Ora Training Blog

Previous: Configure Oracle Identity and Access Management components 

Update Existing LDAP Users with Required Object Classes

Create a property file user.props as follows

[fusion@fmwhost bin]$ export ORACLE_HOME=/app/fusion/fmw/iam

[fusion@fmwhost bin]$ export IDM_HOME=/app/fusion/fmw/idm

[fusion@fmwhost bin]$ export MW_HOME=/app/fusion/fmw

[fusion@fmwhost bin]$ export JAVA_HOME=/app/fusion/jdk6

[fusion@fmwhost bin]$ cd /app/fusion/fmw/iam/idmtools/bin/

[fusion@fmwhost bin]$ more user.props

IDSTORE_HOST: fmwhost.paramlabs.com

IDSTORE_PORT: 3060

IDSTORE_ADMIN_USER: cn=orcladmin

IDSTORE_DIRECTORYTYPE: OID

IDSTORE_USERSEARCHBASE: cn=Users,dc=paramlabs,dc=com

IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=paramlabs,dc=com

PASSWORD_EXPIRY_PERIOD: 7300

IDSTORE_LOGINATTRIBUTE: uid

Run the following command

[fusion@fmwhost bin]$ ./idmConfigTool.sh -upgradeLDAPUsersForSSO input_file=user.props

Enter LDAP admin user password :

Finished parsing LDAP

LDAP Users Upgraded.

Integrate Oracle Access Manager 11g with Oracle Identity Manager 11g

Create a property file as follows.

[fusion@fmwhost bin]$ more oimitg.props

LOGINURI: /${app.context}/adfAuthentication

LOGOUTURI: /oamsso/logout.html

AUTOLOGINURI: None

ACCESS_SERVER_HOST: fmwhost.paramlabs.com

ACCESS_SERVER_PORT: 5575

ACCESS_GATE_ID: Webgate_IDM

COOKIE_DOMAIN: .paramlabs.com

COOKIE_EXPIRY_INTERVAL: 120

OAM_TRANSFER_MODE: open

WEBGATE_TYPE: ohsWebgate11g

SSO_ENABLED_FLAG: true

IDSTORE_PORT: 3060

IDSTORE_HOST: fmwhost.paramlabs.com

IDSTORE_DIRECTORYTYPE: OID

IDSTORE_ADMIN_USER: cn=oamLDAP,cn=Users,dc=paramlabs,dc=com

IDSTORE_USERSEARCHBASE: cn=Users,dc=paramlabs,dc=com

IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=paramlabs,dc=com

MDS_DB_URL: jdbc:oracle:thin:@fdbhost.paramlabs.com:1521:fusiondb

MDS_DB_SCHEMA_USERNAME: fa_mds

WLSHOST: fmwhost.paramlabs.com

WLSPORT: 7001

WLSADMIN: weblogic

DOMAIN_NAME: IDMDomain

OIM_MANAGED_SERVER_NAME: WLS_OIM1

DOMAIN_LOCATION: /app/fusion/config/domains/IDMDomain

IDSTORE_LOGINATTRIBUTE: uid

Run the following command.

[fusion@fmwhost bin]$ ./idmConfigTool.sh -configOIM input_file=oimitg.props

Enter sso access gate password :

Enter mds db schema password :

Enter idstore admin password :

Enter admin server user password :

…

The tool has completed its operation. Details have been logged to automation.log

Check for errors in the log file.

[fusion@fmwhost bin]$ grep -i error automation.log

Assigning Groups and Roles

Assigning WLSAdmins Group to WebLogic Administration Groups

1. Log in to the WebLogic Administration Server Console.

2. In the left pane of the console, click Security Realms.

3. On the Summary of Security Realms page, click myrealm under the Realms table.

4. On the Settings page for myrealm, click the Roles & Policies tab.

5. On the Realm Roles page, expand the Global Roles entry under the Roles table. This brings up the entry for Roles. Click the Roles link to go to the Global Roles page.

6. On the Global Roles page, click the Admin role to go to the Edit Global Role page:

a. On the Edit Global Roles page, under the Role Conditions table, click the Add Conditions button.

b. On the Choose a Predicate page, select Group from the drop down list for predicates and click Next.

c. On the Edit Arguments Page, Specify IDM Administrators in the Group Argument field and click Add.

7. Click Finish to return to the Edit Global Rule page.

8. The Role Conditions table now shows the IDM Administrators Group as an entry.

9. Click Save to finish adding the Admin role to the IDM Administrators Group.

10. Validate that the changes were successful by bringing up the WebLogic Administration Server Console using a web browser. Log in using the credentials for the weblogic_idm user.

Validate that the changes were successful by bringing up the WebLogic Administration Server Console using a web browser. Log in using the credentials for the weblogic_idm user.

Perform Bug 13824816 Workaround

1. Since you are already on the Global Roles page, click the Admin role to go to the Edit Global Role page:

2. On the Edit Global Roles page, under the Role Conditions table, click Add Conditions.

3. On the Choose a Predicate page, select Group from the predicates list and click Next.

4. On the Edit Arguments Page, specify OAMAdministrators in the Group Argument field and click Add.

5. Click Finish to return to the Edit Global Rule page. The Role Conditions table now shows the OAMAdministrators Group as an entry.

6. Click Save to finish adding the Admin role to the OAMAdministrators Group.

Updating the boot.properties File

Update the boot.properties file for the Administration Server and the managed servers with the WebLogic admin user (weblogic_id) created in Oracle Internet Directory.

[fusion@fmwhost security]$ cd /app/fusion/config/domains/IDMDomain/servers/AdminServer/security

[fusion@fmwhost security]$ cp -pr boot.properties boot.properties_preOAM

[fusion@fmwhost security]$ more boot.properties

username=weblogic_idm

password=Param123

[fusion@fmwhost security]$ cp -pr boot.properties ../../WLS_OAM1/security/

[fusion@fmwhost security]$ cp -pr boot.properties ../../WLS_OIM1/security/

[fusion@fmwhost security]$ cp -pr boot.properties ../../WLS_SOA1/security/

[fusion@fmwhost security]$ cp -pr boot.properties ../../wls_ods1/security/

Restart all services manually to encrypt the file

[fusion@fmwhost bin]$ nohup ./startWebLogic.sh &

[fusion@fmwhost bin]$ nohup ./startManagedWebLogic.sh wls_ods1 &

[fusion@fmwhost bin]$ nohup ./startManagedWebLogic.sh WLS_OAM1 &

[fusion@fmwhost bin]$ nohup ./startManagedWebLogic.sh WLS_OIM1 &

[fusion@fmwhost bin]$ nohup ./startManagedWebLogic.sh WLS_SOA1 &

Install Webgate

Versions of GCC Third-Party Libraries for Linux and Solaris

Verifying the GCC Libraries Version on Linux and Solaris Operating Systems

Make sure we have the required libraries for Webgate installation. If you have installed Oracle Linux then you should have them.

Perform the following checks to verify the version of GCC libraries:

On the Linux32 on i386 platform:

Run the following commands and ensure that their output is always greater than 0:

strings -a libgcc_s.so.1 | grep -c “GCC_3.0″

strings -a libgcc_s.so.1 | grep -v “GCC_3.3.1″ | grep -c “GCC_3.3″

file libgcc_s.so.1 | grep “32-bit” | grep -c “80386″

file libstdc++.so.5 | grep “32-bit” | grep -c “80386″

On the Linux 64 on x86-64 platform:

Run the following commands and ensure that their output is always greater than 0:

strings -a libgcc_s.so.1 | grep -c “GCC_3.0″

strings -a libgcc_s.so.1 | grep -v “GCC_3.3.1″ | grep -c “GCC_3.3″

strings -a libgcc_s.so.1 | grep -c “GCC_4.2.0″

file libgcc_s.so.1 | grep “64-bit” | grep -c “x86-64″

file -L libstdc++.so.6 | grep “64-bit” | grep -c “x86-64″

On the Solaris 64 on SPARC platform:

Run the following commands and ensure that their output is always greater than 0:

strings -a libgcc_s.so.1 | grep -c “GCC_3.0″

strings -a libgcc_s.so.1 | grep -v “GCC_3.3.1″ | grep -c “GCC_3.3″

file libgcc_s.so.1 | grep “64-bit” | grep -c “SPARC”

file libstdc++.so.5 | grep “64-bit” | grep -c “SPARC”

Since we have Oracle Linux x86-64 platform, let us verify the same.

[fusion@fmwhost Disk1]$ strings -a /lib64/libgcc_s.so.1 | grep -v “GCC_3.3.1” | grep -c “GCC_3.3”

1

[fusion@fmwhost Disk1]$ strings -a /lib64/libgcc_s.so.1 | grep -c “GCC_3.0”

1

[fusion@fmwhost Disk1]$ strings -a /lib64/libgcc_s.so.1 | grep -v “GCC_3.3.1” | grep -c “GCC_3.3”

1

[fusion@fmwhost Disk1]$ strings -a /lib64/libgcc_s.so.1 | grep -c “GCC_4.2.0”

1

[fusion@fmwhost Disk1]$ file -L /lib64/libgcc_s.so.1 | grep “64-bit” | grep -c “x86-64”

1

[fusion@fmwhost Disk1]$ file -L /usr/lib64/libstdc++.so.6 | grep “64-bit” | grep -c “x86-64”

1

This all looks good so we don’t need to download any additional files.

Start webgate installation

We need to have the required libraries in a dedicated directory before we install webgate.

[fusion@fmwhost Disk1]$ mkdir /app/fusion/oam_lib

[fusion@fmwhost Disk1]$ cp -p /lib64/libgcc_s.so.1 /app/fusion/oam_lib/

[fusion@fmwhost Disk1]$ cp -p /usr/lib64/libstdc++.so.6 /app/fusion/oam_lib/

[fusion@fmwhost Disk1]$ ls -ltr /app/fusion/oam_lib/

total 1024

-rwxr-xr-x 1 fusion dba 976312 Sep 26 05:09 libstdc++.so.6.0.8

-rwxr-xr-x 1 fusion dba 58400 Sep 26 05:09 libgcc_s-4.1.2-20080825.so.1

lrwxrwxrwx 1 fusion dba 28 Mar 7 00:03 libgcc_s.so.1 -> libgcc_s-4.1.2-20080825.so.1

lrwxrwxrwx 1 fusion dba 18 Mar 7 00:03 libstdc++.so.6 -> libstdc++.so.6.0.8

Start webgate installation from <Repository_location>/webgate/Disk1

[fusion@fmwhost ~]$ cd /mnt/hgfs/setup/installers/webgate/Disk1/

[fusion@fmwhost Disk1]$ ./runInstaller

…

Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist :/app/fusion/jdk6

Click Next

Once prerequisites check completes, click Next

Middleware Home: /app/fusion/fmw

Home Directory: webgate

Click Next

GCC Library Location: /app/fusion/oam_lib and click Next

Review the summary and click Install

Once installation completes, click Next

Review the summary and click Finish

Deploy WebGate to Oracle HTTP

Make a backup of httpd.conf for safety.

[fusion@fmwhost ~]$ cp -pr /app/fusion/config/instances/web1/config/OHS/web1/httpd.conf /app/fusion/config/instances/web1/config/OHS/web1/httpd.conf_preWebgate

 

1. Execute the command deployWebGate which is located in:

WEBGATE_ORACLE_HOME/webgate/ohs/tools/deployWebGate

The command takes the following arguments:

Oracle HTTP Instance configuration Directory

WebGate Home Directory

[fusion@fmwhost deployWebGate]$ ./deployWebGateInstance.sh -w /app/fusion/config/instances/web1/config/OHS/web1 -oh /app/fusion/fmw/webgate

Copying files from WebGate Oracle Home to WebGate Instancedir

 

2. Set the library path to include the WEB_ORACLE_HOME/lib directory

 

[fusion@fmwhost deployWebGate]$ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/fusion/fmw/web/lib

Change directory to: WEBGATE_ORACLE_HOME/webgate/ohs/tools/setup/InstallTools

 

[fusion@fmwhost deployWebGate]$ cd /app/fusion/fmw/webgate/webgate/ohs/tools/setup/InstallTools/

 

3. Run the following command to copy the file apache_webgate.template from the WebGate home directory to the WebGate instance location (renamed to webgate.conf) and update the httpd.conf file to add one line to include the name of webgate.conf

 

[fusion@fmwhost InstallTools]$ ./EditHttpConf -w /app/fusion/config/instances/web1/config/OHS/web1 -oh /app/fusion/fmw/webgate

The web server configuration file was successfully updated

/app/fusion/config/instances/web1/config/OHS/web1/httpd.conf has been backed up as /app/fusion/config/instances/web1/config/OHS/web1/httpd.conf.ORIG

Note: If you get error like “Error: You are not authorized to configure this web server” then you need to check the Group value in /app/fusion/admin/ohs_inst1/config/OHS/ohs1/httpd.conf

It should be dba or oinstall based on the default group of the fusion user.

[fusion@fmwhost web1]$ ls -ltr /app/fusion/config/instances/web1/config/OHS/web1/webgate/config/

total 20

drwxr-xr-x 2 fusion dba 4096 Mar 7 00:08 simple

-rwxr-x— 1 fusion dba 14337 Mar 7 00:08 oblog_config_wg.xml

[fusion@fmwhost web1]$ ls -ltr /app/fusion/config/domains/IDMDomain/output/Webgate_IDM_11g/

total 8

-rw-r—– 1 fusion dba 2967 Mar 6 01:23 ObAccessClient.xml

-rw——- 1 fusion dba 3141 Mar 6 01:23 cwallet.sso

4. Copy the files ObAccessClient.xml, cwallet.sso, and password.xml, which were generated when you created the agent from the directory ASERVER_HOME/output/Agent Name on IDMHOST1, to the directory ORACLE_INSTANCE/config/OHS/component/webgate/config

[fusion@fmwhost web1]$ cp -pr /app/fusion/config/domains/IDMDomain/output/Webgate_IDM_11g/* /app/fusion/config/instances/web1/config/OHS/web1/webgate/config/

[fusion@fmwhost web1]$ ls -ltr /app/fusion/config/instances/web1/config/OHS/web1/webgate/config/

total 32

-rw——- 1 fusion dba 3141 Mar 6 01:23 cwallet.sso

drwxr-xr-x 2 fusion dba 4096 Mar 7 00:08 simple

-rwxr-x— 1 fusion dba 14337 Mar 7 00:08 oblog_config_wg.xml

-rw-r—– 1 fusion dba 0 Mar 7 01:07 ObAccessClient.xml.lck

-rw-r—– 1 fusion dba 0 Mar 7 01:07 polltracking.lck

-rw-r—– 1 fusion dba 4774 Mar 7 01:07 ObAccessClient.xml

 

Restart web service

 

[fusion@fmwhost web1]$ /app/fusion/config/instances/web1/bin/opmnctl stopall

opmnctl stopall: stopping opmn and all managed processes…

[fusion@fmwhost web1]$ /app/fusion/config/instances/web1/bin/opmnctl startall

opmnctl startall: starting opmn and all managed processes…

Now launch http:<hostname>:7777/console and this should redirect to OAM login page.

Once logged in, it should redirect back to Weblogic Console home page.

Now SSO Logout function will also work.

Patch Webgate

We had skipped webgate patch in earlier steps of patching since webgate was not yet installed. Let us apply the patch now.

Go to <repository location>/installers/webate/patch

[fusion@fmwhost patch]$ export ORACLE_HOME=/app/fusion/fmw/webgate

[fusion@fmwhost patch]$ $ORACLE_HOME/OPatch/opatch napply

[fusion@fmwhost patch]$ export JAVA_HOME=/app/fusion/jdk6

[fusion@fmwhost patch]$ export WL_HOME=/app/fusion/fmw/wlserver_10.3

[fusion@fmwhost patch]$ $ORACLE_HOME/OPatch/opatch napply

Do you want to proceed? [y|n]

y

…

Please shutdown Oracle instances running out of this ORACLE_HOME on the local system.

(Oracle Home = ‘/app/fusion/fmw/webgate’)

Is the local system ready for patching? [y|n]

y

…

Patching component oracle.as.oam.webgate.ohs, 11.1.1.5.0…

Copying file to “/app/fusion/fmw/webgate/webgate/ohs/tools/t2p/oam-webgate-t2p.jar”

Copying file to “/app/fusion/fmw/webgate/webgate/ohs/config/np1111_wg.txt”

Copying file to “/app/fusion/fmw/webgate/webgate/ohs/lib/webgate.so”

Copying file to “/app/fusion/fmw/webgate/webgate/ohs/lib/libxmlengine.so”

Copying file to “/app/fusion/fmw/webgate/webgate/ohs/tools/setup/InstallTools/EditHttpConf”

Copying file to “/app/fusion/fmw/webgate/webgate/ohs/tools/deployWebGate/deployWebGateInstance.sh”

…

The local system has been patched and can be restarted.

UtilSession: N-Apply done.

OPatch succeeded.

Restart all services and reconfirm that everything comes up successfully. The EM should look as follows.

Next: Create new Response File

Installing Oracle Fusion Applications – steps

1. Install Fusion Applications Provisioning Framework
2. Install Oracle 11g Database (Applications Transactional Database)
3. Run Oracle Fusion Applications Repository Creation Utility (Applications RCU)
4. Create another database for Oracle Identity Management Infrastructure (optional)
   
5. Run Repository Creation Utility (RCU) for Oracle Identity Management components
   
6. Install Oracle Identity and Access Management Components
7. Apply mandatory Patches
8. Configure Oracle Identity and Access Management components
   
9. Integrate Oracle Identity Manager (OIM) and Oracle Access Manager (OAM)
10. Install provisioning framework on Node 2
11. Create new Response File
12. Provision an Applications Environment (Editing in progress, this link currently points to 11.1.5 counterpart)

Previous: Install Fusion Applications Provisioning Framework

Fusion Applications 11.1.6 ships with Oracle 11g (11.2.0.3.0) database. You can either install it separately (if you want to install RAC database) or use Fusion provisioning Wizard to create one.

To install Applications Transactional Database we need to run Oracle Fusion Applications Provisioning Wizard from <framework_location>/provisioning/bin

<framework_location> is same where we installed the framework in previous post. i.e. /app/fusion

[fusion@fmwhost Disk1]$ cd /app/fusion/provisioning/bin/

We need to temporarily set JAVA_HOME to jdk6 directory shipped with the installation media

[fusion@fmwhost bin]$ export JAVA_HOME=/mnt/hgfs/setup/jdk6

[fusion@fmwhost bin]$ ./provisioningWizard.sh – ignoreSysPrereqs true &

Please use “ignoreSysPrereqs true” flag since you might need to skip some memory prerequisite warnings if required.

 

Click Next

 

Select “Install an Applications Transactional Database” option. Click Next

 

Deselect the checkbox if you wish and click Next

Click Yes

 

Enter values as mentioned here and click Next.

Port: 1521 (we have kept it default, you can change it)

Installers directory location: /mnt/hgfs/stage (directory where we created the stage)

Oracle Base: /app/fusion/database

Software Location: Will be populated automatically

OSDBA group: dba

Global Database Name: fusiondb (you can keep any name you want)

Password: Oracle123 (We have used Oracle123 for any passwords during the installation since it satisfies all requirements during this installation. You can keep any complex password you want)

 

Once prerequisites check is successful, click Next. Save summary if required

 

Save summary if required.

 

Once Installation completes (20% progress), it will prompt as follows.

Open another window and run the following script.

root@fmwhost # /app/fusion/database/product/11.2.0/dbhome_1/root.sh

Check /app/fusion/database/product/11.2.0/dbhome_1/install/root_fmwhost.paramlabs.com_2013-02-28_17-06-18.log for the output of root script

[root@fmwhost ~]# tail -f /app/fusion/database/product/11.2.0/dbhome_1/install/root_fmwhost.paramlabs.com_2013-02-28_17-06-18.log

The following environment variables are set as:

ORACLE_OWNER= fusion

ORACLE_HOME= /app/fusion/database/product/11.2.0/dbhome_1

 

Creating /etc/oratab file…

Entries will be added to the /etc/oratab file as needed by

Database Configuration Assistant when a database is created

Finished running generic part of root script.

Now product-specific root actions will be performed.

Finished product-specific root actions.

 

Click OK

 

Once installation till validation is complete, click Next. If you get minimum memory related warning, you can ignore here, provided you have used “ignoreSysPrereqs true” flag

 

Click Close to complete the installation.

Reduce memory size of database

We will reduce the size of SGA and PGA to avoid getting out of memory in server since fusion requires too much memory.

Important Note: We are reducing the SGA and PGA (from 10GB to 2GB). We are doing this since we are running on lesser RAM than required. This is not recommended for production installation but since this is only a demo/development installation, you can safely do this. If you wish to keep it 10GB you can do it but this will increase the swap usage exponentially.

Since we are reducing the size of SGA and PGA, next step (RCU) may fail in pre-requisite check. So we will need to change the pre-req check xml file to look for lower value. We will explain this in next post.

[fusion@fmwhost bin]$ export ORACLE_HOME=/app/fusion/database/product/11.2.0/dbhome_1

[fusion@fmwhost bin]$ export ORACLE_SID=fusiondb

[fusion@fmwhost bin]$ export PATH=$PATH:$PATH:$ORACLE_HOME/bin

[fusion@fmwhost bin]$ sqlplus / as sysdba

SQL> create pfile from spfile;

File created.

SQL> shut immediate;

[fusion@fmwhost bin]$ more /app/fusion/database/product/11.2.0/dbhome_1/dbs/initfusiondb.ora

#fusiondb.__db_cache_size=7516192768

#fusiondb.__java_pool_size=33554432

#fusiondb.__large_pool_size=33554432

fusiondb.__oracle_base=’/app/fusion/database’#ORACLE_BASE set from environment

#fusiondb.__pga_aggregate_target=4294967296

#fusiondb.__sga_target=9663676416

#fusiondb.__shared_io_pool_size=536870912

#fusiondb.__shared_pool_size=1442840576

#fusiondb.__streams_pool_size=33554432

#*.pga_aggregate_target=4294967296

#*.sga_target=9663676416

*.memory_target=2147483648

-bash-3.2$ sqlplus / as sysdba

Connected to an idle instance.

SQL> create spfile from pfile;

File created.

SQL> startup

ORACLE instance started.

Total System Global Area 2138521600 bytes

Fixed Size 2161024 bytes

Variable Size 1795163776 bytes

Database Buffers 335544320 bytes

Redo Buffers 5652480 bytes

Database mounted.

Database opened.

 

Next: Run Oracle Fusion Applications Repository Creation Utility (Applications RCU)

Installing Oracle Fusion Applications – steps

1. Install Fusion Applications Provisioning Framework
2. Install Oracle 11g Database (Applications Transactional Database)
3. Run Oracle Fusion Applications Repository Creation Utility (Applications RCU)
4. Create another database for Oracle Identity Management Infrastructure (optional)
   
5. Run Repository Creation Utility (RCU) for Oracle Identity Management components
   
6. Install Oracle Identity and Access Management Components
7. Apply mandatory Patches
8. Configure Oracle Identity and Access Management components
   
9. Integrate Oracle Identity Manager (OIM) and Oracle Access Manager (OAM)
10. Install provisioning framework on Node 2
11. Create new Response File
12. Provision an Applications Environment (Editing in progress, this link currently points to 11.1.5 counterpart)

Prerequisites (Linux only)

Make sure that the host name is correctly set. I our case it is fmwhost.paramlabs.com

[root@rfmwhost~]# hostname

fmwhost.paramlabs.com

If not correct, set it using following command.

[root@ rfmwhost ~]# hostname fmwhost.paramlabs.com

[root@fmwhost ~]# more /etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=yes

HOSTNAME=fmwhost.paramlabs.com

If not correct, modify the value here to correct hostname.

If you changed hostname or IP address, please make sure to update in all following files if not automatically updated.

[root@fmwhost ~]# more /etc/sysconfig/network-scripts/ifcfg-eth0

[root@fmwhost ~]# more /etc/sysconfig/networking/devices/ifcfg-eth0

[root@fmwhost ~]# more /etc/sysconfig/networking/profiles/default/ifcfg-eth0

Restart the machine if you changed the hostname or IP to make sure it remains persistent.

Make sure to have following entries in hosts file.

[root@fmwhost ~]# more /etc/hosts

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1 localhost.localdomain localhost

#::1 localhost6.localdomain6 localhost6

192.168.112.111 fmwhost.paramlabs.com fmwhost

192.168.112.111 fdbhost.paramlabs.com fdbhost

Important Note: If you noticed, we have made 2 entries here for same IP. The reason being, in case if you want to keep DB on different server or move it to different server later, we can easily do it since our all configuration will use different DB host name.

If you are not using DNS resolution then comment out following entries in /etc/resolve.conf to speed up name resolution directly through hosts file.

[root@r12host ~]# more /etc/resolv.conf

#search paramlabs.com

If you have not already created the user fusion, please create as follows.

[root@fmwhost ~]# useradd -g dba -G oinstall fusion

[root@fmwhost ~]# passwd fusion

Changing password for user fusion.

New UNIX password:

Retype new UNIX password:

passwd: all authentication tokens updated successfully.

Change the system file /etc/security/limits.conf as follows.

[root@fmwhost ~]# cp -pr /etc/security/limits.conf /etc/security/limits.conf.bak

[root@fmwhost ~]# vi /etc/security/limits.conf

Edit the values as follows.

[root@fmwhost ~]# tail -3 /etc/security/limits.conf

# Fusion Applications specific changes

fusion soft nofile 327679

fusion hard nofile 327679

Also make sure UsePAM is set to Yes in /etc/ssh/sshd_config file

[root@fmwhost ~]# vi /etc/ssh/sshd_config

Edit /proc/sys/fs/file-max and set it to 6553600. No need for any changes if set to this or more.

The change becomes effective immediately but does not persist after a reboot. To make the change permanent edit /etc/sysctl.conf and set fs.file-max = 6553600

[root@fmwhost ~]# ulimit -u

24064

This should be 16384 or more

Make sure tmpfs size is more than the size you want to keep for the database SGA and PGA. In our case we are going to reduce DB memory to only 2GB since this is demo installation on VM, hence changing tmpfs to 3GB or more

[root@fmwhost ~]# cp -pr /etc/fstab /etc/fstab.bak

[root@fmwhost ~]# vi /etc/fstab

Change values as follows (only if it is less this 3G)

[root@fmwhost ~]# grep tmpfs /etc/fstab

tmpfs /dev/shm tmpfs size=3G 0 0

Restart machine

Note: If this size is less than memory_target then you will get error

ORA-00845: MEMORY_TARGET not supported on this system

Make sure that ip_local_port_range value is 32768 to 61000

First checking existing value.

[root@fmwhost ~]# cat /proc/sys/net/ipv4/ip_local_port_range

9000 65500

Now let’s change as per the requirement.

[root@fmwhost ~]# echo “32768 61000” > /proc/sys/net/ipv4/ip_local_port_range

[root@fmwhost ~]# cat /proc/sys/net/ipv4/ip_local_port_range

32768 61000

To make this change persistent across reboots, change value in /etc/sysctl.conf

[root@fmwhost ~]# cp -p /etc/sysctl.conf /etc/sysctl.conf.bak

[root@fmwhost ~]# vi /etc/sysctl.conf

Edit the values as follows.

[root@fmwhost ~]# grep 61000 /etc/sysctl.conf

net.ipv4.ip_local_port_range = 32768 61000

Before you install the Oracle Database using the Provisioning Wizard, ensure that the value of the kernel parameter shmmax on the database host is greater than the value of the System Global Area (SGA) Memory.

The value of SGA Memory (sga_target) is 9 GB in the default Database Configuration Assistant (DBCA) template for the Starter database. If you are running DBCA using the production DBCA template packaged with Oracle Fusion Applications Provisioning, the value of the SGA Memory is 18 GB. Ensure that shmmax > (shmall * shmmni) > SGA Memory, where shmmax, shmall, shmmni are kernel parameters.

For example, to retrieve the values of these kernel parameters on Linux, use the following command:

[root@fmwhost ~]# /sbin/sysctl -a | grep shm

kernel.shmmax = 4398046511104

kernel.shmall = 1073741824

kernel.shmmni = 4096

vm.hugetlb_shm_group = 0

To set the value of a kernel parameter:

user@host> /sbin/sysctl -w sys.kernel.shmmax=value

If you are using VMWare or virtualbox, you can share the installation stage folder to the VM using shared folders option.

[fusion@fmwhost ~]$ cd /mnt/hgfs/setup/installers/faprov/Disk1/

[fusion@fmwhost Disk1]$ ./runInstaller

(make sure NOT TO use “&” since this will prompt for java directory if java home is not set)

Starting Oracle Universal Installer…

…

Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist :/mnt/hgfs/setup/jdk6

…

If this is the first Oracle software on this machine using this user, it will prompt for inventory directory location.

Once prompted, run the following script as root.

[root@fmwhost ~]# /home/fusion/oraInventory/createCentralInventory.sh

Setting the inventory to /home/fusion/oraInventory

Setting the group name to dba

Creating the Oracle inventory pointer file (/etc/oraInst.loc)

Changing permissions of /home/fusion/oraInventory to 770.

Changing groupname of /home/fusion/oraInventory to dba.

The execution of the script is complete

Click Next

Once prerequisite check is completed, click Next

Create the root directory for installation as follows.

[root@fmwhost ~]# mkdir /app

[root@fmwhost ~]# chown fusion:dba /app

Enter /app/fusion and click Next

Review summary and click Install

Save inventory if required.

Once installation is finished click Next

Review the summary and click Finish

Next: Install Oracle 11g Database (Applications Transactional Database)

Installing Oracle Fusion Applications – steps

1. Install Fusion Applications Provisioning Framework
2. Install Oracle 11g Database (Applications Transactional Database)
3. Run Oracle Fusion Applications Repository Creation Utility (Applications RCU)
4. Create another database for Oracle Identity Management Infrastructure (optional)
   
5. Run Repository Creation Utility (RCU) for Oracle Identity Management components
   
6. Install Oracle Identity and Access Management Components
7. Apply mandatory Patches
8. Configure Oracle Identity and Access Management components
   
9. Integrate Oracle Identity Manager (OIM) and Oracle Access Manager (OAM)
10. Install provisioning framework on Node 2
11. Create new Response File
12. Provision an Applications Environment (Editing in progress, this link currently points to 11.1.5 counterpart)