Table of contents
Preamble
We have seen in first part how to install and configure WebLogic application server. This second part is about configuring the database repository with Repository Creation utility (RCU) and installing Oracle Internet Directory (OID).
OID repository creation
Before you can install Oracle Internet Directory (OID) you must first fill your repository database with required schemas. On the Oracle Identity Management 11g Downloads page download below utility:
- Oracle Fusion Middleware Repository Creation Utility 11g (11.1.1.9.0)
The database I have used is an Enterprise Edition (we use only this edition) in 12.1.0.2.0, set processes and open_cursors parameters to 500 to avoid any warning. I’m not detailing this part as it should be more than obvious for you with, for example, Database Configuration Assistant (DBCA).
The downloaded file (ofm_rcu_linux_11.1.1.9.0_64_disk1_1of1.zip) can be unzip anywhere. In ./rcuHome/bin directory invoke Repository Creation Utility with rcu binary:
Choose to create the repository:
Supply your database information with, preferably, a SYS connection. After having supplied the connection credentials few checks are performed, if all is good press Ok or correct any raised problems:
Choose OID repository creation:
Choose a password for the accounts (ODS and ODSSM):
I have changed only the temporary tablespace:
Do not change the default tablespace or you will end up with:
ORA-01917: user or role 'ODS' does not exist |
The tablespaces are hard coded in creation scripts so if you change to something else they are not created and RCU will fail… Wondering why they have left the capability to change then…
Summary of what will be done:
Ending window if all goes well:
OID installation
On the Oracle Identity Management 11g Downloads page download below files:
- Identity Management (11.1.1.9.0)
Unzip the two files (ofm_idm_linux_11.1.1.9.0_64_disk1_1of2.zip and ofm_idm_linux_11.1.1.9.0_64_disk1_2of2.zip) and execute runInstaller in Disk1 directory:
For proxy reason and internet access restriction on my server I usually chose to avoid software update:
Choose install and configure:
Pre-requisites check, even if OEL 7 is certified I had few warning about too recent packages, I have obviously decided to ignore:
Specify credentials for your WebLogic domain:
I had this warning that I have also decided to ignore:
If you have decided not to install WebLogic you must choose below option instead:
Specify installation directories, WebLogic home and application name your have chosen (I kept at maximum default values):
The window is slightly different if you have chosen not to install WebLogic:
Again I already received plenty of security alerts:
Choose OID and I have also chosen Oracle Directory Service Manager (ODSM) but you will see later on that I have not been able to use it so not mandatory at all:
The window is much simpler in the case of no WebLogic:
Automatic port configuration but if you have special port requirements it can be customized
OID database schema that has been created with RCU:
OID domain. I have chosen the one I setup with OID 10g for ascending compatibility, choose anything you like that match your company. You also choose the password of LDAP administrator (cn=orcladmin):
Summary window:
You classically end up installation with execution of /u01/Middleware/Oracle_IDM1/oracleRoot.sh script as root…
OID configuration
While configuring all components I got an error saying my WebLogic server was not reachable. When moving to widow where I executed it I discovered it has failed…
Configuration of component follow installation process:
Ending successful window:
You can now control with Oracle Process Manager and Notification Server (OPMN) tool that everything is started and running well:
[oracle@server1 ~]$ /u01/Middleware/asinst_1/bin/opmnctl status Processes in Instance: asinst_1 ---------------------------------+--------------------+---------+--------- ias-component | process-type | pid | status ---------------------------------+--------------------+---------+--------- oid1 | oidldapd | 26401 | Alive oid1 | oidldapd | 26397 | Alive oid1 | oidmon | 26389 | Alive EMAGENT | EMAGENT | 25953 | Alive |
OID is listening on port 3060 (LDAP, insecure) and 3131 (LDAPS, secure):
[oracle@server1 ~]$ netstat -an | grep LISTEN | grep -e 3060 -e 3131 tcp6 0 0 :::3060 :::* LISTEN tcp6 0 0 :::3131 :::* LISTEN |
You have also Oracle Directory Services Manager (ODSM) at http://server1.domain.com:7005/odsm but it was so buggy that I have not been able to really use it:
One tool that is nice to configure afterwards is Enterprise Manager. To do so execute the configuration utility of your WebLogic domain with /u01/Middleware/oracle_common/common/bin/config.sh and choose to configure an existing domain:
Chose your domain in directory list:
Add Oracle Enterprise Manager component:
Application location for your domain:
Let default:
Summary window:
I had a warning for an used port that is the one of WebLogic, maybe I should have stopped WebLogic before re-configuring it
Ending window:
Then stop and restart WebLogic by exiting and restarting /u01/Middleware/user_projects/domains/base_domain/startWebLogic.sh. You should then see at http://server1.domain.com:7001/em Enterprise Manager console that will help us to graphically modify an important setup of OID:
We are almost done move on to next part of the series (see references section below) to finally configure directory naming with your clients…
References
- Directory naming configuration and usage (ldap.ora) – part 1
- Directory naming configuration and usage (ldap.ora) – part 2
- Directory naming configuration and usage (ldap.ora) – part 3
- ORA-01917: User Or Role ‘ODS’ Does Not Exist At The Time Of Running RCU (Doc ID 1663030.1)
- “Unable To Validate NonJ2EEManagement Application Deployment” Error Occurs When Trying to Register a FMW 11g System Component to an Existing Weblogic Domain (Doc ID 1082029.1)
- Oracle Fusion Middleware 11g Release 1 (11.1.1.9) Oracle Internet Directory – Tasks