In this post I will cover the installation & configuration of Oracle Identity Management / Oracle Internet Directory step-by-step.
The environment & software I am using:
- Oracle Linux 6.7 64Bit Virtual Machine
- Oracle Identity Management 188.8.131.52 Installer
- Oracle Weblogic Server 10.3.6
- Oracle Database 184.108.40.206 (for ODS schema)
- Repository Creation Utility (220.127.116.11 or higher)
- JDK 1.8
I have pre-built Oracle Linux 6.6 64Bit along with Oracle Database 18.104.22.168 installation and not covering that part here.
1.Connect to the database as SYS.
2. Set OPEN_CURSORS to 500. (If you are planning to use the same database for Oracle Identity & Access Management, make it 800)
alter system set open_cursors=500 scope=both;
3. Set PROCESSES to 500
alter system set processes=500 scope=spfile;
4. If you are running database 22.214.171.124, please grant execute privileges on DBMS_REPUTIL to public.
grant execute on DBMS_REPUTIL to public;
Operating System Pre-requisites
1.Open files. Add below lines in “/etc/security/limits.conf”
* soft nofile 4096
* hard nofile 65536
* soft nproc 2047
* hard nproc 16384
2. Add above values in /etc/security/limits.d/90-nproc.conf for Oracle Linux or Red Hat Linux servers.
3. Make sure below required libraries are installed.
- compat-libstdc++-33-3.2.3-69.el6 for x86_64
- compat-libstdc++-33-3.2.3-69.el6 for i686
- glibc-2.12-1.7.el6 for x86_64
- glibc-2.12-1.7.el6 for i686
- glibc-devel-2.12-1.7.el6 for i686
- libstdc++-4.4.4-13.el6 for x86_64
- libstdc++-4.4.4-13.el6 for i686
- libXext for i386
- libXtst for i386
- libXi for i386
- openmotif-2.2.3 for x86_64Footref 7
- openmotif22-2.2.3 for x86_64Footref 7
- redhat-lsb-4.0-3.el6 for x86_64
4. To check if the package is installed or not, run below command
rpm -qa | grep package_name
5. Install any missing RPM using root login. Execute “yum update” before installing. (updating yum is not mandatory but recommended)
yum search package_name
yum install package_name
Repository Creation using RCU
1.Extract RCU software, navigate to rcuHome/bin and execute RCU
2. Click “Next” on Welcome Screen
3. Select “Create” and click “Next”
4. Provide database details and click “Next”. Make sure you use ID with SYSDBA privileges.
5. Make sure all prerequisites are satisfied and click “Ok”
6. Provide prefix of your choice. Expand “Identity Management” and select “oracle Internet Directory”. In the below screenshot I have selected Access Manager & Identity Manager as I will be using the same database for OIAM setup as well. If you are not intending to setup OIAM, please select only Oracle Internet Directory.
7. Make sure component specific prerequisites are successful and click “Ok”
8. Provide password for schema. You can either use same password for all the schema or use different password for each schema.
9. Review tablespaces and click “Next”. If you wish to change the table spaces, you can do so using “Manage Tablespaces” button.
10. Click “Ok” on create tablespaces confirmation screen.
11. Make sure tablespaces are created successfully and click “Ok”
12. Review the parameters and click “Create”
13. Wait till all the schema gets created.
14. Make sure the status is success for all the schema and click “Close”
Oracle Weblogic Server 10.3.6 Installation
1.Make sure java is installed and is added in PATH.
2. Navigate to the directory where wls1036_generic.jar is located and execute below command to start the Weblogic installer
java -jar wls1036_generic.jar
3. Click “Next” on the welcome screen.
4. Provide a location for new middleware home (/u01/app/oracle/product/fmw). This will be the base directory where additional Oracle Homes will be installed later.
5. Uncheck securyty updates and click “Next”. The installer will ask you 3 times for confirmation. yes three times !!
6. Select “Typical” and click “Next”. This will install Weblogic and Coherence by default.
7. Verify JDK path and click “Next”
8. Verify Weblogic & Coherence paths and click “Next”. Change the if you wish to.
9. Click “Next” on the “Installation Summary” screen.
10. Installation in progress.
11. Click “Done” on “Installation Complete” screen.
Oracle Identity Management Installation
1.Extract the software zip and navigate to Disk1.
2. Click “Next” on welcome screen.
3. Skip software updates and click “Next”.
4. Select “Install and Configure” and click “Next”.
5. Make sure all prerequisite checks are successful and click “Next”.
6. Select “Create New Domain”. Provide Weblogic usename, password & domain name as below.
7. Specify below details on “Installation Location” screen
- Oracle Middleware Home: /u01/app/oracle/product/fmw (This should be the middleware home you created during Weblogic installation)
- Oracle Home Directory: Oracle_IDM1 (This the IDM Oracle Home created inside your middleware home)
- Weblogic Server Directory: /u01/app/oracle/product/fmw/wlserver_10.3 (This is the Weblogic server directory provided during Weblogic Installation
- Oracle Instance Location: /u01/app/oracle/product/fmw/instances/oid_inst1 (This is OID instance home where opmn will be installed)
- Oracle Instance Name: oid_inst1 (This is the name of your OID instance)
8. Uncheck security updates and click “Next”
9. Click “Yes” on confirmation screen.
10. Select below components
- Oracle Internet Directory
- Oracle Directory Integration Platform
- Oracle Enterprise Manager (Mandatory)
- Oracle Directory Services Manager – ODSM (Mandatory)
I am not covering OVD. So left it unchecked.
11. Select “Auto Port Configuration” and click “Next”
- Default OID Port: 3060
- Default OID SSL Port: 3131
If you wish to change the ports, add below lines to staticports.ini and select “Specify ports using configuration filr”
#Oracle Internet Directory port = 389
#Oracle Internet Directory (SSL) port = 636
12. Select “Use Existing Schema” and provide ODS schema details and click “Next”
- Connect String: localhost:1521:orcl
- Schema Name: ODS (Cannot be changed)
- Password: ODS schema password provided during repository creation
13. OID Configuration
- Realm: dc=company,dc=com (This will be the root domain of your OID)
- Administrator User Name: cn=orcladmin (Cannot be changed. If needed you can add more administrators later using LDAP or ODSM console)
- Administrator Password: This password will be used to connect to OID.
14. Click “Install” on Summary screen.
15. Installation progress.
16. When prompted, execure below script as root and click “Ok”
17. Configuration Progress screen.
18. Make sure all configuration steps are successful and click “Next”
19. Click “Finish” on the installation complete screen.
20. Verify OPMN using opmnctl
./opmnctl status -l
21. Verify below ports listen status using netstat
netstat -an | grep port_num
- 3060 – OID Port
- 3161 – OID SSL Port
- 7001 – Weblogic Admin Server Port
- 7005 – ODS Managed Server Port (ODSM runs on this port)
22. Access ODSM console
23. Create new OID connection using the menu on top right corner and click “Connect”
- Directory Type: OID
- Name: Any name you prefer
- Server: localhost
- Port: 3060 (or 3161 if you want to connect to SSL port)
- User Name: cn=orcladmin
- Password: Password provided during IDM installation
24. ODSM home screen. Verify if the root domain is created successfully.
Thats It !! You now have a working installation of OID. Hope this helps.