Skip Headers
Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management
11
g
Release 1 (11.1.1)
Part Number E12035-02
Home
Book List
Index
Contact Us
Next
View PDF
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Enterprise Deployment Overview
1.1
What is an Enterprise Deployment?
1.2
Terminology
1.3
Benefits of Oracle Recommendations
1.3.1
Built-in Security
1.3.2
High Availability
1.4
The Enterprise Deployment Reference Topology
1.4.1
Understanding the Directory Tier
1.4.2
Understanding the Application Tier
1.4.3
Understanding the Web Tier
1.4.4
What to Install
1.5
How to Use This Guide
2
Prerequisites for Enterprise Deployments
2.1
Hardware Resource Planning
2.2
Network Prerequisites
2.2.1
Load Balancers
2.2.2
Configuring Virtual Server Names and Ports on the Load Balancer
2.2.3
Administration Server Virtual IP
2.2.4
Managing Oracle Fusion Middleware Component Connections
2.2.5
Oracle Access Manager Communication Protocol and Terminology
2.2.5.1
Oracle Access Manager Protocols
2.2.5.2
Overview of User Request
2.2.6
Firewall and Port Configuration
2.3
WebLogic Domain Considerations
2.3.1
Directory Structure Terminology and Recommendations
2.3.1.1
Directory Structure Terminology
2.3.1.2
Directory Structure Recommendations
3
Creating the WebLogic Server Domain for Identity Management
3.1
Installing Oracle WebLogic Server
3.2
Configuring the WebLogic Server Domain on IDMHOST1
3.3
Creating boot.properties for the Administration Server
3.4
Backing Up the WebLogic Server Domain Configuration
4
Installing and Configuring OID and OVD
4.1
Directory Tier Considerations
4.1.1
Directory Services-only Topologies
4.1.1.1
Oracle Virtual Directory-only Topology
4.1.1.2
Oracle Internet Directory-only Topology
4.2
Database Prerequisites
4.3
Installing and Configuring the Database Repository
4.3.1
Configuring the Database for Oracle Fusion Middleware 11g Metadata
4.4
Executing the Repository Creation Utility
4.5
Installing the Oracle Internet Directory Instances
4.5.1
Synchronizing the Time on Oracle Internet Directory Nodes
4.5.2
Installing the First Oracle Internet Directory
4.5.3
Installing an Additional Oracle Internet Directory
4.5.4
Registering Oracle Internet Directory with the WebLogic Server Domain
4.6
Installing the Oracle Virtual Directory Instances
4.6.1
Installing the First Oracle Virtual Directory
4.6.1.1
SSL Validation for Oracle Virtual Directory
4.6.2
Installing an Additional Oracle Virtual Directory
4.6.3
Registering Oracle Virtual Directory with the Oracle WebLogic Server Domain
4.6.4
Configuring Oracle Virtual Directory Communication with LDAP
4.7
Validating the Directory Tier Components
4.8
Backing Up the Directory Tier Configuration
5
Installing and Configuring Oracle DIP and ODSM
5.1
Extending the Oracle WebLogic Domain with DIP and ODSM
5.2
Expanding the DIP and ODSM Cluster
5.2.1
Install and Configure DIP and ODSM on IDMHOST2
5.2.2
Post-Installation Steps
5.2.2.1
Copy the DIP Application from IDMHOST1 to IDMHOST2
5.2.2.2
Set the Listen Address for the Managed Servers
5.2.2.3
Start the wls_ods2 Managed Server on IDMHOST2
5.3
Validating the Application Tier Configuration
5.3.1
Validating Oracle Directory Services Manager
5.3.2
Validating Oracle Directory Integration Platform
5.4
Backing Up the Application Tier Configuration
6
Installing and Configuring the Web Tier
6.1
Prerequisites
6.2
Installing Oracle HTTP Server on WEBHOST1 and WEBHOST2
6.3
Validating the Installations of Oracle HTTP Server
6.4
Configuring Oracle HTTP Server with the Load Balancer
6.5
Configuring Oracle HTTP Server for Virtual Hosts
6.6
Configuring mod_wl_ohs for Oracle WebLogic Server Clusters
6.7
Setting the Frontend URL for the Administration Console
6.8
Validating the Web Tier Configuration
6.9
Backing up the Web Tier Configuration
7
Installing and Configuring Oracle Access Manager
7.1
Introduction to Installing Oracle Access Manager
7.1.1
Using 10
g
Oracle Single Sign-On and Delegated Administration Services
7.1.2
Using Different LDAP Directory Stores
7.1.2.1
Using Oracle Virtual Directory as the Identity Store
7.2
Prerequisites
7.3
Identity System Installation and Configuration
7.3.1
Installing Identity Servers on OAMHOST1 and OAMHOST2
7.3.1.1
Installing the First Identity Server on OAMHOST1
7.3.1.2
Installing the Second Identity Server on OAMHOST2
7.3.2
Installing Oracle HTTP Server on OAMADMINHOST
7.3.2.1
Installing Oracle HTTP Server
7.3.2.2
Validating the Installation of Oracle HTTP Server
7.3.3
Installing WebPass on OAMADMINHOST
7.3.3.1
Configuring Oracle HTTP Server and WebPass Communication
7.3.3.2
Validating the WebPass Installation
7.3.4
Configuring Identity Servers Using WebPass
7.3.4.1
Configuring the First Identity Server
7.3.4.2
Configuring the Second Identity Server
7.4
Access System Installation and Configuration
7.4.1
Installing the Policy Manager on OAMADMINHOST
7.4.1.1
Configuring the Policy Manager
7.4.2
Installing the Access Server on OAMHOST1 and OAMHOST2
7.4.2.1
Creating an Access Server Instance
7.4.2.2
Starting the Access Server Installation
7.4.3
Installing WebGate on OAMADMINHOST, WEBHOST1, and WEBHOST2
7.4.3.1
Creating a WebGate Profile
7.4.3.2
Assigning an Access Server to the WebGate
7.4.3.3
Installing the WebGate
7.5
Backing Up the Oracle Access Manager Configuration
8
Configuring Single Sign-On for Administration Consoles
8.1
Prerequisites for Configuring Single Sign-On
8.2
Running the Oracle Access Manager Configuration Tool
8.2.1
Collecting the Information for the OAM Configuration Tool
8.2.2
Running the OAM Configuration Tool
8.2.3
Update the Host Identifier
8.2.4
Update the WebGate Profile
8.2.5
Update the Form Authentication for Delegated Administration
8.3
Validating the Policy Domain and AccessGate Configurations
8.3.1
Validating the Policy Domain Configuration
8.3.2
Validating the AccessGate Configuration
8.4
Setting Up the WebLogic Authenticators
8.4.1
Setting Up the Oracle Internet Directory Authenticator
8.4.2
Setting Up the OAM ID Asserter
8.4.3
Reorder OAM Identity Asserter, OID Authenticator, and Default Authenticator
8.4.4
Stop and Start the WebLogic Administration Servers and Managed Servers
8.5
Changing the Login Form for the Administration Server
8.6
Creating WebLogic Administrative Users in an LDAP Directory
8.6.1
Provisioning Admin Users and Groups in an LDAP Directory
8.6.2
Assigning the Admin Role to the Admin Group
8.6.3
Updating the boot.properties File on IDMHOST1 and IDMHOST2
8.7
Policy and Credential Store Migration
8.7.1
JPS Root Creation
8.7.2
Reassociate the Policy and Credential Store
8.8
Validate the Oracle Access Manager Single Sign-On Setup
9
Enabling Administration Server High Availability
9.1
Configuring High Availability for Oracle WebLogic Administration Server
9.1.1
Enabling a Virtual IP Address on IDMHOST1
9.1.2
Create a Machine for the Administration Server
9.1.3
Enable the Administration Server to Listen on the Virtual IP Address
9.1.4
Update Enterprise Manager Agent and OPMN Configuration
9.1.5
Update the WEBHOST Configuration
9.1.6
Validate the WEBHOST and Administration Server Configuration Changes
9.2
Provisioning the Administration Server and Fusion Middleware Control on IDMHOST2
9.3
Validating Administration Server and Oracle Fusion Middleware Control Failover on IDMHOST2
10
Managing Enterprise Deployments
10.1
Monitoring Enterprise Deployments
10.1.1
Monitoring Oracle Internet Directory
10.1.1.1
Oracle Internet Directory Component Names Assigned by Oracle Identity Management Installer
10.1.2
Monitoring Oracle Virtual Directory
10.1.3
Monitoring Oracle Directory Integration Platform
10.1.4
Monitoring Oracle Access Manager
10.2
Auditing Identity Management
10.3
Scaling Enterprise Deployments
10.3.1
Scaling Up the Topology
10.3.1.1
Scaling Up the Directory Tier
10.3.1.1.1
Scaling Up Oracle Internet Directory
10.3.1.1.2
Scaling Up Oracle Virtual Directory
10.3.1.2
Scaling Up the Application Tier
10.3.1.2.1
Scaling Up Oracle Directory Integration Platform and Oracle Directory Services Manager
10.3.1.3
Scaling Up Oracle Access Manager
10.3.1.4
Scaling Up the Web Tier
10.3.2
Scaling Out the Topology
10.3.2.1
Scaling Out the Directory Tier
10.3.2.1.1
Scaling Out Oracle Internet Directory
10.3.2.1.2
Scaling Out Oracle Virtual Directory
10.3.2.2
Scaling Out the Application Tier
10.3.2.2.1
Scaling Out Oracle Directory Integration Platform and Oracle Directory Services Manager
10.3.2.2.2
Scaling Out Oracle Access Manager
10.3.2.3
Scaling Out the Web Tier
10.4
Performing Backups and Recoveries
10.5
Patching Enterprise Deployments
10.5.1
Patching an Oracle Fusion Middleware Source File
10.5.2
Patching Identity Management Components
10.6
Troubleshooting
10.6.1
Troubleshooting Oracle Internet Directory
10.6.2
Troubleshooting Oracle Virtual Directory
10.6.3
Troubleshooting Oracle Directory Integration Platform
10.6.4
Troubleshooting Oracle Directory Services Manager
10.6.5
Troubleshooting Oracle Access Manager
10.6.5.1
User is Redirected to the Login Screen After Activating Some Administration Console Changes
10.6.5.2
User is Redirected to the Administration Console's Home Page After Activating Some Changes
10.6.5.3
OAM Configuration Tool Does Not Remove Invalid URLs
10.7
Other Recommendations
10.7.1
Preventing Timeouts for SQL*Net Connections
Index
Scripting on this page enhances content navigation, but does not change the content in any way.