Validating the Fusion Applications Security Components During Installations and Upgrades

Introduction

 

When installing or upgrading Fusion Applications, it is necessary to validate the security components to ensure that they are functioning correctly. This article provides a list of tasks that can be performed to accomplish this. The order of tasks below follow the dependency that the components have on each other so that if a fault is found the problematic component can be more easily identified. Prior to beginning validation, the components should be started in the following order:

 

  1. Database Listener
    Database
    Oracle Internet Directory Server (OID)
    Oracle Virtual Directory Server (OVD)
    Node Manager
    WebLogic Server (WLS)
    WLS Managed Servers (Oracle Directory Services Manager, Oracle Access Manager, Oracle Identity Manager, Oracle Service Oriented Architecture)
    Oracle HTTP Server (OHS)

 

Database

 

1. Check Database Listener

Check that the listener process is up:

[oracle@tester bin]$ ps -ef | grep LISTENER
oracle    5211     1  0 09:17 ?        00:00:00 /u01/app/oracle/idmdb/dbhome_1/bin/tnslsnr LISTENER -inherit
oracle    5238  5118  0 09:19 pts/1    00:00:00 grep LISTENER

Confirm that the listener is listening on the expected TCP port for the database:

[oracle@tester bin]$ netstat -an 1521 | grep 1521
tcp        0      0 :::1521                     :::*                        LISTEN
unix  2      [ ACC ]     STREAM     LISTENING     19247  /var/tmp/.oracle/sEXTPROC1521

2. Check Database Processes

Check that the database processes are up:

[oracle@tester bin]$ ps -ef | grep idmdb
oracle    5211     1  0 09:17 ?        00:00:00 /u01/app/oracle/idmdb/dbhome_1/bin/tnslsnr LISTENER -inherit
oracle    5389     1  0 09:23 ?        00:00:00 ora_pmon_idmdb
oracle    5391     1  0 09:23 ?        00:00:00 ora_psp0_idmdb
oracle    5394     1  0 09:23 ?        00:00:00 ora_vktm_idmdb
oracle    5398     1  0 09:23 ?        00:00:00 ora_gen0_idmdb
oracle    5400     1  0 09:23 ?        00:00:00 ora_diag_idmdb
oracle    5402     1  0 09:23 ?        00:00:00 ora_dbrm_idmdb
oracle    5404     1  0 09:23 ?        00:00:00 ora_dia0_idmdb
oracle    5406     1  9 09:23 ?        00:00:10 ora_mman_idmdb
oracle    5408     1  0 09:23 ?        00:00:00 ora_dbw0_idmdb
oracle    5410     1  0 09:23 ?        00:00:00 ora_lgwr_idmdb
oracle    5412     1  0 09:23 ?        00:00:00 ora_ckpt_idmdb
oracle    5414     1  0 09:23 ?        00:00:00 ora_smon_idmdb
oracle    5416     1  0 09:23 ?        00:00:00 ora_reco_idmdb
oracle    5418     1  0 09:23 ?        00:00:00 ora_mmon_idmdb
oracle    5420     1  0 09:23 ?        00:00:00 ora_mmnl_idmdb
oracle    5422     1  0 09:23 ?        00:00:00 ora_d000_idmdb
oracle    5424     1  0 09:23 ?        00:00:00 ora_s000_idmdb
oracle    5538     1  0 09:24 ?        00:00:00 ora_qmnc_idmdb
oracle    5553     1  0 09:24 ?        00:00:00 ora_cjq0_idmdb
oracle    5598     1  0 09:24 ?        00:00:00 ora_q000_idmdb
oracle    5602     1  0 09:24 ?        00:00:00 ora_q001_idmdb
oracle    5625     1  0 09:25 ?        00:00:00 ora_j000_idmdb
oracle    5627     1  0 09:25 ?        00:00:00 ora_j001_idmdb
oracle    5629     1  0 09:25 ?        00:00:00 ora_j002_idmdb
oracle    5635  5118  0 09:25 pts/1    00:00:00 grep idmdb

3. Perform tnsping on Database from Database and OID Servers

On the database server:

[oracle@tester bin]$ ./tnsping idmdb
TNS Ping Utility for Linux: Version 11.2.0.3.0 – Production on 21-OCT-2013 09:28:21
Copyright (c) 1997, 2011, Oracle.  All rights reserved.
Used parameter files:
Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = tester.mycompany.com)(PORT = 1521))) (CONNECT_DATA = (SERVICE_NAME = idmdb)))
OK (30 msec)

On the OID server:

[oracle@tester bin]$ export ORACLE_HOME=/u01/app/oracle/product/fmw/idm
[oracle@tester config]$ $ORACLE_HOME/bin/tnsping //tester.mycompany.com:1521/idmdb
TNS Ping Utility for Linux: Version 11.1.0.7.0 – Production on 21-OCT-2013 09:38:18
Copyright (c) 1997, 2008, Oracle.  All rights reserved.
Used parameter files:
Used HOSTNAME adapter to resolve the alias
Attempting to contact (DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=idmdb))(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.217.142)(PORT=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.217.142)(PORT=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.217.142)(PORT=1521)))
OK (10 msec)

If OAM, OIM and SOA are on different servers, it is recommended that a similar check be made for them as well.

 

Oracle Internet Directory (OID)

 

1. Check that LDAP/LDAPS Listeners and Processes are Up

For OID, use opmnctl and netstat to check the ports:

[oracle@tester bin]$ ./opmnctl status -l
Processes in Instance: oid1
———————————+——————–+———+———-+————+———-+———–+——
ias-component                    | process-type       |     pid | status   |        uid |  memused |    uptime | ports
———————————+——————–+———+———-+————+———-+———–+——
oid1                             | oidldapd           |    6135 | Alive    |  345332946 |   846788 |   0:00:26 | N/A
oid1                             | oidldapd           |    6131 | Alive    |  345332945 |   846916 |   0:00:26 | N/A
oid1                             | oidldapd           |    6127 | Alive    |  345332944 |   909764 |   0:00:26 | N/A
oid1                             | oidldapd           |    6115 | Alive    |  345332943 |   845864 |   0:00:27 | N/A
oid1                             | oidldapd           |    6105 | Alive    |  345332942 |   325448 |   0:00:30 | N/A
oid1                             | oidmon             |    6074 | Alive    |  345332941 |   380332 |   0:00:34 | LDAPS:3131,LDAP:3060
EMAGENT                          | EMAGENT            |    6075 | Alive    |  345332940 |    63848 |   0:00:33 | N/A

[oracle@tester bin]$ netstat -an | grep 3060
tcp        0      0 :::3060                     :::*                        LISTEN
[oracle@tester bin]$ netstat -an | grep 3131
tcp        0      0 :::3131                     :::*                        LISTEN

2. Perform ldapbind over LDAP/LDAPS Ports

[oracle@tester bin]$ export ORACLE_HOME=/u01/app/oracle/product/fmw/idm
[oracle@tester config]$ cd $ORACLE_HOME/bin/
[oracle@tester bin]$ ./ldapbind -D cn=orcladmin -q -h tester.mycompany.com -p 3060
Please enter bind password:
bind successful
[oracle@tester bin]$ ./ldapbind -D cn=orcladmin -q -h tester.mycompany.com -p 3131 -U 1
Please enter bind password:
bind successful

3. Perform ldapsearch over LDAP/LDAPS Ports

[oracle@tester bin]$ export ORACLE_HOME=/u01/app/oracle/product/fmw/idm
[oracle@tester config]$ cd $ORACLE_HOME/bin/
[oracle@tester bin]$ ./ldapsearch -D cn=orcladmin -q -h tester.mycompany.com -p 3060 -s sub -b “cn=users,dc=mycompany,dc=com” “cn=oaamadmin”
Please enter bind password:
cn=oaamadmin,cn=Users,dc=mycompany,dc=com
obpasswordexpirydate=2033-01-19T15:23:41Z
objectclass=top
objectclass=person
objectclass=organizationalPerson
objectclass=inetorgperson
objectclass=orcluser
objectclass=orcluserV2
objectclass=orclIDXPerson
objectclass=oblixPersonPwdPolicy
objectclass=oblixOrgPerson
objectclass=OIMPersonPwdPolicy
userpassword={SSHA}7mkhojy5h/QnOBg6jwN2jGwcMk88DIk1d+p4ow==
orclpassword={x- orcldbpwd}1.0:8778E460077C8CAF
authpassword;oid={SASL/MD5}tEPZqagkbB8KzpO3JPZ2Uw==
authpassword;oid={SASL/MD5-DN}Cor4GYRZnQnQDmihNzBYrg==
authpassword;oid={SASL/MD5-U}DSUq+epZuKKFAPTX5aIhQg==
authpassword;orclcommonpwd={MD5}tW4LTqSWIoO+52JSXC1JDw==
authpassword;orclcommonpwd={X- ORCLIFSMD5}Qr85fKpR7fSS8bEKLHt+UQ==
authpassword;orclcommonpwd={X- ORCLWEBDAV}xLe9oAZMJGGaRkYzgWkgPw==
authpassword;orclcommonpwd={X- ORCLLMV}C23413A8A1E7665FC2265B23734E0DAC
authpassword;orclcommonpwd={X- ORCLNTV}CF3A5525EE9414229E66279623ED5C58
orclsamaccountname=oaamadmin
mail=oaamadmin@company.com
orclisenabled=ENABLED
uid=oaamadmin
givenname=oaamadmin
sn=oaamadmin
cn=oaamadmin

[oracle@tester bin]$ ./ldapsearch -D cn=orcladmin -q -h tester.mycompany.com -p 3131 -U 1 -s sub -b “cn=users,dc=mycompany,dc=com” “cn=oaamadmin”
Please enter bind password:
cn=oaamadmin,cn=Users,dc=mycompany,dc=com
obpasswordexpirydate=2033-01-19T15:23:41Z
objectclass=top
objectclass=person
objectclass=organizationalPerson
objectclass=inetorgperson
objectclass=orcluser
objectclass=orcluserV2
objectclass=orclIDXPerson
objectclass=oblixPersonPwdPolicy
objectclass=oblixOrgPerson
objectclass=OIMPersonPwdPolicy
userpassword={SSHA}7mkhojy5h/QnOBg6jwN2jGwcMk88DIk1d+p4ow==
orclpassword={x- orcldbpwd}1.0:8778E460077C8CAF
authpassword;oid={SASL/MD5}tEPZqagkbB8KzpO3JPZ2Uw==
authpassword;oid={SASL/MD5-DN}Cor4GYRZnQnQDmihNzBYrg==
authpassword;oid={SASL/MD5-U}DSUq+epZuKKFAPTX5aIhQg==
authpassword;orclcommonpwd={MD5}tW4LTqSWIoO+52JSXC1JDw==
authpassword;orclcommonpwd={X- ORCLIFSMD5}Qr85fKpR7fSS8bEKLHt+UQ==
authpassword;orclcommonpwd={X- ORCLWEBDAV}xLe9oAZMJGGaRkYzgWkgPw==
authpassword;orclcommonpwd={X- ORCLLMV}C23413A8A1E7665FC2265B23734E0DAC
authpassword;orclcommonpwd={X- ORCLNTV}CF3A5525EE9414229E66279623ED5C58
orclsamaccountname=oaamadmin
mail=oaamadmin@company.com
orclisenabled=ENABLED
uid=oaamadmin
givenname=oaamadmin
sn=oaamadmin
cn=oaamadmin

 

Oracle Virtual Directory (OVD)

 

1. Check that LDAP/LDAPS/Admin Listeners and Processes are Up

For OVD, use opmnctl and netstat to check the ports. Note that OVD also has an Admin port for ODSM connections to OVD:

[oracle@tester bin]$ cd /u01/app/oracle/admin/ovd1/bin/
[oracle@tester bin]$ ./opmnctl startall
opmnctl startall: starting opmn and all managed processes…
[oracle@tester bin]$ ./opmnctl status -l
Processes in Instance: ovd1
———————————+——————–+———+———-+————+———-+———–+——
ias-component                    | process-type       |     pid | status   |        uid |  memused |    uptime | ports
———————————+——————–+———+———-+————+———-+———–+——
ovd1                             | OVD                |   14828 | Alive    |  391195326 |   662832 |   0:00:30 | https:8899,ldap:6501,ldaps:7501
EMAGENT                          | EMAGENT            |   14829 | Alive    |  391195325 |    63848 |   0:00:30 | N/A

[oracle@tester bin]$ netstat -an | grep 6501
tcp        0      0 ::ffff:192.168.217.142:6501 :::*                        LISTEN
[oracle@tester bin]$ netstat -an | grep 7501
tcp        0      0 ::ffff:192.168.217.142:7501 :::*                        LISTEN
[oracle@tester bin]$ netstat -an | grep 8899
tcp        0      0 ::ffff:192.168.217.142:8899 :::*                        LISTEN

2. Perform ldapbind over LDAP/LDAPS Ports

[oracle@tester bin]$ export ORACLE_HOME=/u01/app/oracle/product/fmw/idm
[oracle@tester config]$ cd $ORACLE_HOME/bin/
[oracle@tester bin]$ ./ldapbind -D cn=orcladmin -q -h tester.mycompany.com -p 6501
Please enter bind password:
bind successful
[oracle@tester bin]$ ./ldapbind -D cn=orcladmin -q -h tester.mycompany.com -p 7501 -U 1
Please enter bind password:
bind successful

3. Perform ldapsearch over LDAP/LDAPS Ports

[oracle@tester bin]$ ./ldapsearch -D cn=orcladmin -q -h tester.mycompany.com -p 6501 -s sub -b “cn=users,dc=mycompany,dc=com” “cn=oaamadmin”
Please enter bind password:
cn=oaamadmin,cn=Users,dc=mycompany,dc=com
authpassword;orclcommonpwd={MD5}tW4LTqSWIoO+52JSXC1JDw==
authpassword;orclcommonpwd={X- ORCLIFSMD5}Qr85fKpR7fSS8bEKLHt+UQ==
authpassword;orclcommonpwd={X- ORCLWEBDAV}xLe9oAZMJGGaRkYzgWkgPw==
authpassword;orclcommonpwd={X- ORCLLMV}C23413A8A1E7665FC2265B23734E0DAC
authpassword;orclcommonpwd={X- ORCLNTV}CF3A5525EE9414229E66279623ED5C58
orclisenabled=ENABLED
orclsamaccountname=oaamadmin
sn=oaamadmin
mail=oaamadmin@company.com
userpassword={SSHA}7mkhojy5h/QnOBg6jwN2jGwcMk88DIk1d+p4ow==
givenname=oaamadmin
uid=oaamadmin
authpassword;oid={SASL/MD5}tEPZqagkbB8KzpO3JPZ2Uw==
authpassword;oid={SASL/MD5-DN}Cor4GYRZnQnQDmihNzBYrg==
authpassword;oid={SASL/MD5-U}DSUq+epZuKKFAPTX5aIhQg==
orclpassword={x- orcldbpwd}1.0:8778E460077C8CAF
obpasswordexpirydate=2033-01-19T15:23:41Z
cn=oaamadmin
objectclass=top
objectclass=person
objectclass=organizationalPerson
objectclass=inetorgperson
objectclass=orcluser
objectclass=orcluserV2
objectclass=orclIDXPerson
objectclass=oblixPersonPwdPolicy
objectclass=oblixOrgPerson
objectclass=OIMPersonPwdPolicy

[oracle@tester bin]$ ./ldapsearch -D cn=orcladmin -q -h tester.mycompany.com -p 7501 -U 1 -s sub -b “cn=users,dc=mycompany,dc=com” “cn=oaamadmin”
Please enter bind password:
cn=oaamadmin,cn=Users,dc=mycompany,dc=com
authpassword;orclcommonpwd={MD5}tW4LTqSWIoO+52JSXC1JDw==
authpassword;orclcommonpwd={X- ORCLIFSMD5}Qr85fKpR7fSS8bEKLHt+UQ==
authpassword;orclcommonpwd={X- ORCLWEBDAV}xLe9oAZMJGGaRkYzgWkgPw==
authpassword;orclcommonpwd={X- ORCLLMV}C23413A8A1E7665FC2265B23734E0DAC
authpassword;orclcommonpwd={X- ORCLNTV}CF3A5525EE9414229E66279623ED5C58
orclisenabled=ENABLED
orclsamaccountname=oaamadmin
sn=oaamadmin
mail=oaamadmin@company.com
userpassword={SSHA}7mkhojy5h/QnOBg6jwN2jGwcMk88DIk1d+p4ow==
givenname=oaamadmin
uid=oaamadmin
authpassword;oid={SASL/MD5}tEPZqagkbB8KzpO3JPZ2Uw==
authpassword;oid={SASL/MD5-DN}Cor4GYRZnQnQDmihNzBYrg==
authpassword;oid={SASL/MD5-U}DSUq+epZuKKFAPTX5aIhQg==
orclpassword={x- orcldbpwd}1.0:8778E460077C8CAF
obpasswordexpirydate=2033-01-19T15:23:41Z
cn=oaamadmin
objectclass=top
objectclass=person
objectclass=organizationalPerson
objectclass=inetorgperson
objectclass=orcluser
objectclass=orcluserV2
objectclass=orclIDXPerson
objectclass=oblixPersonPwdPolicy
objectclass=oblixOrgPerson
objectclass=OIMPersonPwdPolicy

 

Node Manager

 

1. Check that Listener and Process are Up

[oracle@tester oracle]$ ps -ef | grep nodemanager
oracle   16666     1  4 10:30 pts/4    00:00:05 /u01/app/oracle/product/fmw/jdk6/jre/bin/java -classpath /u01/app/oracle/product/fmw/jdk6/jre/lib/rt.jar:/u01/app/oracle/product/fmw/jdk6/jre/lib/i18n.jar:/u01/app/oracle/product/fmw/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/app/oracle/product/fmw/patch_ocp371/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/app/oracle/product/fmw/jdk6/lib/tools.jar:/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/weblogic_sp.jar:/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/weblogic.jar:/u01/app/oracle/product/fmw/modules/features/weblogic.server.modules_10.3.6.0.jar:/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/webservices.jar:/u01/app/oracle/product/fmw/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/u01/app/oracle/product/fmw/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:/u01/app/oracle/product/fmw/utils/config/10.3/config-launch.jar:/u01/app/oracle/product/fmw/wlserver_10.3/common/derby/lib/derbynet.jar:/u01/app/oracle/product/fmw/wlserver_10.3/common/derby/lib/derbyclient.jar:/u01/app/oracle/product/fmw/wlserver_10.3/common/derby/lib/derbytools.jar -DListenAddress=ADMINVHN.mycompany.com -DNodeManagerHome=/u01/app/oracle/product/fmw/wlserver_10.3/common/nodemanager -DQuitEnabled=true -DListenPort=5556 weblogic.NodeManager -v
oracle   16895 16543  0 10:32 pts/4    00:00:00 grep nodemanager

[oracle@tester oracle]$ netstat -an | grep 5556
tcp        0      0 ::ffff:192.168.217.142:5556 :::*                        LISTEN

2. Perform nmConnect via WLST

[oracle@tester bin]$ export MW_HOME=/u01/app/oracle/product/fmw
[oracle@tester bin]$ cd $MW_HOME/oracle_common/common/bin
[oracle@tester bin]$ ./wlst.sh
CLASSPATH=/u01/app/oracle/product/fmw/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/app/oracle/product/fmw/patch_ocp371/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/app/oracle/product/fmw/jdk6/lib/tools.jar:/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/weblogic_sp.jar:/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/weblogic.jar:/u01/app/oracle/product/fmw/modules/features/weblogic.server.modules_10.3.6.0.jar:/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/webservices.jar:/u01/app/oracle/product/fmw/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/u01/app/oracle/product/fmw/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar::/u01/app/oracle/product/fmw/oracle_common/modules/oracle.jrf_11.1.1/jrf-wlstman.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/lib/adfscripting.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/lib/adf-share-mbeans-wlst.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/lib/mdswlst.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/auditwlst.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/igfwlsthelp.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/jps-wlst.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/jrf-wlst.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/oamap_help.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/oamAuthnProvider.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/ossoiap_help.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/ossoiap.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/ovdwlsthelp.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/sslconfigwlst.jar:/u01/app/oracle/product/fmw/oracle_common/common/wlst/resources/wsm-wlst.jar:/u01/app/oracle/product/fmw/utils/config/10.3/config-launch.jar::/u01/app/oracle/product/fmw/wlserver_10.3/common/derby/lib/derbynet.jar:/u01/app/oracle/product/fmw/wlserver_10.3/common/derby/lib/derbyclient.jar:/u01/app/oracle/product/fmw/wlserver_10.3/common/derby/lib/derbytools.jar::
Initializing WebLogic Scripting Tool (WLST) …
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
wls:/offline> nmConnect(‘nmAdmin’,’Welcome1′,’tester.mycompany.com’,’5556′,’IDMDomain’,’/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain’)
Connecting to Node Manager …
Successfully Connected to Node Manager.
wls:/nm/IDMDomain> nmStart(‘AdminServer’)
Starting server AdminServer …
Successfully started server AdminServer …
wls:/nm/IDMDomain> nmKill(‘AdminServer’)
Killing server AdminServer …
Successfully killed server AdminServer …
wls:/nm/IDMDomain> exit()
Exiting WebLogic Scripting Tool.
[oracle@tester bin]$

 

WebLogic Server (WLS)

 

1. Check AdminServer Listener and Process

[oracle@tester ~]$ ps -ef | grep AdminServer
oracle   18303 18249 23 10:47 ?        00:02:25 /u01/app/oracle/product/fmw/jdk6/bin/java -jrockit -Xms768m -Xmx1536m -Dweblogic.Name=AdminServer -Djava.security.policy=/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/weblogic.policy -Dweblogic.system.BootIdentityFile=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/AdminServer/security/boot.properties -Dweblogic.nodemanager.ServiceEnabled=true -Xverify:none -da -Dplatform.home=/u01/app/oracle/product/fmw/wlserver_10.3 -Dwls.home=/u01/app/oracle/product/fmw/wlserver_10.3/server -Dweblogic.home=/u01/app/oracle/product/fmw/wlserver_10.3/server -Dcommon.components.home=/u01/app/oracle/product/fmw/oracle_common -Djrf.version=11.1.1 -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Ddomain.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain -Djrockit.optfile=/u01/app/oracle/product/fmw/oracle_common/modules/oracle.jrf_11.1.1/jrocket_optfile.txt -Doracle.server.config.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/servers/AdminServer -Doracle.domain.config.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig -Digf.arisidbeans.carmlloc=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/carml -Digf.arisidstack.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/arisidprovider -Doracle.security.jps.config=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/jps-config.xml -Doracle.deployed.app.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/AdminServer/tmp/_WL_user -Doracle.deployed.app.ext=/- -Dweblogic.alternateTypesDirectory=/u01/app/oracle/product/fmw/iam/oam/agent/modules/oracle.oam.wlsagent_11.1.1,/u01/app/oracle/product/fmw/iam/server/loginmodule/wls,/u01/app/oracle/product/fmw/oracle_common/modules/oracle.ossoiap_11.1.1,/u01/app/oracle/product/fmw/oracle_common/modules/oracle.oamprovider_11.1.1 -Djava.protocol.handler.pkgs=oracle.mds.net.protocol|oracle.fabric.common.classloaderurl.handler|oracle.fabric.common.uddiurl.handler|oracle.bpm.io.fs.protocol -Dweblogic.jdbc.remoteEnabled=false -DOAM_POLICY_FILE=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-policy.xml -DOAM_CONFIG_FILE=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-config.xml -DOAM_ORACLE_HOME=/u01/app/oracle/product/fmw/iam/oam -Doracle.security.am.SERVER_INSTNCE_NAME=AdminServer -Does.jars.home=/u01/app/oracle/product/fmw/iam/oam/server/lib/oes-d8 -Does.integration.path=/u01/app/oracle/product/fmw/iam/oam/server/lib/oeslib/oes-integration.jar -Does.enabled=true -Djavax.xml.soap.SOAPConnectionFactory=weblogic.wsee.saaj.SOAPConnectionFactoryImpl -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Djavax.xml.soap.SOAPFactory=oracle.j2ee.ws.saaj.soap.SOAPFactoryImpl -DXL.HomeDir=/u01/app/oracle/product/fmw/iam/server -Djava.security.auth.login.config=/u01/app/oracle/product/fmw/iam/server/config/authwl.conf -Dorg.owasp.esapi.resources=/u01/app/oracle/product/fmw/iam/server/apps/oim.ear/APP-INF/classes -da:org.apache.xmlbeans… -Didm.oracle.home=/u01/app/oracle/product/fmw/idm -Xms512m -Xmx1024m -Xss512K -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.management.discover=false -Dsoa.archives.dir=/u01/app/oracle/product/fmw/soa/soa -Dsoa.oracle.home=/u01/app/oracle/product/fmw/soa -Dsoa.instance.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain -Dtangosol.coherence.clusteraddress=227.7.7.9 -Dtangosol.coherence.clusterport=9778 -Dtangosol.coherence.log=jdk -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Dweblogic.transaction.blocking.commit=true -Dweblogic.transaction.blocking.rollback=true -Djavax.net.ssl.trustStore=/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/DemoTrust.jks -Dums.oracle.home=/u01/app/oracle/product/fmw/soa -Dem.oracle.home=/u01/app/oracle/product/fmw/oracle_common -Djava.awt.headless=true -Dweblogic.management.discover=true -Dwlw.iterativeDev= -Dwlw.testConsole= -Dwlw.logErrorsToConsole= -Dweblogic.ext.dirs=/u01/app/oracle/product/fmw/patch_wls1036/profiles/default/syse
oracle   19595 19540  0 10:58 pts/5    00:00:00 grep AdminServer

[oracle@tester ~]$ netstat -an | grep 7001
tcp        0      0 ::ffff:192.168.217.142:7001 :::*                        LISTEN

2. Log in to WLS Console via AdminServer Port

validation_blog001

3. Check that All Servers are Up

Navigate to Summary of Servers and ensure that all managed servers have started:

validation_blog002

4. Check that Users/Groups are Visible

Navigate to Security realms > myrealm and ensure that users and groups from both the Default and OVD Authenticators are visible:

validation_blog003 5. Log in to FMW Control via AdminServer port

 

validation_blog004

6. Check that All Components are Up

 

validation_blog005

 

Oracle Access Manager Console (OAM Console)

 

1. Log in to OAM Console via AdminServer Port

 

validation_blog006

 

validation_blog007

Navigate to some sample configuration screens to ensure that they are properly displayed:

validation_blog008

 

validation_blog009

 

Oracle Directory Services Manager (ODSM)

 

1. Check ODSM Listener and Process

[oracle@tester ~]$ ps -ef | grep wls_ods1
oracle   19093 19039  8 10:54 ?        00:05:44 /u01/app/oracle/product/fmw/jdk6/bin/java -jrockit -Xms768m -Xmx1536m -Dweblogic.Name=wls_ods1 -Djava.security.policy=/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/weblogic.policy -Dweblogic.system.BootIdentityFile=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/wls_ods1/data/nodemanager/boot.properties -Dweblogic.nodemanager.ServiceEnabled=true -Dweblogic.security.SSL.ignoreHostnameVerification=false -Dweblogic.ReverseDNSAllowed=false -Xverify:none -da -Dplatform.home=/u01/app/oracle/product/fmw/wlserver_10.3 -Dwls.home=/u01/app/oracle/product/fmw/wlserver_10.3/server -Dweblogic.home=/u01/app/oracle/product/fmw/wlserver_10.3/server -Dcommon.components.home=/u01/app/oracle/product/fmw/oracle_common -Djrf.version=11.1.1 -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Ddomain.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain -Djrockit.optfile=/u01/app/oracle/product/fmw/oracle_common/modules/oracle.jrf_11.1.1/jrocket_optfile.txt -Doracle.server.config.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/servers/wls_ods1 -Doracle.domain.config.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig -Digf.arisidbeans.carmlloc=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/carml -Digf.arisidstack.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/arisidprovider -Doracle.security.jps.config=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/jps-config.xml -Doracle.deployed.app.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/wls_ods1/tmp/_WL_user -Doracle.deployed.app.ext=/- -Dweblogic.alternateTypesDirectory=/u01/app/oracle/product/fmw/iam/oam/agent/modules/oracle.oam.wlsagent_11.1.1,/u01/app/oracle/product/fmw/iam/server/loginmodule/wls,/u01/app/oracle/product/fmw/oracle_common/modules/oracle.ossoiap_11.1.1,/u01/app/oracle/product/fmw/oracle_common/modules/oracle.oamprovider_11.1.1 -Djava.protocol.handler.pkgs=oracle.mds.net.protocol|oracle.fabric.common.classloaderurl.handler|oracle.fabric.common.uddiurl.handler|oracle.bpm.io.fs.protocol -Dweblogic.jdbc.remoteEnabled=false -DOAM_POLICY_FILE=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-policy.xml -DOAM_CONFIG_FILE=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-config.xml -DOAM_ORACLE_HOME=/u01/app/oracle/product/fmw/iam/oam -Doracle.security.am.SERVER_INSTNCE_NAME=wls_ods1 -Does.jars.home=/u01/app/oracle/product/fmw/iam/oam/server/lib/oes-d8 -Does.integration.path=/u01/app/oracle/product/fmw/iam/oam/server/lib/oeslib/oes-integration.jar -Does.enabled=true -Djavax.xml.soap.SOAPConnectionFactory=weblogic.wsee.saaj.SOAPConnectionFactoryImpl -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Djavax.xml.soap.SOAPFactory=oracle.j2ee.ws.saaj.soap.SOAPFactoryImpl -DXL.HomeDir=/u01/app/oracle/product/fmw/iam/server -Djava.security.auth.login.config=/u01/app/oracle/product/fmw/iam/server/config/authwl.conf -Dorg.owasp.esapi.resources=/u01/app/oracle/product/fmw/iam/server/apps/oim.ear/APP-INF/classes -da:org.apache.xmlbeans… -Didm.oracle.home=/u01/app/oracle/product/fmw/idm -Xms512m -Xmx1024m -Xss512K -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.management.discover=false -Dsoa.archives.dir=/u01/app/oracle/product/fmw/soa/soa -Dsoa.oracle.home=/u01/app/oracle/product/fmw/soa -Dsoa.instance.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain -Dtangosol.coherence.clusteraddress=227.7.7.9 -Dtangosol.coherence.clusterport=9778 -Dtangosol.coherence.log=jdk -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Dweblogic.transaction.blocking.commit=true -Dweblogic.transaction.blocking.rollback=true -Djavax.net.ssl.trustStore=/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/DemoTrust.jks -Dums.oracle.home=/u01/app/oracle/product/fmw/soa -Dem.oracle.home=/u01/app/oracle/product/fmw/oracle_common -Djava.awt.headless=true -Dweblogic.management.discover=false -Dweblogic.management.server=http://ADMINVHN.mycompany.com:700
oracle   25148 19540  0 11:58 pts/5    00:00:00 grep wls_ods1

[oracle@tester ~]$ netstat -an | grep 7006
tcp        0      0 ::ffff:192.168.217.142:7006 :::*                        LISTEN

2. Connect to OID via ODSM Port

 

validation_blog010

 

validation_blog011

3. Browse OID Directory Tree

Ensure that users and groups are populated and visible:

validation_blog012

4. Connect to OVD via ODSM Port

 

validation_blog013

5. Browse OVD Directory Tree

 

validation_blog014

 

validation_blog015

 

Oracle Access Manager (OAM)

 

1. Check OAM Server Listener and Process

[oracle@tester ~]$ ps -ef | grep wls_oam1
oracle   18766 18712  7 10:51 ?        00:06:32 /u01/app/oracle/product/fmw/jdk6/bin/java -jrockit -Xms768m -Xmx1536m -Dweblogic.Name=wls_oam1 -Djava.security.policy=/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/weblogic.policy -Dweblogic.system.BootIdentityFile=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/wls_oam1/data/nodemanager/boot.properties -Dweblogic.nodemanager.ServiceEnabled=true -Dweblogic.security.SSL.ignoreHostnameVerification=false -Dweblogic.ReverseDNSAllowed=false -Xverify:none -da -Dplatform.home=/u01/app/oracle/product/fmw/wlserver_10.3 -Dwls.home=/u01/app/oracle/product/fmw/wlserver_10.3/server -Dweblogic.home=/u01/app/oracle/product/fmw/wlserver_10.3/server -Dcommon.components.home=/u01/app/oracle/product/fmw/oracle_common -Djrf.version=11.1.1 -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Ddomain.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain -Djrockit.optfile=/u01/app/oracle/product/fmw/oracle_common/modules/oracle.jrf_11.1.1/jrocket_optfile.txt -Doracle.server.config.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/servers/wls_oam1 -Doracle.domain.config.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig -Digf.arisidbeans.carmlloc=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/carml -Digf.arisidstack.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/arisidprovider -Doracle.security.jps.config=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/jps-config.xml -Doracle.deployed.app.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/wls_oam1/tmp/_WL_user -Doracle.deployed.app.ext=/- -Dweblogic.alternateTypesDirectory=/u01/app/oracle/product/fmw/iam/oam/agent/modules/oracle.oam.wlsagent_11.1.1,/u01/app/oracle/product/fmw/iam/server/loginmodule/wls,/u01/app/oracle/product/fmw/oracle_common/modules/oracle.ossoiap_11.1.1,/u01/app/oracle/product/fmw/oracle_common/modules/oracle.oamprovider_11.1.1 -Djava.protocol.handler.pkgs=oracle.mds.net.protocol|oracle.fabric.common.classloaderurl.handler|oracle.fabric.common.uddiurl.handler|oracle.bpm.io.fs.protocol -Dweblogic.jdbc.remoteEnabled=false -DOAM_POLICY_FILE=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-policy.xml -DOAM_CONFIG_FILE=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-config.xml -DOAM_ORACLE_HOME=/u01/app/oracle/product/fmw/iam/oam -Doracle.security.am.SERVER_INSTNCE_NAME=wls_oam1 -Does.jars.home=/u01/app/oracle/product/fmw/iam/oam/server/lib/oes-d8 -Does.integration.path=/u01/app/oracle/product/fmw/iam/oam/server/lib/oeslib/oes-integration.jar -Does.enabled=true -Djavax.xml.soap.SOAPConnectionFactory=weblogic.wsee.saaj.SOAPConnectionFactoryImpl -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Djavax.xml.soap.SOAPFactory=oracle.j2ee.ws.saaj.soap.SOAPFactoryImpl -DXL.HomeDir=/u01/app/oracle/product/fmw/iam/server -Djava.security.auth.login.config=/u01/app/oracle/product/fmw/iam/server/config/authwl.conf -Dorg.owasp.esapi.resources=/u01/app/oracle/product/fmw/iam/server/apps/oim.ear/APP-INF/classes -da:org.apache.xmlbeans… -Didm.oracle.home=/u01/app/oracle/product/fmw/idm -Xms512m -Xmx1024m -Xss512K -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.management.discover=false -Dsoa.archives.dir=/u01/app/oracle/product/fmw/soa/soa -Dsoa.oracle.home=/u01/app/oracle/product/fmw/soa -Dsoa.instance.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain -Dtangosol.coherence.clusteraddress=227.7.7.9 -Dtangosol.coherence.clusterport=9778 -Dtangosol.coherence.log=jdk -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Dweblogic.transaction.blocking.commit=true -Dweblogic.transaction.blocking.rollback=true -Djavax.net.ssl.trustStore=/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/DemoTrust.jks -Dums.oracle.home=/u01/app/oracle/product/fmw/soa -Dem.oracle.home=/u01/app/oracle/product/fmw/oracle_common -Djava.awt.headless=true -Dweblogic.management.discover=false -Dweblogic.management.server=http://ADMINVHN.mycompany.com:700
oracle   26309 19540  0 12:13 pts/5    00:00:00 grep wls_oam1

[oracle@tester ~]$ netstat -an | grep 14100
tcp        0      0 ::ffff:192.168.217.14:14100 :::*                        LISTEN

2. Check that /oam/server via OAM Server Port Responds

Note that the error below is expected behavior. This test is meant to ensure only that the server responds to the HTTP request.

[oracle@tester ~]$ wget http://tester.mycompany.com:14100/oam/server
–2013-10-21 12:15:35–  http://tester.mycompany.com:14100/oam/server
Resolving tester.mycompany.com… 192.168.217.142
Connecting to tester.mycompany.com|192.168.217.142|:14100… connected.
HTTP request sent, awaiting response… 404 Not Found
2013-10-21 12:15:36 ERROR 404: Not Found.

 

Oracle Identity Manager (OIM)

 

1. Check OIM Listener and Process

[oracle@tester ~]$ ps -ef | grep wls_oim1
oracle   19390 19336 10 10:56 ?        00:09:04 /u01/app/oracle/product/fmw/jdk6/bin/java -jrockit -Xms768m -Xmx1536m -Dweblogic.Name=wls_oim1 -Djava.security.policy=/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/weblogic.policy -Dweblogic.system.BootIdentityFile=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/wls_oim1/data/nodemanager/boot.properties -Dweblogic.nodemanager.ServiceEnabled=true -Dweblogic.security.SSL.ignoreHostnameVerification=false -Dweblogic.ReverseDNSAllowed=false -Djps.subject.cache.key=5 -Djps.subject.cache.ttl=600000 -Xverify:none -da -Dplatform.home=/u01/app/oracle/product/fmw/wlserver_10.3 -Dwls.home=/u01/app/oracle/product/fmw/wlserver_10.3/server -Dweblogic.home=/u01/app/oracle/product/fmw/wlserver_10.3/server -Dcommon.components.home=/u01/app/oracle/product/fmw/oracle_common -Djrf.version=11.1.1 -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Ddomain.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain -Djrockit.optfile=/u01/app/oracle/product/fmw/oracle_common/modules/oracle.jrf_11.1.1/jrocket_optfile.txt -Doracle.server.config.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/servers/wls_oim1 -Doracle.domain.config.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig -Digf.arisidbeans.carmlloc=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/carml -Digf.arisidstack.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/arisidprovider -Doracle.security.jps.config=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/jps-config.xml -Doracle.deployed.app.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/wls_oim1/tmp/_WL_user -Doracle.deployed.app.ext=/- -Dweblogic.alternateTypesDirectory=/u01/app/oracle/product/fmw/iam/oam/agent/modules/oracle.oam.wlsagent_11.1.1,/u01/app/oracle/product/fmw/iam/server/loginmodule/wls,/u01/app/oracle/product/fmw/oracle_common/modules/oracle.ossoiap_11.1.1,/u01/app/oracle/product/fmw/oracle_common/modules/oracle.oamprovider_11.1.1 -Djava.protocol.handler.pkgs=oracle.mds.net.protocol|oracle.fabric.common.classloaderurl.handler|oracle.fabric.common.uddiurl.handler|oracle.bpm.io.fs.protocol -Dweblogic.jdbc.remoteEnabled=false -DOAM_POLICY_FILE=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-policy.xml -DOAM_CONFIG_FILE=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-config.xml -DOAM_ORACLE_HOME=/u01/app/oracle/product/fmw/iam/oam -Doracle.security.am.SERVER_INSTNCE_NAME=wls_oim1 -Does.jars.home=/u01/app/oracle/product/fmw/iam/oam/server/lib/oes-d8 -Does.integration.path=/u01/app/oracle/product/fmw/iam/oam/server/lib/oeslib/oes-integration.jar -Does.enabled=true -Djavax.xml.soap.SOAPConnectionFactory=weblogic.wsee.saaj.SOAPConnectionFactoryImpl -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Djavax.xml.soap.SOAPFactory=oracle.j2ee.ws.saaj.soap.SOAPFactoryImpl -DXL.HomeDir=/u01/app/oracle/product/fmw/iam/server -Djava.security.auth.login.config=/u01/app/oracle/product/fmw/iam/server/config/authwl.conf -Dorg.owasp.esapi.resources=/u01/app/oracle/product/fmw/iam/server/apps/oim.ear/APP-INF/classes -da:org.apache.xmlbeans… -Didm.oracle.home=/u01/app/oracle/product/fmw/idm -Xms512m -Xmx1024m -Xss512K -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.management.discover=false -Dsoa.archives.dir=/u01/app/oracle/product/fmw/soa/soa -Dsoa.oracle.home=/u01/app/oracle/product/fmw/soa -Dsoa.instance.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain -Dtangosol.coherence.clusteraddress=227.7.7.9 -Dtangosol.coherence.clusterport=9778 -Dtangosol.coherence.log=jdk -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Dweblogic.transaction.blocking.commit=true -Dweblogic.transaction.blocking.rollback=true -Djavax.net.ssl.trustStore=/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/DemoTrust.jks -Dums.oracle.home=/u01/app/oracle/product/fmw/soa -Dem.oracle.home=/u01/app/oracle/product/fmw/oracle_common -Djava.awt.headless=true -Dweblogic.management.discover=false -Dweb
oracle   26875 19540  0 12:20 pts/5    00:00:00 grep wls_oim1

[oracle@tester ~]$ netstat -an | grep 14000
tcp        0      0 ::ffff:192.168.217.14:14000 :::*                        LISTEN

2. Log in to OIM Admin Console

 

validation_blog016

 

validation_blog017

3. Look Up User

Navigate to the Administration console and search for an sample user:

validation_blog018

4. Test Role Grant/Revocation

Assign a role to the sample user:

validation_blog019

 

validation_blog020

 

validation_blog021

Confirm via ODSM that the user has been added to the associated group in OID:

validation_blog022

Revoke the role from the sample user:

validation_blog023

 

validation_blog024

Confirm the revocation via ODSM:

validation_blog025 5. Test a Reconciliation Process

Search for a Fusion Applications reconciliation scheduled job and run it:

validation_blog026

 

validation_blog027

 

validation_blog028

 

validation_blog029

 

validation_blog030

Confirm that the reconciliation was successful:

validation_blog031

 

Oracle Service Oriented Architecture Suite (SOA)

 

1. Check SOA Listener and Process

[oracle@tester ~]$ ps -ef | grep wls_soa1
oracle   20160 20106 11 11:03 ?        00:10:46 /u01/app/oracle/product/fmw/jdk6/bin/java -jrockit -Xms768m -Xmx1536m -Dweblogic.Name=wls_soa1 -Djava.security.policy=/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/weblogic.policy -Dweblogic.system.BootIdentityFile=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/wls_soa1/data/nodemanager/boot.properties -Dweblogic.nodemanager.ServiceEnabled=true -Dweblogic.security.SSL.ignoreHostnameVerification=false -Dweblogic.ReverseDNSAllowed=false -Djps.subject.cache.key=5 -Djps.subject.cache.ttl=600000 -Xverify:none -da -Dplatform.home=/u01/app/oracle/product/fmw/wlserver_10.3 -Dwls.home=/u01/app/oracle/product/fmw/wlserver_10.3/server -Dweblogic.home=/u01/app/oracle/product/fmw/wlserver_10.3/server -Dcommon.components.home=/u01/app/oracle/product/fmw/oracle_common -Djrf.version=11.1.1 -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Ddomain.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain -Djrockit.optfile=/u01/app/oracle/product/fmw/oracle_common/modules/oracle.jrf_11.1.1/jrocket_optfile.txt -Doracle.server.config.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/servers/wls_soa1 -Doracle.domain.config.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig -Digf.arisidbeans.carmlloc=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/carml -Digf.arisidstack.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/arisidprovider -Doracle.security.jps.config=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/jps-config.xml -Doracle.deployed.app.dir=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/wls_soa1/tmp/_WL_user -Doracle.deployed.app.ext=/- -Dweblogic.alternateTypesDirectory=/u01/app/oracle/product/fmw/iam/oam/agent/modules/oracle.oam.wlsagent_11.1.1,/u01/app/oracle/product/fmw/iam/server/loginmodule/wls,/u01/app/oracle/product/fmw/oracle_common/modules/oracle.ossoiap_11.1.1,/u01/app/oracle/product/fmw/oracle_common/modules/oracle.oamprovider_11.1.1 -Djava.protocol.handler.pkgs=oracle.mds.net.protocol|oracle.fabric.common.classloaderurl.handler|oracle.fabric.common.uddiurl.handler|oracle.bpm.io.fs.protocol -Dweblogic.jdbc.remoteEnabled=false -DOAM_POLICY_FILE=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-policy.xml -DOAM_CONFIG_FILE=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/config/fmwconfig/oam-config.xml -DOAM_ORACLE_HOME=/u01/app/oracle/product/fmw/iam/oam -Doracle.security.am.SERVER_INSTNCE_NAME=wls_soa1 -Does.jars.home=/u01/app/oracle/product/fmw/iam/oam/server/lib/oes-d8 -Does.integration.path=/u01/app/oracle/product/fmw/iam/oam/server/lib/oeslib/oes-integration.jar -Does.enabled=true -Djavax.xml.soap.SOAPConnectionFactory=weblogic.wsee.saaj.SOAPConnectionFactoryImpl -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Djavax.xml.soap.SOAPFactory=oracle.j2ee.ws.saaj.soap.SOAPFactoryImpl -DXL.HomeDir=/u01/app/oracle/product/fmw/iam/server -Djava.security.auth.login.config=/u01/app/oracle/product/fmw/iam/server/config/authwl.conf -Dorg.owasp.esapi.resources=/u01/app/oracle/product/fmw/iam/server/apps/oim.ear/APP-INF/classes -da:org.apache.xmlbeans… -Didm.oracle.home=/u01/app/oracle/product/fmw/idm -Xms512m -Xmx1024m -Xss512K -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.management.discover=false -Dsoa.archives.dir=/u01/app/oracle/product/fmw/soa/soa -Dsoa.oracle.home=/u01/app/oracle/product/fmw/soa -Dsoa.instance.home=/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain -Dtangosol.coherence.clusteraddress=227.7.7.9 -Dtangosol.coherence.clusterport=9778 -Dtangosol.coherence.log=jdk -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Dweblogic.transaction.blocking.commit=true -Dweblogic.transaction.blocking.rollback=true -Djavax.net.ssl.trustStore=/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/DemoTrust.jks -Dums.oracle.home=/u01/app/oracle/product/fmw/soa -Dem.oracle.home=/u01/app/oracle/product/fmw/oracle_common -Djava.awt.headless=true -Dweblogic.management.discover=false -Dweb
oracle   28045 19540  0 12:35 pts/5    00:00:00 grep wls_soa1

[oracle@tester ~]$ netstat -an | grep 8001
tcp        0      0 ::ffff:192.168.217.142:8001 :::*                        LISTEN

2. Log in to SOA Diagnostic Page

Note that the login credentials to be used here are the WebLogic admin credentials:

validation_blog032

 

validation_blog033

 

Oracle HTTP Server (OHS)

 

1. Check OHS Listener and Process

[oracle@tester bin]$ ./opmnctl status -l
Processes in Instance: web1
———————————+——————–+———+———-+————+———-+———–+——
ias-component                    | process-type       |     pid | status   |        uid |  memused |    uptime | ports
———————————+——————–+———+———-+————+———-+———–+——
ohs1                             | OHS                |   22727 | Alive    |  342892205 |   736376 |   1:56:59 | https:9999,https:4443,http:7777

[oracle@tester bin]$ ps -ef | grep ohs
oracle   22727 22705  0 11:38 ?        00:00:01 /u01/app/oracle/product/fmw/web/ohs/bin/httpd.worker -DSSL
oracle   22735 22727  0 11:38 ?        00:00:00 /u01/app/oracle/product/fmw/web/ohs/bin/odl_rotatelogs -l /u01/app/oracle/admin/web1/diagnostics/logs/OHS/ohs1/ohs1-%Y%m%d%H%M%S.log 10M 70M
oracle   22736 22727  0 11:38 ?        00:00:00 /u01/app/oracle/product/fmw/web/ohs/bin/odl_rotatelogs /u01/app/oracle/admin/web1/diagnostics/logs/OHS/ohs1/access_log 43200
oracle   22737 22727  0 11:38 ?        00:00:00 /u01/app/oracle/product/fmw/web/ohs/bin/odl_rotatelogs -l -h:/u01/app/oracle/admin/web1/config/OHS/ohs1/component_events.xml_ohs1 /u01/app/oracle/admin/web1/auditlogs/OHS/ohs1/audit-pid22727-%Y%m%d%H%M%S.log 1M 4M
oracle   22738 22727  0 11:38 ?        00:00:00 /u01/app/oracle/product/fmw/web/ohs/bin/httpd.worker -DSSL
oracle   22741 22727  0 11:38 ?        00:00:00 /u01/app/oracle/product/fmw/web/ohs/bin/httpd.worker -DSSL
oracle   22743 22727  0 11:38 ?        00:00:00 /u01/app/oracle/product/fmw/web/ohs/bin/httpd.worker -DSSL
oracle   22855 22727  0 11:38 ?        00:00:00 /u01/app/oracle/product/fmw/web/ohs/bin/httpd.worker -DSSL
oracle   22911 22727  0 11:38 ?        00:00:00 /u01/app/oracle/product/fmw/web/ohs/bin/httpd.worker -DSSL
oracle   22912 22727  0 11:38 ?        00:00:01 /u01/app/oracle/product/fmw/web/ohs/bin/httpd.worker -DSSL
oracle   32727  5753  0 13:36 pts/2    00:00:00 grep ohs

[oracle@tester bin]$ netstat -an | grep 7777
tcp        0      0 :::7777                     :::*                        LISTEN
[oracle@tester bin]$ netstat -an | grep 4443
tcp        0      0 :::4443                     :::*                        LISTEN

2. Log in to OAM Console via SSO

 

validation_blog034

 

validation_blog035

 

validation_blog036

Be sure to test that the Sign Out link returns the user to the login page:

validation_blog037

Add Your Comment