Install OAM10g on RHEL5.4

最新推荐文章于 2022-11-28 13:16:23 发布

leoly521

最新推荐文章于 2022-11-28 13:16:23 发布

阅读量1.3k

点赞数

CC 4.0 BY-SA版权

文章标签： server manager access encryption oracle authentication

本文链接：https://blog.youkuaiyun.com/leoly521/article/details/6138743

本文介绍在Red Hat Enterprise Linux 5.4系统中安装配置Oracle Access Manager (OAM) 的过程，包括系统环境搭建、安装Sun Java System Directory Server、Apache 2.0.x以及OAM各组件的具体步骤。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

一、环境
    OS: Red Hat Enterprise Linux 5.4
    IP Address: 10.100.100.160
    FQDN: oiam.sttg-poc.com

二、RHEL5.4系统安装
安装Redhat Linux的过程比较简单,我选用的Linux版本是Redhat Enterprise Linux 5.4,因需装Oracle10g,系统环境需求如下:
    RAM:1GB(最低需求512MB)
    SWAP:2GB
必须安装以下系统组件:GNOME桌面环境、编辑器、开发工具、开发库等.
    A) desktop environments:
    gnome desktop environment
    B) applications:
    editer
    C) development:
    development libraries
    development tools
    gnome software development
    D) servers:
    不安装
    E) base system:
    base
    x windows system
    F) cluster storage:
    不安装
    G) clustering:
    不安装
    H) virtualization：
    不安装

三、安装Sun Java System Directory Server 5.2 P4
进入Xwindows图形界面并开始安装
[root@oiam ~]# /media/cdrom/setup

Fully Qualified Computer Name: oiam.sttg-poc.com

Select Server or Console Installation
[X] Sun Java(TM) System Servers

Type of Installation
[X]Custom

Select installation directory
/app/sunDirectory

Sun Java(TM) System Directory Server User and Group
System User: root
System Group: root

Configuration Directory Server
[X]The new instance will be the configuration Directory Server

Data Storage Location
[X]Store data in the new Directory Server

Directory Server Settings
Server Identifier: oiam
Server Port: 10389
Suffix: dc=sttg-poc, dc=com

Configuration Directory Server Administartor
Administartor ID: admin
Password: ********
Password (again): ********

Administration Domain
Administration Domain: sttg-poc.com

Directory Manager Settings
Directory Manager DN: cn=Directory Manager
Password: ********
Password (again): ********

Create Sample Entries
[X]Create Sample Organizational Structure

Populate Suffix
[X]Populate with sample data

Administration Server Port Selection
Administartion Port: 10390

安装过程中，会报一个找不到libdb.so.3的错误，不用理会。

启动SunDirectory目录服务守护进程（slapd-serverID）和管理服务器守护进程（admin-serv）
[root@oiam ~]# /app/sunDirectory/slapd-oiam/start-slapd
[root@oiam ~]# /app/sunDirectory/start-admin
停止
[root@oiam ~]# /app/sunDirectory/slapd-oiam/stop-slapd
[root@oiam ~]# /app/sunDirectory/stop-admin
运行控制台(必须在Xwindows下)
[root@oiam ~]# /app/sunDirectory/startconsole

指定Sun Directory环境路径:
[root@oiam ~]# vi /etc/bashrc
加入：
export PATH=$PATH:/app/sunDirectory

创建启动停止脚本
[root@oiam ~]# vi /app/sun.sh
#!/bin/sh
# description: Sun Directory Server start&stop&restart script.
#
SUN_HOME=/app/sunDirectory
SUN_SVRID=oiam

if [ ! -f $SUN_HOME/start-admin ] ; then
echo "/$SUN_HOME setting is error."
exit
fi

if [ ! -f ${SUN_HOME}/slapd-${SUN_SVRID}/start-slapd ] ; then
echo "/$SUN_SVRID setting is error."
exit
fi

case "$1" in
'start')
    echo "Starting the Sun Directory Server..."
    ${SUN_HOME}/slapd-${SUN_SVRID}/start-slapd
    echo "Starting the Sun Directory Admin..."
    $SUN_HOME/start-admin
    ;;
'stop')
    echo "Stoping the Sun Directory Admin..."
    $SUN_HOME/stop-admin
    echo "Stoping the Sun Directory Server..."
    ${SUN_HOME}/slapd-${SUN_SVRID}/stop-slapd
    ;;
'restart')
    $0 stop
    $0 start
    ;;
*)
    echo $"Usage: $0 {start|stop|restart}"
    exit 1
esac
[root@oiam ~]# chmod 775 /app/sun.sh

运行sunDirectory控制台
[root@oiam ~]# /app/sunDirectory/startconsole
为OAM创建一个Administrator帐号为:OAM Admin，uid=oamadmin

四、安装Apache 2.0.x
使用开放的LAMPP，下载LAMPP
http://sourceforge.net/projects/xampp/files/XAMPP%20Linux/1.4.16/xampp-linux-1.4.16.tar.gz/download

解压缩安装：
[root@oiam ~]# tar xzvf xampp-linux-1.4.16.tar.gz /opt

启动Apache
[root@oiam ~]# /opt/lampp/lampp start
停止Apache
[root@oiam ~]# /opt/lampp/lampp stop

注意：安装Identity Server和WebPass及WebGate等组件时，选择运行进程的User必须一致，运行
编辑 /opt/lampp/etc/httpd.conf 文件:
[root@oiam ~]# vi /opt/lampp/etc/httpd.conf
找到
User nobody
Group nogroup
替换为
User nobody
Group nobody

五、安装OAM
1) 安装 OIM Identity Server
将GCC运行库libgcc_s.so.1和libstdc++.so.5复制到/tmp/gcc32目录
将OAM安装文件（包括语言包）复制到 /tmp/oaminst，包括：
Oracle_Access_Manager10_1_4_3_0_linux_Access_Server
Oracle_Access_Manager10_1_4_3_0_linux_APACHE2_Policy_Manager
Oracle_Access_Manager10_1_4_3_0_linux_APACHE2_WebPass
Oracle_Access_Manager10_1_4_3_0_linux_Identity_Server
Oracle_Access_Manager10_1_4_3_0_ZH_linux_LP_Access_System
Oracle_Access_Manager10_1_4_3_0_ZH_linux_LP_Identity_System
[root@oiam ~]# cd /tmp/oaminst
[root@oiam oaminst]# chmod +x *

启动 Sun Directory:
[root@oiam ~]# /app/sun.sh start

开始安装：
[root@oiam oaminst]# ./Oracle_Access_Manager10_1_4_3_0_linux_Identity_Server

The product that you are about to install needs to be owned by a dedicated
user. Only root or the dedicated user may be able to start the service. Most
of the time the server is run as `root' or `nobody'.
Enter the username the Identity server is running as [nobody]
Enter the Group for the above username [nobody]

Please specify the installation directory for Oracle Access Manager 10.1.4.3.0
Identity Server.
Please specify a directory name or press Enter [/opt/netpoint] /app/OAM

Please select the following: 1. The default language for the current
installation. 2. The locales that you would like to be installed.

Please choose one of the languages as the default language
[X] 1 - English
[ ] 2 - Simplified Chinese

Please select the languages that you would like to be installed
[X] 1 - Simplified Chinese

Oracle Access Manager 10.1.4.3.0 Identity Server will be installed in the
following location:
/app/OAM/identity
for a total size:
416.1 MB
Please make a note of the Oracle Access Manager 10.1.4.3.0 Identity Server
installation directory: /app/OAM/identity because you will need to refer to it
in the future.

To proceed with installation of Oracle Access Manager 10.1.4.3.0 Identity
Server and for successfully running the product, you must install additional
GCC runtime libraries, namely libgcc_s.so.1 and libstdc++.so.5. Note that
these libraries should be compatible with GCC 3.3.2. The libraries are
available for download from either of the following locations -
http://metalink.oracle.com (requires login), or
http://www.oracle.com/technology/products/ias/index.html. Once these libraries
are locally available, please specify the directory containing the files and
proceed with the installation.

Location of GCC runtime libraries []: /tmp/gcc32

|-----------|-----------|-----------|------------|
0% 25% 50% 75% 100%
||||||||||||||||||||||||||||||||||||||||||||||||||

Specify the transport security mode between the WebPass/Identity client and
the Identity Server.
[X] 1 - Open Mode: No Encryption
[ ] 2 - Simple Mode: Encryption through SSL and a Public Key Certificate
[ ] 3 - Cert Mode: Encryption through SSL and a Public Key Certificate

Please provide the Identity Server ID, host name, and port number for the
Identity Server connection. You must use a unique ID for each Identity Server
you install.

   Identity Server ID [] IdSvr_OIAM
   Host name where the Identity Server is to be installed [] oiam.sttg-poc.com
   Port number the Identity Server listens to [6022]

Is this the first Identity Server installation in the network for this LDAP
directory server? If it is the first Identity Server you will be guided
through screens to setup the Directory Server.
[X] 1 - Yes
[ ] 2 - No

Please select the appropriate options if you want to setup SSL between the
Identity Server and the Directory Server
[ ] 1 - Directory Server hosting user data is in SSL
[ ] 1 - Directory Server hosting Oracle data is in SSL

The Identity Server connects to an LDAP enabled directory server to store your
User Data. Choose the appropriate directory server below, and choose Next to
continue the installation process.

Directory Server Type
[ ] 1 - Oracle Internet Directory
[X] 2 - Sun Directory Server 5.x
[ ] 3 - NDS
[ ] 4 - Active Directory
[ ] 5 - Active Directory on Windows Server 2003
[ ] 6 - Active Directory Application Mode
[ ] 7 - Siemens DirX
[ ] 8 - IBM Directory Server
[ ] 9 - Data Anywhere

The Identity Server connects to an LDAP enabled directory server to store your
User and Oracle Data. Are the User and Oracle Data stored in different
directory servers? Choose the appropriate option and then choose Next to
continue the installation process.

Are Oracle and user data separate?
[X] 1 - Oracle data will be in the user data directory.
[ ] 2 - Oracle data will be in a separate directory.

Your directory server schema must be extended to include the Oracle Access
Manager schema. You may automatically update the schema now or manually update
the schema using instructions provided later. Do you want to automatically
extend the schema now?
[X] 1 - Yes
[ ] 2 - No

   Host machine or IP in which the directory server resides [] oiam.sttg-poc.com
   Port Number (For SSL connection, please provide the encrypted port) [] 10389
   Root DN (e.g. cn=Directory Manager) [] cn=Directory Manager
   Root Password

Oracle Access Manager 10.1.4.3.0 Identity Server has been successfully
installed.
Identity Server has been configured successfully. Please start your Identity
Server by running /app/OAM/identity/oblix/apps/common/bin/start_ois_server
program from command line.
Identity Server Setup Information
Transport Security: open
Identity Server Host Name: oiam.sttg-poc.com
Identity Server ID: IdSvr
Port Number: 6022

启动OAM Identity Server:
[root@oiam ~]# /app/OAM/identity/oblix/apps/common/bin/start_ois_server_nptl
如果要使用 /app/OAM/identity/oblix/apps/common/bin/start_ois_server 去启动，报“error while loading shared libraries: libnsl.so.1”错误，需要修改 start_ois_server 脚本
[root@oiam ~]# vi /app/OAM/identity/oblix/apps/common/bin/start_ois_server
将：
LD_ASSUME_KERNEL="2.4.19";
export LD_ASSUME_KERNEL ;
修改为：
# LD_ASSUME_KERNEL="2.4.19";
# export LD_ASSUME_KERNEL ;

停止使用 /app/OAM/identity/oblix/apps/common/bin/stop_ois_server 脚本

2) 安装 OIM WebPass (确保OAM Identity Server已经启动)
[root@oiam oaminst]# ./Oracle_Access_Manager10_1_4_3_0_linux_APACHE2_WebPass

The product that you are about to install needs to be owned by the same user
as the web server is running as. Most of the time the web server is run as
`root' or `nobody'. Doing a `ps' on the server process is a quick way to find
out who the owner is.
Enter the username the web server is running as [nobody]
Enter the Group for the above username [nobody]

Please specify the installation directory for Oracle Access Manager 10.1.4.3.0
WebPass.
Please specify a directory name or press Enter
[/opt/netpoint/webcomponent] /app/OAM/webcomponent

Please select the following: 1. The default language for the current
installation. 2. The locales that you would like to be installed.
Please choose one of the languages as the default language
[X] 1 - English
[ ] 2 - Simplified Chinese

Please select the languages that you would like to be installed
[X] 1 - Simplified Chinese

Oracle Access Manager 10.1.4.3.0 WebPass will be installed in the following
location:
/app/OAM/webcomponent/identity
for a total size:
170.9 MB
Please make a note of the Oracle Access Manager 10.1.4.3.0 WebPass
installation directory: /app/OAM/webcomponent/identity because you will need
to refer to it in the future.

To proceed with installation of Oracle Access Manager 10.1.4.3.0 WebPass and
for successfully running the product, you must install additional GCC runtime
libraries, namely libgcc_s.so.1 and libstdc++.so.5. Note that these libraries
should be compatible with GCC 3.3.2. The libraries are available for download
from either of the following locations - http://metalink.oracle.com (requires
login), or http://www.oracle.com/technology/products/ias/index.html. Once
these libraries are locally available, please specify the directory containing
the files and proceed with the installation.
Location of GCC runtime libraries []: /tmp/gcc32

|-----------|-----------|-----------|------------|
0% 25% 50% 75% 100%
||||||||||||||||||||||||||||||||||||||||||||||||||

Please provide the WebPass ID, host name, and port number for the WebPass
connection. You must use a unique ID for each WebPass you install.
   WebPass ID [] WebPass_OIAM
   Host name where the Identity Server is installed [] oiam.sttg-poc.com
   Port number the Identity Server listens to [6022]

Oracle Access Manager 10.1.4.3.0 WebPass is installed under your Oracle Access
Manager 10.1.4.3.0 WebPass installation directory. In order to use the Oracle
Access Manager 10.1.4.3.0 WebPass module, configure your web server by
modifying the configuration in your web server directory. Oracle can
automatically update the configuration for you. Alternatively, you can
manually update it.
Proceed with automatic update of "httpd.conf"?
[X] 1 - Yes
[ ] 2 - No

Enter the absolute path of httpd.conf in your Web Server config
directory.
(e.g. "/export/apache/conf/httpd.conf") [] /opt/lampp/etc/httpd.conf

Updating web server configuration...

-------------------------------------------------------------------------------
Please read the information below.

        If the web server is setup in SSL mode, then httpd.conf file needs to be
        configured with the SSL related parameters. To manually tune your SSL
        configuration, please follow the instructions that come up.

Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1]

-------------------------------------------------------------------------------
Configure Web Server

        Please launch a browser and open the /app/OAM/webcomponent/identity
        /oblix/lang/en-us/docs/config.htm document for further information on
        configuring your Web Server.

确定sunDirectory, OAM Identity Server，已经启动：
[root@oiam ~]# /app/sun.sh start
[root@oiam ~]# /app/OAM/identity/oblix/apps/common/bin/start_ois_server
并重启Apache:
[root@oiam ~]# /opt/lampp/lampp restart

打开IE浏览器，访问http://oiam.sttg-poc.com/identity/oblix, 点击Identity System Console 显示“System Console Application is not set up”，点击"setup"开始配置

Directory Server Type containing User Data
选择 "Sun Directory Server 5.x"

Location Of Directory Server with User Data 输入以下：
    Host: oiam.sttg-poc.com
    Port Number: 10389
    Root DN: cn=Directory Manager
    Root Password: ********
    Directory Server Security Mode: Open
    Is the Configuration data stored in this directory also? Yes

Location of Configuration Data and the Oracle Access Manager Searchbase
Configuration DN: dc=sttg-poc,dc=com
Search base: dc=sttg-poc,dc=com

Person Object Class
Person Object Class: inetOrgPerson
Auto configure objectclass: X

Group Object Class
Group Object Class: groupOfUniqueNames
Auto configure objectclass: X

当提示"Please restart both your Identity Server and Web Server."重启OAM Identity Server和Web Server:
[root@oiam ~]# /app/OAM/identity/oblix/apps/common/bin/stop_ois_server
[root@oiam ~]# /app/OAM/identity/oblix/apps/common/bin/start_ois_server
[root@oiam ~]# /opt/lampp/lampp restart

点击"Next"后，如何没有反响，可以刷新一下页面

显示"Is the following configuration correct for objectclass 'inetOrgPerson'?" 选择"Yes"

显示"Is the following configuration correct for objectclass 'groupOfUniqueNames'?"时，选择"Yes"

Configure Administrators，在Master Admins选择: OAM Admin

重新访问"Identity System Console", 使用oamadmin帐号登录测试

3) 安装 OIM Policy Manager
[root@oiam oaminst]# ./Oracle_Access_Manager10_1_4_3_0_linux_APACHE2_Policy_Manager

Please specify the installation directory for Oracle Access Manager 10.1.4.3.0
Policy Manager. Access Manager must be configured on the same Web server
instance as WebPass, and installed in the same directory as WebPass. For
example, if you specified /SunOne/doc as the install directory for WebPass, it
was installed in /SunOne/docs/identity. You must now specify /SunOne/docs as
the installation directory for Access Manager install.
Please specify a directory name or press Enter
[/opt/netpoint/webcomponent] /app/OAM/webcomponent

Please select the languages that you would like to be installed
[X] 1 - Simplified Chinese

Oracle Access Manager 10.1.4.3.0 Policy Manager will be installed in the
following location:
/app/OAM/webcomponent/access
for a total size:
230.4 MB
Please make a note of the Oracle Access Manager 10.1.4.3.0 Policy Manager
installation directory: /app/OAM/webcomponent/access because you will need to
refer to it in the future.

To proceed with installation of Oracle Access Manager 10.1.4.3.0 Policy
Manager and for successfully running the product, you must install additional
GCC runtime libraries, namely libgcc_s.so.1 and libstdc++.so.5. Note that
these libraries should be compatible with GCC 3.3.2. The libraries are
available for download from either of the following locations -
http://metalink.oracle.com (requires login), or
http://www.oracle.com/technology/products/ias/index.html. Once these libraries
are locally available, please specify the directory containing the files and
proceed with the installation.
Location of GCC runtime libraries []: /tmp/gcc32

|-----------|-----------|-----------|------------|
0% 25% 50% 75% 100%
||||||||||||||||||||||||||||||||||||||||||||||||||

The Policy Manager connects to an LDAP enabled directory server to store
Policy Data. Choose the appropriate directory server below for policy data,
and choose Next to continue the installation process.

If your policy data is in a separate directory server, Oracle schema needs to
be added to this directory server. This program can automatically update the
configuration for you. Alternatively, you can manually update the schema
through the instructions given to you at setup time. If your policy data is
in a separate directory server from either the directory server containing
Oracle configuration data or user data, do you want to automatically configure
your Directory Server containing Policy data now?
[X] 1 - Yes
[ ] 2 - No

Please provide information for the Directory Server containing Policy Data
   Host machine or IP in which the Directory Server for Policy Data resides
   [] oiam.sttg-poc.com
   Port Number (For SSL connection, please provide the encrypted port) [] 10389
   Root DN (e.g. cn=Directory Manager) [] cn=Directory Manager
   Root Password
Update through SSL connection?
[ ] 1 - Yes
[X] 2 - No

Updating directory schema to Directory Server oiam.sttg-poc.com:10389 ...
There is an error. Please try again.
Error 68: Oracle Access Manager System Configuration already exists on the
specified LDAP directory server.
-------------------------------------------------------------------------------
Would you like to run it again?
[ ] 1 - Yes
[X] 2 - No
(提示配置已经存在，选择不再配置)

[ ] 1 - Directory Server hosting user data is in SSL
[ ] 1 - Directory Server hosting Oracle data is in SSL
[ ] 1 - Directory Server hosting Policy data is in SSL

Specify the transport security mode between this Access Manager and Access
Servers that you plan to install in the future.

Specify the transport security mode
[X] 1 - Open Mode: No Encryption
[ ] 2 - Simple Mode: Encryption through SSL and a Public Key Certificate
[ ] 3 - Cert Mode: Encryption through SSL and a Public Key Certificate

Oracle Access Manager 10.1.4.3.0 Policy Manager is installed under your Oracle
Access Manager 10.1.4.3.0 Policy Manager installation directory. In order to
use the Oracle Access Manager 10.1.4.3.0 Policy Manager module, configure your
web server by modifying the configuration in your web server directory. Oracle
can automatically update the configuration for you. Alternatively, you can
manually update it.

Proceed with automatic update of "httpd.conf"?
[X] 1 - Yes
[ ] 2 - No

   Enter the absolute path of httpd.conf in your Web Server config
   directory.
    (e.g. "/export/apache/conf/httpd.conf") [/opt/lampp/etc/httpd.conf] /opt/lampp/etc/httpd.conf

Updating web server configuration...

-------------------------------------------------------------------------------
Please read the information below.

    If the web server is setup in SSL mode, then httpd.conf file needs to be
    configured with the SSL related parameters. To manually tune your SSL
    configuration, please follow the instructions that come up.

Configure Web Server

    Please launch a browser and open the /app/OAM/webcomponent/access
    /oblix/lang/en-us/docs/config.htm document for further information on
    configuring your Web Server.

重启Apache:
[root@oiam ~]# /opt/lampp/lampp restart

打开IE浏览器，访问http://oiam.sttg-poc.com/access/oblix, 点击Access System Console 显示“Administration Console Application is not set up”，点击"setup"开始配置

User Directory Server Type, 选择: Sun Directory Server 5.x

Location Of Directory Server for User Data
    Machine: oiam.sttg-poc.com
    Port Number: 10389
    Root DN: cn=Directory Manager
    Root Password: ********
    Directory Server Security Mode: Open

Directory Server Type containing Configuration data, 选择: Sun Directory Server 5.x

Directory Server containing User Data and Directory Server containing Configuration Data
[X] Store Configuration Data in the User Directory Server
[ ] Store Configuration Data in a separate Directory Server

Directory Server containing User Data and Directory Server containing Policy Data
[X] Store Policy Data in the User Directory Server
[ ] Store Policy Data in a separate Directory Server

Location Of Oracle Access Manager Configuration data, the Searchbase, and the Policybase
Directory Server = oiam.sttg-poc.com : 10389
    Search Base: dc=sttg-poc,dc=com
    Configuration DN: dc=sttg-poc,dc=com
    Policy Base: dc=sttg-poc,dc=com

Person Object Class
Person Object Class: inetOrgPerson

显示"Please restart your web server. IIS Users must first halt the IIS Admin Service in the services control panel before restarting the web server."时，重启Apache
[root@oiam ~]# /opt/lampp/lampp restart

Root Directory for Policy Domains
Policy Domain Root: /

Configure Authentication Schemes
Do you want to configure Authentication Schemes? Yes
Which Authentication Scheme(s) do you want to configure?
[X] Basic Over LDAP [X] Client Certificate

Configure Policies to Protect NetPoint Identity System and Access Manager
Do you want to configure policies to protect Access System related URL's ? Yes

Securing Data Directories
To maintain security of the user data, you must protect some Oracle Access Manager directories against unauthorized access. Use Oracle Access Manager to control access to certain directories.

Three directories in the installation area must be protected:

    <installation directory>/access/oblix/data
    <installation directory>/access/oblix/config
    <installation directory>/access/oblix/logs
    Refer to the Oracle Access Manager Administration Guide for information about protecting these resources.

Installation Complete

Oracle Access Manager installation is now complete.

Please restart the Identity server and web server before proceeding.
Note: If you are using IIS, you must stop the IIS Admin Service in the services control panel before restarting the web server.

--------------------------------------------------------------------------------

    Configuring Identity and Access Policy Domains
    For both these domains, check default authentication rule and change it if needed. If Oracle Access Manager is running against an AD forest, you may need to change the authentication scheme for default authentication rules from "Oracle Access and Identity Basic Over LDAP" to "Oracle Access and Identity For AD Forest".
    For both domains, check the default authorization rule and if needed modify it to restrict access.
    Check the 'Anonymous' scheme used in the policies authentication rule and change it to use some other scheme if needed.
    Check the 'OblixAnonymous' user definition and if necessary, modify it to some other user.
    Add host IDs to the URL prefixes of policy domains.
    Modify actions if Identity user type handling needs to happen through actions.
    If you are doing xml->html translation at browser side, add "*.xsl" to the policy unprotecting common gifs and javascripts.
    You must enable these policy domains to work.

3) 安装 OIM Access Server
Pre-installation:
访问 http://oiam.sttg-poc.com/access/oblix -> Acess System Console -> Access System Configuration
(用户: oamadmin)
选择 Access Server Configuration, 点击 Add:
    Name: AccessSvr_OIAM
    Hostname: oiam.sttg-poc.com
    Port: 6021
    Access Management Service: On
    其它使用默认

开始安装:
[root@oiam oaminst]# ./Oracle_Access_Manager10_1_4_3_0_linux_Access_Server
The product that you are about to install needs to be owned by a dedicated
user. Only root or the dedicated user may be able to start the service. Most
of the time the server is run as `root' or `nobody'.
Enter the username the Access server is running as [nobody]
Enter the Group for the above username [nobody]

Please specify the installation directory for Oracle Access Manager 10.1.4.3.0
Access Server.
Please specify a directory name or press Enter [/opt/netpoint] /app/OAM

Please select the languages that you would like to be installed
[X] 1 - Simplified Chinese

To proceed with installation of Oracle Access Manager 10.1.4.3.0 Access Server
and for successfully running the product, you must install additional GCC
runtime libraries, namely libgcc_s.so.1 and libstdc++.so.5. Note that these
libraries should be compatible with GCC 3.3.2. The libraries are available for
download from either of the following locations - http://metalink.oracle.com
(requires login), or http://www.oracle.com/technology/products/ias/index.html.
Once these libraries are locally available, please specify the directory
containing the files and proceed with the installation.
Location of GCC runtime libraries []: /tmp/gcc32

Specify the transport security mode between the WebGate/Access client and the
Access Server.
[X] 1 - Open Mode: No Encryption
[ ] 2 - Simple Mode: Encryption through SSL and a Public Key Certificate
[ ] 3 - Cert Mode: Encryption through SSL and a Public Key Certificate

|-----------|-----------|-----------|------------|
0% 25% 50% 75% 100%
||||||||||||||||||||||||||||||||||||||||||||||||||

The Access Server connects to an LDAP enabled directory server for Oracle
Data. Please provide following information for the directory server and choose
Next to continue the installation process.
Mode in which the Directory Server containing Oracle configuration data is
running
[X] 1 - Open
[ ] 2 - SSL

   Host machine on which the Directory Server containing Oracle
   configuration data resides [] oiam.sttg-poc.com
   Port number on which the Directory Server containing Oracle
   configuration data resides [] 10389
   Root DN of the Directory Server containing Oracle configuration data
   (e.g. cn=Directory Manager) [] cn=Directory Manager
   Root Password of the Directory Server containing Oracle configuration data {password}

Type of the Directory Server containing Oracle configuration data
[ ] 1 - Sun Directory Server 5.x
[ ] 2 - NDS
[ ] 3 - Active Directory
[ ] 4 - Active Directory Application Mode
[ ] 5 - Siemens DirX
[ ] 6 - IBM Directory Server
[X] 7 - Oracle Internet Directory

Where is the Policy data stored?
[X] 1 - Oracle Directory
[ ] 2 - Separate Directory

Please provide the Access Server ID, Configuration DN, and Policy Base for the
Access Server. You must use a unique ID for each Access Server you install.
   Access Server ID [] AccessSvr_OIAM
   Configuration DN [] dc=sttg-poc,dc=com
   Policy Base [] dc=sttg-poc,dc=com

Oracle Access Manager 10.1.4.3.0 Access Server has been successfully
installed. Access Server has been configured successfully. Please start your
Access Server by running
/app/OAM/access/oblix/apps/common/bin/start_access_server program from command
line. If your Access Server requires a password to start, please provide the
password through the -P option.

启动OAM Access Server:
[root@oiam ~]# /app/OAM/access/oblix/apps/common/bin/start_access_server_nptl
如果要使用 /app/OAM/access/oblix/apps/common/bin/start_access_server 去启动，报“error while loading shared libraries: libnsl.so.1”错误，需要修改 start_access_server 脚本
[root@oiam ~]# vi /app/OAM/access/oblix/apps/common/bin/start_access_server
将：
LD_ASSUME_KERNEL="2.4.19";
export LD_ASSUME_KERNEL ;
修改为：
# LD_ASSUME_KERNEL="2.4.19";
# export LD_ASSUME_KERNEL ;

停止使用 /app/OAM/access/oblix/apps/common/bin/stop_access_server 脚本

创建启动停止脚本
[root@oiam ~]# vi /app/oam.sh
#!/bin/sh
# description: OAM start&stop&restart script.
#
OAM_HOME=/app/OAM
WEBSVR_SHELL=/opt/lampp/lampp

if [ ! -f $OAM_HOME/identity/oblix/apps/common/bin/start_ois_server ] ; then
    echo "/$OAM_HOME setting is error."
    exit
fi
if [ ! -f $WEBSVR_SHELL ] ; then
    echo "/$WEBSVR_SHELL setting is error."
    exit
fi

case "$1" in
'start')
    # Start the OAM Identity Server:
    $OAM_HOME/identity/oblix/apps/common/bin/start_ois_server
    $OAM_HOME/access/oblix/apps/common/bin/start_access_server
    sleep 5
    $WEBSVR_SHELL start
    ;;
'stop')
    # Stop the OIM Server:
    $WEBSVR_SHELL stop
    $OAM_HOME/identity/oblix/apps/common/bin/stop_ois_server
    $OAM_HOME/access/oblix/apps/common/bin/stop_access_server
    ;;
'restart')
    $0 stop
    sleep 2
    $0 start
    ;;
*)
    echo $"Usage: $0 {start|stop|restart}"
    exit 1
esac
[oracle@oiam ~]$ chmod 775 /app/oam.sh