Configuring High Availability for Identity Management Components 8-41 ■ User Name: ODS ■ Password: Click Next. 15. The ODS Schema in use message appears. The ODS schema chosen is already being used by the existing Oracle Internet Directory instance. Therefore, the new Oracle Internet Directory instance being configured would reuse the same schema. Choose Yes to continue. 16. On the Specify OID Admin Password screen, specify the Oracle Internet Directory Administrator password and click Next. 17. On the Installation Summary screen, review the selections to ensure that they are correct if they are not, click Back to modify selections on previous screens, and click Install. 18. On the Installation Progress screen on UNIX systems, a dialog box appears that prompts you to run the oracleRoot.sh script. Open a window and run the script, following the prompts in the window. Click Next. 19. On the Configuration screen, multiple configuration assistants are launched in succession; this process can be lengthy. When it completes, click Next.

20. On the Installation Complete screen, click Finish to confirm your choice to exit.

8.3.4 Validating Oracle Internet Directory High Availability

Use the ldapbind command-line tool to ensure that you can connect to each Oracle Internet Directory instance and the LDAP Virtual Server. The ldapbind tool enables you to determine whether you can authenticate a client to a server. For non-SSL: Note: The Oracle RAC database connect string information needs to be provided in the format host1:port1:instance1host2:port2:instance2servicename. During this installation, it is not required for all the Oracle RAC instances to be up. If one Oracle RAC instance is up, the installation can proceed. It is required that the information provided above is complete and accurate. Specifically, the correct host, port, and instance name must be provided for each Oracle RAC instance, and the service name provided must be configured for all the specified Oracle RAC instances. Any incorrect information entered in the Oracle RAC database connect string has to be corrected manually after the installation. Note: See the Configuring Your Environment section of Oracle Fusion Middleware Reference for Oracle Identity Management for a list of the environment variables you must set before using the ldapbind command. 8-42 Oracle Fusion Middleware High Availability Guide ldapbind -h oidhost1.mycompany.com -p 389 -D cn=orcladmin -q ldapbind -h oidhost2.mycompany.com -p 389 -D cn=orcladmin -q ldapbind -h oid.mycompany.com -p 389 -D cn=orcladmin -q For SSL: ldapbind -h oidhost1.mycompany.com -p 636 -D cn=orcladmin -q -U 1 ldapbind -h oidhost2.mycompany.com -p 636 -D cn=orcladmin -q -U 1 ldapbind -h oid.mycompany.com -p 636 -D cn=orcladmin -q -U 1 where -U is an optional argument used to specify the SSL authentication mode. These are the valid values for the SSL authentication mode: ■ 1 = No authentication required ■ 2 = One way authentication required. With this option, you must also supply a wallet location -W file:homemy_dirmy_wallet and wallet password -P wallet_ password. ■ 3 = Two way authentication required. With this option, you must also supply a wallet location -W file:homemy_dirmy_wallet and wallet password -P wallet_ password. For more information about the ldapbind command, see the ldapbind section in Oracle Fusion Middleware Reference for Oracle Identity Management. For information about setting up SSL for Oracle Internet Directory, see Configuring Secure Sockets Layer SSL in the Oracle Fusion Middleware Administrators Guide for Oracle Virtual Directory manual. WebLogic Server Administration Console: http:oidhost1.mycompany.com:7001console Oracle Enterprise Manager Fusion Middleware Console: http:oidhost1.mycompany.com:7001em

8.3.5 Oracle Internet Directory Failover and Expected Behavior