Saturday, December 8, 2007

Step by Step Installation Guide of Oracle Identity Management in a Single Oracle Home




Source: Oracle Documentation - For Education,Testing and Evaluation Purpose.

A topology where Oracle HTTP Server, Oracle Application Server Single Sign-On, Oracle Delegated Administration Services, Oracle Internet Directory, and Oracle Directory Integration Platform are located in the same Oracle Home. This Oracle Home is associated with an OracleAS Metadata Repository.

For Requirements :

http://download.oracle.com/docs/cd/B28196_01/install.1014/b28194/reqs.htm#CHDCBEJG

The below Oracle Software can be used for this installation:

10g Release 2 (10.1.2)
or
10g Release 3 (10.1.3) middle tier

Software and Hardware Requirements:

- Download the Software

http://www.oracle.com/technology/software/products/ias/htdocs/101401.html

- System Requirements:

http://download.oracle.com/docs/cd/B28196_01/install.1014/b28194/reqs.htm#BABICBJA


Installing Oracle Identity Management Components Only (Including Oracle Internet Directory)


Note: Installation of Oracle Identity Management Components without OracleAS Metadata Repository

Prerequisite:

OracleAS Metadata Repository that is not already registered with any Oracle Internet Directory


1. ./runInstaller


In the Select Installation Type screen, select Oracle Identity Management

2.Select Configuration Options

- Select Oracle Internet Directory
- Select Oracle Application Server Single Sign-On
- Select Oracle Application Server Delegated Administration Services and/or Oracle Directory Integration Platform if you need the services provided by these components.

- Select Oracle Application Server Certificate Authority (OCA) if you want to configure your own certificate authority which can issue certificates for users and servers.

Do not select High Availability and Replication.

Click Next.

Note:1)These components are optional, but you might want to install them because they provide the following services:

Oracle Delegated Administration Services provide a browser-based interface to Oracle Internet Directory. Users can use the interface to perform tasks such as changing their passwords, searching for other users in the directory, and creating groups. Users can even create additional users (if they have the proper privilege).

Oracle Directory Integration Platform enables you to integrate applications and third-party LDAP directories with Oracle Internet Directory. You can use Oracle Directory Integration Platform to synchronize data in all directories, and to send notifications to applications when data in Oracle Internet Directory changes (for example, when you add users or groups to Oracle Internet Directory).

2) OCA:If you select Oracle Application Server Certificate Authority (OCA) in the Select Configuration Options screen when you are installing an OracleAS Infrastructure, the installer displays the screens. Follow OCA Installation steps at the end of Oracle Identity Management steps



3. Specify Port Configuration Options

-select Automatic for default ports.

- Created a staticports.ini file, select Manual and enter the fullpath to your staticports.ini file.

Click Next.

4. Specify Repository

- Username: Enter the username to use to log in to the OracleAS Metadata Repository database. The user must have DBA privileges.

- Password: Enter the user's password.

- Hostname and Port: Enter the name of the computer where the database is running, and the port number at which it is listening. Use the format: host:port.

- Service Name: Enter the service name of the database. Note that the service name must include the database domain name.

Example: prod.quickoracle.com

Click Next.

5.Specify Namespace in Internet Directory

- Select the suggested namespace, or enter a custom namespace for the location of the default Oracle Identity Management realm.

- Ensure the value shown in Suggested Namespace meets your deployment needs. If not, enter the desired value in Custom Namespace

6. Enter information to configure OCA

Provide the information as prompted by the OCA screens.

7. Specify Instance Name and ias_admin Password

Instance Name: Enter a name for this infrastructure instance.

exmaple: id_prod

ias_admin Password and Confirm Password: Set the password for the ias_admin user. This is the administrative user for the instance.

example : hello1234

8. Finish the installation


Oracle Application Server Certificate Authority (OCA) Install:


Note 1: You cannot install more than one OCA against the same OracleAS Metadata Repository. When you are installing Oracle Identity Management components only against an existing OracleAS Metadata Repository, be sure that the metadata repository does not already have an instance of OCA configured against it.

Note 2:You install OracleAS Metadata Repository and Oracle Identity Management components including OCA on a computer. Then if you try to install additional Oracle Identity Management components (including OCA) on the same or different computer against the same OracleAS Metadata Repository, this installation would fail.


1. Select OracleAS Metadata Repository

Note: This screen appears only if you are configuring OCA and you are using an existing Oracle Internet Directory and you are using an existing OracleAS Metadata Repository. The Oracle Internet Directory must contain the registration for the OracleAS Metadata Repository that you want to use.

Select the OracleAS Metadata Repository that you want OCA to use.

Click Next.

2. Specify OCA Distinguished Name

OCA uses the DN specified on this screen to populate the Issuer field of certificates that it issues.

Typical DN: Use this section if your DN uses only the attributes listed in this section. You do not have to fill in all the attributes specified in this section. Only the o (organization) attribute is required. Note that the ' (single quote) character is not a valid character in any of the attributes.

Common Name (CN): Enter the name that you want on the certificate. This name must be different from your hostname. Example:

Ramnik Gupta.

Organizational Unit (OU): Enter the name of your division or department. Example: Operations.

Organization (O)*: Enter the name of your company or organization. Example: Quick Oracle.

Country (C): Select your country from the drop-down list.

Custom DN: If your DN uses attributes not listed in the Typical DN section, specify your DN in this section.

Click Next.

3. Select OCA Key Length

Key Length (bits): Select the key length used in RSA algorithm to sign all certificates issued by OCA. Oracle recommends that you use at least a 2048-bit key length. Longer key lengths provide greater security, but require more time to issue each new certificate.

Click Next.

4. Specify OCA Administrator's Password

Administrator's Password and Confirm Password: Specify and confirm the password for the OCA administrator.

You need this password to manage OCA. This password is also used by the OCA Configuration Assistant.

You can change the password after installation using the ocactl command.

Click Next.

5 comments:

Anonymous said...

I really like your learning from life, and your installation guide.
Thank you.
Larry

Unknown said...

Hi,

I want to install the OID on Sun Solaris server X86 and Sparc.

This is my first time installation.
can you please let me know what should I install before OID. what is the sequeence of installation.

can you please provide any link to install oid on solaris.

my mailid is: meetgs@gmail.com

Unknown said...

Thanks for your post and welcome to check: here.

U'r Life said...

Nice post,use full stuff for every one thanks for the post, And you can also check for any issues and tips and trouble shooting related to appsdba 11i and R12 on http://www.appstier.blogspot.in/

Unknown said...

Regards
Sridevi Koduru (Senior Oracle Apps Trainer Oracleappstechnical.com)
LinkedIn profile - https://in.linkedin.com/in/sridevi-koduru-9b876a8b
Please Contact for One to One Online Training on Oracle Apps Technical, Financials, SCM, Oracle Manufacturing, OAF, ADF, SQL, PL/SQL, D2K at sridevikoduru@oracleappstechnical.com | +91 - 9581017828.