the

/u01/app/Oracle/Middleware/user_projects/domains/base_domain directory.

Start the Admin Server instance. To do this, at the prompt, enter ./startWebLogic.sh.

When you see the log entry <Server started in RUNNING mode>, the Admin Server instance is started successfully.

After server started we can login to weblogic console through below URL:

https://<hostname IP address>:7001/console

After successful login we will see below screen:

Setting Node Manager

Go to below path and create a boot.properties file

cd /u02/app/fmw/user_projects/domain/IDMDomain/servers/

mkdir –p oim_server1/security

vi boot.properties

boot.properties

password=Welcome1

username=weblogic

Starting SOA Server

Open Terminal window.

Navigate to the

/u01/app/Oracle/Middleware/user_projects/domains/base_domain directory.

Start the Admin Server instance. To do this, at the prompt, enter ./startManagedWebLogic.sh soa_server1

When you see the log entry <Server started in RUNNING mode>, the Admin Server instance is started successfully.

After server started we can login to weblogic console through below URL:

https://<hostname IP address>:7001/console

Select Environment>Servers, you can see the status of soa_server1 as RUNNING.

CONFIGURING ORACLE IDENTITY MANAGER

Navigate to the /u01/app/Oracle/Middleware/Oracle_IDM1/bin directory

Start the configuration utility. To do this, enter the following command at the prompt:

$ ./config.sh

In the Welcome dialog box, click Next.

In the Components to Configure dialog box, verify that the OIM Server check box is selected. Select the OIM Design Console check box. Click Next.

Populate the Database dialog box, as shown in screen below. Password for OIM and MDS is Welcome1, Click Next.

In the WebLogic Admin Server dialog box, configure the parameters for connecting to the Oracle WebLogic Admin Server as an administrator.

In the WebLogic Admin Server URL field, enter t3://localhost:7001.
In the UserName field, enter weblogic.
In the Password field, enter Welcome1.

Click Next.

In the OIM Server dialog box:

In the OIM Administrator Password and Confirm Password fields, enter Welcome1.
In the OIM HTTP URL field, leave the default value
In the KeyStore Password and Confirm KeyStore Password fields, enter Welcome1.
Deselect the Enable LDAP Sync check box

Click Next.

Populate the OIM Server Host and Port dialog box, as follows:

In the OIM Server Hostname field, enter <hostname>.

In the OIM Server Port field, enter 14000.

Click Next.

In the Configuration Summary dialog box, click Configure

After the configuration process is complete, click Next.

In the Configuration Complete dialog box, click Finish to exit the configuration utility

Starting OIM Server

Open Terminal window.

Navigate to the

/u01/app/Oracle/Middleware/user_projects/domains/base_domain directory.

Start the Admin Server instance. To do this, at the prompt, enter ./startManagedWebLogic.sh oim_server1

We can start server from weblogic admin console

When you see the log entry <Server started in RUNNING mode>, the Admin Server instance is started successfully.

After server started we can login to weblogic console through below URL:

https://<hostname IP address>:7001/console

Select Environment>Servers, you can see the status of oim_server1 as RUNNING.

Once all server show in running condition, login to Identity Self Service to verify installation has been complete with no issues

URL: http://<hostname>:14000/identity

Default admin user is xelsysadm with password “Welcome1” or whatever you have assigned.

ORACLE IDENTITY MANAGER 11gR2 PS3

Tuesday, July 18, 2017

How to configure Scheduler only on single node in a clustered environment?

Monday, June 8, 2015