Thursday, June 5, 2014

Oracle Entitlement Server 11g Release 2: Creating the OES Administration Domain



Oracle Entitlement Server 11g Release 2: Creating the OES Administration Domain


Prior to creation of domain, please ensure that you follow the following steps:



    In a terminal window, perform the following commands to create the OES Administration Domain:
    $ cd /u01/app/oracle/fmw/Oracle_IDM1/common/bin
    $ ./config.sh
    After the Configuration Wizard opens, perform the following steps to create the domain:
    • Welcome: Select "Create a new WebLogic domain" and click Next.

    • Select Domain Source: Select Oracle Entitlements Server for Admin Server - 11.1.1.0 [Oracle_IDM1], accept the automatically selected Oracle Platform Security Service - 11.1.1.0 [Oracle_IDM1], and click Next.

    • Specify Domain Name and Location: Enter the following information and then click Next:
      Domain name: oes_admin
      Domain location: /u01/app/oracle/fmw/user_projects/domains

    • Configure Administrator User Name and Password: Enter the following information and then click Next:
      Name: weblogic
      User password: welcome1

    • Configure Server Start Mode and JDK: Perform the following actions:
      1. Select Development Mode.
      2. Select Available JDKs and Sun SDK 1.6.0_34.
      3. Click Next.


    • Configure JDBC Component Schema: Perform the following actions:
      1. Select the OPSS Schema.
      2. Enter localhost as the host name.
      3. Enter oracle as the Schema password.
      4. Leave the rest as the default values.
      5. Click Next.


    • Test JDBC Component Schema: Verify that the test was successful and click Next.

    • Select Optional Configuration: Click Next.

    • Configuration Summary: Click Create and wait for installation processing to complete.

    • Creating Domain: When the Progress bar displays 100%, click Done.

    Now that you have created the OES Administration domain, you can configure it to use the database for the security store.
    Assume the following:
    $MW_HOME=/u01/app/oracle/fmw
    $IDM_HOME=$MW_HOME/Oracle_IDM1
    In a terminal window, perform the following commands to configure OES to use a database security store:
    cd /u01/app/oracle/fmw/Oracle_IDM1/common/bin
    $MW_HOME/oracle_common/common/bin/wlst.sh $MW_HOME/Oracle_IDM1/common/tools/configureSecurityStore.py -d $MW_HOME/user_projects/domains/oes_admin -t DB_ORACLE -j cn=jpsroot -m create -p oracle
    OptionPurpose
    -dSpecifies the name and location of the OES Administration domain
    -tSpecifies the type of security store to associate with the OES Administration server
    -jSpecifies the jpsroot value of the OES security store
    -mSpecifies the tool mode, which indicates if the tool will create, drop, or join an OES database security store
    -pSpecifies the password to the OES database
    Your output should be similar to the following:
    Initializing WebLogic Scripting Tool (WLST) ...
    Welcome to WebLogic Server Administration Scripting Shell
    Type help() for help on available commands
    Info: Data source is: opss-DBDS
    Info: DB JDBC driver: oracle.jdbc.OracleDriver
    Info: DB JDBC URL: jdbc:oracle:thin:@localhost:1521/orcl
    INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used.
    INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used.
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup - done
    Dec 1, 2012 3:52:30 AM oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator schemaCompatibleHandler
    INFO: Credential store schema upgrade not required. Store Schema version 11.1.1.6.0 is compatible to the seed schema version 11.1.1.4.0
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] updateServiceConfiguration - done
    Dec 1, 2012 3:52:36 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationCredImpl migrateCredentialData
    INFO: Migration of Credential Store data in progress.....
    Dec 1, 2012 3:52:37 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationCredImpl migrateCredentialData
    INFO: Migration of Credential Store data completed, Time taken for migration is 00:00:00
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] migrateData - done
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] testJpsService - done
    [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup - done
    Dec 1, 2012 3:52:37 AM oracle.security.jps.internal.config.ldap.LdapKeyStoreServiceConfigurator schemaCompatibleHandler
    INFO: Keystore schema upgrade not required. Store Schema version 11.1.1.6.0 is compatible to the seed schema version 11.1.1.4.0
    [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely
    [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] updateServiceConfiguration - done
    [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] migrateData - done
    [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] testJpsService - done
    [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup - done
    Dec 1, 2012 3:52:40 AM oracle.security.jps.internal.config.ldap.LdapPolicyStoreServiceConfigurator schemaCompatibleHandler
    INFO: Policy schema upgrade not required. Store Schema version 11.1.1.6.0 is compatible to the seed schema version 11.1.1.4.0
    [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely
    [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] updateServiceConfiguration - done
    WLS ManagedService is not up running. Fall back to use system properties for configuration.
    Dec 1, 2012 3:52:52 AM oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy migrateData
    INFO: Migration of Admin Role Members started
    [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] migrateData - done
    Dec 1, 2012 3:52:53 AM oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy migrateData
    INFO: Migration of Admin Role Members completed in 00:00:00
    [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] testJpsService - done
    [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup - done
    Dec 1, 2012 3:52:53 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator schemaCompatibleHandler
    INFO: Audit store schema upgrade not required. Store Schema version 11.1.1.6.0 is compatible to the seed schema version 11.1.1.4.0
    [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely
    [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] updateServiceConfiguration - done
    Dec 1, 2012 3:52:53 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData
    INFO: Migration of Audit Store data in progress.....
    [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] migrateData - done
    Dec 1, 2012 3:53:15 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData
    INFO: Migration of Audit Store data completed, Time taken for migration is 00:00:21
    [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] testJpsService - done
    persist to output: /u01/app/oracle/fmw/user_projects/domains/oes_admin/config/fmwconfig - done
    INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used.
    INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used.
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup - done
    [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] updateServiceConfiguration - done
    [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup - done
    [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] updateServiceConfiguration - done
    [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup - done
    [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] updateServiceConfiguration - done
    Dec 1, 2012 3:53:25 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator checkIfConfigurationValid
    INFO: Audit store re-association not supported.
    [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup - Audit store re-association not supported.
    persist to output: /u01/app/oracle/fmw/user_projects/domains/oes_admin/config/fmwconfig - done
    INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used.
    Using default context in /u01/app/oracle/fmw/user_projects/domains/oes_admin/config/fmwconfig/jps-config-migration.xml file for credential store.
    Credential store location : jdbc:oracle:thin:@localhost:1521/orcl
    Credential with map Oracle-IAM-Security-Store-Diagnostics key Test-Cred stored successfully!
    Credential for map Oracle-IAM-Security-Store-Diagnostics and key Test-Cred is:
    GenericCredential
    Info: diagnostic credential created in the credential store.
    Info: Create operation has completed successfully.
at
Labels:

OCI Knowledge Series: OCI Infrastructure components

  Oracle Cloud Infrastructure (OCI) provides a comprehensive set of infrastructure services that enable you to build and run a wide range of...