Skip Headers
Oracle® Fusion Middleware Installation Guide for Oracle Identity Management
11g Release 1 (11.1.1)
Part Number E12002-05
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Master Index
Master Index		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to next page
Next
View PDF

18.9 Migrating Policy and Credential Stores

You begin policy and credential store migration by creating the JPS root and then you reassociate the policy and credential store with Oracle Internet Directory.

Migrating policy and credential stores involves the following steps:

  1. Creating JPS Root

  2. Reassociating the Policy and Credential Store

18.9.1 Creating JPS Root

Create the jpsroot in Oracle Internet Directory using the command line ldapadd command as shown in these steps:

  1. Create an ldif file similar to this:

    dn: cn=jpsroot_idm
cn: jpsroot_idm_idm
objectclass: top
objectclass: orclcontainer

  2. Use ORACLE_HOME/bin/ldapadd to add these entries to Oracle Internet Directory. For example:

    ORACLE_HOME/bin/ldapadd -h oid.mycompany.com -p 389 -D cn="orcladmin" -w
welcome1 -c -v -f jps_root.ldif

18.9.2 Reassociating the Policy and Credential Store

To reassociate the policy and credential store with Oracle Internet Directory, use the WLST reassociateSecurityStore command. Follow these steps:

  1. From IDMHOST1, start the wlst shell from the ORACLE_HOME/common/bin directory. For example:

    ./wlst.sh

  2. Connect to the WebLogic Administration Server using the wlst connect command shown below.

    connect('AdminUser',"AdminUserPassword",t3://hostname:port')

    For example:

    connect("weblogic_idm,"welcome1","t3://idmhost-vip.mycompany.com:7001")

  3. Run the reassociateSecurityStore command as shown below:

    Syntax:

    reassociateSecurityStore(domain="domainName",admin="cn=orcladmin",
password="orclPassword",ldapurl="ldap://LDAPHOST:LDAPPORT",servertype="OID",
jpsroot="cn=jpsRootContainer")

    For example:

    wls:/IDMDomain/serverConfig> reassociateSecurityStore(domain="IDMDomain",
admin="cn=orcladmin",password="password",
ldapurl="ldap://oid.mycompany.com:389",servertype="OID",
jpsroot="cn=jpsroot_idm_idmhost1")

    The output for the command is as follows:

    {servertype=OID, jpsroot=cn=jpsroot_idm, admin=cn=orcladmin,
domain=IDMDomain, ldapurl=ldap://oid.mycompany.com:389, password=password}
Location changed to domainRuntime tree. This is a read-only tree with
DomainMBean as the root.
For more help, use help(domainRuntime)

Starting Policy Store reassociation.
LDAP server and  ServiceConfigurator setup done.

Schema is seeded into LDAP server
Data is migrated to LDAP server
Service in LDAP server after migration has been tested to be available
Update of jps configuration is done
Policy Store reassociation done.
Starting credential Store reassociation
LDAP server and  ServiceConfigurator setup done.
Schema is seeded into LDAP server
Data is migrated to LDAP server
Service in LDAP server after migration has been tested to be available
Update of jps configuration is done
Credential Store reassociation done
Jps Configuration has been changed. Please restart the server.

  4. Restart the Administration Server after the command completes successfully. For information about restarting the Administration Server, see Starting the Servers.

Go to previous page
Previous		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Master Index
Master Index		 Go to Feedback page
Contact Us