OAM Install & Config

Oracle Access Manager Install & Config
Software Version Details:
Software Version
Oracle Jrocket JDK 1.6.0_31-R28.2.3-4.1.0
Oracle Weblogic 10.3.6
Oracle Access Manager 11.1.2.1.0
Oracle HTTP Server 11.1.1.7.0
Oracle Webgate 11.1.2.1.0
Oracle RCU 11.1.2.1.0for OAM
Oracle Database 11.2.0.4.0

Installing RCU for Oracle Access Manager:
Click Next

Click Next
Provide database details in below screen

Click Next
Select only oracle access manager component in below screen give prefix name as meaningful
name

Click Next
Provide password details in below screen

Click Create
Completed RCU installation
Install Java
Latest JRockit - Patch 16863120: JDK160 ORACLE JROCKIT R28.2.8
p16863120_2828_Linux-x86-64.zip
cd /apps
unzip /apps/p16863120_2828_Linux-x86-64.zip
Create Inventory Directory
mkdir /apps/Middleware/oraInventory
vi /etc/oraInst.loc
inst_group=oinstall
inventory_loc=/apps/Middleware/oraInventory

Instillaing weblogic
[appoam@slcr12devtap1 WEBLOGIC_1036]$ export JAVA_HOME=/apps/jrockit-jdk1.6.0_51
[appoam@slcr12devtap1 WEBLOGIC_1036]$ export PATH=$JAVA_HOME/bin:$PATH
[appoam@slcr12devtap1 WEBLOGIC_1036]$ which java
/apps/jrockit-jdk1.6.0_51/bin/java
[appoam@slcr12devtap1 WEBLOGIC_1036]$ java -version
java version "1.6.0_51"
Java(TM) SE Runtime Environment (build 1.6.0_51-b11)
Oracle JRockit(R) (build R28.2.8-10-156881-1.6.0_51-20130611-1146-linux-x86_64, compiled
mode)
Click Next
Please give middleware path and click Next

Unceck check box press “yes”

Click Next
Make sure below JROCKET path is correct and Click Next

Uncheck “run Quick start” and click done

Completed Weblogic Installation
==============================================================================
=======

Installation Oracle Access Manager
[appoam@slcr12devtap1 Disk1]$ ./runInstaller
Starting Oracle Universal Installer...
Checking if CPU speed is above 300 MHz. Actual 2294 MHz Passed
Checking Temp space: must be greater than 150 MB. Actual 8411 MB Passed
Checking swap space: must be greater than 512 MB. Actual 7684 MB Passed
Checking monitor: must be configured to display at least 256 colors. Actual 16777216
Passed
Preparing to launch Oracle Universal Installer from /tmp/OraInstall2014-04-18_07-22-22PM.
Please wait ...
Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist
:/apps/jrockit-jdk1.6.0_51
Click Next

Please provide Middleware Home Directory

Click Finish
Completed installing the oracle accessmanager
Configuring the Oracle Access Manager
[appoam@slcr12devtap1 Disk1]$ export WL_HOME=/apps/Middleware/MW_HOME/OAM/
[appoam@slcr12devtap1 Disk1]$ export
ORACLE_HOME=/apps/Middleware/MW_HOME/OAM/Oracle_OAM
[appoam@slcr12devtap1 Disk1]$ cd $ORACLE_HOME
[appoam@slcr12devtap1 Oracle_OAM]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_OAM
[appoam@slcr12devtap1 Oracle_OAM]$ cd common
[appoam@slcr12devtap1 common]$ cd bin
[appoam@slcr12devtap1 bin]$

Completed configuring the Oracle Access Manager
==============================================================================
=======
Configuring Database Security Store for an Oracle Identity and Access Management Domain
appoam@slcr12devtap1 domains]$ cd
/apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain
[appoam@slcr12devtap1 oamdomain]$
/apps/Middleware/MW_HOME/OAM/oracle_common/common/bin/wlst.sh
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/common/tools/configureSecurityStore.p
y -d /apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain -c IAM -u
dev_opss -p Passw0rd -m create
Below Is the output of above script
CLASSPATH=/apps/Middleware/MW_HOME/OAM/patch_wls1036/profiles/default/sys_manife
st_classpath/weblogic_patch.jar:/apps/Middleware/MW_HOME/OAM/patch_ocp371/profiles/
default/sys_manifest_classpath/weblogic_patch.jar:/apps/jrockit-

jdk1.6.0_51/lib/tools.jar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/weblo
gic_sp.jar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/weblogic.jar:/apps/
Middleware/MW_HOME/OAM/modules/features/weblogic.server.modules_10.3.6.0.jar:/apps/
Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/webservices.jar:/apps/Middleware/M
W_HOME/OAM/modules/org.apache.ant_1.7.1/lib/ant-
all.jar:/apps/Middleware/MW_HOME/OAM/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-
contrib.jar::/apps/Middleware/MW_HOME/OAM/oracle_common/modules/oracle.jrf_11.1.1/j
rf-
wlstman.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/adfscripti
ng.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/adf-share-
mbeans-
wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/mdswlst.jar:/
apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/auditwlst.jar:/a
pps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/igfwlsthelp.jar:/
apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/jps-
wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/jrf-
wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/oama
p_help.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/oa
mAuthnProvider.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/reso
urces/ossoiap_help.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/r
esources/ossoiap.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/res
ources/ovdwlsthelp.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/r
esources/sslconfigwlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wls
t/resources/wsm-wlst.jar:/apps/Middleware/MW_HOME/OAM/utils/config/10.3/config-
launch.jar::/apps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbynet.j
ar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbyclient.jar:/ap
ps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbytools.jar::
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Info: Data source is: opss-DBDS
Info: DB JDBC driver: oracle.jdbc.OracleDriver
Info: DB JDBC URL: jdbc:oracle:thin:@usaslcoamdbr12t.goldbar.barrick.com:1531/oamd
Connected:oracle.jdbc.driver.T4CConnection@1e28e947

Disconnect:oracle.jdbc.driver.T4CConnection@1e28e947
2014-04-19 10:02:09.640 rcu:Extracting Statement from File Name:
'/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops
s_upgrade_111160_111161.sql'Line Number: 23
2014-04-19 10:02:09.660 rcu:Extracted SQL Statement: [SET ECHO ON]
2014-04-19 10:02:09.660 rcu:Skipping Unsupported Statement
2014-04-19 10:02:09.660 rcu:Extracted SQL Statement: [SET FEEDBACK 1]
2014-04-19 10:02:09.660 rcu:Extracted SQL Statement: [SET NUMWIDTH 10]
2014-04-19 10:02:09.661 rcu:Extracted SQL Statement: [SET LINESIZE 80]
2014-04-19 10:02:09.661 rcu:Extracted SQL Statement: [SET TRIMSPOOL ON]
2014-04-19 10:02:09.661 rcu:Extracted SQL Statement: [SET TAB OFF]
2014-04-19 10:02:09.662 rcu:Extracted SQL Statement: [SET PAGESIZE 100]
2014-04-19 10:02:09.665 rcu:Extracted SQL Statement: [ALTER SESSION SET
CURRENT_SCHEMA=&&1 ]

2014-04-19 10:02:09.668 rcu:Statement Type: 'DDL Statement'
2014-04-19 10:02:10.512 rcu:Extracted SQL Statement: [DELETE FROM JPS_ATTRS attr WHERE
attr.JPS_ATTRS_ID IN (SELECT JPS_ATTRS_ID FROM CT_8 ct WHERE ct.ATTRVAL IS NULL)]
2014-04-19 10:02:10.513 rcu:Statement Type: 'DELETE Statement'
2014-04-19 10:02:11.215 rcu:Extracted SQL Statement: [DELETE FROM CT_8 ct WHERE
ct.ATTRVAL IS NULL]
ct.ATTRVAL IS NULL]
ct.ATTRVAL IS NULL]

ct.ATTRVAL IS NULL]
2014-04-19 10:02:11.362 rcu:Extracted SQL Statement: []
2014-04-19 10:02:11.367 rcu:Extracted SQL Statement: [COMMIT;]
2014-04-19 10:02:11.374 rcu:Extracted SQL Statement: [declare
v_count NUMBER := 0 ;
BEGIN
SELECT COUNT(*) INTO v_count FROM CT_8 WHERE LENGTH(ATTRVAL) > 3000;
IF (v_count = 0) THEN
EXECUTE IMMEDIATE 'ALTER TABLE CT_8 MODIFY (ATTRVAL VARCHAR2(3000))';
EXECUTE IMMEDIATE 'CREATE TABLE CT_8_TMP (JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL,
PRIMARY KEY (JPS_DN_ENTRYID, ATTRVAL, JPS_ATTRS_ID)) ORGANIZATION INDEX OVERFLOW
AS SELECT JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL FROM CT_8';
EXECUTE IMMEDIATE 'DROP TABLE CT_8';
EXECUTE IMMEDIATE 'ALTER TABLE CT_8_TMP RENAME TO CT_8';
EXECUTE IMMEDIATE 'ALTER TABLE CT_8 ADD CONSTRAINT CT_8_FK FOREIGN
KEY(JPS_ATTRS_ID) REFERENCES JPS_ATTRS(JPS_ATTRS_ID) ON DELETE CASCADE';
END IF;
EXECUTE IMMEDIATE 'CREATE TABLE CT_10_TMP (JPS_DN_ENTRYID, JPS_ATTRS_ID,
ATTRVAL, PRIMARY KEY (JPS_DN_ENTRYID, ATTRVAL, JPS_ATTRS_ID)) ORGANIZATION INDEX
OVERFLOW AS SELECT JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL FROM CT_10';
END IF;

END IF;
END IF;
END;
]
2014-04-19 10:02:11.378 rcu:Statement Type: 'BEGIN/END Anonymous Block'
2014-04-19 10:02:13.187 rcu:Extracted SQL Statement: [ALTER TABLE JPS_ATTRS ADD (
ATTRKIND NUMBER
)]
2014-04-19 10:02:13.254 rcu:Extracted SQL Statement: [CREATE INDEX JPS_ATTRS_KIND ON
JPS_ATTRS (ATTRKIND)]

2014-04-19 10:02:13.295 rcu:Extracted SQL Statement: [UPDATE JPS_ATTRS SET ATTRKIND = 1
WHERE lower(ATTRNAME) = 'orcljpsassignee']
2014-04-19 10:02:13.296 rcu:Statement Type: 'DML Statement'
2014-04-19 10:02:13.307 rcu:Extracted SQL Statement: [UPDATE JPS_ATTRS SET ATTRKIND = 0
WHERE ATTRKIND IS NULL]
2014-04-19 10:02:13.329 rcu:Extracted SQL Statement: [CREATE INDEX IDX_JPS_CONCAT_DN
ON JPS_DN (CONCAT(PARENTDN, RDN))]
2014-04-19 10:02:13.370 rcu:Extracted SQL Statement: [ALTER TABLE CT_9 ADD (
GRANTEEDNATTR VARCHAR2(1024),
PERMSETREFATTR VARCHAR2 (1024),
POLICYREFATTR VARCHAR2 (1024),
POLICYSETREFATTR VARCHAR2 (1024),
RULEREFATTR VARCHAR2 (1024)
)]
2014-04-19 10:02:13.421 rcu:Extracted SQL Statement: [ALTER TABLE CT_6 ADD (
PRINCIPAL_CLASS VARCHAR2(1024),
NAME VARCHAR2 (1024),
UNIQUENAME VARCHAR2 (1024),
GUID VARCHAR2(1024),
REFER_TYPE NUMBER,
REFER_ENTRYID NUMBER)]

2014-04-19 10:02:13.476 rcu:Extracted SQL Statement: [CREATE INDEX IDX_CT_6_CLASS ON
CT_6 (PRINCIPAL_CLASS) ]
2014-04-19 10:02:13.512 rcu:Extracted SQL Statement: [CREATE INDEX IDX_CT_6_NAME ON
CT_6 (NAME) ]
2014-04-19 10:02:13.540 rcu:Extracted SQL Statement: [CREATE INDEX IDX_CT_6_PRINCIPAL
ON CT_6 (CONCAT(PRINCIPAL_CLASS, NAME))]
2014-04-19 10:02:13.568 rcu:Extracted SQL Statement: [UPDATE JPS_ATTRS SET
ATTRVAL='11.1.1.6.1' WHERE ATTRNAME='orclProductVersion' AND (ATTRVAL='11.1.1.6.0')]
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup -
done
Apr 19, 2014 10:02:47 AM
oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator
schemaCompatibleHandler
INFO: Credential store schema upgrade not required. Store Schema version 11.1.1.6.1 is
compatible to the seed schema version 11.1.1.4.0
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSchema -
Store schema has been seeded completely
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator]
updateServiceConfiguration - done

Apr 19, 2014 10:02:50 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationCredImpl
migrateCredentialData
INFO: Migration of Credential Store data in progress.....
Apr 19, 2014 10:02:59 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationCredImpl
migrateCredentialData
INFO: Migration of Credential Store data completed, Time taken for migration is 00:00:08
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] migrateData - done
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] testJpsService - done
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup -
done
Apr 19, 2014 10:02:59 AM
oracle.security.jps.internal.config.ldap.LdapKeyStoreServiceConfigurator
INFO: Keystore schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible to
the seed schema version 11.1.1.4.0
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSchema -
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator]
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] migrateData - done
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] testJpsService - done
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup -
done
Apr 19, 2014 10:03:03 AM
oracle.security.jps.internal.config.ldap.LdapPolicyStoreServiceConfigurator
INFO: Policy schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible to
the seed schema version 11.1.1.4.0
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSchema -
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator]
WLS ManagedService is not up running. Fall back to use system properties for configuration.
Apr 19, 2014 10:03:23 AM
oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy migrateData
INFO: Migration of Admin Role Members started
Apr 19, 2014 10:03:24 AM
oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy migrateData
INFO: Migration of Admin Role Members completed in 00:00:00
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] migrateData - done
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] testJpsService - done
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup -
done

Apr 19, 2014 10:03:24 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator
INFO: Audit store schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible
to the seed schema version 11.1.1.4.0
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSchema -
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator]
Apr 19, 2014 10:03:25 AM
oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData
INFO: Migration of Audit Store data in progress.....
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] migrateData - done
Apr 19, 2014 10:04:52 AM
INFO: Migration of Audit Store data completed, Time taken for migration is 00:01:27
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] testJpsService - done
persist to output:
/apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig -
done
done
done
done
checkIfConfigurationValid
INFO: Audit store re-association not supported.
Audit store re-association not supported.
persist to output:
/apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig –
done
INFO: Audit store schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible
to the seed schema version 11.1.1.4.0

[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSchema -
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator]
Apr 19, 2014 10:03:25 AM
INFO: Migration of Audit Store data in progress.....
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] migrateData - done
Apr 19, 2014 10:04:52 AM
INFO: Migration of Audit Store data completed, Time taken for migration is 00:01:27
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] testJpsService - done
persist to output:
done
done
done
done
checkIfConfigurationValid
INFO: Audit store re-association not supported.
Audit store re-association not supported.
persist to output:
done
INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA
will not be used.
INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA
will not be used.
Using default context in
/apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig/j
ps-config-migration.xml file for credential store.
Credential store location : jdbc:oracle:thin:@usaslcoamdbr12t.goldbar.barrick.com:1531/oamd
Credential with map Oracle-IAM-Security-Store-Diagnostics key Test-Cred stored successfully!

Credential for map Oracle-IAM-Security-Store-Diagnostics and key Test-Cred is:
GenericCredential
Info: diagnostic credential created in the credential store.
Info: Create operation has completed successfully.
appoam@slcr12devtap1 lib]$ ls -ltr rdbms*
-rwxr-x--- 1 appoam oinstall 8310 Apr 18 19:21 rdbms_security_store_db2.sql
-rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_db2_remove.sql
-rwxr-x--- 1 appoam oinstall 8302 Apr 18 19:21 rdbms_security_store_derby.sql
-rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_derby_remove.sql
-rwxr-x--- 1 appoam oinstall 8508 Apr 18 19:21 rdbms_security_store_oracle.sql
-rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_oracle_remove.sql
-rwxr-x--- 1 appoam oinstall 8172 Apr 18 19:21 rdbms_security_store_sqlserver.sql
-rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_sqlserver_remove.sql
-rwxr-x--- 1 appoam oinstall 10591 Apr 18 19:21 rdbms_security_store_sybase.sql
-rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_sybase_remove.sql
[appoam@slcr12devtap1 lib]$ scp -r rdbms_security_store_oracle.sql
oraOAMD@usaslcomadbr12t:/home/oraOAMD
ssh: Could not resolve hostname usaslcomadbr12t: Name or service not known
lost connection
[appoam@slcr12devtap1 lib]$ scp -r rdbms_security_store_oracle.sql
oraOAMD@usaslcoamdbr12t:/home/oraOAMD
The authenticity of host 'usaslcoamdbr12t (10.13.80.176)' can't be established.
RSA key fingerprint is 9c:e2:b5:d5:f3:69:58:53:0c:d6:7a:6c:1c:bb:74:90.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'usaslcoamdbr12t,10.13.80.176' (RSA) to the list of known hosts.
oraOAMD@usaslcoamdbr12t's password:
rdbms_security_store_oracle.sql
100% 8508 8.3KB/s 00:00
[appoam@slcr12devtap1 lib]$ pwd
/apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib
-rwxr-x--- 1 oraOAMD dba 8508 Apr 19 10:09 rdbms_security_store_oracle.sql
[oraOAMD@usaslcoamdbr12t ~]$ sqlplus dev_opss
SQL*Plus: Release 11.2.0.4.0 Production on Sat Apr 19 10:09:54 2014
Copyright (c) 1982, 2013, Oracle. All rights reserved.

Enter password:
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> @rdbms_security_store_oracle.sql;
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.

Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
1 row created.
Commit complete.
SQL> exit
Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit
Production
With the Partitioning, OLAP,
OAM patches:
18138998 --- Oracle Identity Management Suite BP patch of 11.1.2.1.3
17496113: WARNING: COULD NOT OBTAIN LOCK ON POLLTRACKING.LCK

Start OAM services
/apps/Middleware/MW_HOME/OAM/oracle_common/common/bin/setNMProps.sh
~/bin/start_node_manager.sh
/apps/Middleware/MW_HOME/OAM/user_projects/domains/OAMdomain/bin/startWebLogic.
sh
/apps/Middleware/MW_HOME/OAM/user_projects/domains/OAMdomain/bin/startManaged
WebLogic.sh oam_server1
Installing Oracle HTTP Server
[appoam@slcr12devtap1 common]$ cd /mnt/shared/software_dump/HTTP_WEB_SERVER/
[appoam@slcr12devtap1 HTTP_WEB_SERVER]$ ls -ltr
total 1760516
drwxr-xr-x 6 appoam oinstall 4096 Mar 2 2013 Disk1
drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 Disk2
drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 Disk3
-rw-r--r-- 1 appoam oinstall 22806 Mar 12 2013 readme.html
-rw-r--r-- 1 appoam oinstall 1802723467 Apr 17 16:47 V37384-01.zip
[appoam@slcr12devtap1 HTTP_WEB_SERVER]$ cd Disk1
[appoam@slcr12devtap1 Disk1]$ ls -ltr
total 36
-rwxrwxr-x 1 appoam oinstall 16532 Oct 25 2012 runInstaller
drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 plugins
drwxrwxr-x 6 appoam oinstall 4096 Mar 2 2013 doc
drwxr-xr-x 12 appoam oinstall 4096 Mar 2 2013 stage
drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 install
Passed

Please wait ...[appoam@slcr12devtap1 Disk1]$ Log: /apps/oraInventory/logs/install2014-04-
28_04-51-50PM.log

Completed installation of oracle HTTP server
Installing oracle webgate
[appoam@slcr12devtap1 Disk1]$ ls -ltr
total 100
-rwxrwxr-x 1 appoam oinstall 73728 Sep 15 2011 setup.exe
-rwxrwxr-x 1 appoam oinstall 16454 Sep 19 2011 runInstaller
drwxrwxr-x 12 appoam oinstall 4096 Apr 18 2013 install
drwxr-xr-x 13 appoam oinstall 4096 Apr 18 2013 stage

Passed
Please wait ...
Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist :^C
[appoam@slcr12devtap1 Disk1]$ echo $JAVA_HOME
/apps/jrockit-jdk1.6.0_51
Passed
Please wait ...
Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist
:/apps/jrockit-jdk1.6.0_51
[appoam@slcr12devtap1 Disk1]$ [WARN ][jrockit] MaxPermSize=512m ignored: Not a valid
option for JRockit
Log: /apps/oraInventory/logs/install2014-04-28_05-16-11PM.log

Completed installation of wegate
==============================================================================
=======
Install and Configure WebGate on the WebTier
[appoam@slcr12devtap1 deployWebGate]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/tools/deployWeb
Gate
[appoam@slcr12devtap1 deployWebGate]$ echo $MW_HOME
[appoam@slcr12devtap1 deployWebGate]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/tools/deployWeb
Gate
[appoam@slcr12devtap1 deployWebGate]$ export
MW_HOME=/apps/Middleware/MW_HOME/OAM

[appoam@slcr12devtap1 deployWebGate]$ ./deployWebGateInstance.sh -w
$MW_HOME/Oracle_WT1/instances/instance1/config/OHS/ohs1 -oh
$MW_HOME/Oracle_OAMWebGate1
Copying files from WebGate Oracle Home to WebGate Instancedir
[appoam@slcr12devtap1 Oracle_OAMWebGate1]$ export
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/apps/Middleware/MW_HOME/OAM/Oracle_WT1/lib
[appoam@slcr12devtap1 Oracle_OAMWebGate1]$ cd
/apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/tools/setup/Install
Tools
[appoam@slcr12devtap1 InstallTools]$
[appoam@slcr12devtap1 InstallTools]$ ./EditHttpConf -w
$MW_HOME/Oracle_WT1/instances/instance1/config/OHS/ohs1 -oh
$MW_HOME/Oracle_OAMWebGate1
The web server configuration file was successfully updated
/apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/http
d.conf has been backed up as
/apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/http
d.conf.ORIG
[appoam@slcr12devtap1 InstallTools]$
Setting Up the RREG Tool
To set up the RREG tool, complete the following steps:
On UNIX
After installing and configuring Oracle Access Manager, go to the following directory:
Oracle_IDM2/oam/server/rreg/client
Untar the RREG.tar.gz file.
Example:
gunzip RREG.tar.gz
tar -xvf RREG.tar
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/client
[appoam@slcr12devtap1 client]$ ls -ltr

total 26272
-rw-r----- 1 appoam oinstall 9512960 Mar 17 2013 RREG.tar
-rw-r----- 1 appoam oinstall 8935304 Mar 17 2013 rreg-toolkit.jar
-rw-r----- 1 appoam oinstall 8446505 Apr 29 16:55 RREG.tar.gz_bkp
[appoam@slcr12devtap1 client]$ tar -xvf RREG.tar
rreg/
rreg/lib/
rreg/lib/rreg.jar
rreg/lib/identitystore.jar
rreg/lib/jps-common.jar
rreg/lib/utilities.jar
rreg/lib/jps-api.jar
rreg/lib/osdt_core.jar
rreg/lib/jps-ee.jar
rreg/lib/osdt_xmlsec.jar
rreg/lib/ojmisc.jar
rreg/lib/RequestResponse.jar
rreg/lib/commons-httpclient-3.1.jar
rreg/lib/osdt_cert.jar
rreg/lib/jps-unsupported-api.jar
rreg/lib/commons-codec-1.3.jar
rreg/lib/oraclepki.jar
rreg/lib/commons-logging-1.1.1.jar
rreg/lib/jps-internal.jar

rreg/lib/nap-api.jar
rreg/bin/
rreg/bin/oamreg.sh
rreg/bin/oamreg.bat
rreg/config/
rreg/config/RequestResponseXMLSchema.xsd
rreg/input/
rreg/input/OAMRequest_short.xml
rreg/input/OSSORequest.xml
rreg/input/OpenSSORequest_short.xml
rreg/input/OSSOUpdateAgentRequest.xml
rreg/input/OAM11GRequest.xml
rreg/input/OAM11GRequest_short.xml
rreg/input/CreatePolicyRequest.xml
rreg/input/OpenSSOUpdateAgentRequest.xml
rreg/input/OAMUpdateAgentRequest.xml
rreg/input/OpenSSORequest.xml
rreg/input/OAM11GUpdateAgentRequest.xml
rreg/input/UpdatePolicyRequest.xml
rreg/input/OAMRequest.xml
rreg/output/
rreg/logs/
rreg/tester/
rreg/tester/oamtest.jar

rreg/tester/nap-api.jar
rreg/truststore/
rreg/truststore/rregcerts.jks
rreg/templates/
rreg/templates/opensso/
rreg/templates/opensso/webagents/
rreg/templates/opensso/webagents/OpenSSOAgentConfiguration.template
rreg/templates/opensso/webagents/OpenSSOAgentBootstrap.template
rreg/templates/opensso/j2eeagents/
rreg/templates/opensso/j2eeagents/OpenSSOAgentBootstrap.template
rreg/templates/opensso/j2eeagents/OpenSSOAgentConfiguration.template
Now go to /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/input
[appoam@slcr12devtap1 client]$ ls -ltr
total 26276
drwxr-xr-x 11 appoam oinstall 4096 Mar 17 2013 rreg
-rw-r----- 1 appoam oinstall 9512960 Mar 17 2013 RREG.tar
-rw-r----- 1 appoam oinstall 8935304 Mar 17 2013 rreg-toolkit.jar
-rw-r----- 1 appoam oinstall 8446505 Apr 29 16:55 RREG.tar.gz_bkp
Create EBS_OAM11gRequest_short.xml
appoam@slcr12devtap1 input]$ vi EBS_OAM11gRequest_short.xml
[appoam@slcr12devtap1 input]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/input
<OAM11GRegRequest>
<serverAddress>http://usaslcoamr12t.goldbar.barrick.com:7001</serverAddress>
<hostIdentifier>usaslcoamr12t.goldbar.barrick.com</hostIdentifier>
<agentName>usaslcoamr12t.goldbar.barrick.com</agentName>

<agentBaseUrl>http://usaslcoamr12t.goldbar.barrick.com:7777</agentBaseUrl>
<logOutUrls><url>/logout</url></logOutUrls>
</OAM11GRegRequest>
[appoam@slcr12devtap1 input]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/input
Create ebs.oam.conf file
[appoam@slcr12devtap1 input]$ vi ebs.oam.conf
[appoam@slcr12devtap1 input]$
##############################################################################
#
# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
#
# This is a configuration file, to be used with the OAM Config Tool, for
# configuring policies in OAM in order to facilitate Single Sign On.
#
# Protected URIs:-
# A Protected URI (resource) implies that an user must be authenticated
# before he could access that resource. Upon accessing a protected uri, the
# user would be redirected to the OAM login page for authentication.
# Subsequently, upon successful authentication, he would be redirected to the
# original requested resource.
#
# Public URIs:-
# A Public URI (resource), on the contrary, implies that a user be allowed
# access to that resource without authentication.
#
# This file essentially contains a list of protected and public URIs belonging
# to an Application.
#
# Please refer to the documentation of OAM Config Tool for anything related to
# the OAM Config tool's usage and the documentation of OAM for anything
# related to OAM in general.
#
##########################
# File format description
##########################
# 1. Any line beginning with '#' is considered a comment and would be ignored

# 2. Likewise any empty line or any line beginning with ' ' (space) would be
# ignored
# 3. All the Protected URIs must be listed followed by the key-word:
# "protected_uris".
# 4. All the Public URIs must be listed followed by the key-word: "public_uris"
#
# Note that Public URIs are optional. But you need to have at least one
# Protected URI listed
#
#
########################
#Product Name: E-Business Suite
########################
###########################
protected_uris
###########################
/ebsauth_devt12
/index.html
###########################
public_uris
###########################
/ebsauth_devt12/style/
/ebsauth_devt12/ssologin
/ebsauth_devt12/ssologout.do
/ebsauth_devt12/ssologout_callback
/public/oacleanup.html
/public/index.html
export JAVA_HOME=/apps/jrockit-jdk1.6.0_51
export
OAM_REG_HOME=/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/bin
./bin/oamreg.sh inband input/EBS_OAM11g_DEVT12.xml
Enter admin password:
Do you want to enter a Webgate password?(y/n):
n
Do you want to import an URIs file?(y/n):

y
Please enter URIs filename (full path) (ex: /config/fa.oam.conf) :
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/config/ebs_oam_dev12.c
onf Apr 29, 2014 6:00:23 PM
oracle.security.am.engines.rreg.client.util.RegClientUtil getURIsFilename
INFO: Filename accepted.
Apr 29, 2014 6:00:24 PM
oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler
readProtAndPubUrisFromFileAndSet INFO: Success:
URI:[/ebsauth_devt12*] is added.
Apr 29, 2014 6:00:24 PM
URI:[/ebsauth_devt12/**] is added.
Apr 29, 2014 6:00:24 PM
URI:[/index.html] is added.
Apr 29, 2014 6:00:24 PM
URI:[/index.html/**] is added.
Apr 29, 2014 6:00:24 PM
oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy
INFO: Success: URI:[/ebsauth_devt12/style/*] is added.
Apr 29, 2014 6:00:24 PM
INFO: Success: URI:[/ebsauth_devt12/style/**] is added.
Apr 29, 2014 6:00:24 PM
INFO: Success: URI:[/ebsauth_devt12/ssologin*] is added.
Apr 29, 2014 6:00:24 PM
INFO: Success: URI:[/ebsauth_devt12/ssologin/**] is added.
Apr 29, 2014 6:00:24 PM
INFO: Success: URI:[/ebsauth_devt12/ssologout.do] is added.
Apr 29, 2014 6:00:24 PM
INFO: Success: URI:[/ebsauth_devt12/ssologout.do/**] is added.
Apr 29, 2014 6:00:24 PM
INFO: Success: URI:[/ebsauth_devt12/ssologout_callback*] is added.
Apr 29, 2014 6:00:24 PM

INFO: Success: URI:[/ebsauth_devt12/ssologout_callback/**] is added.
Apr 29, 2014 6:00:24 PM
INFO: Success: URI:[/public/oacleanup.html] is added.
Apr 29, 2014 6:00:24 PM
INFO: Success: URI:[/public/oacleanup.html/**] is added.
Apr 29, 2014 6:00:24 PM
INFO: Success: URI:[/public/index.html] is added.
Apr 29, 2014 6:00:24 PM
INFO: Success: URI:[/public/index.html/**] is added.
----------------------------------------
Request summary:
OAM11G Agent Name:usaslcoamr12t.goldbar.barrick.com
Base URL:http://usaslcoamr12t.goldbar.barrick.com:7777
URL String:usaslcoamr12t.goldbar.barrick.com
Registering in Mode:inband
Your registration request is being sent to the Admin server at:
http://usaslcoamr12t.goldbar.barrick.com:7003
----------------------------------------
Apr 29, 2014 6:04:04 PM oracle.security.jps.util.JpsUtil disableAudit
INFO: JpsUtil: isAuditDisabled set to true
Inband registration process completed successfully! Output artifacts are created in the output
folder.
rw------- 1 appoam oinstall 3181 Apr 29 18:04 cwallet.sso
-rw-r--r-- 1 appoam oinstall 2963 Apr 29 18:04 ObAccessClient.xml
Copy above files to below directory
Copy the generated registration artifacts to your WebTier
[appoam@slcr12devtap1 usaslcoamr12t.goldbar.barrick.com]$ cp *
/apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/w
ebgate/config
[appoam@slcr12devtap1 usaslcoamr12t.goldbar.barrick.com]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/output/usaslcoamr12t.go
ldbar.barrick.com
[appoam@slcr12devtap1 usaslcoamr12t.goldbar.barrick.com]$

Start WebTier
appoam@slcr12devtap1 bin]$ ls -ltr
total 48
-rwx------ 1 appoam oinstall 46053 Apr 28 17:10 opmnctl
[appoam@slcr12devtap1 bin]$ ./opmnctl startall
opmnctl startall: starting opmn and all managed processes...
[appoam@slcr12devtap1 bin]$ ./opmnctl status -l
Processes in Instance: instance1
---------------------------------+--------------------+---------+----------+------------+----------+-----------+------
ias-component | process-type | pid | status | uid | memused | uptime |
ports
---------------------------------+--------------------+---------+----------+------------+----------+-----------+------
ohs1 | OHS | 5411 | Alive | 1609438392 | 1369016 | 25:02:18 |
https:9999,https:4443,http:7777
[appoam@slcr12devtap1 bin]$
Verify registration using OAM Console
http://usaslcoamr12t.goldbar.barrick.com:7003/oamconsole
Logon to the OAM Console
http://<host>.<domain>:<adminport>/oamconsole
Verify that the following artifacts are visible now in the OAM Console.
System Configuration tab > Access Manager section > SSO Agents node > OAM Agents (double
click) > Search for {Identifier for your WebGate}
Policy Configuration tab > Browse tab > Shared Components node > Host Identifiers node >
Search for {Identifier for your WebGate}
Policy Configuration tab > Browse tab > Application Domains node > Search for {Identifier for
your WebGate}
Test your WebGate
apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/htdoc
s/public
[appoam@slcr12devtap1 public]$ cd ..
[appoam@slcr12devtap1 htdocs]$ ls -ltr
total 108
-rw------- 1 appoam oinstall 2585 Apr 28 17:10 index.html.hu
-rw------- 1 appoam oinstall 726 Apr 28 17:10 README.rus

-rw------- 1 appoam oinstall 2326 Apr 28 17:10 apache_pb.gif
-rw------- 1 appoam oinstall 81 Apr 28 17:10 index.html
-rw------- 1 appoam oinstall 1062 Apr 28 17:10 index.html.zh-tw.big5
drwx------ 2 appoam oinstall 4096 Apr 28 17:10 error_docs
drwx------ 2 appoam oinstall 4096 Apr 28 17:10 images
drwx------ 2 appoam oinstall 4096 Apr 28 17:10 css
drwx------ 2 appoam oinstall 4096 Apr 28 17:10 JSLibrary
drwx------ 9 appoam oinstall 4096 Apr 28 17:10 welcome_images
-rw------- 1 appoam oinstall 11028 Apr 28 17:10 welcome-index.html
-rw------- 1 appoam oinstall 6348 Apr 28 17:10 welcome_as.html
-rw------- 1 appoam oinstall 4155 Apr 28 17:10 welcome_em.html
-rw------- 1 appoam oinstall 3736 Apr 28 17:10 welcome_classic.html
-rw------- 1 appoam oinstall 5635 Apr 28 17:10 welcome_soa.html
-rw------- 1 appoam oinstall 5231 Apr 28 17:10 welcome_idm.html
-rw------- 1 appoam oinstall 7584 Apr 28 17:10 welcome_grid.html
-rw------- 1 appoam oinstall 5787 Apr 28 17:10 welcome_webcenter.html
drwxrwxrwx 2 appoam oinstall 4096 Apr 29 19:02 public
[appoam@slcr12devtap1 htdocs]$ cp index.html
/apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/htdo
cs/public
[appoam@slcr12devtap1 htdocs]$
Access a Public Resource
http://usaslcoagr12t.goldbar.barrick.com:7777/public/index.html
Access a Protected Resource
http://usaslcoagr12t.goldbar.barrick.com:7777/index.html
Configure Identity Store
export MW_HOME=/apps/Middleware/MW_HOME/OAM
export ORACLE_HOME=/apps/Middleware/MW_HOME/OAM/Oracle_OAM
export JAVA_HOME=/apps/jrockit-jdk1.6.0_51/bin
export IDM_ORACLE_HOME=/apps/Middleware/MW_HOME/OAM/Oracle_OAM
[appoam@slcr12devtap1 OAM]$ cd $ORACLE_HOME
[appoam@slcr12devtap1 Oracle_OAM]$ cd idmtools/
[appoam@slcr12devtap1 idmtools]$ cd bin
[appoam@slcr12devtap1 bin]$ vi extend.props
[appoam@slcr12devtap1 bin]$ ./idmConfigTool.sh -preConfigIDStore input_file=extend.props
IDSTORE_HOST : usaslcoamr12t.goldbar.barrick.com
IDSTORE_PORT : 3060
IDSTORE_BINDDN : cn=orcladmin
IDSTORE_USERNAMEATTRIBUTE: cn

IDSTORE_LOGINATTRIBUTE: uid
IDSTORE_USERSEARCHBASE:cn=Users,dc=goldbar,dc=barrick,dc=com
IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=goldbar,dc=barrick,dc=com
IDSTORE_SEARCHBASE: dc=goldbar,dc=barrick,dc=com
IDSTORE_SYSTEMIDBASE: cn=systemids,dc=goldbar,dc=barrick,dc=com
Enter ID Store Bind DN password :
Apr 29, 2014 7:33:33 PM oracle.ldap.util.LDIFLoader loadOneLdifFile
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/idm_idstore_grou
ps_template.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/idm_idstore_grou
ps_acl_template.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/systemid_pwdpoli
cy.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/idstore_tuning.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oid_schema_extn.
ldif
INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/oim-
intg/ldif/oid/schema/OID_oblix_pwd_schema_add.ldif
intg/ldif/oid/schema/OID_oim_pwd_schema_add.ldif
intg/ldif/oid/schema/OID_oblix_schema_add.ldif
intg/ldif/oid/schema/OID_oblix_schema_index_add.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/fa_pwdpolicy.ldif
The tool has completed its operation. Details have been logged to automation.log

Create Users and Groups in LDAP
[appoam@slcr12devtap1 bin]$ vi oam.props
[appoam@slcr12devtap1 bin]$ ./idmConfigTool.sh -prepareIDStore mode=OAM
input_file=oam.props
Enter ID Store Bind DN password :
*** Creation of Oblix Anonymous User ***
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oam_10g_anony
mous_user_template.ldif
Enter User Password for oblixanonymous:
Confirm User Password for oblixanonymous:
*** Creation of oamadmin ***
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oam_user_templa
te.ldif
Enter User Password for oamadmin:
Confirm User Password for oamadmin:
*** Creation of oamLDAP ***
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oim_user_templat
e.ldif
Enter User Password for oamLDAP:
Confirm User Password for oamLDAP:
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/common/oam_user_g
roup_read_acl_template.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oim_group_templ
ate.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/common/oam_group_
member_template.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/common/oam_group_
member_template.ldif

INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oam_user_write_
acl.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oam_config_acl.ld
if
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oid_schemaadmin
.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/fa_add_pwdpolicy
.ldif
INFO: -> LOADING:
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/fa_add_pwdpolicy
.ldif
The tool has completed its operation. Details have been logged to automation.log
IDSTORE_HOST : usaslcoamr12t.goldbar.barrick.com
IDSTORE_PORT : 3060
IDSTORE_BINDDN : cn=orcladmin
IDSTORE_USERNAMEATTRIBUTE: cn
IDSTORE_LOGINATTRIBUTE: uid
IDSTORE_USERSEARCHBASE: cn=Users,dc=goldbar,dc=barrick,dc=com
IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=goldbar,dc=barrick,dc=com
IDSTORE_SEARCHBASE: dc=goldbar,dc=barrick,dc=com
POLICYSTORE_SHARES_IDSTORE: true
OAM11G_IDSTORE_ROLE_SECURITY_ADMIN:OAMAdministrators
IDSTORE_OAMSOFTWAREUSER:oamLDAP
IDSTORE_OAMADMINUSER:oamadmin
IDSTORE_SYSTEMIDBASE:cn=systemids,dc=goldbar,dc=barrick,dc=com

Set LDAP to System and Default Store

Verify Login as OID User
At this point, test your WebGate again. Refer to section Test your WebGate.
Access the protected test page from your browser:
http://usaslcoagr12t.goldbar.barrick.com:7777/index.html
Login as oamadmin user
Configure Response Headers Add Response Headers to the Authentication Policies
In the OAM Console, navigate to Policy Configuration tab > Browse tab > Application Domains
node > Search for {Identifier for your WebGate} usaslcoagr12t > Authentication Policies >
Protected Resource Policy.

Double-click the node Protected Resource Policy.
In the Authentication Policy configuration window, click on the Responses tab. Use the "+" icon
and add the following two rows.
Name Type Value
USER_NAME Header $user.userid
USER_ORCLGUID Header $user.attr.orclguid
Leave the Identity Assertion checkbox unchecked.
Click Apply to save your changes.
Add Response Headers to the Authorization Policies
In the OAM Console, navigate to Policy Configuration tab > Browse tab > Application Domains
node > Search for {Identifier for your WebGate} usaslcoagr12t> Authorization Policies node >
Protected Resource Policy.
Double-click the node Protected Resource Policy.
In the Authorization Policy configuration window, click on the Responses tab. Use the "+" icon
and add the following two rows.
Name Type Value
USER_NAME Header $user.userid
USER_ORCLGUID Header $user.attr.orclguid
Click Apply to save your changes.

OAMADMIN Relogin issue:
In OAM console under security relam create OID Authenticator
And change order as like below.
Make sure Control Flag: set to Sufficient.

Test Response Headers
[appoam@usaslcoamr12t htdocs]$ ls -ltr
[appoam@usaslcoamr12t htdocs]$ pwd
cs
[appoam@usaslcoamr12t htdocs]$ ln -s ../cgi-bin cgi-bin
[appoam@usaslcoamr12t htdocs]$ chmod 755 cgi-bin/printenv
Logon to the OAM Console
In the OAM Console, navigate to Policy Configuration tab > Application Domains node > Search
for {Identifier for your WebGate} > Resources node.

Double-click the node Resources.
Click the "New Resource" button at the upper right hand side of the window.
Enter the following information in the Create Resource region, and click Apply:
•Type = HTTP
•Description = Test Response Headers
•Host Identifier = {Identifier for your WebGate}
•Resource URL= /cgi-bin/printenv
•Protection Level = Protected
•Authentication Policy = Protected Resource Policy
•Authorization Policy = Protected Resource Policy
Access the protected printenv script from your browser. For example:
http://usaslcoagr12t.goldbar.barrick.com:7777/cgi-bin/printenv
Configure OAM to support long URLs
Long URLs may exceed a cookie limit on your Internet browser. Configure Oracle Access
Manager to support long URLs by changing the serverRequestCacheType from COOKIE to FORM
in Oracle Access Manager configuration file
$DOMAIN_HOME/config/fmwconfig/oam-config.xml:
[appoam@usaslcoamr12t fmwconfig]$ cp -r oam-config.xml oam-config.xml_05042014
[appoam@usaslcoamr12t fmwconfig]$ vi oam-config.xml
[appoam@usaslcoamr12t fmwconfig]$ pwd
/apps/Middleware/MW_HOME/OAM/user_projects/domains/OAMDomain/config/fmwconfig
[appoam@usaslcoamr12t fmwconfig]$
Change
<Setting Name="serverRequestCacheType" Type="xsd:string">COOKIE</Setting>
to
<Setting Name="serverRequestCacheType" Type="xsd:string">FORM</Setting>
Session Timeout parameter:
Check Ebiz session timeout parameter and match with same values.

Configure Oracle Access Manager Whitelist
[appoam@usaslcoamr12t bin]$ ./wlst.sh
CLASSPATH=/apps/Middleware/MW_HOME/OAM/patch_wls1036/profiles/default/sys_manife
st_classpath/weblogic_patch.jar:/apps/Middleware/MW_HOME/OAM/patch_ocp371/profiles/
default/sys_manifest_classpath/weblogic_patch.jar:/apps/jrockit-
jdk1.6.0_51/lib/tools.jar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/weblo
gic_sp.jar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/weblogic.jar:/apps/
Middleware/MW_HOME/OAM/modules/features/weblogic.server.modules_10.3.6.0.jar:/apps/
Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/webservices.jar:/apps/Middleware/M
W_HOME/OAM/modules/org.apache.ant_1.7.1/lib/ant-
all.jar:/apps/Middleware/MW_HOME/OAM/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-
contrib.jar::/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/lib/wlst/configupg
rade.jar:/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/lib/wlst/oam-
wlst.jar:/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/lib/wlst/sts-
wlst.jar:/apps/Middleware/MW_HOME/OAM/utils/config/10.3/config-
launch.jar:/apps/Middleware/MW_HOME/OAM/Oracle_OAM/common/wlst/resources/oes-
common.jar:/apps/Middleware/MW_HOME/OAM/Oracle_OAM/common/wlst/resources/oic-
wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/modules/oracle.jrf_11.1.1/jrf-
wlstman.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/adfscripti
ng.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/adf-share-
mbeans-
wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/mdswlst.jar:/
apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/auditwlst.jar:/a
pps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/igfwlsthelp.jar:/
apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/jps-
wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/jps-
wls-

trustprovider.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resourc
es/jrf-
wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/oama
p_help.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/oa
mAuthnProvider.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/reso
urces/ossoiap_help.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/r
esources/ossoiap.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/res
ources/ovdwlsthelp.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/r
esources/sslconfigwlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wls
t/resources/wsm-wlst.jar:/apps/Middleware/MW_HOME/OAM/utils/config/10.3/config-
launch.jar::/apps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbynet.j
ar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbyclient.jar:/ap
ps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbytools.jar::
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
wls:/offline> connect()
Please enter your username :weblogic
Please enter your password :
Please enter your server URL [t3://localhost:7001]
:t3://usaslcoamr12t.goldbar.barrick.com:7003
Connecting to t3://usaslcoamr12t.goldbar.barrick.com:7003 with userid weblogic ...
[ERROR][thread ] Could not start thread Timer-0. Resource temporarily unavailable
[ERROR][thread ] Could not start thread weblogic.transaction.TxTimer: '1'. Resource
temporarily unavailable
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'OAMDomain'.
Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.
wls:/OAMDomain/serverConfig> domainRuntime()
wls:/OAMDomain/domainRuntime> oamSetWhiteListMode(oamWhiteListMode="true")
The enableWhitelistValidation is set successfully
wls:/OAMDomain/domainRuntime> oamWhiteListURLConfig
(Name="EBS",Value="http://slcr12devtap1.goldbar.barrick.com:8080", Operation="Update")
The whitelist URL with key EBS has been updated.
wls:/OAMDomain/domainRuntime> oamWhiteListURLConfig
(Name="OAMCONSOLE",Value="http://usaslcoamr12t.goldbar.barrick.com:7003",
Operation="Update")

The whitelist URL with key OAMCONSOLE has been updated.
Configure Oracle E-Business Suite
Create WebLogic Domain and Managed Server for Oracle E-Business Suite AccessGate

Start WebLogic server for Oracle E-Business Suite AccessGate
Deploy Oracle E-Business Suite AccessGate
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12
appoam@usaslcoamr12t devt12]$ unzip p18006775_R12_GENERIC.zip
creating: sample/
inflating: fndauth.war
inflating: fndauth_deployment_plan.tmp
inflating: fndext.jar
inflating: sample/logging.properties
inflating: sample/samplecleanup.html
inflating: txkEBSAuth.xml
inflating: Readme.txt
creating: plan/
[appoam@usaslcoamr12t devt12]$ ls -ltr
total 660
drwxr-xr-x 2 appoam oinstall 4096 Apr 16 2013 plan
-rw-r--r-- 1 appoam oinstall 30387 Jul 12 2013 txkEBSAuth.xml
drwxr-xr-x 2 appoam oinstall 4096 Jul 12 2013 sample

-rw-r--r-- 1 appoam oinstall 4246 Jul 12 2013 fndauth_deployment_plan.tmp
-rw-r--r-- 1 appoam oinstall 240550 Jul 12 2013 fndext.jar
-rw-r--r-- 1 appoam oinstall 378475 Jul 12 2013 fndauth.war
-rw-r--r-- 1 appoam oinstall 1610 Jul 12 2013 Readme.txt
[appoam@usaslcoamr12t devt12]$ cd sample/
[appoam@usaslcoamr12t sample]$ ls -ltr
total 12
-rw-r--r-- 1 appoam oinstall 6536 Jul 12 2013 samplecleanup.html
-rw-r--r-- 1 appoam oinstall 1395 Jul 12 2013 logging.properties
[appoam@usaslcoamr12t sample]$ cp -r samplecleanup.html
cs/public/oacleanup.html
http://usaslcoamr12t.goldbar.barrick.com:7777/public/oacleanup.html
[appoam@usaslcoamr12t devt12]$ ls -ltr
total 660
drwxr-xr-x 2 appoam oinstall 4096 Apr 16 2013 plan
-rw-r--r-- 1 appoam oinstall 30387 Jul 12 2013 txkEBSAuth.xml
drwxr-xr-x 2 appoam oinstall 4096 Jul 12 2013 sample
-rw-r--r-- 1 appoam oinstall 4246 Jul 12 2013 fndauth_deployment_plan.tmp
-rw-r--r-- 1 appoam oinstall 240550 Jul 12 2013 fndext.jar
-rw-r--r-- 1 appoam oinstall 378475 Jul 12 2013 fndauth.war
-rw-r--r-- 1 appoam oinstall 1610 Jul 12 2013 Readme.txt
[appoam@usaslcoamr12t devt12]$
cp -r fndext.jar /apps/Middleware/MW_HOME/OAM/user_projects/domains/EAGDomain/lib/
Generate DBC file In Ebiz:
java -Duser.language=en -Duser.region=US oracle.apps.fnd.security.AdminDesktop
apps/apps12 CREATE NODE_NAME=usaslcoamr12t IP_ADDRESS=10.13.80.134
DBC=$FND_SECURE/DEVT12.dbc
[oraDEVT12@slcr12devtap1 secure]$ java -Duser.language=en -Duser.region=US
oracle.apps.fnd.security.AdminDesktop apps/apps12 CREATE NODE_NAME=usaslcoamr12t
IP_ADDRESS=10.13.80.134 DBC=$FND_SECURE/DEVT12.dbc
Application node exists, using server ID of node.
Committing changes
CREATE executed successfully - DEVT12_USASLCOAMR12T.dbc

Scp Generated file to OAM server at location
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12
Set Up Necessary Oracle E-Business Suite Users
ASADMIN is default account we are using here.
Set up a necessary Oracle E-Business Suite user with role UMX|APPS Schema Connect.
After setting up the user, logon locally to Oracle E-Business Suite as the user with role
UMX|Apps Schema Connect.
http://<ebshost>.<domain>:<port>/OA_HTML/AppsLocalLogin.jsp
If this user has just been created, you will be prompted on logon to Oracle E-Business Suite to
reset the password. Reset the password.
Verify that you can successfully logon locally with the new password as the user with role
UMX|Apps Schema Connect.
Create Datasource for Oracle E-Business Suite AccessGate using txkEBSAuth.xml
[appoam@usaslcoamr12t devt12]$ ant -f txkEBSAuth.xml createDataSource -
DuseDefaults=false -Dwlshosturl=usaslcoamr12t.goldbar.barrick.com:7041 -Dwlsuser=weblogic
-Dwlspwd=Passw0rd -DdataSourceName=devt12 -DdataSourceJNDIName=jndi/devt12 -
DasadminUser=asadmin -DasadminPassword=0racle1 -DserverName=eag_server1 -
DdbcFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/DEVT12_USASLCO
AMR12T.dbc -DforceDataSource=true
Buildfile: txkEBSAuth.xml
findOS:
getServerDetails:
[input] skipping input as property wlshosturl has already been set.
[input] skipping input as property wlsuser has already been set.
getWLSAdminPasswordWindows:
getWLSAdminPasswordUnix:
echoON:
[input] skipping input as property wlspwd has already been set.
echoOFF:

getDataSourceDetails:
[input] skipping input as property dataSourceName has already been set.
[input] skipping input as property dataSourceJNDIName has already been set.
[input] skipping input as property dbcFile has already been set.
[input] skipping input as property asadminUser has already been set.
getappsDBDetails:
[echo] DBC File is
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/DEVT12_USASLCOAMR12T.
dbc
[echo] APPS_JDBC_URL is
APPS_JDBC_URL=jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=YES
)(FAILOVER=YES)(ADDRESS=(PROTOCOL=tcp)(HOST=slcr12devtdb1.goldbar.barrick.com)(PO
RT=1601)))(CONNECT_DATA=(SERVICE_NAME=DEVT12)))
[echo]
[echo] Following values are retrieved from DBC File:
[echo] SID/SERVICE:DEVT12
[echo]
APPS_JDBC_URL:jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=YES)(FAIL
OVER=YES)(ADDRESS=(PROTOCOL=tcp)(HOST=slcr12devtdb1.goldbar.barrick.com)(PORT=1601)
))(CONNECT_DATA=(SERVICE_NAME=DEVT12)))
getASADMINPasswordWindows:
getASADMINPasswordUnix:
echoON:
[input] skipping input as property asadminPassword has already been set.
echoOFF:
getTargetServerDetails:
[input] skipping input as property serverName has already been set.
getDataSourceParameters:
checkDBCExists:
checkFndextWarExits:
createDataSource:
[echo] ********************************************************************
[echo] STEP 1: CREATING DATA SOURCE
[echo] ********************************************************************

[wlst] Connecting to server using username:weblogic
url:usaslcoamr12t.goldbar.barrick.com:7041
[wlst] Connecting to t3://usaslcoamr12t.goldbar.barrick.com:7041 with userid weblogic ...
[wlst] Successfully connected to Admin Server 'AdminServer' that belongs to domain
'EAGDomain'.
[wlst]
[wlst] Warning: An insecure protocol was used to connect to the
[wlst] server. To ensure on-the-wire security, the SSL port or
[wlst] Admin port should be used instead.
[wlst]
[wlst] Check if data source devt12 already exits
[wlst]
[wlst]
[wlst] Check if JNDI Name jndi/devt12 already exists
[wlst]
[wlst] Changing to Edit Mode
[wlst] Location changed to edit tree. This is a writable tree with
[wlst] DomainMBean as the root. To make changes you will need to start
[wlst] an edit session via startEdit().
[wlst]
[wlst] For more help, use help(edit)
[wlst]
[wlst] Starting an edit session ...
[wlst] Started edit session, please be sure to save and activate your
[wlst] changes once you are done.
[wlst]
[wlst] Creating data source : devt12
[wlst]
[wlst] Setting JDBCDataSourceParams for the data source devt12
[wlst]
[wlst] Setting JNDI name for the data source devt12
[wlst]
[wlst] Setting JDBCDriverParams for the data source devt12
[wlst]
[wlst] Setting User and dbcFile properties for the data source devt12
[wlst]
[wlst] Setting JDBCConnectionPoolParams for the data source devt12
[wlst]
[wlst] Setting GlobalTransactionsProtocol for the data source devt12
[wlst]
[wlst] Setting target for the data source devt12
[wlst]
[wlst] Saving all your changes ...
[wlst] Saved all your changes successfully.

[wlst] Activating all your changes, this may take a while ...
[wlst] The edit lock associated with this edit session is released
[wlst] once the activation is completed.
[wlst] Activation completed
[wlst] Successfully created data source devt12.
[wlst] Disconnected from weblogic server: AdminServer
BUILD SUCCESSFUL
Total time: 42 seconds
Deploy Oracle E-Business Suite AccessGate using txkEBSAuth.xml
[appoam@usaslcoamr12t devt12]$ ant -f txkEBSAuth.xml deployApplication -
DuseDefaults=false -Dwlshosturl=usaslcoamr12t.goldbar.barrick.com:7041 -Dwlsuser=weblogic
-Dwlspwd=Passw0rd -DdataSourceName=devt12 -DasadminUser=asadmin -
DasadminPassword=0racle1 -DdataSourceJNDIName=jndi/devt12 -
AMR12T.dbc -DserverName=eag_server1 -DdeploymentName=ebsauth_devt12 -
DfndauthWarFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.w
ar -
DplanPath=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml -
DSSOServerRelease=11 -DSSOServerURL=http://usaslcoamr12t.goldbar.barrick.com:7777 -
DWebgateLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/public/oacleanup.html -
DcontextRoot=ebsauth_devt12 -DforceDeployment=true -
DOAMLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/oam/server/logoutant -f
txkEBSAuth.xml deployApplication -DuseDefaults=false -
Dwlshosturl=usaslcoamr12t.goldbar.barrick.com:7041 -Dwlsuser=weblogic -Dwlspwd=Passw0rd
-DdataSourceName=devt12 -DasadminUser=asadmin -DasadminPassword=0racle1 -
DdataSourceJNDIName=jndi/devt12 -
AMR12T.dbc -DserverName=eag_server1 -DdeploymentName=ebsauth_devt12 -
DfndauthWarFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.w
ar -
DplanPath=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml -
DSSOServerRelease=11 -DSSOServerURL=http://usaslcoamr12t.goldbar.barrick.com:7777 -
DWebgateLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/public/oacleanup.html -
DcontextRoot=ebsauth_devt12 -DforceDeployment=true -
DOAMLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/oam/server/logout
Buildfile: txkEBSAuth.xml
findOS:

getServerDetails:
echoON:
echoOFF:
getDeploymentDetails:
[input] skipping input as property deploymentName has already been set.
[input] skipping input as property contextRoot has already been set.
[input] skipping input as property fndauthWarFile has already been set.
[input] skipping input as property planPath has already been set.
getOAMDetails:
[input] skipping input as property WebgateLogoutURL has already been set.
[input] skipping input as property SSOServerRelease has already been set.
[input] skipping input as property SSOServerURL has already been set.
getDeploymentParameters:
checkWarExists:
checkDBCExists:
copyDeploymentPlan:
[echo] Copying fndauth_deployment_plan.tmp to
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml
[copy] Copying 1 file to
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan
checkPlanDirExists:
creatPlandirAndWeblogicXML:

[touch] Creating
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/plan/WEB-
INF/weblogic.xml
checkPlanExists:
getAPPServerID:
updateDeploymentPlan:
[echo] Updating Deployment Plan
deployApplication:
[echo] ********************************************************************
[echo] STEP 2: DEPLOYING APPLICATION
[echo] ********************************************************************
[wlst]
'EAGDomain'.
[wlst]
[wlst]
[wlst]
[wlst] Check if deployment ebsauth_devt12 already exists.
[wlst]
[wlst] Location changed to serverRuntime tree. This is a read-only tree with
ServerRuntimeMBean as the root.
[wlst] For more help, use help(serverRuntime)
[wlst]
[wlst]
[wlst]
[wlst] Deploying application to eag_server1
[wlst]
[wlst]
[wlst]

[wlst] Deploying application from
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war to targets
eag_server1 (upload=false) ...
[wlst] <May 4, 2014 4:02:08 PM MDT> <Info> <J2EE Deployment SPI> <BEA-260121>
<Initiating deploy operation for application, ebsauth_devt12 [archive:
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war], to
eag_server1 .>
[wlst] You have an edit session in progress, hence WLST will not
[wlst] block for your deployment to complete.
[wlst] Started the Deployment of Application. Please refer to the returned WLSTProgress
object or variable LAST to track the status.
[wlst]
[wlst] Successfully deployed fndauth.war application.
[wlst]
[wlst] <May 4, 2014 4:02:17 PM MDT> <Warning> <JNDI> <BEA-050001> <WLContext.close()
was called in a different thread than the one in which it was created.>
findOS:
getServerDetails:
echoON:
echoOFF:

getDeploymentDetails:
[input] skipping input as property deploymentName has already been set.
[input] skipping input as property contextRoot has already been set.
[input] skipping input as property fndauthWarFile has already been set.
[input] skipping input as property planPath has already been set.
getOAMDetails:
[input] skipping input as property WebgateLogoutURL has already been set.
[input] skipping input as property SSOServerRelease has already been set.
[input] skipping input as property SSOServerURL has already been set.
getDeploymentParameters:
checkWarExists:
checkDBCExists:
copyDeploymentPlan:
[echo] Copying fndauth_deployment_plan.tmp to
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml
[copy] Copying 1 file to
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan
checkPlanDirExists:
creatPlandirAndWeblogicXML:
checkPlanExists:
getAPPServerID:
updateDeploymentPlan:
[echo] Updating Deployment Plan
deployApplication:
[echo] ********************************************************************
[echo] STEP 2: DEPLOYING APPLICATION
[echo] ********************************************************************
[wlst]

'EAGDomain'.
[wlst]
[wlst]
[wlst]
[wlst] Check if deployment ebsauth_devt12 already exists.
[wlst]
[wlst]
************************************************************************
[wlst] WARNING: Application with name ebsauth_devt12 already exists.
[wlst]
************************************************************************
[wlst] Location changed to serverRuntime tree. This is a read-only tree with
ServerRuntimeMBean as the root.
[wlst] For more help, use help(serverRuntime)
[wlst]
[wlst]
[wlst]
[wlst] Deploying application to eag_server1
[wlst]
[wlst]
[wlst]
[wlst] Deploying application from
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war to targets
eag_server1 (upload=false) ...
[wlst] <May 4, 2014 4:02:39 PM MDT> <Info> <J2EE Deployment SPI> <BEA-260121>
<Initiating deploy operation for application, ebsauth_devt12 [archive:
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war], to
eag_server1 .>
[wlst] You have an edit session in progress, hence WLST will not
[wlst] block for your deployment to complete.

[wlst] Started the Deployment of Application. Please refer to the returned WLSTProgress
object or variable LAST to track the status.
[wlst]
[wlst] Successfully deployed fndauth.war application.
[wlst]
[wlst] <May 4, 2014 4:02:42 PM MDT> <Warning> <JNDI> <BEA-050001> <WLContext.close()
was called in a different thread than the one in which it was created.>
BUILD SUCCESSFUL
Total time: 57 seconds
Redirect HTTP Server to WebLogic Server for Oracle E-Business Suite AccessGate
cd /apps/Middleware/MW_HOME/OAM/Oracle_WT1/instance/web1/config/OHS/ohs1
vi mod_wl_ohs.conf
<IfModule mod_weblogic.c>
WebLogicHost usaslcoagr12t.goldbar.barrick.com
WebLogicPort 7047
</IfModule>
#EBS Accessgate for crp2
<Location /ebsauth_crp2>
SetHandler weblogic-handler
WLProxySSL ON
WLProxySSLPassThrough ON
WebLogicPort 7047
</Location>
#for OAM
<IfModule weblogic_module>
<Location /oam>
SetHandler weblogic-handler
WLProxySSL ON

WLProxySSLPassThrough ON
WLCookieName jsessionid
WebLogicPort 14100
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log"
</Location>
</IfModule>
SSOlogout test:
We should get blank page here.
http://usaslcoagr12t.goldbar.barrick.com:7043/ebsauth_devt12/ssologout_callback
http://slcr12devtap1.goldbar.barrick.com:8080/OA_HTML/AppsLogout

Set Oracle E-Business Suite profile options
Application Authenticate Agent --
http://usaslcoagr12t.goldbar.barrick.com:7777/ebsauth_crp2
Applications SSO Type --- SSWA w/SSO
Applications Single Sign On Hint Cookie Name --- Blank
Applications SSO Auto Link User -- Enabled
Applications SSO Login Types -- Both
Ebiz Patches:
Make below patches applied to ebiz instance.
12387976
14196434
16015113
Softlink Creation for oblog_config.xml
/apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/config
oblog_config.xml ->
/apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/config/oblog_conf
ig_wg.xml
Integrate E-Business with OID
[oraDEVT12@slcr12devtap1 ~]$ $FND_TOP/bin/txkrun.pl -script=SetSSOReg -
registerinstance=yes
You are registering ORACLE HOME only.
Enter the host name where Oracle iAS Infrastructure database is installed ?
usaslcoamr12t.goldbar.barrick.com
Enter the LDAP Port on Oracle Internet Directory server ? 3060
Enter SSL LDAP Port on Oracle Internet Directory server ? 3131
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ?
[oraDEVT12@slcr12devtap1 ~]$
[oraDEVT12@slcr12devtap1 ~]$ $FND_TOP/bin/txkrun.pl -script=SetSSOReg -
registerinstance=yes

You are registering ORACLE HOME only.
Enter the host name where Oracle iAS Infrastructure database is installed ?
usaslcoamr12t.goldbar.barrick.com
Enter SSL LDAP Port on Oracle Internet Directory server ? 3131
Enter Oracle E-Business apps database user password ?
*** Log File =
/apps/DEVT12/inst/apps/DEVT12_slcr12devtap1/logs/appl/rgf/TXK/txkSetSSOReg_Thu_May_8
_16_48_47_2014.xml
Beginning input parameter validation for Oracle Home Instance registration.
Input parameter validation for Oracle Home Instance registration completed.
BEGIN ORACLE HOME INSTANCE REGISTRATION:
Oracle Home Instance preferences stored successfully.
Oracle Home Instance registered successfully.
End of /apps/DEVT12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl : No
Errors encountered
[oraDEVT12@slcr12devtap1 ~]$ $FND_TOP/bin/txkrun.pl -script=SetSSOReg -registeroid=yes -
provisiontype=4
You are registering this instance with OID Server.
Enter LDAP Host name ? usaslcoamr12t.goldbar.barrick.com
Enter the instance password that you would like to register this application instance with ?
Enter Oracle E-Business apps database user password ?
*** Log File =
/apps/DEVT12/inst/apps/DEVT12_slcr12devtap1/logs/appl/rgf/TXK/txkSetSSOReg_Thu_May_8
_16_51_42_2014.xml
Beginning input parameter validation for OID registration.
Input parameters validation for OID registration completed.

BEGIN OID REGISTRATION:
Beginning to register Application and Service containers if necessary.
Application and Service containers were created successfully if necessary.
Beginning to register application in Oracle Internet Directory.
Registration of application in Oracle Internet Directory completed successfully.
-> LOADING:
/apps/DEVT12/apps/apps_st/appl/fnd/12.0.0/admin/template/AppsOIDRegistration.tmp
Beginning to register provisioning profile in Oracle Internet Directory.
Registration of provisioning profile in Oracle Internet Directory completed successfully.
Application is now registered successfully with provisioning in Oracle Internet Directory.
End of /apps/DEVT12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl : No
Errors encountered

OAM Install & Config

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie OAM Install & Config

Ähnlich wie OAM Install & Config (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

OAM Install & Config