Wednesday, November 13, 2013

How to Install OIM 11.1.2.1.0

This guide will show you how to install Oracle Identity Manager 11g R2 Patch Set 1 (PS1) in an Oracle Linux 6 (64-bit) environment.

Documentation References:
System Requirements and Specifications for OIAM
Identity and Access Management Documentation Library

Overview
  1. Environment Setup
  2. Oracle Database 11g R2 Installation
  3. JRockit Installation
  4. OIM 11.1.2.1 Schema Creation
  5. WebLogic 10.3.6 Installation
  6. SOA 11.1.1.6.0 Installation
  7. Apply Mandatory SOA Patches
  8. IDM 11.1.2.1 Installation
  9. Apply More Patches 
  10. Creating WebLogic Domain
  11. Configure Database Security Store for WebLogic Domain
  12. Configure Oracle Identity Manager 11.1.2.1.0
  13. Post Installation
Environment Setup
  • Create an oracle user in Linux. Use this user for your installations.
  • Modify your "/etc/hosts" file to include IP address and host name mapping.
  • The minimum Open File Limit should be 4096. Make the change in "/etc/security/limits.conf".  
    #Example
* soft  nofile  4096
* hard  nofile  65536  
  • Install the necessary packages.
    binutils-2.20.51.0.2-5.28.el6
compat-libcap1-1.10-1
compat-libstdc++-33-3.2.3-69.el6 for x86_64
compat-libstdc++-33-3.2.3-69.el6 for i686
gcc-4.4.4-13.el6
gcc-c++-4.4.4-13.el6
glibc-2.12-1.7.el6 for x86_64
glibc-2.12-1.7.el6 for i686
glibc-devel-2.12-1.7.el6 for i686
libaio-0.3.107-10.el6
libaio-devel-0.3.107-10.el6
libgcc-4.4.4-13.el6
libstdc++-4.4.4-13.el6 for x86_64
libstdc++-4.4.4-13.el6 for i686
libstdc++-devel-4.4.4-13.el6
libXext for i686
libXtst for i686
openmotif-2.2.3 for x86_64
openmotif22-2.2.3 for x86_64
redhat-lsb-core-4.0-7.el6 for x86_64
sysstat-9.0.4-11.el6
uln-internal-setup-1.0.1-1.el6.noarch.rpm
  • Change the value of SHMMAX to 4294967295 or higher by including the following line in /etc/sysctl.conf:
    kernel.shmmax = 4294967295
Oracle Database 11g R2 Installation
Follow the guide given here.

JRockit Installation
Follow the guide given here.
Do not use JRockit 1.6.0_45 because you will get an error when trying to configure the database keystore. Read “Error Occurred While creating OPSS Security Store in OIM 11.1.2.1 Install (Doc ID 1555444.1)” about the known issue. Below is the error message you will get when trying the create the keystore:

Info: Data source is: opss-DBDS
Problem invoking WLST - Traceback (innermost last):
File "/u01/Oracle/Middleware/Oracle_IDM1/common/tools/configureSecurityStore.py", line 896, in ?
TypeError: cannot concatenate 'str' and 'NoneType' objects

OIM 11.1.2.1 Schema Creation
Version: Repository Creation Utility 11.1.2.1.0 (32-bit)
File: V37476-01.zip

Extract the file and change the JRE_DIR variable in the "rcuHome/bin/rcu" script to point to your java jre location. On the "Select Components" step, select Oracle Identity Manager. The following schemas are created: MDS, OPSS, OIM, SOAINFRA, and ORASDPM.


WebLogic 10.3.6 Installation
File: V29856-01.zip
Execute the jar file:
java -jar wls1036_generic.jar

SOA 11.1.1.6.0 Installation
Files:
V29672-01_1of2.zip
V29672-01_2of2.zip

After extracting both files, there should be five Disk directories. Navigate to the "Disk 1" directory and execute the runInstaller script specifying your JRE location.   
./runInstaller -jreLoc /home/oracle/java/jrockit64/jre

Apply Mandatory SOA Patches
Refer to the Release Notes under section "2.2.2 Mandatory Patches Required for Installing Oracle Identity Manager" for full list of mandatory patches. Read the README in each patch for additional information.

Files:
p16385074_111160_Generic.zip
p13973356_111160_Generic.zip
p14196234_111160_Generic.zip
p16366204_111160_Generic.zip

Note: Make sure the patches are for SOA 11.1.1.6.0. You will get a conflict issue if you try to apply a different SOA patch version (Other patches might get deleted if you try to proceed).

To apply a patch: 
  1. Temporarily set ORACLE_HOME and include SOA OPatch to PATH.
  2. Extract a patch. Navigate into the directory and execute "opatch apply". Only for patch 16385074, navigate to opatch/16385074 and then apply.
#Include the SOA OPatch in Path
export PATH=/home/oracle/Oracle/Middleware/Oracle_SOA1/OPatch:$PATH
#Set the ORACLE_HOME to the SOA Directory
export ORACLE_HOME=/home/oracle/Oracle/Middleware/Oracle_SOA1


#To check the patches applied
opatch lsinventory

IDM 11.1.2.1 Installation
Files:
V37472-01_1of2.zip
V37472-01_2of2.zip

After unzipping the two files, three Disk directories are created. Navigate to the "Disk 1" directory and execute the runInstaller script specifying your JRE location.
./runInstaller -jreLoc /home/oracle/java/jrockit64/jre

Apply More Patches
Refer to the Release Notes under section "2.2.2 Mandatory Patches Required for Installing Oracle Identity Manager" for full list of mandatory patches.

#IDM Oracle Home
export PATH=/home/oracle/Oracle/Middleware/Oracle_IDM1/OPatch:$PATH
export ORACLE_HOME=/home/oracle/Oracle/Middleware/Oracle_IDM1


#Common Oracle Home
export PATH=/home/oracle/Oracle/Middleware/oracle_common/OPatch:$PATH
export ORACLE_HOME=/home/oracle/Oracle/Middleware/oracle_common
Files:
p16400771_111160_Generic.zip
p16472592_111160_Generic.zip
p16513008_111210_Generic.zip

16472592: Oracle WebCenter Portal
* opatch/16472592 : Applicable for ORACLE_HOME [oracle_common]

16400771: Oracle Platform Security Services
Applicable for ORACLE_HOME [oracle_common]

16513008: Oracle Access Manager
Applicable for ORACLE_HOME [Oracle_IDM1]

Creating WebLogic Domain
Navigate to /home/oracle/Oracle/Middleware/oracle_common/common/bin and run command: ./config.sh
Select Oracle Identity Manager - 11.1.2.0.0.
The following are automatically selected:
Oracle SOA Suite
Oracle Enterprise Manager
Oracle Platform Security Service
Oracle WSM Policy Manager
Oracle JRF WebServices Asynchronous services
Oracle JRF

Configure Database Security Store for WebLogic Domain

#Create OPSS Database Keystore
#[mw_home]/oracle_common/common/bin/wlst.sh [iam_home]/common/tools/configureSecurityStore.py -d [domaindir] -c IAM -p [opss_schema_password] -m create
/home/oracle/Oracle/Middleware/oracle_common/common/bin/wlst.sh /home/oracle/Oracle/Middleware/Oracle_IDM1/common/tools/configureSecurityStore.py -d /home/oracle/Oracle/Middleware/user_projects/domains/oim_domain -c IAM -p Password1 -m create


#Validate OPSS Database Keystore
#[mw_home]/oracle_common/common/bin/wlst.sh [iam_home]/common/tools/configureSecurityStore.py -d [domaindir] -m validate
/home/oracle/Oracle/Middleware/oracle_common/common/bin/wlst.sh /home/oracle/Oracle/Middleware/Oracle_IDM1/common/tools/configureSecurityStore.py -d /home/oracle/Oracle/Middleware/user_projects/domains/oim_domain -m validate

Configure Oracle Identity Manager 11.1.2.1.0
Start WebLogic Administrator Console and SOA. The startup scripts are located in "MW_HOME/user_projects/domains/DOMAIN_NAME/bin".

#Start WebLogic AdminServer
./startWebLogic.sh


#Start SOA
./startManagedWebLogic.sh soa_server1

Navigate to MW_HOME/Oracle_IDM1/bin and run the config.sh script.

Post Installation
Shut down all servers and apply patch 16478722 to oracle common home.
File: p16478722_111160_Generic.zip
Posted by at
Labels:

1 comment:

  1. AnonymousJanuary 27, 2014 at 8:43 AM

    You mention not to use JRockit 1.6.0_45 . If i have already used it and come across the error, can i change the JRockit installtion , will i need to re-install everything?

    ReplyDelete

Subscribe to: Post Comments (Atom)