Oracle’s Identity Management Components include –
SSO – Oracle Single Sign-On Server
OID – Oracle Internet Directory
DAS – Delegated Administrative Services
DIP – Directory Integration & Provisioning Services
OCA – Oracle Certifying authority (Optional)
I am going to cover them in detail in my future posts, These Services & Component are quite important for Apps DBA as IM (Identity Management) is part of Oracle Apps Release 12.
This post covers overview & important notes w.r.t. to Identity Management Cluster where IM component are in Active Active scenario, which means IM components (OID, SSO, DAS) are available on both nodes for High Availability .
For IM underlying database can be single Instance database or Two or Multiple Instance RAC (Preferably atleast Two Node)
Distributed / Non Distributed IM
Distributed IM means IM components (SSO, DAS, OID) are distributed on more than one machine (SSO & DAS on one machine & OID on second machine).
Non Distributed IM means all IM components are on same machine.
You can cluster both Distributed or Non Distributed Identity Management
Here are few Notes/Checks which I learnt from my various Implementations
Things you should know before starting Installation
– Check if you want Distributed or Non-distributed IM Cluster
– Virtual Name of HTTP Server (Infra for SSO & OIDDAS) and protocol (http or https)
– Virtual Name of OID including port (SSL & NON-SSL, you need both. Default is 389 & 636 resp)
– Communication protocol requirement (HTTP or HTTPS) between
CLIENT -> Load Balancer -> HTTP Server
things you must do before Installing Oracle AS Identity Management Cluster
– synchronize system clock on all server (which are part of cluster) with in 250 second
– set cookie persistence at load balancer specifically for URI /oiddas/ , If your browser doesn’t support persistence setting at URI level then set for all HTTP Traffic (Set cookie to expire when browser session expires)
– Before Installing firt OID Node make sure TCP monitoring is not enabled on Load Balancer on first node
– Configure load balancer to return immediately to calling clients
Things/Tips which will be handy for AS Cluster (IM Type)
– For first OID Node Installation, make sure MR is not registered with any OID else it will fail. Installer checks that & if it finds that MR is already registered it assumes first node & asks for first OID node information to make it part of OID cluster
– Choose similar component on other node of cluster (i.e. If node first Node you have OID & DAS then on other Cluster node also Install OID & DAS)
– To access OID on any OID node in cluster , you have to use Password for ias_admin on first installation and not ias_admin password used second , third or further installation of Instance in cluster (oiddas, orasso, oidmon)
– For IM Cluster you always select IM and not IM+MR (This is during Installation Screen)
– For IM content database should already be loaded with Metadata Repository using Repca or MRCA (Repository Creation Assistance or Metadata Repository Creation Assistance)
– Installation steps for first OID Node is different than subsequent Node
– For IM Cluster , never select IM+MR during Installation screen , always select IM only.
– You have to select HA (High Availability) during Installation Options.
More on Indentity Management Cluster Installation..
Enable Apex Applications for SSO authentication ..
Coming soon ….
Now register for E-mail notification via “Email Subsciption” on your right Menu Bar
Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.