Installing and Configuring Oracle Identity Manager
Installing Oracle Identity Manager
This OBE tutorial describes and shows you how to perform
the installation of Oracle Identity Manager. This process involves installing the Oracle
Identity Manager Server and the Oracle Identity Manager Design Console. This OBE
tutorial also lists the preinstallation requirements.
Approximately 1½ hour
This OBE tutorial covers the following topics:
 Place
the cursor over this icon to load and view all the screenshots for this tutorial.
(Caution: Because this action loads all screenshots simultaneously, response
time may be slow depending on your Internet connection.)
Note: Alternatively, you can place the cursor
over each individual icon in the following steps to load and view only the screenshot
associated with that step.
The screenshots will not reflect the specific environment
you are using. They are provided to give you an idea of where to locate specific
functionality in Oracle Identity Manager.
Oracle Identity Manager is an application that selectively
automates the tasks required to manage access privileges for a user across resources
within an enterprise covering the entire identity management life cycle. By using
Oracle Identity Manager, you can create access privileges to resources for users,
modify these privileges dynamically (based on changes to user and business requirements),
and remove these access privileges from users when no longer required. As a
result, Oracle Identity Manager handles user identity information across multiple
identity stores to maintain data accuracy.
Back to Topic List
Linda works as a network administrator for Mydo Main Corporation.
In Mydo Main, Linda is responsible for managing the access privileges for various
user groups to various resources within the organization. To perform such user
management tasks, she needs to install the Oracle Identity Manager Server and the Oracle
Identity Manager Design Console. By using Oracle Identity Manager, Linda can
create access privileges to resources for users, modify these privileges, and
remove the access privileges from the users. This enables Linda to manage user
identities across the enterprise setup of Mydo Main.
Back to Topic List
Before you start the installation task, make sure that your
system environment meets the following requirements:
Software Requirements
The system should include the following
products:
- Oracle Database 10.2.0.1.0
- JBoss 4.0.2
- JDK 1.4.2_12
Hardware Requirements
| Item |
Specification |
| Processor Type |
Intel Xeon or Pentium IV |
| Processor Speed |
2.4 GHz or higher |
| Number of Processors |
1 or more (if required) |
| Memory |
1 GB |
| Hard Disk Space |
20 GB (initial size) |
| Operating System |
MS Windows 2003 Server with SP1 |
Oracle Identity Manager is a J2EE-based application
that needs to run in a supported application server. You need to install Oracle
Identity Manager in a JBoss application server environment. By default, the
JBoss application server is configured to use 128MB to 512MB of memory. These
settings must be updated to support the Oracle Identity Manager application.
Oracle Identity Manager requires a minimum setting of 512 MB and a maximum setting
of 1,024 MB of memory to pass the installation memory check. You need to change
the JBoss default memory settings to prepare for the Oracle Identity Manager
installation. After checking the hardware and software requirements, perform
the following steps to change JBoss default memory settings:
|
1.
|
Navigate to the E:\jboss-4.0.2\bin
folder and right-click to edit the run.bat
file.
Note: The path from where you
can edit the run.bat file might differ from
the one shown in the screenshot. If your JBoss installation is in a different
location, you need to navigate to that directory. Ensure that the Oracle
database is started before you proceed with the preinstallation configuration.
|
|
2.
|
In the run.bat file, scroll down to edit the line set
JAVA_OPTS=%JAVA_OPTS% -Xms128m -Xmx512m to set
JAVA_OPTS=%JAVA_OPTS% -Xms512m -Xmx1024m.
Note: In this step, you increase the memory settings for JBoss.
|
| 3. |
From the File menu, select Save to store the new memory
settings.
|
| 4. |
From the File menu, select Exit.
|
| 5. |
Navigate to E:\jboss-4.0.2\bin
and double-click the run.bat
file. This step initiates the JBoss application server.
|
| 6. |
Open the browser and enter the URL to access the JBoss Admin Console
in the following format:
http://<hostname>.<domainname>:<port>/web-console/
Note: The URL might differ for your system depending upon the
host name. The JBoss application server should start with the new memory
settings without any error.
|
All user information data related to Oracle Identity
Manager needs to be stored in a repository. You can configure the tablespace
and user identity used by Oracle Identity Manager. Use the prepare_xl_db.bat
script to create the user for the Oracle Identity Manager repository and to
create objects within the database. Before using the prepare_xl_db.bat
script, ensure that in the init.ora file (found in <ORACLE_HOME>\admin\<ORACLE_SID>\pfile
folder), the value of the QUERY_REWRITE_ENABLED parameter is set to TRUE
and the value of QUERY_REWRITE_INTEGRITY is set to TRUSTED. After
doing this check, perform the following steps to prepare the database for the
Oracle Identity Manager repository:
|
1.
|
Open a command prompt window and type E:,
and then press the Enter key.
|
|
2.
|
Type cd \OIM_Installs\oracle_identity_manager\installServer\Xellerate\db\oracle\
and press the Enter key.
|
| 3. |
Enter prepare_xl_db.bat orcl
E:\oracle\product\10.2.0\db_1 oimuser abcd1234 oimtbs E:\oracle\product\10.2.0\oradata\orcl
oimtbs_01 TEMP abcd1234.
Note: The syntax for this command is prepare_xl_db.bat
<ORACLE_SID> <ORACLE_HOME> <XELL_USER> <XELL_USER_PWD>
<TABLESPACE_NAME> <DATAFILE_DIRECTORY> <DATAFILE_NAME>
<XELL_USER_TEMP_TABLESPACE> <SYS_USER_PASSWORD>. This
command creates the OIMUSER
database account, creates the OIMTBS
tablespace, grants privileges to the user, and specifies other database settings.
This script on successfully execution generates certain warnings messages.
You can examine the prepare_xl_db.1st
file in the same location for further references on these warnings.
|
Back to Topic List
After performing the preinstallation configuration, you need
to install Oracle Identity Manger Diagnostic Dashboard. Oracle Identity
Manager Diagnostic Dashboard is a Web application that can be used to check
the preinstallation requirements for Oracle Identity Manager. These requirements
include whether:
- An Oracle database is created and prepared properly
- Oracle Identity Manager can establish a connection
to this database
You must deploy the Diagnostic Dashboard Web application on
the JBoss application server. You need to copy the XIMDD.WAR
file for the Diagnostic Dashboard to the deployment directory of JBoss and then
start the JBoss application server. The JBoss application server reads the directory
and finds the new XIMDD.WAR file
for the Diagnostic Dashboard. This WAR file is installed automatically. The
diagnostic tool is installed as an application in the JBoss application server.
After this tool is deployed, you can access and run this tool to confirm preinstallation
checks for the Oracle Identity Manager Server
installation. To install Oracle Identity Manager Diagnostic Dashboard, perform
the following steps:
|
1.
|
Open the command prompt window and enter the following
command:
copy E:\OIM_Installs\oracle_identity_manager\DiagnosticDashboard\XIMDD.war
E:\jboss-4.0.2\server\default\deploy
|
|
2.
|
Press the Enter key to confirm the copying of the file.
|
| 3. |
In Windows Explorer, navigate to E:\jboss-4.0.2\bin
and double-click the run.bat
file. This command launches the JBoss application server that installs
the Diagnostic Dashboard.
|
| 4. |
Open the browser and enter the URL to access the Diagnostic Dashboard
in the following format:
http://<hostname>.<domainname>:<port>/XIMDD/
.
Note: XIMDD
should be styled only in uppercase.
|
| 5. |
After deploying the Diagnostic Dashboard, you need to run it to check
the system before installing the Oracle Identity
Manager Server. Then click Diagnostic Dashboard.
|
| 6. |
Scroll down and select the Test Name: Oracle Database Prerequisite
Check check box.
Note: In this case, the check verifies whether the installed Oracle
database instance clears the prerequisites required to install Oracle
Identity Manager.
|
| 7. |
For the check, provide the following parameters:
| Parameter |
Value |
| Database Server |
ten.mydomain.com |
| Port |
1521 |
| XIM Database Name |
orcl |
| XIM User Name |
oimuser |
| System User Name |
SYSTEM |
| System User Password |
abcd1234 |
Note: You can use your own values for all these parameters
on the basis of any changes made to the default values.
|
| 8. |
Select the Test Name: Java VM System Properties
Report check box and then click Verify.
|
| 9. |
Notice the pass result for the verification test. This test verifies
that the JVM is enabled and that the Java pool size meets the required limit. Also,
this test verifies that the Oracle Identity Manager
user has the necessary roles and privileges.
Note: If the database test fails, you need to rerun the test after
checking all the values that need to be provided before running the check.
|
Back to Topic List
After performing the installation for the Diagnostic Dashboard,
you need to install the Oracle Identity Manager Server. In this installation,
you need to provide the details for the JBoss application server and the Oracle
database for this installation. Ensure that the JBoss application server is
not running for this activity. Also, ensure that the database is running before
installing Oracle Identity Manager. To ensure
that the Oracle database is up, you need to check whether the services for the SID,
TNSListener, iSQL Plus, and DB Console are running. To install the Oracle Identity
Manager Server, perform the following steps:
|
1.
|
Navigate to E:\OIM_Installs\oracle_identity_manager\installServer
and double-click the setup_server.exe
file. This launches the installer for the Oracle Identity Manager Server.
|
|
2.
|
Click Next.
|
| 3. |
Click the Oracle Identity Manager with Audit and Compliance module
option button and then click Next.
Note: You need to use the attestation features of Oracle Identity
Manager for audit and compliance purposes. For this you select the Oracle
Identity Manager with Audit and Compliance module option button.
|
| 4. |
Click Browse and navigate to E:\oracle.
.
Note: In this step, you can select any location where you want
to install the Oracle Identity Manager Server.
|
| 5. |
Enter E:\oracle\oim_server
as the file name and click Open.
|
| 6. |
Click Next.
|
| 7. |
Click OK to create the directory.
|
| 8. |
In this setup, the Oracle database is used for
the Oracle Identity Manager Server to communicate with a database. For choosing
the database that is used to store the Oracle Identity
Manager repository, click the Oracle option button and click
Next.
|
| 9. |
For the database connectivity information, provide the following values
and then click Next.
| Parameter |
Value |
| Database Hostname |
ten.mydomain.com |
| Port |
1521 |
| Database SID |
orcl |
| User Name |
oimuser |
| System User Password |
abcd1234 |
Note: This step links the installation to the existing Oracle
database that is being used for storing the Oracle
Identity Manager repository.
|
| 10. |
To select the authentication mode, click the Oracle Identity Manager
Default Authentication option button and click Next.
Note: This step ensures that you do not opt for any external Web-based
access control system. Here you are using the default setting of Oracle
Identity Manager to authenticate its Administrative Console.
|
| 11. |
On this screen, you select the application server that is used to
deploy Oracle Identity Manager. For this setup, click the JBoss
option button and then click Next.
|
| 12. |
In this setup, the JBoss instance used for the Oracle Identity Manager
Server installation is not clustered. To retain the JBoss application
server option, click Next.
|
| 13. |
To select the location of the application server, click Browse
and navigate to E:\jboss-4.0.2,
and then click Open.
Note: The location above may be different for you. You can instead browse
to the location where you have installed JBoss.
|
| 14. |
To select the location of the JDK that is used to run the JBoss application
server, click Browse and navigate to
E:\j2sdk1.4.2_12, and then click Open.
|
| 15. |
Click Next.
|
| 16. |
You have now selected all the configuration settings for installing Oracle
Identity Manager Server. To proceed with the installation process,
click Next.
|
| 17. |
Review the summary information for the location of the installation and
the total size for the installation. Then, click Install.
|
| 18. |
You can note down the location for the installation logs for future references
and then click OK.
|
| 19. |
Click Finish to complete the installation.
|
| 20. |
To verify the Oracle Identity Manager Server installation, navigate to
E:\jboss-4.0.2\bin and double-click
the run.bat file. This launches the
JBoss application server.
|
| 21. |
Open a browser window and enter the URL to access the Oracle
Identity Manager Admin Console in the following format:
http://<hostname>.<domainname>:<port>/xlWebApp
Note: You should be able to view the Web-based console for the
Oracle Identity Manager Server. This is
the Oracle Identity Manager Administrative Console, which is used for
managing Oracle Identity Manager connectors. Also, xlWebApp
is case sensitive.
Note: For the first time, log in to Oracle Identity Manager. The
default password for the xelsysadm user is xelsysadm. After the first
time you log in with a particular user account, you must select and answer
the "challenge" questions. These questions are used in the future to verify
your identity if you need to reset your password.
However, for all subsequent logins with that account, these questions
do not appear. Instead, you are taken directly to the Home page of the
Administrative Console.
|
Back to Topic List
After performing the installation for the Oracle Identity
Manager Server, you need to install the Oracle Identity Manger Design Console.
This Design Console client is used by Oracle Identity
Manager administrators for configuring it with the Oracle
Identity Manager Server. Before this installation, you need to ensure
that the JBoss application server and the Oracle database have been started.
To install the Oracle Identity Manger Design Console, perform the following steps:
|
1.
|
Navigate to E:\OIM_Installs\oracle_identity_manager\installServer
and double-click the setup_client.exe
file. This application launches the installer for the Oracle Identity
Manager Design Console.
|
|
2.
|
Click Next.
|
| 3. |
Click Browse and navigate to E:\oracle.
Enter E:\oracle\oim_designConsole as the directory and click
Next.
|
| 4. |
Click OK to create the directory.
.
|
| 5. |
Click Next to confirm that JBoss is the application server.
|
| 6. |
Click the Use existing JRE at the following locations option button
and then click Browse.
Note: If you do not have JRE preinstalled on
your system, you can select the other option to install it with the client
installation.
|
| 7. |
Navigate to E:\j2sdk1.4.2_12 and click
Open.
|
| 8. |
Click Next.
|
| 9. |
Enter ten.mydomain.com as the host
name and click Next.
|
| 10. |
Change the Oracle Identity Manger Web Server Host IP Address to ten.mydomain.com
and click Next.
Note: Retain the port number as 8080. Select
No for the SSL option. The SSL is not selected for performance
reasons, because a non-SSL connection between the Oracle Identity Manager
Server and Design Console is faster than an SSL connection.
|
| 11. |
To create Oracle Identity Manager Client
shortcuts to the Start menu and the desktop, click Next.
|
| 12. |
Review the summary information and then click Install.
|
| 13. |
You will be prompted to copy the jbossall-client.jar
file to proceed
with the installation. At the command prompt, enter copy
E:\jboss-4.0.2\client\jbossall-client.jar E:\oracle\oim_designConsole\xlclient\ext
and press the Enter key.
|
| 14. |
Click OK.
|
| 15. |
Verify the status and click Finish to close the installation.
|
| 16. |
You can again run the diagnostic checks to verify the Oracle database
and the Java VM System Properties. To perform this check, open the browser
and enter the URL to access the Diagnostic Dashboard in the following
format:
http://<hostname>.<domainname>:<port>/XIMDD/
.
|
| 17. |
To check the system click Diagnostic Dashboard.
|
| 18. |
Scroll down and select the Test Name: Oracle Database Prerequisite
Check check box.
|
| 19. |
For the check, provide the following parameters:
| Parameter |
Value |
| Database Server |
ten.mydomain.com |
| Port |
1521 |
| XIM Database Name |
orcl |
| XIM User Name |
oimuser |
| System User Name |
SYSTEM |
| System User Password |
abcd1234 |
|
| 20. |
Select the Test Name: Java VM System Properties
Report check box and then click Verify.
|
| 9. |
Notice the pass result for the verification test. This test verifies
that after all the installations, the JVM is enabled and that the Java
pool size meets the required limit.
|
Back to Topic List
In this lesson, you learned how to:
Back to Topic List
 |
Perform the preinstallation
configuration |
|
Install Oracle Identity Manager
Diagnostic Dashboard |
|
Install the Oracle Identity Manager
Server |
|
Install the Oracle Identity Manager
Design Console |
|
To ask a question about this OBE tutorial, post a query on the OBE
Discussion Forum. |
Back to Topic List
Place the cursor over this icon to hide all screenshots.
|
Bookmark
