6 Performing an Out-of-Place Upgrade of Oracle Identity Manager
The procedure discussed in this guide explains how to upgrade an existing Oracle Identity Manager 11g (11.1.2.3) to Oracle Identity Manager 12c (12.2.1.3.0).
To prepare for the upgrad of Oracle Identity Manager, verify that your system meets the basic requirements discussed in Pre-Upgrade Assessments.
This chapter includes the following topics:
- Pre-Upgrade Assessments
Before starting the out-of-place upgrade of Oracle Identity Manager, you must carefully check the cross-product interoperability and compatibility, system requirements, and certification requirements. - Migrating Entities from 11g to 12c
After you have installed the OIG 12c environment as per your requirements, migrate the following entities from 11g to 12c environment: - Tuning Considerations
- Increasing the Maximum Message Size for WebLogic Server Session Replication
Parent topic: Out-of-Place Upgrade of Oracle Identity Manager
Pre-Upgrade Assessments
Before starting the out-of-place upgrade of Oracle Identity Manager, you must carefully check the cross-product interoperability and compatibility, system requirements, and certification requirements.
Install the 12c (12.2.1.3.0) version of Oracle Identity Governance as per your requirements (large, medium, or small deployment) on new hardware.
For more information, see Installing and Configuring the Oracle Identity Governance Software. You must configure the new system by integrating components, as necessary.
The pre-upgrade check includes reviewing your current OIM 11g (11.1.2.3) environment before starting the upgrade to OIM 12c (12.2.1.3.0), and then creating a list of features or components currently being used, such as OIM workflows, connectors, provisioning, targets, workflow policies, and admin roles/capabilities.
For more information, see Pre-Upgrade Requirements.
Migrating Entities from 11g to 12c
After you have installed the OIG 12c environment as per your requirements, migrate the following entities from 11g to 12c environment:
Organizations
Following options are available to migrate Organization records from the current OIM 11g (11.1.2.3) environment to 12c:
Option 1- Organization Bulk Load Utility
This option involves creating a source database table or a CSV file that contains the data you want to migrate.
For more information on using CSV files or creating database tables, see Creating the Input Source for the Bulk Load Operation in Developing and Customizing Applications for Oracle Identity Governance.
Option 2- Export And Import Feature In Sysadmin Console
After you have created your source data, you need to import the source data into the new 12c target system. For more information, see Migrating Incrementally Using the Deployment Manager.
Parent topic: Migrating Entities from 11g to 12c
Connectors
You should review the latest version of the connector available for 12c and use Application on Boarding (AoB) to create such connectors.
A new installation enables you to upgrade your targets to newer versions that are certified with 12c connectors.
If 12c connectors are not available, you can export or import existing user data as long as those connectors are supported in the 12c OIM server.
For more information, see Oracle Identity Governance 12c Connectors documentation.
For downloading connectors, see the Oracle Identity Governance Connector Downloads page.
For certification information for Oracle Identity Manager Connectors, see Oracle Identity Governance Connectors Certification.
Note:
If the connectors installed on 11g (11.1.2.3) have no 12c version, you must check the certification, and then upgrade the existing connector to make it compatible with OIG 12c.Parent topic: Migrating Entities from 11g to 12c
Accounts
Note:
Target systems are applications such as database, LDAP, and so on, which OIM connects to using the OIM connectors.
Following options are available to load your accounts:
-
Option 1: If the target system has account data, you can bulk load the account details (or data) by using the Bulk Load Utility. See Loading Account Data in Developing and Customizing Applications for Oracle Identity Governance guide.
-
Option 2: You can load the target system account data into the new environment by using connector the reconciliation jobs.
Parent topic: Migrating Entities from 11g to 12c
Roles (Role, Role Membership, and Categories)
You can use the OIM Bulk Load Utility to import roles, role membership, and categories from a table or a CSV file. Export the relevant data files from the source OIM database.
For information on how to export and import this data, see Loading Role, Role Hierarchy, Role Membership, and Role Category Data in Developing and Customizing Applications for Oracle Identity Governance.
Parent topic: Migrating Entities from 11g to 12c
User Records
Following options are available to migrate user records from current OIM 11g (11.1.2.3) environment to 12c:
Option 1 - User Bulk Load Utility
This option includes exporting the user records to a table or a CSV file that will act as a source. See Loading OIM User Data in Developing and Customizing Applications for Oracle Identity Governance guide.
Option 2- Trusted Recon of Users from 11g to 12c
This option includes using the Database User Management (DBUM) connector or a flat file connector to migrate the user records.
Note:
You cannot migrate user passwords by using the above options. You can set up SSO or LDAP as an authentication provider.
Parent topic: Migrating Entities from 11g to 12c
User Customizations
If you have added the custom User Defined Fields (UDF) in OIM 11g (11.1.2.3), you must create those UDFs in 12c as well.
WARNING:
Oracle does not support UDF migration (Deployment Manager and ADF Sandboxes).
Note:
To check if import or export from 11g (11.1.2.3) to 12c works, export the user metadata from the 11g (11.1.2.3) environment and import it to 12c, get the corresponding ADF sandbox, and then import it to 12c.
Parent topic: Migrating Entities from 11g to 12c
Others
You can also migrate the following items from your 11g (11.1.2.3) environmen to 12c environment by using the Export/Import option in the sysadmin console:
- Access policies
- Admin roles
- Application instances
- Approval policies
- Catalog UDFs
- Certification configurations
- Certification definitions
- Custom resource bundles
- E-mail definitions
- Error codes
- Event handlers
- Identity Audit configuration
- Identity Audit rules
- Identity Audit scan definitions
- IT resource definition
- IT resources
- JAR files
- Lookup definitions
- Notification templates
- Organization metadata
- Organizations
- Password policies
- Policies
- Plug-ins
- Prepopulation adapters
- Process definitions
- Process forms
- Provisioning workflows and process task adapters
- Request datasets
- Resource objects
- Risk configuration
- Role metadata
- Roles
- Scheduled jobs
- Scheduled tasks
- System properties
- User metadata
For more information, see Migrating Incrementally Using the Deployment Manager and Moving From Test to Production in the Administering Oracle Identity Manager guide.
Parent topic: Migrating Entities from 11g to 12c
Tuning Considerations
As a post-upgrade step, you must follow the performance tuning guidelines provided in the tuning documentation. See Oracle Identity Governance Performance Tuning.
Also, you should check the existing 11g (11.1.2.3) system for custom indexes and create them in the 12c system.
Increasing the Maximum Message Size for WebLogic Server Session Replication
As part of the post-upgrade tasks, Oracle recommends you to modify the Maximum Message Size from the default vale of 10 MB to 100 MB. This value is used to replicate the session data across the nodes. You should perform this step for all the Managed servers and the Administration server.
- Log in to the WebLogic Server Administration Console.
- Navigate to Servers, select Protocols, and then click General.
- Set the value of Maximum Message Size to 100 MB.