Extending the Domain with Oracle Identity Manager 14-3 provider=keystore.provider name=keystore.ldap Remove the Path from the keystore location so that the final entry looks like this: serviceInstance location=.default-keystore.jks provider=keystore.provider name=keystore.ldap Save the file. 8. Stop all the managed servers running in your domain before extending the domain with Oracle Identity Manager.

14.2 Enabling Virtual IP Addresses on OIMHOST1 and OIMHOST2

The Identity Management domain uses virtual host names as the listen addresses for the Oracle Identity Manager and SOA managed servers. You must enable two virtual IP addresses mapping each of these host names on each of the two Oracle Identity Manager machines. Specifically, enable OIMVHN1 and SOAVHN1 on OIMHOST1 and enable OIMVHN2 and SOAVHN2 on OIMHOST2. These virtual addresses must correctly resolve to the virtual host names in the network system used by the topology, either by DNS Server or by hosts resolution. To enable the virtual IP addresses, follow the steps described in Section 6.1, Enabling ADMINVHN on IDMHOST1. These virtual IP addresses and virtual host names are required to enable server migration for the Oracle Identity Manager and SOA servers. Server migration must be configured for the Oracle Identity Manager and SOA managed servers for high availability purposes.

14.3 Extending the Domain to Configure Oracle Identity Manager and Oracle SOA Suite on IDMHOST1

Although you deploy Oracle Identity Manager on servers dedicated to it OIMHOST1 and OIMHOST2, you must first extend the WebLogic domain with Oracle Identity Manager on IDMHOST1. Configure Oracle Identity Manager on IDMHOST1 as follows. To extend the domain with Oracle Identity Manager on IDMHOST1, start the configuration wizard by executing the command: ORACLE_COMMON_HOME commonbinconfig.sh Proceed as follows

1. On the Welcome screen, select Extend an existing WebLogic Domain.

Click Next. 2. On the Select WebLogic Domain Directory screen, select the location of the domain directory for the OIM domain. For Example: u01apporacleadminIDMDomainaserverIDMDomain. Click Next. Note: Oracle SOA deployed along with Oracle Identity Manager is used exclusively for Oracle Identity Manager work flow. It cannot be used for other purposes. See Also: Chapter 17, Configuring Server Migration for Oracle Identity Manager for more details about configuring server migration for the Oracle Identity Manager and SOA Managed servers. 14-4 Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management

3. On the Select Extension Source screen, select Extend my domain automatically to

support the following added products . From the list below, select: Oracle Identity Manager . Select Next. 4. The Configure RAC Multi Data Sources screen displays the schedulerDS Data Source configured for Oracle Directory Integration Platform and Oracle Directory Services manager ODSM. Do not make any selections or changes on this screen. Click Next. 5. On the Configure JDBC Component Schemas screen, select all the data sources listed on the page: ■ SOA Infrastructure ■ User Messaging Service ■ OIM MDS Schema ■ OWSM MDS Schema ■ SOA MDS Schema ■ OIM Schema Select Configure selected component schemas as RAC multi data source schemas in the next panel. Click Next. 6. On the Configure RAC Multi Data Source Component Schema page, select all the schemas for your component. Do not select schemas listed for previously configured components. Then enter the following information: Note: Oracle SOA Suite and Oracle WSM Policy Manager are selected automatically. If Oracle WSM Policy Manager has already been installed, the choice is not available. Schema Name Service Name Host Names Instance Names Port Schema Owner Password SOA Infrastruc ture oimedg.myco mpany.com idmdbhost1-vi p.mycompany.c om oimedg1 1521 EDG_ SOAINFRA password idmdbhost2-vi p.mycompany.c om oimedg2 1521 User Messaging Service oimedg.myco mpany.com idmdbhost1-vi p.mycompany.c om oimedg1 1521 EDG_ ORASDPM password idmdbhost2-vi p.mycompany.c om oimedg2 1521 OIM MDS Schema oimedg.myco mpany.com idmdbhost1-vi p.mycompany.c om oimedg1 1521 EDG_MDS password Extending the Domain with Oracle Identity Manager 14-5 If you are using Oracle Database 11.2, replace the vip address and port with the 11.2 SCAN address and port. Click Next. 7. On the Test Component Schema screen, the Configuration Wizard attempts to validate the data sources. If the data source validation succeeds, click Next. If it fails, click Previous, correct the problem, and try again. Click Next. 8. On the Select Optional Configuration screen, Select: ■ JMS Distributed Destination ■ Managed Servers, Clusters and Machines ■ JMS File Store Click Next. 9. On the JMS Distributed Destination screen, ensure that all the JMS system resources listed on the screen are uniform distributed destinations. If they are not, select UDD form the drop down box. Ensure that the entries look like this: idmdbhost2-vi p.mycompany.c om oimedg2 1521 OWSM MDS Schema oidedg.myco mpany.com oiddbhost1-vi p.mycompany.c om idmedg1 1521 EDG_MDS password oiddbhost2-vi p.mycompany.c om idmedg2 1521 SOA MDS Schema oimedg.myco mpany.com idmdbhost1-vi p.mycompany.c om oimedg1 1521 EDG_MDS password idmdbhost2-vi p.mycompany.c om oimedg2 1521 OIM Schema oimedg.myco mpany.com idmdbhost1-vi p.mycompany.c om oimedg1 1521 EDG_OIM password idmdbhost2-vi p.mycompany.c om oimedg2 1521 JMS System Resource UniformWeighted Distributed Destination UMSJMSSystemResource UDD SOAJMSModule UDD OIMJMSModule UDD BPMJMSModule UDD Schema Name Service Name Host Names Instance Names Port Schema Owner Password 14-6 Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management Click Next. An Override Warning box with the following message is displayed: CFGFWK-40915: At least one JMS system resource has been selected for conversion to a Uniform Distributed Destination UDD. This conversion will take place only if the JMS System resource is assigned to a cluster Click OK on the Override Warning box. 10. When you first enter the Configure Managed Servers screen, two managed servers called oim_server1 and soa_server1 are created automatically. Rename soa_ server1 to WLS_SOA1 and oim_server1 to WLS_OIM1 and update their attributes as shown in the following table. Then, add two new managed servers called WLS_OIM2 and WLS_SOA2 with the following attributes.

11. On the Configure Clusters screen, create two clusters, by clicking Add. Supply the

following information: OIM Cluster: ■ Name : cluster_oim ■ Cluster Messaging Mode : unicast SOA Cluster:· ■ Name : cluster_soa ■ Cluster Messaging Mode : unicast Leave all other fields at the default settings and click Next. 12. On the Assign Servers to Clusters screen, associate the managed servers with the cluster. Click the cluster name in the right pane. Click the managed server under Servers , then click the arrow to assign it to the cluster. The cluster_oim has the managed servers WLS_OIM1 and WLS_OIM2 as members. Name Listen Address Listen Port SSL Listen Port SSL Enabled WLS_SOA1 SOAVHN1 8001 NA No WLS_OIM1 OIMVHN1 14000 NA No WLS_OIM2 OIMVHN2 14000 NA No WLS_SOA2 SOAVHN2 8001 NA No Notes: ■ Do not change the configuration of the managed servers that were configured as a part of previous deployments. ■ Do not delete the default managed servers that are created. Rename them as described. Note: Do not change the configuration of the clusters that were configured as a part of previous deployments. Extending the Domain with Oracle Identity Manager 14-7 The cluster_soa has the managed servers WLS_SOA1 and WLS_SOA2 as members. Click Next. 13. On the Configure Machines screen, create a machine for each host in the topology.

a. Click the tab UNIX if your hosts use Linux or a UNIX-based operating system.