JDK Version Upgrade

Steps for JDK version upgrade:

1. Stop all the servers
2. Copy JDK <New Version> to /tmp/
3. Untar the installable
4. Take backup of existing JAVA(jrockit)
5. Copy the contents of the extracted/new java files to the existing JavaHome
6. Copy the cacerts from the jrockit backup taken before upgrade to java_home/jre/lib/security folder
7. Goto Domain_Home/bin and edit setDomainenv.sh
8. Search for JAVA_SUN_HOME as in screenshot and place the javahome value(same as that of the old ones )
9. Also place JAVA_VENDOR=”Sun” below the JAVA_SUN_HOME. Save the file.
10. Download UnlimitedJCEPolicyJDK7/8.zip and copy to servers and extract the file. Two files US_export_policy.jar local_policy.jar will be present.
11. Copy the files to JAVA_HOME/jre/lib/security folder
12. Check JAVA version and start the servers.

Apply ‘10.3.6.0.12 Patch Set Update (PSU) for WebLogic Server 10.3.6.0’

Steps to apply ‘10.3.6.0.12 Patch Set Update (PSU) for WebLogic Server 10.3.6.0’ -

Pre-requisites -

1. Set the required ENV variables -

ORACLE_HOME, JAVA_HOME, MW_HOME, WL_HOME

2. Take MW_HOME backup

tar -cvpzf oim_backup_somename.tar.gz /idm/fmw----as root user

Cd /u01/app/oraInventory -----------------oracInst.loc file located here!

cp oraInst.loc /idm/backup/ ---as oracle user

3. Run ./opatch lsinventory and save the result in a temp file (Eg: /idm)

- cd opatch

-run ./opatch lsinventory

4. cd /idm/fmw/WL_PSU/

unzip p20780171_1036_Generic.zip -d /idm/fmw/utils/bsu/cache_dir

cd /idm/fmw/utils/bsu/

Patch Apply -

Command:

./bsu.sh -install -patch_download_dir=/idm/fmw/utils/bsu/cache_dir -patchlist=EJUW -

prod_dir=/idm/fmw/wlserver_10.3

Start the services.

Patch Installation Steps - OID

Steps to Apply OID 11.1.1.9.0 Patch


Ensure that you meet the following requirements before you apply the patch:
 If OID is installed:
1. Stop all OID server instances.
2. $ORACLE_INSTANCE/bin/opmnctl stopall
 If DIP is installed:
1. Stop your DIP server.
2. Stop your Weblogic instances (admin and DIP).
3.
$ORACLE_HOME/util/user_projects/domains/base_domain/bin/stopW
ebLogic.sh
4.
$ORACLE_HOME/util/user_projects/domains/base_domain/bin/stopMa
nagedWebLogic.sh wls_ods1


-Download and unzip patch folder to /iam/fmw/Patch-WL,OID
-opatch apply
-opatch lsinventory


POST INSTALLATION STEPS:
 Restart all OID server instances.
$ORACLE_INSTANCE/bin/opmnctl startall
1. Restart the weblogic server.
2.
$ORACLE_HOME/util/user_projects/domains/base_domain/bin/startWebLogi
c.sh
3.


$ORACLE_HOME/util/user_projects/domains/base_domain/bin/startManaged
WebLogic.sh wls_ods1

Installation of AD Connector Server

1) Download Connector Server
The minimum requirements to run a .NET Connector Server 12.2.1.3.0 are:
Microsoft Windows Server 2003, 2008, or 2012
Microsoft .NET Framework 4.5 or higher

Refer to the particular .NET identity connector documentation to determine if there are additional requirements.

1. Download the Connector Server package (Connector_Server_122130_dotnet.zip) from the Oracle Technology Network site.

NOTE : The following document shows the steps for 11g Connector Server, so ignore the versions and follow the steps as same as mentioned.

2) Install connector server
# Download the connector server from the download url at the top this lab,extract and click on ServiceInstall-1.4.0.0.msi

# Click on Next

# Select Typical and click on next

# Click on Install

# Click on Finish

3) Update the port and key on connector server
# Open command prompt , go to installer connector server location and set the key with below commands.

· Location = Installed Loation

· ConnectorServer.exe /setkey 123456 (Make sure you enter the same key in IT resource key parameter)

# Go to C:\Program Files (x86)\Identity Connectors\Connector Server, open ConnectorServer.exe.Config file and add the highlighted line to enable the logging for Active Directory and Exchange
<switches>
<add name="ActiveDirectorySwitches" Value="4">
</switches>

# Copy the Active Directory Bundle From /app/oracle/middleware/Oracle_IDM1/connectors/msft_activedirectory/bundle to AD machine

# Extract the AD connector bundle in AD machine

# After Extract copy all the files

# Paste all copied files in Installed connector server folder

# Select Copy and Replace

# Go to C:\Program Files (x86)\Identity Connectors\Connector Server, open ConnectorServer.exe.Config file and edit the connector server port to any I am using 9999 ( Make sure you use the same port in IT resource parameters)

Email Integration with OIM and SOA

Email Integration with OIM and SOA for Notification Management

1) Login to EM Console
Select usermessagingdriver-email and Modify – Email Driver Properties
Check if below mentioned properties are set correct:
Outgoing Mail Server
Outgoing Mail port
Outgoing Username
Outgoing Password

2) Verify Workflow properties
Under SOA ==> select soa-infra==>SOA Administration==>Workflow properties
Verify Notification Mode : Email

*Email : From Address
*Email : Actionable Address
*Email : Reply To Address

3)Verify OIM/SOA Mbean properties
Under Identity and Access ==> OIM==>System Mbean Browser
Application Defined Mbean ==> oracle.iam ==>IAMAppRuntimeMbean

1. SOAEmailNotificationProviderMBean
SOA Email Notification Provider enabled = true
2. EmailNotificationProviderMBean
Verify MailServerName – <> 

3. UMSEmailNotificationProviderMBean
WSUrl – <>/ucs/messaging/webservice

4) Testing : EM Console
Under SOA ==> soa-infra ==> Service engines ==> Human Workflow ==> Notification Management

for more details on this ==> https://idambuzz.blogspot.com/2020/05/verify-notifications-are-working.html

Verify Notifications are working

Following are the Steps to check if Email/SMTP Server (Exchange) Integration with OIM and SOA is working:

1) Login to EM Console

2) Under SOA, Select soa_infra

3) Click on Service Engines

4) Click on Human Workflow

5) Select Notification Management Tab. 

soa-infra => Service engines => Human Workflow => Notification Management ==> Click on Sent Test Notification. 

6) Provide the details to test email notification.

7) check the mail box, if the mail is received.

Creating MDS Backup

Creating MDS Backup

You might need to create a backup of the MDS before performing customizations. To create a backup of the MDS by using Oracle Enterprise Manager:

1.       Login to Oracle Enterprise Manager as the administrator.

2.       On the landing page, click oracle.iam.console.identity.self-service.ear(V2.0).

3.       From the Application Deployment menu at the top, select MDS configuration.

4.       Under Export, select the Export metadata documents to an archive on the machine where this web browser is running option, and then click Export.
   All the metadata is exported in a ZIP file.

UI Customizations - Logo

Pre-requisites:

Before publishing a sandbox, it is recommended to backup MDS. You can use /EM to backup MDS, steps:

1)   Login to Oracle Enterprise Manager as the administrator.
2)   On the landing page, click oracle.iam.console.identity.self-service.ear(V2.0).
3)   From the Application Deployment menu at the top, select MDS configuration.
4)   Under Export, select the Export metadata documents to an archive on the machine where this web browser is running option, and then click Export.
All the metadata is exported in a ZIP file.

 
Implementation:
1)      Create a Sandbox & Activate it.
2)      Keep the logo image at location
$MW_HOME/Oracle_IDM1/server/apps/oim.ear/iam-consoles-faces.war/images/logo.png. 

3)    Click on Customize  and select the logo panel. By default, the Oracle logo is 119x25 pixels (Width X height)

4)   Make the necessary changes and provide the path of the of the image URL as below image

5)    Deactivate the Sandbox.

6)    Export the Sandbox (for backup/optional)

7)    Publish it.

Scheduling Failed Notification

1) Following are the steps to enable the Email Notifications

1. Log in to Oracle Enterprise Manager.
2. Click Application Deployments.
3. Right-click OIMDomain, and select System MBean Browser.
4. In the System MBean Browser, navigate to Application Defined MBeans, oracle.iam, Server: WLS_OIM1/WLS_OIM2, Application: oim, IAMAppRuntimeMBean, and select EmailNotificationProviderMBean.

 

Add caption

2) Following are the steps to enable the Email Notifications.

1. Log in to Oracle Sysadmin Console
2. click on Scheduler
3. select the Scheduled job on which the failure notifications should be triggered.
4. There are three parameters can be send to failure notification for the Beneficiary.

3) Now test the Email notification on Scheduled job failure.