oracle.jdbc.OracleDriver while running ANT command. it means missing ojdbc6.jar file under java

ant command error for oracle.jdbc.OracleDriver

below error in detail

seed-ldap-recon-jobs:
     [echo] ----> Seeding LDAP Reconciliation schedule jobs
     [java] Exception in thread "Main Thread" java.lang.ClassNotFoundException:                                                       oracle.jdbc.OracleDriver
     [java]     at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
     [java]     at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
     [java]     at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
     [java]     at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
     [java]     at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
     [java]     at java.lang.Class.forName0(Native Method)
     [java]     at java.lang.Class.forName(Class.java:171)
     [java]     at oracle.iam.scheduler.seed.SeedSchedulerData.startSeeding(Seed                                                      SchedulerData.java:738)
     [java]     at oracle.iam.scheduler.seed.SeedSchedulerData.main(SeedSchedule                                                      rData.java:116)
     [java] Java Result: 1

solution
download ojdbc6.jar driver from oracle site and place it under JAVA_HOME/jre/lib/ext/

re-run ANT command

ant command error linux. Could not find the main class: org.apache.tools.ant.launch.Launcher. Program will exit

Exception in thread "Main Thread" java.lang.NoClassDefFoundError: org/apache/tools/ant/launch/Launcher
Caused by: java.lang.ClassNotFoundException: org.apache.tools.ant.launch.Launche                                                      r
        at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
        at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
Could not find the main class: org.apache.tools.ant.launch.Launcher.  Program will exit.

above message is displaying when running ant command

solution:
check your ANT_HOME value it should be set and when setting up path please do not include /bin . it is rule when you setup path of any product, path goes until /bin but doest include bin in java


wrong example
echo $ANT_HOME
/opt/iam11122/middleware/modules/org.apache.ant_1.7.1/bin
correct example

echo $ANT_HOME
/opt/iam11122/middleware/modules/org.apache.ant_1.7.1

fix the path and rerun the command it should work now.

oim 11.1.2.2 missed documentaion steps to configure LDAP sync with OID after installation. libOVD creation steps

once you try to configure OIM 11gR2ps2 with OID after following the documentation you run into an issue where you run following command and see errors as below

LDAPConfigPostSetup.sh <MW_Home>/IAM_Home/server/ldap_config_util

you get following error

[Enter OIM admin password:]
javax.naming.NamingException: Config location must be a directory [Root exception is oracle.ods.virtualization.config.ConfigException: Config location must be a directory]

Unable to get either LDAP, OIM connection or LDAPSync is not enabled and reason is:Config location must be a directory

javax.management.InstanceNotFoundException: javax.management.InstanceNotFoundException: com.oracle:type=OVD,context=oim,name=AdaptersConfig.

 this is because system is trying to look for OIM folder under OVD folder at
$DOMAIN_HOME/ config/ fmwconfig/ovd/oim

but see /default folder under /ovd and /oim folder does't exist



this happen because you are missing instructions to create libOVD that is required to have it after  11.1.1.3 version because you don't need to have OVD installed in order for LDAP sync. libOVD is created to do the syncing with OID and OIM.

here are oracle documentation that can be followed to create libOVD.

Set these environment variables before executing the scripts to configure libOVD

set ORACLE_HOME to $MIDDLEWARE_HOME/oracle_common
eg., /scratch/uday/work_100910/mw3727/oracle_common/
set WL_HOME to $MIDDLEWARE_HOME/wlserver_10.3
eg., /scratch/uday/work_100910/mw3727/wlserver_10.3/
JAVA_HOME to $BADE_HOME/jdk6
eg., /scratch/uday/work_100910/mw3727/jdk160_21/

VI) Execute these scripts to configure libOVD. Pls. substitute to the appropriate information of your machine and directory path.

a) To create libOVD config files and layout the directory structure:

Run "$MW_HOME/oracle_common/bin/libovdconfig.sh". This will create the directory structure containing OVD config files for OIM usecase & copy the config file templates. In the given example, the contextName is assumed to be "oim", in which case, the OVD configuration files would be created under "<DOMAIN_HOME>/config/fmwconfig/ovd/oim".

Actual command :

sh $MW_HOME/oracle_common/bin/libovdconfig.sh -domainPath <Full_Path_Domain> -contextName oim -host <AdminServer Host> -port <AdminServer port> -userName <AdminServer username>

NOTE : Since libOVD is included in OIM, both are deployed on the same web container, hence the Admin Server host and Admin Server port should be of the machine where OIM resides. It is not the one where OID is installed.

eg.,

sh $MW_HOME/oracle_common/bin/libovdconfig.sh -domainPath $MW_HOME/user_projects/domains/base_domain -contextName oim -host adcxyz.us.oracle.com -port 7001 -userName weblogic

Enter AdminServer Password:

Successfully created OVD config files

CSF Credential creation successful

Permission Grant successful

Successfully configured OVD MBeans

b) To create User and Changelog adapter. (This will create adapters with the information that you give when running this script, based on the OIM template.): Type in a single line.

Run "$MW_HOME/oracle_common/bin/libovdadapterconfig.sh" or .bat, with template being "oim template". This will create adapters with the information that you give when running this script, based on the OIM template. In the given example, the contextName is assumed to be "oim".

Actual command :

sh $MW_HOME/oracle_common/bin/libovdadapterconfig.sh -domainPath <Full_Path_Domain> -contextName oim -host <AdminServer Host> -port <AdminServer port> -userName <AdminServer username> -adapterName <adapter_name> -adapterTemplate adapter_template_oim.xml -bindDN <LDAP BindDN> -createChangelogAdapter -dataStore <LDAP Directory Type> -ldapHost <LDAP Host> -ldapPort <LDAP port> -remoteBase <remote base> -root <virtual base>

NOTE :

1) Since libOVD is included in OIM, both are deployed on the same web container, hence the Admin Server host and Admin Server port should be of the machine where OIM resides. It is not the one where OID is installed.

2) In the parameters that you are passing while running the tool, value for -dataStore argument should be back-end directory type. Valid supported values for this parameter (when using the adapter_template_oim.xml) are OID, ACTIVE_DIRECTORY, IPLANET, OUD.

3) If you are using SSL port for the ldapPort, give the parameter '-enableSSL' in the libovdadapterconfig.sh/.bat command.

In addition, If the Backend LDAP server port is SSL, OIM user will need to use keytool to import the trusted certificate from the Backend LDAP server into Identity Virtualization Library(libOVD) keystore.

Follow the steps (3) & (4) as documented in

http://download.oracle.com/docs/cd/E15523_01/oid.1111/e10046/basic_adapters.htm#CHDBBFHA

eg., non SSL

sh $MW_HOME/oracle_common/bin/libovdadapterconfig.sh -domainPath $MW_HOME/user_projects/domains/base_domain -contextName oim -host adcxyz.us.oracle.com -port 7001 -userName weblogic -adapterName LDAP1 -adapterTemplate adapter_template_oim.xml -bindDN "cn=orcladmin" -createChangelogAdapter -dataStore OID -ldapHost adc11111111.us.oracle.com -ldapPort 3060 -remoteBase "dc=us,dc=oracle,dc=com" -root "dc=us,dc=oracle,dc=com"

Enter AdminServer Password:

Enter LDAP Server Password:

eg., SSL

sh $MW_HOME/oracle_common/bin/libovdadapterconfig.sh -domainPath $MW_HOME/user_projects/domains/base_domain -contextName oim -host adcxyz.us.oracle.com -port 7001 -userName weblogic -adapterName LDAP1 -adapterTemplate adapter_template_oim.xml -bindDN "cn=orcladmin" -createChangelogAdapter -dataStore OID -ldapHost adc11111111.us.oracle.com -ldapPort 3161 -enableSSL -remoteBase "dc=us,dc=oracle,dc=com" -root "dc=us,dc=oracle,dc=com"

Enter AdminServer Password:

Enter LDAP Server Password:

VII) Restart Webcontainer and OIM server

eg.,

cd /scratch/uday/work_100910/mw3727/user_projects/domains/imdomain989/bin/

./stopManagedWebLogic.sh oim_server1

./stopWebLogic.sh

./startWebLogic.sh

./startManagedWebLogic.sh oim_server1

In IAM view,

cd iam-build

ant stop-wls

ant start-wls

VIII) For now till the Installation and Configuration code is ready, do this to wire OIM to libOVD

Login to OIM Advanced Console,

Under Configuration, click 'Manage IT Resource'.

Select the Resource Type : Directory Server.

Edit the IT Resource Configuration.

Enter the values for the 'Search Base' of the libOVD server and 'Reservation Container'.

eg.,

Search Base : dc=oracle,dc=com

Reservation Container : cn=reserve,dc=us,dc=oracle,dc=com

For SH, the installation,configuration tool would set these once the

appropriate server option is chosen (OVD or libOVD). Still the install

implementation has to be done.

Restart WLS server.

Try accessing the server and manage users and roles through OIM console.

To verify that the data is pushed to OID, verify through ODSM or JExplorer.

 

installing jrocket at linux easy 3 steps installation

1.      Download jrocket from oracle website

2.      Change permission on it using

chmod +x jrockit-jdk1.6.0_45-R28.2.7-4.1.0-linux-x64.bin

 

3.      Run command like

./ jrockit-jdk1.6.0_45-R28.2.7-4.1.0-linux-x64.bin

 

4.      Provide the path where you want to install. It is better if you can give short name like /ora/ jrockit-jdk1.6.0_45

5.      Select if you want to install source code and samples(required for developers)

utility to import,export and delete from MDS database 11gR2 weblogic.properties

 commands that we can use to export and import files from MDS data from OIM 11gR2

in order to avoid confusion about either you need to use export or import . think as MDS database. if you want to get files from this database you have to use export and if you want to put files into this database you have to use import files to database.

if you have ldapMetadata folder than export utility will import files inside of ldapMetadata otherwise it will be ignored

please make sure to create folder and subfolder while importing from MDS schema

$mkdir -p /tmp/stage/db/ldapMetadata

MDS utility is located under $OIM_HOME/server/bin

weblogic.properties files parameters use one parameter each. make changes in weblogic.properties file and run.

utilities ( weblogicImportMetadata.sh,weblogicExportMetadata.sh,weblogicDeleteMetadata.sh).


$ ./weblogicExportMetadata.sh
# Directory location to which XML file should be exported to
metadata_to_loc=/tmp/stage
# For example /file/User.xml to export user entity definition. You can specify multiple xml files as comma separated values.

$./weblogicImportMetadata.sh
in this folder or in its sub folders. Import utility tries to RECURSIVELY import ALL the files under the
# from location folder. This property is only used by weblogicImportMetadata.sh
# WARNING: weblogicImportMetadata utilities will import ALL xml inside the matedata_from_loc and will disregard metadata_files
metadata_from_loc=/tmp/stage/


$./weblogicDeleteMetadata.sh
#  This property is ONLY used by weblogicExportMetadata.sh and weblogicDeleteMetadata.sh scripts.

 below example is to delete EventHandlers.xml file
metadata_files=/db/ldapMetadata/EventHandlers.xml

if you want to import all the files under db than above parameter value will be
 metadata_files=/db/*


if you want to have files inside the ldapMetadata make sure to create folder inside db to get this file exported.

SQL command to check MDS repository
SQL>connect dev_mds/password

SQL> select PATH_FULLNAME from mds_paths where upper(PATH_FULLNAME) like '%LDAP%'

 

parameter value changes to enabe LDAP Sycn failure related errors between OID and OIM 11gr2

To configure loggers:

1. Open the DOMAIN_NAME/config/fmwconfig/servers/SERVER_NAME/logging.xml file.

/<DOMAIN_HOME>/iamdev/config/fmwconfig/servers/oim_server1


parameter for OID error logs


 oracle.iam.ldap-sync 

Logs events related to the Oracle Identity Manager and LDAP synchronization feature.

to make it easier follow these

vi logging.xml
press shift +G (to go to bottom of file)
 add following line

<logger name=’XELLERATE.SCHEDULER’ level=’TRACE:32′ useParentHandlers=’false’>
 <handler name=’odl-handler’/>
 <handler name=’console-handler’/>
 </logger><logger name=’XELLERATE.SCHEDULER.TASK’ level=’TRACE:32′ useParentHandlers=’false’>
 <handler name=’odl-handler’/>
 <handler name=’console-handler’/>
 </logger>

restart OIM.
rerun scheduler and go to OIM logs($DOMAIN_HOME/servers/<oim_server1>/logs/oim-server1-diagnostic.log

if logs are not showing up in oim-server1-diagnostic.log  look at nohup.out logs(located at $DOMAIN_HOME/bin same place you started all the admin and managed servers.)


more information from oracle is below


Individual loggers are configured in the <loggers> section of the logging.xml file. More than twenty different Oracle Identity Manager loggers that can be configured to send messages to log handlers. Oracle Identity Manager loggers are described in Table 2 on page 7.Setting the level attribute for the logger configures the amount of detail (and, hence, the volume of messages) that the logger sends to its handlers. Nesting one or more <handler> elements inside of <logger> elements assigns handlers to loggers.The following excerpt shows a logger called OIMCP.PSFTCOMMON. The level attribute is set to WARNING:32 and the logger sends messages to three handlers:

<logger name="OIMCP.PSFTCOMMON" level="WARNING:32" useParentHandlers="false">
<handler name="odl-handler"/>
<handler name="wls-domain"/>
<handler name="console-handler"/>
</logger>

A logger can inherit a parent logger's settings, including the parent's level setting and other attributes, as well as the parent logger's handlers. To disable inheritance, set the useParentHandlers attribute to false, as shown in the previous excerpt.
At the top of the logger inheritance tree is the root logger. The root logger is the logger with an empty name attribute, as shown in the following example.

<loggers>
    <logger name="" level="WARNING:1">
      <handler name="odl-handler"/>
      <handler name="wls-domain"/>
      <handler name="console-handler"/>
    </logger>

    <!-- Additional loggers listed here -->
</loggers>

If a logger is configured with only its name attribute, the logger will inherit the rest of its attributes from the root logger, as shown in the following example:

<loggers>
    <logger name="oracle.iam.identity.rolemgmt"/>
    <!-- Additional loggers listed here -->
</loggers>

parameter for OID error logs


 oracle.iam.ldap-sync 

Logs events related to the Oracle Identity Manager and LDAP synchronization feature.



 

oim 11g default names after installing oim, oam soa to start these servers in linux also starting nodeManager

the default names to start oim oam and soa  are just add _server1 at the end of each name



how to start these servers

go to $DOMAIN_HOME/bin
./startManagedWebLogic.sh oam_server1

to start these servers in backgroup

nohup ./startManagedWebLogic.sh oim_server1 &

nohup ./startManagedWebLogic.sh oam_server1 &

nohup ./startManagedWebLogic.sh soa_server1 &

nohup ./startManagedWeblogic.sh oaam_server_server1 &


to start weblogic
 ./startWebLogic.sh
to start in backgroud
 nohup ./startWebLogic.sh &




to start nodmanager

cd to $NODMANAGER_HOME

where nodeManager home is located under wlserver10.3/server/bin

  ./startNodeManager.sh &

how to check history of commands in sqlplus while connecting thru linux server

use list command u will see all the commands (DDL,DML)

SQL> list
  1* select * from v$DATABASE

 

copy command for folder and subfolder also with the option to preserve timestep command to create folder and subfolder and delete folder and subfolder

use following command to copy folder and subfolder. this command will also preserve timestmep.

$cp -Rp   /source-folder /destination-folder


to tar and gunzip

$tar czvf filename /destination-folderpath

command to make folder and subfolder

$mkdir -p folder1/folder2/folder3

to delete folder and subfolder


$rm -rf folder1

new OID configuration steps to create default containers, administrators, and Access Control Lists (ACIs) in 11g Release 2 (11.1.2.2.0)

Preconfiguring LDAP means making the LDAP directory ready to have default containers, administrators, and Access Control Lists (ACIs) for Oracle Identity Manager to perform correctly

if you don't have OID configured already in your environment you must need to follow steps to configure OID with 11g Release 2 (11.1.2.2.0)

you must complete the following steps to preconfigure the Identity Store:

Create a new file OIDContainers.ldif. Add the following entries and save the file.
make sure to modify dn value as per your environment. there is space between each entry also make sure to have your cursor at the new line after copying these values in a file

dn:cn=oracleAccounts,dc=orasystemsusa,dc=com
cn:oracleAccounts
objectClass:top
objectClass:orclContainer

dn:cn=Users,cn=oracleAccounts,dc=orasystemsusa,dc=com
cn:Users
objectClass:top
objectClass:orclContainer

dn:cn=Groups,cn=oracleAccounts,dc=orasystemsusa,dc=com
cn:Groups
objectClass:top
objectClass:orclContainer

dn:cn=Reserve,cn=oracleAccounts,dc=orasystemsusa,dc=com
cn:Reserve
objectClass:top
objectClass:orclContainer
Import the containers into Oracle Internet Directory Server with ldapadd command. This will create the user, group and reserve containers.


ldapadd -h <OID Server> -p <OID port> -D <OID Admin ID> -w <OID Admin password> -c -f ./OIDContainers.ldif

For example:
ldapadd -h localhost -p 389 -D "cn=orcladmin" -w "welcome1" -c -f ./OIDContainers.ldif

If the above gives authentication error, try the command with '-x' option with simple bind option.

ldapadd -h localhost -p 389 -x -D "cn=orcladmin" -w "welcome1" -c -f ./OIDContainers.ldif


Configure OIM proxy users and acis to communicate with OID after installing OID. Create the OIM Admin User, Group and the ACIs.

The root suffix is given as 'dc=orasystemsusa,dc=com'. This can be replaced with the appropriate root suffix of the OID server.

Open a new file oidadmin.ldif. Add the following LDAP entries and save the file oidadmin.ldif. Run the following command to load the ldif file, oidadmin.ldif.


Note:
Run the ldapmodify command in OID setup to add the OIM proxy User, OIM proxy Group and the relevant ACIs.

./ldapmodify -h <OID Server> -p <OID port> -D <OID Admin ID> -w <OID Admin password> -c-v-f oidadmin.ldif

dn: cn=systemids,dc=orasystemsusa,dc=com
changetype: add
objectclass: orclContainer
objectclass: top
cn: systemids

dn: cn=oimAdminUser,cn=systemids,dc=orasystemsusa,dc=com
changetype: add
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetorgperson
objectclass: orcluser
objectclass: orcluserV2
mail: oimAdminUser
givenname: oimAdminUser
sn: oimAdminUser
cn: oimAdminUser
uid: oimAdminUser
userPassword: welcome1

dn: cn=oimAdminGroup,cn=systemids,dc=orasystemsusa,dc=com
changetype: add
objectclass: groupOfUniqueNames
objectclass: orclPrivilegeGroup
objectclass: top
cn: oimAdminGroup
description: OIM administrator role
uniquemember: cn=oimAdminUser,cn=systemids,dc=orasystemsusa,dc=com

dn: cn=oracleAccounts,dc=orasystemsusa,dc=com
changetype: modify
add: orclaci
orclaci: access to entry by group="cn=oimAdminGroup,cn=systemids,dc=orasystemsusa,dc=com" (add,browse,delete) by * (none)
orclaci: access to attr=(*) by group="cn=oimAdminGroup,cn=systemids,dc=orasystemsusa,dc=com" (read,search,write,compare) by * (none)
dn: cn=changelog
changetype: modify
add: orclaci
orclaci: access to entry by group="cn=oimAdminGroup,cn=systemids,dc=orasystemsusa,dc=com" (browse) by * (none)
orclaci: access to attr=(*) by group="cn=oimAdminGroup,cn=systemids,dc=orasystemsusa,dc=com" (read,search,compare) by * (none)

Use the following command to check if the ACI is added.

./ldapsearch -h <OID Server> -p <OID Port> -D "cn=orcladmin"
 -w <OID Admin password> -b "dc=orasystemsusa,dc=com" -s one "objectclass=*" orclaci
Use the following command to check if the proxy user is working against OID. Before running this command ensure that the changenumber is catalogued.

./ldapsearch -h <OID Server> -p <OID Port> -D
 "cn=oimAdminUser,cn=systemids,dc=orasystemsusa,dc=com" -w <OID Admin password> -b
 "cn=changelog" -s sub "changenumber>=0"

If the above command gives an error, try the following:

./ldapsearch -h <OID Server> -p <OID Port> -D
 "cn=oimAdminUser,cn=systemids,dc=orasystemsusa,dc=com" -w <OID Admin password> -b
 "cn=changelog" -s one "changenumber>=0"
  

OIM 11gR2ps2 designconsole error while starting up ./xlclient.sh Exception in thread “main” java.lang.NoClassDefFoundError: javax/ejb/CreateException

to modify designconsole configuration or url changes go to following directory
<designconsole>config/xlconfig.xml

you can change values of these 2 parameters or if you want to make other changes.

ApplicationURL

CoreServer

error while starting up designconsole OIM 11.1.2.2.0

./xlclient.sh

Exception in thread “main” java.lang.NoClassDefFoundError: javax/ejb/CreateException
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Class.java:2427)
at java.lang.Class.getDeclaredMethod(Class.java:1935)

Create wlfullclient.jar on OIM 11.1.2.2. server as explained below

1.  go to $DOMAIN_HOME directory to setup environment(only if you don't have this setup already at profile level).

cd $DOMAIN_HOME/bin


 Set environment variable by executing setDomainEnv.sh (or bat for windows)


2. go to WL_HOME directory.
 cd $MW_HOME/wlserver_10.3/server/lib

3. run following command it will generate wlfullclient.jar file
 java -jar /u02/oracle/mw/modules/com.bea.core.jarbuilder_1.6.0.1.jar


4. Copy generated wlfullclient.jar to $DESIGN_CONSOLE_HOME/designconsole/ext

5. Start Design Console as $DESIGN_CONSOLE_HOME/designconsole/xlclient.sh

6. Login using xelsysadm/password


 

java.lang.Exception: Exception occured while encrypting the configuration and database

OIM 11gR2ps2 console configuration error.

java.lang.Exception: Exception occured while encrypting the configuration and database
        at oracle.as.install.oim.config.util.EncryptConfigurationAndDB.encryptConfigurationAndDatbase(EncryptConfigurationAndDB.java:240)

solution:
check your WL_HOME , JAVA_HOME path sometimes when you re-configure domain with different name. installer try to look files at old path.

 

quick steps of taking backup before trying to delete OIM 11gR2ps2 OAM 11gR2 SOA 11gR2 domain

1. taking backup of existing domains(in case of you have to comeback and use it again).
tar with following command.

cd $DOMAIN_HOME
tar -cvzf ./dev_domain.tar.gz ./dev_domain
rename or delete existing domain

2. take backup of stage domain

cd <MW_HOME>/user_projects/applications

tar -cvzf ./dev_domain.tar.gz ./dev_domain
rename or delete existing domain


3. take backup of database.

cd /oracle/oradata

  tar -cvzf db.tar.gz ./db

4. run RCU to drop all the domains.


you can recreate domains using RCU, configure domains and follow other process to re-install OIM 11g.

 

OIM 11gR2ps2 installation error Unable to deploy EJB: tcFormDefinitionOperationsIntf from iam-ejb.jar

environment
weblogic 10.1.3.6
OIM 11.1.2.2
SOA 11.1.2.2



Unable to deploy EJB: tcFormDefinitionOperationsIntf from iam-ejb.jar:
Exception while attempting to deploy Unchecked or Excluded Security Policy:  weblogic.security.service.ResourceCreationException: weblogic.security.spi.ResourceCreationException: [Security:090310]Failed to create resource
.
weblogic.application.ModuleException: Exception preparing module: EJBModule(iam-ejb.jar)

Unable to deploy EJB: tcFormDefinitionOperationsIntf from iam-ejb.jar:
Exception while attempting to deploy Unchecked or Excluded Security Policy:  weblogic.security.service.ResourceCreationException: weblogic.security.spi.ResourceCreationException: [Security:090310]Failed to create resource


Solution:

PLEASE DO NOT RUN  BELOW COMMAND AT OIM 11gR2Ps2 to create security store as it was required in previous releases 11gR1

SQL> @rdbms_security_store_oracle.sql

also below 3 RPS are very important during installation of Weblogic 10.1.3.6 if you are getting error please stop installation and install these RPS instead of keep going and find at the end that OIM Console is not coming up.

these RPS are

Checking for compat-libcap1-1.10-1-x86_64; Not found.   Failed <<<<

Checking for compat-libstdc++-33-3.2.3-69.el6-i686; Not found.  Failed <<<<

Checking for libstdc++-4.4.4-13.el6-i686; Not found.    Failed <<<<


reinstall Weblogic and make sure all the RPMs are there than install SOA and OIM. it should work.



 

how to tar and gn together linux command tar -cvzf to untar use zxvf

use following command to tar domain folder. u need to be outside of domain folder in order to tar and gz it

tar cvzf ./domain.tar.gz ./domain


or
tar czvf  filename.tar.gz  /folder-path


to untar above file

tar -zxvf ./domain.tar.gz ./domain

Where,

• -z : Uncompress the resulting archive with gzip command.
• -x : Extract to disk from the archive.
• -v : Produce verbose output i.e. show progress and file names while extracting files.
• -f data.tar.gz : Read the archive from the specified file called data.tar.gz.

By defaults files will be extracted into the current directory. To change the directory use -C option. In this example, extract files in /data/projects directory:

 
tar -zxvf data.tar.gz -C /data/projects

deinstalling OIM 11gR2ps2(11.1.2.2.0) in linux and windows

here is the process that needs to be followed to uninstall OIM 11gR2ps2(11.1.2.2.0)

The deinstaller attempts to remove the Oracle Home directory from which it was started. Before you choose to remove your Oracle Identity Management Oracle Home directory, make sure that it is not in use by an existing domain and that you stop all running processes that use this Oracle Home.
Deinstalling Oracle Identity Management will not remove any WebLogic domains that you have created—it only removes the software in the Oracle Identity Management Oracle Home directory.

Perform the following steps to deinstall your Oracle Identity and Access Management Oracle Home using the graphical, screen-based deinstaller:

1. Verify your Oracle Identity and Access Management Oracle Home is not in use by an existing domain.
   
2. Stop all processes that use the Oracle Identity and Access Management Oracle Home.
   
3. Open a command prompt and move (cd) into the IAM_ORACLE_HOME/oui/bin directory (UNIX) or the IAM_HOME\oui\bin directory (Windows).
   
4. Invoke the Deinstaller from command line using the -deinstall option. For example:
   On UNIX:
   

   ./runInstaller -deinstall
   

   On Windows:
   

   setup.exe -deinstall
   

   The Welcome screen appears.
   
5. Click Next.
   In the Deinstall Oracle Home screen, you can save a response file that contains the deinstallation settings before deinstalling. Click Deinstall. The Deinstall Progress screen appears. This screen shows the progress and status of the deinstallation.
   Click Finish after the deinstallation progresses to 100%. The Deinstallation Complete screen appears.
   
6. Click Finish on the Deinstallation Complete screen to exit the deinstaller.
   

J.1.2 Deinstalling the Oracle Common Home

The ORACLE_COMMON_HOME directory located in the MW_HOME directory contains the binary and library files required for Oracle Enterprise Manager Fusion Middleware Control and Oracle Java Required Files (JRF). Before you deinstall the ORACLE_COMMON_HOME directory, ensure that no other Oracle Fusion Middleware software, such as Oracle SOA Suite, depends on ORACLE_COMMON_HOME. You cannot deinstall the ORACLE_COMMON_HOME directory until all software that depends on it has been deinstalled.
Perform the following steps to deinstall the ORACLE_COMMON_HOME directory:

1. Stop all processes that use the ORACLE_COMMON_HOME directory. To know all the processes that are using ORACLE_COMMON_HOME directory use the following commands:
   On UNIX:
   

   ps-ef grep <oracle_common>
   

   On Windows:
   Use the Windows Task Manager to identify the processes that use the ORACLE_COMMON_HOME directory.
   
2. Deinstall your Oracle Identity and Access Management Oracle Home by performing the steps in Deinstalling the Oracle Identity and Access Management Oracle Home.
   
3. Open a command prompt and move (cd) into the ORACLE_COMMON_HOME/oui/bin/ directory (on UNIX) or the ORACLE_COMMON_HOME\oui\bin\ directory (on Windows).
   
4. Invoke the Deinstaller from command line using the -deinstall option and the -jreLoc option, which identifies the location where Java Runtime Environment (JRE) is installed. For example:
   On UNIX:
   

   ./runInstaller -deinstall -jreLoc FULL_PATH_TO_JRE_DIRECTORY
   

   On Windows:
   

   setup.exe -deinstall -jreLoc FULL_PATH_TO_JRE_DIRECTORY
   

   The Welcome screen appears.
   
5. Click Next. The Select Deinstallation Type screen appears.
   
6. Select the Deinstall Oracle Home option at the top of the Select Deinstallation Type screen.
   
   Note:

   The path to the ORACLE_COMMON_HOME directory appears in the text describing the Deinstall Oracle Home option.
   Click Next. The Deinstall Oracle Home screen appears.
   
7. Confirm the correct ORACLE_COMMON_HOME directory is listed and click Deinstall.
   The Deinstallation Progress screen appears, along with a Warning dialog box prompting you to confirm that you want to deinstall the ORACLE_COMMON_HOME directory.
   
8. Click Yes on the Warning dialog box to confirm you want to remove the ORACLE_COMMON_HOME directory. The deinstallation begins.
   
9. Click Finish after the deinstallation progresses to 100%. The Deinstallation Complete screen appears.
   
10. Click Finish on the Deinstallation Complete screen to exit the deinstaller.
    

oim 11.1.2.1.* [oim_server1] [WARNING] ....[APP: oim#11.1.2.0.0] IAM-1020021 Unable to execute job : LDAP Role Hierarchy Reconciliation with Job History Id:63353[[

When running the LDAP Role Create and Update Reconciliation, getting errors within the diagnostic log:

 [oim_server1] [WARNING] ....[APP: oim#11.1.2.0.0] IAM-1020021 Unable to execute job : LDAP Role Hierarchy Reconciliation with Job History Id:63353[[
java.lang.Exception: Unable to get LDAP connection, and the root cause is - Failed to create connection

CAUSE
The Directory Server IT Resource has an entry for "Server URL" of the HOSTNAME when it should be blank for libOVD implementation.


SOLUTION
Remove the any entry from the Server URL in the IT Resource so that libOVD can pull from internal files.

OIM 11gR2ps2 error [oim_server1] [ERROR] [JBO-1609] [oracle.adf.mbean.share.connection.ConnectionsMXBeanImpl] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 0000KWE52gM8tl9pVcg8yc1Jyq_P000002,0] [APP: oracle.iam.console.identity.self-service.ear#V2.0] Failed to create connection for {/example/jedi/model/common/}ExampleModuleService

 [oim_server1] [ERROR] [JBO-1609] [oracle.adf.mbean.share.connection.ConnectionsMXBeanImpl] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <WLS Kernel>] [ecid: 0000KWE52gM8tl9pVcg8yc1Jyq_P000002,0] [APP: oracle.iam.console.identity.self-service.ear#V2.0] Failed to create connection for {/example/jedi/model/common/}ExampleModuleService

Reason.
once u upgrade OIM from 11.1.2.1 to 11.1.2.2.* you will see this error.

Solution:
this message can be ignored since it is benign error message.

 

finding OIM 11gR2Ps2 correct version information

$sqlplus

Enter user-name: dev_oim
Enter password:

SQL> select xsd_value from xsd where xsd_code='XL_BUILD_NUMBER';
XSD_VALUE
--------------------------------------------------------------------------------
11.1.2.2.0.0.0

OIM11gR2 java.lang.ClassNotFoundException error OES Configuration Using JBoss as a Security Module Throws Error

OES Configuration Using JBoss as a Security Module Throws Error on AIX
When you try to configure JBoss Security Module on an AIX operating system, it throws a java.lang.ClassNotFoundException error.

Workaround:
Complete the following steps:

1. Go to the following directory:
   

   JAVA_HOME/jre/lib/security
   

2. Open the java.security file and search for policy.provider attribute. The value of the attribute policy.provider is set to org.apache.harmony.security.fortress.DefaultPolicy.
   You must delete the existing value of the policy.provider attribute and change it to sun.security.provider.PolicyFile.

JVM Error while configuring OIM 11gR2 and workaround

Configuring Database Security Store Fails with JVM Error
When you configure the Database Security Store using the following configureSecurityStore.py script,

oracle_common/common/bin/wlst.sh $ORACLE_HOME/common/tools/configureSecurityStore.py -d DOMAIN_HOME -c IAM -m create -p OPSS_SCHEMA_PASSWORD

the configuration fails with a JVM error. The following error is displayed:

JRE version:7.0_25 Java VM:OpenJDK 64-Bit Server VM(23.7-b01 mixed mode linux-amd64 compressed oops) Problematic frame: V [libjvm.so+0x773ec7] JVM_handle_linux_signal+0x54df7 

Workaround:
The above error occurs because the JVM process tries to access a memory location that the operating system has not given access to.

As a workaround, re-configure the Database Security Store using the following command:
$JAVA_HOME/bin ./java -jar wls1036_generic.jar

Requests Fail with ClassCastException on weblogic 10.3.5 when initiating approval request. solution apply patch

Requests Fail with ClassCastException
When you install Oracle Identity Manager on Weblogic Server (10.3.5.0), the request fails with the following exception:

Unable to instantiate the workflow process due to: Tasklist mapping failed for workflowdefinition: default/DefaultRequestApproval!1.0 due to oracle.bpel.services.workflow.query.ejb.TaskQueryService_oz1ipg_HomeImpl_1035_WLStub cannot be cast to oracle.bpel.services.workflow.query.ejb.TaskQueryServiceRemoteHome.

This happens when initiating the approvals for a request.

Workaround:
For Weblogic Server 10.3.5 you must download and install patch 12944361. Weblogic Server 10.3.6 do not require this patch

Prerequisite Checks Fails When Installing Oracle Identity and Access Management on Oracle Enterprise Linux 6

Prerequisite Checks Fails When Installing Oracle Identity and Access Management on Oracle Enterprise Linux 6

When you try to install Oracle Identity and Access Management on an Oracle Enterprise Linux 6 bare metal x64 machine, the prerequisite checks fails.

Workaround:
Start the installer using the -ignoreSysPrereq parameter.

./runInstaller -ignoreSysPrereq

Failed to initialize the application 'wsm-pm' due to error weblogic.applica

Add the wsdl jar file to the WL classpath in the setDomainEnv.cmd

e.g.

set POST_CLASSPATH=%DOMAIN_HOME%\config\soa-infra;%SOA_ORACLE_HOME%\wsdl4j-1.5.2.jar;

Download the jar from http://www.jarfinder.com/index.php/jars/versionInfo/68901

Unable to deploy EJB: tcFormDefinitionOperationsIntf from iam-ejb.jar

activateFormVersion(long, int) - Method in interface Thor.API.Operations.tcFormDefinitionOperationsIntf

Sets the specified version of the specified form as the active version of that form.

how to find SOA verison information command

Navigate to $ORACLE_HOME/Opatch

Execute the command:
perl opatch.pl lsinventory -detail -invPtrLoc <inventory_location> -oh <ORACLE_HOME>

 

madatory patch set command to run before installing OIM 11gR2Ps2 Oracle Fusion Middleware Patch Set Assistant 11.1.1.7.0

running mandatory patch set in SOA to upgrade schema information before installing OIM 11.1.2.0


this patch will upgrade SOA from 11.1.1.7.0 to 11.1.17.2

following command should be under <MW_HOME>/oracle_common/bin

./psa

1.      Click next on welcome screen.

2.      ONLY Select Oracle Platform Security Services.

3.      You have to select both option in order to continue. It is highly recommended to fulfill both of these requirement in order to avoid issue in the future.

a.      Database backup completed.

b.      Database Version is certified by Oracle for Fusion middleware upgrade.

 

4.      Enter all the database related information to connect to database.

a.      Host:porr/service (orasystemsusa.com:1521/orcl)

b.      Enter DBA User Name as Sys as sysdba and password.

c.      Click connect.

d.      Enter domain information that need to be upgraded and enter credentials.

5.      After clicking next you will get screen show that it was able to connect to database using provided credentials.

6.      Click Next.

7.      You will get conformation page than click Upgrade.

8.      Click close once upgrade is completed.

droping SOA domain in 11gR2Ps2 using rcu utility

to drop an SOA schema in 11gR2Ps2 follow these steps

1. go to rcu home
2. run rcu utility (mostly it is under /urc/rcuHome/bin/rcu) as ./rcu
3. click on Drop and click next
4. select domain name that you want to drop.
5. click Ok(it will give you warning that it will delete all the related tablespaces).
6. at final screen click on Drop.
7. once finished click close.
8. verity this domain by login to Sqlplus and searching old schema name.
 

OIM 11gR2SP error Failure occurred in the execution of deployment request with ID '1265037897937' for task '6'. Error is: 'weblogic.application.ModuleException: Exception preparing module: EJBModule(p13n_ejb.jar)

After shutting down one of the managed servers in a multi-server cluster, unable to re-start that managed server due to a WebLogic Portal (WLP) application deployment failure. The managed server can be started after deleting (undeploying) the WLP application that it hosts.  Any attempt to deploy the application results in the following errors and the application won't deploy:

Error:

<Error> <Deployer> <TDAB-MAWLP-CP02> <wlpServer2> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1265037908033> <BEA-149265> <Failure occurred in the execution of deployment request with ID '1265037897937' for task '6'. Error is: 'weblogic.application.ModuleException: Exception preparing module: EJBModule(p13n_ejb.jar)
Unable to deploy EJB: PropertySetManager from p13n_ejb.jar:
Exception while attempting to deploy Unchecked or Excluded Security Policy: weblogic.security.service.ResourceCreationException: weblogic.security.spi.ResourceCreationException: [Security:090310]Failed to create resource
weblogic.application.ModuleException: Exception preparing module: EJBModule(p13n_ejb.jar)
Unable to deploy EJB: PropertySetManager from p13n_ejb.jar:
Exception while attempting to deploy Unchecked or Excluded Security Policy: weblogic.security.service.ResourceCreationException: weblogic.security.spi.ResourceCreationException: [Security:090310]Failed to create resource
...
weblogic.ejb20.interfaces.PrincipalNotFoundException: Exception while attempting to deploy Unchecked or Excluded Security Policy: weblogic.security.service.ResourceCreationException: weblogic.security.spi.ResourceCreationException: [Security:090310]Failed to create resource


Note: This issue is only possibly when WLP uses Embedded LDAP.  In WLP versions 10.3.2 and above, WLP should be using the RDBMS Security Store in place of the Embedded LDAP in which case this issue wouldn't exist.  However, the RDBMS Security Store isn't mandatory so it is still possible to be using the Embedded LDAP.  It is highly recommended that the RDBMS Security Store be used in place of the Embedded LDAP In WLP versions 10.3.2 and above.

CAUSE
Managed server's LDAP is out of sync with the Admin server's master LDAP which causes deployment failures due to corrupt security policies.


SOLUTION
LDAP is stored on all servers, admin and managed.  The admin server has the master copy of LDAP and any updates get pushed out to the managed servers from the admin server.  Sometimes the LDAP in a managed server becomes out of sync with the LDAP on the admin server and can cause deployment issues.  Please make sure the managed servers' LDAPs are in sync with the admin server's LDAP.  This assumes that the LDAP on the admin server is not corrupt.
Backup all LDAP directories on the admin server and the managed servers.  They are located in the server's .../data/ldap directory.
First try the following:
Shut down the managed servers and delete the managed server's ldap folders.
Login to the WLS Console.
Click on the domain in the left panel.
Click on the Security Tab.
Click on the Embedded LDAP Tab.
Select "Refresh Replica At Startup".
Reboot the Admin and managed servers.
This will refresh the managed server's LDAP with the admin server's LDAP.
If the above procedure doesn't work, do the same exact procedure except this time select "Master First" instead of "Refresh Replica At Startup". This will force the managed servers to use the admin server's LDAP.
If the above two don't work then there might be an issue with the admin server LDAP or it could be something totally different. At this time you can try using the automatic LDAP backups. They are located in the server's .../data/ldap/backup directory.  Use the most recent backups from each server and make sure the timestamps are from the same date.  Notice that these files are just the files from the .../data/ldap/ldapfiles directory.  Those are the only files that need to be replaced.  The only risk with going to a backed up LDAP is that it might be out of sync with the DB.  LDAP and the DB need to be in sync with each other.  So if you go to an older LDAP backup it might be out of sync with the DB, unless you restore the DB from the same time period.

weblogic Migrated from WLS 8 to WLS 10.3.4. error to upload .jar file

<Error> <Deployer> <BEA-149205> <Failed to initialize the application 'xxxxxxx' due to error weblogic.application.ModuleException: Exception preparing module: EJBModule(Deployer.jar)
Unable to deploy EJB: AcseraEJB from Deployer.jar:
weblogic/ejb20/internal/StatefulEJBHome
weblogic.application.ModuleException: Exception preparing module: EJBModule(Deployer.jar)
Unable to deploy EJB: xxxxxEJB from Deployer.jar:
weblogic/ejb20/internal/StatefulEJBHome
  at weblogic.ejb.container.deployer.EJBModule.prepare(EJBModule.java:469)
  at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
  at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
  at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
  at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
Truncated. see log file for complete stacktrace
Caused By: java.lang.ClassNotFoundException: weblogic.ejb20.internal.StatefulEJBHome
  at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:297)
  at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:270)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
  at weblogic.utils.classloaders.GenericClassLoader.loadClass(GenericClassLoader.java:179)
Truncated. see log file for complete stacktrace

 Reason:
weblogic.ejb20.internal.StatefulEJBHome class was present in WLS8, but the same class in later versions of WebLogic is renamed to weblogic.ejb.container.internal.StatelessEJBHome

Solution:
whenever you are deploying an application built in WLS 8 to later versions, we must re-compile the EJB Modules in the later version of WebLogic Server

oim 11.1.2.0.1 BP01, Self Service Console Does Not Start with Error " Unable to find class Unable to find class 'oracle.iam.ui.homepage.listener.HomepagePersonalizationPhaseListener

after installation of 11.1.2.0.1 BP01, the self service console fails to start with the following cause in the stack trace:

Cause: Unable to find class 'oracle.iam.ui.homepage.listener.HomepagePersonalizationPhaseListener'

 

changes to OIM

installation of BP01

 

 

reason

The lifecycle component added to the faces-config.xml is not compatible with all environments:

 

Solution

 

 

 

In the environment's $ORACLE_HOME/OIM/user_projects/domains/$USER_DOMAIN/servers/ there should be a temporary directory where the ear file was unpacked.  It will be something similar to:

tmp/_WL_user/oracle.iam.console.identity.self-service.ear_V2.0

Under this ear file, there will be a faces-config.xml. 

To find this on Unix you can use the command

 to get the exact location.

 

find . -name faces-config.xml

 

1.  Back up a copy of the faces-config.xml
2.  Remove these lines from the remaining faces-config.xml
 <lifecycle>
  <phase-listener>oracle.iam.ui.homepage.listener.HomepagePersonalizationPhaseListener</phase-listener>
</lifecycle>
3.  Try to start the self service application from the weblogic console.