1. Installing and Configuring Oracle Internet Directory
  2. Configuring Oracle Internet Directory Domain

4 Configuring Oracle Internet Directory Domain

After you have installed Oracle Internet Directory, you can configure the domain, which you can also extend for high availability.

The configuration steps presented here assume that you have completed the installation steps covered in:

Refer to the following sections to create the database schemas, configure a WebLogic domain, and verify the configuration:

Creating the Database Schemas

Before you can configure a domain, you must install required schemas on a certified database for use with this release of Oracle Fusion Middleware.

Note:

As of Oracle Fusion Middleware 14c (14.1.2.1.0), new schemas are created with editions-based redefinition (EBR) views enabled by default. Oracle Internet Directory schemas do not support EBR, therefore, in order to use the EBR functionality with your non-OAM schemas, you will have to run the RCU twice.

When EBR is enabled, the schema objects can be upgraded online to a future Fusion Middleware release without any downtime. For more information about using editions-based redefinition, see Using Edition-based Redefinition.

Parent topic: Configuring Oracle Internet Directory Domain

Installing and Configuring a Certified Database

Before you create the database schemas, you must install and configure a certified database, and verify that the database is up and running.

Note:

For an Autonomous Transaction Processing database (both Autonomous Transaction Processing-Dedicated (ATP-D) and Autonomous Transaction Processing-Dedicated (ATP-D)), you must modify the wallet settings and set the environment variables, and apply patches on ORACLE HOME. For more information, see Settings to connect to Autonomous Transaction Processing Database for Oracle Internet Directory and Applying Patches on ORACLE HOME.

See About Database Requirements for an Oracle Fusion Middleware Installation.

Parent topic: Creating the Database Schemas

Starting the Repository Creation Utility

Start the Repository Creation Utility (RCU) after you verify that a certified JDK is installed on your system.

To start the RCU:

  1. Verify that a certified JDK already exists on your system by running java -version from the command line. For 14c (14.1.2.1.0), the certified JDK is 17.0.12 and later.
  2. Ensure that the JAVA_HOME environment variable is set to the location of the certified JDK.
  3. Change to the following directory:
    • (UNIX) ORACLE_HOME/oracle_common/bin
    • (Windows) ORACLE_HOME\oracle_common\bin
  4. Enter the following command:
    • (UNIX) ./rcu
    • (Windows) rcu.bat

Parent topic: Creating the Database Schemas

Navigating the Repository Creation Utility Screens to Create Schemas

Enter required information in the RCU screens to create the database schemas.

Parent topic: Creating the Database Schemas

Introducing the RCU

The Welcome screen is the first screen that appears when you start the RCU.

Click Next.

Selecting a Method of Schema Creation

Use the Create Repository screen to select a method to create and load component schemas into the database.

On the Create Repository screen, select System Load and Product Load. This procedure assumes that you have the necessary permissions and privileges to perform DBA activities on your database, that is the SYSDBA privileges.

Note:

For an Autonomous Transaction Processing database (both Autonomous Transaction Processing-Dedicated (ATP-D) and Autonomous Transaction Processing-Dedicated (ATP-D)), you must create schemas as a Normal user, and though, you do not have full SYS or SYSDBA privileges on the database, you must select System Load and Product Load.

Providing Database Connection Details

On the Database Connection Details screen, provide the database connection details for the RCU to connect to your database.

If you are unsure of the service name for your database, you can obtain it from the SERVICE_NAMES parameter in the initialization parameter file of the database. If the initialization parameter file does not contain the SERVICE_NAMES parameter, then the service name is the same as the global database name, which is specified in the DB_NAME and DB_DOMAIN parameters.

For an Autonomous Transaction Processing-Dedicated (ATP-D) database, you must use only one of the database service names, <databasename>_tpurgent or <databasename>_tp, specified in tnsnames.ora.

To create schemas on an Autonomous Transaction Processing database (both Autonomous Transaction Processing-Dedicated (ATP-D) and Autonomous Transaction Processing-Dedicated (ATP-D)), you can specify the connection credentials using only the Connection String option. In this screen, a warning message is displayed. You can ignore the warning and continue with the schema creation. For more information, see SYS DBA Privileges Warning After Applying Patches.

Note:

You must invoke RCU twice. When you invoke RCU the first time select Database type as Oracle Database enabled for edition-based redefinition and load the EBR dependent components (STB, OPSS, IAU, IAU_Append, IAU_Viewer, and WLS). When you invoke RCU the second time, select Database type as Oracle Database and load OID.

To provide the database connection details:

  1. On the Database Connection Details screen, provide the database connection details.

    For example:

    • Database Type: Oracle Database
    • Connection String Format: Connection Parameters or Connection String
    • Connection String: examplehost.exampledomain.com:1521:Orcl.exampledomain.com
    • Host Name: examplehost.exampledomain.com
    • Port: 1521
    • Service Name: Orcl.exampledomain.com
    • User Name: sys
    • Password: ******
    • Role: SYSDBA

    For an Autonomous Transaction Processing database (both Autonomous Transaction Processing-Dedicated (ATP-D) and Autonomous Transaction Processing-Dedicated (ATP-D)), use the connect string specified in tnsnames.ora that is present in /<$ORACLE_HOME>/network/admin, which is the location of the wallet files, for your service name or TNS_alias.

    Example connect string for Autonomous Transaction Processing-Dedicated (ATP-D) database: 

    (DESCRIPTION=(CONNECT_TIMEOUT=120)(RETRY_COUNT=20)(RETRY_DELAY=3)
(TRANSPORT_CONNECT_TIMEOUT=3)(ADDRESS_LIST=(LOAD_BALANCE=on)
(ADDRESS=(PROTOCOL=<protocol_name>)(HOST=<host_name>)(PORT=<port_number>)))
(CONNECT_DATA=(SERVICE_NAME=<service_name>.atp.oraclecloud.com)))

    Example connect string for Autonomous Transaction Processing-Dedicated (ATP-D) database: 

    (DESCRIPTION=(CONNECT_TIMEOUT=120)=(RETRY_COUNT=20)(RETRY_DELAY=3)(ADDRESS=(PROTOCOL=<protocol_name>)
(PORT=<port_number>)(HOST=<host_name>))(CONNECT_DATA=(SERVICE_NAME=<service_name>.adb.oraclecloud.com))
(security=(ssl_server_cert_dn="CN=example.com, 
OU=<organizational_unit>, O=<organization>, L=<city>, ST=<state>, C=<country>")))

    Note:

    In this example for Autonomous Transaction Processing-Dedicated (ATP-D), you must use only one of the database service names, <databasename>_tpurgent or <databasename>_tp, specified in tnsnames.ora.
  2. Click Next to proceed, then click OK in the dialog window that confirms a successful database connection.
Specifying a Custom Prefix and Selecting Schemas

Select Create new prefix, specify a custom prefix, then select the Oracle Internet Directory schema. This action automatically selects the following schemas as dependencies:

Note:

Oracle Internet Directory (ODS) schema does not need a prefix. The prefix is required for the other schemas selected during the schema creation process.

You can load only one Oracle Internet Directory (ODS) schema per Database.

If you are configuring Oracle Internet Directory in a standalone mode, the following dependant schema is selected:

  • Common Infrastructure Service (STB)

If you are configuring Oracle Internet Directory in a collocated mode, the following dependant schemas are selected:

  • Oracle Platform Security Services (OPSS)

  • Audit Services (IAU)

  • Audit Services Append (IAU_Append)

  • Audit Services Viewer (IAU_Viewer)

  • WebLogic Services (WLS)

  • Common Infrastructure Service (STB)

The schema Common Infrastructure Services is automatically created. This schema is dimmed; you cannot select or deselect it. This schema enables you to retrieve information from RCU during domain configuration. For more information, see Understanding the Service Table Schema in Creating Schemas with the Repository Creation Utility.

Note:

You must invoke RCU twice. When you invoke RCU the first time select Database type as Oracle Database enabled for edition-based redefinition and load the EBR dependent components (STB, OPSS, IAU, IAU_Append, IAU_Viewer, and WLS). When you invoke RCU the second time, select Database type as Oracle Database, provide the prefix used the first time, and select Oracle Internet Directory only.

The custom prefix is used to logically group these schemas together for use in this domain only; you must create a unique set of schemas for each domain. Schema sharing across domains is not supported.

Tip:

For more information about custom prefixes, see Understanding Custom Prefixes in Creating Schemas with the Repository Creation Utility.

For more information about how to organize your schemas in a multi-domain environment, see Planning Your Schema Creation in Creating Schemas with the Repository Creation Utility.

Tip:

You must make a note of the custom prefix you choose to enter here; you will need this later on during the domain creation process.

Click Next to proceed, then click OK on the dialog window confirming that prerequisite checking for schema creation was successful.

Specifying Schema Passwords

On the Schema Passwords screen, specify how you want to set the schema passwords on your database, then enter and confirm your passwords.

Note:

For an Autonomous Transaction Processing database (both Autonomous Transaction Processing-Dedicated (ATP-D) and Autonomous Transaction Processing-Dedicated (ATP-D)), the schema password must be minimum 12 characters, and must contain at least one uppercase, one lower case, and one number.

You must make a note of the passwords you set on this screen; you will need them later on during the domain creation process.

Click Next.

Completing Schema Creation

Navigate through the remaining RCU screens to complete schema creation.

For an Autonomous Transaction Processing-Dedicated (ATP-D) database, in the Map Tablespaces screen you must override the default tablespaces and the temporary tablespaces, and also override the additional tablespaces, if applicable. See Map Tablespaces.

When you reach the Completion Summary screen, click Close to dismiss the RCU.

Note:

If you encounter any issues when you create schemas on an Autonomous Transaction Processing database (both Autonomous Transaction Processing-Dedicated (ATP-D) and Autonomous Transaction Processing-Dedicated (ATP-D)), see Troubleshooting Tips for Schema Creation on an Autonomous Transaction Processing Database in Creating Schemas with the Repository Creation Utility and Issues Related to Product Installation and Configuration on an Autonomous Database in Release Notes for Oracle Fusion Middleware Infrastructure.

Configuring the Domain

Use the Configuration Wizard to create and configure a domain.

For information on other methods to create domains, see Additional Tools for Creating, Extending, and Managing WebLogic Domains in Creating WebLogic Domains Using the Configuration Wizard.

Parent topic: Configuring Oracle Internet Directory Domain

Starting the Configuration Wizard

Start the Configuration Wizard to begin configuring a domain.

Note:

For an Autonomous Transaction Processing-Dedicated (ATP-D) database, before you start the Configuration Wizard, you must set the TNS_ADMIN property using the following command:

export TNS_ADMIN=/<$ORACLE_HOME>/network/admin.

You must change $ORACLE_HOME to your Oracle Home location. For example: export TNS_ADMIN=/users/test/network/admin

Where, /users/test/ is the Oracle Home location.

To start the Configuration Wizard:

  1. Change to the following directory:

    (UNIX) ORACLE_HOME/oracle_common/common/bin

    (Windows) ORACLE_HOME\oracle_common\common\bin

    where ORACLE_HOME is your 14c (14.1.2.1.0) Oracle home.

  2. Enter the following command:

    (UNIX) ./config.sh

    (Windows) config.cmd

Parent topic: Configuring the Domain

Navigating the Configuration Wizard Screens to Create and Configure the Domain

Enter required information in the Configuration Wizard screens to create and configure the domain for the topology.

Note:

You can use this procedure to extend an existing domain. If your needs do not match the instructions in the procedure, be sure to make your selections accordingly, or see the supporting documentation for more details.

Note:

Apply the one-off ADF patch (search for Bug ID 37376076 at https://support.oracle.com) manually using OPatch to the Oracle Internet Directory 14c (14.1.2.1.0) ORACLE_HOME after installation and before domain creation. This applies only to collocated OID installations and does not apply to standalone Oracle Internet Directory 14c (14.1.2.1.0) installations.

Parent topic: Configuring the Domain

Selecting the Configuration Type and Domain Home Location

Use the Configuration Type screen to select a Domain home directory location, optimally outside the Oracle home directory.

Oracle recommends that you locate your Domain home in accordance with the directory structure in What Are the Key Oracle Fusion Middleware Directories? in Understanding Oracle Fusion Middleware, where the Domain home is located outside the Oracle home directory. This directory structure helps avoid issues when you need to upgrade or reinstall software.

To specify the Domain type and Domain home directory:

  1. On the Configuration Type screen, select Create a new domain.
  2. In the Domain Location field, specify your Domain home directory.

For more details about this screen, see Configuration Type in Creating WebLogic Domains Using the Configuration Wizard.

Selecting the Configuration Templates for Oracle Internet Directory

On the Templates screen, make sure Create Domain Using Product Templates is selected, then select the following templates:

For standalone mode, select the following template:

  • Oracle Internet Directory (Standalone) - [oid]

For collocated mode, select the following templates:

  • Oracle Internet Directory (Collocated) - [oid]

    Selecting this template automatically selects the following as dependencies:

    • Oracle Directory Services Manager - [oid]

    • Oracle JRF - [oracle_common]

    • WebLogic Coherence Cluster Extension - [wlserver]

    • Oracle Enterprise Manager - [em]

  • Oracle Directory Integration Platform - [dip]

    Optional. Select this template if you're using OID and ODIP in the same domain.

Tip:

More information about the options on this screen can be found in Templates in Creating WebLogic Domains Using the Configuration Wizard.

Configuring the Administrator Account

Use the Administrator Account screen to specify the username and password for the default WebLogic Administrator account for the domain.

Oracle recommends that you make a note of the username and password that you enter on this screen; you need these credentials later to boot and connect to the domain's Administration Server.

Specifying the Domain Mode and JDK

Use the Domain Mode and JDK screen to specify the domain mode and Java Development Kit (JDK) for your production environment.

On the Domain Mode and JDK screen:

  • Select Production in the Domain Mode field.

  • Disable secured mode for the domain by selecting the Disable Secure Mode check-box.

  • Select the Oracle HotSpot JDK in the JDK field.

For more information about this screen, see Domain Mode and JDK in Creating WebLogic Domains Using the Configuration Wizard.
Specifying the Database Configuration Type

Use the Database Configuration type screen to specify details about the database and database schema.

On the Database Configuration type screen, select RCU Data. This option instructs the Configuration Wizard to connect to the database and Service Table (STB) schema to automatically retrieve schema information for schemas needed to configure the domain.

Note:

If you select Manual Configuration on this screen, you must manually fill in parameters for your schema on the next screen.

For an Autonomous Transaction Processing database (both Autonomous Transaction Processing-Dedicated (ATP-D) and Autonomous Transaction Processing-Dedicated (ATP-D)), you must select only the RCU Data option.

After selecting RCU Data, specify details in the following fields:

Field Description

DBMS/Service

Enter the database DBMS name, or service name if you selected a service type driver.

Example: orcl.exampledomain.com

Host Name

Enter the name of the server hosting the database.

Example: examplehost.exampledomain.com

Port

Enter the port number on which the database listens.

Example: 1521

Schema Owner

Schema Password

Enter the username and password for connecting to the database's Service Table schema. This is the schema username and password entered for the Service Table component on the Schema Passwords screen in the RCU (see Specifying Schema Passwords).

The default username is prefix_STB, where prefix is the custom prefix that you defined in the RCU.

For an Autonomous Transaction Processing database (both Autonomous Transaction Processing-Dedicated (ATP-D) and Autonomous Transaction Processing-Dedicated (ATP-D)), specify the connection credentials using only the Connection URL String option and enter the connect string in the following format:

jdbc:oracle:thin:@TNS_alias?TNS_ADMIN=/<$ORACLE_HOME>/network/admin

In the connect string, you must pass TNS_alias as the database name found in tnsnames.ora, and TNS_ADMIN property to <$ORACLE_HOME>/network/admin, which is the location of the wallet files, ojdbc.properties, and tnsnames.ora.

Example connect string for Autonomous Transaction Processing-Dedicated (ATP-D) database :

jdbc:oracle:thin:@dbname_medium?TNS_ADMIN=/users/test/network/admin

Example connect string for Autonomous Transaction Processing-Dedicated (ATP-D) database:

jdbc:oracle:thin:@dbname_tp?TNS_ADMIN=/users/test/network/admin

Click Get RCU Configuration when you finish specifying the database connection information. The following output in the Connection Result Log indicates that the operation succeeded: 

Connecting to the database server...OK
Retrieving schema data from database server...OK
Binding local schema components with retrieved data...OK

Successfully Done.

For more information about the schema installed when the RCU is run, see About the Service Table Schema in Creating Schemas with the Repository Creation Utility.

See Database Configuration Type in Creating WebLogic Domains Using the Configuration Wizard .

Specifying JDBC Component Schema Information

Use the JDBC Component Schema screen to verify or specify details about the database schemas.

Verify that the values populated on the JDBC Component Schema screen are correct for all schemas. If you selected RCU Data on the previous screen, the schema table should already be populated appropriately.

Note:

If you selected standalone mode, you must use the Datasources screen to specify details about the database schemas.

For an Autonomous Transaction Processing database (both Autonomous Transaction Processing-Dedicated (ATP-D) and Autonomous Transaction Processing Shared (ATP-S)), specify the connection credentials using the Connection URL String option only, and enter the connect string specified in tnsnames.ora that is present in /<$ORACLE_HOME>/network/admin, which is the location of the wallet files, for your service name or TNS_alias.

Example connect string for Autonomous Transaction Processing-Dedicated (ATP-D) database:

jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=120)(RETRY_COUNT=20)(RETRY_DELAY=3)
(TRANSPORT_CONNECT_TIMEOUT=3)(ADDRESS_LIST=(LOAD_BALANCE=on)(ADDRESS=(PROTOCOL=<protocol_name>)
(HOST=<host_name>)(PORT=<port_number>)))(CONNECT_DATA=(SERVICE_NAME=<service_name>.atp.oraclecloud.com)))

Example connect string for Autonomous Transaction Processing-Dedicated (ATP-D) database:

jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=120)=(RETRY_COUNT=20)(RETRY_DELAY=3)(ADDRESS=(PROTOCOL=<protocol_name>)
(PORT=<port_number>)(HOST=<host_name>))(CONNECT_DATA=(SERVICE_NAME=<service_name>.adb.oraclecloud.com))
(security=(ssl_server_cert_dn="CN=example.com, 
OU=<organizational_unit>, O=<organization>, L=<city>, ST=<state>, C=<country>")))

For high availability environments, see the following sections in High Availability Guide for additional information on configuring data sources for Oracle RAC databases:

See JDBC Component Schema in Creating WebLogic Domains Using the Configuration Wizard for more details about this screen.

Testing the JDBC Connections

Use the JDBC Component Schema Test screen to test the data source connections.

A green check mark in the Status column indicates a successful test. If you encounter any issues, see the error message in the Connection Result Log section of the screen, fix the problem, then try to test the connection again.

By default, the schema password for each schema component is the password you specified while creating your schemas.

For more information about this screen, see JDBC Component Schema Test in Creating WebLogic Domains Using the Configuration Wizard.

Selecting Advanced Configuration

Use the Advanced Configuration screen to complete the domain configuration.

On the Advanced Configuration screen, select:

  • Administration Server

    Required to properly configure the listen address of the Administration Server.

  • Node Manager

    Required to configure Node Manager.

  • Topology

    Select Topology to configure machines and assign the Administration Server to a machine. Note that you cannot configure the oid system component using the Configuration Wizard. The oid instance is configured after the domain configuration. See Performing the Initial Oracle Internet Directory Setup.

Optionally, select other available options as required for your desired installation environment. The steps in this guide describe a standard installation topology, but you may choose to follow a different path. If your installation requirements extend to additional options outside the scope of this guide, you may be presented with additional screens to configure those options. For information about all Configuration Wizard screens, see Configuration Wizard Screens in Creating WebLogic Domains Using the Configuration Wizard.

Configuring the Administration Server Listen Address

Use the Administration Server screen to select the Listen Address and configure the Administration Server ports.

Note:

The default port values will vary depening on how you conifigured your domain. The Enable SSL Listen Port is enabled by default, but the default values may change. For a list of default values, see Port Numbers by Product and Component.

  1. Provide a name for the Administration Server. The name field must not be null or empty and cannot contain any special characters.
  2. Select the drop-down list next to Listen Address and select the IP address of the host where the Administration Server will reside or use the system name or DNS name that maps to a single IP address. Do not use All Local Addresses.
  3. Verify the port settings. When the domain type is set to Production, then the Enable SSL Listen Port option is enabled by default. Do not specify any server groups for the Administration Server.

    Note:

    You can change the port values as needed, but they must be unique. If the same port numbers are used for different ports, you will not be able to navigate to the next step in the Configuration Wizard.

For more information, see Specifying the Listen Address in Creating WebLogic Domains Using the Configuration Wizard.

Configuring Node Manager

Use the Node Manager screen to select the type of Node Manager you want to configure, along with the Node Manager credentials.

Select Per Domain Default Location as the Node Manager type, then specify Node Manager credentials.

For more information about this screen, see Node Manager in Creating WebLogic Domains Using the Configuration Wizard.

For more information about Node Manager types, see About Node Manager in Administering Node Manager for Oracle WebLogic Server.

Configuring Managed Servers

If you do not plan to create a WebLogic managed server during installation, click Next and proceed. A WebLogic managed server is not required for OID and Oracle Directory Services Manager (ODSM) gets deployed on the administration server.

Note:

If you are configuring Oracle Internet Directory and Oracle Directory Integration Platform in the same domain then you must configure the Managed Server. By default, wls_ods1 is the Managed Server for Oracle Directory Integration Platform.

If you plan to create a WebLogic managed server during installation, ensure that you associate the Server Groups to the managed server. This step deploys the ODSM/oiddms on the administration server.

Note:

Server Groups are WebLogic Server constructs that are used to organize resources such as hostname(s) being part of a 'machine'.

If you do not select any server groups for the managed server and ODSM/oiddms are deployed on the managed server, then use the Administration Server Console to remove oiddms from the managed sever and deploy them on the administration server.

Configuring a Cluster

You can skip this screen as it is not applicable to Oracle Internet Directory.

Click Next.

Tip:

For more information about this screen, see Clusters in Creating WebLogic Domains Using the Configuration Wizard.

Defining Server Templates

Click Next and proceed, as this is not applicable to Oracle Internet Directory.

Configuring Coherence Clusters

You can skip this screen as it is not applicable to Oracle Internet Directory.

Click Next.
Creating a New Oracle Internet Directory Machine

Use the Machines screen to update the default machine listed on the screen — oidhost1. A machine is required so that Node Manager can start and stop servers.

If you plan to create a high availability environment and know the list of machines your target topology requires, you can follow the instructions in this section to create all the machines at this time. For more about scale out steps, see Optional Scale Out Procedure in High Availability Guide.

Select the default machine oidhost1 that is listed, and update the Listen Port to appropriate value based on the Node Manager listen port number.

Note:

Do not change the name of the default machine (oidhost1), as the WLST command oid_setup() run for setting up the OID instance, later during the post-configuration stage (as described in Performing the Initial Oracle Internet Directory Setup), relies on this name.

For more information about this screen, see Machines in Creating WebLogic Domains Using the Configuration Wizard.

Assigning Servers to Oracle Internet Directory Machines

Use the Assign Servers to Machines screen to assign the Administration Server to the default machine oidhost1 that is listed.

On the Assign Servers to Machines screen:

  1. In the Machines pane, select the default machine oidhost1 that is listed.
  2. In the Servers pane, assign AdminServer to oidhost1 by doing one of the following:

    • Click once on AdminServer to select it, then click the right arrow to move it beneath the selected machine (oidhost1) in the Machines pane.

    • Double-click on AdminServer to move it beneath the selected machine (oidhost1) in the Machines pane.

Virtual Targets

You can skip this screen for Oracle Internet Directory configuration.

Click Next and proceed.

Partitions

Click Next as this is not applicable to Oracle Internet Directory.

For details about options on this screen, see Partitions in Creating WebLogic Domains Using the Configuration Wizard.

Reviewing Your Configuration Specifications and Configuring the Domain

The Configuration Summary screen shows detailed configuration information for the domain you are about to create.

Review each item on the screen and verify that the information is correct. To make any changes, go back to a screen by clicking the Back button or selecting the screen in the navigation pane. Domain creation does not start until you click Create.

For more details about options on this screen, see Configuration Summary in Creating WebLogic Domains Using the Configuration Wizard.

Writing Down Your Domain Home and Administration Server URL

The End of Configuration screen shows information about the domain you just configured.

Make a note of the following items because you need them later:

  • Domain Location

  • Administration Server URL

You need the domain location to access scripts that start Node Manager and Administration Server, and you need the URL to access the Administration Server.

Click Finish to dismiss the Configuration Wizard.

Prerequisites for an Autonomous Transaction Processing-Dedicated (ATP-D) database

In case of a standalone and collocated Oracle Internet Directory (OID) configuration, after configuring the domain, you must modify the wallet settings and update the classpath before you start the servers.

Refer to the following topics based on your configuration mode:

Parent topic: Configuring Oracle Internet Directory Domain

Prerequisites for Standalone Oracle Internet Directory Configuration with an Autonomous Transaction Processing-Dedicated (ATP-D) database

In case of a standalone Oracle Internet Directory (OID) configuration, after configuring the domain, you must modify the wallet settings and update the classpath before you start the Node Manager.

  1. Copy the wallet files from <$ORACLE_HOME>/network/admin to <$DOMAIN_HOME>/config/fmwconfig/components/OID/config .
  2. Update the ojdbc.properties file as follows: 
    # Connection property while using Oracle wallets.
#oracle.net.wallet_location=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=${TNS
_ADMIN})))
SSL_SERVER_DN_MATCH=yes
# FOLLOW THESE STEPS FOR USING JAVA KEYSTORE (JKS)
# (1) Uncomment the following properties to use JKS.
# (2) Comment out the oracle.net.wallet_location property above
# (3) Set the correct password for both trustStorePassword and
keyStorePassword. 
# The keyStorePassword and trustStorePassword are the passwords you specified when downloading the wallet from OCI Console
 or the Service Console..
javax.net.ssl.trustStoreType=JKS
javax.net.ssl.trustStore=<DOMAIN_HOME>/config/fmwconfig/components/OID/config/truststor
e.jks
javax.net.ssl.trustStorePassword=<trustStorePassword>
javax.net.ssl.keyStoreType=JKS
javax.net.ssl.keyStore=<DOMAIN_HOME>/config/fmwconfig/components/OID/config/keystore.jk
s
javax.net.ssl.keyStorePassword=<keyStorePassword>

    Note:

    Make sure to comment the wallet related property in ojdbc.properties

    For example:

    #oracle.net.wallet_location=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=${TNS_ADMIN})))
  3. Create the file ojdbc_OIDDB.properties in the wallet location, <DOMAIN_HOME>/config/fmwconfig/components/OID/config/, and copy contents of ojdbc.properties to the new file ojdbc_OIDDB.properties.
  4. Modify the wallet location in the sqlnet.ora file as follows: 
    WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY="<DOMAIN_HOME>/config/fmwconfig/components/OID/config/")))
  5. Replace all contents of tnsnames.ora in <$DOMAIN_HOME>/config/fmwconfig/components/OID/config as follows: 
    OIDDB=<connect string given in RCU>

    See Connection Credentials for an Autonomous Transaction Processing Database.

    For example:

    OIDDB=(DESCRIPTION=(CONNECT_TIMEOUT=120)=(RETRY_COUNT=20)(RETRY_DELAY=3)(ADDRESS=(PROTOCOL=<protocol_name>)
(PORT=<port_number>)(HOST=<host_name>))(CONNECT_DATA=(SERVICE_NAME=<service_name>.adb.oraclecloud.com))
(security=(ssl_server_cert_dn="CN=adwc.uscom-east-1.oraclecloud.com, 
OU=Oracle BMCS US, O=Oracle Corporation, L=Redwood City, ST=California, C=US")))
  6. Update the classpath in <$DOMAIN_HOME>/bin/startNodeManager.sh.

    The classpath before update looks similar to:

    POST_CLASSPATH="/home/opc/idm/mwoc5/oid/../jdbc/lib/ojdbc7_g.jar${CLASSPATHSEP}${POST_CLASSPATH}"

    The classpath after update looks similar to:

    PRE_CLASSPATH="<ORACLE_HOME>/oracle_common/modules/oracle.jdbc/ojdbc8.jar"
export PRE_CLASSPATH
POST_CLASSPATH="<ORACLE_HOME>/oracle_common/modules/oracle.jdbc/ojdbc8.jar${CLASSPATHSEP}${POST_CLASSPATH}"
export POST_CLASSPATH

Parent topic: Prerequisites for an Autonomous Transaction Processing-Dedicated (ATP-D) database

Prerequisites for Collocated Oracle Internet Directory Configuration with an Autonomous Transaction Processing-Dedicated (ATP-D) database

In case of a collocated Oracle Internet Directory (OID) configuration, after configuring the domain, you must modify the wallet settings before you start the Administration Server and the Node Manager.

  1. Copy the wallet files from <$ORACLE_HOME>/network/admin to <$DOMAIN_HOME>/config/fmwconfig/components/OID/config .
  2. Replace all contents of tnsnames.ora in <$DOMAIN_HOME>/config/fmwconfig/components/OID/config as follows: 
    OIDDB=<connect string given in RCU>

    See Connection Credentials for an Autonomous Transaction Processing Database.

    For example:

    OIDDB=(DESCRIPTION=(CONNECT_TIMEOUT=120)=(RETRY_COUNT=20)(RETRY_DELAY=3)(ADDRESS=(PROTOCOL=<protocol_name>)
(PORT=<port_number>)(HOST=<host_name>))(CONNECT_DATA=(SERVICE_NAME=<service_name>.adb.oraclecloud.com))
(security=(ssl_server_cert_dn="CN=adwc.uscom-east-1.oraclecloud.com, 
OU=Oracle BMCS US, O=Oracle Corporation, L=Redwood City, ST=California, C=US")))
  3. Modify the wallet location in the sqlnet.ora file as follows: 
    WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY="<DOMAIN_HOME>/config/fmwconfig/components/OID/config/")))

Parent topic: Prerequisites for an Autonomous Transaction Processing-Dedicated (ATP-D) database

Starting Servers and Processes

After configuration is complete, start the servers and the processes.

For more information on additional tools you can use to manage your domain, see Overview of Oracle Fusion Middleware Administration Tools in Administering Oracle Fusion Middleware.

Refer to the following topics based on your configuration mode:

Parent topic: Configuring Oracle Internet Directory Domain

Starting the Servers for Standalone Oracle Internet Directory

In case of a standalone Oracle Internet Directory (OID) configuration, start the Node Manager. The OID instance will be started when you perform the initial OID setup in the later sections.

For an Autonomous Transaction Processing-Dedicated (ATP-D) database, you must modify the wallet settings and update the classpath before you start the Node Manager. See Prerequisites for Standalone Oracle Internet Directory Configuration with an Autonomous Transaction Processing-Dedicated (ATP-D) database.

To start the Node Manager, use the following command:

  • (UNIX) DOMAIN_HOME/bin/startNodeManager.sh

  • (Windows) DOMAIN_HOME\bin\startNodeManager.cmd

Note:

Before starting the Node Manager, make sure that any changes made to the default port in nodemanager.properties reflects in the corresponding associated machine as well.

For an Autonomous Transaction Processing-Dedicated (ATP-D) database, before starting the Node Manager, set TNS_ADMIN property to <$DOMAIN_HOME>/config/fmwconfig/components/OID/config/ using the following command:

export TNS_ADMIN=<$DOMAIN_HOME>/config/fmwconfig/components/OID/config.

Parent topic: Starting Servers and Processes

Starting Servers and Processes for Collocated Oracle Internet Directory

In case of a collocated Oracle Internet Directory (OID) configuration, start the Administration Server and the Node Manager. The OID instance will be started when you perform the initial OID setup in the later sections.

The components may be dependent on each other so they must be started in the correct order.

Note:

The procedures in this section describe how to start servers and processes using the WLST command-line utility or a script. You can also use the Oracle Fusion Middleware Control and the Oracle WebLogic Server Remote Console. See Starting and Stopping Administration and Managed Servers and Node Manager.

As of release 14c (14.1.2.0.0), the WebLogic Server Administration Console has been removed. For comparable functionality, you should use the WebLogic Remote Console. For more information, see Oracle WebLogic Remote Console.

To start your Fusion Middleware environment, follow the steps below:

Note:

Depending on your existing security settings, you may need to perform additional configuration before you can manage a domain with secured production mode enabled. For more information, see Connecting to the Administration Server using WebLogic Remote Console

.

Step 1: Start the Administration Server

To start the Administration Server, use the startWebLogic script:

  • (UNIX) NEW_DOMAIN_HOME/bin/startWebLogic.sh

  • (Windows) NEW_DOMAIN_HOME\bin\startWebLogic.cmd

    Note:

    When using secured production mode, you must provide additional parameters to start the Administration Server. See Connecting to the Administration Server using WLST in Administering Security for Oracle WebLogic Server.

When prompted, enter your user name, password, and the URL of the Administration Server.

Step 2: Start Node Manager

To start Node Manager, use the startNodeManager script:

  • (UNIX) DOMAIN_HOME/bin/startNodeManager.sh

  • (Windows) DOMAIN_HOME\bin\startNodeManager.cmd

Note:

Before starting the Node Manager, make sure that any changes made to the default port in nodemanager.properties reflects in the corresponding associated machine as well.

Step 3: Start System Components

To start system components, use the startComponent script:

  • (UNIX) NEW_DOMAIN_HOME/bin/startComponent.sh component_name

  • (Windows) NEW_DOMAIN_HOME\bin\startComponent.cmd component_name

You can start system components in any order.

Parent topic: Starting Servers and Processes

Performing the Initial Oracle Internet Directory Setup

Use the wlst command from a different terminal to connect to Administration Server and set up Oracle Internet Directory.

To perform the initial setup of OID, do the following:
  1. If you are running in secure production mode, export the following before launching the WLST tool:
    setenv WLST_PROPERTIES 
"-Dweblogic.security.TrustKeyStore=CustomTrust
          -Dweblogic.security.CustomTrustKeyStoreFileName=<Location_of_PKCS12_keystores>/trust.p12
          -Dweblogic.security.CustomTrustKeyStorePassPhrase=trustKeyStorePassword"
  2. Run the following command from the location ORACLE_HOME/oracle_common/common/bin to launch the WLST tool:
    ./wlst.sh
  3. In case of a standalone Oracle Internet Directory configuration, connect to the Node Manager using the following command:
    nmConnect(username='wls_user',password='password',domainName='base_domain')
    In case of a collocated Oracle Internet Directory configuration, connect to the Administration Server using the following command:
    connect('Admin_username','Admin_password','t3://Admin_host:Admin_port’)
  4. Run the following command to perform the initial setup of OID:
    From location:
    • For standalone mode: /base_domain
    • For collocated mode: /base_domain/serverConfig
    oid_setup(orcladminPassword='password',odsPassword='password',realmDN='<your realm>' port='nnnn', sslPort='nnnn', host='hostname' )

    where,

    realmDN='<dc=<xxxx>,dc=<company name>, dc=com>'

    Note:

    For information about the other optional arguments that can be used with oid_setup command, run the following command:

    help('oid_setup')

    You can use the appropriate arguments for running OID on custom SSL and non-SSL ports, setting instanceName, port, hostname, machineName as input parameters etc.

    The command oid_setup() performs the following operations:

    • Sets the password for cn=orcladmin user.

    • Creates the first oid1 instance. The following parameters are set by default when oid_setup is run:

      • instanceName = 'oid1'

      • host = 'hostname of the current machine'

      • port = '3060'

      • machine = 'oidhost1'

        This gets created automatically when you run config.sh.

      • sslPort = '3131'

    • Starts the OID instance oid1 .

    • Creates the realm.

      Note:

      If the realm is not provided then 'dc=us,dc=oracle,dc=com' realm is created automatically.

Note:

For more information about managing Oracle Internet Directory components using WLST commands, see Managing Oracle Internet Directory Components by Using WLST Commands in the Administering Oracle Internet Directory.

Parent topic: Configuring Oracle Internet Directory Domain

Verifying the Configuration

After completing all configuration steps, you can perform additional steps to verify that your domain is properly configured.

To verify the Oracle Internet Directory (OID) is configured successfully, do the following:

  1. Set the environment variable ORACLE_HOME to the new 14c ORACLE_HOME location.

  2. Run the following command to check on the OID instance:

    ORACLE_HOME/bin/ldapbind -h OID_HOST -p OID_PORT

For additional configuration and administration tasks, see Performing Additional Domain Configuration Tasks.

Parent topic: Configuring Oracle Internet Directory Domain