Oracle Application Server 10g Installation Manual Download

Page: 200 / 258

Component Configuration After Installation

11-4

Oracle Application Server Installation Guide

oracle.ias.configtool.UseInfrastructure i

-f $ORACLE_HOME/config/infratool_mod_osso.properties

-h

OIDhost

-p

OIDport

-u

OIDadminName

-w

OIDclearTextPassword

-o

ORACLE_HOME

-m

ASinstanceName

-infra

infraGlobalDBName

-mh

host

-sso true

-sslp

sslPort

-sslf false

Table 11–1

describes the parameters where you have to supply values:

Restart OC4J and Oracle HTTP Server. You can do this using the

opmnctl

command.

prompt>

$ORACLE_HOME/opmn/bin/opmnctl restartproc ias-component=OC4J

prompt>

$ORACLE_HOME/opmn/bin/opmnctl restartproc ias-component=HTTP_Server

Once mod_osso is configured, you can configure Oracle Delegated Administration
Services using the Application Server Control. See the

Oracle Internet Directory

Administrator’s Guide

for details.

Table 11–1

Parameters for Configuring mod_osso

Parameter

Description

-h

OIDhost

Specifies the name of the computer where Oracle Internet
Directory is running. You can determine this value from the

OIDhost

parameter in the

ORACLE_

HOME/config/ias.properties

file.

-p

OIDport

Specifies the port number on which Oracle Internet Directory is
listening. You can determine this value from the

OIDport

parameter in the

ORACLE_HOME/config/ias.properties

file.

-u

OIDadminName

Specifies the login name for Oracle Internet Directory. Use the
superuser:

cn=orcladmin

-w

OIDclearTextPassword

Specifies the password for the Oracle Internet Directory user.

-o

ORACLE_HOME

Specifies the full path to the directory where you installed
OracleAS Infrastructure.

-m

ASinstanceName

Specifies the name of the OracleAS Infrastructure instance where
you want to configure mod_osso. You can determine this value
from the

IASname

parameter in the

ORACLE_

HOME/config/ias.properties

file.

-infra

infraGlobalDBname

Specifies the name of the OracleAS Metadata Repository database.
You can determine this value from the

InfrastructureDBCommonName

parameter in the

ORACLE_

HOME/config/ias.properties

file.

-mh

host

Specifies the full hostname (including the domain name) of the
computer where you want to configure Oracle Delegated
Administration Services.

-sslp

sslPort

Specifies the SSL port for Oracle Internet Directory. You can
determine this value from the

OIDsslport

parameter in the

ORACLE_HOME/config/ias.properties

file.

Summary of Contents for Application Server 10g

Page 1: ...Oracle Application Server Installation Guide 10g 10 1 4 0 1 for HP UX Itanium B32100 01 September 2006 ...

Page 2: ...al Acquisition Regulation and agency specific supplemental regulations As such use duplication disclosure modification and adaptation of the Programs including documentation and technical data shall be subject to the licensing restrictions set forth in the applicable Oracle license agreement and to the extent applicable the additional rights set forth in FAR 52 227 19 Commercial Computer Software ...

Page 3: ...test Oracle Application Server Hardware and Software Requirements 2 1 2 2 System Requirements 2 2 2 2 1 Installing from the Console or X Windows 2 5 2 2 2 Tips for Reducing Memory Usage 2 5 2 3 Software Requirements 2 5 2 4 Kernel Parameters 2 7 2 4 1 Kernel Parameter Settings for OracleAS Metadata Repository 2 7 2 5 Ports 2 8 2 5 1 Checking If a Port Is in Use 2 9 2 5 2 Using Default Port Numbers...

Page 4: ...ngs You Should Know Before Starting the Installation 3 1 Oracle Home Directory 3 1 3 1 1 Installing in an Existing Oracle Home 3 2 3 1 2 Installing in a Non Empty Oracle Home 3 2 3 2 Can I Use Symbolic Links 3 2 3 3 First Time Installation of Any Oracle Product 3 2 3 4 Installing Additional Languages 3 3 3 5 Oracle Application Server Instances and Instance Names 3 3 3 6 The ias_admin User and Rest...

Page 5: ...ify Namespace in Internet Directory Screen 4 11 4 17 How to Determine Port Numbers Used by Components 4 11 4 18 Can I Add OCA After Installation 4 12 4 19 How to Deploy Oracle Delegated Administration Services on a Separate Host 4 12 4 20 Installing OracleAS Infrastructure 4 12 4 21 Installing OracleAS Infrastructure Against an Existing Oracle Internet Directory 4 14 4 22 Installing OracleAS Metad...

Page 6: ...on 6 2 6 2 Requirements 6 3 6 2 1 Database Requirements 6 3 6 2 2 Clock Synchronization 6 4 6 3 Installation Order 6 4 6 4 Installing a Master Oracle Internet Directory 6 4 6 5 Installing an Oracle Internet Directory Replica 6 5 6 5 1 Overview of Installing a Replica 6 5 6 5 2 Installing an Oracle Internet Directory Replica with a New Database 6 5 6 5 3 Installing an Oracle Internet Directory Repl...

Page 7: ...ailover Cluster Identity Management Overview of Installation Steps 8 21 8 6 2 Distributed OracleAS Cold Failover Cluster Identity Management Details of Installation Steps 8 22 8 7 Installing Oracle Delegated Administration Services and OracleAS Single Sign On in an OracleAS Cold Failover Cluster 8 24 8 7 1 Oracle Delegated Administration Services and OracleAS Single Sign On in OracleAS Cold Failov...

Page 8: ...ad Balancer for First Node 9 10 9 5 3 3 Configure the Load Balancer to Return Immediately to the Calling Client 9 10 9 5 3 4 Ensure that the OracleAS Metadata Repository Is Not Registered with any Oracle Internet Directory 9 10 9 5 3 5 Select the Same Components for Each Node 9 10 9 5 3 6 Run the Installer 9 10 9 5 4 Installing OracleAS Cluster Identity Management on Subsequent Nodes 9 12 9 6 Inst...

Page 9: ... Oracle Application Server Instances After Installation 11 1 11 2 Passwords for Oracle Application Server Components 11 1 11 3 NFS Installations 11 2 11 4 Backup and Recovery 11 2 11 5 SSL 11 2 11 6 Operating System Locale and NLS_LANG Environment Variable 11 2 11 6 1 Check the Operating System Locale 11 2 11 6 2 Check the NLS_LANG Setting 11 2 11 7 Component Configuration After Installation 11 3 ...

Page 10: ...bers C 1 C 3 Ports to Open in Firewalls C 3 D Deinstallation and Reinstallation D 1 Deconfig Tool D 1 D 1 1 Parameters D 2 D 1 2 Log Files Generated by the Deconfig Tool D 3 D 2 Deinstallation Procedure Overview D 3 D 3 Deinstalling OracleAS Cold Failover Cluster Installations D 4 D 4 Deinstalling OracleAS Single Sign On Instances in OracleAS Cluster Identity Management D 4 D 5 Deinstalling Oracle...

Page 11: ...BCA Failures F 7 F 3 15 Harmless Error Message from Database Configuration Assistant DBCA F 8 F 3 16 OPMN Configuration Assistant Start HTTP Server Failures F 8 F 3 17 OPMN Configuration Assistant Start DAS Instance Failures F 9 F 3 18 OPMN Configuration Assistant Start OCA Failures F 9 F 3 19 WARNING DCM service may not be available at this time F 9 F 3 20 OracleAS Cluster Identity Management Clu...

Page 12: ...xii ...

Page 13: ...at make information available to users of assistive technology This documentation is available in HTML format and contains markup to facilitate access by the disabled community Accessibility standards will continue to evolve over time and Oracle is actively engaged with other market leading technology vendors to address technical obstacles so that our documentation can be accessible to all of our ...

Page 14: ...pplication Server Concepts Oracle Application Server High Availability Guide Conventions The following text conventions are used in this document Convention Meaning boldface Boldface type indicates graphical user interface elements associated with an action or terms defined in text or the glossary italic Italic type indicates book titles emphasis or placeholder variables for which you supply parti...

Page 15: ...ces implemented on the Oracle Database Oracle Identity Federation Provides standards based multi protocol and cross domain single sign on Oracle Security Developer Tools Provides a APIs for developing federation and secure web services applications Oracle Access Manager Provides a state of the art solution for centralized identity administration and access control Oracle Identity Manager Provides ...

Page 16: ...tion Server 10g 10 1 4 0 1 Identity Management with an existing Oracle Application Server environment that includes 10g 9 0 4 10g Release 2 10 1 2 or 10g Release 3 10 1 3 middle tier 10g 9 0 4 or 10g Release 2 10 1 2 OracleAS Metadata Repository You can integrate Oracle Application Server 10g 10 1 4 0 1 Metadata Repository with an existing Oracle Application Server environment that includes 10g Re...

Page 17: ...acleAS Single Sign On Oracle Access Manager Oracle Application Server Java Authentication and Authorization Service JAAS Provider LDAP Each of these topologies contains a web tier an application tier and a data tier The three tiers are separated by firewalls myJ2EECompany in the Oracle Application Server Enterprise Deployment Guide Oracle Identity Federation Topologies An Oracle Identity Federatio...

Page 18: ... Access Manager in the Oracle Application Server High Availability Guide An OracleAS Cold Failover Cluster configuration in which two or more Oracle Identity Federation instances serve the same content but only one instance is active at any one time High Availability for Oracle Identity Federation in the Oracle Application Server High Availability Guide OracleAS Cold Failover Cluster or Real Appli...

Page 19: ...e See the Oracle Application Server Metadata Repository Creation Assistant User s Guide for details 1 3 2 Installing a Distributed Oracle Identity Management with an Integrated Oracle HTTP Server In this topology there are two Oracle Homes as depicted in Figure 1 2 The first Oracle Home contains Oracle HTTP Server OracleAS Single Sign On and Oracle Delegated Administration Services The second Orac...

Page 20: ... following steps Select Oracle Internet Directory Do not select Oracle Application Server Single Sign On Do not select Oracle Application Server Delegated Administration Services Select Oracle Directory Integration Platform Do not select Oracle Application Server Certificate Authority OCA Select High Availability and Replication 3 For Oracle Home 1 follow the installation instructions in Section 4...

Page 21: ...n opmnctl startall 1 3 3 Installing a Distributed Oracle Identity Management with a Standalone Oracle HTTP Server In this topology there are three Oracle Homes as depicted in Figure 1 3 The first Oracle Home contains Oracle HTTP Server The second Oracle Home contains OracleAS Single Sign On and Oracle Delegated Administration Services The second Oracle Home contains Oracle Internet Directory and O...

Page 22: ...s Select Oracle Directory Integration Platform Do not select Oracle Application Server Certificate Authority OCA Select High Availability and Replication 4 For Oracle Home 2 follow the installation instructions in Section 4 24 Installing Oracle Identity Management Components Only Excluding Oracle Internet Directory On the Select Configuration Options screen perform the following steps Do not selec...

Page 23: ... standalone Oracle HTTP Server in Oracle Home 1 See Configuring Standalone Oracle HTTP Server with Oracle Application Server in Oracle HTTP Server Administering a Standalone Deployment Based on Apache 2 0 in the 10g Release 2 10 1 2 or 10g Release 3 10 1 3 documentation library ...

Page 24: ...Recommended Topologies 1 10 Oracle Application Server Installation Guide ...

Page 25: ...s Section 2 4 Kernel Parameters Lists required values for kernel parameters Section 2 5 Ports Describes how to configure components to use ports other than the default ports Section 2 6 Operating System Groups Describes why the operating system user who installs Oracle Application Server should belong to certain operating system groups Section 2 7 Operating System User Describes why you should cre...

Page 26: ...Installer executeSysPrereqs DVD ROM prompt mount_point application_server runInstaller executeSysPrereqs The results are displayed on the screen as well as written to a log file For more information on the types of checks performed see Section 2 11 Prerequisite Checks Performed by the Installer Table 2 2 System Requirements Item Requirement Operating system HP UX 11i Version 2 11 23 Itanium or hig...

Page 27: ...ion the best practice is to load test your site Resource requirements can vary substantially for different applications and different usage patterns In addition some operating system utilities for monitoring memory can overstate memory usage partially due to the representation of shared memory The preferred method for determining memory requirements is to monitor the improvement in performance res...

Page 28: ...ed by Installer No Space in tmp or directory 400 MB To determine the amount of free disk space in the tmp directory use the bdf command prompt bdf tmp If the tmp directory does not have enough free space you can specify a different directory by setting the TMP or TMPDIR environment variable See Section 2 8 5 TMP and TMPDIR for details Checked by Installer Yes Swap space 1 5 GB of available swap sp...

Page 29: ...pplication Server Control can consume a lot of memory Running Application Server Control only when you need it can free up memory for other components Configure Application Server Control so that it can manage multiple instances See the Oracle Application Server Administrator s Guide for details 2 3 Software Requirements Check that the software listed in Table 2 3 is installed on the system The pr...

Page 30: ...is installed enter a command similar to the following usr sbin swlist l patch grep PHKL_29198 Alternatively to list all installed patches enter the following command Patches for 11 11 or higher versions BUNDLE11i B 11 23 0409 3 Patch Bundle for HP UX 11i v2 B 11 23 September 2004 PHSS_31850 11 23 assembler patch PHSS_31851 11 23 Integrity Unwind Library PHSS_31854 11 23 milli cumulative patch PHSS...

Page 31: ...sitory Verify that the kernel parameters shown in the following table are set either to the formula shown or to values greater than or equal to the recommended value shown The procedures following the table describe how to verify and set the values Parameter Recommended Formula or Value ksi_alloc_max nproc 8 max_thread_proc 3000 maxdsiz 2063835136 2 GB maxdsiz_64bit 2147483648 2 GB maxfiles 2048 m...

Page 32: ...s step 5 Exit from SAM 6 If you modified the value specified for any parameter reboot the system sbin shutdown r now 7 If necessary when the system restarts log in and switch user to root 2 5 Ports Many Oracle Application Server components such as Oracle HTTP Server OracleAS Web Cache and Oracle Enterprise Manager 10g use ports You can have the installer assign default port numbers or use port num...

Page 33: ...e the static ports feature which enables you to specify port numbers for components Although you can change the port number after installation it is easier to set the port number during installation 2 5 1 Checking If a Port Is in Use To check if a port is being used you can run the netstat command as follows prompt netstat an grep portnum 2 5 2 Using Default Port Numbers If you want to use the def...

Page 34: ...that if you want to use these port numbers for Oracle Internet Directory you must either delete or comment out these lines in the etc services file To comment out a line add a at the beginning of the line as shown ldap 389 tcp Lightweight Directory Access Protocol ldap 389 udp Lightweight Directory Access Protocol ldaps 636 tcp LDAP protocol over TLS SSL was sldap ldaps 636 udp LDAP protocol over ...

Page 35: ... Edit the local copy the file on the hard disk to include the desired port numbers You do not need to specify port numbers for all components in the staticports ini file If a component is not listed in the file the installer uses the default port number for that component Note that the staticports ini may contain ports for components that are not included in 10g 10 1 4 0 1 You cannot change the po...

Page 36: ...rise Manager Agent port in portlist ini 2 5 3 2 Error Conditions that Will Cause the Installer to Use Default Ports Instead of Specified Ports Check your staticports ini file carefully because a mistake can cause the installer to use default ports without displaying any warning Here are some things that you should check If you specify the same port for more than one component the installer will us...

Page 37: ...ou must specify a full path to the staticports ini file 2 5 3 3 Example This example configures Oracle HTTP Server to use ports 80 and 443 Create a staticports ini file that includes the following lines Oracle HTTP Server port 80 Oracle HTTP Server Listen port 80 Oracle HTTP Server SSL port 443 Oracle HTTP Server Listen SSL port 443 2 5 4 If Port 1521 Is in Use The installer configures port 1521 f...

Page 38: ...nd Listener Version Is Earlier Than 10 1 0 2 Listeners earlier than version 10 1 0 2 are not compatible with the OracleAS Metadata Repository from this Oracle Application Server release What you need to do is to install the OracleAS Metadata Repository which installs a version 10 1 0 3 listener You can then use this new listener to service your existing database and the OracleAS Metadata Repositor...

Page 39: ... existing listener s configuration file If the existing listener s configuration file contains SID_DESC entries for the existing database you need to add these entries to the OracleAS Metadata Repository listener s configuration file c Do not start the existing listener version earlier than 10 1 0 2 Now that the new listener supports both databases you do not need to run the existing listener any ...

Page 40: ...to own the inventory directory The installer writes its files in the inventory directory to keep track of the Oracle products installed on the computer This guide uses the name oinstall for this operating system group By having a separate group for the inventory directory you allow different users to install Oracle products on the computer Users need write permission for the inventory directory Th...

Page 41: ...oducts If the computer contains other Oracle products you might already have a user for this purpose Look in the var opt oracle oraInst loc file This file lists the location of the inventory directory and the group who owns it If the file does not exist the computer does not have Oracle products installed on it If you do not already have a user for installing Oracle products create a user with the...

Page 42: ...ator 2 8 Environment Variables The operating system user who will be installing Oracle Application Server needs to set or unset the following environment variables Table 2 8 summarizes whether you set or unset an environment variable 2 8 1 Environment Variable Tips Here are some tips when working with environment variables Login shell The default login shell can be the C Bourne or Korn shell Note ...

Page 43: ...SPATH and LD_LIBRARY_PATH environment variables so that they do not reference any Oracle home directories 2 8 4 DISPLAY Set the DISPLAY environment variable to point to the X server that will display the installer The format of the DISPLAY environment variable is hostname display_number screen_number Example C shell setenv DISPLAY test mydomain com 0 0 Example Bourne or Korn shell DISPLAY test myd...

Page 44: ...ent variable to point to a different directory or free up enough space in the default directory In either case you have to restart the installation 2 8 6 TNS_ADMIN This section describes two requirements The TNS_ADMIN environment variable must not be set If set it can cause errors during installation Section F 3 14 Database Configuration Assistant DBCA Failures shows such an error The etc and the ...

Page 45: ...t mydomain com incorrect format the installer would display dc primaryHost dc com as the default Oracle Identity Management realm This is probably not the value that you want for the default Oracle Identity Management realm 2 9 2 Hostname for OracleAS Single Sign On If you are installing OracleAS Single Sign On and your hosts file contains only the hostname of your computer without the domain name...

Page 46: ..._HOSTNAME is not set and you are installing on a computer that has multiple network cards Oracle Universal Installer determines the hostname by using the first name in the etc hosts file Clients must be able to access the computer using this hostname or using aliases for this hostname To check ping the hostname from the client computers using the short name hostname only and the full name hostname...

Page 47: ...omputer that will be running Oracle Application Server prompt path to hard drive Disk1 runInstaller To Copy the application_server Directory from the DVD ROM 1 optional Create a directory to contain the application_server directory 2 Copy the application_server directory from the DVD ROM to your hard disk prompt cp pr dvd_mount_point application_server path to hard drive To run the installer from ...

Page 48: ...racle Universal Installer 2 10 4 Installing on Remote Computers You can run the installer on a remote computer remote_computer but have the installer screens display on your local computer local_computer The installer will install Oracle Application Server on the remote computer 1 Allow remote_computer to display on local_computer You need to run this command on the local computer s console local_...

Page 49: ...o fail To check the latest certification list for any updates visit Oracle Technology Network http www oracle com technology 2 10 6 Running Multiple Instances from One Installation Oracle Application Server components are intended to be run only on the computer where they are installed You cannot run the components on remote computers even though the computers can access the files through NFS Figu...

Page 50: ...meters See Section 2 4 Kernel Parameters for a list of required kernel parameters Memory See Table 2 2 for recommended values Swap space See Table 2 2 for recommended values TMP space See Table 2 2 for recommended values Instance name The installer checks that the computer on which you are installing Oracle Application Server does not already have an instance of the same name Oracle home directory...

Page 51: ...ure into any Oracle9iAS 9 0 2 9 0 3 or 9 0 4 Oracle home OracleAS Infrastructure into an Oracle Application Server 10g 10 1 4 0 1 middle tier or OracleAS Developer Kits Oracle home OracleAS Infrastructure into an Oracle Developer Suite 9 0 2 9 0 4 or 10g 10 1 4 0 1 Oracle home OracleAS Infrastructure or middle tier into an Oracle home installed from the Business Intelligence CD ROM Port 1521 The i...

Page 52: ...CFS Oracle Enterprise Manager directories are writable The installer runs this check only if you are expanding a middle tier or if you are reinstalling Oracle Application Server in the same Oracle home The installer checks that these directories are writable by the operating system user running the installer ORACLE_HOME sysman emd ORACLE_HOME sysman config ORACLE_HOME sysman webapps emd WEB INF co...

Page 53: ...t Certain Times During Installation Section 3 10 Running root sh During Installation Section 3 11 Can I Modify Other Oracle Application Server Instances During Installation Section 3 12 Connecting to Oracle Internet Directory Through SSL Connections Section 3 13 Obtaining Software from Oracle E Delivery Section 3 14 Setting the Mount Point for the CD ROM or DVD Section 3 15 Starting the Oracle Uni...

Page 54: ...u run the following commands prompt mkdir home basedir prompt ln s home basedir home linkdir then when you run the installer you can specify home linkdir as the Oracle Home After installation you cannot create symbolic links to the Oracle Home You also may not move the Oracle Home to a different location and create a symbolic link to the original Oracle Home 3 3 First Time Installation of Any Orac...

Page 55: ...ble it will fall back on the server locale language For other components available languages are installed regardless of what you select during installation In this case however fonts are installed only for the languages that are explicitly selected When you access the application it uses text in your language because the language was installed However if you do not have the appropriate fonts to r...

Page 56: ... that are installed in that instance if the components are running or stopped and the log files for the components The Application Server Control is a browser based administration tool for Oracle Application Server See the Oracle Application Server Administrator s Guide for details about this administration tool In addition some dcmctl commands require an instance name as a parameter dcmctl is a c...

Page 57: ... Application Server Control to manage Oracle Application Server you log on as the ias_admin user For middle tier installations if you want to install a larger middle tier in an ORACLE_HOME that already contains a middle tier for example you want to install the Portal and Wireless type over an existing J2EE and Web Cache type you must enter the existing password during the installation If you forge...

Page 58: ... Copying coraenv to usr local bin After you run root sh you may see warnings that begin with chmod WARNING Corresponding set ID also disabled You may ignore these warnings 3 11 Can I Modify Other Oracle Application Server Instances During Installation During the installation of an Oracle Application Server instance you should not change the configuration or passwords of other installations in your...

Page 59: ...ing for is in the License and Options section of the E Pack README Oracle recommends that you print the README for reference 3 13 2 Finding Required and Optional Downloads Refer to the README link that is on each E Pack Download page In addition to listing the licensable products and options contained in the pack the README lists downloadable files that are required to run each product and which d...

Page 60: ... Application Server CD ROMs are in RockRidge format The DVD is in DVD format To mount the first disc 1 Insert Oracle Application Server disk 1 into the disk drive 2 Create the SD_CDROM directory if it does not already exist usr bin mkdir SD_CDROM 3 Enter a command similar to the following usr sbin mount F cdfs o rr dev dsk cxdytz SD_CDROM In the preceding example SD_CDROM is the disk mount point d...

Page 61: ...application_server runInstaller Hard Drive prompt cd disk1_directory prompt runInstaller where disk1_directory is the directory where you unzipped the Disk 1 file This launches Oracle Universal Installer through which you install Oracle Application Server Notes Be sure you are not logged in as the root user when you start the Oracle Universal Installer The installer gives an error message if you t...

Page 62: ...Starting the Oracle Universal Installer 3 10 Oracle Application Server Installation Guide ...

Page 63: ...leAS Metadata Repository Section 4 12 Can I Use Multiple Metadata Repositories Section 4 13 What High Availability Options Does Oracle Application Server Support Section 4 14 Restrictions on the Passwords for the SYS SYSTEM SYSMAN and DBSNMP Users Section 4 15 Support for NE8ISO8859P10 and CEL8ISO8859P14 Characters Sets Section 4 16 What Do I Enter in the Specify Namespace in Internet Directory Sc...

Page 64: ... and the Oracle Identity Management components on another computer Within the Oracle Identity Management option you can install Oracle Identity Management components over multiple computers as well These options also enable you to create a new database or use an existing database for the OracleAS Metadata Repository Selecting either the OracleAS Metadata Repository or the OracleAS Metadata Reposit...

Page 65: ...ity Management components The installer prompts you to enter the connect information for the OracleAS Metadata Repository database See Section 4 23 Installing Oracle Identity Management Components Only Including Oracle Internet Directory for the step by step procedure The installer registers the OracleAS Metadata Repository with the newly created Oracle Internet Directory See Section 4 10 Registra...

Page 66: ...Install In this configuration the OracleAS Metadata Repository and the Oracle Identity Management components run from the same Oracle home To install this configuration install the OracleAS Metadata Repository and the Oracle Identity Management components at the same time For installation steps see Section 4 20 Installing OracleAS Infrastructure In this configuration the OracleAS Metadata Reposito...

Page 67: ...isting database See the Oracle Application Server Metadata Repository Creation Assistant User s Guide for details 2 Install Oracle Internet Directory See Section 4 25 Installing Oracle Internet Directory Only 3 Install the remaining Oracle Identity Management components See Section 4 24 Installing Oracle Identity Management Components Only Excluding Oracle Internet Directory In this configuration ...

Page 68: ...mponents These components are optional but you might want to install them because they provide the following services Oracle Delegated Administration Services provide a browser based interface to Oracle Internet Directory Users can use the interface to perform tasks such as changing their passwords searching for other users in the directory and creating groups Users can even create additional user...

Page 69: ... 4 10 Registration of OracleAS Metadata Repository in Oracle Internet Directory and Password Randomization The OracleAS Metadata Repository and the Oracle Internet Directory work closely together Before you can use an OracleAS Metadata Repository in most cases ensure that it is registered with an Oracle Internet Directory An exception to this rule is when you want to use a J2EE and Web Cache middl...

Page 70: ...adata repository schemas are given new randomized passwords Install the OracleAS Metadata Repository only without installing Oracle Identity Management components and you choose to register it with Oracle Internet Directory This scenario applies to installing it in a new database or in an existing database To install OracleAS Metadata Repository in a new database see Section 4 22 Installing Oracle...

Page 71: ...d repositories This is the metadata repository that the middle tier will use for its product metadata To use a second metadata repository for a J2EE and Web Cache middle tier you have different options depending on which J2EE and Web Cache features you need If you need both the Oracle Identity Management Access feature and the Database Based Farm feature you need to register the second metadata re...

Page 72: ...mpts you to set the passwords for the SYS SYSTEM SYSMAN and DBSNMP Notes If you are installing multiple metadata repositories on the same computer each metadata repository must have a unique global database name and system identifier SID If you are registering multiple metadata repositories with the same Oracle Internet Directory each metadata repository must have a unique global database name and...

Page 73: ...59P10 or CEL8ISO8859P14 character sets If you configure the database to use a character set not supported by Java you will get an Unsupported IANA character encoding error in OracleAS Portal 4 16 What Do I Enter in the Specify Namespace in Internet Directory Screen The distinguished name DN that you specify on this screen will be designated as the namespace in Oracle Internet Directory where users...

Page 74: ...me computer as the OracleAS Infrastructure instance you might want to consider this option for performance reasons The second option requires running two databases on the same computer this could degrade performance See Section 4 24 Installing Oracle Identity Management Components Only Excluding Oracle Internet Directory for details In the Select Configuration Options screen select Oracle Applicat...

Page 75: ...the default Oracle Identity Management realm Ensure the value shown in Suggested Namespace meets your deployment needs If not enter the desired value in Custom Namespace See Section 4 16 What Do I Enter in the Specify Namespace in Internet Directory Screen Click Next 5 OCA screens If you select Oracle Application Server Certificate Authority OCA in the Select Configuration Options screen the insta...

Page 76: ... Existing Oracle Internet Directory Screen Action 1 Start up the installer and complete the first few screens See Section 4 27 Install Fragment The First Few Screens of the Installation for details Notes In the Select Installation Type screen select Identity Management and Metadata Repository 2 Select Configuration Options Do not select Oracle Internet Directory because you want to use an existing...

Page 77: ...figuration Options screen the installer displays screens where you need to enter OCA information See Section 4 30 Install Fragment OCA Screens 7 Oracle Database screens Enter information for the OracleAS Metadata Repository database See Section 4 29 Install Fragment Database Screens 8 Specify Instance Name and ias_admin Password Instance Name Enter a name for this infrastructure instance Instance ...

Page 78: ...tory If you do not have an Oracle Internet Directory or do not know its connect information select No Click Next 4 Specify Oracle Internet Directory Login This screen appears only if you selected Yes in the previous screen Username Enter the username for logging into Oracle Internet Directory The user must belong to the iAS Admins group in Oracle Internet Directory Password Enter the password Real...

Page 79: ...acle Delegated Administration Services or the Oracle Directory Integration Platform Components Select Oracle Application Server Certificate Authority OCA if you want to configure your own certificate authority which can issue certificates for users and servers Do not select High Availability and Replication Click Next 3 Specify Port Configuration Options If you want to use default ports for the co...

Page 80: ...ns See Section 4 30 Install Fragment OCA Screens for details 7 Specify Instance Name and ias_admin Password Instance Name Enter a name for this infrastructure instance Instance names can contain alphanumeric characters and the _ underscore character If you have more than one Oracle Application Server instance on a computer the instance names must be unique See Section 3 5 Oracle Application Server...

Page 81: ...r the components select Automatic If you do not want to use the default ports and you have created a staticports ini file select Manual and enter the fullpath to your staticports ini file Click Next 4 Register with Oracle Internet Directory Hostname Enter the name of the computer where Oracle Internet Directory is running SSL Port Enter the SSL port at which Oracle Internet Directory is listening ...

Page 82: ... on the password Example welcome99 Click Next 9 Finish the installation See Section 4 28 Install Fragment The Last Few Screens of the Installation for details Table 4 10 Steps for Installing Oracle Internet Directory Screen Action 1 Start up the installer and complete the first few screens See Section 4 27 Install Fragment The First Few Screens of the Installation for details Notes In the Select I...

Page 83: ...fault Oracle Identity Management realm Ensure the value shown in Suggested Namespace meets your deployment needs If not enter the desired value in Custom Namespace See Section 4 16 What Do I Enter in the Specify Namespace in Internet Directory Screen Click Next 6 Specify Instance Name and ias_admin Password Instance Name Enter a name for this infrastructure instance Instance names can contain alph...

Page 84: ...etermine Port Numbers Used by Components if you do not know the port number Click Next 5 Specify Oracle Internet Directory Login Username Enter the username to log in to Oracle Internet Directory You must log in as a user who belongs to the Trusted Application Admins group and to the iAS Admins group in Oracle Internet Directory Password Enter the password for the username Realm Enter the realm ag...

Page 85: ...ppears only if this is the first installation of any Oracle product on this computer Run the orainstRoot sh script in a different shell as the root user The script is located in the oraInventory directory After running the script click Continue 5 Specify File Locations Name Enter a name to identify this Oracle home The name can consist of alphanumeric and the underscore _ characters only and canno...

Page 86: ...MP environment variable to point to a different directory or free up enough space in the default temp directory For details on the TMP environment variable see Section 2 8 5 TMP and TMPDIR 9 Upgrade Existing Oracle9iAS Infrastructure This screen appears if the installer detects an Infrastructure Release 2 9 0 2 instance on the computer and you selected to install OracleAS Infrastructure This scree...

Page 87: ...script is located in this instance s Oracle home directory 2 Click OK 4 Configuration Assistants This screen shows the progress of the configuration assistants Configuration assistants configure components 5 End of Installation Click Exit to quit the installer Welcome Specify Hardware Cluster Installation Mode Specify File Locations Specify Inventory Directory and Credentials Select a Product to I...

Page 88: ...r this and this will lead to errors later during the installation process SID Enter the system identifier for the OracleAS Metadata Repository database Typically this is the same as the global database name but without the domain name The SID must be unique across all databases on this system SIDs have the following naming restrictions Must contain alphanumeric characters only Must not be longer t...

Page 89: ...ory The Oracle Internet Directory must contain the registration for the OracleAS Metadata Repository that you want to use Select the OracleAS Metadata Repository that you want OCA to use Click Next 2 Specify OCA Distinguished Name OCA uses the DN specified on this screen to populate the Issuer field of certificates that it issues Typical DN Use this section if your DN uses only the attributes list...

Page 90: ...s It must contain at least eight characters It must contain at least one alphabetic character It must contain at least one non alphabetic character for example a number Its first character cannot be a number You need this password to manage OCA This password is also used by the OCA Configuration Assistant You can change the password after installation using the ocactl command See the OCA Online He...

Page 91: ...ction 5 4 Groups Required to Install Middle Tiers Section 5 5 Groups Required to Install Additional Metadata Repositories Section 5 6 Example of Installation with Different Users Section 5 7 How to Create Users in Oracle Internet Directory Section 5 8 How to Add Users to Groups in Oracle Internet Directory Section 5 9 Contents of a New Oracle Internet Directory Section 5 10 On the Specify Login fo...

Page 92: ...tory Administrator s Guide 5 2 Groups in Oracle Internet Directory Groups in Oracle Internet Directory can be classified into these categories Section 5 2 1 Global Groups Section 5 2 2 Groups for Each Metadata Repository Section 5 2 3 Groups for Each Component 5 2 1 Global Groups Table 5 1 describes the groups that affect all Oracle Application Server instances and components registered with Oracl...

Page 93: ...id tiers orclReferenceName dbName cn IAS Infrastructure Databases cn IAS cn Products cn OracleContext Mid Tier Administrators have the following privileges Add remove middle tier instances from the Associated Middle Tiers group for this repository This is required to install a middle tier or to configure a middle tier component to use a different repository Access metadata for the repository datab...

Page 94: ...ins iAS Admins Mid Tier Admins group for the metadata repository used by OracleAS Single Sign On If you are unsure which metadata repository is used by OracleAS Single Sign On see To Determine the Metadata Repository Used by OracleAS Single Sign On on page 5 6 Component Owners for the Oracle Delegated Administration Services component Note This is required only if you are installing multiple insta...

Page 95: ...ata repository Portal and Wireless and Business Intelligence and Forms Middle tier Components OracleAS Portal Trusted Application Admins IAS User Management Application Admins iAS Admins Mid Tier Admins or Repository Owners group for the metadata repository Component Owners group for the OracleAS Portal component Note This group is applicable only when you are installing additional OracleAS Portal...

Page 96: ...acleAS Wireless component Note This group is applicable only when you are installing additional OracleAS Wireless instances It does not apply for the first OracleAS Wireless installation For subsequent OracleAS Wireless installations you can perform the installation as the same Oracle Internet Directory user who performed the first installation If you want to allow a different Oracle Internet Dire...

Page 97: ... to these groups IAS Admins group Mid Tier Admins group for the metadata repository to be used with the middle tier When the installer prompts for the OracleAS Metadata Repository to use with this middle tier the installer displays only the metadata repositories for which the user is a mid tier admin For example in Figure 5 2 userA can see only the repository for orcl oracle com and userB can see ...

Page 98: ...ta repository 5 6 Example of Installation with Different Users Figure 5 2 shows an Oracle Internet Directory with two metadata repositories and two middle tiers installed by different users Oracle Context Products IAS Groups IAS Instances Infrastructure DB Portal and Wireless 1 Repository Owners Members orcladmin userA Mid tier Admins IAS Instances Members orcladmin Members Portal and Wireless 1 o...

Page 99: ... group of orcl oracle com This enables userA to use the orcl oracle com repository for this middle tier Note that this group is required only if you install the J2EE and Web Cache middle tier with the OracleAS Database Based Cluster option If you install the middle tier without this option userA does not need to belong to this Mid Tier Admins group iAS Admins group The installer registers this mid...

Page 100: ...d Tiers group for orcl1 oracle com 5 7 How to Create Users in Oracle Internet Directory You can create users in Oracle Internet Directory using the Self Service Console which is part of the Oracle Delegated Administration Services See the Oracle Internet Directory Administrator s Guide for details 5 8 How to Add Users to Groups in Oracle Internet Directory To add users to groups in Oracle Internet...

Page 101: ...racle Internet Directory and the port number on which Oracle Internet Directory is listening Click Login 3 On the left side navigate to the group to which you want to add users Select the group on the left side to display its attributes on the right side To navigate to global groups see Section 5 8 1 1 Navigating to Global Groups To navigate to metadata repository groups see Section 5 8 1 2 Naviga...

Page 102: ...s See Figure 5 4 for a screenshot 1 Expand the top level entry Oracle Internet Directory Servers 2 Expand the specific Oracle Internet Directory 3 Expand the following entries Entry Management cn OracleContext cn Products cn IAS cn IAS Infrastructure Databases orclReferenceName dbName where dbName is the name of the OracleAS Metadata Repository database 4 Click the group to which you want to add u...

Page 103: ...ernet Directory Servers 2 Expand the specific Oracle Internet Directory 3 Expand the following entries Entry Management cn OracleContext cn Products 4 Expand the particular component for example cn DAS whose groups you want to add users to 5 Expand orclApplicationCommonName appName where appName is specific to the component and application server instance If you have installed multiple instances o...

Page 104: ...Console which is installed as part of Oracle Delegated Administration Services you can add users to or remove users from the following groups Repository Owners Mid Tier Administrators Component Owners To add users to these groups Note You can add users to these groups only if these groups have existing members other than the cn orcladmin superuser If the only member of these groups is the superuse...

Page 105: ... the page that displays the current owners click Add 4 Enter the first few characters of the user s name in the Search field and click Go If you leave the Search field empty and click Go you would get a list of all users in Oracle Internet Directory 5 Select the user that you want to add to the Repository Owners group and click Select 6 Click Submit on the Manage Repository Owners page 1 Click the...

Page 106: ...3 The cn orcladmin superuser is a member of the Component Owners group To enable other users to install additional instances of Oracle Delegated Administration Services log in as cn orcladmin in Oracle Directory Manager and add the users to the Component Owners group See Section 5 8 1 Using Oracle Directory Manager to Add Users to Groups Figure 5 6 Contents of a New Oracle Internet Directory 5 10 ...

Page 107: ...ing and configuring certain components See Table 5 4 for details If you want to specify the superuser enter cn orcladmin not just orcladmin Realm The Realm field appears only if your Oracle Internet Directory contains more than one realm The username that you enter is authenticated against the specified realm If you are unsure what the realm name is contact your Oracle Internet Directory administr...

Page 108: ...On the Specify Login for Oracle Internet Directory Screen What Username and Realm Do I Enter 5 18 Oracle Application Server Installation Guide ...

Page 109: ...s own OracleAS Metadata Repository The Oracle Internet Directory instances synchronize the data in the metadata repositories so that the data in the repositories are loosely consistent This means that the data in the repositories are not guaranteed to be synchronized in real time but the data become identical within an acceptable time interval For More Information This chapter provides information...

Page 110: ...r to fan out replication The procedure for installing a master Oracle Internet Directory is the same as installing a regular non replicated Oracle Internet Directory The procedure for installing replicas is different When installing a replica you must select the High Availability and Replication option in the Select Configuration Options screen and you need to provide connect information to the ma...

Page 111: ...acle Application Server components such as the OracleAS Metadata Repository OracleAS Single Sign On Oracle Delegated Administration Services and or Oracle Directory Integration Platform 6 2 Requirements Check that you meet the following requirements for installing Oracle Internet Directory in replication mode Section 6 2 1 Database Requirements Section 6 2 2 Clock Synchronization 6 2 1 Database Re...

Page 112: ...w database Notes In the Select Configuration Options screen you must select Oracle Internet Directory You can select other components to configure as desired Also in the Select Configuration Options screen you do not need to select High Availability and Replication Select this option only if you are installing this Oracle Application Server instance in a high availability configuration If you sele...

Page 113: ...nternet Directory must not already contain a registration for a database with the same global database name or SID as the OracleAS Metadata Repository to be used for the replica The OracleAS Metadata Repository for the replica cannot already be registered with any Oracle Internet Directory 6 5 2 Installing an Oracle Internet Directory Replica with a New Database Follow these steps to install an Or...

Page 114: ...er the port at which the master Oracle Internet Directory is listening Do not select Use only SSL connections with this Oracle Internet Directory If you want Oracle Internet Directory to run in SSL only mode you can make this configuration change after installation See the Oracle Application Server Administrator s Guide for details Click Next 7 Specify Master Oracle Internet Directory Login Userna...

Page 115: ...base schemas SYS SYSTEM SYSMAN and DBSNMP You can set different passwords for each schema or you can set the same password for all the schemas See Section 4 14 Restrictions on the Passwords for the SYS SYSTEM SYSMAN and DBSNMP Users for rules on setting passwords for these accounts Click Next 12 Specify Instance Name and ias_admin Password Instance Name Enter a name for this infrastructure instanc...

Page 116: ... Automatic If you do not want to use the default ports and you have created a staticports ini file select Manual and enter the fullpath to your staticports ini file in the provided field Click Next 4 Specify Repository Enter information for the OracleAS Metadata Repository that you want to use for the replica Notes This OracleAS Metadata Repository cannot already be registered with any Oracle Inte...

Page 117: ... 4 16 What Do I Enter in the Specify Namespace in Internet Directory Screen Click Next 10 OCA screens If you selected Oracle Application Server Certificate Authority OCA in the Select Configuration Options screen the installer displays screens for configuring OCA See Section 4 30 Install Fragment OCA Screens for details 11 Specify Instance Name and ias_admin Password Instance Name Enter a name for...

Page 118: ...ample 1 Enter the URL for OracleAS Single Sign On or Oracle Delegated Administration Services in your browser For OracleAS Single Sign On the URL is http host port pls orasso For Oracle Delegated Administration Services the URL is http host port oiddas host specifies the name of the computer where you installed the Oracle Internet Directory replica port specifies the port number on which Oracle HT...

Page 119: ...te that there are multiple variants of each type Section 7 1 1 OracleAS Cold Failover Cluster Section 7 1 2 OracleAS Clusters Section 7 1 3 OracleAS Disaster Recovery Section 7 1 4 Summary of Differences For a quick summary of the high availability configurations see Section 7 1 4 Summary of Differences 7 1 1 OracleAS Cold Failover Cluster Oracle Application Server provides an active passive model...

Page 120: ...nodes can associate with the OracleAS Infrastructure without having to add this entry into their local etc hosts or equivalent file For example if the two physical hostnames of the hardware cluster are node1 mycompany com and node2 mycompany com the single view of this cluster can be provided by the name selfservice mycompany com In the DNS selfservice maps to the virtual IP address of the OracleA...

Page 121: ...ve model for all its components with OracleAS Clusters In an OracleAS Clusters two or more Oracle Application Server instances are configured to serve the same application workload These instances typically run on different nodes You need an external load balancer in front of the nodes Clients direct requests to these nodes through the load balancer which then sends the requests to one of the node...

Page 122: ...er to guard against site failures such as floods fires or earthquakes During normal operation the production site handles all the requests If the production site goes down the standby site takes over and handles all the requests Each site has all the hardware and software to run It contains nodes for running OracleAS Infrastructure and the middle tiers load balancers and DNS servers OracleAS Disas...

Page 123: ...Section 7 3 3 Check the Properties of the oracle User Section 7 3 4 Check for Previous Oracle Installations on All Nodes 7 3 1 Check Minimum Number of Nodes You need at least two nodes in a high availability configuration If a node fails for any reason the second node takes over 7 3 2 Check That Groups Are Defined Identically on All Nodes Check that the etc group file on all nodes in the cluster c...

Page 124: ...s prior to these high availability installations To check if a node contains an oraInventory directory that could be detected by the installer 1 On each node check for the existence of the oraInst loc file This file is stored in the var opt oracle directory If a node does not contain this file then it does not have an oraInventory directory that will be used by the installer You can check the next...

Page 125: ...gated Administration Services and OracleAS Single Sign On in an OracleAS Cold Failover Cluster Section 8 8 Installing Only the OracleAS Metadata Repository in an OracleAS Cold Failover Cluster Environment Section 8 9 Post Installation Steps for OracleAS Cold Failover Cluster Section 8 10 Installing Middle Tiers Against an OracleAS Cold Failover Cluster Infrastructure Section 8 11 Installing Regula...

Page 126: ...e node in the cluster is associated with a virtual hostname and virtual IP address This allows clients to access the OracleAS Cold Failover Cluster using the virtual hostname Virtual hostnames and virtual IP addresses are any valid hostname and IP address in the context of the subnet containing the hardware cluster The following example configures a virtual hostname called vhost mydomain com with ...

Page 127: ...1 www2 mydomain com 1050265 734793 lan1 1500 none none 0 0 lan0 1500 datacenter1 www1 mydomain com 39783928 41833023 lo0 4136 loopback localhost 1226188 1226196 Do not use 0 as the index number because interface 0 is typically the same as just interface on most systems For example lan0 0 is the same as lan0 on HP UX Itanium 5 Add the virtual IP address to the primary public network interface by ru...

Page 128: ...ary node 8 2 2 Set Up a File System That Can Be Mounted from Both Nodes Although the hardware cluster has shared storage you need to create a file system on this shared storage such that both nodes of the OracleAS Cold Failover Cluster can mount this file system You will use this file system for the following directories Oracle home directory for the Oracle Application Server instance The oraInven...

Page 129: ...uster then each node in a cluster must be running hardware vendor clusterware To check that the clusterware is running use the command appropriate for your clusterware 8 2 5 Modify listener ora file for Existing Database If there is an existing database on the system on which you are installing and you are performing an installation that includes OracleAS Metadata Repository you need to modify the...

Page 130: ...SCRIPTION ADDRESS_LIST ADDRESS PROTOCOL TCP HOST db_hostname PORT db_port ADDRESS PROTOCOL TCP HOST new_hostname PORT new_port In this example new_hostname is the fully qualified hostname for the new Oracle Application Server instance and new_port is the port for the new Oracle Application Server instance See Section 2 5 4 1 If Port 1521 Is In Use by an Existing Oracle Database for information on ...

Page 131: ...astructure clients including middle tier components and applications use the virtual address associated with the cluster The virtual address is associated with the active node node 1 during normal operation node 2 if node 1 goes down Clients do not need to know which node node 1 or node 2 is servicing requests You use the virtual hostname in URLs that access the infrastructure For example if vhost...

Page 132: ...AS Cold Failover Cluster Step 2 Install OracleAS Infrastructure For OracleAS Cold Failover Cluster Infrastructure you install both OracleAS Metadata Repository and Oracle Identity Management in the same Oracle home by selecting Identity Management and Metadata Repository in the Select Installation Type screen This option creates a new database for the OracleAS Metadata Repository and a new Oracle ...

Page 133: ...cate authority Select High Availability and Replication Click Next 3 Specify Port Configuration Options If you want to use default ports for the components select Automatic If you do not want to use the default ports and you have created a staticports ini file select Manual and enter the fullpath to your staticports ini file in the provided field Click Next 4 Select High Availability or Replicatio...

Page 134: ... identifier for the OracleAS Metadata Repository database Typically this is the same as the global database name but without the domain name The SID must be unique across all databases SIDs have the following naming restrictions Must contain alphanumeric characters only Must not be longer than eight characters Must not contain PORT or HOST in uppercase characters If you want the name to contain ho...

Page 135: ...ver Cluster Infrastructure Configuration Figure 8 2 shows a distributed OracleAS Cold Failover Cluster Infrastructure configuration This configuration is similar to the configuration described in Section 8 3 Installing an OracleAS Cold Failover Cluster Infrastructure Configuration except that the OracleAS Single Sign On and Oracle Delegated Administration Services components are installed separate...

Page 136: ... in an active active configuration You have a load balancer to direct requests to the nodes running these components Shared Storage Node 1 Primary Node Active Node 2 Secondary Node Physical IP 123 45 67 22 Physical IP 123 45 67 33 Virtual Hostname vhost mydomain com Virtual IP 123 45 67 11 on failover on failover Metadata Repository OID DIP oraInventory Directory OracleAS Infrastructure DAS SSO DA...

Page 137: ...reen do not select OracleAS Single Sign On Oracle Application Server Delegated Administration Services and OracleAS Certificate Authority OCA Step 3 Perform Post Installation Steps The following step is required only if you meet both of these requirements You plan to use the Automatic Storage Management ASM feature of Oracle Database 10g for the OracleAS Metadata Repository Your computer does not ...

Page 138: ...tion is actually an OracleAS Cluster Identity Management installation As such you perform the OracleAS Cluster Identity Management setup steps in Chapter 9 Installing in High Availability Environments OracleAS Cluster Identity Management Section 9 2 1 Use the Same Path for the Oracle Home Directory recommended Section 9 2 2 Synchronize Clocks on All Nodes Section 9 2 3 Configure Virtual Server Nam...

Page 139: ...e processes to node 2 Node 2 becomes the active node mounts both shared disks runs the processes and handles all requests To access the active node in an OracleAS Cold Failover Cluster clients including middle tier components and applications use the virtual hostname associated with the OracleAS Cold Failover Cluster The virtual hostname is associated with the active node node 1 during normal oper...

Page 140: ...Be Mounted from Both Nodes Section 8 2 3 Review Recommendations for Automatic Storage Management ASM 2 Install OracleAS Metadata Repository Install OracleAS Metadata Repository on your existing cold failover cluster database 3 Install the Oracle Identity Management Components Install the Oracle Identity Management components OracleAS Cold Failover Cluster Identity Management Configuration 1 Instal...

Page 141: ...acleAS Metadata Repository in an OracleAS Cold Failover Cluster Environment for details Step 3 Install the Oracle Identity Management Components You install the Oracle Identity Management on the other shared disk Follow the installation steps described in Table 8 5 Key Points When the installer prompts you for the Oracle home path enter a path on the shared disk Make sure that both nodes can acces...

Page 142: ...Note This is a critical screen when installing the infrastructure in an OracleAS Cold Failover Cluster If you do not see this screen check the following Return to the Select High Availability or Replication Option screen and ensure that you selected Virtual Host Return to the Select Configuration Options screen and ensure that you selected High Availability and Replication Virtual Hostname Enter t...

Page 143: ...tory and Oracle Directory Integration Platform firewalls to separate the tiers Tier Running the Oracle Internet Directory Oracle Directory Integration Platform and Database In this tier during normal operation the active node mounts the shared disks to access the Oracle Identity Management and database runs the Oracle Internet Directory Oracle Directory Integration Platform and database processes ...

Page 144: ...e same time and you install the files locally on each node To access these nodes clients go through a load balancer For example if the name of the load balancer is loadbalance1 mydomain com the URLs for the Oracle HTTP Server and the Application Server Control for this tier would look like the following URL for Example URL Oracle HTTP Server Welcome page http vhost mydomain com 7777 Oracle HTTP Se...

Page 145: ...ration On this tier Identity Management includes OracleAS Single Sign On Oracle Delegated Administration Services Note that the nodes in this tier are active active SSO DAS SSO DAS Oracle Home for Identity Management Load Balancer Firewall Oracle Home for Identity Management 3 4 1 Install OracleAS Metadata Repository in this database Shared Storage Node 1 Primary Node Active Node 2 Secondary Node ...

Page 146: ...steps described in Table 8 7 Key Points In the Select Installation Type screen select Identity Management In the Select Configuration Options screen select Oracle Internet Directory Oracle Directory Integration Platform and High Availability and Replication In the Select High Availability or Replication Option screen select Virtual Host In the Specify Virtual Hostname screen enter the virtual host...

Page 147: ...acleAS Metadata Repository database The user must have DBA privileges Password Enter the user s password Hostname and Port Enter the name of the computer where the database is running and the port number at which it is listening Use the format host port Service Name Enter the service name of the database Note that the service name must include the database domain name Example orcl mydomain com Cli...

Page 148: ...racleAS Cold Failover Cluster Infrastructure Configuration The difference is that in the configuration described in this section OracleAS Single Sign On and Oracle Delegated Administration Services run in an OracleAS Cold Failover Cluster configuration You need two sets of clustered nodes See Figure 8 5 One set runs the OracleAS Metadata Repository and Oracle Internet Directory and another set run...

Page 149: ...e 3 Primary Node Active Node 4 Secondary Node Physical IP 123 45 67 222 Physical IP 123 45 67 333 Virtual Hostname vhost_2 mydomain com Virtual IP 123 45 67 111 on failover Oracle Home for DAS and SSO on failover DAS SSO Shared Storage Node 1 Primary Node Active Node 2 Secondary Node Physical IP 123 45 67 22 Physical IP 123 45 67 33 Virtual Hostname vhost mydomain com Virtual IP 123 45 67 11 on fa...

Page 150: ...d set for Oracle Delegated Administration Services and OracleAS Single Sign On Section 8 2 2 Set Up a File System That Can Be Mounted from Both Nodes You need two shared disks one for each set of nodes Section 8 2 3 Review Recommendations for Automatic Storage Management ASM 2 optional Create staticports ini Files If you wish create two staticports ini files one for each set of nodes 3 Install Ora...

Page 151: ...al and enter the fullpath to the staticports ini file that you created in the previous step Step 4 Install Oracle Delegated Administration Services and OracleAS Single Sign On from Node 3 From node 3 install Oracle Delegated Administration Services and OracleAS Single Sign On on the shared disk by following the steps in Table 8 9 Key Points When the installer prompts you for the Oracle home path e...

Page 152: ...lm against which to validate the username This field appears only if your Oracle Internet Directory has multiple realms Click Next 7 Specify Virtual Hostname Note This is a critical screen when installing in an OracleAS Cold Failover Cluster If you do not see this screen check the following Return to the Select High Availability or Replication Option screen and ensure that you selected Virtual Hos...

Page 153: ...he processes that are running in the Oracle home where you installed Oracle Delegated Administration Services and OracleAS Single Sign On 1 Stop the Application Server Control prompt ORACLE_HOME bin emctl stop iasconsole 2 Stop the components prompt ORACLE_HOME opmn bin opmnctl stopall Step 7 Perform Post Installation Steps The following step is required only if you meet both of these requirements...

Page 154: ...on for details Notes In the Select Installation Type screen select Metadata Repository 2 Select Configuration Options Select High Availability and Replication Click Next 3 Select High Availability Option Select Virtual Host Click Next 4 Register Oracle Application Server Metadata Repository If you already have an Oracle Internet Directory and know its connect information select Yes and enter the n...

Page 155: ... the OracleAS Cold Failover Cluster This ensures that you can run the installer to update the Oracle home from either node in the cluster Be sure to keep the two var opt oracle directories in sync Whenever you run the installer to update the infrastructure you need to copy the oracle directory to the other node The var opt oracle directory is not used during runtime by Oracle Application Server It...

Page 156: ...0 1 If You Plan to Install Middle Tiers on OracleAS Cold Failover Cluster Nodes If you plan to install a non cold failover cluster middle tier on an OracleAS Cold Failover Cluster node primary or secondary perform these tasks before installing the middle tier Section 8 10 1 1 Create a staticports ini File for the Middle Tier Section 8 10 1 2 Rename the var opt oracle Directory Used for the Infrast...

Page 157: ... mv oracle oracle infra When the installer prompts for the inventory directory specify a directory on the local storage or on a disk other than the one where you installed the OracleAS Infrastructure When the middle tier installation is complete do the following rename operations prompt su Password root_password cd var opt mv oracle oracle mt see 1 mv oracle infra oracle see 2 1 This command renam...

Page 158: ...on on the same nodes as an OracleAS Cold Failover Cluster infrastructure then the ports used for the middle tiers must be different from the ones used for any OracleAS Infrastructure installed on the same cluster The ports must also be different from those used for other Oracle Homes on the same node To check the ports assigned to components in any Oracle Home see the Ports page on the Application...

Page 159: ...y Management Introduction In OracleAS Cluster Identity Management configurations the Oracle Identity Management components and the OracleAS Metadata Repository run on separate nodes All the nodes in an OracleAS Cluster Identity Management configuration are active Requests from clients such as middle tiers are directed to a load balancer which then directs the requests to one of the active nodes Se...

Page 160: ...nts in subsequent installations Clustering will fail if you select different components in each installation Configurations You can install OracleAS Cluster Identity Management in these configurations OracleAS Cluster Identity Management See Section 9 5 Distributed OracleAS Cluster Identity Management See Section 9 6 9 2 Pre Installation Steps for OracleAS Cluster Identity Management Before instal...

Page 161: ...or non SSL connections The installer will prompt you for the virtual server names and port numbers Enter the same virtual server name in the installer that you used to configure the LDAP and HTTP virtual servers The virtual server name may or may not be fully qualified For example if you used a fully qualified host name when you configured the LDAP virtual server then you must enter the same fully...

Page 162: ...an add that node to the virtual server For example if you have three nodes 1 Configure the LDAP virtual server to direct requests to node 1 only 2 Install Oracle Identity Management components on node 1 3 Install Oracle Identity Management components on node 2 4 Add node 2 to the LDAP virtual server 5 Install Oracle Identity Management components on node 3 6 Add node 3 to the LDAP virtual server 9...

Page 163: ...ommunications between the load balancer and Oracle HTTP Server also use HTTP See Section 9 4 1 Case 1 Client HTTP Load Balancer HTTP Oracle HTTP Server Case 2 Communications between clients and the load balancer use HTTPS and communications between the load balancer and Oracle HTTP Server also use HTTPS See Section 9 4 2 Case 2 Client HTTPS Load Balancer HTTPS Oracle HTTP Server Case 3 Communicati...

Page 164: ...l have to perform an additional post configuration step See Section 9 7 3 Update targets xml Case 2 only 9 4 3 Case 3 Client HTTPS Load Balancer HTTP Oracle HTTP Server HTTP Listener Port Enter the port number that you want Oracle HTTP Server to listen on This will be the value of the Listen directive in the httpd conf file Enable SSL Do not select this option HTTP Load Balancer Hostname Enter the...

Page 165: ...s database You also need additional nodes at least two nodes to run Oracle Identity Management components In this configuration Oracle Internet Directory OracleAS Single Sign On and Oracle Delegated Administration Services run on each node If you want to distribute these components see Section 9 6 Installing a Distributed OracleAS Cluster Identity Management Configuration These nodes are accessed ...

Page 166: ...y Management on Subsequent Nodes 9 5 1 Installation Order To create an OracleAS Cluster Identity Management configuration 1 Install the OracleAS Metadata Repository in your existing database 2 Install the Oracle Identity Management on each node You run the installer on each node separately OracleAS Cluster Identity Management Configuration On this tier Identity Management includes OracleAS Delegat...

Page 167: ...ion 9 5 3 6 Run the Installer 9 5 3 1 Create staticports ini File If you want to use custom ports for components other than Oracle HTTP Server or Oracle Internet Directory you need to create a staticports ini file for this installation If you want custom ports for Oracle HTTP Server or Oracle Internet Directory you specify them in the Specify HTTP Load Balancer Host and Listen Ports and the Specif...

Page 168: ...adata Repository Is Not Registered with any Oracle Internet Directory When you perform the installation on the first node you need to specify an OracleAS Metadata Repository that is not registered with any Oracle Internet Directory The installer checks for this If the installer finds that the OracleAS Metadata Repository is already registered with an Oracle Internet Directory then it assumes that ...

Page 169: ...net Directory When you install on subsequent nodes then the OracleAS Metadata Repository is registered with the Oracle Internet Directory on the first node Username Enter the username to use to log in to the OracleAS Metadata Repository database The user must have DBA privileges Password Enter the user s password Hostname and Port Enter the names of all the nodes where the Real Application Cluster...

Page 170: ...rver to handle SSL LDAP connections In scenario 2 enter the port that you want Oracle Internet Directory to use for SSL connections The standard port number for SSL LDAP connections is 636 but you can use any port that you want Click Next 9 Specify HTTP Listen Port Load Balancer Host and Port See Section 9 4 About Configuring SSL and Non SSL Ports for Oracle HTTP Server for details HTTP Listener P...

Page 171: ...ication Server Single Sign On Select Oracle Application Server Delegated Administration Services Select Oracle Directory Integration Platform Do not select Oracle Application Server Certificate Authority OCA Select High Availability and Replication Click Next 3 Specify Port Configuration Options Select Manual and enter the fullpath to your staticports ini file in the provided field You need to use...

Page 172: ...AP virtual server to direct requests to existing OracleAS Cluster Identity Management nodes and then add this node to the LDAP virtual server after installation See Section 9 2 4 Configure Your LDAP Virtual Server Click OK 10 Specify Oracle Internet Directory Login Username Enter the username to log in to Oracle Internet Directory You need to log in as the Oracle Internet Directory superuser cn or...

Page 173: ... You Want Oracle Internet Directory to Listen on SSL Ports Only If you want Oracle Internet Directory to listen on SSL ports only perform this configuration after you have installed OracleAS Single Sign On and Oracle Delegated Administration Services You need Oracle Internet Directory to be listening on both SSL and non SSL ports when you install OracleAS Single Sign On and Oracle Delegated Admini...

Page 174: ... Oracle Delegated Administration Services OracleAS Single Sign On 1 DAS SSO DAS SSO Oracle Home for Identity Management Load Balancer Firewall 4 5 Oracle Home for Database with OracleAS Metadata Repository inventory Directory Oracle Home for Identity Management inventory Directory On this tier Identity Management includes Oracle Internet Directory Oracle Directory Integration and Provisioning OID ...

Page 175: ...acle Application Server Metadata Repository Creation Assistant User s Guide for details 9 6 3 Installing Oracle Internet Directory on the First Node You run the installer on each node separately to install the Oracle Identity Management components 9 6 3 1 Set up staticports ini File When installing Oracle Internet Directory on the first node you do not need a load balancer You can set up and confi...

Page 176: ...tion for details Notes In the Select Installation Type screen select Oracle Identity Management 2 Select Configuration Options Select Oracle Internet Directory Do not select Oracle Application Server Single Sign On Do not select Oracle Application Server Delegated Administration Services Select Oracle Directory Integration Platform if you need this component Do not select Oracle Application Server...

Page 177: ... these steps 5 Select High Availability or Replication Option Select OracleAS Cluster Identity Management and click Next 6 Specify Namespace in Internet Directory Select the suggested namespace or enter a custom namespace for the location of the default Oracle Identity Management realm Ensure the value shown in Suggested Namespace meets your deployment needs If not enter the desired value in Custo...

Page 178: ... Oracle Internet Directory on the first node Click Next 4 Specify Repository Enter the same connect information that you entered for the first Oracle Internet Directory Username Enter the username to use to log in to the OracleAS Metadata Repository database The user must have DBA privileges Password Enter the user s password Hostname and Port Enter the name of the computer where the database is r...

Page 179: ...port port_num If you have a staticports ini file you should also use the same file for installations on subsequent nodes 7 Specify Oracle Internet Directory Login Username Enter the username to log in to the first Oracle Internet Directory You must log in as the Oracle Internet Directory superuser cn orcladmin Password Enter the password for the username Realm Enter the realm against which to vali...

Page 180: ...otes In the Select Installation Type screen select Oracle Identity Management 2 Select Configuration Options Do not select Oracle Internet Directory Select Oracle Application Server Single Sign On Select Oracle Application Server Delegated Administration Services Select Oracle Directory Integration Platform if you need this component Do not select Oracle Application Server Certificate Authority OC...

Page 181: ...alues entered on this screen should be the same for every node HTTP Listener Port Enter the port number that you want Oracle HTTP Server to listen on Enable SSL Select this option if you want to configure Oracle HTTP Server for SSL on this port HTTP Load Balancer Hostname Enter the name of the HTTP virtual server configured on your load balancer Enter the same virtual server name that you configur...

Page 182: ...you need to configure state replication for the Web applications Configure state replication only on the first node where Oracle Delegated Administration Services is installed To configure state replication for the OC4J_Security instance do the following 1 Using the Application Server Control Console navigate to the Application Server Home page for the instance that contains Oracle Delegated Admin...

Page 183: ...each node of the cluster 1 Back up the targets xml file cp ORACLE_HOME sysman emd targets xml ORACLE_HOME sysman emd targets xml BACKUP 2 Open the file and find the oracle_sso_server target type Within this target entry locate and edit the following two attributes HTTPPort the server SSL port number HTTPProtocol the server protocol which in this case is HTTPS For example you could update the two a...

Page 184: ...one Oracle Internet Directory node Installation When installing middle tiers against OracleAS Cluster Identity Management configurations follow the steps for middle tier installation described in Oracle Application Server Installation Guide for the middle tier release you are using When the installer prompts for the Oracle Internet Directory host and port enter the LDAP virtual host name configure...

Page 185: ...te is the production site and the other site is the standby site The production site is active while the standby site is passive the standby site becomes active when the production site goes down OracleAS Disaster Recovery supports a number of basic topologies for the configuration of the Infrastructure and middle tier on production and standby sites OracleAS Disaster Recovery supports these basic...

Page 186: ...CD 2 See Section 10 4 Installing the OracleAS 10g 10 1 2 0 2 Standalone Install of OracleAS Guard into Oracle Homes for more information about when this standalone kit should be installed Figure 10 1 shows an example symmetric OracleAS Disaster Recovery environment Each site has two nodes running middle tiers and a node running OracleAS Infrastructure Data Synchronization For OracleAS Disaster Rec...

Page 187: ... install Oracle Application Server in the same directory path on all nodes 10 2 2 Set Up staticports ini File The same component must use the same port number on the production and standby sites For example if Oracle HTTP Server is using port 80 on the production site it must also use port 80 on the standby site To ensure this is the case create a staticports ini file for use during installation T...

Page 188: ...unction You want to be sure that for each middle tier node on the production site the corresponding node on the standby site returns the same hostname To do this set up a local or internal hostname which could be different from the public or external hostname You can change the names of the nodes on the standby site to match the names of the corresponding nodes on the production site or you can ch...

Page 189: ...with entries for each node in the OracleAS Disaster Recovery environment For the infrastructure node use the virtual name or alias For the middle tier nodes use the node name the value in etc nodename The following example uses asha as the domain name for the new zone asmid1 asha IN A 138 1 2 333 asmid2 asha IN A 138 1 2 444 asinfra asha IN A 138 1 2 111 Do the same for the standby site Use the sa...

Page 190: ...smid1 asha IN A 213 2 2 330 asmid2 asha IN A 213 2 2 331 asinfra asha IN A 213 2 2 110 remote_infra asha IN A 138 1 2 111 Method 2 Edit the etc hosts file on each node on both sites This method does not involve configuring DNS servers but you have to maintain the hosts file on each node in the OracleAS Disaster Recovery environment For example if an IP address changes you have to update the files ...

Page 191: ...ironment using the internal hostname as well as the external hostname The command should be successful For example from the first midtier node prodmid1 run the following commands prompt ping prodinfra ping the production infrastructure node PING prodinfra 56 data byes 64 bytes from prodinfra oracle com 138 1 2 111 icmp_seq 0 time 0 ms C prompt ping iasinfra ping the production infrastructure node ...

Page 192: ...irtual IP address instead of the physical IP address for asinfra asha on the production site The following example assumes 138 1 2 120 is the virtual IP address asmid1 asha IN A 138 1 2 333 asmid2 asha IN A 138 1 2 444 asinfra asha IN A 138 1 2 120 this is a virtual IP address remote_infra asha IN A 213 2 2 110 On the standby site you still use the physical IP address for asinfra asha but the remo...

Page 193: ...ver Upgrade and Compatibility Guide for more information To install a middle tier see the Oracle Application Server Installation Guide for the release Note the following points When the installer prompts you to register with Oracle Internet Directory and asks you for the Oracle Internet Directory hostname enter the alias of the node running OracleAS Infrastructure for example asinfra oracle com 10...

Page 194: ... 10 1 2 0 2 If you already have an OracleAS Disaster Recovery environment set up using OracleAS Guard Release 10 1 2 0 0 you can patch OracleAS Guard in your environment to take advantage of new features and support for the topologies described in Section 10 1 OracleAS Disaster Recovery Introduction To patch your OracleAS Disaster Recovery environment follow these basic steps 1 Stop the OracleAS G...

Page 195: ...ctl startall ORACLE_HOME opmn bin opmnctl startproc ias component DSA 10 6 What to Read Next For information on how to manage your OracleAS Disaster Recovery environment such as setting up Oracle Data Guard and configuring the OracleAS Metadata Repository database see the Oracle Application Server High Availability Guide ...

Page 196: ...What to Read Next 10 12 Oracle Application Server Installation Guide ...

Page 197: ...ion Server Control page in a browser The URLs for these pages are shown in the last screen of the installer You can view the contents of the last screen in the file ORACLE_HOME install setupinfo txt You can use scripts or you can use the Oracle Enterprise Manager 10g Application Server Control to start and stop Oracle Application Server instances See the Oracle Application Server Administrator s G...

Page 198: ...ironment please check your settings as described in these sections Section 11 6 1 Check the Operating System Locale Section 11 6 2 Check the NLS_LANG Setting 11 6 1 Check the Operating System Locale To make sure the default locale is set properly verify that the LC_ALL or LANG environment variables are set with the appropriate values To check the current setting run the locale command prompt local...

Page 199: ...these two components from the installer 2 Check if mod_osso is configured in the ORACLE_HOME where you want to configure Oracle Delegated Administration Services Examine the following line in the ORACLE_ HOME Apache Apache conf httpd conf file ORACLE_HOME refers to the directory where you want to configure Oracle Delegated Administration Services include ORACLE_HOME Apache Apache conf mod_osso con...

Page 200: ...E_ HOME config ias properties file p OIDport Specifies the port number on which Oracle Internet Directory is listening You can determine this value from the OIDport parameter in the ORACLE_HOME config ias properties file u OIDadminName Specifies the login name for Oracle Internet Directory Use the superuser cn orcladmin w OIDclearTextPassword Specifies the password for the Oracle Internet Director...

Page 201: ...tion Server chapter You should also perform a complete Oracle Application Server environment backup after installing Oracle Application Server This enables you to restore a working environment in case something goes wrong For details on how to perform a complete Oracle Application Server environment backup see the Oracle Application Server Administrator s Guide You should also perform a complete O...

Page 202: ...What to Do Next 11 6 Oracle Application Server Installation Guide ...

Page 203: ...cle Identity Management Grid Control Plug in or Oracle Identity Management Grid Control Plug in Agent you must install Oracle Enterprise Manager 10g Release 2 Grid Control 10 2 0 1 0 or later A 2 Starting the Grid Control Plug in Installer 1 If you are installing from a CD ROM or DVD ROM and your computer does not mount CD ROMs or DVDs automatically you need to set the mount point manually See Sec...

Page 204: ...ore installing the Oracle Identity Management Grid Control Plug in so that the Management Service can completely shut down Perform the following steps to install Oracle Identity Management Grid Control Plug in Notes Be sure you are not logged in as the root user when you start the Oracle Universal Installer The installer gives an error message if you try to run it as the root user Do not start the...

Page 205: ...he Oracle Enterprise Manager 10g Grid Control Console using the following URL http oms_host oms_port em 2 Click the Deployments tab 3 Click View Patch Cache 4 If this is your first time installing the Grid Control Plug in Agent click Upload Patch File If you have already uploaded the patch skip to the next step On the Add Patch File to Patch Cache screen fill in the following fields Patch File Ent...

Page 206: ...d the patchset 5 On the Patch Cache screen select the patchset to be applied and click Patch 6 On the Patch Select Destination screen select Oracle Homes in the Destination Type box 7 Under Available Homes select the Oracle Home s where the patch should be applied and click Move 8 Click Next 9 On the Patch Set Credentials screen enter the Username and Password for the Oracle Home and click Next 10...

Page 207: ...nt installation of Oracle Application Server is accomplished by supplying the Oracle Universal Installer with a response file and specifying the silent flag on the command line The response file is a text file containing variables and parameter values which provide answers to the installer prompts If this is a first time installation of Oracle Application Server you must create the oraInst loc fil...

Page 208: ...detects settings of environment variables and enables you to enter the full path of the local bin directory Use non interactive installation of Oracle Application Server when there are specific screens you want to observe during installation B 3 Pre Installation 1 Log in as the root user prompt su 2 Create an empty file 3 Exit from the root user exit B 4 Notes for Silent and Non Interactive Instal...

Page 209: ...ord destinationFile newResponseFile Replace newResponseFile with the full path to the response file that you want the installer to create Example opt oracle myInfraResponse rsp 2 Enter your values in the installer screens The installer will write these values to the file specified in the destinationFile parameter When you get to the Summary screen the installer automatically writes all your values...

Page 210: ...cribed in Section 4 23 Installing Oracle Identity Management Components Only Including Oracle Internet Directory Note that if you do not copy the CD ROMs to the hard drive the installer will prompt you to switch CD ROMs during installation To complete the installation without any prompting you must copy the contents of the CD ROMs to the hard drive and specify the LOCATION_FOR_DISKn parameters RES...

Page 211: ...infrastructure b_configureOCA true oracle iappserver infrastructure b_configureHA false oracle iappserver infrastructure b_launchEMCA true oracle iappserver infrastructure b_launchOHS true Meta Repository Connection Info for OID oracle iappserver iappdialog szl_RepositoryUserInput sys syspassword mr_ host mycompany com 1521 mr mycompany com Meta Repository Connection Info for OCA oracle iappserver...

Page 212: ...OOL_PAGE false SHOW_OPTIONAL_CONFIG_TOOL_PAGE false SHOW_RELEASE_NOTES false SHOW_ROOTSH_CONFIRMATION false SHOW_END_SESSION_PAGE false SHOW_EXIT_CONFIRMATION false NEXT_SESSION false NEXT_SESSION_ON_FAIL false SHOW_DEINSTALL_CONFIRMATION false SHOW_DEINSTALL_PROGRESS false oracle iappserver infrastructure SHOW_IAS_COMPONENT_CONFIG_PAGE false ACCEPT_LICENSE_AGREEMENT true RESTART_SYSTEM Value Unsp...

Page 213: ... Storage Option s_DataorASMret File System s_mountPoint local_location oradata Specify Backup and Recovery Options s_dlgRBOEnableAutoBackups Do not enable Automated backups Specify Database Schema Passwords s_superAdminPasswdType S s_superAdminSamePasswd schemapassword s_superAdminSamePasswdAgain schemapassword Select Database Configuration s_dlgStarterDBConfigCreateStarterDB Create a starter data...

Page 214: ...W_OPTIONAL_CONFIG_TOOL_PAGE false SHOW_RELEASE_NOTES false SHOW_ROOTSH_CONFIRMATION false SHOW_END_SESSION_PAGE false SHOW_EXIT_CONFIRMATION false NEXT_SESSION false NEXT_SESSION_ON_FAIL false SHOW_DEINSTALL_CONFIRMATION false SHOW_DEINSTALL_PROGRESS false oracle iappserver infrastructure SHOW_IAS_COMPONENT_CONFIG_PAGE false ACCEPT_LICENSE_AGREEMENT true RESTART_SYSTEM Value Unspecified CLUSTER_NO...

Page 215: ...toBackups Do not enable Automated backups Specify Database Schema Passwords s_superAdminPasswdType S s_superAdminSamePasswd schemapassword s_superAdminSamePasswdAgain schemapassword Select Database Configuration s_dlgStarterDBConfigCreateStarterDB Create a starter database s_dlgStarterDBConfigOptionSelected General Purpose oracle oid oidca s_silentinstallflag 1 oracle iappserver infrastructure b_c...

Page 216: ...ROOTSH_CONFIRMATION false SHOW_END_SESSION_PAGE false SHOW_EXIT_CONFIRMATION false NEXT_SESSION false NEXT_SESSION_ON_FAIL false SHOW_DEINSTALL_CONFIRMATION false SHOW_DEINSTALL_PROGRESS false oracle iappserver security fed SHOW_IAS_COMPONENT_CONFIG_PAGE false ACCEPT_LICENSE_AGREEMENT true RESTART_SYSTEM Value Unspecified CLUSTER_NODES Value Unspecified OUI_HOSTNAME fed_host mycompany com PreReqCo...

Page 217: ...e file is the installation password The password information is in clear text To minimize security issues regarding the password in the response file follow these guidelines Set the permissions on the response files so that they are readable only by the operating system user who will be performing the silent or non interactive installation If possible remove the response files from the system afte...

Page 218: ...or example REMOVE_HOME local_location oracle_home To perform a silent deinstallation use the deinstall parameter when entering the command prompt runInstaller silent deinstall responseFile absolute_path_and_filename Note You still need to follow the deinstallation steps described in Appendix D Deinstallation and Reinstallation One of the key steps is to run the deconfig tool before running the sil...

Page 219: ...of Assigning Default Port Numbers The installer assigns default port numbers to each component using the following method 1 The installer checks if the default port number is in use If it is not in use the installer assigns it to the component 2 If the default port number is already in use by an Oracle product or by any running application the installer tries the lowest number in the port number r...

Page 220: ...ttable through staticports ini IIOPS1 13401 13401 13500 Not settable through staticports ini IIOPS2 13501 13501 13600 Not settable through staticports ini Oracle HTTP Server Oracle HTTP Server Listen Port 7777 7777 7877 Oracle HTTP Server Listen port Oracle HTTP Server Listen SSL 4443 4443 4543 8250 8350 Oracle HTTP Server Listen SSL port Oracle HTTP Server Port 7777 7777 7877 Oracle HTTP Server p...

Page 221: ...ts ini Log Loader 44000 44000 44099 Log Loader port Oracle Internet Directory Oracle Internet Directory 389 but see the Note on page 2 10 389 13060 13129 Oracle Internet Directory port Oracle Internet Directory SSL 636 but see the Note on page 2 10 636 13130 13159 13161 13199 Oracle Internet Directory SSL port Oracle Application Server Certificate Authority OCA Server Authentication Virtual Host S...

Page 222: ... Metadata Repository Oracle Notification Server and SJP ports You need to open the following ports used by these components in the firewall LDAP port 389 LDAP SSL port 636 SQL Net 2 port 1521 OPMN ONS remote port 6200 OC4J AJP port 12501 Note The port numbers listed here are the default ports for the components You may have different ports in your environment ...

Page 223: ... run as part of the deinstallation procedure This tool removes entries in OracleAS Metadata Repository and Oracle Internet Directory for the Oracle Application Server instance that you want to deinstall The Deconfig tool does not remove partner application entries If you need to remove partner application entries follow the steps in Section F 4 1 Obsolete Partner URLs Still Remain on the OracleAS ...

Page 224: ...nstall Components If you want to run the tool as the Oracle Internet Directory superuser be sure to use cn orcladmin and not just orcladmin These are two different users If you want more details about these users see Section 5 1 Default Users in Oracle Internet Directory w password Specify the password for the Oracle Internet Directory user r realm Specify the realm in which to authenticate the us...

Page 225: ... files Items to Remove or Clean Up To deinstall Oracle Application Server instances you have to clean up the items listed in Table D 1 The procedures are described later in this appendix Note If you used OracleAS RepCA to install the OracleAS Metadata Repository on an existing database and you want to remove the OracleAS Metadata Repository select the Remove option in OracleAS RepCA You can also u...

Page 226: ...gn On instance that you wish to deinstall was the last instance to be installed against the Oracle Internet Directory you should not perform this step Instead perform the steps in Section D 6 Deinstalling OracleAS Infrastructure 1 Open the file located at ORACLE_ HOME deconfig DeconfigWrapper properties for editing 2 Search for the line that begins with SSO For example the line might look like the...

Page 227: ... This section describes how to deinstall OracleAS Infrastructure instances It includes the following topics Section D 6 1 Deinstallation Order Section D 6 2 Deinstallation Steps D 6 1 Deinstallation Order The OracleAS Infrastructure instance could contain all the OracleAS Infrastructure components or it could contain only a subset of the components because you have a distributed OracleAS Infrastru...

Page 228: ...rectory Integration Platform by running the following command prompt cd ORACLE_HOME bin prompt oidctl connect db_connect_string server odisrv instance 1 stop db_connect_string is the TNS alias as listed in the file ORACLE_ HOME network admin tnsnames ora For any additional Oracle Directory Integration Platform servers that you started you must stop them too See the instructions in the Oracle Ident...

Page 229: ...ed in private1 infra and it includes a metadata repository whose SID is orcl the lines would look like the following orcl private1 infra N private1 infra N D 7 Harmless Errors in the Log File If you get the following unable to delete file and unable to find make file errors in the oraInstalltimestamp err file after you deinstall J2EE and Web Cache or Portal and Wireless instances these are harmles...

Page 230: ...ill a process use the kill command prompt kill 9 process_id You can determine the process_id from the ps command If you need to shut down the dcmctl shell process you can try exiting the shell by typing exit D 9 Reinstallation The installer does not allow reinstallation of an Oracle Application Server instance in a directory that already contains an Oracle Application Server instance To reinstall ...

Page 231: ...failed configuration assistant has any dependencies then run the dependencies again You must do this even if the dependency completed successfully 4 Run the failed configuration assistant again by selecting the configuration assistant in the installer and clicking Retry If the configuration assistant fails again after you click Retry remove the tmp EM_CONFIG_INSTALL lk file and re run the configur...

Page 232: ...the problem and continuing You must remove the current installation and reinstall Oracle Application Server The following tasks describe the recovery procedure a Deinstall the failed installation using the procedure described in Appendix D Deinstallation and Reinstallation b Correct the cause of the fatal error c Reinstall Oracle Application Server d If the fatal error reoccurs then you must remov...

Page 233: ...epository log DCM Repository Backup Assistant Enables you to back up your DCM repository ORACLE_HOME dcm logs Delegated Administration Service Configuration Assistant Sets up the Oracle Delegated Administration Services URL in Oracle Internet Directory and adds the necessary access control privileges to the DAS entity Before running this configuration assistant make sure the Infrastructure Instanc...

Page 234: ...TTP Server can register and protect their URL with mod_osso When the URL is requested mod_osso authenticates the user with OracleAS Single Sign On to allow access to the URL ORACLE_HOME config infratool_mod_osso log ORACLE_HOME cfgtoollogs infratool_mod_osso log Infrastructure Schema Configuration Assistant Registers the Infrastructure schemas with Oracle Internet Directory Before running this con...

Page 235: ...stimestamp log OPMN Configuration Assistant Starts OPMN and OPMN managed processes ORACLE_HOME cfgtoollogs configtoolstimestamp log ORACLE_HOME cfgtoollogs ipm log ORACLE_HOME cfgtoollogs ons log OPMN Configuration Assistant start DAS instance Starts Oracle Delegated Administration Services instance through OPMN ORACLE_HOME cfgtoollogs configtoolstimestamp log ORACLE_HOME cfgtoollogs ipm log ORACL...

Page 236: ...OracleAS Single Sign On to allow access to the URL ORACLE_HOME config j2ee_mod_osso log ORACLE_HOME cfgtoollogs j2ee_mod_osso log Oracle Net Configuration Assistant Configures the database listener and the middle tiers to use LDAP naming by default ORACLE_HOME cfgtoollogs installActionstimestamp log Register DCM Plug Ins With Oracle Enterprise Manager 10g Configuration Assistant Registers DCM plug...

Page 237: ...stant is run for Oracle Identity Management installations ORACLE_HOME config infratool_unlock_schema log UseInfrastructure Configuration Assistant Updates the ORACLE_HOME config ias properties file registers the instance with Oracle Internet Directory and creates the ldap ora file with Oracle Internet Directory credentials in the ORACLE_HOME network admin directory Before running this configuratio...

Page 238: ...Description of Oracle Application Server Configuration Assistants E 8 Oracle Application Server Installation Guide ...

Page 239: ...otes are available with the platform specific documentation The most current version of the release notes is available on Oracle Technology Network http www oracle com technology documentation Verify that your computer meets the requirements specified in Chapter 2 Requirements If you entered incorrect information on one of the installation screens return to that screen by clicking Back until you s...

Page 240: ...or Does Not Display Properly Section F 3 11 Installer Does Not Display Correct Database Name for OracleAS Metadata Repository Section F 3 12 Configuration Assistant Failures General Section F 3 13 OracleAS Randomize Password Configuration Assistant Failures Section F 3 14 Database Configuration Assistant DBCA Failures Section F 3 15 Harmless Error Message from Database Configuration Assistant DBCA...

Page 241: ...llowing requirements Check that the kernel parameters are set to the proper values Note that if you change the value of a kernel parameter you must exit the installer and restart your computer for the new value to take effect Check that you are installing Oracle Application Server in a valid directory For example you cannot install Oracle Application Server in a database Oracle home See Table 2 9 ...

Page 242: ... Check the following in the etc system file The installer does not recognize commented out entries in the etc system file for kernel parameters It reads the commented out entries and fails if the commented lines are below the required values You have to remove such lines from the file The installer ignores entries in the file that have syntax errors Make sure that the lines for the required kernel...

Page 243: ...ocked after ten failed attempts to connect This is controlled by the password policy Ten failed attempts is the default value Solution If you know the cn orcladmin password you can unlock the account by running the following command prompt ORACLE_HOME bin oidpasswd connect dbsid unlock_su_acct true where dbsid is the SID for the database For example prompt ORACLE_HOME bin oidpasswd connect orcl un...

Page 244: ...ROM to the ORACLE_HOME jdk jre lib fonts directory F 3 11 Installer Does Not Display Correct Database Name for OracleAS Metadata Repository Problem During middle tier installation in the Select OracleAS Metadata Repository screen which is the screen where you select the OracleAS Metadata Repository that you want to use for the middle tier the installer does not display correctly the names of the a...

Page 245: ...he value of the orclpassword attribute to the schema name For example if wireless is the schema name change the orclpassword attribute value to wireless Change orclflexattribute1 to false Click Apply Perform these steps for all the schemas except ODS and OEM_REPOSITORY 6 Using SQL Plus log in to the database where the OracleAS Randomize Password Configuration Assistant failure is occurring and run...

Page 246: ...9 07 35 PM oracle sysman emcp EMConfig updateEmdProps INFO Updating file ASInstalls ASInfra sysman config emd properties Nov 25 2004 9 07 35 PM oracle sysman emcp EMConfig updateConfigFiles INFO targets xml file is updated successfully Nov 25 2004 9 07 35 PM oracle sysman emcp EMConfig updateEmomsProps INFO Updating file ASInstalls ASInfra sysman config emoms properties Nov 25 2004 9 07 35 PM orac...

Page 247: ...component OC4J instancename oca Then re run the OPMN Configuration Assistant Start OCA F 3 19 WARNING DCM service may not be available at this time Problem When installing the first node of an OracleAS Cluster Identity Management the Java Security Configuration Assistant may return the following message WARNING DCM service may not be available at this time to synchronize ORACLE_ HOME j2ee home con...

Page 248: ...luster Identity Management the installation of Oracle Internet Directory fails on the second node Solution Perform the following steps to correct the problem 1 Run the following command to connect to the database prompt sqlplus ods password 2 Remove the registry information for node 2 from the IMCFREGISTRY table SQL delete from IMCFREGISTRY where IASINSTANCE node2_instance_name 3 Remove the PROCES...

Page 249: ... Reuse Instance Name of a Deleted Instance Section F 4 3 Unable to Reuse Database Name Section F 4 4 Deconfiguration Failed on Distributed OracleAS Cluster Identity Management F 4 1 Obsolete Partner URLs Still Remain on the OracleAS Single Sign On Administration Screen Problem After deinstallation some partner application entries that are obsolete remain on the OracleAS Single Sign On Administrati...

Page 250: ...ger Oracle home refers to the home where you installed Oracle Internet Directory prompt ORACLE_HOME bin oidadmin 2 In the Connect screen enter the Oracle Internet Directory connect information Log in as the Oracle Internet Directory superuser cn orcladmin 3 Expand Entry Management cn OracleContext cn Products cn IAS cn IAS Instances 4 Under cn IAS Instances select the instance that you want to del...

Page 251: ...c us dc oracle dc com you need to expand dc com then expand dc oracle then expand dc us Then expand cn OracleContext cn Products cn Portal cn UltraSearch cn Database Instances cn infrastructure_database_name 7 Delete all the child entries under cn infrastructure_database_name starting with the inner most child entry To delete an entry right click each child entry and select Delete from the pop up ...

Page 252: ...sso https conf to osso conf cd ORACLE_HOME Apache Apache conf osso ln osso https conf osso conf 2 Run the Deconfig tool again F 5 Need More Help If this appendix does not solve the problem you encountered try these other sources Oracle Application Server Release Notes available on the Oracle Technology Network http www oracle com technology documentation OracleMetaLink http metalink oracle com If ...

Page 253: ... 3 5 default port numbers C 1 how to assign custom port numbers 2 10 how to install on separate computers 4 4 OracleAS Infrastructure components 4 2 ports used by components 4 11 configuration assistant errors Database configuration assistant F 7 database configuration assistant F 8 OPMN configuration assistant Start DAS Instance F 9 OPMN configuration assistant Start HTTP Server F 8 OPMN configur...

Page 254: ...E 2 first time installation of any Oracle product 3 2 font problems F 5 G grid control plug in installing A 1 starting the installer A 1 grid control plug in agent installing A 3 groupadd command 2 16 groups operating system see operating system groups groups Oracle Internet Directory 5 2 adding users to 5 10 groups command 2 18 H high availability environments etc group file 7 5 installation orde...

Page 255: ...ce names namespace in Oracle Internet Directory 4 11 Network Appliance filers 2 25 network requirements 2 2 network topics 2 22 installing from hard drive 2 22 installing from remote CD ROM DVD drive 2 23 installing on multihomed computers 2 22 NFS storage 2 25 remote installations 2 24 NFS installations configuring Oracle HTTP Server 11 2 NFS storage 2 25 NIS and NIS 2 26 NLS_LANG environment var...

Page 256: ...2 19 ORACLE_SID environment variable 2 19 OracleAS Certificate Authority adding after installation 4 12 groups required for installation 5 5 in silent and non interactive installations B 2 installing 4 21 OracleAS Cluster groups required for installation 5 5 OracleAS Cluster Identity Management 9 1 cluster configuration assistant failure F 10 configuring LDAP virtual server 9 3 configuring load ba...

Page 257: ... for Oracle Delegated Administration Services 4 6 groups required for installation 5 4 obsolete URLs on Administration screen F 11 OracleAS Metadata Repository used by 5 6 specifying hostname on command line 2 21 OracleAS Wireless groups required for installation 5 6 OracleASCluster Identity Management DCM warning F 9 OracleBI Discoverer groups required for installation 5 6 oraInst loc file 2 16 o...

Page 258: ...or OracleAS Cluster Identity Management 9 3 SYS SYSTEM user passwords 4 10 system requirements 2 2 T tmp directory 3 6 space required in 2 4 TNS_ADMIN environment variable 2 20 F 8 tnsnames ora file 2 20 topologies 10 1 4 0 1 identity federation 1 3 10 1 4 0 1 infrastructure 1 3 distributed identity management with integrated HTTP server 1 5 distributed identity management with standalone HTTP ser...

Search results

Summary of Contents for Application Server 10g

Reviews:

Related manuals for Application Server 10g

Brands by name

Popular brands

Oracle Application Server 10g, Installation Manual

Search results

Summary of Contents for Application Server 10g

Reviews:

Related manuals for Application Server 10g

Brands by name

Popular brands