Installation of OIM using pre-existing Database and Schema

·         Sometimes because of some misconfigurations or human errors/mistakes OIM environments get corrupted or not responding properly. So it’s required to reinstall OIM to set up the environment again. 

·         This blog explains similar scenario where we reinstalling OIM without touching our DB & RCU. Here our new OIM domain is going to point the same existing database. 

·         This blog is going to explain only the steps need to be followed in sequence. General installation steps with screenshots are not shown here.

·         Only the necessary steps which are different than fresh installation are explained thoroughly.

STEPS

1.             Not required to install DB and RCU again as it is going to point the existing DB/RCU.

2.             Install JDK 1.6 or JDK 1.7 using general steps.

3.             Install weblogic 10.3.6 using general steps.

4.             Install SOA using general steps.

5.             Install IAM software using general steps.

6.             Create Domain for OIM pointing to existing DB/schema. Provide old DB and schema details. 

The next steps will be different than the steps of fresh installation which will be our point of interest.

7.        OPSS Configuration / Configure Database Security Store using join operation.

OPSS JOIN:

• The security store with in your DB is encrypted using an encryption key. The first step is to get that key exported.
• Let's assume oimdomain1 is the domain initially configured with the security store and oimdomain2 is the new domain that needs to be associated.  

i)     First export the encryption key using below command –

cd $MW_HOME/oracle_common/common/bin

./wlst.sh  

exportEncryptionKey(jpsConfigFile=”MW_HOME/user_projects/domains/oimdomain1/config/fmwconfig/jpsconfig.xml",keyFilePath=”MW_HOME/user_projects/domains/oimdomain1/config/fmwconfig/key_opss”, keyFilePassword=”q1w2e3r4”)

(keyFilePassword is the password that used to create old opss security store)

• Then copy the generated key_opss file from old domain to new domain. 

ii)    Associate the security store with the new domain oimdomain2. 

cd $MW_HOME/oracle_common/common/bin 

./wlst.sh MW_HOME /Oracle_IDM1/common/tools/configureSecurityStore.py -d MW_HOME /user_projects/domains/oimdomain2 -c IAM -p Oracle123 -m join -k MW_HOME/ user_projects/domains/ oimdomain2/config/fmwconfig/key_opss -w q1w2e3r4  

(Here Oracle123 is the OPSS schema password and q1w2e3r4 is the keyfile password) 

iii)  Then validate its proper or not. 

<MW_HOME>/oracle_common/common/bin 

./wlst.sh MW_HOME/Oracle_IDM1/common/tools/configureSecurityStore.py -d /opt/oracle/apps/Middleware/user_projects/domains/oimdomain2 -m validate

8.       Copy .xldatabasekey file from Middleware_Home/user_projects/domains /oimdomain1/config/fmwconfig   location of old domain to corresponding location of new domain.

9.       Proceed to OIM configuration using general steps.

10.   After configuring OIM, copy 3 files cwallet.so, default_keystore.jks and xlserver.crt files from Middleware_Home/user_projects/domains /oimdomain1/config/fmwconfig location of old domain to corresponding location of new domain.

11.   Restart OIM admin and managed servers.




******************************Thanks for Visiting*********************************