Moving from a Test to a Production Environment 21-7 -domainPortNum 8001 -domainAdminUserName admin_username -domainAdminPassword scratchadminpasswd.txt -logDirLoc tmplogs 3. If you are copying the component to a different host, copy the archive file to that system. 4. Extract the move plan from the archive, using the extractMovePlan script. For example: extractMovePlan.sh -javaHome scratchOracleMiddleware1jrockit_160_20_ D1.1.0-18 -archiveLoc tmpsoa.jar -planDirLoc tmpOraclet2p_planssoa 5. Edit the move plan, modifying the properties to reflect the values for the target environment. See Table 20–10 to find the list of properties for the type of component you are moving. 6. At the target, extract the files from the archive using the pasteConfig script. For example, to apply the archive to the Middleware home scratchOracleMiddleware1, use the following command: pasteConfig.sh -javaHome scratchOracleMiddleware1jrockit_160_20_D1.1.0-18 -archiveLoc tmpsoa.jar -movePlanLoc tmpOraclet2p_planssoamoveplan.xml -targetDomainLoc scratchOracleMiddleware1user_ projectsdomainsSOA_domain1 -targetMWHomeLoc scratchOracleMiddleware1 -domainAdminPassword scratchpwd_dirpass.txt 7. To copy the Node Manager configuration, at the source Middleware home, execute the copyConfig script. For example, use the following command: copyConfig.sh -javaHome scratchOracleMiddleware1jrockit_160_20_D1.1.0-18 -archiveLoc tmpnm.jar -sourceNMHomeLoc scratchOracleMiddlewarewlserver_ 10.3commonnodemanager -logDirLoc tmplogs 8. If you are copying the Node Manager to a different host, copy the archive file to that system. 9. Extract the move plan from the archive, using the extractMovePlan script. For example: extractMovePlan.sh -javaHome scratchOracleMiddleware1jrockit_160_20_ D1.1.0-18 -archiveLoc tmpsoa.jar -planDirLoc tmpOraclet2p_planssoa 10. Edit the move plan, modifying the properties to reflect the values for the target environment. See Table 20–17 to find the list of properties for Node Manager. 11. At the target, extract the files from the archive using the pasteConfig script. For example, use the following command: pasteConfig -javaHome USER_HOMEjrockit_160_17_R28.0.0-679 -archiveLoc tmpnm.jar -targetNMHomeLoc scratchOracleMiddleware1wlserver_ 10.3commonnodemanager -targetMWHomeLoc scratchOracleMiddleware1 21-8 Oracle Fusion Middleware Administrators Guide -movePlanLoc scratchsunnyt2pplansmoveplan.xml -silent true 12. During the pasteConfig operation, SSL is disabled. In addition, custom keystores are not created in the production environment. Take the following steps: a. Enable SSL, as described in Section 6.5 . b. Create custom keystores, as described in Section 8.3.3.1 . When you complete this task, you need to perform additional steps for each component, as described in Section 21.4 .

21.3.5 Moving the Configuration of System Components

For the system components Oracle HTTP Server, Oracle Internet Directory, and Oracle Virtual Directory, you use the copyConfig, extractMovePlan, and pasteConfig scripts. For these components, take the following steps: 1. At the source Middleware home, execute the copyConfig script. For example, to copy the Oracle HTTP Server instance named ohs1 in the Oracle instance located in scratchOracleMiddleware1webtier_1, use the following command: copyConfig.sh -javaHome scratchOracleMiddleware1jrockit_160_20_D1.1.0-18 -archiveLoc tmpohs1.jar -sourceInstanceHomeLoc scratchOracleMiddleware1webtier_1 -sourceComponentName ohs1 2. If you are copying the component to a different host, copy the archive file to that system. 3. Extract the move plan from the archive, using the extractMovePlan script. For example: extractMovePlan.sh -javaHome scratchOracleMiddleware1jrockit_160_20_ D1.1.0-18 -archiveLoc tmpohs1.jar -planDirLoc tmpOraclet2p_plansohs 4. Edit the move plan, modifying the properties for the particular component to reflect the values for the target environment: ■ For Oracle HTTP Server, see Table 20–14 . ■ For Oracle Internet Directory, see Table 20–15 . ■ For Oracle Virtual Directory, see Table 20–16 . Note that the Oracle instance name must be unique in the domain and the component name must be unique in the Oracle instance. If you are applying the archive of the Oracle instance to the same domain, use the -targetInstanceName and -targetComponentName properties in the move plan to specify a different name for the instance and component. 5. At the target, extract the files from the archive using the pasteConfig script. For example, to apply the archive to the Oracle instance webtier_2 and name the target Oracle HTTP Server instance ohs_cl, use the following command: pasteConfig.sh -javaHome scratchOracleMiddlewarejrockit_160_20_D1.1.0-18 -archiveLoc tmpohs1.jar -movePlanLoc tmpOraclet2p_plansohsmoveplan.xml Moving from a Test to a Production Environment 21-9 -targetOracleHomeLoc scratchOracleMiddlewareOracle_WebTier -targetInstanceHomeLoc scratchOracleMiddlewarewebtier_2 -targetInstanceName webtier_2 -targetComponentName ohs_cl -domainHostName myhost -domainPortNum 7001 -domainAdminUserName domain_admin_username -domainAdminPassword domain_admin_password_file When you complete this task, you need to perform additional steps for each component, as described in Section 21.4 .

21.3.6 Configuring Users, Groups, Security Polices, and Credential Stores for Components

You must configure security in the new production environment. The steps you take depends on the configuration of your environment and application. The following steps assume that you are using Oracle Internet Directory, JKS certificates, Oracle Web Services Manager, and Oracle Platform Security: 1. The production environment LDAP identity store may not use the same users and groups as the test environment, or it may already be populated with users and groups. Take the following steps only if you need to export users, groups, and passwords from the test environment. If necessary, move users and groups to the production environment. For example, if you are using the Oracle Business Activity Monitoring or Human Workflow demo, move those users a. Export the users and groups from LDAP identity store on the test environment, using the ldapsearch command. This produces an ldif file that you later import into the LDAP identity store in the production environment. The ldapsearch command is located in the ORACLE_HOMEbin directory of the Identity Management components. For example: ORACLE_HOMEbinldapsearch -h test_oid_host -p test_oid_port -D cn=orcladmin -w test_orcladmin_passwd -b cn=Users,dc=us b. Import the ldif file that you exported from the test environment into the production environment, using the ldapaddmt command, as shown in the following example. ORACLE_HOME is the Oracle home for Identity Management. ORACLE_HOMEbinldapaddmt -h production_oid_host -p production_oid_port -D cn=orcladmin -w production_orcladmin_passwd -r -f ldif_filename 2. If the security policies are stored in an external LDAP or database-based store, import the security policies, for example those that are related to the Human Workflow application roles, from the test environment to the production environment, as described in Task 12, Move Oracle Platform Security to a New Production Environment in Section 12 . 3. If the credential policies are stored in an external LDAP or database-based store, import the credential store information from the test environment to the production environment, as described in Task 12, Move Oracle Platform Security to a New Production Environment in Section 12 .