Installing Configuring OUD, ODSM and Oracle DIP

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

How to Install Oracle Unified directory(OUD), ODSM and DIP

Note: To make installation easy – install VNC and work over vnc (temporarily)

Install OUD directory

Note: Make sure to select enable DIP at OUD install time
First install and configure a basic OUD installation, as described in Installing and configuring OUD Directory
Note: ID sync is being migrated to Oracle Directory Interrogation Platform (ODIP)
Note 2: For DIP Install the full fusion middleware packages, select Do not configure.

Allow conflicting structural objectclasses – compatible with ODSEE

  1. /oud/Oracle/Middleware/asinst_1/OUD/bin/dsconfig set-global-configuration-prop –set single-structural-objectclass-behavior:accept -n -j /tmp/pw.txt
  2. /oud/Oracle/Middleware/asinst_1/OUD/bin/dsconfig set-attribute-syntax-prop –syntax-name Directory\ String –set allow-zero-length-values:true -n -j /tmp/pw.txt
  3. /oud/Oracle/Middleware/asinst_1/OUD/bin/dsconfig set-password-policy-prop –policy-name “Default Password Policy” –set allow-pre-encoded-passwords:true -n -j /tmp/pw.txt

Install weblogic server

Download from Oracle weblogic server 10.3.6
scp wls1036_generic.jar oud@odsm1:/installs
weblogic download
cd /installs
java -d64 -jar ./wls1036_generic.jar
Middleware Home: /oud/Oracle/Middleware
Un-check security box (say stay uninformed), wait till it times out.
After timing out (trying to connect) – select custom install leave all defaults
Un-check the box – Do not configure at the complete screen

Install Oracle ADF 11.1.1.6

Download ADF (Application Development Framework) from here
ADF download
scp ofm_appdev_generic_11.1.1.6.0_disk1_1of1.zip oud@odsm1:/installs
unzip -qq ofm_appdev_generic_11.1.1.6.0_disk1_1of1.zip
./runInstaller -jreLoc /usr/java
Skip regster & updates
Set the Oracle Home: Oracle_IDM1
Leave all default options

Oracle DIP Installation

Note: You can skip The IDM installation if you don’t plan to use DIP

Download the full Middleware package from edelivery.oracle.com and install
IDM instillation options

scp V29880-01.zip oud@odsm1:/installs
Note: Make sure to select Do not configure
mkdir /installs/IDM
cd /installs/IDM
unzip -qq ../V29880-01.zip
cd Disk1
./runInstaller
Skip regster
Select Do Not Configure
Leave the default location
Un-check updates
Complete install

Configuring weblogic

Configure environment variables

Note: You can skip The environment variables if you don’t plan to use DIP (add to .bashrc)<p>

Complete the weblogic configure script

Run the below script
/oud/Oracle/Middleware/oracle_common/common/bin/config.sh
Choose New Domain
Select OEM, ODSM, DIP
Note: DIP will only be in the list of selection if it was installed
Change selection to production mode
Change (from weblogic) user to admin
For jdk leave the default
check, Administration Server and Managed Servers, Clusters, and Machines, deployment server
check secure (port 7006, or 7002)
Under, cluster, click next
Under, Unix Machine tab, Click on Add, under name, specify the real hostname. click Next
Under assign machine, assign the Administration Server and the Managed server, click next
OBSOLETE – Check the box next to DIP
Click Create or extend(if extend an existing domain)
Note If configuring DIP, follow the post install process

Start weblogic in this order

Note: Run this only before the first startup
/oud/Oracle/Middleware/oracle_common/common/bin/setNMProps.sh
mkdir -p /oud/Oracle/Middleware/user_projects/domains/base_domain/servers/AdminServer/security
cd /oud/Oracle/Middleware/user_projects/domains/base_domain/servers/AdminServer/security
echo “username:weblogic” > boot.properties
echo “password:password” >>boot.properties

Before starting weblogic

Make sure the OUD directory is up, if not start it

/oud/Oracle/Middleware/Oracle_OUD1/bin/start-ds

To start weblogic

Start weblogic node manager first (needed for DIP)

cd /oud/Oracle/Middleware/wlserver_10.3/server/bin
nohup ./startNodeManager.sh &

start weblogic domain

Note: To increase memory size modify/change from 512 to 2048 on setDomainEnv.sh
cd /oud/Oracle/Middleware/user_projects/domains/base_domain/bin
nohup ./startWebLogic.sh &

Start weblogic DIP process

Note: Follow this post install process before running this
To start wls_ods1, manged node

  • Note: To AutoStart DIP Managed server

mkdir -p /oud/Oracle/Middleware/user_projects/domains/base_domain/servers/wls_ods1/security
echo “username:weblogic” > boot.properties
echo “password:password” >>boot.properties

cd /oud/Oracle/Middleware/user_projects/domains/base_domain/bin
nohup ./startManagedWebLogic.sh wls_ods1 &

DIP post install

Once the instances are up and running this
cd /oud/Oracle/Middleware/Oracle_IDM1/bin
./dipConfigurator
Enter WLS Admin Server Host Name : dip1.domain.com
Enter WLS Admin Server Port : 7001
Enter username to contact WebLogic Server : admin
[Enter password to contact WebLogic Server : ]
Enter backend LDAP Server HostName : dip1.domain.com
Enter backend LDAP Server Port : 1389
Enter username to contact LDAP server : cn=directory manager
[Enter password to contact LDAP Server : ]
Enter backend LDAP Server Admin Port : ‘4444
Enter SUFFIX to store DIP metadata : dc=domain,dc=com

Note: Update with latest release

cd /oud/Oracle/Middleware/Oracle_IDM1/bin

./dipConfigurator setup \
-wlshost dip1.domain.com \
-wlsport 7001 \
-wlsuser admin \
-ldaphost dip1.domain.com \
-ldapport 1389 \
-isldapssl false \
-ldapuser “cn=directory manager” \
-ldapadminport 4444 \
-isclustered false

Note: restart the weblogic app server before starting instance wls_ods1

Create in DIP a copy of our OU structure

Adding privileges for DIP user to new OU structure

Configuring certificates for DIP/weblogic

To configure SSL From DIP to OUD

How to – https://docs.oracle.com/cd/E14571_01/admin.1111/e10031/odip_server.htm#OIMIG1349

First export the SSL certificate from OUD store

keytool -export -alias dip1 -file /tmp/dip1-ca-root.csr -rfc -keystore /oud/certs/dip1.jks -storetype JKS
Then import to new keystore as CA trusted

keytool -importcert -trustcacerts -alias oud-cert -file /tmp/dip1-ca-root.csr -keystore /oud/certs/dip1-dip2oud.jks
keytool -importcert -trustcacerts -alias ldap1 -file /tmp/ldap1-ca-root.csr -keystore /oud/certs/dip1-dip2oud.jks
Trust this certificate? [no]: yes
Then set for DIP the keystore location

./manageDIPServerConfig set -h localhost -p 7005 -D admin -attr keystorelocation -val /oud/certs/dip1-dip2oud.jks
Then configure weblogic to work with this

$ORACLE_HOME/common/bin/wlst.sh

Change DIP to use SSL mode 2

./manageDIPServerConfig set -attribute sslmode -val 2 -h localhost -p 7005 -D “admin”
change DIP SSL port

./manageDIPServerConfig set -attribute backendhostport -val localhost:1636 -h localhost -p 7005 -D “admin”

Reference for DIP SSL

https://jvzoggel.wordpress.com/2011/12/16/configuring-ssl-for-oracle-weblogic-and-ofmw/
http://theheat.dk/blog/?p=2059
https://blogs.oracle.com/wlscoherence/entry/create_a_self_signed_sertificate

Accessing ODSM and DIP

To access the Oracle Directory Service Manager console
https://odsm1.domain.com:7002/odsm

To access the DIP console
https://odsm1.domain.com:7002/em

System Auto startup Scripts

To de-install Oracle ADF

To uninstall Oracle ADF
/oud/Oracle/Middleware/oracle_common/oui/bin/runInstaller -deinstall -jreLoc /usr/java

BUG workaround fixes

Fix for odsm / ADF bug issue
ODSM/DIP bug reference
/oud/Oracle/Middleware/user_projects/domains/base_domain/servers/AdminServer/tmp/_WL_user/odsm_11.1.1.5.0/d89dm9/war/skins/odsmSkin.css

References

OUD install and configuration
DIP admin documentation
Oracle Unified Directory Configuration Reference

Leave a Reply

avatar
  Subscribe  
Notify of