Saturday, 16 May 2015

OIM 11g R2 PS2 (11.1.2.2.0) upgrade to OIM11g R2 PS3 (11.1.2.3.0)

This blog describes how to upgrade Oracle Identity Manager 11g Release 2 (11.1.2.2.0), 11g Release 2 (11.1.2.1.0), and 11g Release 2 (11.1.2) environments to Oracle Identity Manager 11g Release 2 (11.1.2.3.0) on Oracle WebLogic Server, using the manual upgrade procedure.

1)      Download the installers from metalink:
Patch 20996201: ORACLE IDENTITY AND ACCESS MANAGEMENT (11.1.2.3.0)
2)      Download the PS 7 for SOA


3)      When you apply Oracle Identity and Access Management 11g Release 2 (11.1.2.3), the application program updates specific software and configuration files contained in the selected Oracle Identity and Access Management Oracle homes which reside inside an Oracle Identity and Access Management 11g Release 2 (11.1.2.0), 11g Release 2 (11.1.2.1), or 11g Release 2 (11.1.2.2) Middleware home.
4)      Performing the Required Pre-Upgrade Tasks: This step involves the necessary pre-upgrade tasks like reviewing system requirements and certification, generating the pre-upgrade report, analyzing the report and performing the necessary pre-upgrade tasks described in the report, backing up the existing 11.1.2.x.x environment.
Obtaining Pre-Upgrade Report Utility

Download zip from OIM 11gR2PS2: Pre-Upgrade Utility (Doc ID 1599043.1)
1)   Move to the directory where the two zip PreUpgradeReport.zip.001 and PreUpgradeReport.zip.002 are copied
2) Run the below command to create a single zip file
 cat PreUpgradeReport.zip.* > PreUpgradeReport.zip
               Unzip the PreUpgradeReport.zip:
Note: Ensure that the database having OIM schema running before running the utility.
1) Edit preupgrade_report_input.properties file to provide values for parameters in Table below: 

Parameter
Description
NOTE
oim.targetVersion
Specify the Target Version
This is OIM Version to which OIM Should be upgraded to  e.g. 11.1.2.2.0

oim.jdbcurl
Specify the Oracle Identity Manager JDBC URL. This can be given as <hostname>:<portname>/service_name


oim.oimschemaowner
Specify the OIM Schema Owner Name

oim.mdsjdbcurl
Specify the MDS JDBC URL. This can be given as<hostname>:<portname>/service_name

For 9x Source Version User need not to provide the MDS JDBC URL
oim.mdsschemaowner
Specify the MDS Schema Owner Name

oim.databaseadminname
Any user with 'DBA' privilege  e.g. sys as sysdba

oim.outputreportfolder
Specify output report folder/directory path where HTML report will be generate.
The output report folder should have read and write permission
oim.mwhome
Specify the MW Home Location

oim.oimhome
Specify the OIM Home location.
For 9x schema source version the OIM Home detail are not required
oim.javahome
Specify the JAVA Home Location
For WAS Specify the WAS Java  Home for eg-/scratch/wars2install/was/java/
oim.wlshome

Specify the WLS Home
For wls server only
oim.domain
Specify the domain home location
e.g. /middleware/user_projects/domains/base_domain

wasCellHome
Specify the WAS Domain Manager Cell Home
e.g. /was/profiles/Dmgr01/config/cells/Cell01
Only valid for Websphere Application Server

Run the following command from the location where the standalone Utility (PreUpgradeReport.zip)  was unzipped
On UNIX:
sh generatePreUpgradeReport.sh



5) Upgrading Oracle SOA Suite to 11g Release 1 (11.1.1.9.0)

This step involves tasks like upgrading Oracle WebLogic Server to 10.3.6, upgrading Oracle SOA Suite to 11.1.1.9.0, and upgrading Oracle Identity Manager to 11.1.2.3.0.
Oracle Identity Manager 11.1.2.3.0 is certified with Oracle SOA Suite 11g Release 1 (11.1.1.9.0). If you are not using Oracle SOA Suite 11.1.1.9.0, you must upgrade your existing Oracle SOA Suite to 11.1.1.9.0 by completing the following steps:
Start the installer and apply the patch:

Change directory to the Disk1 folder inside the unpacked archive folder.
Start the Installer:
On UNIX operating systems:

./runInstaller










6)     Upgrade the SOAINFRA schema by running the Patch Set Assistant (PSA):
On UNIX operating systems:
cd Oracle_Home/bin
 
./psa [-logLevel <log_level>] [-logDir <log_directory>]









Start the WebLogic Administration Server and the SOA Managed Server(s)

7)      Upgrading Oracle Identity Manager Middle Tier: This step involves upgrading Oracle Identity Manager middle tier.
Updating Oracle Identity and Access Management Binaries to 11g Release 2 (11.1.2.3.0)

cd Disk1
Run the following command:
./runInstaller -jreLoc <full path to the JRE directory>
For example:
./runInstaller -jreLoc <MW_HOME>/jdk160_29/jre









8)      Creating Necessary Schemas and Upgrading the Existing Schemas: This step involves tasks like creating Oracle BI Publisher (BIP) schema using Repository Creation Utility 11.1.2.3.0, and upgrading the existing schemas using the Patch Set Assistant.

You must create Oracle BI Publisher schema 11.1.1.9.0 using the Repository Creation Utility (RCU) 11.1.2.3.0:




When you create schema using Repository Creation Utility, select only Business Intelligence Platform (BIPLATFORM) under Oracle Business Intelligence on theSelect Components screen.
Do not select any other schema.






9) Upgrading Existing Schemas

 Move from your present working directory to the <MW_HOME>/oracle_common/bin directory by running the following command on the command line:

cd <MW_HOME>/oracle_common/bin
Run the following command:

./psa








Success screen will appear after successful upgrade.

Verify the upgraded schemas using the below query:

10) Upgrading Oracle Platform Security    Services

This section describes how to upgrade Oracle Platform Security Services (OPSS).
Upgrading Oracle Platform Security Services is required to upgrade the configuration and policy stores to 11.1.2.3.0. It upgrades the jps-config.xml file and policy stores.
To upgrade Oracle Platform Security Services for LDAP- or DB-based store, complete the following steps:
  1. Run the following command from the location MW_HOME/oracle_common/common/bin to launch the WebLogic Scripting Tool (WLST):
On UNIX:
./wlst.sh
upgradeOpss(jpsConfig="/Oracle/Middleware/user_projects/domains/oes_domain/config/fmwconfig/jps-config.xml",
jaznData="/oracle/middleware/oracle_common/modules/oracle.jps_11.1.1/domain_config/system-jazn-data.xml",
jdbcDriver="oracle.jdbc.OracleDriver",
url="jdbc:oracle:thin:@host:1234/db123",
user="R2_OPSS",
password="password123",
upgradeJseStoreType="true")


11) Upgrading Oracle Identity Manager Middle Tier

Middle tier upgrade is performed using the OIMUpgrade.sh utility. Oracle Identity Manager middle tier upgrade is carried out in two stages:

Updating the Properties File

You must update the oim_upgrade_input.properties file with the values for the properties required for middle tier upgrade. To do this, complete the following steps:
1.       Open the oim_upgrade_input.properties file located at ORACLE_OIM_HOME/server/bin/ in a text editor.
2.       Specify the values for all of the properties required for the middle tier upgrade.
Table 23-10 lists the properties and their descriptions
https://docs.oracle.com/cd/E52734_01/core/IAMUP/common_tasks.htm#CHDJAHFG 


12)    Middle tier upgrade offline
This is the first stage where OIMUpgrade.sh is run in offline mode, that is, with the Administration Server and the Managed Server(s) in shutdown state.

Performing Oracle Identity Manager Middle Tier Upgrade Offline

Perform the middle tier upgrade offline by doing the following:
1.       Make sure that you have stopped the WebLogic Administration Server, the Oracle Identity Manager Managed Server(s), and the SOA Managed Server(s).
2.       Run the following command from the location OIM_ORACLE_HOME/server/bin:
On UNIX: ./OIMUpgrade.sh offline








Verify the middle tier offline upgrade by doing the following:
·         Check the HTML reports generated at ORACLE_HOME/server/upgrade/logs/MT/oimUpgradeReportDir_offline.
·         Check the logs files generated at ORACLE_HOME/server/upgrade/logs/MT/ to verify if the middle tier offline upgrade was successful.

Starting Administration Server and SOA Managed Server(s)

After you upgrade middle tier offline, you must start the WebLogic Administration Server and the SOA Managed Server(s) in order to perform middle tier upgrade online.


1)      Middle tier upgrade online
This is the second stage where OIMUpgrade.sh is run in online mode, that is with the Administration Server and the SOA Managed Server(s) in running state.
Make sure that the offline middle tier upgrade was run successfully.
Run the following command from the location OIM_ORACLE_HOME/server/bin:
On UNIX: ./OIMUpgrade.sh online





You can now start  your OIM server and try accessing OIM console :



Start BI managed server and access BIP :


In PS3, The OIM reports are auto configured with BIP:
You can browse through OOTB reports as shown below:


Follow below notes to Enable BI Publisher:

The below steps are not performed in my environment as it is not mandatory. It depends on your environment customization and features of OIM used. So please visit the below URL to verify everything once.

a) Upgrading Other Oracle Identity Manager Installed Components: This step involves tasks like upgrading Oracle Identity Manager Design Console and Oracle Identity Manager Remote Manger to 11.1.2.3.0.

b)  Performing the Required Post-Upgrade Tasks: This step involves any post-upgrade tasks, and the steps to verify the upgrade.

4 comments:

  1. Do you have the upgrade procedure for OAM 11g R2 PS2 (11.1.2.2.0) to OAM11g R2 PS3 (11.1.2.3.0)

    ReplyDelete
  2. No, but you can follow the official Oracle link : https://docs.oracle.com/cd/E52734_01/core/IAMUP/upg_sev_oam.htm#IAMUP3713

    ReplyDelete
  3. Hi Abhishek,

    Could you please confirm if step 10, opss is mandatory and if we havent done it how it will impact system.
    As wen ever we have installed PS2 that time we have executed OPSS steps.

    ReplyDelete
  4. Great Post… I love to read your articles because your writing style is too good, its is very very helpful for all of us and I never get bored while reading your article because, they are becomes a more and more interesting from the starting lines until the end. sql-server-training-institute-in-hyderabad

    ReplyDelete