Installing Oracle Identity Management (OIM & OAM) 11g R1 PS2 (11.1.1.3) : High Level Steps

Oracle on 21st July, released Identity Management 11gR1 for OAM, OIM, OAAM & OIN (new component introduced in 11gR1) . This post covers very high level steps to install and configure OIM & OAM 11g (detailed step by step instructions coming soon…)  

  • For those who are new to Oracle Identity Management, check this post here for list of  products which comes under Oracle’s Identity Management stack.

A. OAM : Oracle Access Management (product for access management and web Single Sign-On).

B. OIM : Oracle Identity Manager (product for Identity provisioning, reconciliation and management)

.

High Level Steps for OIM & OAM 11g installation
1)Install Oracle WebLogic Server 10.3.3 (aka Oracle WebLogic 11g R1 PS2)

2) Install Oracle Database (11.1.0.7+ or 11.2.X+)

3)Run RCU (Repository Creation Utility) and load schemas
a) For OIM: Select Identity Management – Oracle Identity Manager, SOA Infrastructure schema, the User Messaging Service schema, and the Metadata Services .
b) For OAM : Identity Management – Oracle Access Manager, AS Common Schema – Audit Services.

  • For more information on RCU click here
  • More information on loading schema for OAM/OIM here

4) For Identity Manager only, install SOA 11.1.1.2.0 (11gR1 PS1) and upgrade it to 11.1.1.3.0(11g R1 PS2)
Note* For SOA 11.1.1.3.0 is patchset only where as 11.1.1.2.0 is base software.
Note* If you want just OAM (Oracle Access Manager) : SOA 11g is not required.

5) Install Oracle Identity Management 11g R1 (This step will create ORACLE_HOME for Identity Management- OIM & OAM)

  • For more information on MW_HOME, ORACLE_HOME DOMAIN_HOME click here

6. Run $ORACLE_HOME/common/bin/config.sh (where ORACLE_HOME is directory under MW_HOME for OIM & OAM binaries) to configure your Oracle Identity Management products (OIM & OAM) .

This step will create weblogic domain and deploy applications related to OIM , OAM & OIN.

  • For more information on WebLogic Domain, Admin & Managed Server click here

7. Install WebGates for OAM on HTTP servers which you wish to protect using OAM.
.
For detailed steps check Oracle Installation Guide for OIM, OAM, OAAM, OIN 11g here
 

About the Author Atul Kumar

Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Oracle Gold Partner specialising in Design, Implement, and Trainings.

follow me on:

Leave a Comment:

26 comments
edugoja says July 31, 2010

What is the correct RCU (linux) for this installation? In the 11.1.1.3, I can’t found the schemas for OIM and OAM.

Reply
edugoja says July 31, 2010

mmm… I found them, I had unzipped the package into another folder and was using the previous… Thanks for this post!!

Reply
edugoja says July 31, 2010

I found them, I had unzipped the package into another folder and was using the previous … Thanks for this post!!

Reply
Atul Kumar says August 1, 2010

@ edugoja,
OIM, OAM 11g schemas are under “Repository Creation Utility 11.1.1.3.2″ under “Required Additional Software” at http://www.oracle.com/technetwork/middleware/downloads/fmw-11-download-092893.html

Reply
Mahendra says August 3, 2010

Atul,

I have a doubt whether the OAM 11g software is ready for download? If so, can you provide the link please?

Mahendra.

Reply
Atul Kumar says August 3, 2010

@ Mahendra,
Yes 11.1.1.1.3 which contains OIM//OAM/OAAM is now available to downbload .

http://www.oracle.com/technetwork/middleware/downloads/fmw-11-download-092893.html
Download RCU – 11.1.1.3.2 (This will contain schemas for OIM/OAM/OAAM)

http://www.oracle.com/technetwork/middleware/downloads/oid-11g-161194.html

Under section Oracle Identity and Access Management (11.1.1.3.0)

Reply
Mahendra says August 3, 2010

Thanks Atul,
Can you please provide link for OAM 11g documentation?

-Mahendra

Reply
knpn says August 18, 2010

you can find soa version by executing soahome/bin/soaversion.sh

Reply
Mahendra says August 27, 2010

Atul,

Did you find any documentation for BPM integration with OAM for SSO?

-Mahendra.

Reply
kevinb says September 1, 2010

Why is SOA required? How does it fit into the grand picture for IDM?

Reply
Atul Kumar says September 1, 2010

@Kevinb, Human Workflow component of SOA is used by OIM (Identity Manager) during user provisioning or changes on unser identity.

Reply
avimajeti says December 8, 2010

Can you someone tell the system requiremnts for installing OIM 11g

Reply
sam says January 6, 2011

IS there a way to install all Oracle Identity manager manually without going through the GUI screens?
because my OIM takes more than 2 hours to install. Im looking to speedup the prcess.
Is there a way?

Reply
Atul Kumar says January 7, 2011

@ Sam,
OIM takes more than 2 hours to install – This could be because of memory/cpu issues (not enough resource) .

Anyway to use silent insatll using response file

http://download.oracle.com/docs/cd/E14571_01/install.1111/b32474/silent_install.htm#ASINS228

Reply
nagendra says July 19, 2011

Hi Atul,

I’m new to OIF11g. I installed OID11g,OVD11g,OIF11g in one machine.
I installed OAM11g in another machine.
Now I want to integrate OAM11g and OIF11g for SSO.
I installed Apache HTTP 2.0.52 server in OIF machine and Webgate 10.1.4.3 also installed on APACHE server.
AccessServerSDK also installed in OIF machine at OIF domain_home.

please provide any link to integrate them.

Thanks & Regards,

Nagendra.

Reply
Atul Kumar says July 19, 2011

@ Nagendra,
There are two modes in which OIF can be integrated with OAM

a) SP Mode (Service Provider)
b) Authentication Mode

Check this link

http://download.oracle.com/docs/cd/E21764_01/doc.1111/e15740/oif.htm#CACDFAEG

Reply
Naveen says October 5, 2011

Hi Atul, I installed the latest OAM 11.1.1.5. I am able login and configure using http://admin_server:admin_port/oamconsole. But when I access the OAM url http://oam_server:oam_port/oam. It is giving a single sign-on error message “Error
System error. Please re-try your action. If you continue to get this error, please contact the Administrator.”. Is this supposed to be that way?. Please advice.

Reply
Atul Kumar says October 6, 2011

@ Naveen,
This is because IAMSuite is enabled by default and there is problem in your oam managed server.

Check managed server oam_server1 log file for errors or as workaround you can remove provider IAMSuite using weblogic console.

For log location and troubleshooting tips check my book at https://www.packtpub.com/oracle-identity-and-access-manager-11g-for-administrators/book

Reply
Ramesh says June 22, 2012

I am in the process of installing ODSEE.
do we need a Oracle database in order to set up the directory Server?

Thanks

Reply
Nagesh says February 1, 2013

Hi Atul,
We have installed OAM 11.1.1.5.0 and integrated with EBS/ECM, when i connect to sso ebs url it connects(did not close the browser) now while accessing the ecm sso url am not able to connect throwing error “Error
System error. Please re-try your action. If you continue to get this error, please contact the Administrator” and checked in oam logfiles found this error “[2013-02-01T02:55:26.456-06:00] [oam_server1] [ERROR] [OAM-00002] [oracle.oam.binding] [tid: [ACTIVE].ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: ] [ecid: d9bb65ce36252ba4:-5eccfce:13c84d2d450:-8000-0000000000001015,0] [APP: oam_server] Error occurred while handling the request.[[
oracle.security.am.common.utilities.exception.AmRuntimeException: LoggedIn user is different than the existing session user
at oracle.security.am.engines.enginecontroller.SSOEngineController.createSession(SSOEngineController.java:1679)
at oracle.security.am.engines.enginecontroller.SSOEngineController.processEvent(SSOEngineController.java:424)

Can you please guide me how to resolve this issue.

Reply
Atul Kumar says February 1, 2013

@ Nagesh,
Which document did you use to integarte OAM with ECM ?

Is ECM weblogic domain using same OID server that is integrated with OAM ?

Reply
Nagesh says February 1, 2013

Thanks for the update Atul,

Both are on different servers.

Reply
Atul Kumar says February 1, 2013

@ Nagesh,
Do you mean there are two different OIDs one for ECM and another for OAM ?

Reply
Nagesh says February 1, 2013

followed the docs E14495-04Oracle® Fusion Middleware Application Security Guide 11g ,E12002-05Oracle® Fusion Middleware Installation Guide for Oracle Identity Management,
E10043-09 Installation Guide for Oracle Enterprise Content Management
Suite 11g Release

Reply
Nagesh says February 1, 2013

No Only one OID for EBS & ECM

Reply
Add Your Reply