Wednesday, July 26, 2006
Install Oracle Application Server 10g Linux RedHat AS 3.0
A) Pre-install:
NOTE: Do not use vnc connection to server to run Oracle installer
1. Check memory - at least 1GB for full install
$ grep MemTotal /proc/meminfo
2. Check disk space - at least 4.5GB
$ df -H
3. Check swap space - at least 1.5GB
$ grep SwapTotal /proc/meminfo
4. Check display capabilities - at least depths=8bits pp
$ /usr/X11R6/bin/xdpyinfo
5. Linux requirements
5a. software packages:
The minimum supported kernel and glibc versions are:
kernel 2.4.21-4-EL
glibc-2.3.2-95.3
Required versions of packages (same or newer required)
gcc-3.2.3-20
setarch-1.3-1
pdksh-5.2.14
openmotif21-2.1.30-8
gnome-libs-1.4.1.2.90-34.1
compat-glibc-7.x-2.2.4.32.5
compat-gcc-7.3-2.96.122
compat-libstdc++-7.3-2.96.122
compat-libstdc++-devel-7.3-2.96.122
compat-gcc-c++-7.3-2.96.122
sysstat-4.0.7
Execute this to determine if packages are present:
$ rpm -q setarch sysstat openmotif21 ORBit \
libpng10 gnome-libs compat-glibc compat-gcc compat-gcc-c++ \
compat-libstdc++ compat-libstdc++-devel
If packages are not installed then install them from:
* From RedHat AS3 Disk 2
$ cd /mnt/cdrom/RedHat/RPMS
$ rpm -Uvh setarch-1.3-1.i386.rpm
$ rpm -Uvh sysstat-4.0.7-4.i386.rpm
* From RedHat AS3 Disk 3
$ cd /mnt/cdrom/RedHat/RPMS
$ rpm -Uvh openmotif21-2.1.30-8.i386.rpm
$ rpm -Uvh ORBit-0.5.17-10.4.i386.rpm
$ rpm -Uvh libpng10-1.0.13-8.i386.rpm
$ rpm -Uvh gnome-libs-1.4.1.2.90-34.1.i386.rpm
$ rpm -Uvh compat-glibc-7.x-2.2.4.32.5.i386.rpm \
compat-gcc-7.3-2.96.122.i386.rpm \
compat-gcc-c++-7.3-2.96.122.i386.rpm \
compat-libstdc++-7.3-2.96.122.i386.rpm \
compat-libstdc++-devel-7.3-2.96.122.i386.rpm
Note: For Redhat 3.0, the equivalent version of openmotif 2.1.30-8 is
openmotif21-2.1.30-8. The openmotif21-2.1.30-8 package can be installed from disk number 3
of the Redhat 3.0 distribution by entering:
$ rpm -ivh openmotif21-2.1.30-8
5b. Check Linux release - should be "Red Hat Enterprise Linux AS release 3 (Taroon)"
$ cat /etc/issue
5c. Symbolic link for gc and g++:
Check:
$ cd /usr/bin
$ ls -l gcc g++
If these links do not exist, create them as follows:
1. Create a backup of the existing files:
$ mv /usr/bin/gcc /usr/bin/gcc.backup
$ mv /usr/bin/g++ /usr/bin/g++.backup
2. Create the symbolic links:
$ ln -s /usr/bin/gcc296 /usr/bin/gcc
$ ln -s /usr/bin/g++296 /usr/bin/g++
After this, "$ ls -l gcc g++" should give these links
... g++ -> /usr/bin/g++296
... gcc -> /usr/bin/gcc296
You can restore the original files if required, however you must recreate the links as
described in this procedure for Oracle Application Server to relink properly.
5d. If the hugemem kernel is used, set the architecture using following command:
$ setarch i386
6. Setup kernel parameters, limits and ports
6a. First check parameters and make a note of the current values and identify any values
that you must change:
$ /sbin/sysctl -a | grep sem
$ /sbin/sysctl -a | grep shm
$ /sbin/sysctl -a | grep msg
$ /sbin/sysctl -a | grep file-max
$ /sbin/sysctl -a | grep ip_local_port_range
6b. Then change them if necessary:
Add the following lines to the /etc/sysctl.conf file:
kernel.shmall = 2097152
kernel.shmmax = 2147483648
kernel.shmmni = 4096
# semaphores: semmsl, semmns, semopm, semmni
kernel.sem = 256 32000 100 142
fs.file-max = 131072
net.ipv4.ip_local_port_range = 20000 65000
kernel.msgmni = 2878
kernel.msgmax = 8192
kernel.msgmnb = 65535
Note: The semmns parameter should be set to the sum of the PROCESSES initialization
parameter for each Oracle database, adding the largest one twice, and then adding an
additional 10 for each database.
Note: If the current value for any parameter is higher than the value listed in this table,
do not change the value of that parameter
Run the following command to change the current kernel parameters:
$ /sbin/sysctl -p
Run the following command to check the current kernel parameters have been sucessfully changed:
$ /sbin/sysctl -a
6c. Set Shell Limits for the oracle User - Bourne or Bash Shell Limit:
Add the following lines to /etc/security/limits.conf file where -> represents the tab character:
* -> -> soft -> nproc -> -> 16384
* -> -> hard -> nproc -> -> 16384
* -> -> soft -> nofile -> -> 65536
* -> -> hard -> nofile -> -> 65536
Add the following line to the /etc/pam.d/login file, if it does not already exist:
session required /lib/security/pam_limits.so
Next, depending on the oracle user's default shell, make the following changes
to the default shell start-up file:
- For the Bourne, Bash, or Korn shell, add the following lines to the /etc/profile file:
if [ $USER = "oracle" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 16384
else
ulimit -u 16384 -n 16384
fi
fi
-For the C or tcsh shell, add the following lines to the /etc/csh.login file:
if ( $USER == "oracle" ) then
limit maxproc 16384
limit descriptors 16384
endif
6d. Setup ports
In the default configuration of the operating system, the /etc/services file includes
ports 389 and 636 (for LDAP and LDAP/SSL). These happen to be the default ports for
Oracle Internet Directory. This means that if you want to use these port numbers for
Oracle Internet Directory, you must either delete or comment out these lines in
the /etc/services file. To comment out a line, add a # at the beginning of the line:
# ldap 389/tcp # Lightweight Directory Access Protocol
# ldap 389/udp # Lightweight Directory Access Protocol
# ldaps 636/tcp # LDAP protocol over TLS/SSL (was sldap)
# ldaps 636/udp # LDAP protocol over TLS/SSL (was sldap)
If you do not comment out or remove the lines from /etc/services, then the installer
will not assign ports 389 and 636. It assigns a number from the port number range for
Oracle Internet Directory.
7. Create oracle user, groups and Oracle directories:
7a. Check if Oracle inventory directory already exists on server:
check /etc/oraInst.loc file. This file lists the location of the inventory directory
and the group who owns it. If the file does not exist, the computer does not have
Oracle products installed on it.
7b. If necessary, create the new groups and users:
$ groupadd -g 500 oinstall
$ groupadd -g 501 dba
$ groupadd oper
$ useradd -u 502 -g oinstall -G dba oracle -s /bin/bash
$ passwd oracle
Check groups in which oracle user belongs:
$ groups oracle
7c. Create the directories in which the Oracle software will be installed:
$ mkdir -p /u01/app/oracle/product/10g_infra
$ mkdir -p /u01/app/oracle/product/10g_as
$ chown -R oracle.oinstall /u01
8. Apply patch no. 3006854: This patch creates the /etc/libcwait.so file and appends
the following line to the /etc/ld.so.preload file:
/etc/libcwait.so
$ su -
# cd /home/oracle/patch/oracle/3006854/
# chmod 777 rhel3_pre_install.sh
# ./rhel3_pre_install.sh
Note: Patch No.3006854 download from updates.oracle.com
$ wget ftp://metalink_user:password@updates.oracle/3006854/p3006854_9204_LINUX.zip
9. Setup of environment variables for installation:
9a. Check existing environment variables
$ env
9b. Check variables when su - check the environment variables when you are the new user
because the environment variables might not be passed to the new user:
$ /* root user */
$ su - oracle
$ env
9c. Setup variables if necessary:
ORACLE_HOME and ORACLE_SID - Does not matter (the installer unsets these two environment variables).
PATH, CLASSPATH, and Shared Library Path Environment Variables (LD_LIBRARY_PATH) - Must not contain
references to directories in any Oracle home directories
DISPLAY - Set it to the monitor where you want to the installer window to appear.
$ DISPLAY=test.mydomain.com:0.0; export DISPLAY
You can test the display by running the xclock program:
$ /usr/openwin/bin/xclock &
TMP and TMPDIR - Optional. If unset, defaults to /tmp.
$ TMP=/tmp2; export TMP
$ TMPDIR=/tmp2; export TMPDIR
TNS_ADMIN - Unset
$ unset TNS_ADMIN
Note: The /etc and the /var/opt/oracle directories must not contain a tnsnames.ora file.
ORA_NLS - Unset
$ unset ORA_NLS
LD_BIND_NOW (Linux Only) - Unset
$ unset LD_BIND_NOW
*** Example .bash_profile (only for installation, check out post-install section):
# Oracle Settings
TMP=/tmp; export TMP
TMPDIR=$TMP; export TMPDIR
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASE
ORACLE_HOME=$ORACLE_BASE/product/904_infra; export ORACLE_HOME
ORACLE_TERM=xterm; export ORACLE_TERM
PATH=/usr/sbin:$ORACLE_HOME/bin:$PATH; export PATH
PATH=$PATH:$ORACLE_HOME/dcm/bin:$ORACLE_HOME/opmn/bin; export PATH
PATH=$PATH:$ORACLE_HOME/Apache/Apache/bin; export PATH
export CLASSPATH
unset TNS_ADMIN
unset ORA_NLS
unset LD_BIND_NOW
...
You need to apply changes in .bash_profile (as oracle user in term window)
$ . .bash_profile
10. The /etc/hosts File:
The installer reads the /etc/hosts file to construct the location of the default
Identity Management realm. It displays this location in the "Specify Namespace in
Internet Directory" screen.
The /etc/hosts file should use the following format:
ip_address fully_qualified_hostname short_hostname
Example:
123.45.67.89 primaryHost.mydomain.com primaryHost
In the previous example, the location of the default Identity Management realm would look
like "dc=mydomain,dc=com".
If the file uses a different format, the installer displays an incorrect value in the
screen. For example, if the /etc/hosts contains:
123.45.67.89 primaryHost primaryHost.mydomain.com <--- incorrect format
the installer would display "dc=primaryHost,dc=com" as the default Identity Management realm.
This is probably not the value that you want for the default Identity Management realm.
11. Mount Oracle Application Server Installation CD:
CD should be auto-mounted, but just in case it doesn't:
$ mount -t iso9660 /dev/cdrom /mnt/cdrom
B) Installation:
1. Login as oracle user
2. Run the Oracle Universal Installer:
$ cd
$ mount_point/runInstaller
3a. If you plan to install both the OracleAS Metadata Repository and the Identity Management
components all on the same computer, select the "Identity Management and OracleAS Metadata
Repository" option.
3b. If you plan to install the infrastructure components on separate computers, you must
install them in this order:
1. Install the OracleAS Metadata Repository (You can have the installer create a new database
and populate it with the OracleAS Metadata Repository, or you can run the Oracle Application
Server Repository Creation Assistant ("OracleAS RepCA") to install the OracleAS Metadata
Repository in an existing database.
Note that you cannot register the OracleAS Metadata Repository with Oracle Internet Directory
at this point, because you do not have an Oracle Internet Directory yet. The registration is
done in the next step. )
2. Install the Identity Management components
Note: If you did not configure a component during installation (that is, you did not select
the component in the Select Configuration Options screen), you *can* configure some components
after installation. You *cannot* configure Oracle Internet Directory after installation.
You need to install and configure Oracle Internet Directory through the installer.
4. Installing OracleAS Infrastructure 10g:
4a. Start up the installer and complete the first few screens
4b. In the Select Installation Type screen, select Identity Management and OracleAS
Metadata Repository.
4c. Select Configuration Options:
Select Oracle Internet Directory.
Select OracleAS Single Sign-On.
Select Delegated Administration Services.
Select Oracle Directory Integration and Provisioning.
Select OracleAS Certificate Authority if you want to configure your own certificate
authority which can issue certificates for users and servers.
Do not select High Availability Addressing.
Click Next.
4d. Specify Namespace in Internet Directory:
Select the suggested namespace, or enter a custom namespace for the location of the
default Identity Management realm.
Note: The distinguished name (DN) that you specify on this screen will be designated as
the namespace in Oracle Internet Directory where users and groups are administered. Select
the suggested namespace if it meets your deployment requirements. If not, enter a DN that
you want in the custom namespace field. The installer determines the suggested namespace
from the /etc/hosts file.
4e. OracleAS Certificate Authority screens:
Note: Only if you select OracleAS Certificate Authority in the Select Configuration
Options screen, the installer displays screens where you need to enter OracleAS Certificate
Authority information.
Note: Note that you cannot install more than one OracleAS Certificate Authority against the same
OracleAS Metadata Repository.
4e1. Select OracleAS Metadata Repository:
This screen appears only if you are configuring OracleAS Certificate Authority and you
are using an existing Oracle Internet Directory and you are using an existing OracleAS
Metadata Repository. The Oracle Internet Directory must contain the registration for
the OracleAS Metadata Repository that you want to use.
Select the OracleAS Metadata Repository that you want OracleAS Certificate Authority to use.
Click Next.
4e2. Specify OCA Distinguished Name:
Typical DN: Use this section if your DN uses only the attributes listed in this section.
You do not have to fill in all the attributes specified in this section. Only
the o (organization) attribute is required. Note that the (single quote) character
is not a valid character in any of the attributes.
Common name (cn): Enter the name that you want on the certificate. This name must be
different from your hostname. Example: John Doe.
Organizational unit (ou): Enter the name of your division or department. Example: Sales.
Organization (o): Enter the name of your company or organization. Example: Oracle.
Country (c): Select your country from the drop-down list.
Custom DN: If your DN uses attributes not listed in the Typical DN section, specify
your DN in this section.
Click Next.
4e3. Select OCA Key Length:
Key Length (bits): Select the key length used in RSA algorithm to sign all certificates
issued by OracleAS Certificate Authority. Oracle recommends that you use at least
a 2048-bit key length. Longer key lengths provide greater security, but require
more time to issue each new certificate.
Click Next.
4e4. Specify OCA Administrators Password:
You need this password to manage OracleAS Certificate Authority. This password is
also used by the OracleAS Certificate Authority Configuration Assistant.
You can change the password after installation using the ocactl command. See the OracleAS Certificate Authority Online Help for details.
Click Next.
4f. Oracle9i Database screens:
Enter information for the OracleAS Metadata Repository database.
4f1. Specify Database Identification:
Global Database Name: Enter a name for the OracleAS Metadata Repository database.
Append the domain name of your computer to the database name.
Example: asdb.mydomain.com
SID: Enter the system identifier for the OracleAS Metadata Repository database. Typically
this is the same as the global database name, but without the domain name. The SID must
be unique across all databases. The SID cannot be longer than eight characters.
Example: asdb
Click Next.
4f2. Use default values from now on
4g. Specify OracleAS Instance Name and ias_admin Password
5. Post Infrastructure Installation
On completion of the infrastructure installation connect to the Enterprise Manager
Website (http://:1810) using the username "ias_admin" and
the password you assigned during the installation. If EM is not available start it with
the "emctl start iasconsole" command. Check that all the components are started before
proceeding to the portal installation.
6. Installing Portal and Wireless or Business Intelligence and Forms
6a. Install in different oracle home than infrastructure
NOTE: Do not use vnc connection to server to run Oracle installer
1. Check memory - at least 1GB for full install
$ grep MemTotal /proc/meminfo
2. Check disk space - at least 4.5GB
$ df -H
3. Check swap space - at least 1.5GB
$ grep SwapTotal /proc/meminfo
4. Check display capabilities - at least depths=8bits pp
$ /usr/X11R6/bin/xdpyinfo
5. Linux requirements
5a. software packages:
The minimum supported kernel and glibc versions are:
kernel 2.4.21-4-EL
glibc-2.3.2-95.3
Required versions of packages (same or newer required)
gcc-3.2.3-20
setarch-1.3-1
pdksh-5.2.14
openmotif21-2.1.30-8
gnome-libs-1.4.1.2.90-34.1
compat-glibc-7.x-2.2.4.32.5
compat-gcc-7.3-2.96.122
compat-libstdc++-7.3-2.96.122
compat-libstdc++-devel-7.3-2.96.122
compat-gcc-c++-7.3-2.96.122
sysstat-4.0.7
Execute this to determine if packages are present:
$ rpm -q setarch sysstat openmotif21 ORBit \
libpng10 gnome-libs compat-glibc compat-gcc compat-gcc-c++ \
compat-libstdc++ compat-libstdc++-devel
If packages are not installed then install them from:
* From RedHat AS3 Disk 2
$ cd /mnt/cdrom/RedHat/RPMS
$ rpm -Uvh setarch-1.3-1.i386.rpm
$ rpm -Uvh sysstat-4.0.7-4.i386.rpm
* From RedHat AS3 Disk 3
$ cd /mnt/cdrom/RedHat/RPMS
$ rpm -Uvh openmotif21-2.1.30-8.i386.rpm
$ rpm -Uvh ORBit-0.5.17-10.4.i386.rpm
$ rpm -Uvh libpng10-1.0.13-8.i386.rpm
$ rpm -Uvh gnome-libs-1.4.1.2.90-34.1.i386.rpm
$ rpm -Uvh compat-glibc-7.x-2.2.4.32.5.i386.rpm \
compat-gcc-7.3-2.96.122.i386.rpm \
compat-gcc-c++-7.3-2.96.122.i386.rpm \
compat-libstdc++-7.3-2.96.122.i386.rpm \
compat-libstdc++-devel-7.3-2.96.122.i386.rpm
Note: For Redhat 3.0, the equivalent version of openmotif 2.1.30-8 is
openmotif21-2.1.30-8. The openmotif21-2.1.30-8 package can be installed from disk number 3
of the Redhat 3.0 distribution by entering:
$ rpm -ivh openmotif21-2.1.30-8
5b. Check Linux release - should be "Red Hat Enterprise Linux AS release 3 (Taroon)"
$ cat /etc/issue
5c. Symbolic link for gc and g++:
Check:
$ cd /usr/bin
$ ls -l gcc g++
If these links do not exist, create them as follows:
1. Create a backup of the existing files:
$ mv /usr/bin/gcc /usr/bin/gcc.backup
$ mv /usr/bin/g++ /usr/bin/g++.backup
2. Create the symbolic links:
$ ln -s /usr/bin/gcc296 /usr/bin/gcc
$ ln -s /usr/bin/g++296 /usr/bin/g++
After this, "$ ls -l gcc g++" should give these links
... g++ -> /usr/bin/g++296
... gcc -> /usr/bin/gcc296
You can restore the original files if required, however you must recreate the links as
described in this procedure for Oracle Application Server to relink properly.
5d. If the hugemem kernel is used, set the architecture using following command:
$ setarch i386
6. Setup kernel parameters, limits and ports
6a. First check parameters and make a note of the current values and identify any values
that you must change:
$ /sbin/sysctl -a | grep sem
$ /sbin/sysctl -a | grep shm
$ /sbin/sysctl -a | grep msg
$ /sbin/sysctl -a | grep file-max
$ /sbin/sysctl -a | grep ip_local_port_range
6b. Then change them if necessary:
Add the following lines to the /etc/sysctl.conf file:
kernel.shmall = 2097152
kernel.shmmax = 2147483648
kernel.shmmni = 4096
# semaphores: semmsl, semmns, semopm, semmni
kernel.sem = 256 32000 100 142
fs.file-max = 131072
net.ipv4.ip_local_port_range = 20000 65000
kernel.msgmni = 2878
kernel.msgmax = 8192
kernel.msgmnb = 65535
Note: The semmns parameter should be set to the sum of the PROCESSES initialization
parameter for each Oracle database, adding the largest one twice, and then adding an
additional 10 for each database.
Note: If the current value for any parameter is higher than the value listed in this table,
do not change the value of that parameter
Run the following command to change the current kernel parameters:
$ /sbin/sysctl -p
Run the following command to check the current kernel parameters have been sucessfully changed:
$ /sbin/sysctl -a
6c. Set Shell Limits for the oracle User - Bourne or Bash Shell Limit:
Add the following lines to /etc/security/limits.conf file where -> represents the tab character:
* -> -> soft -> nproc -> -> 16384
* -> -> hard -> nproc -> -> 16384
* -> -> soft -> nofile -> -> 65536
* -> -> hard -> nofile -> -> 65536
Add the following line to the /etc/pam.d/login file, if it does not already exist:
session required /lib/security/pam_limits.so
Next, depending on the oracle user's default shell, make the following changes
to the default shell start-up file:
- For the Bourne, Bash, or Korn shell, add the following lines to the /etc/profile file:
if [ $USER = "oracle" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 16384
else
ulimit -u 16384 -n 16384
fi
fi
-For the C or tcsh shell, add the following lines to the /etc/csh.login file:
if ( $USER == "oracle" ) then
limit maxproc 16384
limit descriptors 16384
endif
6d. Setup ports
In the default configuration of the operating system, the /etc/services file includes
ports 389 and 636 (for LDAP and LDAP/SSL). These happen to be the default ports for
Oracle Internet Directory. This means that if you want to use these port numbers for
Oracle Internet Directory, you must either delete or comment out these lines in
the /etc/services file. To comment out a line, add a # at the beginning of the line:
# ldap 389/tcp # Lightweight Directory Access Protocol
# ldap 389/udp # Lightweight Directory Access Protocol
# ldaps 636/tcp # LDAP protocol over TLS/SSL (was sldap)
# ldaps 636/udp # LDAP protocol over TLS/SSL (was sldap)
If you do not comment out or remove the lines from /etc/services, then the installer
will not assign ports 389 and 636. It assigns a number from the port number range for
Oracle Internet Directory.
7. Create oracle user, groups and Oracle directories:
7a. Check if Oracle inventory directory already exists on server:
check /etc/oraInst.loc file. This file lists the location of the inventory directory
and the group who owns it. If the file does not exist, the computer does not have
Oracle products installed on it.
7b. If necessary, create the new groups and users:
$ groupadd -g 500 oinstall
$ groupadd -g 501 dba
$ groupadd oper
$ useradd -u 502 -g oinstall -G dba oracle -s /bin/bash
$ passwd oracle
Check groups in which oracle user belongs:
$ groups oracle
7c. Create the directories in which the Oracle software will be installed:
$ mkdir -p /u01/app/oracle/product/10g_infra
$ mkdir -p /u01/app/oracle/product/10g_as
$ chown -R oracle.oinstall /u01
8. Apply patch no. 3006854: This patch creates the /etc/libcwait.so file and appends
the following line to the /etc/ld.so.preload file:
/etc/libcwait.so
$ su -
# cd /home/oracle/patch/oracle/3006854/
# chmod 777 rhel3_pre_install.sh
# ./rhel3_pre_install.sh
Note: Patch No.3006854 download from updates.oracle.com
$ wget ftp://metalink_user:password@updates.oracle/3006854/p3006854_9204_LINUX.zip
9. Setup of environment variables for installation:
9a. Check existing environment variables
$ env
9b. Check variables when su - check the environment variables when you are the new user
because the environment variables might not be passed to the new user:
$ /* root user */
$ su - oracle
$ env
9c. Setup variables if necessary:
ORACLE_HOME and ORACLE_SID - Does not matter (the installer unsets these two environment variables).
PATH, CLASSPATH, and Shared Library Path Environment Variables (LD_LIBRARY_PATH) - Must not contain
references to directories in any Oracle home directories
DISPLAY - Set it to the monitor where you want to the installer window to appear.
$ DISPLAY=test.mydomain.com:0.0; export DISPLAY
You can test the display by running the xclock program:
$ /usr/openwin/bin/xclock &
TMP and TMPDIR - Optional. If unset, defaults to /tmp.
$ TMP=/tmp2; export TMP
$ TMPDIR=/tmp2; export TMPDIR
TNS_ADMIN - Unset
$ unset TNS_ADMIN
Note: The /etc and the /var/opt/oracle directories must not contain a tnsnames.ora file.
ORA_NLS - Unset
$ unset ORA_NLS
LD_BIND_NOW (Linux Only) - Unset
$ unset LD_BIND_NOW
*** Example .bash_profile (only for installation, check out post-install section):
# Oracle Settings
TMP=/tmp; export TMP
TMPDIR=$TMP; export TMPDIR
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASE
ORACLE_HOME=$ORACLE_BASE/product/904_infra; export ORACLE_HOME
ORACLE_TERM=xterm; export ORACLE_TERM
PATH=/usr/sbin:$ORACLE_HOME/bin:$PATH; export PATH
PATH=$PATH:$ORACLE_HOME/dcm/bin:$ORACLE_HOME/opmn/bin; export PATH
PATH=$PATH:$ORACLE_HOME/Apache/Apache/bin; export PATH
export CLASSPATH
unset TNS_ADMIN
unset ORA_NLS
unset LD_BIND_NOW
...
You need to apply changes in .bash_profile (as oracle user in term window)
$ . .bash_profile
10. The /etc/hosts File:
The installer reads the /etc/hosts file to construct the location of the default
Identity Management realm. It displays this location in the "Specify Namespace in
Internet Directory" screen.
The /etc/hosts file should use the following format:
ip_address fully_qualified_hostname short_hostname
Example:
123.45.67.89 primaryHost.mydomain.com primaryHost
In the previous example, the location of the default Identity Management realm would look
like "dc=mydomain,dc=com".
If the file uses a different format, the installer displays an incorrect value in the
screen. For example, if the /etc/hosts contains:
123.45.67.89 primaryHost primaryHost.mydomain.com <--- incorrect format
the installer would display "dc=primaryHost,dc=com" as the default Identity Management realm.
This is probably not the value that you want for the default Identity Management realm.
11. Mount Oracle Application Server Installation CD:
CD should be auto-mounted, but just in case it doesn't:
$ mount -t iso9660 /dev/cdrom /mnt/cdrom
B) Installation:
1. Login as oracle user
2. Run the Oracle Universal Installer:
$ cd
$ mount_point/runInstaller
3a. If you plan to install both the OracleAS Metadata Repository and the Identity Management
components all on the same computer, select the "Identity Management and OracleAS Metadata
Repository" option.
3b. If you plan to install the infrastructure components on separate computers, you must
install them in this order:
1. Install the OracleAS Metadata Repository (You can have the installer create a new database
and populate it with the OracleAS Metadata Repository, or you can run the Oracle Application
Server Repository Creation Assistant ("OracleAS RepCA") to install the OracleAS Metadata
Repository in an existing database.
Note that you cannot register the OracleAS Metadata Repository with Oracle Internet Directory
at this point, because you do not have an Oracle Internet Directory yet. The registration is
done in the next step. )
2. Install the Identity Management components
Note: If you did not configure a component during installation (that is, you did not select
the component in the Select Configuration Options screen), you *can* configure some components
after installation. You *cannot* configure Oracle Internet Directory after installation.
You need to install and configure Oracle Internet Directory through the installer.
4. Installing OracleAS Infrastructure 10g:
4a. Start up the installer and complete the first few screens
4b. In the Select Installation Type screen, select Identity Management and OracleAS
Metadata Repository.
4c. Select Configuration Options:
Select Oracle Internet Directory.
Select OracleAS Single Sign-On.
Select Delegated Administration Services.
Select Oracle Directory Integration and Provisioning.
Select OracleAS Certificate Authority if you want to configure your own certificate
authority which can issue certificates for users and servers.
Do not select High Availability Addressing.
Click Next.
4d. Specify Namespace in Internet Directory:
Select the suggested namespace, or enter a custom namespace for the location of the
default Identity Management realm.
Note: The distinguished name (DN) that you specify on this screen will be designated as
the namespace in Oracle Internet Directory where users and groups are administered. Select
the suggested namespace if it meets your deployment requirements. If not, enter a DN that
you want in the custom namespace field. The installer determines the suggested namespace
from the /etc/hosts file.
4e. OracleAS Certificate Authority screens:
Note: Only if you select OracleAS Certificate Authority in the Select Configuration
Options screen, the installer displays screens where you need to enter OracleAS Certificate
Authority information.
Note: Note that you cannot install more than one OracleAS Certificate Authority against the same
OracleAS Metadata Repository.
4e1. Select OracleAS Metadata Repository:
This screen appears only if you are configuring OracleAS Certificate Authority and you
are using an existing Oracle Internet Directory and you are using an existing OracleAS
Metadata Repository. The Oracle Internet Directory must contain the registration for
the OracleAS Metadata Repository that you want to use.
Select the OracleAS Metadata Repository that you want OracleAS Certificate Authority to use.
Click Next.
4e2. Specify OCA Distinguished Name:
Typical DN: Use this section if your DN uses only the attributes listed in this section.
You do not have to fill in all the attributes specified in this section. Only
the o (organization) attribute is required. Note that the (single quote) character
is not a valid character in any of the attributes.
Common name (cn): Enter the name that you want on the certificate. This name must be
different from your hostname. Example: John Doe.
Organizational unit (ou): Enter the name of your division or department. Example: Sales.
Organization (o): Enter the name of your company or organization. Example: Oracle.
Country (c): Select your country from the drop-down list.
Custom DN: If your DN uses attributes not listed in the Typical DN section, specify
your DN in this section.
Click Next.
4e3. Select OCA Key Length:
Key Length (bits): Select the key length used in RSA algorithm to sign all certificates
issued by OracleAS Certificate Authority. Oracle recommends that you use at least
a 2048-bit key length. Longer key lengths provide greater security, but require
more time to issue each new certificate.
Click Next.
4e4. Specify OCA Administrators Password:
You need this password to manage OracleAS Certificate Authority. This password is
also used by the OracleAS Certificate Authority Configuration Assistant.
You can change the password after installation using the ocactl command. See the OracleAS Certificate Authority Online Help for details.
Click Next.
4f. Oracle9i Database screens:
Enter information for the OracleAS Metadata Repository database.
4f1. Specify Database Identification:
Global Database Name: Enter a name for the OracleAS Metadata Repository database.
Append the domain name of your computer to the database name.
Example: asdb.mydomain.com
SID: Enter the system identifier for the OracleAS Metadata Repository database. Typically
this is the same as the global database name, but without the domain name. The SID must
be unique across all databases. The SID cannot be longer than eight characters.
Example: asdb
Click Next.
4f2. Use default values from now on
4g. Specify OracleAS Instance Name and ias_admin Password
5. Post Infrastructure Installation
On completion of the infrastructure installation connect to the Enterprise Manager
Website (http://
the password you assigned during the installation. If EM is not available start it with
the "emctl start iasconsole" command. Check that all the components are started before
proceeding to the portal installation.
6. Installing Portal and Wireless or Business Intelligence and Forms
6a. Install in different oracle home than infrastructure
