Oracle Fusion Applications Installation: Configure Oracle Identity and Access Management components

Previous: Apply mandatory Patches

Configuring Oracle Identity Management components” can be divided into following tasks. Please note that we will not configure Oracle Virtual Directory, Oracle Identity Federation etc.

 

  1. Configuring the Web Tier
  2. Create Weblogic Domain for Identity Management
  3. Extend the Domain to include Oracle Internet Directory
  4. Extend the Domain to include Oracle Directory Service Manager (ODSM)
  5. Prepare Identity and Policy Stores
  6. Extend the Domain to include Oracle Virtual Directory (Optional)
  7. Configure Oracle Access Manager 11g (OAM)
  8. Configure Oracle Identity Manager (OIM) and Oracle SOA Suite
  9. Post-configure tasks

     

    Configure Web Tier

     

    Start the configuration from <Web_Home>/bin

     

    -bash-3.2$ cd /app/fusion/fmw/web/bin/

    -bash-3.2$ ./config.sh

    configure-extra1

     

     

    Click Next

    On next page, select only Oracle HTTP Server and deselect other checkboxes. Click Next

     

    Enter following details and click Next

     

    Instance Home Location: /app/fusion/admin/web1

    Instance Name: web1

    OHS Component Name: ohs1

     

     

    Select “Specify Ports using Configuration file”. Open another shell window and copy the staticports.ini from staging directory.

     

    -bash-3.2$ cp -p /u02/stage/installers/webtier/Disk1/stage/Response/staticports.ini ~/

     

    Click View/Edit File

     

     

    Edit/uncomment the following values.

     

    OPMN Local Port = 6700

    OHS Port = 7777

     

     

    Click Save

     

     

     

    Deselect the check box and click Next

     

     

    Click Yes

     

     

    Review the summary and click Configure

     

     

    Once installation is successful, click Next

     

     

    Review the summary and click Finish

     

    -bash-3.2$ ps -ef | grep http

    fusion 3568 3558 0 13:00:05 ? 0:00 /app/fusion/fmw/web/ohs/bin/httpd.worker -DSSL

    fusion 3558 3553 0 13:00:02 ? 0:01 /app/fusion/fmw/web/ohs/bin/httpd.worker -DSSL

    fusion 3567 3558 0 13:00:05 ? 0:00 /app/fusion/fmw/web/ohs/bin/httpd.worker -DSSL

    fusion 3566 3558 0 13:00:05 ? 0:00 /app/fusion/fmw/web/ohs/bin/httpd.worker -DSSL

    fusion 3584 21657 0 13:00:40 pts/1 0:00 grep http

     

    -bash-3.2$ vi /app/fusion/admin/web1/config/OHS/ohs1/httpd.conf

    Change to following (dba or oinstall based on fusion user group)

     

    User fusion

    Group dba

     

    Launch http://<hostname>:7777 to make sure that HTTP home page is appearing.

     

     

    Make a backup of httpd.conf

     

    -bash-3.2$ cp -pr /app/fusion/admin/web1/config/OHS/ohs1/httpd.conf /app/fusion/admin/web1/config/OHS/ohs1/httpd.conf_orig

     

    Modify following values in httpd.conf

     

    -bash-3.2$ vi /app/fusion/admin/web1/config/OHS/ohs1/httpd.conf

    <IfModule mpm_worker_module>

    ServerLimit 20

    StartServers 2

    MaxClients 1000

    MinSpareThreads 200

    MaxSpareThreads 800

    ThreadsPerChild 50

    MaxRequestsPerChild 10000

    AcceptMutex fcntl

    LockFile “${ORACLE_INSTANCE}/diagnostics/logs/${COMPONENT_TYPE}/${COMPONENT_NAME}/http_lock”

    </IfModule>

     

     

    Create Weblogic Domain for Identity Management

     

    Start the configuration from <Middleware Home>/oracle_common/commin/bin

     

    -bash-3.2$ cd /app/fusion/fmw/oracle_common/common/bin/

    -bash-3.2$ ./config.sh &

     

     

     

    Select “Create a new Weblogic domain” and click Next

     

     

    For single domain creation, select:

    – Oracle Identity Manager 11.1.1.3.0 [iam]

    – Oracle SOA Suite – 11.1.1.0 [soa]

    – Oracle Enterprise Manager [oracle_common]

    – Oracle Access Manager with Database Policy Store – 11.1.1.3.0 [iam]

    – Oracle WSM Policy Manager – 11.1.1.0 [oracle_common]

    – Oracle JRF [oracle_common] (This should be selected automatically.)

     

    Click Next

     

     

     

    Enter following values.

    Domain Name: IDMDomain

    Domain location: /app/fusion/admin/IDMDomain/aserver

    Application location: Populated automatically

    Click Next

     

     

    Enter name “weblogic” and desired password. Click Next

     

     

    Select “Production Mode” and make sure correct JDK is selected. Click Next

     

     

    Make sure to change each username to PROD_ since we have modified the prefix earlier. Then select all checkboxes to apply same password. Enter database server details and click Next

     


     

    Once connection test is successful, click Next

     

     

    Select “Administration Server” and “Managed servers, clusters and Machines”. Click Next

     

     

    Enter following values.

    Name: AdminServer

    Listen address: <hostname>

    Listen Port: <7001>

     

    We are not using SSL here so click Next

     

    In the “Configure Managed Servers” screen enter following values.

     

    wls_oam1 , <hostname>, 14100 (OAM Server)

    wls_soa1, <hostname>, 8001 (SOA Server)

    wls_oim1, <hostname>, 14000 (OIM Server)

     

    Click Next

     

     

    Click Next

     

     

    Since we are using Unix machine, we must delete this entry. Click Delete

     

     

    This tab should look like this.

     

    Click on “Unix Machine” tab and enter following values. And click Next

     

    Name: <hostname>

    Node Manager listen address: <hostname>

    Node manager listen port: 5556

     

     

    Select all managed servers on left side and click on right arrow to assign all servers to our single node. Click Next

     

     

    Review the summary and click “Create

     

     

    Once creation is complete, click Done

     

    Prepare Admin server for startup without prompting password

     

    -bash-3.2$ mkdir -p /app/fusion/admin/IDMDomain/aserver/IDMDomain/servers/AdminServer/security

    -bash-3.2$
    cd /app/fusion/admin/IDMDomain/aserver/IDMDomain/servers/AdminServer/security

    -bash-3.2$ vi boot.properties

     

    Enter following values and save the file

     

    username=weblogic

    password=Oracle123 (or whichever password you chose)

     

    Note: The username and password entries in the file are not encrypted until you start the Administration Server. For security reasons, minimize the time the entries in the file are left unencrypted. After you edit the file, start the server as soon as possible so that the entries are encrypted.

     

    Configure and start Node Manager

     

    -bash-3.2$ cd /app/fusion/fmw/wlserver_10.3/server/bin/

    -bash-3.2$ ./startNodeManager.sh &

    INFO: Secure socket listener started on port 5556

     

    Once you see the above message, node manager is able to start correctly.

     

    Kill the node manager process.

     

    -bash-3.2$ ps -ef | grep Node

    fusion 5563 21657 0 13:32:01 pts/1 0:00 grep Node

    fusion 5511 21657 0 13:31:31 pts/1 0:00 /bin/sh ./startNodeManager.sh

     

    -bash-3.2$ kill -9 5511

     

    Set the node manager properties

     

    -bash-3.2$ cd /app/fusion/fmw/oracle_common/common/bin

     

    -bash-3.2$ ./setNMProps.sh

    Appending required nodemanager.properties

     

    To confirm the changes,

     

    -bash-3.2$ tail -f /app/fusion/fmw/wlserver_10.3/common/nodemanager/nodemanager.properties

    #Required NM Property overrides (append to existing nodemanager.properties)

    StartScriptEnabled=true

     

    Start node manager in nohup mode so that it keeps running after you close the shell.

     

    -bash-3.2$ cd /app/fusion/fmw/wlserver_10.3/server/bin/

    -bash-3.2$ nohup ./startNodeManager.sh &

     

    Start Weblogic Admin server

     

    -bash-3.2$ cd /app/fusion/admin/IDMDomain/aserver/IDMDomain/bin

    -bash-3.2$ nohup ./startWebLogic.sh &

    -bash-3.2$ tail -f nohup.out

    Wait till you see this message.

    <Notice> <WebLogicServer> <BEA-000360> <Server started in RUNNING mode>

     

    ==========

    Note: If you ever get error like

    <Info> <Management> <BEA-141281> <unable to get file lock, will retry …>

    Then do the following

    Kill any running processes for startWeblogic.sh and then remove the lock files as follows.

     

    -bash-3.2$ rm /app/fusion/admin/IDMDomain/aserver/IDMDomain/servers/AdminServer/tmp/AdminServer.lok

     

    This error appears if you the admin server or managed server did not stop properly earlier.

    ==========

    Make sure Admin server is started properly by launching the URL http://<hostname>:7001/console

     

     

    Login with “weblogic” user.

     

     

    Launch Enterprise Manager URL

    http://<hostname>:7001/em

     

     

    Login with weblogic user

     

     

     

    Setup Aliases

     

    Create a file named admin.conf at <web instance directory>/config/OHS/ohs1/moduleconf and enter following lines

     

    -bash-3.2$ more /app/fusion/admin/web1/config/OHS/ohs1/moduleconf/admin.conf

    # Admin Server and EM

    <Location /console>

    SetHandler weblogic-handler

    WebLogicHost ad002aph01

    WeblogicPort 7001

    </Location>

     

    <Location /consolehelp>

    SetHandler weblogic-handler

    WebLogicHost ad002aph01

    WeblogicPort 7001

    </Location>

     

    <Location /em>

    SetHandler weblogic-handler

    WebLogicHost ad002aph01

    WeblogicPort 7001

    </Location>

     

    Restart Web server

     

    -bash-3.2$ /app/fusion/admin/web1/bin/opmnctl stopall

    opmnctl stopall: stopping opmn and all managed processes…

    -bash-3.2$ /app/fusion/admin/web1/bin/opmnctl startall

    opmnctl startall: starting opmn and all managed processes…

     

    Now you can launch the same URL using our main http port 7777

     

    http://<hostname>:7777/console should open fine now

     

     

    Register HTTP server with Enterprise Manager

     

    -bash-3.2$ cd /app/fusion/admin/web1/bin/

    -bash-3.2$ ./opmnctl registerinstance -adminHost ad002aph01 -adminport 7001 -adminUsername weblogic

    Command requires login to weblogic admin server (ad002aph01):

    Username: weblogic

    Password:

    Done

    Registering instance

    Command succeeded.

     

    Creating a Separate Domain Directory for Managed Servers in the Same Node as the Administration Server

    -bash-3.2$ mkdir /app/fusion/admin/IDMDomain/mserver

    -bash-3.2$ cd /app/fusion/fmw/oracle_common/common/bin/

    -bash-3.2$ ./pack.sh -managed=true -domain=/app/fusion/admin/IDMDomain/aserver/IDMDomain -template=domaintemplate.jar -template_name=domain_template

    ============

    << read domain from “/app/fusion/admin/IDMDomain/aserver/IDMDomain”

    >> succeed: read domain from “/app/fusion/admin/IDMDomain/aserver/IDMDomain”

    << set config option Managed to “true”

    >> succeed: set config option Managed to “true”

    << write template to “/app/fusion/fmw/oracle_common/common/bin/domaintemplate.jar”

    ……………………………………………………………………………………….

    >> succeed: write template to “/app/fusion/fmw/oracle_common/common/bin/domaintemplate.jar”

    << close template

    >> succeed: close template

    ============

     

    -bash-3.2$ ./unpack.sh -domain=/app/fusion/admin/IDMDomain/mserver/IDMDomain -template=domaintemplate.jar -app_dir=/app/fusion/admin/IDMDomain/mserver/applications

     

    =============

    << read template from “/app/fusion/fmw/oracle_common/common/bin/domaintemplate.jar”

    >> succeed: read template from “/app/fusion/fmw/oracle_common/common/bin/domaintemplate.jar”

    << set config option AppDir to “/app/fusion/admin/IDMDomain/mserver/applications”

    >> succeed: set config option AppDir to “/app/fusion/admin/IDMDomain/mserver/applications”

    << set config option DomainName to “IDMDomain”

    >> succeed: set config option DomainName to “IDMDomain”

    << write Domain to “/app/fusion/admin/IDMDomain/mserver/IDMDomain”

    >> warning:write Domain to “/app/fusion/admin/IDMDomain/mserver/IDMDomain”

    >> Server listen ports in your domain configuration conflict with ports in use by active processes on this host.

    Port 7001 on AdminServer

    …………………………………………………………………………………..

    >> succeed: write Domain to “/app/fusion/admin/IDMDomain/mserver/IDMDomain”

    << close template

    >> succeed: close template

    ============

     

    Copy SOA Composites to Managed Server Directory

     

    -bash-3.2$ cp -pr /app/fusion/admin/IDMDomain/aserver/IDMDomain/soa /app/fusion/admin/IDMDomain/mserver/IDMDomain/

     

    Enable Weblogic Plugin

     

    Open http://<hostname>:7777/console and login with weblogic user

     

     

    Click Lock & Edit. Click on IDMDomain -> Configuration -> Web Applications

     

     

    Scroll down and check “Weblogic Plugin Enabled

     

     

    Click on Environment -> Servers -> AdminServer -> Protocols -> HTTP. Change the Frontend port to 7777. Activate Changes

     

    Removing IDM Domain Agent

     

    In the Administration console, click on “Security Realms” -> myrealm -> Providers

     

    configure-extra2

    Select IAMSuiteAgent and click on Delete. Activate Changes

     

    Restart AdminServer

     

    Extend the Domain to include Oracle Internet Directory

     

    Make sure that the port 3060 is not being used by other process.

     

    -bash-3.2$ netstat -an | grep “3060”

     

    Start the configuration from <IDM_HOME>/bin

     

    -bash-3.2$ cd /app/fusion/fmw/idm/bin

    -bash-3.2$ ./config.sh &

     

     

     

    Click Next

     

     

    Select “Configure Without A Domain” and click Next

     

     

    Instance Location: /app/fusion/admin/oid1

    Instance Name: oid1

    Click Next

     

     

    Deselect checkbox and click Next

     

     

    Click Yes

     

     

    Select “Oracle Internet Directory” and click Next

     

     

    Select “Specify Ports using Configuration file”

     

    Open a shell and copy the staticports.ini file to home directory

     

    -bash-3.2$ cp -p /app/fusion/provisioning/idm/Disk1/stage/Response/staticports.ini ~/

     

    Click View/Edit File

     

     

    Enter/uncomment Value for Non-SSL Port as 3060

    And for SSL Port put value as 3061

     

    Click Save

     

     

     

    Enter database details and click Next

     

     

    Set Realm as the domain level DC (for example if domain is example.com then set dc=example, dc=com)

    Click Next

     

     

    Review the summary and click Configure

     

     

     

    Once configuration completes, click Next

     

     

    Review the summary and click Finish

     

    Validate OID

     

    -bash-3.2$ export ORACLE_HOME=/app/fusion/fmw/idm

    -bash-3.2$ export ORACLE_INSTANCE=/app/fusion/admin/oid1

    -bash-3.2$ export PATH=$ORACLE_HOME/opmn/bin:$ORACLE_HOME/bin:$ORACLE_HOME/ldap/bin:$ORACLE_HOME/ldap/admin:$PATH

    -bash-3.2$ ldapbind -h ad002aph01 -p 3060 -D “cn=orcladmin” -q

    Please enter bind password:

    bind successful

     

    -bash-3.2$ ldapbind -h ad002aph01 -p 3061 -D “cn=orcladmin” -q -U 1

    Please enter bind password:

    bind successful

     

    -bash-3.2$ opmnctl status

     

    Processes in Instance: oid1

    ———————————+——————–+———+———

    ias-component | process-type | pid | status

    ———————————+——————–+———+———

    oid1 | oidldapd | 8499 | Alive

    oid1 | oidldapd | 8495 | Alive

    oid1 | oidmon | 8491 | Alive

    EMAGENT | EMAGENT | 8266 | Alive

     

    Registering Oracle Internet Directory with the WebLogic Server Domain

     

    -bash-3.2$ export ORACLE_HOME=/app/fusion/fmw/idm

    -bash-3.2$ export ORACLE_INSTANCE=/app/fusion/admin/oid1

    -bash-3.2$ $ORACLE_INSTANCE/bin/opmnctl registerinstance -adminHost ad002aph01 -adminPort 7001 -adminUsername weblogic

     

    Command requires login to weblogic admin server (ad002aph01):

    Username: weblogic

    Password:

     

    Registering instance

    Command succeeded.

     

    Update the Enterprise Manager Repository URL

     

    -bash-3.2$ cd $ORACLE_INSTANCE/EMAGENT/EMAGENT/bin

    -bash-3.2$ ./emctl switchOMS http://<hostname>:7001/em/upload

    Oracle Enterprise Manager 10g Release 5 Grid Control 10.2.0.5.0.

    Copyright (c) 1996, 2009 Oracle Corporation. All rights reserved.

    SwitchOMS succeeded.

     

    We can now verify whether this instance is registered for monitoring agent.

    Login to http://<hostname>:7777/em using weblogic user

     

     

     

     

    Click on Farm->Agent monitored targets.

     

     

    Make sure that Agent URL is configured and it does not show “Needs Configuration”

     

    Note: We will not tune OID but it is recommended to do this on production systems.

     

    Extend the Domain to include Oracle Directory Service Manager (ODSM)

     

    Make sure that the port 7006 is not being used by any process.
    -bash-3.2$ netstat -an | grep “7006”

     

    Start the configuration from <IDM_HOME>/bin

     

    -bash-3.2$ cd /app/fusion/fmw/idm/bin/

    -bash-3.2$ ./config.sh &

     

     

     

    Click Next

     

     

    Select “Extend Existing Domain” and enter following values

    Hostname: <hostname>

    Port: 7001

     

    Username: weblogic

    Password: same as existing weblogic password

     

    Click Next

     

     

    Click Yes

     

     

    Enter following values.

    Weblogic Server Directory: /app/fusion/fmw/wlserver_10.3

    Instance location: /app/fusion/admin/ods_inst1

    Instance Name: ods_inst1

     

    Click Next

     

     

    Deselect checkbox and click Next

     

     

    Click Yes

     

     

    Select only Oracle Directory Service Manager and click Next

     

     

    Select “Specify Ports using Configuration file”. Open another shell window and copy the staticports.ini from staging directory.

     

    -bash-3.2$ cp -p /app/fusion/provisioning/idm/Disk1/stage/Response/staticports.ini ~/

     

    Click View/Edit File

     

     

    Edit/uncomment ODS server Port No = 7006

     

    Click Save

     

     

     

    Review the summary and click Configure

     

     

    Once configuration completes, click Next

     

     

    Review the summary and click Finish

     

    Check if wls_ods1 is already up in Enterprise Manager at http://<hostname>:7777/em

     

    If not up the start by following commands.

     

    -bash-3.2$ cd /app/fusion/admin/IDMDomain/aserver/IDMDomain/servers/wls_ods1/security/

    -bash-3.2$ cp ../../AdminServer/security/boot.properties .

    -bash-3.2$ cd /app/fusion/admin/IDMDomain/aserver/IDMDomain/bin/

    -bash-3.2$ nohup ./startManagedWebLogic.sh wls_ods1 &

     

    Wait till you see RUNNING in the nohup.log file

     

    Launch ODSM using following URL

     

    http://<hostname>:7006/odsm

     

    Create Aliases for ODSM in HTTP server

     

    -bash-3.2$ cd /app/fusion/admin/ohs_inst1/config/OHS/ohs1/moduleconf/

     

    Append following entries in admin.conf file

     

    -bash-3.2$ vi admin.conf

    Append

    <Location /odsm>

    SetHandler weblogic-handler

    WebLogicHost ad002aph01

    WeblogicPort 7006

    </Location>

     

    Restart Web Server

     

    -bash-3.2$ /app/fusion/admin/ohs_inst1/bin/opmnctl stopall

    opmnctl stopall: stopping opmn and all managed processes…

    -bash-3.2$ /app/fusion/admin/ohs_inst1/bin/opmnctl startall

    opmnctl startall: starting opmn and all managed processes…

     

    Now you can also launch ODSM using following URL

     

    http://<hostname>:7777/odsm

     

     

    Click on Connect to a directory ->
    Create A New Connection

     

     

    Enter values as follows.

     

     

    Click Connect

     

     

    You can now view the Oracle Internet Directory from ODSM

     

     

    You can also browse the OID data as above

     

    Provisioning the Managed Servers in the Managed Server Directory

     

    Stop the ODS

     

    Use pack and unpack commands to provision the managed servers in mserver directory

     

    -bash-3.2$ cd /app/fusion/fmw/oracle_common/common/bin/

    -bash-3.2$ ./pack.sh -managed=true -domain=/app/fusion/admin/IDMDomain/aserver/IDMDomain -template=/app/fusion/fmw/templates/managedServer.jar -template_name=ManagedServer_Template

     

    -bash-3.2$ ./unpack.sh -domain=/app/fusion/admin/IDMDomain/mserver/IDMDomain -template=/app/fusion/fmw/templates/managedServer.jar -app_dir=/app/fusion/admin/IDMDomain/mserver/applications -overwrite_domain=true

     

    Make sure to use the switch –overwrite_domain=true

     

    Start wls_ods1

     

    Prepare Identity and Policy Stores

     

    Prepare Policy store

     

    Go to directory <IAM_HOME>/idmtools/bin

     

    -bash-3.2$ cd /app/fusion/fmw/iam/idmtools/bin/

     

    Source environment variables

     

    -bash-3.2$ export ORACLE_HOME=/app/fusion/fmw/iam

    -bash-3.2$ export JAVA_HOME=/app/fusion/jdk6

    -bash-3.2$ export IDM_HOME=/app/fusion/fmw/idm

    -bash-3.2$ export MW_HOME=/app/fusion/fmw

     

    Create a file named policystore.props

     

    -bash-3.2$ more policystore.props

    POLICYSTORE_HOST: ad002aph01

    POLICYSTORE_PORT: 3060

    POLICYSTORE_BINDDN: cn=orcladmin

    POLICYSTORE_READONLYUSER: PolicyROUser

    POLICYSTORE_READWRITEUSER: PolicyRWUser

    POLICYSTORE_SEARCHBASE: dc=adm,dc=local

    POLICYSTORE_CONTAINER: cn=jpsroot

    Run the following command.

     

    -bash-3.2$ ./idmConfigTool.sh -configPolicyStore input_file=policystore.props

    Enter Policy Store Bind DN password :

    Enter User Password for PolicyROUser:

    Confirm User Password for PolicyROUser:

    Enter User Password for PolicyRWUser:

    Confirm User Password for PolicyRWUser:

     

    -bash-3.2$ grep -i error automation.log

     

    Note: While running this command, you might see the following error message:

    WARNING: Error in adding in-memory OID search filters.

     

    You may safely ignore this error.

     

    Run following commands to reassociate Security Store

     

    -bash-3.2$ cd /app/fusion/fmw/oracle_common/common/bin/

    -bash-3.2$ ./wlst.sh

    wls:/offline> connect(“weblogic”,”Oracle123″,”t3://<hostname>:7001″)

     

    wls:/IDMDomain/serverConfig> reassociateSecurityStore(domain=”IDMDomain”, admin=”cn=orcladmin”,password=”Oracle123″, ldapurl=”ldap://<hostname>:3060″,servertype=”OID”, jpsroot=”cn=jpsroot”)

    wls:/IDMDomain/serverConfig> exit()

     

    Restart Admin Server

     

    Prepare Identity Store

     

    Go to <IAM_HOME>/idmtools/bin

    -bash-3.2$ cd /app/fusion/fmw/iam/idmtools/bin/

     

    Create a file named idstore.props

     

    -bash-3.2$ more idstore.props

    # Common

    IDSTORE_HOST: ad002aph01

    IDSTORE_PORT: 3060

    IDSTORE_BINDDN: cn=orcladmin

    IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=adm,dc=local

    IDSTORE_SEARCHBASE: dc=adm,dc=local

    IDSTORE_USERNAMEATTRIBUTE: cn

    IDSTORE_LOGINATTRIBUTE: uid

    IDSTORE_USERSEARCHBASE: cn=Users,dc=adm,dc=local

    POLICYSTORE_SHARES_IDSTORE: true

    # OAM

    IDSTORE_OAMADMINUSER:oamadmin

    IDSTORE_OAMSOFTWAREUSER:oamLDAP

    OAM11G_IDSTORE_ROLE_SECURITY_ADMIN:OAMAdministrators

    # OAM and OIM

    IDSTORE_SYSTEMIDBASE: cn=systemids,dc=adm,dc=local

    # OIM

    IDSTORE_OIMADMINGROUP: OIMAdministrators

    IDSTORE_OIMADMINUSER: oimLDAP

    # Required due to bug

    IDSTORE_OAAMADMINUSER : oaamadmin

    # Fusion Applications

    IDSTORE_READONLYUSER: IDROUser

    IDSTORE_READWRITEUSER: IDRWUser

    IDSTORE_SUPERUSER: weblogic_fa

    # Weblogic

    IDSTORE_WLSADMINUSER : weblogic_idm

     

    Run following command

     

    -bash-3.2$ ./idmConfigTool.sh -preConfigIDStore input_file=idstore.props

    Enter ID Store Bind DN password :

     

    Make sure automation.log is created

    -bash-3.2$ ls -l automation.log

    -rw-r–r– 1 fusion dba 3432 Sep 20 13:49 automation.log

     

    Check the log for errors

    -bash-3.2$ grep -i error automation.log

     

    Note: You might see a warning messages similar to this in the log.

    WARNING: Error indexing displayName

     

    You may safely ignore this error.

     

    The above commands will create a file named idmDomainConfig.param file. This is an important file and we will seed the values from this file to the response file.

     

    -bash-3.2$ more idmDomainConfig.param (Generated automatically)

     

    IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=adm,dc=local

    POLICYSTORE_PORT: 3060

    IDSTORE_HOST: ad002aph01

    IDSTORE_LOGINATTRIBUTE: uid

    IDSTORE_PORT: 3060

    POLICYSTORE_CONTAINER: cn=jpsroot

    IDSTORE_USERSEARCHBASE: cn=Users,dc=adm,dc=local

    POLICYSTORE_HOST: ad002aph01

    POLICYSTORE_READWRITE_USERNAME: cn=PolicyRWUser,cn=users,dc=adm,dc=local

     

    Creating Users and Groups

     

    Run following command.

     

    -bash-3.2$ ./idmConfigTool.sh -prepareIDStore mode=all input_file=idstore.props

    Enter ID Store Bind DN password :

    Enter User Password for IDROUser:

    Confirm User Password for IDROUser:

    Enter User Password for IDRWUser:

    Confirm User Password for IDRWUser:

    Enter User Password for weblogic_fa:

    Confirm User Password for weblogic_fa:

    Enter User Password for weblogic_idm:

    Confirm User Password for weblogic_idm:

    Enter User Password for oblixanonymous:

    Confirm User Password for oblixanonymous:

    Enter User Password for oamadmin:

    Confirm User Password for oamadmin:

    Enter User Password for oamLDAP:

    Confirm User Password for oamLDAP:

    Enter User Password for oaamadmin:

    Confirm User Password for oaamadmin:

    Enter User Password for oimLDAP:

    Confirm User Password for oimLDAP:

    Enter User Password for xelsysadm:

    Confirm User Password for xelsysadm:

    The tool has completed its operation. Details have been logged to automation.log

     

    -bash-3.2$ grep -i error automation.log

     

    Note: We are not using Oracle Virtual Directory (OVD) since this is optional component so skipping OVD part

     

    Configure Oracle Access Manager 11g (OAM)

     

    Start managed server wls_oam1 from Administration console.

     

    Configure Aliases for OAM in HTTP server

     

    Append following in /app/fusion/admin/ohs_inst1/config/OHS/ohs1/moduleconf/admin.conf

     

    <Location /oam>

    SetHandler weblogic-handler

    WebLogicHost ad002aph01

    WebLogicPort 14100

    </Location>

     

    <Location /fusion_apps>

    SetHandler weblogic-handler

    WebLogicHost ad002aph01

    WebLogicPort 14100

    </Location>

     

    <Location /oamconsole>

    SetHandler weblogic-handler

    WebLogicHost ad002aph01

    WebLogicPort 7001

    </Location>

     

    Restart Web server

     

    -bash-3.2$ /app/fusion/admin/ohs_inst1/bin/opmnctl stopall

    opmnctl stopall: stopping opmn and all managed processes…

    -bash-3.2$ /app/fusion/admin/ohs_inst1/bin/opmnctl startall

    opmnctl startall: starting opmn and all managed processes…

     

    Now you can launch OAM Console with following URL

     

    http://<hostname>:7777/oamconsole

     

     

    Login with weblogic user

     

     

    Configure OAM

     

    Go to <IAM_HOME>/idmtools/bin

    -bash-3.2$ cd /app/fusion/fmw/iam/idmtools/bin

     

    Create a file named config_oam1.props

     

    -bash-3.2$ more config_oam1.props

    WLSHOST: ad002aph01

    WLSPORT: 7001

    WLSADMIN: weblogic

    WLSPASSWD: Oracle123

    IDSTORE_HOST: ad002aph01

    IDSTORE_PORT: 3060

    IDSTORE_DIRECTORYTYPE:OID

    IDSTORE_BINDDN: cn=orcladmin

    IDSTORE_USERNAMEATTRIBUTE: cn

    IDSTORE_LOGINATTRIBUTE: uid

    IDSTORE_USERSEARCHBASE: cn=Users,dc=adm,dc=local

    IDSTORE_SEARCHBASE: dc=adm,dc=local

    IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=adm,dc=local

    IDSTORE_OAMSOFTWAREUSER: oamLDAP

    IDSTORE_OAMADMINUSER: oamadmin

    PRIMARY_OAM_SERVERS: ad002aph01:5575

    WEBGATE_TYPE: ohsWebgate11g

    ACCESS_GATE_ID: Webgate_IDM

    OAM11G_IDM_DOMAIN_OHS_HOST:ad002aph01

    OAM11G_IDM_DOMAIN_OHS_PORT:7777

    OAM11G_IDM_DOMAIN_OHS_PROTOCOL:http

    OAM11G_WG_DENY_ON_NOT_PROTECTED: false

    OAM_TRANSFER_MODE: open

    OAM11G_OAM_SERVER_TRANSFER_MODE:open

    OAM11G_IDM_DOMAIN_LOGOUT_URLS:/console/jsp/common/logout.jsp,/em/targetauth/emaslogout.jsp

    OAM11G_OIM_WEBGATE_PASSWD: Oracle123

    COOKIE_DOMAIN: .adm.local

    OAM11G_IDSTORE_ROLE_SECURITY_ADMIN: OAMAdministrators

    OAM11G_SSO_ONLY_FLAG: true

    OAM11G_OIM_INTEGRATION_REQ: true

    OAM11G_IMPERSONATION_FLAG:true

    OAM11G_SERVER_LBR_HOST:ad002aph01

    OAM11G_SERVER_LBR_PORT:7777

    OAM11G_SERVER_LBR_PROTOCOL:http

    COOKIE_EXPIRY_INTERVAL: 120

    OAM11G_OIM_OHS_URL:http://ad002aph01:7777/

    OAM11G_SERVER_LOGIN_ATTRIBUTE: uid

     

    Keep a backup of idmDomainConfig.param for safety

     

    -bash-3.2$ cp -pr idmDomainConfig.param idmDomainConfig.param.preOAM

     

    Run the following command to Configure OAM

     

    -bash-3.2$ ./idmConfigTool.sh -configOAM input_file=config_oam1.props

    Enter ID Store Bind DN password :

    Enter User Password for IDSTORE_PWD_OAMSOFTWAREUSER:

    Confirm User Password for IDSTORE_PWD_OAMSOFTWAREUSER:

    Enter User Password for IDSTORE_PWD_OAMADMINUSER:

    Confirm User Password for IDSTORE_PWD_OAMADMINUSER:

    The tool has completed its operation. Details have been logged to automation.log

     

    -bash-3.2$ grep -i error automation.log

    WARNING: Error in adding in-memory OID search filters

    WARNING: Error indexing displayName

     

    Backup important files generated

     

    -bash-3.2$ cp -pr /app/fusion/admin/IDMDomain/aserver/IDMDomain/output/Webgate_IDM/ ~/backup/

     

    Restart ALL managed servers and Admin server

     

    Validate OAM

     

    Login to OAM Console using oamadmin user

     

     

     

    In System Configuration tab, click Access Manager Settings -> SSO Agents-> OAM Agents. Search for all agents.

    Edit Webgate_IDM agent

     

     

     

    Set Max. number of Connections to 4 for each primary servers (in our case only one host is there)

     

     

    Do the same for Webgate_IDM_11g agent

    Set Max. number of Connections to 4 for each primary servers (in our case only one host is there)

     

     

    In Policy Configurations tab, Host identifiers->IAMSuiteAgent-> Make sure our hostname and the default http port is mentioned. If already there then nothing to change in this screen.

     

    Perform Bug 13824816 Workaround

    http://<hostname>:7777/console

     

    Security Realm->myrealm->Roles and Policies -> Expand Global Roles -> Click on Roles

     

     

    Expand Global Roles. Click on Roles

     

     

    Click on Admin

     

     

    Click Next

     

     

    Click on Add conditions

     

     

    Enter OAMAdministrators in text-box and click Add

     

     

    Click Save

     

    Note: Following is not required as per the “latest” document but for the safe side adding this as well.

    1. Open http://<hostname>:7777/odsm

    2. Connect to a directory instance.

    3. Click the Data Browser tab.

    4. Expand the Client View entry in the directory tree (dc=<domain>) then expand cn=Groups.

    5. Click IDMAdministrators.

    6. In the Members box, click + to add a new entry.

    7. Enter cn=oamadministrators,cn=groups,dc=adm,dc=local

    8. Click Apply.

     

     

    Adding the oamadmin Account to Access System Administrators

     

    The oamadmin user is assigned to the Oracle Access Manager Administrators group, which is in turn assigned to the Access System Administrators group. Fusion Applications, however, requires the oamadmin user to be explicitly added to that role.

     

    To do this, perform the following steps:

     

    1. Log in to the oamconsole at http://<hostname>:7777/oamconsole

    2. Click the System Configuration tab.

    3. Expand Data Sources User Identity Stores.

    4. Click OIMIDStore.

    5. Click Open.

    6. Click the + symbol next to Access System Adminsitrators.

    7. Type oamadmin in the search box and click Search.

    8. Click the returned oamadmin row, then click Add Selected.

    9. Click Apply.

     

     

     

    Click Apply.

     

    Create Oracle Access Manager Policies for WebGate 11g

    In order to allow WebGate 11g to display the credential collector, you must add /oam to the list of public policies.

     

    Proceed as follows:

    1. Log in to the OAM console

    2. Select the Policy Configuration tab.

    3. Expand Application Domains – IAM Suite

    4. Click Resources.

    5. Click Open.

    6. Click New resource.

    7. Provide the following values:

     


    Type: HTTP


    Description: OAM Credential Collector


    Host Identifier: IAMSuiteAgent


    Resource URL: /oam


    Protection Level: Unprotected


    Authentication Policy: Public Policy

     

    8. Click Apply.

     

     

    Click Apply

     

    Validate OAM

     

    Note: The OAM validation tool is now no longer used for Solaris since current latest documentation

     

    Following is given for reference only. This is not required for Solaris due to bug mentioned below. It will work for Linux without any issues.

     

    -bash-3.2$ export JAVA_HOME=/app/fusion/jdk6

    -bash-3.2$ export PATH=$JAVA_HOME/bin:$PATH

     

    -bash-3.2$ cd /app/fusion/fmw/iam/oam/server/tester/

     

    -bash-3.2$ java -jar oamtest.jar

     

    It will throw above error due to a bug in this tool in Solaris

     

    The fix is to temporarily remove Password from Webgate through oamadmin

     

     

     

    It will throw above error due to a bug in this tool on Solaris Platform. On Linux/Windows it will succeed.

     

    The fix is to temporarily remove Password from Webgate through oamadmin (Careful to revert it later). We suggest not to run this tool at all in Solaris.

     

     

     

     

     

     

     

    Put the password back. (If you have changed in previous step)

     

    Updating Oracle Access Manager System Parameters

     

     

    Change to following.

    Session Lifetime: 120

    Idle timeout (Minutes): 120

    Maximum number of connections per user: 200

     

     

    This will automatically edit and change the values in /app/fusion/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-config.xml

     

    Please note that we are not changing the value for “NoUniqueSessionsFor10gAgents since it is not mentioned in the latest documentation.

     

    Restart OAM

     

    Configure Oracle Identity Manager (OIM) and Oracle SOA Suite

     

    Start the configuration from <IAM_HOME>/bin

     

    -bash-3.2$ cd /app/fusion/fmw/iam/bin/

    -bash-3.2$ ./config.sh &

     

     

     

    Click Next

     

     

    Select only “OIM Server” and click Next

     

     

    Enter database details. Make sure to use correct prefix as we selected earlier (in our case PROD). Click Next

     

     

    Admin server URL: t3://<hostname>:7001

    Username and password of weblogic user

    Click Next

     

     

    Enter required password and OIM HTTP URL as http://<hostname>:7777

    Click Next

     

     

    Check “Enable LDAP Sync” and click Next

     

     

    Enter following values

    Directory Server Type: OID

    ID: oid1

    URL: ldap://<hostname>:3060

    User: cn=oimLDAP,cn=systemids,dc=<domain>,dc=<com>

     

    Click Next

     

     

    Enter following values

     

    Role Container: cn=Groups,dc=<domain>,dc=<com>

    User Container: cn=Users,dc=<domain>,dc=<com>

    Reservation Container: cn=Reserve,dc=<domain>,dc=<com>

     

    Click Next

     

     

    Review summary and click Configure

     

     

    Once configure completes, click Next

     

     

    Review and click Finish

     

    Note: If instead of above screen you see following error then you have missed a major patch 13399365.

    Config Action Oracle Identity Manager Configuration failed“.

    The errors in .out file

    java.lang.NoSuchMethodError: oracle.jdbc.OracleConnection.setApplicationContext(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V

    java.lang.IllegalStateException: Action:OIM Configuration failed with error:interrupted

     

    As per Oralce metalink note This is due to bug 14125012�

    Mismatched Components Version Cause Config.sh To Fail on Configure Oracle Identity Manager with Fusion Applications [ID 1467992.1]

     

    This is because the certified version of OAM with 11.1.4 applications is 11.1.1.5.2 while the supplied version is 11.1.1.5.0 so we need to apply patches to upgrade this version.

     

    The patches are mentioned in the release notes as well as available in /app/stage/installers/iam/patch directory. Please apply them to fix this. We have a shortcut workaround to copy the required files only from patch. But this is not recommended so we will not post here. Just to let the geeks know J

     

    Stop Admin server and all managed servers and then start all servers including wls_soa1 and wls_oim1

    Test OIM and SOA using following URLS

     

    http://<hostname>:14000/oim

    and

    http://<hostname>:8001/soa-infra

     

    Note: If you get 404 error for OIM or if you see following errors in OIM log files (even if OIM status shows as “RUNNING” in admin console) then OIM has not come up properly. You can see this in EM and it will show OIM as down.

     

    <Error> <Deployer> <BEA-149265> <Failure occurred in the execution of deployment request with ID ‘1356332711618’ for task ‘1’. Error is: ‘weblogic.management.DeploymentException: [J2EE:160149]Error while processing library references. Unresolved application library references, defined in weblogic-application.xml: [Extension-Name: oracle.sdp.client, exact-match: false].’

    weblogic.management.DeploymentException: [J2EE:160149]Error while processing library references. Unresolved application library references, defined in weblogic-application.xml: [Extension-Name: oracle.sdp.client, exact-match: false].

    at weblogic.application.internal.flow.CheckLibraryReferenceFlow.prepare(CheckLibraryReferenceFlow.java:26)

    at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)

    at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)

    at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)

    at weblogic.application.internal.EarDeployment.prepare(EarDeployment.java:59)

    Truncated. see log file for complete stacktrace

     

    As per metalink Note: 1328471.1 following needs to be done to fix this.

     

    Admin console->Deplyments->go to oracle.sdp.client page

     

     

     

    Click on Targets. You will see that the checkbox for wls_oim1 is not selected.

    Lock & Edit and select the checkbox and Activate changes.

     

     

    Restart OIM

     

     

    Validate OIM

     

    Launch URL http://<hostname>:14000/oim

     

     

    Login with xelsysadm user

     

     

    If you have not applied post-steps for patch 13399365 properly then you might get following errors.

     

    oracle.iam.platform.kernel.OrchestatrionException

    “ADF_FACES-60097 : For more information, please see the server’s error log for an entry beginning with: ADF_FACES-60096: Server Exception during PPR, #8″

     

    Internal Exception: java.sql.SQLSyntaxErrorException: ORA-00904: “CONTEXTVAL”: invalid identifier

    Error Code: 904
    Call: INSERT INTO ORCHPROCESS (ID, BULKPARENTID, CHANGETYPE, CONTEXTVAL, CREATEDON, ENTITYID, ENTITYTYPE, MODIFIEDON, OPERATION, ORCHESTRATION, ORCHTARGET, PARENTPROCESSID, RETRY, SEQUENCE, STAGE, STATUS) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
    bind => [16 parameters bound]

     

    This is because following column might not be available in PROD_OIM. ORCHPROCESS table. The post steps for above patch create this column.

    CONTEXTVAL CLOB

     

     

    Validate SOA

     

    Launch URL http://<hostname>:8001/soa-infra

     

    Login with weblogic user

     

     

    Prepare OIM to reconcile from ID store

     

    -bash-3.2$ cd /app/fusion/fmw/iam/server/ldap_config_util/

     

    Make backup of existing ldapconfig.props file

     

    -bash-3.2$ cp -pr ldapconfig.props ldapconfig.props_orig

     

    Modify ldapconfig.props

     

    -bash-3.2$ more ldapconfig.props

    # OIMServer Type, Valid values can be WLS, JBOSS, WAS

    # e.g.: OIMServerType=WLS

    OIMServerType=WLS

     

    # OIMAdmin User Login

    # e.g.: OIMAdminUser=xelsysadm

    OIMAdminUser=xelsysadm

     

    # Skip Validation of OVD Schema

    # e.g.: SkipOVDValidation=true|false, Default false

    SkipOVDValidation=true

     

    # OIM Provider URL

    # e.g.: OIMProviderURL=t3://localhost:8003

    OIMProviderURL=t3://ad002aph01:14000

     

    # OID URL

    # e.g.: OIDURL=ldap://localhost:389

    OIDURL=ldap://ad002aph01:3060

     

    # Admin user name to connect to OID

    # e.g.: OIDAdminUsername=cn=orcladmin

    OIDAdminUsername=cn=oimLDAP,cn=systemids,dc=adm,dc=local

     

    # Search base

    # e.g.: OIDSearchBase=dc=company,dc=com

    OIDSearchBase=dc=adm,dc=local

     

    # Name of the user container

    # e.g.: UserContainerName=cn=Users

    UserContainerName=cn=Users

     

    # Name of the role container

    # e.g.: RoleContainerName=cn=Roles

    RoleContainerName=cn=Groups

     

    # Name of the reservation container

    # e.g.: ReservationContainerName=cn=Reserve

    ReservationContainerName=cn=Reserve

     

    Source environment

    -bash-3.2$ export JAVA_HOME=/app/fusion/jdk6

    -bash-3.2$ export WL_HOME=/app/fusion/fmw/wlserver_10.3

     

    Run following command

     

    -bash-3.2$ ./LDAPConfigPostSetup.sh

    [Enter OID admin password:]

    [Enter OIM admin password:]

    Successfully Enabled Changelog based Reconciliation schedule jobs

     

    Configure HTTP for OIM and SOA

     

    Add following entries in /app/fusion/admin/ohs_inst1/config/OHS/ohs1/moduleconf/admin.conf

     

    # oim admin console(idmshell based)

    <Location /admin>

    SetHandler weblogic-handler

    WLProxySSL OFF

    WLProxySSLPassThrough OFF

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 14000

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    # oim self and advanced admin webapp consoles(canonic webapp)

    <Location /oim>

    SetHandler weblogic-handler

    WLProxySSL OFF

    WLProxySSLPassThrough OFF

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 14000

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    # SOA Callback webservice for SOD – Provide the SOA Managed Server Ports

    <Location /sodcheck>

    SetHandler weblogic-handler

    WLProxySSL OFF

    WLProxySSLPassThrough OFF

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 8001

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    # Callback webservice for SOA. SOA calls this when a request is approved/rejected

    # Provide the SOA Managed Server Port

    <Location /workflowservice>

    SetHandler weblogic-handler

    WLProxySSL OFF

    WLProxySSLPassThrough OFF

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 14000

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    # xlWebApp – Legacy 9.x webapp (struts based)

    <Location /xlWebApp>

    SetHandler weblogic-handler

    WLProxySSL OFF

    WLProxySSLPassThrough OFF

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 14000

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    # Nexaweb WebApp – used for workflow designer and DM

    <Location /Nexaweb>

    SetHandler weblogic-handler

    WLProxySSL OFF

    WLProxySSLPassThrough OFF

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 14000

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    # used for FA Callback service.

    <Location /callbackResponseService>

    SetHandler weblogic-handler

    WLProxySSL OFF

    WLProxySSLPassThrough OFF

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 14000

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    # spml xsd profile

    <Location /spml-xsd>

    SetHandler weblogic-handler

    WLProxySSL OFF

    WLProxySSLPassThrough OFF

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 14000

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    <Location /HTTPClnt>

    SetHandler weblogic-handler

    WLProxySSL OFF

    WLProxySSLPassThrough OFF

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 14000

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    # role-sod profile

    <Location /role-sod>

    SetHandler weblogic-handler

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 14000

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    # SOA Infrastructure

    <Location /soa-infra>

    SetHandler weblogic-handler

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 8001

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    # UMS Email Support

    <Location /ucs>

    SetHandler weblogic-handler

    WLCookieName oimjsessionid

    WebLogicHost ad002aph01

    WebLogicPort 8001

    WLLogFile “${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log”

    </Location>

     

    -bash-3.2$ /app/fusion/admin/ohs_inst1/bin/opmnctl stopall

    opmnctl stopall: stopping opmn and all managed processes…

    -bash-3.2$ /app/fusion/admin/ohs_inst1/bin/opmnctl startall

    opmnctl startall: starting opmn and all managed processes…

     

     

    Now login to Weblogic Console at http://<hostname>:7777/console

     

    Change Host assertion in Weblogic

     

     

     

    Click Save and Activate Changes.

     

    Validate OIM and SOA using HTTP port

     

    http://<hostname>:7777/oim

    http://<hostname>:7777/soa-infra

     

    Enabling Oracle Identity Manager to Connect to SOA Using the Administrative Users Provisioned in LDAP

     

    Login to EM console

    Select Farm_IDMDomain –> Identity and Access–> OIM –> oim(11.1.1.3.0).

     

     

    Select MBean Browser from the menu or right click to select it.

     

     

    Select Application defined Mbeans –> oracle.iam –> Server: wls_oim1 –> Application: oim –> XML Config -> Config –> XMLConfig.SOAConfig –>SOAConfig

     


     

    Change the username attribute to weblogic_idm

     

     

    select Weblogic Domain –> IDMDomain from the Navigator.

     

    Select Security –> Credentials from the down menu

     

     

    Expand the key oim.

    Click SOAAdminPassword.

    Click Edit.

    Change the username to weblogic_idm and set the password to the accounts password.

    Click OK.

     

     

     

    Run the reconciliation process to enable the Oracle WebLogic Server administrator, weblogic_idm, to be visible in the OIM Console. Follow these steps:

     

    a. Log in to Oracle Identity Manager at:

    https://sso.mycompany.com:443/oim as the user xelsysadm.

     

    b. If prompted, set up challenge questions. This happens on your first login to Oracle Identity Manager.

    c. Click Advanced.

    d. Click the System Management tab.

    e. Click the arrow for the Search Scheduled Jobs to list all the schedulers.

    f. Select LDAP User Create and Update Full Reconciliation.

    g. Click Run Now to run the job.

    h. Go to the Administration page and perform a search to verify that the user is visible in the Oracle Identity Manager console.

     

     

     

    Select Administration. Click Advanced Search –> Roles

     

     

    Search for the Administrators role. Click the Administrators Role.

     

    Click Open.

     

     

    Click the Members tab. Click Assign.

     

     

    Type weblogic_idm in the Search box and Click ->.

     

    Select weblogic_idm from the list of available users.

     

    Click > to move to Selected Users.

     

     

    Click Save.

     

    Restart Oracle Identity Manager managed server.

    Installing Oracle Fusion Applications – steps

    1. Create another database for Oracle Identity Management Infrastructure (optional)

     

    Next: Integrate Oracle Identity Manager (OIM) and Oracle Access Manager (OAM)

  1. kumar
    May 27th, 2015 at 12:32 | #1

    Hi Admin,
    i have configured the OIM domain configuration for 2 servers.
    on server1 i’m able to access http://hostname:14000/oim
    but on server2 not able to access http://hostname:14000/oim
    getting message “Page not available”.

    Also, i checked oim server2 logs, there were no errors.

    Please help me in resolving the issue?

    Thanks.

  2. Vineet
    Jan 31st, 2015 at 08:44 | #2

    Hello,

    I am seeing this errors in the oam_server1 Managed Server log:

    AMInitServlet” failed to preload on startup in Web application: “oam

    I have already added the option “Djava.net.preferIPv6Addresses=false” to my setDomainenv.sh under the EXTRA_JAVA_PROPERTIES”

    Also added JAVA_OPTIONS=”-Djava.net.preferIPV6=false

    I am still seeing this error. Referred to Doc ID 1471671.1

    Please help.

    Regards,
    Vineet

  3. Srinivas
    Dec 15th, 2014 at 14:13 | #3

    Hi,

    I am working on 12c migration from 11.1.1.7, while reassociating filebase policy store to DB-Base for OPSS and IAU schemas i am getting below error after hitting the command.

    File “/home/app/oracle/product/fmw11g/oracle_common/common/wlst/jpsWlstCmd.py”, line 1569, in reassociateSecurityStore
    File “/home/app/oracle/product/fmw11g/oracle_common/common/wlst/jpsWlstCmd.py”, line 1543, in reassociateSecurityStoreImpl
    at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:237)
    at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:223)
    at javax.management.remote.rmi.RMIConnectionImpl_1036_WLStub.invoke(Unknown Source)
    at weblogic.management.remote.common.RMIConnectionWrapper$16.run(ClientProviderBase.java:918)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
    at weblogic.security.Security.runAs(Security.java:61)
    at weblogic.management.remote.common.RMIConnectionWrapper.invoke(ClientProviderBase.java:916)
    at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.invoke(RMIConnector.java:1022)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)

    javax.management.MBeanException: javax.management.MBeanException: JPS-10000: There was an internal error in the policy store.

    Command i used:reassociateSecurityStore(domain=”base_domain”,servertype=”DB_ORACLE”, admin=”weblogic”, password=”welcome1″, jpsroot=”cn=jpsroot”,datasourcename=”jdbc/opssDataSource”,join=”true”)

    Any help from any corner would be greatly appreciated

  4. Edra Gorn
    Mar 7th, 2014 at 02:27 | #4

    Wow,this is the post I’m searching for,it solves my doubts,thank you for sharing.

  5. Anand Ranganathan
    Feb 8th, 2014 at 00:27 | #5

    Hi Tushar,

    I am trying to configure config_oam1.props and getting the error as detailed by some already. I am unable to move forward. This is the second time I am trying to re-install and fail at this point (already tried 5 unsuccessful attempts). Can you guide me on what went wrong?

    Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMPartner
    SEVERE: Error while configuring User ID Store {1}

    Regards,

    Anand

    • tushar
      Feb 8th, 2014 at 07:31 | #6

      Dear Anand,

      Are you installing 11.1.6 FA or 11.1.7 ? In 11.1.7 provisioning you do not need to manually configure IDM components since there is a provisioning wizard for IDM as well so everything is configured automatically.

      I would highly recommend to move to 11.1.7 installation to avoid these sort of roadblocks.

      Regards
      Tushar

      • Anand Ranganathan
        Feb 8th, 2014 at 14:29 | #7

        I am still in 11.1.5. Will start doing 11.1.7

      • Anand Ranganathan
        Feb 10th, 2014 at 01:23 | #8

        Hi Tushar,

        While going through the steps for 11.1.7 I find it needs more space and memory.

        In your 11.1.5 I had the option of installing it in my home system with around 400+ GB and 8GB of RAM.

        Can I still use the same config for 11.1.7?

        Regards,

        Anand

      • Anand Ranganathan
        Feb 10th, 2014 at 01:27 | #9

        Also Can I use single node to install 11.1.7. I assume it should not give me trouble given that I am going to use the same node to both (Per your approach it is 2 node installation).

        Regards,

        Anand

  6. Scott
    Sep 25th, 2013 at 14:06 | #10

    I am needing some help. When I run:

    ./idmConfigTool.sh -configOAM input_file=OAMconfigPropertyFile.props

    I receive the following error:

    Sep 25, 2013 8:21:43 AM oracle.idm.automation.util.Util setLogger
    WARNING: Logger initialized in warning mode
    Sep 25, 2013 8:21:48 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler execute
    FINER: ENTRY
    Sep 25, 2013 8:22:01 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
    FINER: ENTRY
    Sep 25, 2013 8:22:01 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
    FINER: Creating mbean connection
    Sep 25, 2013 8:22:02 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
    FINER: Created mbean connection
    Sep 25, 2013 8:22:02 AM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
    FINER: ENTRY
    Sep 25, 2013 8:22:02 AM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getObjectName
    SEVERE: Error while creating OAM MBean Connection
    java.lang.Exception: No foundation mbeans found
    at oracle.idm.automation.impl.oam.handlers.OAM11gUtil.getObjectName(OAM11gUtil.java:139)
    at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.configOAM11gIdStore(OAM11gIntegrationHandler.java:317)
    at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.execute(OAM11gIntegrationHandler.java:888)
    at oracle.idm.automation.AutomationTool.configOAM(AutomationTool.java:708)
    at oracle.idm.automation.AutomationTool.parseCmdLine(AutomationTool.java:227)
    at oracle.idm.automation.AutomationTool.main(AutomationTool.java:141)
    Sep 25, 2013 8:22:02 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
    SEVERE: Error while configuring User ID Store
    oracle.idm.automation.exception.ExecutionFailedException: Error while creating OAM MBean Connection
    at oracle.idm.automation.impl.oam.handlers.OAM11gUtil.getObjectName(OAM11gUtil.java:153)
    at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.configOAM11gIdStore(OAM11gIntegrationHandler.java:317)
    at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.execute(OAM11gIntegrationHandler.java:888)
    at oracle.idm.automation.AutomationTool.configOAM(AutomationTool.java:708)
    at oracle.idm.automation.AutomationTool.parseCmdLine(AutomationTool.java:227)
    at oracle.idm.automation.AutomationTool.main(AutomationTool.java:141)
    Sep 25, 2013 8:22:02 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
    SEVERE: Error while creating OAM MBean Connection

    I am not able to find any solution to this.

  7. Mike
    Sep 18th, 2013 at 04:00 | #11

    tushar :
    Your config_oam1.props file looks good. I still want you to confirm that you are able to telnet the server (kb-lap-01) using ports 7777 (HTTP), 5575 (OAM Proxy), 14100 (OAM), and 3060 (OID). I am currently preparing the posts for 11.1.6 installation so once done I can connect to you using teamviewer or vnc to see and fix the exact issue.
    Thanks
    Tushar

    Have you ever figure out why you were getting this error ?
    I’m getting it too and my config file looks good based on what i’m seeing in yours.
    Thanks.

  8. Srikanth
    Jun 14th, 2013 at 20:04 | #12

    Hi,
    WHen I run ./idmConfigTool.sh -configOAM input_file=config_oam1.props i get the error as

    SEVERE: Invalid OAM admin server host name

    I have set all the values correctly yet i have this error. Please help

    • tushar
      Jun 19th, 2013 at 08:28 | #13

      Dear Srikanth,

      The error is quite evident. Please make sure that the OAM host name and port are correctly mentioned in the properties file as well as the alias file is having all required entries. If you are unable to find then post the props file and I will help you with that.

      Thanks
      Tushar

  9. sumanth
    May 9th, 2013 at 06:22 | #14

    HI admin

    even i m facing the same problem.i did everything OK but i can’t see the weblogic_idm user in the oim console
    please help out

  10. UK
    May 7th, 2013 at 15:53 | #15

    Hi,

    I’m trying to setup the oim-oam integration, but i found this error in automation log after running configOAM command.

    May 7, 2013 11:28:57 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
    SEVERE: Error while configuring User ID Store {1}

    I manually created OAMIDStore in OAMConsole under datasources but still not picking this.

    Do we need to create “OAMIDStore” in oamconsole or script will automatically create this store for OAM and configure it?

    Thanks,
    UK

    • Fgianni72
      Oct 11th, 2013 at 07:53 | #16

      Hi,
      I’ve the same problem in the same integration step,

      Oct 11, 2013 9:45:33 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
      SEVERE: Error while configuring User ID Store {1}

      have you solved the problem? Any help is appreciated.
      Bye
      Gianni

  11. vishnu
    Mar 28th, 2013 at 11:48 | #17

    Hi Team,

    CONTEXTVAL CLOB column is not created after applying 13399365 patch also.

    After which step I need to apply those patches ?

    Please help on this step.

    Regards,
    Vishnu Reddy

    • tushar
      Mar 28th, 2013 at 11:58 | #18

      It is not the patch but the post steps of the patch which creates this column. I have given clear instructions on how to apply the patch (in patches post) and how to apply the poststeps here. The post step script has sqls which create this column

      -Tushar

      • vishnu
        Mar 29th, 2013 at 16:52 | #19

        Thanks for quick reply.
        I followed same steps and modified weblogic.profile file and run that file also still column is not created . Once more doubt some of the patches you mentioned post domain creation means after complete weblogic main domain creation or I need to complete all managed server creation ?

        Please help on this.
        Thanks,
        Vishnu Reddy

        • vishnu
          Apr 1st, 2013 at 03:23 | #20

          Hi Tushar,

          I applied all the patches as per document and which step I have to run weblogic.profile script file.

          Please guide me.

          Regards,
          Vishnu Reddy

  12. Magdy
    Mar 27th, 2013 at 08:23 | #21

    i can’t find Webgate_IDM_11g in oamconsole when i Validate OAM
    what is the reason ?

  13. Magdy
    Mar 26th, 2013 at 08:20 | #24

    i did everything OK but i can’t see the weblogic_idm user in the oim console
    please help

    • tushar
      Mar 26th, 2013 at 08:47 | #25

      This can happen due to a known bug but if you have applied all patches correctly before configuring the IDM then the issue should not appear. Regardless, it does not apply to 11.1.6 but only happens in 11.1.5 installer

      In order to solve this, you can login to ODSM console and then add “Display Name” as “weblogic_idm” for the user weblogic_idm which currently should be blank for your case. Once you do this, run users reconcile again from OIM console and then you should be able to see the user in the list.

      Hint: Even before also the user are showing in the list despite having blank name but since it is blank, you will see tiny sized blank rows in the users list in OIM console, this is just to confirm that you are hitting this bug.

      Do the above steps and let me know if this resolved your issue.

      Regards
      Tushar

      • Magdy
        Mar 27th, 2013 at 08:21 | #26

        Thank you tushar
        i found the problem in the mail account did not written correctly

        • tushar
          Mar 27th, 2013 at 08:43 | #27

          Yes that also is another issue. But I faced this only in 11.1.1.5, where the email ids were not having @domain so after adding proper format it worked. The problem in 11.1.5 was due to display name. Anyways, glad to know the issue is resolved.

  14. Kumar
    Mar 20th, 2013 at 22:26 | #28

    Hi Admin,

    I’m getting the following error
    SEVERE: Error while configuring User ID Store {1}

    when running
    ./idmConfigTool.sh -configOAM input_file=config_oam1.props

    Can you help me how to solve this problem?

    Rgds/Kumar

    • tushar
      Mar 21st, 2013 at 02:20 | #29

      Dear Kumar,

      Kindly check the errors in automation.log file generated in same directory. or else post the error details from log file here so that I can help.

      Thanks
      Tushar

      • Kumar
        Mar 21st, 2013 at 15:20 | #30

        Hi Tushar, Thanks for your quick response :). I will post you automation.log asap, in the mean time i have a question about the version of the FA. I’m trying to install 11.1.6, the question is do i need to apply all the patches that you mention your step (step 7)?

        thanks in advance!

        rgds/Kumar 🙂

        • tushar
          Mar 21st, 2013 at 15:26 | #31

          Dear Kumar,

          The post your are referring to is for 11.1.5 FA installation. While nothing much has changed from installation point of view in 11.1.6 but the patches which need to be applied are different and they are all located in the installers directory. Also from 11.1.6 onwards you don’t need to apply patches individually but for each oracle home you can apply all patch together using napply option. I have started preparing new post for 11.1.6 today morning but it will take some time to post here since as you know there are hundreds of screenshots and plenty of writing involved. I hope next week it should be available on our blog.

          Thanks
          Tushar

          • Kumar
            Mar 22nd, 2013 at 16:52 | #32

            OK, thanx Tushar

          • Kumar
            Mar 22nd, 2013 at 23:13 | #33

            OK, thanx Tushar

            Tushar, i’m still getting the following error when i’m running

            ./idmConfigTool.sh -configOAM input_file=config_oam1.props

            grep -i error automation.log
            SEVERE: Error while configuring User ID Store {1}

            here is atomation.log

            Mar 23, 2013 12:00:22 AM oracle.idm.automation.util.Util setLogger
            WARNING: Logger initialized in warning mode
            Mar 23, 2013 12:00:29 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler execute
            FINER: ENTRY
            Mar 23, 2013 12:00:52 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
            FINER: ENTRY
            Mar 23, 2013 12:00:53 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
            FINER: Creating mbean connection
            Mar 23, 2013 12:00:55 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
            FINER: Created mbean connection
            Mar 23, 2013 12:00:55 AM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
            FINER: ENTRY
            Mar 23, 2013 12:00:55 AM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
            FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamWLST,type=oam.wlst,Application=oam_admin,ApplicationVersion=11.1.1.3.0
            Mar 23, 2013 12:00:55 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
            FINER: Invoking mbean
            Mar 23, 2013 12:00:57 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMIntegration
            FINER: mbean invocation success.
            Mar 23, 2013 12:00:57 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration()
            FINER: RETURN
            Mar 23, 2013 12:00:57 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
            FINER: ENTRY
            Mar 23, 2013 12:00:57 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
            FINER: Creating mbean connection
            Mar 23, 2013 12:00:58 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
            FINER: Created mbean connection
            Mar 23, 2013 12:00:58 AM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
            FINER: ENTRY
            Mar 23, 2013 12:00:58 AM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
            FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamWLST,type=oam.wlst,Application=oam_admin,ApplicationVersion=11.1.1.3.0
            Mar 23, 2013 12:00:58 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
            FINER: Invoking mbean
            Mar 23, 2013 12:01:01 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
            FINER: RETURN
            Mar 23, 2013 12:01:01 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
            FINER: ENTRY
            Mar 23, 2013 12:01:01 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
            FINER: Creating mbean connection
            Mar 23, 2013 12:01:01 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
            FINER: Created mbean connection
            Mar 23, 2013 12:01:01 AM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
            FINER: ENTRY
            Mar 23, 2013 12:01:01 AM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
            FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamManagement,type=oam.management,Application=oam_admin,ApplicationVersion=11.1.1.3.0
            Mar 23, 2013 12:01:01 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
            FINER: Invoking mbean
            Mar 23, 2013 12:01:03 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMPartner
            SEVERE: Error while configuring User ID Store {1}
            Mar 23, 2013 12:01:03 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMIntegration
            FINER: mbean invocation success.
            Mar 23, 2013 12:01:03 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration()
            FINER: RETURN
            Mar 23, 2013 12:01:03 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
            FINER: ENTRY
            Mar 23, 2013 12:01:03 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
            FINER: Creating mbean connection
            Mar 23, 2013 12:01:03 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
            FINER: Created mbean connection
            Mar 23, 2013 12:01:03 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
            FINER: Invoking mbean method: applyStringProperty
            Mar 23, 2013 12:01:04 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
            FINER: mbean invocation success.
            Mar 23, 2013 12:01:04 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule()
            FINER: RETURN
            Mar 23, 2013 12:01:04 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler createDumpParams
            FINE: OAM11gIntegrationHandler : createDumpParams()
            Mar 23, 2013 12:01:04 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler execute
            FINER: RETURN
            Mar 23, 2013 12:01:04 AM oracle.idm.automation.AutomationTool dumpConfig
            INFO: Configuration details have been dumped to the file idmDomainConfig.param

            Please advise!
            rgds/Kumar

        • tushar
          Mar 24th, 2013 at 05:40 | #34

          Please post your config_oam1.props file and also make sure that all required managed servers are started and you are able to telnet to respective port before running this or sending the property file.

          • Kumar
            Mar 24th, 2013 at 19:54 | #35

            config_oam1.props

            WLSHOST:kb-lap-01
            WLSPORT:7001
            WLSADMIN:weblogic
            WLSPASSWD:qazwsx12
            IDSTORE_HOST:kb-lap-01
            IDSTORE_PORT:3060
            IDSTORE_DIRECTORYTYPE:OID
            IDSTORE_BINDDN:cn=orcladmin
            IDSTORE_USERNAMEATTRIBUTE:cn
            IDSTORE_LOGINATTRIBUTE:uid
            IDSTORE_USERSEARCHBASE:cn=Users,dc=localdomain
            IDSTORE_SEARCHBASE:dc=localdomain
            IDSTORE_GROUPSEARCHBASE:cn=Groups,dc=localdomain
            IDSTORE_OAMSOFTWAREUSER:oamLDAP
            IDSTORE_OAMADMINUSER:oamadmin
            PRIMARY_OAM_SERVERS:kb-lap-01:5575
            WEBGATE_TYPE:ohsWebgate11g
            ACCESS_GATE_ID:Webgate_IDM
            OAM11G_IDM_DOMAIN_OHS_HOST:kb-lap-01
            OAM11G_IDM_DOMAIN_OHS_PORT:7777
            OAM11G_IDM_DOMAIN_OHS_PROTOCOL:http
            OAM11G_WG_DENY_ON_NOT_PROTECTED:false
            OAM_TRANSFER_MODE:open
            OAM11G_OAM_SERVER_TRANSFER_MODE:open
            OAM11G_IDM_DOMAIN_LOGOUT_URLS:/console/jsp/common/logout.jsp,/em/targetauth/emaslogout.jsp
            OAM11G_OIM_WEBGATE_PASSWD:Oracle123
            COOKIE_DOMAIN:.localdomain
            OAM11G_IDSTORE_ROLE_SECURITY_ADMIN:OAMAdministrators
            OAM11G_SSO_ONLY_FLAG:true
            OAM11G_OIM_INTEGRATION_REQ:true
            OAM11G_IMPERSONATION_FLAG:true
            OAM11G_SERVER_LBR_HOST:kb-lap-01
            OAM11G_SERVER_LBR_PORT:7777
            OAM11G_SERVER_LBR_PROTOCOL:http
            COOKIE_EXPIRY_INTERVAL:120
            OAM11G_OIM_OHS_URL:http://kb-lap-01:7777/
            OAM11G_SERVER_LOGIN_ATTRIBUTE:uid

          • tushar
            Mar 25th, 2013 at 05:02 | #36

            Your config_oam1.props file looks good. I still want you to confirm that you are able to telnet the server (kb-lap-01) using ports 7777 (HTTP), 5575 (OAM Proxy), 14100 (OAM), and 3060 (OID). I am currently preparing the posts for 11.1.6 installation so once done I can connect to you using teamviewer or vnc to see and fix the exact issue.

            Thanks
            Tushar

  15. Keane
    Mar 1st, 2013 at 07:14 | #37

    Hi Admin,

    I configured wls_oim1, Start wls_oim1 and wls_soa1 successfully. However, when I login to http://host:14000/oim with xelsysadm account, the browser redirect to page: http://host:14000/oim/faces/pages/Self.jspx and show error “Error 403–Forbidden”.

    Could you give me advice?
    Thanks.

    • Keane
      Mar 15th, 2013 at 04:09 | #38

      I am not sure why, however, After I did step 9, this issue fixed also.

  16. Dhanraj Nikam
    Jan 31st, 2013 at 14:12 | #39

    HI Admin,

    First off all thanks for posting all the steps.

    I am following your steps and installing Oracle Fusion Application 11.1.5 On windows server 2008.

    I have stuck at three levels.

    1) i have applied all the patches upto you mentation (do not do following since we don’t have domain created yet)in the apply patches link.

    so my question is when should i apply remaining patches?

    2) Configure Oracle Internet directory
    I did the configuration and stuck up at post steps. as follows

    bash-3.2$ ldapbind -h ad002aph01 -p 3060 -D “cn=orcladmin” -q
    bash-3.2$ ldapbind -h ad002aph01 -p 3061 -D “cn=orcladmin” -q -U 1

    it is asking me Please enter bind password: but while i entered the password which is used in all the setups it shows invalid credentials.

    3) Extend the Domain to include Oracle Directory Service Manager (ODSM)
    i am configuring the odsm using your steps. bu it fails at one step (70%).

    “Configure OCM fail. ” this is the step between “Create ASinstance ” and “Create Enterprise Manager Agent”

    also i am not able to do continue, the button is not enabled.

    Please help me on this.

    Log file shows as follows

    Starting Managed Server : wls_ods1
    In public start
    ASWLServer.start …
    LOADING DLL : D:\flink\Middleware\idm\install\config\\StartUtil64.dll
    DEBUG : Loading DLL : D:\flink\Middleware\idm\install\config\\StartUtil64.dll
    DEBUG : Loaded DLL : D:\flink\Middleware\idm\install\config\\StartUtil64.dll

    getDomainRuntimeMBeanServerConnection …
    Connecting to Domain runtime …
    trying to connect to dfusion.dnikam.com 7001
    Successfully connected to the Domain Runtime …
    getDomainRuntimeMBeanServerConnection …
    Connecting to Domain runtime …
    trying to connect to dfusion.dnikam.com 7001
    Successfully connected to the Domain Runtime …
    progress in calculate progress2
    AdminServer port is 7001
    trying to connect to dfusion.dnikam.com 7001
    Successful
    getDomainRuntimeMBeanServerConnection …
    Connecting to Domain runtime …
    trying to connect to dfusion.dnikam.com 7001
    Successfully connected to the Domain Runtime …
    trying to connect to dfusion.dnikam.com 7001
    Successful
    MBean Server Connection is :javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection@78f7d83d
    dfusion.dnikam.com 7001
    progress in calculate progress2
    Instance ods1 already exists, continuing with component creation
    D:\flink\Middleware\idm D:\flink\instances\ods ods1
    oracle.as.config.ProvisionException: Error encountered in deploying OCM instance. Exit code = 3
    at oracle.sysman.ccr.configCCR.OCMComponentImpl.onCreate(Unknown Source)
    at oracle.as.config.impl.OracleASComponentBaseImpl.createComponent(OracleASComponentBaseImpl.java:597)
    at oracle.as.config.impl.OracleASComponentBaseImpl.create(OracleASComponentBaseImpl.java:106)
    at oracle.as.provisioning.fmwadmin.ASComponentProv.createComponent(ASComponentProv.java:144)
    at oracle.as.provisioning.fmwadmin.ASComponentProv.createComponent(ASComponentProv.java:73)
    at oracle.as.provisioning.fmwadmin.ASInstanceProv._createComponent(ASInstanceProv.java:401)
    at oracle.as.provisioning.fmwadmin.ASInstanceProv.createComponent(ASInstanceProv.java:358)
    at oracle.as.provisioning.fmwadmin.ASInstanceProv.createInstanceAndComponents(ASInstanceProv.java:136)
    at oracle.as.provisioning.engine.WorkFlowExecutor._createASInstancesAndComponents(WorkFlowExecutor.java:535)
    at oracle.as.provisioning.engine.WorkFlowExecutor.executeWLSWorkFlow(WorkFlowExecutor.java:439)
    at oracle.as.provisioning.engine.Config.executeConfigWorkflow_WLS(Config.java:866)
    at oracle.as.idm.install.config.BootstrapConfigManager.doExecute(BootstrapConfigManager.java:1532)
    at oracle.as.install.engine.modules.configuration.client.ConfigAction.execute(ConfigAction.java:371)
    at oracle.as.install.engine.modules.configuration.action.TaskPerformer.run(TaskPerformer.java:88)
    at oracle.as.install.engine.modules.configuration.action.TaskPerformer.startConfigAction(TaskPerformer.java:105)
    at oracle.as.install.engine.modules.configuration.action.ActionRequest.perform(ActionRequest.java:15)
    at oracle.as.install.engine.modules.configuration.action.RequestQueue.perform(RequestQueue.java:64)
    at oracle.as.install.engine.modules.configuration.standard.StandardConfigActionManager.start(StandardConfigActionManager.java:160)
    at oracle.as.install.engine.modules.configuration.boot.ConfigurationExtension.kickstart(ConfigurationExtension.java:81)
    at oracle.as.install.engine.modules.configuration.ConfigurationModule.run(ConfigurationModule.java:86)
    at java.lang.Thread.run(Thread.java:662)
    oracle.as.provisioning.util.ConfigException:
    Error creating ASComponent ocm_ods1.
    Cause:
    An internal operation has failed: Error encountered in deploying OCM instance. Exit code = 3
    Action:
    See logs for more details.
    at oracle.as.provisioning.util.ConfigException.createConfigException(ConfigException.java:123)
    at oracle.as.provisioning.fmwadmin.ASInstanceProv._createComponent(ASInstanceProv.java:414)
    at oracle.as.provisioning.fmwadmin.ASInstanceProv.createComponent(ASInstanceProv.java:358)
    at oracle.as.provisioning.fmwadmin.ASInstanceProv.createInstanceAndComponents(ASInstanceProv.java:136)
    at oracle.as.provisioning.engine.WorkFlowExecutor._createASInstancesAndComponents(WorkFlowExecutor.java:535)
    at oracle.as.provisioning.engine.WorkFlowExecutor.executeWLSWorkFlow(WorkFlowExecutor.java:439)
    at oracle.as.provisioning.engine.Config.executeConfigWorkflow_WLS(Config.java:866)
    at oracle.as.idm.install.config.BootstrapConfigManager.doExecute(BootstrapConfigManager.java:1532)
    at oracle.as.install.engine.modules.configuration.client.ConfigAction.execute(ConfigAction.java:371)
    at oracle.as.install.engine.modules.configuration.action.TaskPerformer.run(TaskPerformer.java:88)
    at oracle.as.install.engine.modules.configuration.action.TaskPerformer.startConfigAction(TaskPerformer.java:105)
    at oracle.as.install.engine.modules.configuration.action.ActionRequest.perform(ActionRequest.java:15)
    at oracle.as.install.engine.modules.configuration.action.RequestQueue.perform(RequestQueue.java:64)
    at oracle.as.install.engine.modules.configuration.standard.StandardConfigActionManager.start(StandardConfigActionManager.java:160)
    at oracle.as.install.engine.modules.configuration.boot.ConfigurationExtension.kickstart(ConfigurationExtension.java:81)
    at oracle.as.install.engine.modules.configuration.ConfigurationModule.run(ConfigurationModule.java:86)
    at java.lang.Thread.run(Thread.java:662)
    Caused by: oracle.as.config.ProvisionException: Error encountered in deploying OCM instance. Exit code = 3
    at oracle.sysman.ccr.configCCR.OCMComponentImpl.onCreate(Unknown Source)
    at oracle.as.config.impl.OracleASComponentBaseImpl.createComponent(OracleASComponentBaseImpl.java:597)
    at oracle.as.config.impl.OracleASComponentBaseImpl.create(OracleASComponentBaseImpl.java:106)
    at oracle.as.provisioning.fmwadmin.ASComponentProv.createComponent(ASComponentProv.java:144)
    at oracle.as.provisioning.fmwadmin.ASComponentProv.createComponent(ASComponentProv.java:73)
    at oracle.as.provisioning.fmwadmin.ASInstanceProv._createComponent(ASInstanceProv.java:401)

    Thanks,
    Dhanraj

    • Dhanraj Nikam
      Feb 1st, 2013 at 12:00 | #40

      Hi Admin,

      I am out of problem 3rd it get resolve automatically.

      Now i have still some question on 1 and 2nd problem can you please help me on this..

      1) i have applied all the patches upto you mentation (do not do following since we don’t have domain created yet)in the apply patches link.

      so my question is when should i apply remaining patches?

      Now i have completed “Provisioning the Managed Servers in the Managed Server Directory”

      2) Configure Oracle Internet directory
      I did the configuration and stuck up at post steps. as follows

      bash-3.2$ ldapbind -h ad002aph01 -p 3060 -D “cn=orcladmin” -q
      bash-3.2$ ldapbind -h ad002aph01 -p 3061 -D “cn=orcladmin” -q -U 1

      it is asking me Please enter bind password: but while i entered the password which is used in all the setups it shows invalid credentials.

  17. Lain
    Jan 30th, 2013 at 18:05 | #42

    Hi there,
    I got this error “oim-config.xml was not found in MDS Repository.” when I try to start the OIM.
    I’ve just tried the doc. 1234357.1 without success.
    In my case I don’t find this errors:

    Unable to find keystore "default-keystore.jks" in /config/fmwconfig/.
    Unable to find keystore ".xldatabasekey" in /config/fmwconfig/.
    […]

    this is my error.
    Could you help me please?


    $ tail -f /repository/fusion/fmw//admin/IDMDomain/mserver/IDMDomain/servers/wls_oim1/logs/wls_oim1.log
    [....]
    #### <> <Failed to initialize the application 'oim [Version=11.1.1.3.0]' due to error oracle.iam.platform.uti
    ls.OIMAppInitializationException:
    OIM application intialization failed because of the following reasons:
    oim-config.xml was not found in MDS Repository.
    .
    oracle.iam.platform.utils.OIMAppInitializationException:
    OIM application intialization failed because of the following reasons:
    oim-config.xml was not found in MDS Repository.

    at oracle.iam.platform.utils.OIMAppInitializationListener.preStart(OIMAppInitializationListener.java:145)
    at weblogic.application.internal.flow.BaseLifecycleFlow$PreStartAction.run(BaseLifecycleFlow.java:282)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.application.internal.flow.BaseLifecycleFlow$LifecycleListenerAction.invoke(BaseLifecycleFlow.java:199)
    at weblogic.application.internal.flow.BaseLifecycleFlow.preStart(BaseLifecycleFlow.java:62)
    at weblogic.application.internal.flow.HeadLifecycleFlow.prepare(HeadLifecycleFlow.java:284)
    at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:649)
    at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
    at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
    at weblogic.application.internal.EarDeployment.prepare(EarDeployment.java:59)
    at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
    at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
    at weblogic.deploy.internal.targetserver.AppDeployment.prepare(AppDeployment.java:144)
    at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:40)
    at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
    at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:22)
    at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:261)
    at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:220)
    at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:166)
    at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
    at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:181)
    at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:97)
    at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
    at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:545)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    Caused By: oracle.iam.platform.utils.OIMAppInitializationException:
    OIM application intialization failed because of the following reasons:
    oim-config.xml was not found in MDS Repository.

    at oracle.iam.platform.utils.OIMAppInitializationListener.preStart(OIMAppInitializationListener.java:145)
    at weblogic.application.internal.flow.BaseLifecycleFlow$PreStartAction.run(BaseLifecycleFlow.java:282)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.application.internal.flow.BaseLifecycleFlow$LifecycleListenerAction.invoke(BaseLifecycleFlow.java:199)
    at weblogic.application.internal.flow.BaseLifecycleFlow.preStart(BaseLifecycleFlow.java:62)
    at weblogic.application.internal.flow.HeadLifecycleFlow.prepare(HeadLifecycleFlow.java:284)
    at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:649)
    at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
    at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
    at weblogic.application.internal.EarDeployment.prepare(EarDeployment.java:59)
    at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
    at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
    at weblogic.deploy.internal.targetserver.AppDeployment.prepare(AppDeployment.java:144)
    at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:40)
    at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
    at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:22)
    at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:261)
    at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:220)
    at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:166)
    at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
    at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:181)
    at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:97)
    at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
    at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:545)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

    #### <>
    #### <>

    #### <>
    #### <>
    #### <>

  18. JL
    Jan 29th, 2013 at 22:14 | #43

    In the section, “Configure Oracle Identity Manager (OIM) and Oracle SOA Suite”, step 7 of 11, in the Server User: cn=oimLDAP, cn=systemids, when I enter those info, I got error “INST-6128 Could not connect to the LDAP with the given credentials”. What i did to move forward was to change to “cn=orcladmin,cn=users”. Hope it helps those that got the same error as I did.

  19. Lain
    Jan 25th, 2013 at 20:30 | #44

    resolved the problem.
    the httpd.conf was wrong.
    the correct file is that:
    /repository/fusion/fmw/Oracle_WT1/instances/instance1/config/OHS/ohs1/httpd.conf
    I was trying to change this one: /repository/fusion/fmw/Oracle_WT1/ohs/conf/httpd.conf
    Thanks, question resolved!

  20. Lain
    Jan 25th, 2013 at 18:58 | #45

    Hi there,
    someone could help me?
    I did everything up to Setup Aliases when I should restart the web server.
    I can’t start the web server, I got this error.
    Thanks for your support.
    Regards,

    [oracle@server02 bin]$ ./opmnctl startall
    opmnctl startall: starting opmn and all managed processes…
    ================================================================================
    opmn id=server02:6702
    Response: 2 of 3 processes started.

    ias-instance id=instance1
    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    ——————————————————————————–
    ias-component/process-type/process-set:
    ohs1/OHS/OHS/

    Error
    –> Process (index=1,uid=1554592007,pid=20508)
    failed to start a managed process after the maximum retry limit
    Log:
    /repository/fusion/fmw/Oracle_WT1/instances/instance1/diagnostics/logs/OHS/ohs1/console~OHS~1.log

    [oracle@server02 bin]$ cat /repository/fusion/fmw/Oracle_WT1/instances/instance1/diagnostics/logs/OHS/ohs1/console~OHS~1.log

    ——–
    13/01/25 19:52:52 Start process
    ——–
    /repository/fusion/fmw/Oracle_WT1/ohs/bin/apachectl start: execing httpd
    [Fri Jan 25 19:52:53 2013] [warn] Errors will be logged into /repository/fusion/fmw/Oracle_WT1/instances/instance1/diagnostics/logs/OHS/ohs1/ohs1.log
    [Fri Jan 25 19:52:54 2013] [warn] Errors will be logged into /repository/fusion/fmw/Oracle_WT1/instances/instance1/diagnostics/logs/OHS/ohs1/ohs1.log
    Audit init

    ——–
    13/01/25 19:52:55 Start process
    ——–
    /repository/fusion/fmw/Oracle_WT1/ohs/bin/apachectl start: execing httpd
    [Fri Jan 25 19:52:56 2013] [warn] Errors will be logged into /repository/fusion/fmw/Oracle_WT1/instances/instance1/diagnostics/logs/OHS/ohs1/ohs1.log
    [Fri Jan 25 19:52:57 2013] [warn] Errors will be logged into /repository/fusion/fmw/Oracle_WT1/instances/instance1/diagnostics/logs/OHS/ohs1/ohs1.log
    Audit init
    [oracle@server02 bin]$ cat /repository/fusion/fmw/Oracle_WT1/instances/instance1/diagnostics/logs/OHS/ohs1/ohs1.log
    [2013-01-25T19:52:55.0001+01:00] [OHS] [NOTIFICATION:16] [OHS-9999] [mod_weblogic.c] [host_id: server02] [host_addr: 192.168.10.40] [pid: 20473] [tid: 140660449425216] [user: oracle] [VirtualHost: main] WebLogic Server Plugin version 1.1

    [2013-01-25T19:52:55.0160+01:00] [OHS] [INCIDENT_ERROR:10] [OHS-9999] [core.c] [host_id: server02] [host_addr: 192.168.10.40] [pid: 20473] [tid: 140660449425216] [user: oracle] [VirtualHost: main] (2)No such file or directory: Couldn’t create accept lock

    [2013-01-25T19:52:58.0002+01:00] [OHS] [NOTIFICATION:16] [OHS-9999] [mod_weblogic.c] [host_id: server02] [host_addr: 192.168.10.40] [pid: 20508] [tid: 140293231314752] [user: oracle] [VirtualHost: main] WebLogic Server Plugin version 1.1

    [2013-01-25T19:52:58.0160+01:00] [OHS] [WARNING:32] [OHS-9999] [core.c] [host_id: server02] [host_addr: 192.168.10.40] [pid: 20508] [tid: 140293231314752] [user: oracle] [VirtualHost: main] pid file /repository/fusion/fmw/Oracle_WT1/instances/instance1/diagnostics/logs/OHS/ohs1/httpd.pid overwritten — Unclean shutdown of previous Apache run?

    [2013-01-25T19:52:58.0165+01:00] [OHS] [INCIDENT_ERROR:10] [OHS-9999] [core.c] [host_id: server02] [host_addr: 192.168.10.40] [pid: 20508] [tid: 140293231314752] [user: oracle] [VirtualHost: main] (2)No such file or directory: Couldn’t create accept lock

  21. Brian
    Jan 23rd, 2013 at 21:20 | #46

    Hello and thanks for the write up. I have hit a few bumps along the way but have been able to figure them out. I have finally hit a bump I can not get past. In the section titled Create Oracle Access Manager Policies for WebGate I am unable to complete these steps. When I go to expand Application Domains there is nothing listed under it. Could anyone shoot out an idea on what I may have missed?

    Thanks

    • Anand Ranganathan
      Oct 28th, 2013 at 21:20 | #47

      Brian,

      Did you resolve this issue and if so how? I am also struggling at the same point.

      Regards,

      Anand

      • tushar
        Oct 29th, 2013 at 04:21 | #48

        Dear Anand,

        Did you also not see anything under Applications Domain subtree?

        • Anand Ranganathan
          Oct 29th, 2013 at 14:52 | #49

          Yes. I am not seeing anything. I checked for patches and realized I did not apply 13115859 and 14171065. I applied them and completely restarted the machine.

          Now along with database and listener, the managed services and web logic along with wls_oam1 and wls_ods1 are running.

          Now when I try to login to OAMCONSOLE, it is not even moving from login page. The sign in button is stuck. No forward movement when I click it after giving the username and password.

          Thank you for your help Tushar. You can email me and if you want I can share my screens to go through and find out what I missed as steps to do.

  22. Sutee
    Jan 23rd, 2013 at 10:52 | #50

    Regarding “Prepare Identity and Policy Stores” >> “Prepare Policy store” section:

    How the this command takes from start to complete?

    wls:/IDMDomain/serverConfig> reassociateSecurityStore(domain=”IDMDomain”, admin=”cn=orcladmin”,password=”Oracle123″, ldapurl=”ldap://:3060″,servertype=”OID”, jpsroot=”cn=jpsroot”)

    I was waiting it for more than 20 minutes but it seems always hang on the 2 lines forever,

    Starting policy store reassociation.
    The store and ServiceConfigurator setup done.

    I have followed the instructions, every things went fine but just stuck on this step,

    • Lain
      Jan 26th, 2013 at 01:50 | #51

      it take a while. In my case after 10 minutes I got this error:

      Command FAILED, Reason: Schema seeding failed, check the server type of the given ldap url.

      Traceback (innermost last):
      File "", line 1, in ?
      File "/repository/fusion/fmw/oracle_common/common/wlst/jpsWlstCmd.py", line 1167, in reassociateSecurityStore
      File "/repository/fusion/fmw/oracle_common/common/wlst/jpsWlstCmd.py", line 1146, in reassociateSecurityStoreImpl
      at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:237)
      at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:223)
      at javax.management.remote.rmi.RMIConnectionImpl_1036_WLStub.invoke(Unknown Source)
      at weblogic.management.remote.common.RMIConnectionWrapper$16.run(ClientProviderBase.java:918)
      at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
      at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
      at weblogic.security.Security.runAs(Security.java:61)
      at weblogic.management.remote.common.RMIConnectionWrapper.invoke(ClientProviderBase.java:916)
      at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.invoke(RMIConnector.java:993)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)

      javax.management.MBeanException: javax.management.MBeanException: Schema seeding failed, check the server type of the given ldap url.

      • hiddenbrain
        Mar 19th, 2013 at 15:16 | #52

        Lain,
        I am stuck at the same issue. Could you please let me know how did you resolved yours?

        • tushar
          Mar 19th, 2013 at 16:20 | #53

          Please post the full reassociateSecurityStore you are using. The command which Sutee has posted has missing LDAP host name. Due to this it is not able to connect to the policy store.

      • tushar
        Mar 19th, 2013 at 16:21 | #54

        Please post the full reassociateSecurityStore you are using. The command which you have posted has missing LDAP host name. Due to this it is not able to connect to the policy store. Also please note that this command does take more time to complete depending on your server so please wait for it to complete

  23. Jan 22nd, 2013 at 10:06 | #55

    Emad :Any Advice

  24. Jan 22nd, 2013 at 10:06 | #56

    Any Advice

  25. Jan 22nd, 2013 at 10:05 | #57

    Any advice !!!!

  26. Jan 22nd, 2013 at 08:46 | #58

    Hi Admin,

    I follow your step, but when start wls_oam1 for first time i receive this error and wls_oam1 not starting

    [Security:090504]Certificate chain received from ad002aph01 – 127.0.0.1 failed hostname verification check. Certificate contained ad002aph01.adm.local but check expected ad002aph01

    please advice !!
    Emad

    • JL
      Jan 29th, 2013 at 22:06 | #59

      go to your admin server(weblogic), start the wls_oam1 instance, once that’s started, go back to EM and start the wls_oam1 domain. I got the exact error and that’s how I solved it.

  27. Jan 16th, 2013 at 10:46 | #60

    Hi,

    I face error
    SEVERE: Error while configuring User ID Store {1}

    when running
    ./idmConfigTool.sh -configOAM input_file=config_oam1.props

    Please Advice,
    Emad

    • Jan 22nd, 2013 at 09:10 | #61

      after retry passed without any changes !!!!!!!!!!!

      • Jan 22nd, 2013 at 10:07 | #62

        Not Passed same error still found
        Any Advice

    • Kumar
      Mar 20th, 2013 at 15:36 | #63

      Emad, I’m also facing the same problem. Did you get any resolution?

      SEVERE: Error while configuring User ID Store {1}

      Rgds/Kumar

  28. RLA
    Jan 13th, 2013 at 23:38 | #64

    Hi

    I face error :
    /idmConfigTool.sh -prepareIDStore mode=all input_file=idstore.props
    Enter ID Store Bind DN password :
    Config file does not have IDStore WLS Administrator Username

    [oracle@fusion bin]$ more idstore.props
    # Common
    IDSTORE_HOST: fusion
    IDSTORE_PORT: 3060
    IDSTORE_BINDDN: cn=orcladmin
    IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=localdomain
    IDSTORE_SEARCHBASE: dc=localdomain
    IDSTORE_USERNAMEATTRIBUTE: cn
    IDSTORE_LOGINATTRIBUTE: uid
    IDSTORE_USERSEARCHBASE: cn=Users,dc=localdomain
    POLICYSTORE_SHARES_IDSTORE: true

    # OAM
    IDSTORE_OAMADMINUSER:oamadmin
    IDSTORE_OAMSOFTWAREUSER:oamLDAP
    OAM11G_IDSTORE_ROLE_SECURITY_ADMIN:OAMAdministrators

    # OAM and OIM
    IDSTORE_SYSTEMIDBASE: cn=systemids,dc=localdomain

    # OIM
    IDSTORE_OIMADMINGROUP: OIMAdministrators
    IDSTORE_OIMADMINUSER: oimLDAP

    # Required due to bug
    IDSTORE_OAAMADMINUSER : oaamadmin

    # Fusion Applications
    IDSTORE_READONLYUSER: IDROUser
    IDSTORE_READWRITEUSER: IDRWUser
    IDSTORE_SUPERUSER: weblogic_fa

    # Weblogic
    IDSTORE_WLSADMINUSER : weblogic_idm

    Any advice ?

    Thanks for help
    Regis

    • Jan 20th, 2013 at 06:57 | #65

      Hi,

      Remove the empty lines in between, to be like below

      # Common
      IDSTORE_HOST: fusion
      IDSTORE_PORT: 3060
      IDSTORE_BINDDN: cn=orcladmin
      IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=localdomain
      IDSTORE_SEARCHBASE: dc=localdomain
      IDSTORE_USERNAMEATTRIBUTE: cn
      IDSTORE_LOGINATTRIBUTE: uid
      IDSTORE_USERSEARCHBASE: cn=Users,dc=localdomain
      POLICYSTORE_SHARES_IDSTORE: true
      # OAM
      IDSTORE_OAMADMINUSER:oamadmin
      IDSTORE_OAMSOFTWAREUSER:oamLDAP
      OAM11G_IDSTORE_ROLE_SECURITY_ADMIN:OAMAdministrators
      # OAM and OIM
      IDSTORE_SYSTEMIDBASE: cn=systemids,dc=localdomain
      # OIM
      IDSTORE_OIMADMINGROUP: OIMAdministrators
      IDSTORE_OIMADMINUSER: oimLDAP
      # Required due to bug
      IDSTORE_OAAMADMINUSER : oaamadmin
      # Fusion Applications
      IDSTORE_READONLYUSER: IDROUser
      IDSTORE_READWRITEUSER: IDRWUser
      IDSTORE_SUPERUSER: weblogic_fa
      # Weblogic
      IDSTORE_WLSADMINUSER : weblogic_idm

      Thanks,
      Emad

  29. Alex
    Jan 12th, 2013 at 16:19 | #66

    Hi Admin,

    First off thanks for putting the install setup on the internet. It has been a great help. I try to install FusionApps and I get very far but stumble time and time again on the OAM. I tried 3 scenarios on a single server.

    I have downloaded 11.1.5 and installed with your older guide. Only installed patch 13399365, because I didn’t know there were more. With that setup I finished the IAM part and got to the Functional setup step during provisioning, but ran into an error with the oamcfgtool.jar.

    After reading your new blog I decided to install fresh with the patches. Doing that, after install and booting the OAM, the configuration is simply empty. Nothing at all and the Host Identifier is not IAMSuiteAgent but AMSERVER1. Which you can find by default in the oam-config.xml and is delivered with patch 14171065.

    Another approach is to patch the already working system and when I do that, I cannot startup the OAM because of a cluster issue. The proxy for port 5575 will not be able to start. Off course this could be because the bundle patch 13115859 for OAM requires to upgrade the oam-config.xml in the domain to 11.1.5.2. But that doesn’t work because when trying to run patchUpgrade with wlst, it fails with unknown errors.
    Did you apply all patches after installing the software and before configuring the domain?

    Thanks

    • admin
      Jan 12th, 2013 at 20:21 | #67

      Dear Alex,

      Yes as we mentioned, we applied all patches before configuring the domain and it is recommended in Oracle install guide, except the bundle patch which we mentioned in the post requires some post-steps to be done after you configure the domain. I will look into your issue later and will reply if I find any useful details to share.

      • Alex
        Jan 14th, 2013 at 20:57 | #68

        Hi Admin,

        you mention the Oracle install guide. What I found, was the html documents which can be downloaded together with the software. This is very high-level with some screenshots. Is there another, more detailed, install guide for fusion?

  30. Ashok
    Jan 11th, 2013 at 04:17 | #69

    I encountered the following error while re-associating OID security store.

    After I restart WSLT prompt, the command completed without an error.

    —————————————————————————————–
    Command FAILED, Reason: Schema seeding failed, check the server type of the given ldap url.

    Traceback (innermost last):
    File “”, line 1, in ?
    File “/app/fusion/fmw/oracle_common/common/wlst/jpsWlstCmd.py”, line 1167, in reassociateSecurityStore
    File “/app/fusion/fmw/oracle_common/common/wlst/jpsWlstCmd.py”, line 1146, in reassociateSecurityStoreImpl

    javax.management.MBeanException: Schema seeding failed, check the server type of the given ldap url.

    • Jan 11th, 2013 at 13:36 | #70

      me too

    • Jan 13th, 2013 at 07:03 | #71

      Hi Ashok,

      Do you have any solution?

      • Ashok
        Jan 16th, 2013 at 03:31 | #72

        I just closed the shell and relaunched it. It worked fine. I think the error has to do with timeout.

  31. Jan 10th, 2013 at 12:39 | #73

    Hi Admin,

    I face error
    SEVERE: Error while configuring User ID Store {1}

    when running
    ./idmConfigTool.sh -configOAM input_file=config_oam1.props

    Please Advice,
    Emad

    • admin
      Jan 10th, 2013 at 13:00 | #74

      Emad, please post complete output. Also the errors are logged in file named automation.log in same directory

    • Jan 10th, 2013 at 23:25 | #75

      here is automation.log
      Note, you wil will find the error three times because i run the command three times to double check

      ————————

      Jan 10, 2013 2:16:16 PM oracle.idm.automation.util.Util setLogger
      WARNING: Logger initialized in warning mode
      Jan 10, 2013 2:16:41 PM oracle.idm.automation.impl.policystore.handlers.PolicyStoreIntegrationHandler createPolicyReadOnlyUser
      INFO: Policy Store Read Only User has been created
      Jan 10, 2013 2:16:50 PM oracle.idm.automation.impl.policystore.handlers.PolicyStoreIntegrationHandler createPolicyReadWriteUser
      INFO: Policy Store Read Write User has been created
      Jan 10, 2013 2:16:50 PM oracle.idm.automation.impl.policystore.handlers.PolicyStoreIntegrationHandler createPolicyGroups
      INFO: Policy Store Groups have been created
      Jan 10, 2013 2:16:50 PM oracle.idm.automation.impl.policystore.handlers.PolicyStoreIntegrationHandler createPolicyContainer
      INFO: Policy Store Container has been created
      Jan 10, 2013 2:16:51 PM oracle.idm.automation.impl.policystore.handlers.PolicyStoreIntegrationHandler tuningOIDSearchFilters
      WARNING: Error in adding in-memory OID search filters
      Jan 10, 2013 2:16:51 PM oracle.idm.automation.impl.policystore.handlers.PolicyStoreIntegrationHandler performTuning
      INFO: Tuning specific changes have been made
      Jan 10, 2013 2:16:51 PM oracle.idm.automation.impl.policystore.handlers.PolicyStoreIntegrationHandler addSchemaAdminPrivileges
      INFO: Schema Admin Privileges for PolicyStore User have been created
      Jan 10, 2013 2:16:51 PM oracle.idm.automation.impl.policystore.handlers.PolicyStoreIntegrationHandler addUserPrivileges
      INFO: Container Privileges for PolicyStore User have been created
      Jan 10, 2013 2:16:51 PM oracle.idm.automation.impl.policystore.handlers.PolicyStoreIntegrationHandler addConfigModifyPrivileges
      INFO: Configuration modify privilege for policystore user has been added
      Jan 10, 2013 2:16:51 PM oracle.idm.automation.AutomationTool dumpConfig
      INFO: Configuration details have been dumped to the file idmDomainConfig.param
      Jan 10, 2013 2:56:54 PM oracle.idm.automation.util.Util setLogger
      WARNING: Logger initialized in warning mode
      Jan 10, 2013 2:56:59 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler indexAttributes
      WARNING: Error indexing displayName
      Jan 10, 2013 2:57:00 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler indexAttributes
      INFO: Attribute orclImpersonationGranter has been indexed
      Jan 10, 2013 2:57:00 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler indexAttributes
      INFO: Attribute orclImpersonationGrantee has been indexed
      Jan 10, 2013 2:57:00 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler createGroupsForIntegration
      INFO: Privilege Groups have been created
      Jan 10, 2013 2:57:01 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler addACIsForOID
      INFO: Privilege groups ACIs have been created
      Jan 10, 2013 2:57:01 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler createSystemIDContainer
      INFO: System ID Container has been created
      Jan 10, 2013 2:57:01 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler performTuning
      INFO: Tuning specific changes to the IDStore have been made
      Jan 10, 2013 2:57:02 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler extendOIDschema
      INFO: OID schema has been extended
      Jan 10, 2013 2:57:02 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler addPasswordSchema
      INFO: Attribute obpasswordexpirydate has been added to the schema
      Jan 10, 2013 2:57:02 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler addPasswordSchema
      INFO: Objectclass OIMPersonPwdPolicy has been added to the schema
      Jan 10, 2013 2:57:21 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler addOblixSchema
      INFO: Attribute oblix attributes have been added to the schema
      Jan 10, 2013 3:02:04 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler addOblixSchema
      INFO: Objectclass oblix indexes have been added to the schema
      Jan 10, 2013 3:02:04 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler addFAPwdPolicy
      INFO: FA password policy has been created
      Jan 10, 2013 3:02:04 PM oracle.idm.automation.AutomationTool dumpConfig
      INFO: Configuration details have been dumped to the file idmDomainConfig.param
      Jan 10, 2013 3:10:02 PM oracle.idm.automation.util.Util setLogger
      WARNING: Logger initialized in warning mode
      Jan 10, 2013 3:10:17 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler createReadOnlyUser
      INFO: Read Only User has been created
      Jan 10, 2013 3:10:26 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler createReadWriteUser
      INFO: Read Write User has been created
      Jan 10, 2013 3:10:33 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler createSuperUser
      INFO: Super User has been created
      Jan 10, 2013 3:10:33 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler addPwdPolicyToUsers
      INFO: Password policy has been added to read only user
      Jan 10, 2013 3:10:33 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler addPwdPolicyToUsers
      INFO: Password policy has been added to read write user
      Jan 10, 2013 3:10:33 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler addPwdPolicyToUsers
      INFO: Password policy has been added to super user
      Jan 10, 2013 3:10:33 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler addPermissionsToRWUser
      INFO: Permissions have been added to read write user
      Jan 10, 2013 3:10:42 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler createWebLogicAdminUser
      INFO: Weblogic Admin User has been created
      Jan 10, 2013 3:10:42 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler createWebLogicAdminGroup
      INFO: Weblogic Admin Group has been created
      Jan 10, 2013 3:10:52 PM oracle.idm.automation.impl.oam.handlers.OAMPreIntegrationHandler createOblixAnonymousUser
      INFO: Oblix Anonymous User has been created
      Jan 10, 2013 3:11:00 PM oracle.idm.automation.impl.oam.handlers.OAMPreIntegrationHandler createOAMAdminUser
      INFO: OAM Admin User has been created
      Jan 10, 2013 3:11:08 PM oracle.idm.automation.impl.oam.handlers.OAMPreIntegrationHandler createOAMSoftwareUser
      INFO: OAM Software User has been created
      Jan 10, 2013 3:11:08 PM OAMPreIntegrationHandler createOAMAdminGroup
      FINER: ENTRY
      Jan 10, 2013 3:11:08 PM OAMPreIntegrationHandler createOAMAdminGroup
      FINE: Admin Group: adminGroup:OAMAdministrators
      Jan 10, 2013 3:11:08 PM OAMPreIntegrationHandler createOAMAdminGroup
      FINE: Admin Group: file:oid/oim_group_template.ldif
      Jan 10, 2013 3:11:08 PM oracle.idm.automation.impl.oam.handlers.OAMPreIntegrationHandler createOAMAdminGroup
      INFO: OIM Admin group created successfully
      Jan 10, 2013 3:11:08 PM OAMPreIntegrationHandler createOAMAdminGroup
      FINER: RETURN
      Jan 10, 2013 3:11:08 PM OAMPreIntegrationHandler addUsertoOAMAdminGroup
      FINER: ENTRY
      Jan 10, 2013 3:11:08 PM oracle.idm.automation.impl.oam.handlers.OAMPreIntegrationHandler addUsertoOAMAdminGroup
      INFO: OIM Admin User has been added as a member of OIM Admin Group
      Jan 10, 2013 3:11:08 PM OAMPreIntegrationHandler addUsertoOAMAdminGroup
      FINER: RETURN
      Jan 10, 2013 3:11:08 PM OAMPreIntegrationHandler createOAMWritePrivGroup
      FINER: ENTRY
      Jan 10, 2013 3:11:09 PM oracle.idm.automation.impl.oam.handlers.OAMPreIntegrationHandler createOAMWritePrivGroup
      INFO: OAM Write Privilege Group with OAM User as its member has been created
      Jan 10, 2013 3:11:09 PM oracle.idm.automation.impl.oam.handlers.OAMPreIntegrationHandler createOAMConfigStoreContainer
      INFO: OAM Config Store container has been created in the Policy Store
      Jan 10, 2013 3:11:09 PM oracle.idm.automation.impl.oam.handlers.OAMPreIntegrationHandler addSchemaAdminPrivileges
      INFO: Schema Admin Privileges for OAM Software User have been created
      Jan 10, 2013 3:11:09 PM oracle.idm.automation.impl.oam.handlers.OAMPreIntegrationHandler addPwdPolicyToUsers
      INFO: Password policy has been added to OAM Admin user
      Jan 10, 2013 3:11:09 PM oracle.idm.automation.impl.oam.handlers.OAMPreIntegrationHandler addPwdPolicyToUsers
      INFO: Password policy has been added to OAM software user
      Jan 10, 2013 3:11:17 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler createOAAMUser
      INFO: OAAM user has been created
      Jan 10, 2013 3:11:17 PM oracle.idm.automation.impl.oid.handlers.OIDIntegrationHandler createOAAMGroup
      INFO: OAAM groups have been created
      Jan 10, 2013 3:11:25 PM oracle.idm.automation.impl.oim.handlers.OIMPreIntegrationHandler createOIMAdminUser
      INFO: OIM Admin User has been created
      Jan 10, 2013 3:11:25 PM oracle.idm.automation.impl.oim.handlers.OIMPreIntegrationHandler createOIMAdminGroup
      INFO: OIM Admin Group has been created
      Jan 10, 2013 3:11:25 PM oracle.idm.automation.impl.oim.handlers.OIMPreIntegrationHandler addUsertoOIMAdminGroup
      INFO: OIM Admin User has been added as a member of OIM Admin Group
      Jan 10, 2013 3:11:25 PM oracle.idm.automation.impl.oim.handlers.OIMPreIntegrationHandler addACItoAdminGroup
      INFO: OIM Admin Group ACIs have been created
      Jan 10, 2013 3:11:25 PM oracle.idm.automation.impl.oim.handlers.OIMPreIntegrationHandler createReserveContainer
      INFO: Reserve Container has been created
      Jan 10, 2013 3:11:33 PM oracle.idm.automation.impl.oim.handlers.OIMPreIntegrationHandler createXelSysAdminUser
      INFO: Xel Sys Admin User has been created
      Jan 10, 2013 3:11:33 PM oracle.idm.automation.AutomationTool dumpConfig
      INFO: Configuration details have been dumped to the file idmDomainConfig.param
      Jan 10, 2013 3:27:02 PM oracle.idm.automation.util.Util setLogger
      WARNING: Logger initialized in warning mode
      Jan 10, 2013 3:27:07 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler execute
      FINER: ENTRY
      Jan 10, 2013 3:27:23 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
      FINER: ENTRY
      Jan 10, 2013 3:27:23 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Creating mbean connection
      Jan 10, 2013 3:27:26 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Created mbean connection
      Jan 10, 2013 3:27:26 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: ENTRY
      Jan 10, 2013 3:27:26 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamWLST,type=oam.wlst,Application=oam_admin,ApplicationVersion=11.1.1.3.0
      Jan 10, 2013 3:27:26 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Invoking mbean
      Jan 10, 2013 3:27:29 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMIntegration
      FINER: mbean invocation success.
      Jan 10, 2013 3:27:29 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration()
      FINER: RETURN
      Jan 10, 2013 3:27:29 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: ENTRY
      Jan 10, 2013 3:27:29 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: Creating mbean connection
      Jan 10, 2013 3:27:29 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: Created mbean connection
      Jan 10, 2013 3:27:29 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: ENTRY
      Jan 10, 2013 3:27:29 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamWLST,type=oam.wlst,Application=oam_admin,ApplicationVersion=11.1.1.3.0
      Jan 10, 2013 3:27:29 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: Invoking mbean
      Jan 10, 2013 3:27:32 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: RETURN
      Jan 10, 2013 3:27:32 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
      FINER: ENTRY
      Jan 10, 2013 3:27:32 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Creating mbean connection
      Jan 10, 2013 3:27:32 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Created mbean connection
      Jan 10, 2013 3:27:32 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: ENTRY
      Jan 10, 2013 3:27:32 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamManagement,type=oam.management,Application=oam_admin,ApplicationVersion=11.1.1.3.0
      Jan 10, 2013 3:27:32 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Invoking mbean
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMPartner
      SEVERE: Error while configuring User ID Store {1}
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMIntegration
      FINER: mbean invocation success.
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration()
      FINER: RETURN
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: ENTRY
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: Creating mbean connection
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: Created mbean connection
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: Invoking mbean method: applyStringProperty
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: mbean invocation success.
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule()
      FINER: RETURN
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler createDumpParams
      FINE: OAM11gIntegrationHandler : createDumpParams()
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler execute
      FINER: RETURN
      Jan 10, 2013 3:27:35 PM oracle.idm.automation.AutomationTool dumpConfig
      INFO: Configuration details have been dumped to the file idmDomainConfig.param
      Jan 10, 2013 3:30:14 PM oracle.idm.automation.util.Util setLogger
      WARNING: Logger initialized in warning mode
      Jan 10, 2013 3:30:20 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler execute
      FINER: ENTRY
      Jan 10, 2013 3:30:36 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
      FINER: ENTRY
      Jan 10, 2013 3:30:37 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Creating mbean connection
      Jan 10, 2013 3:30:38 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Created mbean connection
      Jan 10, 2013 3:30:38 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: ENTRY
      Jan 10, 2013 3:30:38 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamWLST,type=oam.wlst,Application=oam_admin,ApplicationVersion=11.1.1.3.0
      Jan 10, 2013 3:30:38 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Invoking mbean
      Jan 10, 2013 3:30:40 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMIntegration
      FINER: mbean invocation success.
      Jan 10, 2013 3:30:40 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration()
      FINER: RETURN
      Jan 10, 2013 3:30:40 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: ENTRY
      Jan 10, 2013 3:30:40 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: Creating mbean connection
      Jan 10, 2013 3:30:40 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: Created mbean connection
      Jan 10, 2013 3:30:40 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: ENTRY
      Jan 10, 2013 3:30:40 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamWLST,type=oam.wlst,Application=oam_admin,ApplicationVersion=11.1.1.3.0
      Jan 10, 2013 3:30:40 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: Invoking mbean
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: RETURN
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
      FINER: ENTRY
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Creating mbean connection
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Created mbean connection
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: ENTRY
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamManagement,type=oam.management,Application=oam_admin,ApplicationVersion=11.1.1.3.0
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Invoking mbean
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMPartner
      SEVERE: Error while configuring User ID Store {1}
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMIntegration
      FINER: mbean invocation success.
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration()
      FINER: RETURN
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: ENTRY
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: Creating mbean connection
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: Created mbean connection
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: Invoking mbean method: applyStringProperty
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: mbean invocation success.
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule()
      FINER: RETURN
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler createDumpParams
      FINE: OAM11gIntegrationHandler : createDumpParams()
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler execute
      FINER: RETURN
      Jan 10, 2013 3:30:42 PM oracle.idm.automation.AutomationTool dumpConfig
      INFO: Configuration details have been dumped to the file idmDomainConfig.param
      Jan 10, 2013 4:36:42 PM oracle.idm.automation.util.Util setLogger
      WARNING: Logger initialized in warning mode
      Jan 10, 2013 4:36:47 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler execute
      FINER: ENTRY
      Jan 10, 2013 4:37:04 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
      FINER: ENTRY
      Jan 10, 2013 4:37:04 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Creating mbean connection
      Jan 10, 2013 4:37:05 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Created mbean connection
      Jan 10, 2013 4:37:05 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: ENTRY
      Jan 10, 2013 4:37:05 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamWLST,type=oam.wlst,Application=oam_admin,ApplicationVersion=11.1.1.3.0
      Jan 10, 2013 4:37:05 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Invoking mbean
      Jan 10, 2013 4:37:06 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMIntegration
      FINER: mbean invocation success.
      Jan 10, 2013 4:37:06 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration()
      FINER: RETURN
      Jan 10, 2013 4:37:06 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: ENTRY
      Jan 10, 2013 4:37:06 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: Creating mbean connection
      Jan 10, 2013 4:37:07 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: Created mbean connection
      Jan 10, 2013 4:37:07 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: ENTRY
      Jan 10, 2013 4:37:07 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamWLST,type=oam.wlst,Application=oam_admin,ApplicationVersion=11.1.1.3.0
      Jan 10, 2013 4:37:07 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: Invoking mbean
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gFAProperties
      FINER: RETURN
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
      FINER: ENTRY
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Creating mbean connection
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Created mbean connection
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: ENTRY
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gUtil getFoundationConfigMBean
      FINER: RETURN com.oracle.oam:Location=AdminServer,name=OamManagement,type=oam.management,Application=oam_admin,ApplicationVersion=11.1.1.3.0
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration
      FINER: Invoking mbean
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMPartner
      SEVERE: Error while configuring User ID Store {1}
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAMIntegration
      FINER: mbean invocation success.
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOIMIntegration()
      FINER: RETURN
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: ENTRY
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: Creating mbean connection
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: Created mbean connection
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: Invoking mbean method: applyStringProperty
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule
      FINER: mbean invocation success.
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gDAPModule()
      FINER: RETURN
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler createDumpParams
      FINE: OAM11gIntegrationHandler : createDumpParams()
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler execute
      FINER: RETURN
      Jan 10, 2013 4:37:09 PM oracle.idm.automation.AutomationTool dumpConfig
      INFO: Configuration details have been dumped to the file idmDomainConfig.param

      ————————

  32. Ashok
    Jan 6th, 2013 at 05:33 | #76

    @admin,

    ‘Configure Components’ step is missing during web tier configuration.
    – uncheck ‘Oracle Web Cache’
    – uncheck ‘Associate Select Components with Weblogic Domain’

    Also, if you have the response files that were generated at the end of configuration that would be helpful as well.

    Thanks

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>