Setup Oracle Access Manager 10g in Disaster Recovery

This post talks about general concepts of Disaster Recovery for Oracle Access Manager 10g. Disaster Recovery is highly essential for any of the organizations to have system up and running always and to have zero business downtime. In general, there will be Primary and Secondary environments which can be identical or non-identical. When one of the environments goes down, immediately the other production environment comes up to have business endurance always. I would like to explain this topic by correlating to our environment which has identical setup.

There are 2 production environments called Primary Site and Stand-By site. Each site has 2 nodes where OAM is installed as 2 Primary Access Servers and 1 Secondary Access Server. The hostnames of 2 nodes in two environments (Primary and Stand-By) are different.

Let us assume that hostnames of 2 nodes in Primary site are primary1.oracle.com and primary2.oracle.com and hostnames of 2 nodes in Stand-by site are standby1.oracle.com and  standby2.oracle.com.

The only important configuration is to configure the Host Identifiers in OAM Access System console to create a single hostname for both Primary and Stand-by sites. For instance if there a WebGate in node primary1.oracle.com, we can create hostname identifier as primary1.oracle.com and add respective hostname variations corresponding to primary node1 and standby node1 too. Similarly, WebGate on primary node2 will have a different hostname identifier which has hostname variations of standby node2.

Since Hostname Identifier is just a LOGICAL name, it can be used for both Primary and Stand-By sites. The same way, we can use a single WebGate profile for primary node1 and Standby node1. Thus when the switch happens from Primary to Standby, the webgates in Standby site will use the same WebGate and thus no manual intervention is required.

The below screenshot provides a single hostname identifer used for both Primary and Stand-By sites.

For single hostname identifier, we have declared the IP Address 192.168.21.25 (Primary) and 192.168.85.25 (Stand-by) .

NOTE: I did not cover the disaster recovery for OAM repositories (User, Configuration and Policy) here.

About the Author Mahendra

I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com

Leave a Comment:

6 comments
Girish Patel says January 30, 2013

Please provide the next steps
for
NOTE: I did not cover the disaster recovery for OAM repositories (User, Configuration and Policy) here

Also

Reply
Mahendra says January 30, 2013

Girish,

You can configure replication between user store (LDAP). The same applies for configuration and policy store. If there is no connection between Primary and Stand-By sites then you have to do it manually by copy the entries from policy base and configration base from Primary site LDAP to stand-by LDAP.

Hope this helps.

Thanks
Mahendra.

Reply
Girish Patel says February 4, 2013

Hi Mahendra,

Thanks for reply.

I also want to know for IAM disastor recovery setup below are menioned points:-
1. We had a IAM Prod DC live system where at the time of OIM-OAM installation of the components, we have used IP’s (somewhere) instead of Hostnames.

So now we want to setup IAM DR with this replica of IAM DC.

So we have copied the whole directories from IAM DC to DR and have find all concerned IP’s and replaced that with its hostnames.

So please let me know is that fine, if yes what next step should I proceed with…
we are following with this document e15250.pdf

Reply
Mahendra says February 5, 2013

Girish,

Please send the link for the document you’re referring.

-Mahendra

Reply
Girish Patel says February 5, 2013

http://docs.oracle.com/cd/E23943_01/doc.1111/e15250/toc.htm

Reply
Mahendra says February 5, 2013

Girish,

This post is specific to 10g version of OAM. The link you’re referring to is 11g version. There are architectural level changes between two version and hence disaster recovery setup procedure is different between two versions.

Thanks
Mahendra.

Reply
Add Your Reply