Oracle® Application Server Installation Guide 10g (10.1.4.0.
Oracle Application Server Installation Guide 10g (10.1.4.0.1) for HP-UX Itanium B32100-01 Copyright © 2006, Oracle. All rights reserved.
Contents Preface ............................................................................................................................................................... xiii Intended Audience.................................................................................................................................... Documentation Accessibility ................................................................................................................... Related Documents ..................
2.6 2.6.1 2.6.2 2.7 2.8 2.8.1 2.8.2 2.8.3 2.8.4 2.8.5 2.8.6 2.9 2.9.1 2.9.2 2.10 2.10.1 2.10.2 2.10.3 2.10.4 2.10.5 2.10.6 2.10.7 2.11 3 Things You Should Know Before Starting the Installation 3.1 3.1.1 3.1.2 3.2 3.3 3.4 3.5 3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13 3.13.1 3.13.2 3.13.3 3.13.4 3.13.5 3.14 iv Operating System Groups ...................................................................................................... 2-16 Create a Group for the Inventory Directory .............................
3.15 4 Starting the Oracle Universal Installer..................................................................................... 3-8 Installing OracleAS Infrastructure 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11 4.12 4.13 4.14 4.15 4.16 4.17 4.18 4.19 4.20 4.21 4.22 4.23 4.24 4.25 4.26 4.27 4.28 4.29 4.30 Infrastructure Installation Types ..............................................................................................
5.4.1 5.4.2 5.4.3 5.5 5.6 5.7 5.8 5.8.1 5.8.1.1 5.8.1.2 5.8.1.3 5.8.2 5.9 5.10 6 Installing Oracle Internet Directory in Replicated Mode 6.1 6.1.1 6.1.2 6.2 6.2.1 6.2.2 6.3 6.4 6.5 6.5.1 6.5.2 6.5.3 6.6 7 Overview of High Availability Configurations...................................................................... OracleAS Cold Failover Cluster ........................................................................................ OracleAS Clusters ..................................................
Pre-Installation Steps for OracleAS Cold Failover Cluster ................................................... 8-2 Map the Virtual Hostname and Virtual IP Address....................................................... 8-2 Set Up a File System That Can Be Mounted from Both Nodes..................................... 8-4 Review Recommendations for Automatic Storage Management (ASM).................... 8-5 Check That Clusterware Is Running (Automated Failovers only) ...............................
9 Installing in High Availability Environments: OracleAS Cluster (Identity Management) 9.1 9.2 9.2.1 9.2.2 9.2.3 9.2.4 9.2.4.1 9.2.4.2 9.3 9.4 9.4.1 9.4.2 9.4.3 9.5 9.5.1 9.5.2 9.5.3 9.5.3.1 9.5.3.2 9.5.3.3 9.5.3.4 9.5.3.5 9.5.3.6 9.5.4 9.6 9.6.1 9.6.2 9.6.3 9.6.3.1 9.6.3.2 9.6.3.3 9.6.4 9.6.4.1 9.6.4.2 9.6.4.3 9.6.5 9.6.5.1 9.6.5.2 9.7 9.7.1 9.7.2 9.7.3 viii OracleAS Cluster (Identity Management): Introduction ......................................................
.8 10 Installing in High Availability Environments: OracleAS Disaster Recovery 10.1 10.2 10.2.1 10.2.2 10.2.3 10.2.4 10.3 10.3.1 10.3.2 10.4 10.5 10.6 11 State of Oracle Application Server Instances After Installation........................................ Passwords for Oracle Application Server Components..................................................... NFS Installations ......................................................................................................................
Creating Response Files by Using the Record Mode in the Installer .......................... B-3 Variables to Modify in the Response Files ...................................................................... B-3 Example Response Files..................................................................................................... B-4 Example Response File for OracleAS Infrastructure: Oracle Identity Management Only .......................................................................................
F.3 Installation Problems and Solutions ....................................................................................... F-2 F.3.1 Location of Log Files .......................................................................................................... F-2 F.3.2 Linking Failed, ORA Errors .............................................................................................. F-3 F.3.3 Prerequisite Checks Fail at the Start of Installation .................................................
xii
Preface The Oracle Application Server Installation Guide covers requirements, new features in the Oracle Universal Installer, Oracle Application Server concepts that affect installation, installation procedures, and troubleshooting tips. In addition, this guide also provides some sample topologies for installing and running Oracle Application Server.
TTY Access to Oracle Support Services Oracle provides dedicated Text Telephone (TTY) access to Oracle Support Services within the United States of America 24 hours a day, seven days a week. For TTY support, call 800.446.2398.
1 Product and Installation Overview This chapter describes what is contained in Oracle Application Server and recommended topologies. It contains the following sections: ■ Section 1.1, "Product Overview" ■ Section 1.2, "Where Do I Find Installation Instructions for My Product?" ■ Section 1.3, "Recommended Topologies" 1.1 Product Overview Oracle Application Server is made up of a middle tier and OracleAS Infrastructure. You deploy and run your applications on the middle tiers.
Where Do I Find Installation Instructions for My Product? ■ ■ ■ ■ ■ ■ Oracle Directory Integration Platform: A component of Oracle Internet Directory designed to perform directory synchronization with third party directory products. Oracle Application Server Certificate Authority: A component that issues, revokes, renews, and publishes X.509v3 certificates to support PKI-based strong authentication methods.
Recommended Topologies 1.3 Recommended Topologies Table 1–2 provides a road map of where to find information about the supported 10g (10.1.4.0.1) topologies. Table 1–2 Recommended Topologies Topology See This Documentation for Details 10.1.4.0.1 OracleAS Infrastructure Topologies An Oracle Application Server instance containing all Oracle Identity Management components in one Oracle home. Section 1.3.
Recommended Topologies Table 1–2 (Cont.) Recommended Topologies Topology See This Documentation for Details Chapter 10, "Installing in High Availability Environments: An OracleAS Disaster Recovery configuration in OracleAS Disaster Recovery" which a standby site mirrors a production site. During normal operation, the production site handles all the requests. If the production site goes down, the standby site takes over and handles all the requests.
Recommended Topologies Figure 1–1 Oracle Identity Management in a Single Oracle Home Oracle Home 1 Oracle HTTP Server OC4J SSO / DAS Application Server Control OID / DIP OracleAS Metadata Repository Requirements The requirements are the same as those listed in Chapter 2, "Requirements". Installation Sequence Perform an installation of Oracle Identity Management as described in Section 4.23, "Installing Oracle Identity Management Components Only (Including Oracle Internet Directory)".
Recommended Topologies Figure 1–2 Cluster with a Distributed Oracle Identity Management with an Integrated Oracle HTTP Server Oracle Home 1 Oracle Home 2 Oracle HTTP Server OID / DIP OC4J SSO / DAS Application Server Control Host 1 OracleAS Metadata Repository Requirements The requirements are the same as those listed in Chapter 2, "Requirements". Installation Sequence To install this topology: 1. Install OracleAS Metadata Repository on a shared disk.
Recommended Topologies ■ 4. Select High Availability and Replication. On Oracle Home 2, perform the following commands to disable Oracle HTTP Server: a. Edit the ORACLE_HOME/opmn/bin/opmn.xml file to change the Oracle HTTP Server status to disabled, as shown in bold. ... b. Perform the following command to stop OPMN: prompt> ORACLE_HOME/opmn/bin/opmnctl stopall c.
Recommended Topologies Requirements The requirements are the same as those listed in Chapter 2, "Requirements". Installation Sequence To install this topology: 1. Install OracleAS Metadata Repository on a shared disk. It is recommended that you install OracleAS Metadata Repository in an existing database. See Oracle Application Server Metadata Repository Creation Assistant User’s Guide for details. 2. Install Oracle HTTP Server with Apache 2.
Recommended Topologies 6. Configure the standalone Oracle HTTP Server in Oracle Home 1. See "Configuring Standalone Oracle HTTP Server with Oracle Application Server" in Oracle HTTP Server Administering a Standalone Deployment Based on Apache 2.0 in the 10g Release 2 (10.1.2) or 10g Release 3 (10.1.3) documentation library.
Recommended Topologies 1-10 Oracle Application Server Installation Guide
2 Requirements Before installing Oracle Application Server, ensure that your computer meets the requirements described in this chapter. Table 2–1 Sections in This Chapter Section Highlights Section 2.1, "Using OracleMetaLink to Obtain the Latest Oracle Application Server Hardware and Software Requirements" Describes how to find the most current requirements for Oracle Application Server 10g (10.1.4.0.1). Section 2.
System Requirements manufacturing. For the most up-to-date information about hardware and software requirements, refer to OracleMetaLink: http://metalink.oracle.com/ After logging into OracleMetaLink, click Certify. From the resulting Web page, you can view the latest certifications by product, platform, and product availability. 2.2 System Requirements Table 2–2 lists the system requirements for running Oracle Application Server.
System Requirements Table 2–2 (Cont.) System Requirements Item Requirement Processor type 64-bit HP-UX Itanium processor To determine the processor type, run the following command: prompt> /usr/bin/getconf KERNEL_BITS Checked by Installer: No Processor speed 400 MHz or faster Checked by Installer: Yes Memory The memory requirements provided for the various installation types represents enough physical memory to install and run Oracle Application Server.
System Requirements Table 2–2 (Cont.) System Requirements Item Requirement Disk space OracleAS Infrastructure: ■ OracleAS Metadata Repository and Oracle Identity Management: 6.5 GB You can install the data files for the OracleAS Metadata Repository database on a disk that is different from the disk where you are installing OracleAS Infrastructure. If you do this, make sure the disk for the Oracle Home has at least 3.5 GB of free space and the disk for the data files has at least 3.0 GB of free space.
Software Requirements 2.2.1 Installing from the Console or X Windows If you are performing the installation from the console or X Windows, then add the following line to the /etc/pam.d/xdm file: session required pam_limits.so 2.2.2 Tips for Reducing Memory Usage If you need to reduce memory consumption: ■ ■ ■ Configure only the components that you need. After installation, start up only the components that you need. See the Oracle Application Server Administrator’s Guide for details.
Software Requirements Table 2–3 (Cont.) Software Requirements for HP-UX 11i version 2 Itanium Systems Item Patches for 11.11 (or higher versions) Requirement ■ BUNDLE11i B.11.23.0409.3 (Patch Bundle for HP-UX 11i v2 (B.11.23), September 2004) ■ PHSS_31850 (11.23 assembler patch) ■ PHSS_31851 (11.23 Integrity Unwind Library) ■ PHSS_31854 (11.23 milli cumulative patch) ■ PHSS_31855 (11.23 aC++ Runtime (IA: A.05.60, PA A.03.60)) ■ PHSS_33275 + PHSS_32213 (11.
Kernel Parameters # /usr/sbin/swlist -l patch | more If a required patch is not installed, download it from the following URL and install it: http://itresourcecenter.hp.com 2.4 Kernel Parameters The computers on which you plan to install OracleAS Metadata Repository require their kernel parameters to be set to the minimum values listed in the following sections: ■ Section 2.4.1, "Kernel Parameter Settings for OracleAS Metadata Repository" 2.4.
Ports Parameter Recommended Formula or Value shmmax The size of physical memory or 0X40000000 (1073741824), whichever is greater. Note: To avoid performance degradation, the value should be greater than or equal to the size of the SGA. shmmni 512 shmseg 120 tcp_conn_request_max 2048 vps_ceiling 64 To view the current value specified for these kernel parameters, and to change them if necessary, follow these steps: 1.
Ports Why the Default Port for Oracle HTTP Server Is Port 7777 and Not Port 80 By default, the installer configures Oracle HTTP Server to use port 7777, not port 80. Port 7777 is the default port because on UNIX, components that use port numbers lower than 1024 require additional steps to be done as the root user before the components can run. Because the installer does not have root access, it has to use a port greater than 1024.
Ports Note: ■ In the default configuration of the /etc/services file includes ports 389 and 636 (for LDAP and LDAP/SSL). These happen to be the default ports for Oracle Internet Directory. This means that if you want to use these port numbers for Oracle Internet Directory, you must either delete or comment out these lines in the /etc/services file.
Ports Oracle HTTP Server port = port_num Oracle HTTP Server Listen port = port_num Oracle HTTP Server SSL port = port_num Oracle HTTP Server Listen (SSL) port = port_num Oracle HTTP Server Diagnostic port = port_num Java Object Cache port = port_num DCM Discovery port = port_num Oracle Notification Server Request port = port_num Oracle Notification Server Local port = port_num Oracle Notification Server Remote port = port_num Application Server Control port = port_num Application Server Control RMI port =
Ports Notes on Choosing Port Numbers: ■ ■ ■ ■ Port numbers cannot be greater than 65535. If you use a port number less than 1024 for a component, you must run the component as the root user. If you use a port number less than 1024 for a component, the installer will not be able to start up the component at the end of installation. You may need to configure the component first before you can start it up. See the appropriate component documentation for details.
Ports ■ ■ ■ ■ ■ If you specify the same port for one component on multiple lines, the installer assigns the default port for the component. The installer does not warn you if you have specified the same port on multiple lines. If you have syntax errors in the staticports.ini file (for example, if you omitted the = character for a line), the installer ignores the line. For the components specified on such lines, the installer assigns the default ports.
Ports You might be able to use the same listener for both the existing database and the OracleAS Metadata Repository database. You have to consider the version of the existing listener as well as the port number. Table 2–5 shows scenarios and outcomes. You can change the OracleAS Metadata Repository listener to use a different port after installation. See the Oracle Application Server Administrator’s Guide for details.
Ports prompt> $ORACLE_HOME/bin/lsnrctl stop ORACLE_HOME is the home directory for your existing database. If you do not stop the existing listener, the installation will fail. 2. Install the OracleAS Metadata Repository. See any of the procedures that install an OracleAS Metadata Repository in Chapter 4, "Installing OracleAS Infrastructure" (for example, Section 4.20, "Installing OracleAS Infrastructure" or Section 4.21, "Installing OracleAS Infrastructure Against an Existing Oracle Internet Directory").
Operating System Groups OracleAS Metadata Repository. After installation, you can reconfigure the OracleAS Metadata Repository to use a port other than 1521. See the Oracle Application Server Administrator’s Guide for instructions on how to do this. 2.6 Operating System Groups You need to create operating system groups in these situations: ■ ■ If you plan to install Oracle Application Server on a computer that does not have Oracle products, create a group to own the "inventory" directory.
Operating System User Table 2–6 Privileges for the OSDBA and OSOPER Groups Group Description OSDBA This is the database administrator group. Users in this group are granted SYSDBA privileges. OSOPER Users in this group are granted SYSOPER privileges, which comprise privileges required for basic maintenance. These include database startup and shutdown, and other privileges required for database operation. SYSOPER privileges are a subset of SYSDBA privileges.
Environment Variables Table 2–7 (Cont.) Properties of the Operating System User Who Runs the Installer Item Description Login shell The default login shell can be the C, Bourne, or Korn shell. Note: Use the oracle user only for installing and running Oracle products. Do not use root as the oracle user. To create the oracle user: 1. Enter a command similar to the following: # /usr/sbin/useradd -g oinstall -G dba[,oper] oracle In this command: 2.
Environment Variables ■ ■ If you set environment variables in the .profile file, they might not be read. To ensure environment variables are set to the correct values, check their values in the shell where you will be running the installer. To check the value of environment variables, use the env command. This displays all the currently defined environment variables and their values.
Environment Variables 2.8.5 TMP and TMPDIR The installer uses a temporary directory for swap space. The installer checks for the TMP and TMPDIR environment variables to locate the temporary directory. If this environment variable does not exist, the installer uses the /tmp directory. If you want the installer to use a temporary directory other than /tmp, set the TMP and TMPDIR environment variables to the full path of an alternate directory.
The /etc/hosts File 2.9 The /etc/hosts File Although the contents of the /etc/hosts file affect these items: ■ Section 2.9.1, "Location of the Default Oracle Identity Management Realm" ■ Section 2.9.2, "Hostname for OracleAS Single Sign-On" the installer provides alternative methods for you to enter the values that you want without editing the hosts file. See the following subsections for details. 2.9.
Network Topics 2.10 Network Topics Typically, the computer on which you want to install Oracle Application Server is connected to the network, has local storage to contain the Oracle Application Server installation, has a display monitor, and has a CD-ROM or DVD-ROM drive. This section describes how to install Oracle Application Server on computers that do not meet the typical scenario. It covers the following cases: ■ ■ Section 2.10.1, "Installing on Multihomed (Multi-IP) Computers" Section 2.10.
Network Topics This space is in addition to the space required for installing Oracle Application Server (listed in Table 2–2). To Copy the CD-ROMs: 1. Create a directory structure on your hard drive as shown in Figure 2–1. You need to create a parent directory (called OracleAS_10g in the example, but you can name it anything you like), and, under the parent directory, create subdirectories called Disk1, Disk2, and so on. The names of the subdirectories must be DiskN, where N is the CD-ROM number.
Network Topics 1. Allow remote_computer to display on local_computer. You need to run this command on the local computer’s console. local_computer> xhost +remote_computer If you do not run xhost, you might get an Xlib error similar to "Failed to connect to server", "Connection refused by server," or "Can’t open display" when starting the installer. 2. On local_computer, perform a remote login (using telnet or rlogin) to remote_ computer. Log in as the oracle user, as described in Section 2.
Network Topics 3. Set the DISPLAY environment variable on remote_computer to point to local_ computer. Example (C shell): remote_computer> setenv DISPLAY local_computer.mydomain.com:0.0 Example (Bourne or Korn shell): remote_computer> DISPLAY=local_computer.mydomain.com:0.0; export DISPLAY 4. Run the installer. See Section 3.15, "Starting the Oracle Universal Installer". You can use a PC X emulator to run the installer if it supports a PseudoColor color model or PseudoColor visual.
Prerequisite Checks Performed by the Installer 2.10.7 Support for NIS and NIS+ You can install and run Oracle Application Server in NIS and NIS+ environments. 2.11 Prerequisite Checks Performed by the Installer Table 2–9 lists the checks performed by the installer: Table 2–9 Prerequisite Checks Performed by the Installer Item Description Operating system version See Table 2–3 for supported versions. Operating system patches See Section 2.3, "Software Requirements" for a list of required patches.
Prerequisite Checks Performed by the Installer Table 2–9 (Cont.) Prerequisite Checks Performed by the Installer Item Description Oracle home directory You should install Oracle Application Server in a new directory. Here are some examples of installations that are not allowed: ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ Port 1521 Any type of Oracle Application Server into an 8.0, 8i, 9.0.1, or 9.
Prerequisite Checks Performed by the Installer Table 2–9 (Cont.) Prerequisite Checks Performed by the Installer Item Description TNS_ADMIN environment variable The TNS_ADMIN environment variable must not be set. DBCA_RAW_CONFIG environment variable If you are installing the OracleAS Infrastructure in a Real Application Clusters environment, you need to set this environment variable to point to a file that describes the locations of your raw partitions.
3 Things You Should Know Before Starting the Installation This chapter contains the following topics: ■ Section 3.1, "Oracle Home Directory" ■ Section 3.2, "Can I Use Symbolic Links?" ■ Section 3.3, "First-Time Installation of Any Oracle Product" ■ Section 3.4, "Installing Additional Languages" ■ Section 3.5, "Oracle Application Server Instances and Instance Names" ■ Section 3.6, "The ias_admin User and Restrictions on its Password" ■ Section 3.
Can I Use Symbolic Links? Notes: Spaces are not allowed anywhere in the Oracle home directory path. For example, you cannot install in "/opt/oracle/app server/Infra" because of the space character in "app server". The installer does not check for this until several screens after you have entered the path. If you plan to install a middle tier and an infrastructure on the same computer, you must install them in different Oracle home directories.
Oracle Application Server Instances and Instance Names To ensure other users in the oinstall group have access to the inventory directory (so that they can install Oracle products), do not use the oracle user’s home directory as the inventory directory because home directories might not have the proper permissions set up for the oinstall group. Instead, you can put the inventory directory in the /opt/oracle directory (for example, /opt/oracle/oraInventory).
The ias_admin User and Restrictions on its Password Valid Characters in Instance Names Instance names can consist only of the alphanumeric characters (A-Z, a-z, 0-9) and the _ (underscore) character. The maximum length for an instance name is 64 characters. Restrictions on Oracle Application Server Instance Names Do not use the hostname of the computer when naming Oracle Application Server instances.
Where Does the Installer Write Files? ■ If you are using any other version of Oracle Internet Directory (for example, you are using an existing Oracle Internet Directory), your Oracle Internet Directory administrator might have defined a different password policy. The password you enter for the ias_admin user must conform to the existing Oracle Internet Directory’s password policy.
Why Do I Need to be Able to Log In as Root at Certain Times During Installation? Table 3–1 (Cont.) Directories Where the Installer Writes Files Directory Description Inventory directory When you install the first Oracle product on a computer, you specify this directory, which the installer uses to keep track of which Oracle products are installed on the computer. In subsequent installations, the installer uses the same inventory directory.
Obtaining Software from Oracle E-Delivery 3.12 Connecting to Oracle Internet Directory Through SSL Connections When you install OracleAS Infrastructure or middle tiers, you can specify that Oracle Application Server components connect to Oracle Internet Directory only through SSL connections. On screens where you specify the hostname and port for Oracle Internet Directory, you can select the Use Only SSL Connections With This Oracle Internet Directory option.
Setting the Mount Point for the CD-ROM or DVD 3.13.5 Extracting Software from the Zip Files Verify that the file size of your downloaded file matches the file size displayed on E-Delivery. Unzip each Zip file to its own temporary directory. For example, create a directory structure called oraAS10g on your hard drive: c:\oraAS10g Then create a new directory for each Zip file you downloaded: c:\oraAS10g\Disk1 c:\oraAS10g\Disk2 etc.
Starting the Oracle Universal Installer CD-ROM users: Insert Oracle Application Server Disk 1 into the CD-ROM drive. DVD-ROM users: Insert the Oracle Application Server DVD-ROM into the DVD-ROM drive. 5. Run the Oracle Universal Installer using the command shown after the notes: Notes: ■ ■ Be sure you are not logged in as the root user when you start the Oracle Universal Installer. The installer gives an error message if you try to run it as the root user.
Starting the Oracle Universal Installer 3-10 Oracle Application Server Installation Guide
4 Installing OracleAS Infrastructure This chapter contains the following sections: Table 4–1 Contents of This Chapter Topics ■ ■ Procedures Section 4.1, "Infrastructure Installation Types" Section 4.2, "Why Would I Select the Different Infrastructure Installation Types?" ■ Section 4.3, "Order of Installation for the Infrastructure" ■ Section 4.4, "Can I Install Components on Separate Computers?" ■ ■ ■ ■ ■ ■ Section 4.
Why Would I Select the Different Infrastructure Installation Types? Table 4–2 OracleAS Infrastructure Components Infrastructure Components Oracle Identity Management components OracleAS Metadata Repository Description These components provide directory, security, and user management functionality. Some of these components have schemas in the OracleAS Metadata Repository.
Order of Installation for the Infrastructure 4.3 Order of Installation for the Infrastructure If you plan to install both OracleAS Metadata Repository and Oracle Identity Management components on the same computer, select the "Oracle Identity Management and OracleAS Metadata Repository" option. The installer installs the components in the proper order. See Section 4.20, "Installing OracleAS Infrastructure" for the step-by-step procedure.
Can I Install Components on Separate Computers? 4.4 Can I Install Components on Separate Computers? You already know that you can install Oracle Application Server instances on separate computers. In addition, you can also distribute components over multiple computers. This is especially useful for infrastructure components. You might want to do this to improve performance, security, scalability, and availability of infrastructure services.
Tips for Installing Oracle Identity Management Components Separately Table 4–3 (Cont.) OracleAS Infrastructure Configurations Configuration Description / How to Install OracleAS Metadata Repository In this configuration, the OracleAS Metadata Repository runs on one computer, Oracle Internet Directory runs on a second computer, and the remaining Oracle Identity Management components run on a third computer. To install this configuration: Oracle Internet Directory 1.
Do I Need the Oracle Delegated Administration Services or the Oracle Directory Integration Platform Components? Integration Platform against the same OracleAS Metadata Repository. If you want to configure more than one Oracle Internet Directory against the same OracleAS Metadata Repository, see the Oracle Internet Directory Administrator’s Guide. ■ ■ ■ You must select at least one component to configure. Otherwise the installation will not succeed.
Registration of OracleAS Metadata Repository in Oracle Internet Directory and Password Randomization 4.9 Can I Use an Existing Oracle Internet Directory? You can use an existing Oracle Internet Directory instead of having the installer create a new one. You might want to do this if your applications need to authenticate users that are already stored in your Oracle Internet Directory.
Contents of the OracleAS Metadata Repository Table 4–4 (Cont.) Database Registration Scenarios Scenario Registration Schema Passwords Install an Oracle Internet Directory against an existing OracleAS Metadata Repository Automatic Randomized (the metadata repository schemas are given new randomized passwords) See Section 4.25, "Installing Oracle Internet Directory Only".
Can I Use Multiple Metadata Repositories? If you are interested in seeing the names of all the schemas, see the Oracle Application Server Metadata Repository Creation Assistant User’s Guide. 4.12 Can I Use Multiple Metadata Repositories? You can install multiple metadata repositories to increase performance. This enables different components in your topology to use different metadata repositories.
What High Availability Options Does Oracle Application Server Support? Figure 4–1 Multiple Metadata Repositories in Use Computer 1 OracleAS Infrastructure Oracle OracleAS Internet Single Directory Sign-On Computer 3 Both metadata repositories are registered in the Internet Directory.
How to Determine Port Numbers Used by Components users, which are privileged users for the database. The passwords for these users have the following restrictions: ■ ■ ■ ■ ■ Passwords must be shorter than 30 characters. Passwords can contain only alphanumeric characters from your database character set, the underscore (_), the dollar sign ($), and the number sign (#). Passwords must begin with an alphabetic character.
Can I Add OCA After Installation? Click the Ports link on the Enterprise Manager home page. This takes you to a page that lists all ports in use and the suggested port ranges for different components. ■ Look in the ORACLE_HOME/install/portlist.ini file. ORACLE_HOME refers to the directory containing the Oracle Application Server installation. Note that if you change a component’s port number after installation, the portlist.ini file is not updated. The portlist.ini file is not updated after installation.
Installing OracleAS Infrastructure Table 4–5 1. Steps for Installing OracleAS Infrastructure Screen Action -- Start up the installer and complete the first few screens. See Section 4.27, "Install Fragment: The First Few Screens of the Installation" for details. Notes: ■ 2. Select Configuration Options In the Select Installation Type screen, select Identity Management and Metadata Repository. Select Oracle Internet Directory. Select Oracle Application Server Single Sign-On.
Installing OracleAS Infrastructure Against an Existing Oracle Internet Directory 4.21 Installing OracleAS Infrastructure Against an Existing Oracle Internet Directory Perform this procedure to install Oracle Identity Management components (except Oracle Internet Directory) and the OracleAS Metadata Repository. Prerequisite: Oracle Internet Directory version 9.0.
Installing OracleAS Metadata Repository in a New Database Table 4–6 (Cont.) Steps for Installing OracleAS Infrastructure Against an Existing Oracle Internet Directory 5. Screen Action Specify Oracle Internet Directory Login Username: Enter the username to log in to Oracle Internet Directory. You must log in as a user who belongs to the necessary groups in Oracle Internet Directory. Which groups are necessary depends on which components you are installing. See Section 5.
Installing Oracle Identity Management Components Only (Including Oracle Internet Directory) Table 4–7 1. Steps for Installing OracleAS Metadata Repository in a New Database Screen Action -- Start up the installer and complete the first few screens. See Section 4.27, "Install Fragment: The First Few Screens of the Installation" for details. Notes: ■ 2. 3. In the Select Installation Type screen, select Metadata Repository.
Installing Oracle Identity Management Components Only (Including Oracle Internet Directory) Follow this procedure to configure Oracle Internet Directory against a remote OracleAS Metadata Repository. You have installed the OracleAS Metadata Repository in an existing database (see the Oracle Application Server Metadata Repository Creation Assistant User’s Guide) or in a new database (Section 4.22, "Installing OracleAS Metadata Repository in a New Database").
Installing Oracle Identity Management Components Only (Excluding Oracle Internet Directory) Table 4–8 (Cont.) Steps for Installing Oracle Identity Management Components Only (Including Oracle Internet Directory) Screen Action 6. Enter information to configure OCA Provide the information as prompted by the OCA screens. See Section 4.30, "Install Fragment: OCA Screens" for details. 7. Specify Instance Name and ias_admin Password Instance Name: Enter a name for this infrastructure instance.
Installing Oracle Identity Management Components Only (Excluding Oracle Internet Directory) Table 4–9 Directory) 1. Steps for Installing Oracle Identity Management Components Only (Excluding Oracle Internet Screen Action -- Start up the installer and complete the first few screens. See Section 4.27, "Install Fragment: The First Few Screens of the Installation" for details. Notes: ■ 2. Select Configuration Options In the Select Installation Type screen, select Oracle Identity Management.
Installing Oracle Internet Directory Only Table 4–9 (Cont.) Steps for Installing Oracle Identity Management Components Only (Excluding Oracle Internet Directory) Screen Action 7. Enter information to configure OCA Provide the information as prompted by the OCA screens. See Section 4.30, "Install Fragment: OCA Screens" for details. 8. Specify Instance Name and ias_admin Password Instance Name: Enter a name for this infrastructure instance.
Installing OCA and OracleAS Metadata Repository Only Table 4–10 (Cont.) Steps for Installing Oracle Internet Directory 4. Screen Action Specify Repository Username: Enter the username to use to log in to the OracleAS Metadata Repository database. The user must have DBA privileges. Password: Enter the user’s password. Hostname and Port: Enter the name of the computer where the database is running, and the port number at which it is listening. Use the format: host:port.
Installing OCA and OracleAS Metadata Repository Only Table 4–11 1. Steps for Installing OCA and OracleAS Metadata Repository Screen Action -- Start up the installer and complete the first few screens. See Section 4.27, "Install Fragment: The First Few Screens of the Installation" for details. Notes: ■ 2. Select Configuration Options In the Select Installation Type screen, select Identity Management and OracleAS Metadata Repository.
Install Fragment: The First Few Screens of the Installation 4.27 Install Fragment: The First Few Screens of the Installation The first few screens of the installer are described here because they are the same for all installations. Most installation procedures in this chapter refer to this section as their starting point. Table 4–12 First Few Screens of the Installation Screen Action 1. -- Start the installer. See Section 3.15, "Starting the Oracle Universal Installer" for details. 2.
Install Fragment: The First Few Screens of the Installation Table 4–12 (Cont.) First Few Screens of the Installation 8. Screen Action Select Installation Type The options displayed on this screen depend on what you selected in the Select a Product to Install screen. The installation types for OracleAS Infrastructure are: ■ Identity Management and Metadata Repository ■ Identity Management ■ Metadata Repository Click Next.
Install Fragment: The Last Few Screens of the Installation Figure 4–2 Sequence for the First Few Screens in the Installation Welcome If this is the first Oracle product to be installed on Specify Inventory Directory and Credentials this computer Run orainstRoot.
Install Fragment: Database Screens 4.29 Install Fragment: Database Screens If you are installing a new database for the OracleAS Metadata Repository, the installer displays the following screens: Table 4–14 1. Database Screens Screen Action Specify Database Configuration Options Global Database Name: Enter a name for the OracleAS Metadata Repository database. Append a domain name to the database name. This domain name for the global database name can be different from your network domain name.
Install Fragment: OCA Screens 4.30 Install Fragment: OCA Screens If you select Oracle Application Server Certificate Authority (OCA) in the Select Configuration Options screen when you are installing an OracleAS Infrastructure, the installer displays the screens listed in Table 4–15. Note that you cannot install more than one OCA against the same OracleAS Metadata Repository.
Install Fragment: OCA Screens Table 4–15 (Cont.) OCA Screens 4. Screen Action Specify OCA Administrator’s Password Administrator’s Password and Confirm Password: Specify and confirm the password for the OCA administrator. The password has the following restrictions: ■ It must contain at least eight characters. ■ It must contain at least one alphabetic character. ■ It must contain at least one non-alphabetic character (for example, a number). ■ Its first character cannot be a number.
5 Configuring Oracle Internet Directory for Oracle Application Server Installation Privileges When you install certain infrastructure components, the installer prompts you for a username to log in to Oracle Internet Directory. For the installation to complete successfully, this user must belong to certain groups in Oracle Internet Directory. The groups that are required depend on what you are installing. By putting users into groups, you allow other users to perform installations.
Groups in Oracle Internet Directory Repository, and Oracle Delegated Administration Services, the cn=orcladmin user is created and becomes a member of the Repository Owners group and the DAS Component Owners group. cn=orcladmin also becomes a member of the iAS Admins group. Note that you cannot log in to Oracle Internet Directory as the superuser (cn=orcladmin) using Oracle Delegated Administration Services. To log in as cn=orcladmin, you must use the Oracle Directory Manager.
Groups in Oracle Internet Directory 5.2.2 Groups for Each Metadata Repository Each metadata repository registered with Oracle Internet Directory has its own groups, as described in Table 5–2. This enables you to assign different owners and users for each repository. Table 5–2 Groups Associated with Each Metadata Repository Registered with Oracle Internet Directory Group Description Repository Owners The user who installs the metadata repository becomes a member of this group.
Groups Required to Configure or Deinstall Components Figure 5–6 shows these groups for the Oracle Delegated Administration Services component. 5.3 Groups Required to Configure or Deinstall Components Table 5–4 shows the groups that a user needs to belong to in order to configure or deinstall Oracle Application Server components. The user who installs and configures the components becomes the owner of the components.
Groups Required to Configure or Deinstall Components Table 5–4 (Cont.
Groups Required to Configure or Deinstall Components Table 5–4 (Cont.
Groups Required to Install Middle Tiers -b "" -s base "objectclass=*" orclreplicaid b. Then run this command. prompt> ldapsearch -h oidhostname -p oidport -D cn=orcladmin -w password -b "orclreplicaid=value_from_previous_command,cn=replication configuration" -s base "objectclass=*" seealso This returns a "seealso" value in the format: cn=Metadata repository DB Name,cn=oraclecontext. 5.
Groups Required to Install Additional Metadata Repositories Figure 5–1 Contents of Oracle Internet Directory with One Infrastructure and One Middle Tier Oracle Context Products Groups IAS Wireless IAS Instances Infrastructure DB Portal and Wireless 1 orcl.oracle.
Example of Installation with Different Users Figure 5–2 Oracle Internet Directory with Two Metadata Repositories and Two Middle Tiers Oracle Context Products Groups IAS IAS Admins IAS Instances Members: - orcladmin - userA - userB Infrastructure DB 2 4 J2EE PW1 1 3 orcl.oracle.com Repository Owners Mid-Tier Admins Members: - orcladmin Members: - orcladmin - userA Associated Mid-Tiers Members: - J2EE orcl1.oracle.
How to Create Users in Oracle Internet Directory 3. Install OracleAS Infrastructure (OracleAS Metadata Repository only) userB was added to the iAS Admins group so that userB can perform this installation. See Section 5.5, "Groups Required to Install Additional Metadata Repositories". The installer registers this new repository with Oracle Internet Directory by creating the "orcl1.oracle.com" entry. userB becomes a member of the Repository Owners group and the Mid-Tier Admins group for the new repository.
How to Add Users to Groups in Oracle Internet Directory 5.8.1 Using Oracle Directory Manager to Add Users to Groups When you have to log in as the cn=orcladmin superuser to add users to groups, you have to use Oracle Directory Manager, instead of Oracle Delegated Administration Services. To add users using Oracle Directory Manager: 1. Start up Oracle Directory Manager. ORACLE_HOME refers to the home directory where Oracle Internet Directory is installed. prompt> cd $ORACLE_HOME/bin prompt> ./oidadmin 2.
How to Add Users to Groups in Oracle Internet Directory Figure 5–3 Using Oracle Directory Manager to Add Users to "Global" Groups 5.8.1.2 Navigating to Metadata Repository Groups The metadata repository groups are listed in Table 5–2. The general navigation path is as follows. See Figure 5–4 for a screenshot. 1. Expand the top-level entry, "Oracle Internet Directory Servers". 2. Expand the specific Oracle Internet Directory. 3.
How to Add Users to Groups in Oracle Internet Directory Figure 5–4 Using Oracle Directory Manager to Add Users to Metadata Repository Groups 5.8.1.3 Navigating to Component Groups The component groups are listed in Table 5–3. The general navigation path is as follows. See Figure 5–5 for a screenshot. 1. Expand the top-level entry, "Oracle Internet Directory Servers". 2. Expand the specific Oracle Internet Directory. 3. Expand the following entries: Entry Management > cn=OracleContext > cn=Products.
How to Add Users to Groups in Oracle Internet Directory Figure 5–5 Using Oracle Directory Manager to Add Users to the Component Users Group for the Oracle Delegated Administration Services Component 5.8.
How to Add Users to Groups in Oracle Internet Directory 1. Ensure that the Oracle Delegated Administration Services and Oracle Internet Directory are running. 2. Display the Deployment Delegation Console page. The URL is: http://hostname:port/oiddas/ui/oidinstallhome hostname specifies the name of the computer where you installed Oracle Delegated Administration Services. port specifies the port on which Oracle HTTP Server is listening. 3. Click Login. 4.
Contents of a New Oracle Internet Directory 5.
On the Specify Login for Oracle Internet Directory Screen, What Username and Realm Do I Enter? This screen prompts you to enter a username and password to log in to Oracle Internet Directory. Username In the Username field, enter either the simple username or the user’s DN. Simple username example: jdoe DN example: cn=orcladmin The user must belong to specific groups for installing and configuring certain components. See Table 5–4 for details.
On the Specify Login for Oracle Internet Directory Screen, What Username and Realm Do I Enter? 5-18 Oracle Application Server Installation Guide
6 Installing Oracle Internet Directory in Replicated Mode This chapter describes how to install Oracle Internet Directory in replicated mode, that is, how to install Oracle Internet Directory masters and replicas. This chapter contains the following sections: ■ Section 6.1, "Oracle Internet Directory Replication Overview" ■ Section 6.2, "Requirements" ■ Section 6.3, "Installation Order" ■ Section 6.4, "Installing a Master Oracle Internet Directory" ■ Section 6.
Oracle Internet Directory Replication Overview 6.1.1 Fan-Out Replication (LDAP Replication) In fan-out replication, one Oracle Internet Directory is the master, and the other Oracle Internet Directory instances are called the Oracle Internet Directory replicas. In one-way fan-out replication, clients modify the data in the master Oracle Internet Directory only. The master then propagates the changes to the replicas. These replicas, in turn, can update other Oracle Internet Directory replicas.
Requirements Figure 6–2 Example of Multimaster Replication (Advanced Replication) A B C OracleAS Advanced Replicatio Read-Write In multimaster replication, Oracle Internet Directory instances use the Oracle Database Advanced Replication protocol to communicate with each other. The Select Oracle Internet Directory Replication Mode screen in the installer uses the term Advanced Replication to refer to multimaster replication.
Installation Order If you are installing against an existing OracleAS Metadata Repository, the OracleAS Metadata Repository must not be already registered with another Oracle Internet Directory. If you specify an OracleAS Metadata Repository that is already registered with an Oracle Internet Directory, the installer assumes you are installing a high availability environment, and it does not display the replication options. 6.2.
Installing an Oracle Internet Directory Replica 6.5 Installing an Oracle Internet Directory Replica You can install an Oracle Internet Directory replica against an existing database, or you can install it with a new database. Contents of this section: ■ ■ ■ Section 6.5.1, "Overview of Installing a Replica" Section 6.5.2, "Installing an Oracle Internet Directory Replica with a New Database" Section 6.5.3, "Installing an Oracle Internet Directory Replica against an Existing Database" 6.5.
Installing an Oracle Internet Directory Replica Table 6–1 (Cont.) Installing an Oracle Internet Directory Replica with a New Database 3. Screen Action Specify Port Configuration Options If you want to use default ports for the components, select Automatic. If you do not want to use the default ports, and you have created a staticports.ini file, select Manual and enter the fullpath to your staticports.ini file in the provided field. Click Next. 4.
Installing an Oracle Internet Directory Replica Table 6–1 (Cont.) Installing an Oracle Internet Directory Replica with a New Database Screen 10. Specify Database Configuration Options Action Global Database Name: Enter a name for the OracleAS Metadata Repository database. Append the domain name of your computer to the database name. Example: orcl.mydomain.
Installing an Oracle Internet Directory Replica 6.5.3 Installing an Oracle Internet Directory Replica against an Existing Database Follow these steps to install an Oracle Internet Directory replica against an existing database. Table 6–2 1. Installing an Oracle Internet Directory Replica against an Existing Database Screen Action -- Start up the installer and complete the first few screens. See Section 4.27, "Install Fragment: The First Few Screens of the Installation" for details. Notes: ■ ■ 2.
Installing an Oracle Internet Directory Replica Table 6–2 (Cont.) Installing an Oracle Internet Directory Replica against an Existing Database 6. Screen Action Select Oracle Internet Directory Replication Mode Select One-way LDAP Replication if you want to use fan-out replication in one direction. Select Two-way LDAP Replication if you want to use fan-out replication in one direction. Select Advanced Replication if you want multimaster replication. Click Next. 7.
Accessing OracleAS Single Sign-On and Oracle Delegated Administration Services 6.6 Accessing OracleAS Single Sign-On and Oracle Delegated Administration Services To access OracleAS Single Sign-On or Oracle Delegated Administration Services on the replica node, you have to use the password for the orcladmin user on the master Oracle Internet Directory, not the replica Oracle Internet Directory. Example: 1.
7 Installing in High Availability Environments: Overview This chapter provides an overview of the high availability configurations supported by Oracle Application Server. Subsequent chapters provide the details. This chapter also lists the common requirements. Contents of this chapter: ■ Section 7.1, "Overview of High Availability Configurations" ■ Section 7.2, "Installation Order for High Availability Configurations" ■ Section 7.3, "Requirements for High Availability Configurations" 7.
Overview of High Availability Configurations passive node mounts the shared storage and runs the Oracle Application Server instance. The most common properties of an OracleAS Cold Failover Cluster configuration include: ■ Shared storage The Oracle home for the Oracle Application Server instance is typically installed on storage that is shared by the nodes in the OracleAS Cold Failover Cluster topology.
Overview of High Availability Configurations ■ Application independence Some applications may not be suited to an active-active configuration. This may include applications which rely heavily on application state or on information stored locally. An active-passive configuration has only one instance serving requests at any particular time. In general, the term OracleAS Cold Failover Cluster describes clustering at the Oracle Application Server instance level.
Installation Order for High Availability Configurations ■ Increased scalability and performance Multiple identically-configured instances provide the capability to have a distributed workload shared among different machines and processes. New instances can also be added as the demand of the application grows. In general, the term OracleAS Clusters describes clustering at the Oracle Application Server instance level.
Requirements for High Availability Configurations 1. OracleAS Metadata Repository 2. Oracle Identity Management components If you are distributing the Oracle Identity Management components, you install them in the following order: 3. a. Oracle Internet Directory and Oracle Directory Integration Platform b.
Requirements for High Availability Configurations ■ Has write privileges on remote directories. 7.3.4 Check for Previous Oracle Installations on All Nodes Check that all the nodes where you want to install in a high availability configuration do not have existing oraInventory directories. Details of all Oracle software installations are recorded in the Oracle Installer Inventory directory. Typically, this directory is unique to a node and named oraInventory.
8 Installing in High Availability Environments: OracleAS Cold Failover Cluster This chapter describes how to install Oracle Application Server in OracleAS Cold Failover Cluster configurations. ■ Section 8.1, "OracleAS Cold Failover Cluster: Introduction" ■ Section 8.2, "Pre-Installation Steps for OracleAS Cold Failover Cluster" ■ ■ ■ ■ ■ ■ ■ ■ ■ Section 8.3, "Installing an OracleAS Cold Failover Cluster (Infrastructure) Configuration" Section 8.
Pre-Installation Steps for OracleAS Cold Failover Cluster ■ OracleAS Cold Failover Cluster (Infrastructure). See Section 8.3. ■ Distributed OracleAS Cold Failover Cluster (Infrastructure). See Section 8.4. ■ OracleAS Cold Failover Cluster (Identity Management). See Section 8.5. ■ Distributed OracleAS Cold Failover Cluster (Identity Management). See Section 8.6. 8.
Pre-Installation Steps for OracleAS Cold Failover Cluster 2. Add the following line to the /etc/hosts file on the active node: ip_address hostname.domain hostname For example: 138.1.12.191 3. vhost.mydomain.com vhost Determine the primary public network interface. The primary public network interface for Ethernet encapsulation is typically lan0 on HP-UX Itanium. /usr/bin/netstat -i Using this command, search for a network interface that has an Address value of the physical hostname of the node. 4.
Pre-Installation Steps for OracleAS Cold Failover Cluster from a different node should provide a login to the node you configured in this procedure: telnet hostname.domain telnet ip_address For example, enter: telnet vhost.mydomain.com telnet 138.1.12.191 On Failover If the active node fails, then the secondary node takes over. If you do not have a clusterware agent to map the virtual IP from the failed node to the secondary node, then you have to do it manually.
Pre-Installation Steps for OracleAS Cold Failover Cluster 2. Unmount the file system from node 1. 3. Mount the file system from node 2 using the same mount point that you used in step 1. 4. Unmount it from node 2, and mount it on node 1, because you will be running the installer from node 1. Only one node of the OracleAS Cold Failover Cluster should mount the file system at any given time.
Installing an OracleAS Cold Failover Cluster (Infrastructure) Configuration (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = db_hostname)(PORT = db_port)) ) ... In this example, db_hostname is the fully-qualified hostname for the existing database and db_port is the port for the existing database. 5.
Installing an OracleAS Cold Failover Cluster (Infrastructure) Configuration Figure 8–1 OracleAS Cold Failover Cluster (Infrastructure) Configuration Failover Mode Normal Mode Virtual Hostname: vhost.mydomain.com Virtual IP: 123.45.67.11 Virtual Hostname: vhost.mydomain.com Virtual IP: 123.45.67.11 on failover Node 1 (Primary Node, Active) Physical IP: 123.45.67.22 Node 2 (Secondary Node) Physical IP: 123.45.67.33 Node 1 (Primary Node) Physical IP: 123.45.67.
Installing an OracleAS Cold Failover Cluster (Infrastructure) Configuration URL for: Example URL Application Server Control http://vhost.mydomain.com:1156 Oracle Application Server Middle Tiers You can install and run the middle tiers on other nodes (nodes that are not running OracleAS Infrastructure). During installation, you set up the middle tiers to use services from the OracleAS Infrastructure installed on the shared storage device.
Installing an OracleAS Cold Failover Cluster (Infrastructure) Configuration Key Points ■ ■ ■ The destination directory must be on the shared disk. Remember to select High Availability and Replication in the Select Configuration Options screen. By default, this option is not selected. You enter the virtual hostname in the Specify Virtual Hostname screen. Installer Screens Run the installer and follow the screen sequence shown in Table 8–2: Table 8–2 1.
Installing an OracleAS Cold Failover Cluster (Infrastructure) Configuration Table 8–2 (Cont.) Installing OracleAS Infrastructure in an OracleAS Cold Failover Cluster (Infrastructure) Screen Action 7. OCA screens If you selected Oracle Application Server Certificate Authority (OCA) in the Select Configuration Options screen, the installer displays screens for configuring OCA. See Section 4.30, "Install Fragment: OCA Screens" for details. 8.
Installing a Distributed OracleAS Cold Failover Cluster (Infrastructure) Configuration Table 8–2 (Cont.) Installing OracleAS Infrastructure in an OracleAS Cold Failover Cluster (Infrastructure) Screen Action 10. Specify Instance Name and ias_admin Password Instance Name: Enter a name for this infrastructure instance. Instance names can contain alphanumeric characters and the _ (underscore) character.
Installing a Distributed OracleAS Cold Failover Cluster (Infrastructure) Configuration Figure 8–2 Distributed OracleAS Cold Failover Cluster (Infrastructure) Configuration Distributed OracleAS Cold Failover Cluster (Infrastructure) Configuration Load Balancer In this tier, Identity Management includes: - Oracle Delegated Administration Services - OracleAS Single Sign-On Note that the nodes in this tier are active-active.
Installing a Distributed OracleAS Cold Failover Cluster (Infrastructure) Configuration 8.4.1 Distributed OracleAS Cold Failover Cluster (Infrastructure): Overview of Installation Steps To set up a distributed OracleAS Cold Failover Cluster (Infrastructure) configuration, perform these steps: Table 8–3 1. Overview of Installation Steps for Distributed OracleAS Cold Failover Cluster (Infrastructure) Step Description Perform Pre-Installation Steps Pre-installation tasks, described in Section 8.
Installing an OracleAS Cold Failover Cluster (Identity Management) Configuration If you meet these requirements, you need to configure the CSS daemon on the other node. The CSS daemon synchronizes ASM instances with the database instances that use the ASM instances for database file storage. To configure the CSS daemon: 1. Stop all the processes in the OracleAS Cold Failover Cluster (Infrastructure) home. 2. Stop the CSS daemon. You can do this by running the following command as root. # /sbin/init.
Installing an OracleAS Cold Failover Cluster (Identity Management) Configuration ■ two shared disks that can be accessed by both nodes. One shared disk contains the Oracle home for the database (on which you will load the OracleAS Metadata Repository), and on the other shared disk, you will install Oracle Identity Management. During normal operation, node 1, which is the primary node, is the active node.
Installing an OracleAS Cold Failover Cluster (Identity Management) Configuration Figure 8–3 OracleAS Cold Failover Cluster (Identity Management) Configuration OracleAS Cold Failover Cluster (Identity Management) Configuration Identity Management includes: - Oracle Internet Directory - OracleAS Single Sign-On - Oracle Delegated Administration Services - Oracle Directory Integration and Provisioning Virtual Hostname: vhost.mydomain.com Virtual IP: 123.45.67.
Installing an OracleAS Cold Failover Cluster (Identity Management) Configuration 8.5.2 OracleAS Cold Failover Cluster (Identity Management): Details of Installation Steps Perform the following steps to install Oracle Application Server in an OracleAS Cold Failover Cluster (Identity Management) configuration. Step 1 Perform Pre-Installation Steps Perform the pre-installation steps listed in Section 8.2, "Pre-Installation Steps for OracleAS Cold Failover Cluster".
Installing an OracleAS Cold Failover Cluster (Identity Management) Configuration Table 8–5 (Cont.) Installing Oracle Identity Management Components 3. Screen Action Specify Port Configuration Options If you want to use default ports for the components, select Automatic. If you do not want to use the default ports, and you have created a staticports.ini file, select Manual and enter the fullpath to your staticports.ini file in the provided field. Click Next. 4.
Installing a Distributed OracleAS Cold Failover Cluster (Identity Management) Configuration 8.
Installing a Distributed OracleAS Cold Failover Cluster (Identity Management) Configuration Tier Running Oracle Delegated Administration Services and OracleAS Single Sign-On Note that the nodes in this tier are not clustered. Both nodes are active at the same time, and you install the files locally on each node. To access these nodes, clients go through a load balancer. For example, if the name of the load balancer is loadbalance1.mydomain.
Installing a Distributed OracleAS Cold Failover Cluster (Identity Management) Configuration Figure 8–4 Distributed OracleAS Cold Failover Cluster (Identity Management) Configuration Distributed OracleAS Cold Failover Cluster (Identity Management) Configuration Load Balancer On this tier, Identity Management includes: - OracleAS Single Sign-On - Oracle Delegated Administration Services Note that the nodes in this tier are active-active.
Installing a Distributed OracleAS Cold Failover Cluster (Identity Management) Configuration Table 8–6 Overview of Installation Steps for Distributed OracleAS Cold Failover Cluster (Identity Management) Configuration 1. Step Description Perform Pre-Installation Steps Pre-installation tasks, described in Section 8.2, include: ■ ■ ■ Section 8.2.1, "Map the Virtual Hostname and Virtual IP Address" Section 8.2.2, "Set Up a File System That Can Be Mounted from Both Nodes" Section 8.2.
Installing a Distributed OracleAS Cold Failover Cluster (Identity Management) Configuration Table 8–7 1. Installing Oracle Internet Directory and Oracle Directory Integration Platform Screen Action -- Start up the installer and complete the first few screens. See Section 4.27, "Install Fragment: The First Few Screens of the Installation" for details. Note: In the Select Installation Type screen, select Identity Management. 2. Select Configuration Options Select Oracle Internet Directory.
Installing Oracle Delegated Administration Services and OracleAS Single Sign-On in an OracleAS Cold Failover Cluster Table 8–7 (Cont.) Installing Oracle Internet Directory and Oracle Directory Integration Platform 8. Screen Action Specify Instance Name and ias_admin Password Instance Name: Enter a name for this infrastructure instance. Instance names can contain alphanumeric characters and the _ (underscore) character.
Installing Oracle Delegated Administration Services and OracleAS Single Sign-On in an OracleAS Cold Failover Cluster Figure 8–5 Oracle Delegated Administration Services and OracleAS Single Sign-On in a Cold Failover Cluster Virtual Hostname: vhost_2.mydomain.com Virtual IP: 123.45.67.111 on failover · DAS · SSO Node 3 (Primary Node, Active) Physical IP: 123.45.67.222 Node 4 (Secondary Node) Physical IP: 123.45.67.
Installing Oracle Delegated Administration Services and OracleAS Single Sign-On in an OracleAS Cold Failover Cluster 8.7.1 Oracle Delegated Administration Services and OracleAS Single Sign-On in OracleAS Cold Failover Cluster: Overview of Installation Steps Table 8–8 Overview of Steps for Installing Oracle Delegated Administration Services and OracleAS Single Sign-On in an OracleAS Cold Failover Cluster 1. Step Description Perform Pre-Installation Steps Pre-installation tasks, described in Section 8.
Installing Oracle Delegated Administration Services and OracleAS Single Sign-On in an OracleAS Cold Failover Cluster Step 3 Install OracleAS Metadata Repository and Oracle Internet Directory Install OracleAS Metadata Repository and Oracle Internet Directory in the same Oracle home by selecting Identity Management and OracleAS Metadata Repository in the Select Installation Type screen. This option creates a new database for the OracleAS Metadata Repository and a new Oracle Internet Directory.
Installing Oracle Delegated Administration Services and OracleAS Single Sign-On in an OracleAS Cold Failover Cluster Table 8–9 (Cont.) Installing Oracle Delegated Administration Services and OracleAS Single Sign-On 3. Screen Action Specify Port Configuration Options Select Manual and enter the fullpath to your staticports.ini file in the provided field. You created the staticports.ini file in step 2, "(optional) Create staticports.ini Files" on page 8-26. Click Next. 4.
Installing Oracle Delegated Administration Services and OracleAS Single Sign-On in an OracleAS Cold Failover Cluster 2. Stop the components. prompt> ORACLE_HOME/opmn/bin/opmnctl stopall 3. Stop the OracleAS Metadata Repository. a. Set the ORACLE_HOME environment variable to the OracleAS Infrastructure home. b. Set the ORACLE_SID environment variable to the SID of the OracleAS Metadata Repository (for example, orcl). c. Stop the OracleAS Metadata Repository instance.
Installing Only the OracleAS Metadata Repository in an OracleAS Cold Failover Cluster Environment 4. On the other node, run the following command as root: # $ORACLE_HOME/root.sh ORACLE_HOME is where you installed the OracleAS Cold Failover Cluster (Infrastructure). 8.
Post-Installation Steps for OracleAS Cold Failover Cluster Table 8–10 (Cont.) Installing the OracleAS Metadata Repository Only Screen Action 7. Oracle Database screens Enter information for the OracleAS Metadata Repository database. See Section 4.29, "Install Fragment: Database Screens". 8. -- Finish the installation. See Section 4.28, "Install Fragment: The Last Few Screens of the Installation" for details. 8.9 Post-Installation Steps for OracleAS Cold Failover Cluster ■ ■ ■ ■ Section 8.9.
Installing Middle Tiers Against an OracleAS Cold Failover Cluster Infrastructure After setting the variable, you can then run the "emctl action dbconsole" commands, where action is start, stop, or status (for example, emctl start dbconsole). 8.9.4 Create a Clusterware Agent for Automatic Failover An OracleAS Cold Failover Cluster environment provides the framework for a manual failover of OracleAS Infrastructure. To achieve automatic failover, you must set up an agent using the clusterware.
Installing Middle Tiers Against an OracleAS Cold Failover Cluster Infrastructure infrastructure. For example, if the infrastructure is running on the primary node but you want to install the middle tier on the secondary node, the installer is unable to detect which ports the infrastructure is using. In this situation, you need to set up a staticports.ini file to specify port numbers for the middle tier. See Section 2.5.3, "Using Custom Port Numbers (the "Static Ports" Feature)" for details.
Installing Regular Middle-Tiers on OracleAS Cold Failover Cluster Nodes ■ Read Section 8.10.1, "If You Plan to Install Middle Tiers on OracleAS Cold Failover Cluster Nodes". 8.
9 Installing in High Availability Environments: OracleAS Cluster (Identity Management) This chapter describes how to install Oracle Application Server in OracleAS Cluster (Identity Management) configurations. ■ Section 9.1, "OracleAS Cluster (Identity Management): Introduction" ■ Section 9.2, "Pre-Installation Steps for OracleAS Cluster (Identity Management)" ■ Section 9.3, "About Oracle Internet Directory Passwords" ■ Section 9.
Pre-Installation Steps for OracleAS Cluster (Identity Management) ■ Install the OracleAS Metadata Repository in an existing database using the OracleAS RepCA. See the Oracle Application Server Metadata Repository Creation Assistant User’s Guide for supported database configurations. For OracleAS Cluster (Identity Management) configurations, Oracle recommends using a high availability database configuration such as Real Application Clusters or cold failover cluster.
Pre-Installation Steps for OracleAS Cluster (Identity Management) 9.2.2 Synchronize Clocks on All Nodes Synchronize the system clocks on all nodes so they are running within 250 seconds of each other. When synchronizing the system clocks, make sure the clocks are set to the same time zone. Note: If you do not synchronize the clocks, then there will be inconsistent operation attributes in the directory entries and inconsistent behavior of the password state policies.
About Oracle Internet Directory Passwords Note that these procedures apply only to the LDAP virtual server configured on your load balancer. They do not apply to the HTTP virtual server configured on your load balancer. 9.2.4.1 Load Balancer Supports LDAP Service Monitoring If your load balancer supports LDAP service monitoring, then you can add all the nodes to the LDAP virtual server before starting the installation. For example, if you have three nodes: 1.
About Configuring SSL and Non-SSL Ports for Oracle HTTP Server ■ Connecting to Oracle Internet Directory using the Oracle Directory Manager You still need the passwords that you entered in subsequent installations for logging into Application Server Control. 9.4 About Configuring SSL and Non-SSL Ports for Oracle HTTP Server When you are installing OracleAS Cluster (Identity Management) configurations, the installer displays the "Specify HTTP Load Balancer Host and Listen Ports" screen.
About Configuring SSL and Non-SSL Ports for Oracle HTTP Server Example Table 9–1 Example for Case 1 Values in Screen Resulting Values in Configuration Files HTTP Listener: Port: 8000 In httpd.conf: Enable SSL: Unchecked Port 80 Listen 8000 HTTP Load Balancer: Port: 80 Enable SSL: Unchecked In ssl.conf: Port Listen 9.4.
Installing an OracleAS Cluster (Identity Management) Configuration HTTP Load Balancer: Port: Enter the port number that the HTTP virtual server listens on. This will be the value of the Port directive in the httpd.conf file. Enable SSL: Select this option. Note that in this configuration, the load balancer must have SSL acceleration capabilities, or you must add a separate SSL Accelerator. The conversion from HTTPS to HTTP happens before Oracle HTTP Server receives the request.
Installing an OracleAS Cluster (Identity Management) Configuration Internet Directory to be listening on both SSL and non-SSL ports when you install OracleAS Single Sign-On and Oracle Delegated Administration Services.
Installing an OracleAS Cluster (Identity Management) Configuration If you want to configure Oracle Internet Directory to listen on SSL ports only, perform this configuration after you have installed Oracle Identity Management. Oracle Internet Directory needs to be listening on both SSL and non-SSL ports when you install OracleAS Single Sign-On and Oracle Delegated Administration Services. Note: 3. Install middle tiers. 9.5.
Installing an OracleAS Cluster (Identity Management) Configuration If you have a staticports.ini file, you should also use the same file for installations on subsequent nodes. 9.5.3.2 Disable TCP Monitoring on Load Balancer for First Node Before installing on the first node, you must make sure that TCP monitoring is not enabled for the Virtual IP on the first node. 9.5.3.
Installing an OracleAS Cluster (Identity Management) Configuration Table 9–4 1. Steps for Installing OracleAS Cluster (Identity Management) on the First Node Screen Action -- Start up the installer and complete the first few screens. See Section 4.27, "Install Fragment: The First Few Screens of the Installation" for details. Notes: In the Select Installation Type screen, select Identity Management. 2. Select Configuration Options Select Oracle Internet Directory.
Installing an OracleAS Cluster (Identity Management) Configuration Table 9–4 (Cont.) Steps for Installing OracleAS Cluster (Identity Management) on the First Node Screen 8. Action Specify Host and Port for The values you enter in this screen depend on your scenario. There are two LDAP possible scenarios: Scenario 1: You have configured a virtual server on your load balancer to handle LDAP traffic from Oracle Delegated Administration Services and OracleAS Single Sign-On to Oracle Internet Directory.
Installing an OracleAS Cluster (Identity Management) Configuration Key Points for Installing on Subsequent Nodes ■ Use the same staticports.ini file that you used for installing on the first node to ensure that the same component on all nodes uses the same port number. Note that the Oracle Internet Directory ports specified in staticports.ini will not be used by the installer. The installer queries the first Oracle Identity Management installation for the Oracle Internet Directory ports.
Installing an OracleAS Cluster (Identity Management) Configuration Table 9–5 (Cont.) Steps for Installing OracleAS 6. Cluster (Identity Management) on Subsequent Screen Action Specify Existing Oracle Application Server Clusters Name Specify an existing OracleAS Cluster (Identity Management) for the current instance to join. The cluster was created during a previous identical installation. Note that the cluster name is case-sensitive. Example: cluster1 Click Next. 7.
Installing a Distributed OracleAS Cluster (Identity Management) Configuration Table 9–5 (Cont.) Steps for Installing OracleAS Screen Cluster (Identity Management) on Subsequent Action 12. Specify Instance Name and ias_admin Password Instance Name: Enter a name for this infrastructure instance. Instance names can contain alphanumeric characters and the _ (underscore) character. If you have more than one Oracle Application Server instance on a computer, the instance names must be unique. See Section 3.
Installing a Distributed OracleAS Cluster (Identity Management) Configuration Figure 9–2 Distributed OracleAS Cluster (Identity Management) Configuration Distributed OracleAS Cluster (Identity Management) Configuration Load Balancer On this tier, Identity Management includes: - Oracle Delegated Administration Services - OracleAS Single Sign-On · DAS · SSO · DAS · SSO 4 5 Oracle Home for Identity Management Oracle Home for Identity Management inventory Directory inventory Directory Firewall Load
Installing a Distributed OracleAS Cluster (Identity Management) Configuration ■ Section 9.6.2, "Installing OracleAS Metadata Repository" ■ Section 9.6.3, "Installing Oracle Internet Directory on the First Node" ■ Section 9.6.4, "Installing Oracle Internet Directory on Subsequent Nodes" ■ Section 9.6.5, "Installing OracleAS Single Sign-On and Oracle Delegated Administration Services on Each Node" 9.6.
Installing a Distributed OracleAS Cluster (Identity Management) Configuration 9.6.3.2 Select the Same Components for Each Installation If you are setting up the second node as a failover to the first node, then you must select the same set of components in the Select Configuration Options screen for each installation. For example, if you select Oracle Internet Directory and Oracle Directory Integration Platform on the first node, you need to select them when installing on subsequent nodes. 9.6.3.
Installing a Distributed OracleAS Cluster (Identity Management) Configuration Table 9–6 (Cont.) Steps for Installing Oracle Internet Directory in a Distributed OracleAS Cluster (Identity Management) on the First Node Screen Action 5. Select High Availability or Replication Option Select OracleAS Cluster (Identity Management), and click Next. 6.
Installing a Distributed OracleAS Cluster (Identity Management) Configuration Steps for Installing Oracle Internet Directory in a Distributed OracleAS Cluster (Identity Management) on Subsequent Nodes Table 9–7 1. Screen Action -- Start up the installer and complete the first few screens. See Section 4.27, "Install Fragment: The First Few Screens of the Installation" for details. Notes: In the Select Installation Type screen, select Oracle Identity Management. 2.
Installing a Distributed OracleAS Cluster (Identity Management) Configuration Table 9–7 (Cont.) Steps for Installing Oracle Internet (Identity Management) on Subsequent Nodes 7. Directory in a Distributed OracleAS Cluster Screen Action Specify Oracle Internet Directory Login Username: Enter the username to log in to the first Oracle Internet Directory. You must log in as the Oracle Internet Directory superuser (cn=orcladmin). Password: Enter the password for the username.
Installing a Distributed OracleAS Cluster (Identity Management) Configuration 9.6.5.2 Start the Installer Key Points ■ In the Specify OracleAS Cluster screen, for the first node, select Create a New Cluster. For the second node, select Join an Existing Cluster to join the cluster that you created when installing on the first node. ■ ■ In the Specify HTTP Load Balancer Host and Ports screen, enter the name of the HTTP virtual server of the load balancer, and the associated port.
Installing a Distributed OracleAS Cluster (Identity Management) Configuration Table 9–8 (Cont.) Steps for Installing Oracle Delegated Administration Services and OracleAS Single Sign-On in a Distributed OracleAS Cluster (Identity Management) Configuration Screen 7. Action Specify Host and Port for The installer will use the values on this screen to connect to Oracle Internet LDAP Directory. Hostname: Enter the LDAP virtual server name of the load balancer.
Post-Installation Steps 9.7 Post-Installation Steps After installing Oracle Identity Management components on all nodes, reconfigure your load balancer to direct requests to all nodes. Before you started the installation, you had configured the load balancer to direct requests to node 1 only. See Section 9.2.4, "Configure Your LDAP Virtual Server". This section contains the following post-installation steps: ■ Section 9.7.
Post-Installation Steps When choosing a multicast address, ensure that the address does not collide with the addresses listed in: Note: http://www.iana.org/assignments/multicast-addresses Also, if the low order 23 bits of an address is the same as the local network control block, 224.0.0.0 – 224.0.0.255, then a collision may occur. To avoid this problem, provide an address that does not have the same bits in the lower 23 bits of the address as the addresses in this range. 9.7.
Installing Middle Tiers Against OracleAS Cluster (Identity Management) Configurations 9.8 Installing Middle Tiers Against OracleAS Cluster (Identity Management) Configurations Pre-Installation Before starting the middle-tier installation, configure the LDAP load balancer that you are using for Oracle Internet Directory so that it points to only one Oracle Internet Directory node.
10 Installing in High Availability Environments: OracleAS Disaster Recovery This chapter describes how to install Oracle Application Server in OracleAS Disaster Recovery configurations. OracleAS Disaster Recovery is one of the high availability environments supported by Oracle Application Server. Contents of this chapter: ■ Section 10.1, "OracleAS Disaster Recovery: Introduction" ■ Section 10.2, "Setting up the OracleAS Disaster Recovery Environment" ■ ■ Section 10.
OracleAS Disaster Recovery: Introduction middle tiers. In an asymmetric topology, the number of instances required on the standby site are fewer than the number on the production site and the number of instances required on the standby site must be the minimum set of instances required to run your site in the event of a switchover or failover operation.
Setting up the OracleAS Disaster Recovery Environment Figure 10–1 OracleAS Disaster Recovery Environment Standby Site Production Site External hostname: prodmid1 IP: 138.1.2.333 External hostname: standbymid1 IP: 213.2.2.330 Internal hostname: asmid1 Internal hostname: asmid1 External hostname: prodmid2 IP: 138.1.2.444 Middle Tier Middle Tier External hostname: standbymid2 IP: 213.2.2.
Setting up the OracleAS Disaster Recovery Environment 10.2.3 Set Up Identical Hostnames on Both Production and Standby Sites The names of the corresponding nodes on the production and standby sites must be identical, so that when you synchronize data between the sites, you do not have to edit the data to fix the hostnames. For the Infrastructure Nodes For the node running the infrastructure, set up a virtual name. To do this, specify an alias for the node in the /etc/hosts file.
Setting up the OracleAS Disaster Recovery Environment non-authoritative requests to the external DNS servers. The external DNS servers do not know about the existence of the internal DNS servers. See Figure 10–2. Figure 10–2 Method 1: Using DNS Servers External DNS Server External DNS Server Internal DNS Server for the Standby Site Internal DNS Server for the Production Site asinfra asmid1 External DNS Server asinfra asmid2 Production Site asmid1 asmid2 Standby Site Method 1 Details a.
Setting up the OracleAS Disaster Recovery Environment Do the same for the nodes on the standby site, but use the IP address of the internal DNS server for the standby site. d. Create a separate entry for Oracle Data Guard in the internal DNS servers. This entry is used by Oracle Data Guard to ship redo data to the database on the standby site. In the next example, the "remote_infra" entry points to the infrastructure node on the standby site.
Setting up the OracleAS Disaster Recovery Environment In the hosts file, be sure that the line that identifies the current node comes immediately after the localhost definition (the line with the 127.0.0.1 address). Note: 127.0.0.1 213.2.2.330 213.2.2.331 213.2.2.110 c. localhost asmid1.oracle.com asmid2.oracle.com asinfra.oracle.com asmid1 asmid2 asinfra Ensure that the "hosts:" line in the /etc/nsswitch.
Installing Oracle Application Server in an OracleAS Disaster Recovery Environment ^C 10.2.4 If You Want to Use OracleAS Cold Failover Cluster on the Production Site On the production site of a OracleAS Disaster Recovery system, you can set up the OracleAS Infrastructure to run in a OracleAS Cold Failover Cluster configuration. In this case, you have two nodes in a hardware cluster, and you install the OracleAS Infrastructure on a shared disk.
Installing the OracleAS 10g (10.1.2.0.2) Standalone Install of OracleAS Guard into Oracle Homes For all of the installations, be sure to use staticports.ini to specify port numbers for the components. See Section 10.2.2, "Set Up staticports.ini File". Note: 1. Install OracleAS Infrastructure on the production site. 2. Install OracleAS Infrastructure on the standby site. 3. Start the OracleAS Infrastructure in each site before installing the middle tiers for that site. 4.
Patching OracleAS Guard Release 10.1.2.0.0 with Release 10.1.2.0.2 upgrade procedure in Oracle Application Server High Availability Guide for more information). ■ OracleAS Guard patch upgrade from OracleAS 10g (10.1.2.0.0) to OracleAS 10g (10.1.2.0.2) (see Section 10.5, "Patching OracleAS Guard Release 10.1.2.0.0 with Release 10.1.2.0.2" for more information). If this is an upgrade installation of OracleAS Guard, make a copy of your dsa.
What to Read Next /opmn/bin/opmnctl startall /opmn/bin/opmnctl startproc ias-component=DSA 10.6 What to Read Next For information on how to manage your OracleAS Disaster Recovery environment, such as setting up Oracle Data Guard and configuring the OracleAS Metadata Repository database, see the Oracle Application Server High Availability Guide.
What to Read Next 10-12 Oracle Application Server Installation Guide
11 Post-Installation Tasks Contents: ■ Section 11.1, "State of Oracle Application Server Instances After Installation" ■ Section 11.2, "Passwords for Oracle Application Server Components" ■ Section 11.3, "NFS Installations" ■ Section 11.4, "Backup and Recovery" ■ Section 11.5, "SSL" ■ Section 11.6, "Operating System Locale and NLS_LANG Environment Variable" ■ Section 11.7, "Component Configuration After Installation" ■ Section 11.
NFS Installations 11.3 NFS Installations If you installed Oracle Application Server on an NFS disk, you need to edit the LockFile directive in the ORACLE_HOME/Apache/Apache/conf/httpd.conf file so that it points to a local disk. This file is used by the Oracle HTTP Server component. See the Oracle HTTP Server Administrator’s Guide for details. 11.4 Backup and Recovery After installation would be a good time to start backing up the files, and to set up your backup and recovery strategy.
Component Configuration After Installation 11.7 Component Configuration After Installation If you did not configure a component during installation (that is, you did not select the component in the Select Configuration Options screen), you can configure some components after installation. Some components have dependencies that you have to complete before you can configure the component. Section 11.7.
Component Configuration After Installation oracle.ias.configtool.UseInfrastructure i -f $ORACLE_HOME/config/infratool_mod_osso.
What to Do Next 11.8 Components that Require Post-Installation Tasks If you plan to use any of the components listed in Table 11–2, you need to perform some steps specific to the component after installation before you can use the component. Table 11–2 lists the component guides that describe the steps.
What to Do Next 11-6 Oracle Application Server Installation Guide
A Installing the Oracle Identity Management Grid Control Plug-in This appendix describes how to install Oracle Identity Management Grid Control Plug-in and Oracle Identity Management Grid Control Plug-in Agent. It contains the following sections: ■ Section A.1, "Installation Requirements" ■ Section A.2, "Starting the Grid Control Plug-in Installer" ■ Section A.3, "Installing Oracle Identity Management Grid Control Plug-in" ■ Section A.
Installing Oracle Identity Management Grid Control Plug-in Notes: ■ ■ Be sure you are not logged in as the root user when you start the Oracle Universal Installer. The installer gives an error message if you try to run it as the root user. Do not start the installation inside the mount_point directory. If you do, then you may not be able to eject the installation disk. The cd command below changes your current directory to your home directory.
Installing Oracle Identity Management Grid Control Plug-in Agent Table A–1 (Cont.) Steps for Installing Oracle Identity Management Grid Control Plug-in Screen Action Repository Database Administrator Password Password: Enter the password for the SYS user. 5. Summary Verify your selections and click Install. 6. Install Progress This screen shows the progress of the installation. 7. Configuration Assistants This screen shows the progress of the configuration assistants.
Installing Oracle Identity Management Grid Control Plug-in Agent Product: Click on the flashlight icon and select Intelligent Agent from the box. Release: Enter "10.2.0.3.0" as the release number. Note that you must enter the numbers manually. Do not use any of the numbers from the list. Platform: Select the operating system for the patch. Language: Select your language. Click Upload to upload the patchset. 5. On the Patch Cache screen, select the patchset to be applied and click Patch. 6.
B Silent and Non-Interactive Installation This appendix describes how to install Oracle Application Server in silent mode. This appendix contains the following topics: ■ Section B.1, "Silent Installation" ■ Section B.2, "Non-Interactive Installation" ■ Section B.3, "Pre-Installation" ■ Section B.4, "Notes for Silent and Non-Interactive Installations" ■ Section B.5, "Create the Response File" ■ Section B.6, "Start the Installation" ■ Section B.7, "Post-Installation" ■ Section B.
Non-Interactive Installation B.2 Non-Interactive Installation Non-interactive installations also use a response file to automate the Oracle Application Server installation. In non-interactive installations, there is graphical output and users may enter input. Non-interactive installation of Oracle Application Server is also accomplished by supplying the Oracle Universal Installer with a response file but without specifying the -silent flag on the command line.
Create the Response File B.5 Create the Response File Before doing a silent or non-interactive installation, you must provide information specific to your installation in a response file. The installer will fail if you attempt an installation using a response file that is not configured correctly. Response files are text files that you can create or edit in a text editor. B.5.
Create the Response File UNIX_GROUP_NAME FROM_LOCATION ORACLE_HOME szl_PortListSelect oracle.iappserver.instance:szl_InstanceInformation See the response file for descriptions of the parameters in the file. B.5.4 Example Response Files The following sections shows example response files for the following Oracle Application Server installation types: ■ ■ ■ ■ Section B.5.4.1, "Example Response File for OracleAS Infrastructure: Oracle Identity Management Only" Section B.5.4.
Create the Response File NEXT_SESSION_ON_FAIL=false SHOW_DEINSTALL_CONFIRMATION=false SHOW_DEINSTALL_PROGRESS=false oracle.iappserver.infrastructure:SHOW_IAS_COMPONENT_CONFIG_PAGE=false ACCEPT_LICENSE_AGREEMENT=true RESTART_SYSTEM= CLUSTER_NODES= OUI_HOSTNAME=im_host.mycompany.com PreReqConfigSelections="" n_ValidationPreReqConfigSelections=0 TOPLEVEL_COMPONENT={"oracle.iappserver.infrastructure","10.1.4.0.1"} DEINSTALL_LIST={"oracle.iappserver.infrastructure","10.1.4.
Create the Response File B.5.4.2 Example Response File for OracleAS Infrastructure: OracleAS Metadata Repository Only The following shows an example of a response file for a silent installation of OracleAS Infrastructure as described in Section 4.22, "Installing OracleAS Metadata Repository in a New Database". Note that if you do not copy the CD-ROMs to the hard drive, the installer will prompt you to switch CD-ROMs during installation.
Create the Response File szIdentityAdminContext="dc=mycompany,dc=com" s_dnSelection="Custom DN:" s_dnCntval="United States" s_dncustom="CN=AS Certificate Authority,OU=MyOrg,O=MyCompany,C=US" sl_keylengthInfo={"2048"} sl_ocmInfo={"adminpassword","adminpassword"} s_nameForDBAGrp="dba" s_nameForOPERGrp="dba" ## Specify Database Configuration Options s_dbRetChar="Unicode standard UTF-8 AL32UTF8" s_dbSid=mr s_globalDBName=mr.mycompany.
Create the Response File B.5.4.3 Example Response File for OracleAS Infrastructure: Identity Management and OracleAS Metadata Repository The following shows an example of a response file for a silent installation of OracleAS Infrastructure as described in Section 4.20, "Installing OracleAS Infrastructure". Note that if you do not copy the CD-ROMs to the hard drive, the installer will prompt you to switch CD-ROMs during installation.
Create the Response File s_dnSelection="Custom DN:" s_dnCntval="United States" s_dncustom="CN=My Certificate Authority,OU=MyOrg,O=MyCompany,C=US" sl_keylengthInfo={"2048"} sl_ocmInfo={"adminpassword","adminpassword"} s_nameForDBAGrp="dba" s_nameForOPERGrp="dba" ## Specify Database Configuration Options s_dbRetChar="Unicode standard UTF-8 AL32UTF8" s_dbSid=inf7296 s_globalDBName=infra_host.mycompany.
Start the Installation Note that if you do not copy the CD-ROMs to the hard drive, the installer will prompt you to switch CD-ROMs during installation. To complete the installation without any prompting, you must copy the contents of the CD-ROMs to the hard drive and specify the LOCATION_FOR_DISKn parameters. RESPONSEFILE_VERSION=2.2.1.0.0 UNIX_GROUP_NAME="dba" FROM_LOCATION="/mount_point/Disk1/stage/products.
Security Tips for Silent and Non-Interactive Installations prompt> runInstaller -responseFile absolute_path_and_filename To perform a silent installation, use the -silent parameter: prompt> runInstaller -silent -responseFile absolute_path_and_filename B.7 Post-Installation The success or failure of the non-interactive and silent installations is logged in the installActions.log file. Additionally, the silent installation creates the silentInstall.log file.
Deinstallation B.9 Deinstallation You can perform a silent deinstallation of Oracle Application Server by supplying a silent deinstallation parameter to the response file you used for installation. Add the following parameter to your installation response file: REMOVE_HOMES={""} For example: REMOVE_HOME="/local_location/oracle_home" You still need to follow the deinstallation steps described in Appendix D, "Deinstallation and Reinstallation".
C Default Port Numbers By default, the installer assigns port numbers to components from a set of default port numbers. This appendix contains a list of these port numbers. If you want to use a different set of port numbers, you have to create a file called staticports.ini, in which you list the port numbers that you want to use. See Section 2.5.3, "Using Custom Port Numbers (the "Static Ports" Feature)" for details. This appendix contains the following sections: ■ Section C.
Default Port Numbers Table C–1 Default Port Numbers and Ranges (Grouped by Component) Default Port Port Number Range Oracle Notification Server Request Port 6003 6003 - 6099 Oracle Notification Server Request port Oracle Notification Server Local Port 6100 6100 - 6199 Oracle Notification Server Local port Oracle Notification Server Remote Port 6200 6200 - 6299 Oracle Notification Server Remote port OC4J AJP 12501 12501 - 12600 Not settable through staticports.
Ports to Open in Firewalls Table C–1 (Cont.) Default Port Numbers and Ranges (Grouped by Component) Port Number Range Name in staticports.ini 1157 1157; 18120 18139 Oracle Management Agent port Application Server Control - RMI 1850 1850-1869, 18140 - 18159 Application Server Control RMI port Application Server Control Console - SSL 1156 1156; 1810 1829, 18100 18119 This port number is assigned after installation, when you configure Application Server Control for SSL.
Ports to Open in Firewalls For a 10g (10.1.4.0.1) instance, you need access to Oracle Internet Directory, OracleAS Metadata Repository, Oracle Notification Server, and SJP ports. You need to open the following ports used by these components in the firewall ■ LDAP: port 389 ■ LDAP SSL: port 636 ■ SQL*Net 2: port 1521 ■ OPMN ONS remote: port 6200 ■ OC4J AJP: port 12501 The port numbers listed here are the default ports for the components. You may have different ports in your environment.
D Deinstallation and Reinstallation This appendix guides you through the deinstallation and reinstallation process for Oracle Application Server. ■ Section D.1, "Deconfig Tool" ■ Section D.2, "Deinstallation Procedure: Overview" ■ Section D.3, "Deinstalling OracleAS Cold Failover Cluster Installations" ■ Section D.4, "Deinstalling OracleAS Single Sign-On Instances in OracleAS Cluster (Identity Management)" ■ Section D.5, "Deinstalling OracleAS Cluster (Identity Management)" ■ Section D.
Deconfig Tool If you run it without all of the parameters, the tool prompts you for the necessary information. For security reasons, it is not recommended that you specify the password on the command line. The Deconfig tool will prompt you for the password if you do not specify it on the command line. Note: D.1.1 Parameters -u oid_user Specify the Oracle Internet Directory user. You can specify the Oracle Internet Directory user using the user’s simple name or the user’s distinguished name (DN).
Deinstallation Procedure: Overview D.1.2 Log Files Generated by the Deconfig Tool The Deconfig tool writes its log file to the ORACLE_ HOME/cfgtoollogs/DeconfigureWrapper.log file. D.2 Deinstallation Procedure: Overview Follow these high-level steps to deinstall Oracle Application Server: 1. 2. Deinstall middle-tier instances first. See Oracle Application Server Installation Guide for the middle-tier platform and release for deinstallation instructions. a. Run the Deconfig tool on the instance. b.
Deinstalling OracleAS Cold Failover Cluster Installations Table D–1 (Cont.) Items to Deinstall Item to Clean Up Tool to Use Instance name from Farm page Installer Entries for the deleted instance in the /var/opt/oracle directory You have to remove the entries manually. See: ■ Entries for the deleted instance in Oracle Internet Directory Step 9 on page D-7 if you ar e deinstalling OracleAS Infrastructure. Deconfig tool The installer does not permit custom deinstallation of individual components.
Deinstalling OracleAS Infrastructure D.5 Deinstalling OracleAS Cluster (Identity Management) To deinstall an OracleAS Cluster (Identity Management), perform the following steps. 1. Deinstall all instances that contain OracleAS Single Sign-On except for the last instance installed. Use the steps in Section D.4, "Deinstalling OracleAS Single Sign-On Instances in OracleAS Cluster (Identity Management)" to perform the deinstallation. 2.
Deinstalling OracleAS Infrastructure 2. If OCA is configured on the instance you want to deinstall, run the following commands: prompt> $ORACLE_HOME/oca/bin/ocactl stop prompt> $ORACLE_HOME/oca/bin/cmdeinst ocaAdminPassword oidAdminPassword Replace ocaAdminPassword with the password of the OCA administrator. Replace oidAdminPassword with the password of the Oracle Internet Directory user who installed OCA.
Harmless Errors in the Log File 7. 8. Follow these steps in the installer. a. Welcome screen: Click Deinstall Products. b. Inventory screen: Select the instance you want to deinstall, and click Remove. c. Confirmation screen: Verify the components selected for deinstallation. Click Yes to continue. d. Deinstallation Progress screen: Monitor the progress of the deinstallation. e. Exit the installer when the deinstallation is complete.
Cleaning Up Oracle Application Server Processes D.8 Cleaning Up Oracle Application Server Processes If you forgot to shut down Oracle Application Server processes before starting the installation, you have to kill the processes because the files for these processes are deleted. To check for processes that are still running, run the ps command: prompt> ps -ef To kill a process, use the kill command: prompt> kill -9 process_id You can determine the process_id from the ps command.
E Configuration Assistants This appendix lists the configuration assistants and the location of their log files. ■ Section E.1, "Troubleshooting Configuration Assistants" ■ Section E.2, "Description of Oracle Application Server Configuration Assistants" E.1 Troubleshooting Configuration Assistants Contents: ■ Section E.1.1, "General Tips" ■ Section E.1.2, "Configuration Assistant Result Codes" E.1.1 General Tips If a configuration assistant fails, try the following steps to correct the problem: 1.
Description of Oracle Application Server Configuration Assistants 5. If an optional configuration assistant fails, and it does not have any dependencies, run the remaining configuration assistants. Uncheck the cancelled optional configuration assistant, highlight and check the next listed configuration assistant, and click Retry. 6.
Description of Oracle Application Server Configuration Assistants Table E–2 Oracle Application Server Configuration Assistants Configuration Assistant Description Log File Location Application Server Control Configuration Assistant Starts the Oracle Management Agent and the Application Server Control to deploy applications through the Oracle Enterprise Manager 10g Application Server Control. ORACLE_HOME/cfgtoollogs/ configtoolstimestamp.
Description of Oracle Application Server Configuration Assistants Table E–2 (Cont.) Configuration Assistant Infrastructure Instance Configuration Assistant Oracle Application Server Configuration Assistants Description Log File Location Updates the ORACLE_HOME/config/ ias.properties file, registers the instance with Oracle Internet Directory, and creates the ldap.ora file with Oracle Internet Directory credentials in the ORACLE_HOME/network/admin file. ORACLE_HOME/config/ infratool_instance_jazn.
Description of Oracle Application Server Configuration Assistants Table E–2 (Cont.) Configuration Assistant Oracle Application Server Configuration Assistants Description Internet Directory Starts up Oracle Internet Directory, loads the LDAP Configuration schemas, and sets up the Oracle Identity Assistant Management realm. Log File Location ORACLE_HOME/cfgtoollogs/oidca.
Description of Oracle Application Server Configuration Assistants Table E–2 (Cont.) Configuration Assistant Oracle Application Server Configuration Assistants Description Log File Location OracleAS Instance Configuration Assistant Adds an entry for the instance to the ORACLE_HOME/config/target2add.xml file. ORACLE_HOME/cfgtoollogs/ configtoolstimestamp.log OracleAS Randomize Password Configuration Assistant Changes the default password of all schemas.
Description of Oracle Application Server Configuration Assistants Table E–2 (Cont.) Configuration Assistant Oracle Application Server Configuration Assistants Description Log File Location Single Sign-On Configuration Assistant Configures OracleAS Single Sign-On. ORACLE_HOME/sso/log/ssoca.log Before running this configuration assistant, check that Oracle Internet Directory, OracleAS Metadata Repository, and the Repository API are configured. ORACLE_HOME/sso/log/ssoreg.
Description of Oracle Application Server Configuration Assistants E-8 Oracle Application Server Installation Guide
F Troubleshooting This appendix describes solutions to common problems that you might encounter when installing Oracle Application Server. It contains the following sections: ■ Section F.1, "Log Files" ■ Section F.2, "General Troubleshooting Tips" ■ Section F.3, "Installation Problems and Solutions" ■ Section F.4, "Deinstallation Problems and Solutions" ■ Section F.5, "Need More Help?" F.
Installation Problems and Solutions 2. Remove the failed installation by following the steps in Appendix D, "Deinstallation and Reinstallation". 3. Correct the issue that caused the error. 4. Restart the installation. F.3 Installation Problems and Solutions This section describes common installation problems and solutions: ■ Section F.3.1, "Location of Log Files" ■ Section F.3.2, "Linking Failed, ORA Errors" ■ Section F.3.3, "Prerequisite Checks Fail at the Start of Installation" ■ Section F.
Installation Problems and Solutions ■ – oraInventory_location/logs/installActionstimestamp.log – oraInventory_location/logs/oraInstalltimestamp.err – oraInventory_location/logs/oraInstalltimestamp.out – Oracle_Home/install/make.log The configuration assistants write log files in the ORACLE_HOME/cfgtoollogs directory. Note that if you want to access the log files created by the configuration assistants, you need to exit the installer first.
Installation Problems and Solutions directory that you specified. If you later try to install again in the same directory, which contains some files created by the installer, the installer gives a warning that the directory is not empty. Steps to take: 1. In the warning dialog, click No to return to the Specify File Locations screen. 2. In the Specify File Locations screen, click Installed Products. This displays the Inventory screen.
Installation Problems and Solutions F.3.7 Unable to Clean Up a Failed Installation If your installation was not successful, you have to deinstall it first before you can install Oracle Application Server again. Refer to Appendix D, "Deinstallation and Reinstallation" for instructions. F.3.8 Forgot the Password for the cn=orcladmin Account Problem You forgot the password for the cn=orcladmin account. Solution You can reset the password in the database. The DSE root attribute name is orclsupassword.
Installation Problems and Solutions If you are serving non-English content, be sure you add all the languages that you need during installation. To add languages during installation, click the Product Languages button in the "Select a Product to Install" screen. To see which languages are installed by default, see Section 3.4, "Installing Additional Languages".
Installation Problems and Solutions ■ ■ Check that the listener, database, and Oracle Internet Directory associated with the OracleAS Infrastructure are up and running. If not, start them up and click the Retry button to rerun the configuration assistant that failed. Check the log files for the failed configuration assistant to determine the problem. The log files are located in the ORACLE_HOME/cfgtoollogs directory.
Installation Problems and Solutions at oracle.sysman.assistants.dbca.backend.PostDBCreationStep.executeImpl(Compiled Code) at oracle.sysman.assistants.dbca.backend.Step.execute(Compiled Code) at oracle.sysman.assistants.dbca.backend.Host$ModeRunner.run(Compiled Code) at java.lang.Thread.run(Thread.java:466) ERROR :oracle.sysman.assistants.util.NetAPIException Solution This error occurs if the TNS_ADMIN environment variable is set. The TNS_ADMIN environment variable should not be set (see Section 2.8.
Installation Problems and Solutions F.3.17 OPMN Configuration Assistant - Start DAS Instance Failures Problem The OPMN Configuration Assistant - Start DAS Instance fails when you re-run it. Solution The problem is that the Oracle Delegated Administration Services instance is already running.
Installation Problems and Solutions F.3.20 OracleAS Cluster (Identity Management)- Cluster Configuration Assistant Fails Problem During the installation of OracleAS Cluster (Identity Management), the Cluster Configuration Assistant failed because the cluster name was typed incorrectly or the cluster was not available. Solution To cluster the instance, you must use the "dcmctl joincluster" command instead of Application Server Control.
Deinstallation Problems and Solutions Solution Perform the following steps to correct the problem: 1. Start Oracle Directory Manager. prompt> cd ORACLE_HOME/bin prompt> ./oidadmin 2. Navigate to the entry: orclApplicationCommonName=ORASSO_SSOSERVER,cn=SSO,cn=Products,cn=OracleContext 3. Remove the instance name of the failed middle tier from the values of the attribute labeledURI. 4.
Deinstallation Problems and Solutions For -site_name hostname.domain, specify the computer where the middle tier is installed. Include also the domain name. For -mod_osso_url http://hostname.domain:port, specify the computer where the middle tier is installed, and the port number on which Oracle HTTP Server is listening. For -u userid, specify the operating system user who can start up the middle-tier processes.
Deinstallation Problems and Solutions Note: Do not perform this procedure if you are deinstalling a middle tier. 1. Start up Oracle Directory Manager. Oracle home refers to the home where you installed Oracle Internet Directory. prompt> $ORACLE_HOME/bin/oidadmin 2. In the Connect screen, enter the Oracle Internet Directory connect information. Log in as the Oracle Internet Directory superuser (cn=orcladmin). 3.
Need More Help? Solution The Deconfig tool failed because it was unable to find the $ORACLE_ HOME/Apache/Apache/conf/osso/osso-https.conf file. Perform the following steps to correct this problem: 1. Create a link from osso-https.conf to osso.conf: cd $ORACLE_HOME/Apache/Apache/conf/osso ln osso-https.conf osso.conf 2. Run the Deconfig tool again. F.
Index A adding users to groups using Deployment Delegation Console, 5-14 using Oracle Directory Manager, 5-11 additional languages, 3-3 ASM recommendations (for OracleAS Cold Failover Cluster), 8-5 Associated Middle Tiers group, 5-3 B backup and recovery in OracleAS Disaster Recovery environment, 10-2 post-installation, 11-2 browser requirement, 2-4 C CD-ROM copying to hard drive, 2-22 format of, 3-8 mount point, 3-8 character sets NE8ISO8859P10 and CEL8ISO8859P14, 4-11 CLASSPATH environment variable, 2-1
troubleshooting, F-11 Deployment Delegation Console adding users to groups, 5-14 directories, integration with third-party, 4-11 disk space requirements, 2-4 DISPLAY environment variable, 2-19 distributed OracleAS Cluster (Identity Management), 9-15 deconfig failed, F-13 installing Oracle Internet Directory on first node, 9-17 installing Oracle Internet Directory on subsequent nodes, 9-19 installing OracleAS Single Sign-On and Oracle Delegated Administration Services, 9-21 distributed OracleAS Cold Failover
installing in non-empty directory, F-3 installing the grid control plug-in, A-1 installing the grid control plug-in agent, A-3 instance names, 3-3 how they are used, 3-4 reusing, F-12 valid characters, 3-4 inventory directory, 3-2, 3-6 group for, 2-16 location of, 2-16 IP installing on a computer with multiple IP addresses, 2-22 requirements, 2-2 IPC protocol, 2-13 K kernel parameters, 2-7 checking on Linux, 2-8 setting on Linux, 2-8 L languages, installing additional, 3-3 LD_LIBRARY_PATH environment vari
Oracle Enterprise Manager Application Server Control URL, 11-1 Oracle home directory, 3-1 Oracle HTTP Server in NFS installations, 11-2 Oracle Internet Directory, 5-1 adding users to groups, 5-10 cn=orcladmin superuser, 5-1 connecting using SSL, 3-7 contents of new, 5-16 creating users, 5-10 default users, 5-1 groups, 5-2, 5-4 groups required for installation, 5-4 groups required to install components, 5-4 groups required to install middle tiers, 5-7 installing, 4-20 namespace, 4-11 OracleAS Metadata Reposi
Oracle Data Guard, 10-6 setting up, 10-3 setting up identical hostnames, 10-4 staticports.
creating, B-3 creating using the record mode, B-3 examples, B-4 specifying on command-line, B-10 templates, B-3 reusing database name, F-12 root user, 3-6 root.
