OIM-12c Installation - FMW - SOA - IDM

-

Oracle Identity Manager (OIM) 12c Installation

Prerequisites:

The Oracle Identity Manager software includes the following:

1] Oracle's Java Development Kit (JDK) 1.8 (jdk-8u311-linux-x64.tar.gz)
2] Fusion Middleware 12.2.1.4.0
3] SOA Suite 12.2.1.4.0
4] Oracle Identity and Access Management 12.2.1.4.0

What Do You Need?
For completing Oracle IDM Setup you will need, Environment as below:
Oracle Enterprise Linux 6 or similar, with access to the Internet
At least 8GB RAM (16GB recommended)

An Oracle Database Enterprise Edition 12 or superior installed and running.
Note: Installing a Database for Identity and Access Management (IDM) Suite provides instructions on how to install an Oracle Database that is suitable for Oracle Identity and Access Management Suite.

oracle and root user credentials
SYS database user credentials

Basic understanding of Linux
An Oracle Technology Network (OTN) account

OIM-11g PS3 Installation Steps: Just for reference
https://www.oracle.com/webfolder/technetwork/tutorials/obe/fmw/oim/oim_11g/OIM_Getting_Started_Series/setup_oim_environment/setup_oim_11gr2ps3_environment.html#overview



Downloading the OIM Software's and Binaries

1] JDK 1.8 setup

1] Download the Oracle's Java Development Kit (JDK) 1.8 (jdk-8u311-linux-x64.tar.gz)
https://www.java.com/en/download/

2] Create new folder /softwares in VM/Server where your about to install the OIM suite

3] Upload the downloaded JDK kit into same software folder using Winscp/Mobaxterm/filezilla jdk-8u311-linux-x64.tar.gz

4] Run below commands to check whether java home path is set or not?

--------------------------------------------
Check Java Version on Linux/Unix
--------------------------------------------
$ which java
$ whereis java

## Now extract the contents of the archive: JDK
$ tar -zxf jdk-8u311-linux-x64.tar.gz

## Run below command from root user
## You should now move it to a proper folder:
$ sudo mv jdk1.8.0_311/ /usr/java

## Next, use command update-alternatives to tell system where java and its executables are installed:
$ sudo alternatives --install /usr/bin/java java /usr/java/jdk1.8.0_311/bin/java 2
$ sudo alternatives --install /usr/bin/jar jar /usr/java/jdk1.8.0_311/bin/jar 2
$ sudo alternatives --install /usr/bin/javac javac /usr/java/jdk1.8.0_311/bin/javac 2
$ sudo alternatives --install /usr/bin/javaws javaws /usr/java/jdk1.8.0_311/bin/javaws 2

## Then confirm that correct alternatives are in play:
$ sudo update-alternatives --config java
$ sudo update-alternatives --config jar
$ sudo update-alternatives --config javac
$ sudo update-alternatives --config javaws

## To setup Java environment variables: Use any editor like nano or vi
export JAVA_HOME=/usr/java
export JRE_HOME=/usr/java/jre
export PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin

nano ~/.bash_profile
export PATH=$PATH:/usr/java/bin
export JAVA_HOME=/usr/java/

or 
vi $HOME/.bash_profile
Enter the following variables and save the .bash_profilefile.
e.g.
export JAVA_HOME=/usr/java
export PATH=$JAVA_HOME/bin:$PATH
  1. Repeat steps 3 and 4 to include the JDK variables in the $HOME/.bashrc file.
Restart your terminal. To confirm that the JDK variables are in place, enter the command which java. Terminal should return /u01/app/oracle/product/middleware/jdk/bin:

or
You can use Mobaxterm to change the ~/.bash_profile path using default text editor



Pre-configuring your server to have Hostname and DNS Mapping in place

In this section, you configure your server before installing Oracle Identity Manager.

  1. Launch a terminal as root and enter command vi /etc/hosts to edit the hosts file.

  2. In the hosts file, locate the line starting with 127.0.0.1, and append the text host01.example.com

  3. Save and close the hosts file.

  4. To confirm that the hosts file is successfully executed, close the terminal, open a new terminal as oracle and enter the command ping host01.example.com. Terminal should redirect ping to localhost (127.0.0.1). Enter ctrl + c to stop the ping command.


Note*: All the below installation steps to be perform from user only as oracle

If oracle user is not present then you can create it by root user using below commands:
[root]$  useradd oracle
[root]$  passwd oracle
Enter the new password e.g. as Welcome1


2] Oracle Database Installation 12.2.0 or later
You can download the desired oracle database version from OTN or e-delivery oracle website.
Oracle_Database_12c_Enterprise_Edition_12.2.0.1.0-V839960-01.zip

Reference link for DB steps:
https://www.youtube.com/watch?v=8gQvNFqUQTU
https://www.youtube.com/watch?v=whLY-H-hUCo
https://oracle-base.com/articles/12c/oracle-db-12cr1-installation-on-oracle-linux-7
https://oracle-base.com/articles/12c/oracle-db-12cr1-installation-on-oracle-linux-8
http://vishkrishna.blogspot.com/2017/04/oracle-database-12c-installation-and.html

3] (OIM/OIG) 12c Installation and Configuration

3.1 Install FMW Binaries

Download the Fusion Middleware binaries from OTN or e-delivery oracle website
fmw_12.2.1.4.0_infrastructure_V983368-01.zip

Upload the downloaded binaries into /softwares folder and run command as below from terminal as oracle user
$ unzip fmw_12.2.1.4.0_infrastructure_V983368-01.zip
java -jar fmw_12.2.1.4.0_infrastructure.jar

1/8 : Wizard will get launch as below: Click Next

2/8 : Click Next by keeping "Skip Auto Updates"

3/8 : Keep file as same default as highlighted below: Click Next

4/8 : Select option "Fusion Middleware Infrastructure", Click Next

5/8 : Prerequisite check should passed and show 100%, click Next

6/8 : See Installation summary, click install

7/8 : Installation progress should show successfully 100%, click Next
 
8/8 : Installation completed and you can see the location and features Installed, click Finish



3.2 Install SOA Binaries

Download the SOA binaries from OTN or e-delivery oracle website
fmw_12.2.1.4.0_soa_V983383-01.zip

Upload the downloaded binaries into /softwares folder and run command as below from terminal as oracle user
$ unzip fmw_12.2.1.4.0_soa_V983383-01.zip
$ java -jar fmw_12.2.1.4.0_soa.jar

Keep orainventory path as default


1/8 : Wizard for SOA suite and BPM

2/8 : Click Next by keeping "Skip Auto Updates"

3/8 : Browse the same oracle middleware home path as shown below and click next
You can see existing FMW installed components here by click on View

4/8 : Select option as "SOA Suite", Click Next

5/8 : Prerequisite check should passed and show 100%, click Next

6/8 : See Installation summary, click install

7/8 : Installation progress should show successfully 100%, click Next

8/8 : Installation completed and you can see the location and features Installed, click Finish



3.3 Install IDM Binaries

Download the IDM binaries from OTN or e-delivery oracle website
fmw_12.2.1.4.0_idm_V983411-01.zip

Upload the downloaded binaries into /softwares folder and run command as below from terminal as oracle user
$ unzip fmw_12.2.1.4.0_idm_V983411-01.zip
$ java -jar fmw_12.2.1.4.0_idm.jar

Keep orainventory path as default

1/8 : Wizard for IAM Installation

2/8 : Click Next by keeping "Skip Auto Updates"

3/8 : Browse the same oracle middleware home path as shown below and click next
You can see existing FMW installed components here by click on View

4/8 : Select Collocated mode

5/8 : Prerequisite check should passed and show 100%, click Next

6/8 : See Installation summary, click install

7/8 : Installation progress should show successfully 100%, click Next

8/8 : Installation completed and you can see the location and features Installed, click Finish
 


3.4 RCU (Repository Creation Utility)

For 12c you no need RCU to be download externally, It comes as a part of FMW installed binaries
Before running RCU utility you have to cross check below parameters are already set in Target database.
3.4.1. Navigate to Oracle DB Home path, run below commands to check if DB services are up and running. <DB_VERSION> : This is specific to your database version 12c or 19c

$ cd /home/oracle/app/oracle/product/<DB_VERSION>/dbhome_1/bin

## Check If Oracle home path is set and present then you can use below command directly!
echo $ORACLE_HOME
cd $ORACLE_HOME/bin

## Check listener services are running or not!
$ ./lsnrctl start

$ ./lsnrctl status

Keep handy below target database details ready 
e.g.
Hostname: localhost
Port: 1521
SID: orcl
Service Name: orclpdb1 (In case of 19c pluggable database service should be use)

3.4.2. Check  whether sys user password is already reset and available to use, if not then run below command to reset the same. Login to SQL prompt by default sys Linux OS authentication oracle password (e.g used as Oracle123)
./sqlplus "sys/Oracle123 as SYSDBA"

--- Reset password for sys user
sql > alter user sys identified by Welcome1;
sql > alter user sys identified by Welcome1 container=all;

Note: If you get errors during the RCU process about the number of cursors or xaview, run sqlplus as sys as sysdba and execute the following commands, respectfully, as relevant:

--- Open the cursor value min up to 800+
sql > alter system set open_cursors = 1000 scope=both;

sql > @/home/oracle/app/oracle/product/12.2.0/dbhome_1/rdbms/admin/xaview.sql


After setting all required database parameters, navigate to below RCU common bin path and run command

$ cd /home/oracle/Oracle/Middleware/Oracle_Home/oracle_common/bin
$ ./rcu


1/8 : Wizard for Repository Creation Utility get launch

2/8 : Select option highlighted as below "Create Repository and "System Load and Product Load"

3/8 : Enter target database details as below, User have to enter sys as sydba password which was set earlier in above steps as Welcome1, Click Next.
It should connect to DB successfully and show global prerequisite passed as below.

4/8 : Specify unique schema prefix name as DEV12C and Click next, it will again do check prerequisite
Ignore if any warnings and click next

It should pass all prerequisite check as below

5/8 : Enter the password for all the schema as default "Welcome1", click Next

6/8 : Enter custom variable for SOA as "Medium" below, Click Next

7/8 : Default temporary tablespace and other components tablespace, keep as default and click Next
Creating tablespace will finish as below, Click OK

8/8 : Summary screen with new schema users and tablespace name, Click on Create button

8/9 : This will start execute the scripts in System load wizard and should show completed successfully and automatically move to completion summary screen. (Usually take few mins, so please be waited....)
 

Finally you can see completion summary as below, click Close


3.5 Configuration of Weblogic domain

Start first with OIM configuration. Navigate to below oracle common bin path to run required config scripts

$ cd /home/oracle/Oracle/Middleware/Oracle_Home/oracle_common/common/bin
$ ./config.sh

1/13 : This will launch configuration wizard for FMW, Keep path as same in $ORACLE_MW_HOME/user_projects/domain/base_domain

2/13 : Select template name as Oracle Identity Manager [idm] other available templates get select default and click Next

3/13 : Select High availability option as highlighted below, Click Next

4/13 : Keep as default base_domain , click Next

5/13 : Enter admin account details for "weblogic" user, Keep password as "Welcome1"

6/13 : Set domain mode and JDK as below highlighted, click Next

7/13 : Enter database configuration type as below which we have used earlier during RCU creation, password would be "Welcome1"

8/13 : Select component schema data sources option, click Next. Here you can change the data source configuration if needed.
Uploading: 506427 of 506427 bytes uploaded.
9/13 : Run JDBC test connection with newly created data source, result should show successful, Click Next
10/13 : Important steps to enter credential details, keep password as "Welcome1" only for below highlighted username
keystore
Username: keystore
Password: Welcome1

OIMSchemaPassword
Username: DEV12C_OIM
Password: Welcome1

sysadmin
Username: xelsysadm
Password: Welcome1

WeblogicAdminKey
Username: weblogic
Password: Welcome1

11/13 : No changes required in Key store page , Click Next
12/13 : In Advanced Configuration, Select below highlighted options. It depends on whether your creating normal single node instance or Multi cluster mode environment
13/13 : In Admin Server section Keep Listen address as below highlighted, click Next
14/15 : In Node Manager section enter username as "weblogic" and password as "Welcome1" , click Next
15/15 : In Managed Servers section keep default settings as it is default port for OIM:14000 and SOA:7003, click Next
Here for clusters environment you can add node-2 server information if not needed then click Next

Refer section below before 3.6 with detailed steps, if you want to setup Cluster environment 

Keep Server Templates as default, click Next
Keep Coherence Clusters as default, click Next
11/13 : In Machines section, enter below highlighted details as it is, click Next

11/13 : Assign Servers to created Machine as per below configuration , click Next
11/13 : Virtual Targets, skip Next
11/13 : Configuration summary, click Create
11/13 : Configuration progress will take some time, so please be waited and it should show 100% successful, click Next
11/13 : End of configuration, Click Finish



Refer below steps, if you want to setup Cluster environment [START]:
Note:**
Please make sure you have already installed below components in both the nodes (oim-12c-server1 & oim-12c-server2)
  • Fusion Middleware 12.2.1.4.0
  • SOA Suite 12.2.1.4.0
  • Oracle Identity and Access Management 12.2.1.4.0
In cluster environment, we don't need weblogic on node-2. Only have to run Node Manager server.


15/24 Enter Listen Address: (Enter node server name for each server name)
Server Name      Listen Address   Listen Port
oim_server1      oim-12c-server1           14000
soa_server1       oim-12c-server1             7003

oim_server2      oim-12c-server2           14000
soa_server2       oim-12c-server2             7003


16/26   Enter Cluster Address here as below e.g.
Cluster Name:
oim_cluster
soa_cluster

Cluster Address: (Enter node server name comma separated values as below)
oim-12c-server1, oim-12c-server2
oim-12c-server1, oim-12c-server2
    


Skip 17/26 , 18/26 steps, Next

19/26  - Select server from left side and move into respective cluster group as shown in below screenshot



Skip 20/26 step, Next

21/26 - In this step, Click on Unix Machine (if its Linux server) and create two machine name , keep default port as 5556 for node manager server. Enter Node manager Listen address as 
oim-12c-server1
oim-12c-server2



22/26 - In this step, Move server details into respective machine name grouping as shown below



Run below commands from Node1 (oim-12c-server1) to Node2 (oim-12c-server2)

--Pack from Node-1:
/home/oracle/Oracle/Middleware/Oracle_Home/wlserver/common/bin/pack.sh -domain=/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/ -template=/tmp/oim12cserver_domain.jar -template_name=remote_managed -managed=true

--Unpack to Node-2:
/home/oracle/Oracle/Middleware/Oracle_Home/wlserver/common/bin/unpack.sh -domain=/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/ -template=/tmp/oim12cserver_domain.jar

[oracle@oim-12c-server1 bin]$ /home/oracle/Oracle/Middleware/Oracle_Home/wlserver/common/bin/pack.sh -domain=/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/ -template=/tmp/oim12cserver_domain.jar -template_name=remote_managed -managed=true

WARNING: This is a deprecated script. Please invoke the pack.sh script under oracle_common/common/bin.

<< read domain from "/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain"
>>  succeed: read domain from "/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain"
<< set config option Managed to "true"
>>  succeed: set config option Managed to "true"
<< write template to "/tmp/oim12cserver_domain.jar"
..............................
>>  succeed: write template to "/tmp/oim12cserver_domain.jar"
<< close template
>>  succeed: close template


For any error related to authentication - 
Please make sure you have below setting present in security realm internal users and providers section in weblogic console:

OIM Log Stack Trace:
<Error> <oracle.iam.platform.auth.client> <IAM-0020016> <AssertionException encountered while asserting/logging in as user xelsysadm : oracle.security.jps.internal.api.jaas.AssertionException: javax.security.auth.login.FailedLoginException: [Security:090938]Authentication failure: The specified user failed to log in. javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User specified user denied>

<Error> <oracle.iam.platform.auth.client> <IAM-0020017> <PrivilegedActionException encountered while asserting/logging in as user xelsysadm : java.security.PrivilegedActionException: javax.security.auth.login.LoginException: AssertionException encountered while asserting/logging in as user xelsysadm : oracle.security.jps.internal.api.jaas.AssertionException: javax.security.auth.login.FailedLoginException: [Security:090938]Authentication failure: The specified user failed to log in. javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User specified user denied>

OIM Log Stack Trace:
weblogic.application.ModuleException: The run-as security principal, 'oiminternal', chosen for the EJB 'oimAttestationQueueMDB(Application: oim, EJBComponent: iam-async-mdb.jar)' is not a valid user principal in the current security realm. Please specify a valid user principal for the EJB to use.
        at weblogic.application.internal.ExtensibleModuleWrapper.prepare(ExtensibleModuleWrapper.java:114)
        at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:100)
        at weblogic.application.internal.flow.ModuleStateDriver$1.next(ModuleStateDriver.java:192)
        at weblogic.application.internal.flow.ModuleStateDriver$1.next(ModuleStateDriver.java:187)
        at weblogic.application.utils.StateMachineDriver$ParallelChange.run(StateMachineDriver.java:83)
        at weblogic.work.ContextWrap.run(ContextWrap.java:46)
        at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:681)
        at weblogic.invocation.ComponentInvocationContextManager._runAs(ComponentInvocationContextManager.java:352)
        at weblogic.invocation.ComponentInvocationContextManager.runAs(ComponentInvocationContextManager.java:337)
        at weblogic.work.LivePartitionUtility.doRunWorkUnderContext(LivePartitionUtility.java:57)
        at weblogic.work.PartitionUtility.runWorkUnderContext(PartitionUtility.java:41)
        at weblogic.work.SelfTuningWorkManagerImpl.runWorkUnderContext(SelfTuningWorkManagerImpl.java:655)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:420)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:360)
Caused by: The run-as security principal, 'oiminternal', chosen for the EJB 'oimAttestationQueueMDB(Application: oim, EJBComponent: iam-async-mdb.jar)' is not a valid user principal in the current security realm. Please specify a valid user principal for the EJB to use.
        at weblogic.ejb.container.deployer.BeanInfoImpl.calculateRunAsPrincipal(BeanInfoImpl.java:844)
        at weblogic.ejb.container.deployer.BeanInfoImpl.prepare(BeanInfoImpl.java:779)
        at weblogic.ejb.container.deployer.MessageDrivenBeanInfoImpl.prepare(MessageDrivenBeanInfoImpl.java:1252)
        at weblogic.ejb.container.deployer.EJBDeployer.setupBeanInfos(EJBDeployer.java:581)
        at weblogic.ejb.container.deployer.EJBDeployer.prepare(EJBDeployer.java:734)
        at weblogic.ejb.container.deployer.EJBModule.prepare(EJBModule.java:405)
        at weblogic.application.internal.ExtensibleModuleWrapper$PrepareStateChange.next(ExtensibleModuleWrapper.java:295)
        at weblogic.application.internal.ExtensibleModuleWrapper$PrepareStateChange.next(ExtensibleModuleWrapper.java:285)
        at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:45)
        at weblogic.application.internal.ExtensibleModuleWrapper.prepare(ExtensibleModuleWrapper.java:109)


Steps: Navigate to Security Realm as shown in below screenshot, Click on "myrealm" -> Tab Users and Groups -> Check you can see "oiminternal" users here, if its not present click on new and create 


Click on user link oiminternal, enter General details, Password as "Welcome1" and in Group tab select oimusers group and move it to right as below and Save it.

If ask for server restart then do it for all Admin, Soa and Oim.



2) Click on Provider & Check if below OIM Authentication provider is present or not.
If not present then click on New button, 
2.1 ) Select OIMAuthenticationProvider from dropdown list, Control flag should be SUFFICIENT 
2.2) Enter DB URL as "jdbc:oracle:thin:@//<DB_HOST_NAME>:1521/orclpdb1"
2.3) Enter DB Schema user and password details
Save it.

Restart the servers if required.




Cluster environment setup [END]




3.6 Setup Environment settings and Start the Servers (OfflineConfigManager  - Must Step)
  1. Launch a terminal window as oracle and enter the following commands to run the offline configuration: 
  2. $ cd /home/oracle/Oracle/Middleware/Oracle_Home/idm/server/bin
    $ chmod u+x offlineConfigManager.sh
$ ./offlineConfigManager.sh
  3. If asked for domain home path then enter as below "/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain"
  4. Enter the following commands to start the Admin Server:
    $ cd $DOMAIN_HOME/bin
    $ ./startWebLogic.sh
Please create the boot.properties file in server path for admin, oim_server and soa_server as per below steps:

Path:
/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/servers

Create the Boot Properties File:

vi boot.properties

Add the following two lines:
username=weblogic
password=<password>
  1. If prompted during the startup enter the WebLogic administrator credentials (weblogic/Welcome1). Wait until the terminal displays the message Server started in RUNNING mode. Minimize the window.
  2. Open a browser and access the Oracle WebLogic Server Administration console 12c at http://host01.example.com:7001/console.
  3. Login with username and password weblogic/Welcome1.
  4. In Domain Structure menu, select Environment > Cluster to open the Summary of Clusters page. Check if the clusters are created.
  5. In Domain Structure menu, select Environment > Servers to open the Summary of Servers page. Check if the servers are created with correct Listen Port and Machine values.
  6. In Domain Structure menu, select  Security Realms to open the Summary of Security Realms. Click the myrealm link to open the Settings for myrealm page. Open Providers tab, check if OIMAuthenticationProvider is created.
  7. In another terminal window start Node Manager by running the following command:
    $ cd $DOMAIN_HOME/bin
    $ ./startNodeManager.sh
  8. In the Oracle WebLogic Server Administration console 12c, select Domain Structure menu, Environment > Servers to open the Summary of Servers page.
  9. Open Control tab, select soa_server1. Click Start. When prompted to start the server, click Yes. When the soa_server1 is up, the State changes to RUNNING.
  10. Select oim_server1, and click Start. When prompted to start the server, click Yes.  When the oim_server1 is up, the State changes to RUNNING.


Quick Guide: Start/Stop Admin, OIM, SOA servers from command line:

cd /home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/bin

Follow same sequence for [START] the servers:
 
##   WEBLOGIC   ##
nohup ./startWebLogic.sh > wls.out &
tail -1000f wls.out
#(Till the server is up)
<Server state changed to RUNNING.>


##   NODE MANAGER   ##
nohup ./startNodeManager.sh > node_manager.out &
tail -1000f node_manager.out


##    SOA SERVER    ##
nohup ./startManagedWebLogic.sh soa_server1 > soa.out &
tail -1000f soa.out
#(Till the server is up)
<Server state changed to RUNNING.>


##    OIM SERVER    ##
nohup ./startManagedWebLogic.sh oim_server1 > oim.out &
tail -1000f oim.out
#(Till the server is up)
<Server state changed to RUNNING.>


##    OAM SERVER    ##
nohup ./startManagedWebLogic.sh oam_server1 > oam.out &
tail -1000f oam.out

nohup ./startManagedWebLogic.sh oam_policy_mgr1 > oam_policy.out &
tail -1000f oam_policy.out
#(Till the server is up)
<Server state changed to RUNNING.>


Follow same sequence for [STOP] the servers:

##    OIM SERVER    ##
nohup ./stopManagedWebLogic.sh oim_server1 > oim.out &
tail -1000f oim.out

##    SOA SERVER    ##
nohup ./stopManagedWebLogic.sh soa_server1 > soa.out &
tail -1000f soa.out

##   WEBLOGIC   ##
nohup ./stopWebLogic.sh > wls.out &
tail -1000f wls.out

##   NODE MANAGER   ##
nohup ./stopNodeManager.sh > node_manager.out &
tail -1000f node_manager.out

##    OAM SERVER    ##
nohup ./stopManagedWebLogic.sh oam_server1 > oam.out &
tail -1000f oam.out

##    OHS Instance on Server ##
START OHS Instance
nohup ./startNodeManager.sh > ohs_node_manager.out &
tail -1000f ohs_node_manager.out

./startComponent.sh ohs1

STOP OHS Instance
nohup ./stopNodeManager.sh > ohs_node_manager.out &
./stopComponent.sh ohs1


3.8 Post Installation / Environment Variable Settings in bash profile as below

##Oracle OIM Settings
export TMP=/tmp
export TMPDIR=$TMP

export ORACLE_HOSTNAME=hostname
export ORA_INVENTORY=/home/oracle/oraInventory

export MW_HOME=/home/oracle/Oracle/Middleware/Oracle_Home
export DOMAIN_HOME=/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain
export OIM_HOME=/home/oracle/Oracle/Middleware/Oracle_Home/idm

alias startadmin='nohup $DOMAIN_HOME/bin/startWebLogic.sh > $DOMAIN_HOME/servers/AdminServer/admin.log &'
export startadmin
alias stopadmin='nohup $DOMAIN_HOME/bin/stopWebLogic.sh >> $DOMAIN_HOME/servers/AdminServer/admin.log &'
export stopadmin

alias startoim='nohup $DOMAIN_HOME/bin/startManagedWebLogic.sh oim_server1 > $DOMAIN_HOME/servers/oim_server1/oim.log &'
export startoim
alias stopoim='nohup $DOMAIN_HOME/bin/stopManagedWebLogic.sh oim_server1 >> $DOMAIN_HOME/servers/oim_server1/oim.log &'
export stopoim

alias startsoa='nohup $DOMAIN_HOME/bin/startManagedWebLogic.sh soa_server1 > $DOMAIN_HOME/servers/soa_server1/soa.log &'
export startsoa
alias stopsoa='nohup $DOMAIN_HOME/bin/stopManagedWebLogic.sh soa_server1 >> $DOMAIN_HOME/servers/soa_server1/soa.log &'
export stopsoa

alias nmlog='tail -f $DOMAIN_HOME/nodemanager/nodemanager.log'
export nmlog
alias adminlog='tail -f $DOMAIN_HOME/servers/AdminServer/admin.log'
export adminlog
alias soalog='tail -f $DOMAIN_HOME/servers/soa_server1/logs/soa_server1.out'
export soalog
alias oimlog='tail -f $DOMAIN_HOME/servers/oim_server1/logs/oim_server1.out'
export oimlog

export JAVA_HOME=/usr/java
export JRE_HOME=/usr/java/jre
export PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin

PATH=$PATH:$HOME/.local/bin:$HOME/bin

export PATH




export ORACLE_HOME=/home/oracle/Oracle/Middleware/Oracle_Home
export DOMAIN_HOME=/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain
export OIM_HOME=/home/oracle/Oracle/Middleware/Oracle_Home/idm
Domain

Servers
/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/servers

StartWeblogic and NodeManager sh file
/home/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/bin

DB home path
/opt/oracle/product/19c/dbhome_1

3.9 Access the OIM Portal

Run from root user below firewall command to disabled the port setting if URL not accessible outside browser.
$ systemctl stop firewalld
iptables -F
iptables -X

Start a browser and access the Oracle Identity Self Service at 
OIM login:
http://host01.example.com:14000/identity
Login as xelsysadm/Welcome1

System admin login:
http://host01.example.com:14000/sysadmin
Login as xelsysadm/Welcome1
You can set the challenge questions and answers if prompted. 


Weblogic and Enterprise Manager console URL
Login as weblogic/Welcome1

http://host01.example.com:7001/console
http://host01.example.com:7001/em


Comments

Post a Comment

Popular posts from this blog

PUTTY - The server's host key is not cached in the registry cache

-
Error: "The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The server's rsa2 key fingerprint is: [SSH KEY FINGERPRINT] If you trust this host, enter "y" to add the key to PuTTY's cache and carry on connecting. If you want to carry on connecting just once, without adding the key to the cache, enter "n". If you do not trust this host, press Return to abandon the connection. Store key in cache? (y/n) y" Answer: Simply run this command in your windows preferred terminal (cmd.exe etc) and agree to accept the host and store the cache: C:\Program Files (x86)\PuTTY\plink.exe -ssh [SSH USERNAME]@[SSH HOST] -P [SSH PORT] echo y | pscp -i /path/to/key/file user@remote:/tmp/file  . echo y | plink -i /path/to/key/file scripts.sh Usually you would hit “y” here, assuming the host key is correct, in order to store it in future connection.  The storage of this goes into the Registry under ...
Read more

SAML & OAuth 2.0

-
Both SAML (Security Assertion Markup Language) and OAuth 2.0 are widely used protocols for authentication and authorization in web applications, but they serve different purposes. SAML (Security Assertion Markup Language) Purpose: Primarily designed for authentication and single sign-on (SSO) . How it works: A user attempts to access a service provider (SP). The SP redirects the user to an identity provider (IdP). The IdP authenticates the user and sends a SAML assertion to the SP. The SP validates the assertion and grants access to the user. Common use cases: Enterprise applications, government services, and federated identity management systems. OAuth 2.0 Purpose: Designed for authorization , allowing users to grant third-party applications access to their data on a specific service. How it works: A user attempts to access a resource on a service provider. The SP redirects the user to the authorization server. The user grants permission to the application. The authorization s...
Read more