Saturday, September 10, 2011

Fusion Applications: Extending the Domain with Oracle Directory Service Manager (ODSM)

In my previous post I described the steps to configure Oracle Internet Directory. In this post I will describe the steps you need to take to configure Oracle Directory Service Manager (ODSM). ODSM is a java application that runs as a Managed Server on Weblogic and it's purpose is to manage Oracle Internet Directory and Oracle Virtual Directory.

The installation starts this chapter with configuring Oracle Directory Integration Platform (DIP) and ODSM. Fusion Applications will not use DIP, so I will skip configuring DIP.

Before we start the configuration of ODSM, let's start by adding another hostname to our hosts file. This chapter uses idmhost1.mycompany.com as host to install ODSM. My hosts file looks like this after adding hostname for ODSM.



Before we start the installer make sure OID, HTTP Server and Weblogic Server are started. You can use the startup sequence and scripts from the previous post. After this we can start the configuration of ODSM by going to directory /u01/app/oracle/product/fmw/idm/bin and issue the command
./config.sh

On the Welcome screen click Next. The Select Domain screen will be shown.


Choose option Extend Existing Domain and set Host Name to Weblogic host ADMINVHN.mycompany.com and set port to Weblogic AdminServer port 7001. Provide Weblogic admin user and password and click on Next.  The following warning now pops up.



Ignore the warning by clicking on Yes. Now the Specify Installation Location screen shows.


MW_HOME and ORACLE_HOME directories are prepopulated and disabled for input. By the way these are correct values, so no issue here. Set the following values for the other fields and click on Next:
  • Weblogic Server Directory - /u01/app/oracle/product/fmw/wlserver_10.3

  • Oracle Instance Location - /u01/app/oracle/admin/ods_inst1

  • Oracle Instance Name   - ods_inst1

On the next screen choose not to be informed about security updates. Now the Configure Components screen shows.


Select only option Oracle Directory Service Manager and click on Next. Now the Configure Ports screen show.



Choose option Specify Ports using Configuration file and click on Browse. Select file staticports.ini from directory /home/oracle/install/idm/Disk1/stage/Response and click on Edit. Uncomment the part for ODS Server port 7006, like screen above and click on Save. Now click on Next and the Installation Summary screen shows.


Click on Configure to start the installer. If all went well, the progress screen shows all configuration actions as Succeeded.


Click on Next and the you'll see the overall installation complete screen with all settings for ODSM.



On this screen click on the ODSM url, marked above with a red square. You will be directed to ODSM home page.



Provisioning the Managed Server

We have now succesfully installed ODSM. Now we will create/convert ODSM as a Managed Server for Weblogic. Start by going to directory /u01/app/oracle/product/fmw/oracle_common/common/bin and issue the following command
./pack.sh -managed=true 
-domain=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain 
-template=/u01/app/oracle/product/fmw/templates/managedServer.jar 
-template_name=ManagedServer_Template

Output will look like this


This packs the current Weblogic Domain as Managed Server. Now from the same directory unpack the Managed Server by issuing the following command:
unpack.sh 
-domain=/u01/app/oracle/admin/IDMDomain/mserver/IDMDomain 
-template=/u01/app/oracle/product/fmw/templates/managedServer.jar 
-app_dir=/u01/app/oracle/admin/IDMDomain/mserver/applications

Output will look like this.


Note that we in fact cloned the current domain from aserver to mserver weblogic root directory. Now go to directory /u01/app/oracle/admin/IDMDomain/mserver/IDMDomain/servers/wls_ods1/security and create a file called boot.properties and add username and password of weblogic administrator like follow:
username=weblogic
password=[yourAdminServerPwd]

This will stop the start script of the Managed Server from prompting us for the username and password of weblogic each time ODSM is started.

Configuring Oracle HTTP Servers to Access the ODSM Console

To be able to access ODSM through the load balancer go to directory /u01/app/oracle/admin/ohs_inst1/config/OHS/ohs1/moduleconf and open file admin.conf. Add the following lines to this file.
NameVirtualHost *:7777

<VirtualHost *:7777>

   ServerName admin.mycompany.com:80
   ServerAdmin adminy@server.com
   RewriteEngine On
   RewriteOptions inherit
   RewriteRule ^/console/jsp/common/logout.jsp /oamsso/logout.html [PT]
   RewriteRule ^/em/targetauth/emaslogout.jsp /oamsso/logout.html [PT]

# Admin Server and EM
   <Location /console>
      SetHandler weblogic-handler
      WebLogicHost ADMINVHN.mycompany.com
      WeblogicPort 7001
   </Location>

   <Location /consolehelp>
      SetHandler weblogic-handler
      WebLogicHost ADMINVHN.mycompany.com
      WeblogicPort 7001
   </Location>

   <Location /em>
      SetHandler weblogic-handler
      WebLogicHost ADMINVHN.mycompany.com
      WeblogicPort 7001
   </Location>

 <Location /odsm>
 SetHandler weblogic-handler 
 WebLogicCluster idmhost1.mycompany.com:7006
 </Location>

</VirtualHost>

Now it is best to reboot the server to be sure all components go down gracefully. After reboot make sure OID, HTTP Server and Weblogic Server are started.

Starting ODSM Managed Server

Go to directory /u01/app/oracle/admin/IDMDomain/mserver/IDMDomain/bin and issue the following command to start ODSM Managed Server
./startManagedWebLogic.sh wls_ods1

After ODSM is running you should be able to acces ODSM home page through to load balancer by url http://admin.mycompany.com/odsm.

Creating a connection to OID

On the home page of ODSM choose Create a New Connection from the dropdown menu


On the next configuration screen provide connect values to OID as stated in below screenshot.


Click on Connect and you'll see a trust certificate screen. Note that this is the certificate we created in previous post.


Click on Always and you will see all OID settings that have been set in previous post.



This chapter also describes setting up a connection to Oracle Virtual Directory (OVD). We will setup this in the next post and then go back and create a connection from ODSM to OVD.

3 comments:

  1. [...] concludes the configuration of OID with Identity Store and Policy Store. In my following post I will describe the steps to install and configure Oracle Directory Integration Platform (DIP) and [...]

    ReplyDelete
  2. [...] my previous post, ODSM was configured to manage OID. In the post I will describe the steps you need to take to [...]

    ReplyDelete
  3. Sambi5:57 AM

    Hello Hakan,

    Thanks alot for your efforts in clearly explaining the process.

    While configuring I am facing some issues, after successful configuration I am not able to see anything the URL: http://fusionidm.mycompany.com:7006/odsm/faces/odsm.jspx

    I tried to move on with the other steps but using pack.sh, I am seeing the following errors in the log file:


    XBeanConfigAspect - Unable to locate property:CredentialEncrypted on type:class com.oracle.cie.domain.xml.configxb.impl.DefaultAuthenticatorTypeImpl
    XBeanConfigAspect - Unable to locate property:CredentialEncrypted on type:class com.oracle.cie.domain.xml.configxb.impl.DefaultIdentityAsserterTypeImpl
    XBeanConfigAspect - Unable to locate property:Target on type:class com.oracle.cie.domain.xml.configxb.impl.ServerTypeImpl

    do you think is there anything wrong that I am doing.

    Thanks,
    Sambi

    ReplyDelete