5.9 Cleaning Up Installation

Perform the following steps to clean up an OAA, OARM, and OUA installation completely.

  1. From the installation host, connect to the management container and delete the file based vault and the logs from their respective NFS mounts:
    kubectl exec -n <namespace> -ti oaamgmt-oaa-mgmt-7d7597c694-tzzdz -- /bin/bash
$ rm -rf /u01/oracle/logs/*
$ rm -rf /u01/oracle/service/store/oaa/.*
$ exit
  2. Run the following to find the helm charts installed:
    helm ls -n <namespace>
    For example:
    helm ls -n oaans
    The output will look similar to the following:
    NAME            NAMESPACE       REVISION        UPDATED   STATUS          CHART                 APP VERSION
oaainstall      oaans           1               <date>    deployed        oaa-1.0.0-<tag>       0.1.0
oaamgmt         oaans           1               <date>    deployed        oaa-mgmt-1.0.0-<tag>  0.1.0
    Delete the OAA charts:
    helm delete oaainstall -n oaans
helm delete oaamgmt -n oaans
  3. Outside the container, run:
    kubectl get pods -n oaans
    If any pods remain then run:
    kubectl delete <pod_name> -n <namespace>
  4. Delete the OAuth client and resources:
    1. Encode the OAM administrator user and its password by using the command:
      echo -n <username>:<password> | base64
      For example: 
      echo -n oamadmin:<password> | base64
      This value should be used for <ENCODED_OAMADMIN> in the examples below.
    2. Delete the OAuth Client. For example:
      curl --location --request DELETE 'http://<OAuth_Host>:<OAuth_port>/oam/services/rest/ssa/api/v1/oauthpolicyadmin/client?name=OAAClient&identityDomainName=OAADomain' \
--header 'Authorization: Basic <ENCODED_OAMADMIN>'
    3. Delete the OAuth Resource Server. For example:
      curl --location --request DELETE 'http://<OAuth_Host>:<OAuth_port>/oam/services/rest/ssa/api/v1/oauthpolicyadmin/application?name=OAAResource&identityDomainName=OAADomain' \
--header 'Authorization: Basic <ENCODED_OAMADMIN>'
    4. Delete the OAuth Domain. For example:
      curl --location --request DELETE 'http://<OAuth_Host>:<OAuth_port>/oam/services/rest/ssa/api/v1/oauthpolicyadmin/oauthidentitydomain?name=OAADomain' \
--header 'Authorization: Basic <ENCODED_OAMADMIN>'
  5. Login to the Oracle Access Management Administration console and perform the following tasks:
    1. In the Application Security Launchpad, click Application Domains.
    2. In the Search Application Domains screen, click Search.
    3. In the Search Results, click IAM Suite.
    4. Click Resources and Search
    5. For any resources that use the OAA_MFA-Policy, edit the resource and choose a different policy. Click Apply.
    6. Click on the Authentication Policies tab and delete the OAA_MFA-Policy. Click Delete to confirm.
    7. In the Application Security Launchpad, click Authentication Schemes. Click Search. Delete the OAA-MFA-Scheme and click Delete to confirm.
    8. In the Application Security Launchpad, click Authentication Modules. Click Search. Delete the OAA-MFA-Authn-Module and click Delete to confirm.
  6. Drop the database schemas as follows, Replace <OAA_RCU_PREFIX> with your OAA schema. You can find the schema name used for the installation in the installOAA.properties, for example database.schema=DEV_OAA:
    sqlplus sys/<password> as SYSDBA

alter session set "_oracle_script"=TRUE; ** Required for PDB’s only **

drop user <OAA_RCU_PREFIX>_OAA cascade;
delete from SCHEMA_VERSION_REGISTRY where comp_name='Oracle Advanced Authentication' and OWNER=UPPER('<OAA_RCU_PREFIX>_OAA');

commit;

set pages 0
set feedback off
spool /tmp/drop_directories.sql
select 'drop directory '||directory_name||';' from all_directories where directory_name like 'EXPORT%'
/
spool off
@/tmp/drop_directories
  7. In order to repeat the pull/tag/push of the OAA images, remove the directory $WORKDIR/oaaimages/oaa-install/oaainstall-tmp before rerunning the installManagementContainer.sh script.