Fusion Applications 11.1.1.5.1 Installation Part IV – Extend WebLogic Domain to include OIM/OAM and configure OIM

This post covers part III of Fusion Applications 11.1.1.5.1 Installation, configure Identity and Policy Store for Fusion Application. For previous steps check below links

OIM/OAM 11g installation and other key tasks required for administrators is also covered in my book

During Part II Configure OID for Fusion Applications step, you created WebLogic Domain with one Admin Server and one Managed Server. In this step we will extend this WebLogic Domain  to include OIM/OAM/SOA (SOA is required for OIM)

1. Start WebLogic Domain configuration by running config.sh from $MW_HOME/oracle_common/common_bin (This config.sh is different from $ORACLE_HOME/bin/config.sh which is used to configure OIM)

2. Select extend an existing WebLogic Domain

3. Select following components

a) Oracle Identity Manager
b) Oracle Access Manager with Database Policy Store

Note: Installer will automatically select dependent components like SOA, OWSM..

4. On configure JDBC detail screen, provide database, schema name, password etc. created using RCU (Repository Creation Utility)

5. On configuration summary screen, if you get warning CFGFWK-60322 server listen ports in your domain ... you can safely ignore this error message.

6. Restart Administration Server and ODSM Managed Server (Do not start OIM managed Server yet).

.

Configure OIM

1. Configure Oracle Identity Manager (OIM) using IAM ORACLE_HOME/bin/config.sh 

( There are four Oracle Home ORACLE_HOME under Middleware Home MW_HOME

a) Common ORACLE_HOME under $MW_HOME/oracle_common – containing JRF and other common files

b) IAM  ORACLE_HOME under $MW_HOME/iam (This directory name can be different) – containing OIM, OAM, OAAM

c) IDM  ORACLE_HOME under $MW_HOME/idm (This directory name can be different) – containing OID, OVD, OIF

d) SOA  ORACLE_HOME under $MW_HOME/soa (This directory name can be different) – containing SOA )

Note: You must select LDAPSync and integration with OAM during OIM configuration.

2. Restart Admin Server and start OIM/OAM managed server.

In next post I’ll cover steps to configure OIM integration with OAM

About the Author Atul Kumar

Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.

follow me on:

Leave a Comment:

17 comments
Jani says January 5, 2012

Hi!

Can i use Microsoft AD instead of OID? Or Forms have to have an OID(when i use SSO)?

Regards, Jani

Reply
Atul Kumar says January 5, 2012

@ Jani,
What is version of Forms and which SSO server (including version) you are planning to use.

Reply
Atul Kumar says January 5, 2012

@ Jani,
As per 9.1 at http://docs.oracle.com/cd/E24269_01/doc.11120/e24477/sso.htm#BABCBCEG

It is required that these authentication servers are configured to use Oracle Internet directory as the backend Identity Store.

Hence OID is mandatory, though you can sync users from AD to OID and user passwords stored in AD (using OID external authentication plug-in)

Reply
Jani says January 5, 2012

Hi Atul!

Thanks very much the quick answer.
Now we use 10.1.2(MRCA-OID-SSO-MID 2 node fail-over load-balanced) architecture and we are planning to use an (new install) weblogic+OAM(sso)+forms architecture.

Regards, Jani

Reply
Jerry says January 7, 2012

Hi, Atul

Thanks a lot for sharing all of this!

I finally got some time this weekend to complete part IV, looking forward to your new post! 🙂

Best Regards,
Jerry

Reply
Jerry says January 17, 2012

Hi, Atul

Do you know how to limit memory usage for weblogic, oim, oam, ods, soa ….

I’m trying to install fusion application in a virtual machine, which has only 6GB memory….

I tried overriding MEM_ARGS=-Xms256m -Xmx256m in the startWebLogic.sh, but that doesn’t seem to work.

Please kindly share the tricks to limit memory usage of those weblogic IDMdomain servers.

BTW, i’m also curious if all of them are needed to be running at the same time. is there any component that i can skip in order to run Fusion Application?

Thank you!

Best Regards,
Jerry

Reply
Atul Kumar says January 18, 2012

@ Jerry,
I don’t think you can install Fusion Apps with 6 GB memory.

Reply
mvdwilden says January 25, 2012

Hi Jerry,

I’m on the provisioning itself and the database server running on the Fusion Apps side, already absorbs 105 Gigabyte of RAM. My advice to install OFA on a machine with at least 144 GB of RAM. And that includes the FMW side as well.

Mike

Reply
mvdwilden says January 25, 2012

Hi Atul,

Q: Currently I’m facing some problems on the OIM side. I hope you can help me on this. I did follow the steps in the Oracle manual, except the OIF. I’ve understand this is not mandatory.
The error is ” ”
Also when I login in to the Enterprise Manager I receive similair error “returning the ovd url value :” (the url is empty…)
I’ve found a MBean under OIM – oim(11.1.1.3.0) > oracle.iam – Server: wls_oim1 – Application: oim – XMLConfig – Config (MBean). When you invoke the operation ‘fetchOVDInfo’ you’ll receive the exact error as before “returning the ovd url value :”. The returned value is indeed emtpy.

Do you have any idea?

Thx, Mike

Reply
mvdwilden says January 25, 2012

Somehow the brackets won’t work in this blog. Sorry for this.

The error is without the brackets: Cannot bind to OVD with URL

Reply
Mohan says January 29, 2012

Hi Atul,

Can you please let me know when can I expect rest of the post in the Fusion installation series.

Thank you,

Mohan

Reply
Atul Kumar says January 30, 2012

@ Mohan,
I’ll post next in Fusion Apps installation series by end of this week.

Reply
fusion_cwa says February 4, 2012

Atul, I am stuck on Configure OIM > Step 8 of 11 LDAP Server Continued. What values should be used for LDAP Role/User/User Reservation Containers? Can I provide any value I wish or does this correspond to some previous setup?

Thanks again for your help!

Reply
Jerry says February 4, 2012

Hi, Atul

I had the same question as @fusion_cwa, while I was configuring OIM, i put some value there and the configuration didn’t throw any error.
And later in weblogic console, when oim/oam server are up, no issue or error found.
If this part has anything to do with previous setup, please let us know.

Also, in the note part of this post:
Note: You must select LDAPSync and integration with OAM during OIM configuration.

I only found option for LDAPSync on step 6 of 11, but not sure about the ‘integration with OAM during OIM’ part.

please also help to explain this part.

Thank you!

Jerry

Reply
Atul Kumar says February 5, 2012

@ Fusion_CWA,
User, Group and Role container can’t be any value. It should depend on value defined earlier during OID configuration.

If domain (security realm) defined during OID configuration is dc=onlineappsdba, dc=com

Then User Container Value : cn=Users, dc=onlineappsdba, dc=com

Role Container Value : cn=Groups, dc=onlineappsdba, dc=com

Reserve Container Value : cn=Reserve, dc=onlineappsdba, dc=com

Reply
Viraj says May 31, 2012

Hi Atul,

While following the above step i’m stuck at LDAP server screen,

i’ve given LDAP server url as ‘ldap://btztfus01.biztechmsp.com:3060’ and username as oimadmin and its password, but it is throwing error saying “Could not able to connect to LDAP with give credentials”

Please suggest.

Regards,
Viraj

Reply
Atul Kumar says May 31, 2012

@ Viraj,
You shoud use DN (distinguished name of oimadmin user like )

cn=oimadmin (or oimldap), cn=users, dc=

Reply
Add Your Reply

Not found