vegaasen · June 12, 2018 15:34
diff --git a/oim-11gr2ps2-11gr2ps3.stash b/oim-11gr2ps2-11gr2ps3.stash
 h1. Installation of OIM PS3

 This is the task witch handles installation of the PS3 patch of OIM. The installation should be carried out in the following manner:

 # Install to local development machine
 # Install to test
 # Install to stage

 h1. Helpful links

 * http://oraclestack.blogspot.no/2014/07/upgrading-oim-1112xx-to-111220.html
 * http://docs.oracle.com/cd/E29542_01/doc.1111/e14259/rcu.htm#RCUUG196

 h1. Required software

 * ofm_iam_generic_11.1.2.3.0_disk1.zip
 * ofm_rcu_win_11.1.1.9.0_64_disk1_1of1.zip
 * soa_p20995651_111190_Generic.zip
 * preUpgradeReport.zip
 * Patches
 ** 18333689
 ** 14182177

 h1. Installation pre-requisites

 * JDK 1.7_HEAD
 * Patches installed for OIM and Weblogic
 ** OIM
 *** 18333689
 ** WL
 *** 14182177
 * SOA infrastructure update from 11.1.1.7.0 -> 11.1.1.9.0

 h1. Installation walkthrough

 h2. 1 Apply WL patch

 # Download the components
 # Stop WL
 # Unzip the WL patch and move the contents, except the README-file to the following location:
 ** "$MW_HOME\utils\bsu\cache_dir" 
 # Run the following script:
 ** bsu.cmd/bsu.sh
 # Install the patch by clicking the green "arrow". done :-)

 h2. 2 Run the Pre-Upgrade-Utility

 This is a mandatory task. Do the following:

 # Open the location of the unzipped PreUpgradeReport-folder
 # Edit the file preupgrade_report_input.properties
 # Run generatePreUpgradeReport.bat
 # View the generated html-file (added to the tmp-folder specified in the properties file)

 h3. 2.1 Errors in the "DomainReassocAuthorization.html"?

 _Note:_ Requires that you have install Python.

 You will be needed to create a security store. Do the following:

 {code}
 C:\oracle\mw\oracle_common\common\bin\wlst.cmd configureSecurityStore.py -d C:\oracle\mw\user_projects\iam1\domains\iam1 -c IAM -p vegard11 -m create
 {code}

 Then validate the configuration/installation:

 {code}
 C:\oracle\mw\oracle_common\common\bin\wlst.cmd configureSecurityStore.py -d C:\oracle\mw\user_projects\iam1\domains\iam1 -c IAM -p vegard11 -m create
 #<MW_HOME>/oracle_common/common/bin/wlst.sh <IAM_HOME>/common/tools/configureSecurityStore.py -d <domaindir> -m validate
 /home/oracle/Oracle/Middleware/Oracle_IDM1/common/tools/configureSecurityStore.py -d /home/oracle/Oracle/Middleware/user_projects/domains/base_domain -m validate
 {code}

 h2. 3 Upgrading SOA to 11.1.1.9.0

 Before continuing, check that the Patchlevel of the SOA installation requires an update. Run the following command:

 {code}
 cd $SOA_HOME
 ./soaversion.sh
 {code}

 # Download the components
 # Stop SOA
 # Unzip the disks to one folder

 h3. 3.1 Upgrade SOA components

 # Navigate to the SOA update-folder
 ** setup.exe -jreLoc C:\_usr\jdk\jdk1.7.0_80
 # Install any required patches (see the documentation for each of the patch levels for more details)
 # Point to the existing $MW_HOME and SOA-installation. Then, select yes when asked to upgrade existing installation
 # Done

 h3. 3.2 Upgrade schema

 # go to $SOA_HOME\bin and find 
 ** psa.bat
 # Provide the database-details, and go through the wizard
 # Done

 Important note: If the SOA infrastructure is not able to upgrade, then remove the SOAINFRA with the RCU-utility, and then install it again.
 Artcle: https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=283545132145258&id=1467024.1&_afrWindowMode=0&_adf.ctrl-state=7rqoucpml_133

 h3. 3.3 Post-activities

 Start SOA after this to verify.

 h2. 4 Upgrading OIM to 11.1.2.3.0

 This includes activities related to the actual installation files (jar files etc) and the database-schema upgrade

 h3. 4.1 Upgrade OIM components

 # Navigate to the OIM update-folder
 ** setup.exe -jreLoc C:\_usr\jdk\jdk1.7.0_80
 # Install any required patches (see the documentation for each of the patch levels for more details)
 # Point to the existing $MW_HOME and OIM-installation. Then, select yes when asked to upgrade existing installation
 # Check that the files mentioned in the guide (9.3.3) has been created
 # Done

 h3. 4.2 Upgrade schema

 # go to $OIM_HOME\bin and find 
 ** psa.bat
 # Provide the database-details, and go through the wizard
 # Done

 Verify update was with the following command:

 {code}
 SELECT OWNER, VERSION, STATUS, UPGRADED FROM SCHEMA_VERSION_REGISTRY;
 {code}

 *Note:* The BIPublisher must also be in the correct version (11.1.1.9.0)

 h2. 5 Upgrade OIM middle tier (unsure what this means)

 *NOTE: All custom stuff in the shell-scripts will be wiped.* Remember to take a backup of the scripts in question.

 # Open and edit the file. Save when done. Look into the documentation @ 23.2.4.3 for more details
 ** C:\oracle\mw\Oracle_IDM1\server\bin\oim_upgrade_input.properties
 # Go to the following folder
 ** C:\oracle\mw\Oracle_IDM1\server\bin
 # Run the following command:
 ** OIMUpgrade.bat offline
 # Enter all the required stuff
 # Done
 # Start Admin + SOA server.
 ** NOTE: Admin Server MAY crash a few times with a ClassDefNotFoundException
 ** NOTE: SOA should start just fine
 # Verify that Admin and SOA server is running
 ** NOTE: OIM and BIPublisher must be turned off
 # Run the following command:
 ** OIMUpgrade.bat online
 # Enter all the required stuff
 # Verify what is mentioned in the documentation @ 23.2.4.6
 # In the WL Administration, move the deployment order of the OIM.jar-file from position 47 to 48 (may already be OK)
 # Start OIM and BIPublisher
 ** BIPublisher is started by command: C:\oracle\mw\user_projects\iam1\domains\iam1\bin>startManagedWebLogic.cmd bi_server1 t3://localhost:7001
 ** BIPublisher is available from: http://localhost:9704/xmlpserver

 # Verify the installation in:
 ** ORACLE_HOME/server/upgrade/logs/MT/oimUpgradeReportDir_online

 You may now access OIM, BI, SOA and WL Admin

 h2. 6 Upgrade Design Console and Remote Manager

 h3. 6.1 Design Console

 During the upgrade of OIM (using the installer), this was already configured and unpacked. You can find it under: 

 {code}
 $MW_HOME\Oracle_IDM1\designconsole
 {code}

 h3. 6.2 Remote Manager

 During the upgrade of OIM (using the installer), this was already configured and unpacked. You can find it under: 

 {code}
 $MW_HOME\Oracle_IDM1\remote_manager
 {code}

 h2. 7 Post installation tasks

 h3. 7.1 Enable BIPublisher in OIM

 # Log in to Enterprise Manager
 # Go to OIM and right click on it. Select MBean browser
 # Go to location: Application Defined Beans > oracle.iam > Server > oim > XMLConfig > XMLConfig.DiscoveryConfig > Discovery 
 # Select tab "Attributes" and add the BIPublisher localhost there.
 ** Most likely: http://localhost:9704
 # Go to Weblogic Administration
 # Enable diagnistics by -> Diagnostics > Context > (select BIP) > Enable

 h3. 7.2 Performance tuning

 h3. 7.3 OIM Purge Job Parameters

 h3. 7.4 Verifications

 # Verify that the connectors are present and working as intended
 # Verify that there are no INVALID SQL schemas. Use SQL as system/sys as sysdba:
 ** SELECT owner,object_type,object_name,status FROM dba_objects WHERE status='INVALID' AND owner in ('DEV_OIM') ORDER BY owner, object_type, object_name;
 ** If any, go to the documentation @ 23.2.6.9
 # Verify that the event handlers are working OK
 # Verify that the password policies works as intended
 # Verify that the username policies works as intended
 # Verify that the system property for "Allowed back URLs" are correct

 h3. 7.5 Applying changes

 # Sysadmin -> Scheduled tasks -> Entitlement List -> Run
 # Sysadmin -> Upgrade Application Instances -> Upgrade now
 # Sysadmin -> Scheduled tasks -> OIM Data Purge Job -> verify setting "yes" to (Orchestration, Reconciliation, Provisioning Task)
 # Rebuild the indexes as reverse index - documentation @ 23.2.6.27
 ** login: oim-schema-user/oim-schema-password
 ** ([A-Z_]+)
 ** ALTER INDEX $1 REBUILD REVERSE;
 # Re-add certification with system property (OIM.ShowCertificationOrAttestation is deprecated and therefore removed)
 ** OIG.IsIdentityAuditorEnabled -> true
 ** _NOTE: In order to view reports etc, this is required_

 h2. 98 General notes

 # In case of any BIPublisher existing reports, see documentation @ 23.2.6.25
 # SOA composites does not need to change

 h2. 99 Exceptions

 h3. OIM or AdminServer not able to start

 This is a strange one. If you try to start e.g AdminServer for the first time after the release, you may experience that some error regarding an AuthenticationModule (classDefNotFoundException) is being thrown. In case this happens, try to simply restart the AdminServer a few times - as it seems like each time the server is being started, it is unpacking stuff - or something similar to that. This also happened for OIM when installed locally.

 h3. BIPublisher startup exceptions

 The following error is most likely due to misconfiguration of the resource "jdbc.bip_datasource". This may happen when the resource has been changed - e.g from being external to internal application (as with 11gR2PS3)

 {code}
 <May 19, 2015 4:12:23 PM CEST> <Error> <org.quartz.utils.JNDIConnectionProvider> <BEA-000000> <Error looking up datasource: Unable to resolve 'jdbc.bip_datasource'. Resolved 'jdbc'
 javax.naming.NameNotFoundException: Unable to resolve 'jdbc.bip_datasource'. Resolved 'jdbc'; remaining name 'bip_datasource'
 {code}

 Verify the following configuration:
 * Password
 * Username
 * Driver
 * Location
	h1. Installation of OIM PS3

	This is the task witch handles installation of the PS3 patch of OIM. The installation should be carried out in the following manner:

	# Install to local development machine
	# Install to test
	# Install to stage

	h1. Helpful links

	* http://oraclestack.blogspot.no/2014/07/upgrading-oim-1112xx-to-111220.html
	* http://docs.oracle.com/cd/E29542_01/doc.1111/e14259/rcu.htm#RCUUG196

	h1. Required software

	* ofm_iam_generic_11.1.2.3.0_disk1.zip
	* ofm_rcu_win_11.1.1.9.0_64_disk1_1of1.zip
	* soa_p20995651_111190_Generic.zip
	* preUpgradeReport.zip
	* Patches
	** 18333689
	** 14182177

	h1. Installation pre-requisites

	* JDK 1.7_HEAD
	* Patches installed for OIM and Weblogic
	** OIM
	*** 18333689
	** WL
	*** 14182177
	* SOA infrastructure update from 11.1.1.7.0 -> 11.1.1.9.0

	h1. Installation walkthrough

	h2. 1 Apply WL patch

	# Download the components
	# Stop WL
	# Unzip the WL patch and move the contents, except the README-file to the following location:
	** "$MW_HOME\utils\bsu\cache_dir"
	# Run the following script:
	** bsu.cmd/bsu.sh
	# Install the patch by clicking the green "arrow". done :-)

	h2. 2 Run the Pre-Upgrade-Utility

	This is a mandatory task. Do the following:

	# Open the location of the unzipped PreUpgradeReport-folder
	# Edit the file preupgrade_report_input.properties
	# Run generatePreUpgradeReport.bat
	# View the generated html-file (added to the tmp-folder specified in the properties file)

	h3. 2.1 Errors in the "DomainReassocAuthorization.html"?

	_Note:_ Requires that you have install Python.

	You will be needed to create a security store. Do the following:

	{code}
	C:\oracle\mw\oracle_common\common\bin\wlst.cmd configureSecurityStore.py -d C:\oracle\mw\user_projects\iam1\domains\iam1 -c IAM -p vegard11 -m create
	{code}

	Then validate the configuration/installation:

	{code}
	C:\oracle\mw\oracle_common\common\bin\wlst.cmd configureSecurityStore.py -d C:\oracle\mw\user_projects\iam1\domains\iam1 -c IAM -p vegard11 -m create
	#<MW_HOME>/oracle_common/common/bin/wlst.sh <IAM_HOME>/common/tools/configureSecurityStore.py -d <domaindir> -m validate
	/home/oracle/Oracle/Middleware/Oracle_IDM1/common/tools/configureSecurityStore.py -d /home/oracle/Oracle/Middleware/user_projects/domains/base_domain -m validate
	{code}

	h2. 3 Upgrading SOA to 11.1.1.9.0

	Before continuing, check that the Patchlevel of the SOA installation requires an update. Run the following command:

	{code}
	cd $SOA_HOME
	./soaversion.sh
	{code}

	# Download the components
	# Stop SOA
	# Unzip the disks to one folder

	h3. 3.1 Upgrade SOA components

	# Navigate to the SOA update-folder
	** setup.exe -jreLoc C:\_usr\jdk\jdk1.7.0_80
	# Install any required patches (see the documentation for each of the patch levels for more details)
	# Point to the existing $MW_HOME and SOA-installation. Then, select yes when asked to upgrade existing installation
	# Done

	h3. 3.2 Upgrade schema

	# go to $SOA_HOME\bin and find
	** psa.bat
	# Provide the database-details, and go through the wizard
	# Done

	Important note: If the SOA infrastructure is not able to upgrade, then remove the SOAINFRA with the RCU-utility, and then install it again.
	Artcle: https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=283545132145258&id=1467024.1&_afrWindowMode=0&_adf.ctrl-state=7rqoucpml_133

	h3. 3.3 Post-activities

	Start SOA after this to verify.

	h2. 4 Upgrading OIM to 11.1.2.3.0

	This includes activities related to the actual installation files (jar files etc) and the database-schema upgrade

	h3. 4.1 Upgrade OIM components

	# Navigate to the OIM update-folder
	** setup.exe -jreLoc C:\_usr\jdk\jdk1.7.0_80
	# Install any required patches (see the documentation for each of the patch levels for more details)
	# Point to the existing $MW_HOME and OIM-installation. Then, select yes when asked to upgrade existing installation
	# Check that the files mentioned in the guide (9.3.3) has been created
	# Done

	h3. 4.2 Upgrade schema

	# go to $OIM_HOME\bin and find
	** psa.bat
	# Provide the database-details, and go through the wizard
	# Done

	Verify update was with the following command:

	{code}
	SELECT OWNER, VERSION, STATUS, UPGRADED FROM SCHEMA_VERSION_REGISTRY;
	{code}

	Note: The BIPublisher must also be in the correct version (11.1.1.9.0)

	h2. 5 Upgrade OIM middle tier (unsure what this means)

	NOTE: All custom stuff in the shell-scripts will be wiped. Remember to take a backup of the scripts in question.

	# Open and edit the file. Save when done. Look into the documentation @ 23.2.4.3 for more details
	** C:\oracle\mw\Oracle_IDM1\server\bin\oim_upgrade_input.properties
	# Go to the following folder
	** C:\oracle\mw\Oracle_IDM1\server\bin
	# Run the following command:
	** OIMUpgrade.bat offline
	# Enter all the required stuff
	# Done
	# Start Admin + SOA server.
	** NOTE: Admin Server MAY crash a few times with a ClassDefNotFoundException
	** NOTE: SOA should start just fine
	# Verify that Admin and SOA server is running
	** NOTE: OIM and BIPublisher must be turned off
	# Run the following command:
	** OIMUpgrade.bat online
	# Enter all the required stuff
	# Verify what is mentioned in the documentation @ 23.2.4.6
	# In the WL Administration, move the deployment order of the OIM.jar-file from position 47 to 48 (may already be OK)
	# Start OIM and BIPublisher
	** BIPublisher is started by command: C:\oracle\mw\user_projects\iam1\domains\iam1\bin>startManagedWebLogic.cmd bi_server1 t3://localhost:7001
	** BIPublisher is available from: http://localhost:9704/xmlpserver

	# Verify the installation in:
	** ORACLE_HOME/server/upgrade/logs/MT/oimUpgradeReportDir_online

	You may now access OIM, BI, SOA and WL Admin

	h2. 6 Upgrade Design Console and Remote Manager

	h3. 6.1 Design Console

	During the upgrade of OIM (using the installer), this was already configured and unpacked. You can find it under:

	{code}
	$MW_HOME\Oracle_IDM1\designconsole
	{code}

	h3. 6.2 Remote Manager

	During the upgrade of OIM (using the installer), this was already configured and unpacked. You can find it under:

	{code}
	$MW_HOME\Oracle_IDM1\remote_manager
	{code}

	h2. 7 Post installation tasks

	h3. 7.1 Enable BIPublisher in OIM

	# Log in to Enterprise Manager
	# Go to OIM and right click on it. Select MBean browser
	# Go to location: Application Defined Beans > oracle.iam > Server > oim > XMLConfig > XMLConfig.DiscoveryConfig > Discovery
	# Select tab "Attributes" and add the BIPublisher localhost there.
	** Most likely: http://localhost:9704
	# Go to Weblogic Administration
	# Enable diagnistics by -> Diagnostics > Context > (select BIP) > Enable

	h3. 7.2 Performance tuning

	h3. 7.3 OIM Purge Job Parameters

	h3. 7.4 Verifications

	# Verify that the connectors are present and working as intended
	# Verify that there are no INVALID SQL schemas. Use SQL as system/sys as sysdba:
	** SELECT owner,object_type,object_name,status FROM dba_objects WHERE status='INVALID' AND owner in ('DEV_OIM') ORDER BY owner, object_type, object_name;
	** If any, go to the documentation @ 23.2.6.9
	# Verify that the event handlers are working OK
	# Verify that the password policies works as intended
	# Verify that the username policies works as intended
	# Verify that the system property for "Allowed back URLs" are correct

	h3. 7.5 Applying changes

	# Sysadmin -> Scheduled tasks -> Entitlement List -> Run
	# Sysadmin -> Upgrade Application Instances -> Upgrade now
	# Sysadmin -> Scheduled tasks -> OIM Data Purge Job -> verify setting "yes" to (Orchestration, Reconciliation, Provisioning Task)
	# Rebuild the indexes as reverse index - documentation @ 23.2.6.27
	** login: oim-schema-user/oim-schema-password
	** ([A-Z_]+)
	** ALTER INDEX $1 REBUILD REVERSE;
	# Re-add certification with system property (OIM.ShowCertificationOrAttestation is deprecated and therefore removed)
	** OIG.IsIdentityAuditorEnabled -> true
	** _NOTE: In order to view reports etc, this is required_

	h2. 98 General notes

	# In case of any BIPublisher existing reports, see documentation @ 23.2.6.25
	# SOA composites does not need to change

	h2. 99 Exceptions

	h3. OIM or AdminServer not able to start

	This is a strange one. If you try to start e.g AdminServer for the first time after the release, you may experience that some error regarding an AuthenticationModule (classDefNotFoundException) is being thrown. In case this happens, try to simply restart the AdminServer a few times - as it seems like each time the server is being started, it is unpacking stuff - or something similar to that. This also happened for OIM when installed locally.

	h3. BIPublisher startup exceptions

	The following error is most likely due to misconfiguration of the resource "jdbc.bip_datasource". This may happen when the resource has been changed - e.g from being external to internal application (as with 11gR2PS3)

	{code}
	<May 19, 2015 4:12:23 PM CEST> <Error> <org.quartz.utils.JNDIConnectionProvider> <BEA-000000> <Error looking up datasource: Unable to resolve 'jdbc.bip_datasource'. Resolved 'jdbc'
	javax.naming.NameNotFoundException: Unable to resolve 'jdbc.bip_datasource'. Resolved 'jdbc'; remaining name 'bip_datasource'
	{code}

	Verify the following configuration:
	* Password
	* Username
	* Driver
	* Location