Category Archives: Oracle Unified Directory

Oracle Unified Directory

Install Oracle Unified Directory 12c the smart way

Installing Oracle Unified Directory has always been easy. The installation guide for OUD 11c as well OUD 12 is simple and straight forward. Additionally Oracle does provide a couple of MOS notes for different deployment scenarios. Nevertheless there is always room for improvement 🙂 During my work on OUD to go on Raspberry Pi Zero or on Docker images for OUD I’ve had to optimise the installation of OUD. In this blog post I’ll show how I did simplify respectively optimise my OUD installations.

Prerequisites

Standalone or Collocated?

Since the latest release, Oracle allows a couple of different ways how OUD can be deployed.

  • Standalone Oracle Unified Directory Server With this deployment method OUD is used as a straight forward LDAP server with a small footprint. Administration has to be done via command line (eg. dsconfig, ldapmodify, etc) or when possible with a third party LDAP Browser.
  • Collocated Oracle Unified Directory Server with OUD and OUDSM in a separate domains. OUD and Fusion Middleware (FMW) Infrastructure are installed in the same middleware home directory. In non-collocated mode, OUD and OUDSM will be deployed in different domains.
  • Collocated Oracle Unified Directory Server with OUD and OUDSM in a single domain. OUD and Fusion Middleware Infrastructure are installed in the same middleware home directory. In collocated mode OUD and OUDSM will be deployed under the same domain.
  • Collocated Oracle Unified Directory Server But just used for OUDSM. This is not really an official deployment method, but becomes quite handy when you’ve deployed a couple of standalone OUD server. The OUD software is just deployed into FMW Infrastructure to be able to create and start the OUDSM web application. There will only be an OUDSM domain deployed.

For simple OUD installation’s I usually just install and deploy a standalone OUD. This installation is fast and has a small foot print. I do use dsconfig for the administration and the Apache Directory Studio for general LDAP browsing. If I do need an OUDSM from time to time, I install a dedicated OUDSM (Collocated OUD Server) or use my OUDSM docker container.

Environment

OUD does not make great demands on the environment. Nevertheless, I usually follow the Oracle Flexible Architecture OFA and a couple of environment scripts similar to the Trivadis BasEnv. See my blog post about OUD environment scripts.

For the further installation steps I stick to the following environment variables.

export SOFTWARE=$HOME/software
export ORACLE_BASE=/u00/app/oracle
export JAVA_HOME=$ORACLE_BASE/product/jdk1.8.0_144
export OUD_HOME=$ORACLE_BASE/product/oud12.2.1.3.0
export FMW_HOME=$ORACLE_BASE/product/fmw12.2.1.3.0

In the table below you find a short description of the environment variables. For further explanations see blog post OUD environment scripts.

ENV Variable Path Description
$ORACLE_BASE, $cdob /u00/app/oracle Base directory for the oracle binaries
$ORACLE_HOME, $OUD_HOME $ORACLE_BASE/product/oud12.2.1.3.0 Standalone Oracle Unified Directory binaries
$ORACLE_HOME, $OUD_HOME $ORACLE_BASE/product/fmw12.2.1.3.0 Collocated Oracle Unified Directory binaries
$JAVA_HOME $ORACLE_BASE/product/jdk1.8.0_144 Java used for OUD
$OUD_INSTANCE_BASE, $cdib $ORACLE_BASE/instances Base directory for the instance homes
$SOFTWARE $HOME/software Software Depot for the JAR’s

To do a silent installation, we will require a response file. In case of OUD and FMW it is a simple text file to define a few generic installation values. The same response file can be used for either of the products. We add the missing value INSTALL_TYPE when calling the installer.

echo "[ENGINE]"                                    > $ETC_BASE/install.rsp
echo "Response File Version=1.0.0.0.0"            >> $ETC_BASE/install.rsp
echo "[GENERIC]"                                  >> $ETC_BASE/install.rsp
echo "DECLINE_SECURITY_UPDATES=true"              >> $ETC_BASE/install.rsp
echo "SECURITY_UPDATES_VIA_MYORACLESUPPORT=false" >> $ETC_BASE/install.rsp

Beside the response file we also have to have an inventory location file. You probably have to adjust the group name to fit your environment.

echo "inventory_loc=$ORACLE_BASE/oraInventory" > $ETC_BASE/oraInst.loc
echo "inst_group=oinstall"                    >> $ETC_BASE/oraInst.loc

Software

To start the installation, you first have to get the required software packages. Oracle makes it easy, you can either download the software on Oracle Technology Network (OTN), Oracle Software Delivery Cloud (OSDC) or My Oracle Support (MOS). All download URLs are ok, but I prefer to do the download direct from MOS since this allows to use curl with a simple download URL. The downside is, that this requires a valid MOS account.

Create a netrc file for curl with your MOS credentials.

MOS_USER="<your MOS USER>"
MOS_PASSWORD="</your><your MOS PASSWORD>"
echo "machine login.oracle.com login $MOS_USER password $MOS_PASSWORD" >$SOFTWARE/.netrc

OK, lets download the software.

Java 1.8 update 144, Patch ID 26512979:

curl --netrc-file $SOFTWARE/.netrc \
  --cookie-jar $SOFTWARE/cookie-jar.txt \
  --location-trusted "https://updates.oracle.com/Orion/Services/download/p26512979_180144_Linux-x86-64.zip?aru=21443434&patch_file=p26512979_180144_Linux-x86-64.zip" \
  --output $SOFTWARE/java/p26512979_180144_Linux-x86-64.zip

Oracle Unified Directory 12.2.1.3.0, Patch ID 26270957:

curl --netrc-file $SOFTWARE/.netrc \
  --cookie-jar $SOFTWARE/cookie-jar.txt \
  --location-trusted "https://updates.oracle.com/Orion/Services/download/p26270957_122130_Generic.zip?aru=21504981&patch_file=p26270957_122130_Generic.zip" \
  --output $SOFTWARE/fmw/p26270957_122130_Generic.zip

FWM Infrastructure 12.2.1.3.0, Patch ID 26269885:

curl --netrc-file $SOFTWARE/.netrc \
  --cookie-jar $SOFTWARE/cookie-jar.txt \
  --location-trusted "https://updates.oracle.com/Orion/Services/download/p26269885_122130_Generic.zip?aru=21502041&patch_file=p26269885_122130_Generic.zip" \
  --output $SOFTWARE/fmw/p26269885_122130_Generic.zip

As soon as the software has been downloaded, we will unpack the OUD and FMW packages. In the example below it’s done directly by using the jar utility.

cd $SOFTWARE/fmw
$JAVA_HOME/bin/jar -xvf $SOFTWARE/fmw/p26270957_122130_Generic.zip
$JAVA_HOME/bin/jar -xvf $SOFTWARE/fmw/p26269885_122130_Generic.zip

Java

Although Java is probably already installed on you system, its recommended to install a dedicated JVM for OUD. This way we can keep our java installation for OUD independent from the OS default java. The installation is done with just a untar into the right directory. I do this with just one combined command of unzip and tar.

unzip -p $SOFTWARE/java/p26512979_180144_Linux-x86-64.zip \
*tar* |tar zxv -C $ORACLE_BASE/product

Install Standalone OUD

Start the silent installation with the extracted JAR file and the previously created response file. Set INSTALL_TYPE to Standalone Oracle Unified Directory Server (Managed independently of WebLogic server) will initiate a standalone installation into the defined ORACLE_HOME.

$JAVA_HOME/bin/java -jar $SOFTWARE/fmw/fmw_12.2.1.3.0_oud.jar -silent \
  -responseFile $ETC_BASE/install.rsp \
  -invPtrLoc $ETC_BASE/oraInst.loc \
  -ignoreSysPrereqs -force \
  -novalidation ORACLE_HOME=$OUD_HOME \
  INSTALL_TYPE="Standalone Oracle Unified Directory Server (Managed independently of WebLogic server)"

That’s it. After a couple of minutes the OUD binaries are installed and ready to deploy an Oracle Directory or Proxy server.

Install Collocated OUD

To do a collocated OUD installation, we first have to install FMW infrastructure before installing OUD. The installation is done again in silent mode by specifying the ORACLE_HOME and the INSTALL_TYPE. Execution of this JAR will take longer since it is around 1.5GB.

$JAVA_HOME/bin/java -jar $SOFTWARE/fmw/fmw_12.2.1.3.0_infrastructure.jar \
  -silent \
  -responseFile $ETC_BASE/install.rsp \
  -invPtrLoc $ETC_BASE/oraInst.loc \
  -ignoreSysPrereqs -force \
  -novalidation ORACLE_HOME=$FMW_HOME \
  INSTALL_TYPE="WebLogic Server"

As soon as the FMW installation has been successfully finished, we initiate the OUD installation. For ORACLE_HOME we have to choose the same directory as using for the FMW infrastructure. The INSTALL_TYPE is set to collocated mode.

$JAVA_HOME/bin/java -jar $SOFTWARE/fmw/fmw_12.2.1.3.0_oud.jar -silent \
  -responseFile $ETC_BASE/install.rsp \
  -invPtrLoc $ETC_BASE/oraInst.loc \
  -ignoreSysPrereqs -force \
  -novalidation ORACLE_HOME=$OUD_HOME \
  INSTALL_TYPE="Collocated Oracle Unified Directory Server (Managed through WebLogic server)"

In this newly created Oracle home directory we now have a collocated Oracle Unified Directory Server. These binaries can be used to deploy OUD and OUDSM in separate domains, in a single domain or just to deploy an OUDSM server.

Next Steps

For know we just have the OUD binaries. The next steps will be to deploy a OUD directory or proxy server using either oud-setup or oud-proxy-setup tool. Both tools can be used in command line mode, GUI mode or silently by specify the corresponding parameters. The statement below is an example to create an OUD directory server instance oud_demo for the base DN dc=postgasse,dc=org with 20 sample records.

$OUD_HOME/oud/oud-setup \
--cli \
--instancePath $OUD_INSTANCE_BASE/oud_demo/OUD \
--adminConnectorPort 4444 \
--rootUserDN cn=Directory\ Manager \
--rootUserPasswordFile $ETC_BASE/oud_demo_pwd.txt \
--ldapPort 1389 \
--baseDN dc=postgasse,dc=org \
--sampleData 20 \
--serverTuning jvm-default \
--offlineToolsTuning jvm-default \
--no-prompt \
--noPropertiesFile

Files and References

Below you find a few references related to Oracle Unified Directory:

  • Oracle JDK 8 Update 144 for ARM 32Bit VFP HardFP MOS Patch 26512975
  • Oracle Unified Directory FMW 12.2.1.3.0 MOS Patch 26270957
  • Oracle Unified Directory 12.2.1.3.0 on Oracle Technology Network
  • Oracle Software Delivery Cloud OSDC
  • Environment Scripts for OUD on www.oradba.ch
  • Github repository for the OUD environment scripts oudbase
  • OUD base environment installation script. It’s a bash script including a TAR.  oudbase_install.sh
  • OUD base environment as TAR archive without installation script.  oudbase_install.tgz
  • Github repository for the OUD environment scripts oudbase
  • Oracle Unified Directory 12c PS3 Released [2300623.1]
  • OUD 12c – How to Download and Install OUD 12c in Standalone Mode (with No Domain Configuration) [2298379.1]
  • OUD 12c: How to Install OUD 12c and OUDSM 12c in Collocated Mode (Under Same Domain) or Non-Collocated Mode (Under Separate Domains) [2303721.1]
  • OUD 12c: Understanding the Oracle Unified Directory 12c Installation Directories MW_HOME, PRODUCT_HOME, OUD ORACLE_HOME, DOMAIN_HOME WLS_HOME ORACLE_COMMON Home [2302813.1]
  • All Java SE Downloads on MOS [1439822.1]
  • Information Center: Using Oracle Unified Directory (OUD) [1419823.2]

Oracle Unified Directory to go on Raspberry Pi Zero

Recently I ran out of movies on one of my longer train rides. Coincidentally, I had my Raspberry Pi Zero with me and thought, “There’s Java running on it, right?”. Doesn’t Oracle Unified Directory also require a JVM? OK, I guess Raspberry Pi or ARM wasn’t in focus when Oracle defined the certified platforms of Unified Directory. But hey, I don’t want to set up a production environment, I just need a small project for a long train ride…

The aim is to setup an Raspberry Pi in OTG Mode, install Java and Oracle Unified Directory and configure a small Directory Server, available whenever you need an OUD instance :-). First of all, yes, it works. But before we begin, a few things we need

  • Raspberry Pi Zero I do use a Zero 1.3 without WiFi.
  • USB OTG host cable Dedicated cable supporting USB On-The-Go (OTG). Regular USB cables usually do not support OTG. See Wikipedia On-The-Go (OTG).
  • Raspbian-Image I do recommend the latest Raspbian Stretch Lite. See Raspbian.
  • Oracle JDK 8 for ARM I do use Oracle JDK 8 Update 144 for ARM 32Bit VFP HardFP MOS Patch 26512975. Other Java version are available on MOS Note 1439822.1.
  • Oracle Unified Directory 12.2.1.3 Available through Oracle Technology Network, Oracle Software Delivery Cloud or as My Oracle Support patch 26270957. See also OUD 12.2.1.3 documentation or MOS Note 2300623.1.
  • Temorary System to install OUD Although unified directory does work on ARM, the OUI installer does not. Due to this OUD first have to be “installed” on a supported system. But later more.
  • Environment Scripts for OUD This is optional but quite handy when working on OUD environments. See blog post Environment Scripts for OUD.

In the following chapters I’ll now go through the different steps to setup the OUD “on the go” device. I work primarily on MacOS. Therefore, the individual steps are related to this operating system, but can be easily adapted to other operating systems. Depending on your individual environment, you may skip one or the other step. Shall we get started?

Setup Raspberry Pi

Install Raspian OS

After download the latest release of Raspbian Stretch Lite, we have to create the SD card to setup the OS on raspberry pi. I usually prefer to do this via commandline. Other methods are decribed on www.raspberrypi.org.

PlugIn the SD card and identify the disk via diskutil list. My SD Card is identified disk2. Your output may look different.

soe@gaia:~/ [ic12102] diskutil list
...

/dev/disk2 (external, physical):
#: TYPE NAME SIZE IDENTIFIER
0: FDisk_partition_scheme *32.0 GB disk2
1: Windows_NTFS SD Card 32.0 GB disk2s1

Unmount the disk

soe@gaia:~/ [ic12102] diskutil unmountDisk /dev/disk2
Unmount of all volumes on disk2 was successful

Copy the Raspian image to the SD card.

soe@gaia:~/ sudo dd bs=1m \
if=/Data/ISO-Images/2017-09-07-raspbian-stretch-lite.img \
of=/dev/rdisk2 conv=sync

1768+1 records in
1769+0 records out
1854930944 bytes transferred in 73.667297 secs (25179843 bytes/sec)

soe@gaia:~/ [ic12102] diskutil list
...

/dev/disk2 (external, physical):
#: TYPE NAME SIZE IDENTIFIER
0: FDisk_partition_scheme *32.0 GB disk2
1: Windows_FAT_32 boot 43.8 MB disk2s1
2: Linux 1.8 GB disk2s2

That’s it, the OS basically has been setup. But before we plug the SD card into the Raspberry Pi we first have to configure the OTG mode.

Configure OTG Mode

Configuring the OTG mode is straight forward, since the latest Rasbian OS does provide all. Eg. modules, kernel, etc. You just have to adjust the boot configuration.

Update cmdline.txt and add the g_ether module. You have to add modules-load=dwc2,g_ether after rootwait and before quiet. If you use vi to edit cmdline.txt your fine. But if you do use an other editor make sure you do not change the file suffix or add extra lines or line breaks to the file cmdline.txt. Everything must be on one line.
Change to the boot directory on the SD Card. Mounted as /Volumes/boot on my Mac.

soe@gaia:~/ [ic12102] cd /Volumes/boot

Update cmdline.txt

soe@gaia:/Volumes/boot/ [ic12102] vi cmdline.txt

dwc_otg.lpm_enable=0 console=serial0,115200 console=tty1 root=PARTUUID=11eccc69-02 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait modules-load=dwc2,g_ether quiet init=/usr/lib/raspi-config/init_resize.sh

Update config.txt and add dtoverlay=dwc2 at the end of the file.

soe@gaia:/Volumes/boot/ [ic12102] vi config.txt

As last task, make sure to create an empty file named ssh in the boot folder. This tells Raspian to configure and start the ssh daemon at first system boot. Unmount the SD card and the basic OS setup is finished.

soe@gaia:/Volumes/boot/ [ic12102] touch ssh
soe@gaia:/Volumes/boot/ [ic12102] cd
soe@gaia:~/ [ic12102] diskutil unmountDisk /dev/disk2
Unmount of all volumes on disk2 was successful

Now put the SD card back in your Raspberry Pi Zero and plug in the USB cable. The first system boot will take slightly longer, since the filesystem is getting extended to the maximum size of the SD card. To be on the safe side, wait up to 5 minutes and then try to login via ssh.

soe@gaia:~/ [ic12102] ssh pi@raspberrypi.local

The Raspberry Pi Zero is now ready as headless server in OTG mode.

Setup Environment

General Configuration

This step is not really mandatory, nevertheless I do prefer to adjust a few configuration settings on my pi. First of all upgrade OS to the latest release using apt-get.

pi@raspberrypi:~ $ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

By default the Raspberry Pi hostname is set to raspberrypi. If you do have several Raspberry Pi’s it makes sense to assign names. In my case I do set the hostname to oud2go by changing /etc/hostname and /etc/hosts. In both files you have to replace raspberry with the new name.

pi@raspberrypi:~ $ sudo vi /etc/hostname
pi@raspberrypi:~ $ sudo vi /etc/hosts
pi@raspberrypi:~ $ sudo reboot

sudo: unable to resolve host raspberrypi: Connection timed out
Connection to raspberrypi.local closed by remote host.
Connection to raspberrypi.local closed.

As soon the Pi is back it’s now available by its new name.

soe@gaia:~/ [ic12102] ssh pi@oud2go.local
The authenticity of host 'oud2go.local (fe80::6554:bfdd:7283:3fa9%bridge100)' can't be established.
ECDSA key fingerprint is SHA256:E7WxvWlYDOi0RLNJxEu7rrmA9PH+GlwEJsz0OdHSgCY.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '
oud2go.local,fe80::6554:bfdd:7283:3fa9%bridge100' (ECDSA) to the list of known hosts.
pi@oud2go.local'
s password:
Linux oud2go 4.9.41+ #1023 Tue Aug 8 15:47:12 BST 2017 armv6l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Sep 7 16:22:54 2017 from fe80::acde:48ff:fe00:3364%usb0

SSH is enabled and the default password for the 'pi' user has not been changed.
This is a security risk - please login as the 'pi' user and type 'passwd' to set a new password.
pi@oud2go.local:~ $

It is a good moment to adjust the time zone from UTC to an appropriate for your Raspberry Pi’s. This can either be done using raspi-config or dpkg-reconfigure.

root@oud2go:~# dpkg-reconfigure tzdata

Current default time zone: 'Europe/Zurich'
Local time is now: Mon Oct 30 19:55:21 CET 2017.
Universal Time is now: Mon Oct 30 18:55:21 UTC 2017.

Change the softlinks for localtime will also do the job.

root@oud2go:~# ln -s -f /usr/share/zoneinfo/Europe/Zurich /etc/localtime

Oracle User

In the oracle context it is common practice to create a dedicated user and group. To keep it simple and clear I name it oracle. Indeed I did set up the environment as described in post about the OUD Base environment.

root@oud2go:~# groupadd --gid 1010 oinstall
root@oud2go:~# useradd --create-home --gid oinstall --shell /bin/bash \
--groups oinstall oracle

To install the OUD software, instance and scripts I do use a limited OFA directory structure. See also my Blog Post on OUD Base.

root@oud2go:~# mkdir -p /u00 /u01
root@oud2go:~# mkdir -p /u00/app/oracle
root@oud2go:~# mkdir -p /u00/app/oracle/etc /u00/app/oracle/local
root@oud2go:~# mkdir -p /u00/app/oracle/product /u00/app/oracle/software

root@oud2go:~# chmod a+xr /u00 /u01
root@oud2go:~# chown oracle:oinstall -R /u00 /u01

The newly created user should be allowed to use sudo similar the pi. For this a new sudoers file has to be created.

root@oud2go:~# echo "oracle ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/020_oracle-nopasswd
root@oud2go:~# chmod 440 /etc/sudoers.d/020_oracle-nopasswd

As the last custom configuration I usually distribute the ssh key’s to allow login without password authentication. You only have to include your public key in the file authorized_keys. Lets create the required .ssh user directory for root, pi and the user oracle.

root@oud2go:~# mkdir .ssh
root@oud2go:~# vi .ssh/authorized_keys
root@oud2go:~# chmod 600 .ssh/authorized_keys
root@oud2go:~# chmod 700 .ssh/
root@oud2go:~# cp -r .ssh /home/oracle
root@oud2go:~# cp -r .ssh /home/pi
root@oud2go:~# chown -R pi:pi /home/pi/.ssh
root@oud2go:~# chown -R oracle:oinstall /home/oracle/.ssh

One more thing. Until now all user still have some default password. It’s more than appropriate to change the passwords for the user root, pi and oracle.

root@oud2go:~# passwd root
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
root@oud2go:~# passwd pi
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
root@oud2go:~# passwd oracle
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

Install OUD Base

Install the OUD Base environment scripts according to blog post OUD Base. First we have to get the install scripts using curl.

oracle@oud2go:~ $ cd /u00/app/oracle
oracle@oud2go:/u00/app/oracle $ curl --cookie-jar /tmp/cookie-jar.txt \
--location-trusted "https://github.com/oehrlis/oudbase/raw/master/build/oudbase_install.sh" \
-o oudbase_install.sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 147 100 147 0 0 141 0 0:00:01 0:00:01 --:--:-- 141
100 25556 100 25556 0 0 16704 0 0:00:01 0:00:01 --:--:-- 60273
oracle@oud2go:/u00/app/oracle $ chmod 755 oudbase_install.sh

The installation is straight forward. Just run oudbase_install.sh and specify the ORACLE_BASE directory. More options are available via oudbase_install.sh -h.

oracle@oud2go:/u00/app/oracle/ [oud_pi] ./oudbase_install.sh -v -b /u00/app/oracle
2017-11-13_21:13:23 START: Start of oudbase_install.sh (Version 0.1) with -v -b /u00/app/oracle
2017-11-13_21:13:23 INFO : processing commandline parameter
2017-11-13_21:13:23 Using the following variable for installation
2017-11-13_21:13:23 ORACLE_BASE = /u00/app/oracle
2017-11-13_21:13:23 OUD_BASE = /u00/app/oracle
2017-11-13_21:13:23 OUD_DATA = /u00/app/oracle
2017-11-13_21:13:23 ORACLE_INSTANCE_BASE = /u00/app/oracle/instances
2017-11-13_21:13:23 ORACLE_HOME_BASE = /u00/app/oracle/middleware
2017-11-13_21:13:23 OUD_BACKUP_BASE = /u00/app/oracle/backup
2017-11-13_21:13:23 SCRIPT_FQN = /u00/app/oracle/oudbase_install.sh
2017-11-13_21:13:23 Installing OUD Environment
2017-11-13_21:13:23 Create required directories in ORACLE_BASE=/u00/app/oracle
2017-11-13_21:13:23 Create Directory /u00/app/oracle/local/log
2017-11-13_21:13:23 Create Directory /u00/app/oracle/local/etc
2017-11-13_21:13:23 Create Directory /u00/app/oracle/local
2017-11-13_21:13:23 Create Directory /u00/app/oracle/backup
2017-11-13_21:13:23 Create Directory /u00/app/oracle/instances
2017-11-13_21:13:23 Extracting file into /u00/app/oracle/local
bin/
bin/oud_backup.sh
bin/oud_export.sh
bin/oud_status.sh
bin/oudenv.sh
config/
certificates/
doc/
doc/README.md
etc/
etc/oud._DEFAULT_.conf
etc/oudenv.conf
etc/oudtab
lib/
log/
templates/
templates/.bash_profile
templates/cron.d/
templates/etc/
templates/ldif/
templates/logrotate.d/
templates/logrotate.d/oud
templates/ldif/oud_pi_init.ldif
templates/etc/install.rsp
templates/etc/oraInst.loc
templates/etc/oud_instance.service
templates/etc/wls_oudsm.service
templates/cron.d/oud
2017-11-13_21:13:23 Store customization for OUD_DATA (/u00/app/oracle)
2017-11-13_21:13:23 Store customization for OUD_BASE (/u00/app/oracle)
2017-11-13_21:13:23 Store customization for ORACLE_BASE (/u00/app/oracle)
2017-11-13_21:13:23 Please manual adjust your .bash_profile to load / source
2017-11-13_21:13:23 your OUD Environment
2017-11-13_21:13:23 END : of oudbase_install.sh

To start using OUD Base you have to update your .profile file with the following lines.

# Check OUD_BASE and load if necessary
if [ "${OUD_BASE}" = "" ]
then
if [ -f "${HOME}/.OUD_BASE" ]
then
. "${HOME}/.OUD_BASE"
else
echo "ERROR: Could not load ${HOME}/.OUD_BASE"
fi
fi

# define an oudenv alias
alias oud=". $(find $OUD_BASE -name oudenv.sh)"

# source oud environment
. $(find $OUD_BASE -name oudenv.sh)

Install Oracle Software

Install Java

Since a while, Oracle does also provide Java for Raspberry Pi respectively ARM. See Oracle Java on Raspberry Pi. For OUD it’s recommend to use Oracle Java 8 rather than OpenJDK. You can download either download OracleJDK on Java SE Development Kit 8 Downloads or via My Oracle Support. I do prefer the download via My Oracle Support, since this method allows the use of wget or curl.

Create a .netrc file for curl.

oracle@oud2go:~/ [oud_pi] cd /u00/app/oracle/software
oracle@oud2go:/u00/app/oracle/software/ [oud_pi]
oracle@oud2go:/u00/app/oracle/software/ [oud_pi] echo "machine login.oracle.com login password " >.netrc

Download JDK from My Oracle Support:

oracle@oud2go:/u00/app/oracle/software/ [oud_pi] export JAVA_URL="https://updates.oracle.com/Orion/Services/download/p26512975_180144_Linux_VFP.zip?aru=21442384&amp;patch_file=p26512975_180144_Linux_VFP.zip"
oracle@oud2go:/u00/app/oracle/software/ [oud_pi] export JAVA_PKG="p26512975_180144_Linux_VFP.zip"
oracle@oud2go:/u00/app/oracle/software/ [oud_pi] curl --netrc-file .netrc --cookie-jar cookie-jar.txt --location-trusted $JAVA_URL -o $JAVA_PKG
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
100 1959 0 1959 0 0 820 0 --:--:-- 0:00:02 --:--:-- 1839
0 0 0 0 0 0 0 0 --:--:-- 0:00:03 --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- 0:00:04 --:--:-- 0
100 77.6M 100 77.6M 0 0 3262k 0 0:00:24 0:00:24 --:--:-- 3578k

Install the JDK as root:

oracle@oud2go:/u00/app/oracle/software/ [oud_pi] sudo su -
root@oud2go:~# unzip -p /u00/app/oracle/software/$JAVA_PKG *tar* |tar zvx -C /usr/java

# set the JAVA alternatives directories and links
root@oud2go:~# export JAVA_DIR=$(ls -1 -d /usr/java/*)
root@oud2go:~# ln -s $JAVA_DIR /usr/java/latest
root@oud2go:~# ln -s $JAVA_DIR /usr/java/default

root@oud2go:~# update-alternatives --install /usr/bin/java java $JAVA_DIR/bin/java 20000
update-alternatives: using /usr/java/jdk1.8.0_144/bin/java to provide /usr/bin/java (java) in auto mode

root@oud2go:~# update-alternatives --install /usr/bin/javac javac $JAVA_DIR/bin/javac 20000
update-alternatives: using /usr/java/jdk1.8.0_144/bin/javac to provide /usr/bin/javac (javac) in auto mode

root@oud2go:~# update-alternatives --install /usr/bin/jar jar $JAVA_DIR/bin/jar 20000
update-alternatives: using /usr/java/jdk1.8.0_144/bin/jar to provide /usr/bin/jar (jar) in auto mode

root@oud2go:~# which java
/usr/bin/java

root@oud2go:~# java -version
java version "1.8.0_144"
Java(TM) SE Runtime Environment (build 1.8.0_144-b01)
Java HotSpot(TM) Client VM (build 25.144-b01, mixed mode)

Install OUD

In principle, one should be able to install OUD directly on the Respberry Pi. OUD is unpacked and installed directly with java. But the Oracle Universal Installer or at least a small part of the installation does not work on the ARM platform. Due to this you have to install OUD on an other OS and move the installation directory onto your Raspberry Pi. In my case I do use my MacBook Pro to temporarily install OUD. Alternatively you may also copy the OUD installation from my OUD docker image. But that’s an other story. I’ll post on this topic in a couple of days.

Prepare the download installation path, variables .netca file.

soe@gaia:~/ [ic12102] export DOWNLOAD=/tmp/download
soe@gaia:~/ [ic12102] mkdir -p $DOWNLOAD
soe@gaia:~/ [ic12102] chmod 777 $DOWNLOAD

soe@gaia:~/ [ic12102] export FMW_OUD_URL="https://updates.oracle.com/Orion/Services/download/p26270957_122130_Generic.zip?aru=21504981&amp;patch_file=p26270957_122130_Generic.zip"
soe@gaia:~/ [ic12102] export FMW_OUD_PKG="p26270957_122130_Generic.zip"
soe@gaia:~/ [ic12102] export FMW_OUD_JAR=fmw_12.2.1.3.0_oud.jar

soe@gaia:~/ [ic12102] echo "machine login.oracle.com login password " >/tmp/download/.netrc

soe@gaia:~/ [ic12102] curl --netrc-file /tmp/download/.netrc --cookie-jar \
 /tmp/download/cookie-jar.txt  --location-trusted $FMW_OUD_URL \
 -o $DOWNLOAD/$FMW_OUD_PKG

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
100 1927 0 1927 0 0 963 0 --:--:-- 0:00:02 --:--:-- 1715
0 0 0 0 0 0 0 0 --:--:-- 0:00:05 --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- 0:00:06 --:--:-- 0
100 404M 100 404M 0 0 1847k 0 0:03:44 0:03:44 --:--:-- 1689k

Create a bunch of local Directories in ORACLE_BASE

soe@gaia:~/ [ic12102] export ORACLE_BASE=/u00/app/oracle
soe@gaia:~/ [ic12102] mkdir -p $ORACLE_BASE/etc $ORACLE_BASE/product

To install OUD in silent mode, we need a response file. For OUD this is a simple and straight forward text file.

soe@gaia:~/ [ic12102] echo "[ENGINE]" > $ORACLE_BASE/etc/install.rsp
soe@gaia:~/ [ic12102] echo "Response File Version=1.0.0.0.0" >> $ORACLE_BASE/etc/install.rsp
soe@gaia:~/ [ic12102] echo "[GENERIC]" >> $ORACLE_BASE/etc/install.rsp
soe@gaia:~/ [ic12102] echo "DECLINE_SECURITY_UPDATES=true" >> $ORACLE_BASE/etc/install.rsp
soe@gaia:~/ [ic12102] echo "SECURITY_UPDATES_VIA_MYORACLESUPPORT=false" >> $ORACLE_BASE/etc/install.rsp

The installer does also require a OraInventory Location file:

soe@gaia:~/ [ic12102] echo "inventory_loc=$ORACLE_BASE/oraInventory" > $ORACLE_BASE/etc/oraInst.loc
soe@gaia:~/ [ic12102] echo "inst_group=oinstall" >> $ORACLE_BASE/etc/oraInst.loc

The JAR and the response file will then be used to install OUD in silent mode

soe@gaia:/tmp/download/ [ic12102] java -jar $DOWNLOAD/$FMW_OUD_JAR -silent \
 -responseFile $ORACLE_BASE/etc/install.rsp \
 -invPtrLoc $ORACLE_BASE/etc/oraInst.loc \
 -ignoreSysPrereqs -force \
 -novalidation ORACLE_HOME=$ORACLE_BASE/product/fmw12.2.1.3.0 \
 INSTALL_TYPE="Standalone Oracle Unified Directory Server (Managed independently of WebLogic server)"

Launcher log file is /private/var/folders/80/xtg0v0r16sl6z5sjmxhkvr540000gn/T/OraInstall2017-10-30_08-47-41PM/launcher2017-10-30_08-47-41PM.log.
Extracting the installer . . . . . Done
Checking if CPU speed is above 300 MHz. Actual 2969.6 MHz Passed
Checking swap space: must be greater than 512 MB. Actual 257166 MB Passed
Checking if this platform requires a 64-bit JVM. Actual 64 Passed
Checking temp space: must be greater than 300 MB. Actual 257166 MB Passed
Preparing to launch the Oracle Universal Installer from /private/var/folders/80/xtg0v0r16sl6z5sjmxhkvr540000gn/T/OraInstall2017-10-30_08-47-41PM
Log: /private/var/folders/80/xtg0v0r16sl6z5sjmxhkvr540000gn/T/OraInstall2017-10-30_08-47-41PM/install2017-10-30_08-47-41PM.log
Setting ORACLE_HOME to /u00/app/oracle/product/fmw12.2.1.3.0
Setting INSTALL_TYPE to Standalone Oracle Unified Directory Server (Managed independently of WebLogic server)
Copyright (c) 2010, 2017, Oracle and/or its affiliates. All rights reserved.
Reading response file..
Skipping Software Updates
Validations are disabled for this session.
Verifying data
Copying Files
Percent Complete : 10
Percent Complete : 20
Percent Complete : 30
Percent Complete : 40
Percent Complete : 50
Percent Complete : 60
Percent Complete : 70
Percent Complete : 80
Percent Complete : 90
Percent Complete : 100

The installation of Oracle Unified Directory 12.2.1.3.0 completed successfully.
Logs successfully copied to /u00/app/oracle/oraInventory/logs.

Copy the OUD binaries to your Raspberry Pi.

soe@gaia:~/ [ic12102] scp -r /u00/app/oracle/product/fmw12.2.1.3.0 oracle@oud2go.local:/u00/app/oracle/product

Clean up the temporary installation on the MacBook Pro:

soe@gaia:~/ [ic12102] rm -rf $ORACLE_BASE/etc/install.rsp
soe@gaia:~/ [ic12102] rm -rf $ORACLE_BASE/etc/oraInst.loc
soe@gaia:~/ [ic12102] rm -rf $ORACLE_BASE/oraInventory
soe@gaia:~/ [ic12102] rm -rf $ORACLE_BASE/product/fmw12.2.1.3.0
soe@gaia:~/ [ic12102] rm -rf /tmp/download

Thats it. You not have your OUD software on your pi. Now lets create an OUD instance.

Setup OUD Directory Server

Depending on your need, you may create an OUD directory server or an OUD proxy server. The setup scripts can either be execute interactive via GUI or command line or as on command. On my Raspberry Pi I do setup a directory server with just one command.

Create a password file for the OUD instance oud_pi_pwd.txt

oracle@oud2go:/u00/app/oracle/ [oud_pi] echo "manager" >/u00/app/oracle/local/etc/oud_pi_pwd.txt

Create the OUD directory server for Base DN dc=postgasse,dc=org with a bunch of dummy entries using oud-setup.

oracle@oud2go:/u00/app/oracle/ [oud_pi] $ORACLE_HOME/oud/oud-setup \
--cli \
--instancePath /u00/app/oracle/instances/oud_pi/OUD \
--adminConnectorPort 4444 \
--rootUserDN cn=Directory\ Manager \
--rootUserPasswordFile /u00/app/oracle/local/etc/oud_pi_pwd.txt \
--ldapPort 1389 \
--baseDN dc=postgasse,dc=org \
--sampleData 20 \
--serverTuning jvm-default \
--offlineToolsTuning jvm-default \
--no-prompt \
--noPropertiesFile

Oracle Unified Directory 12.2.1.3.0
Please wait while the setup program initializes...

Creating instance directory /u00/app/oracle/instances/oud_pi/OUD ..... Done.
See /u00/app/oracle/instances/oud_pi/OUD/logs/oud-setup for a detailed log of
this operation.

Configuring Directory Server ......... Done.
Importing Automatically-Generated Data (20 Entries) ....................................... Done.
Starting Directory Server ........................................ Done.

To see basic server configuration status and configuration you can launch
/u00/app/oracle/instances/oud_pi/OUD/bin/status

That’s it, we now have an empty directory server with 20 sample records 🙂 Since the Raspberry Pi only has limited resources, I’ve just configure the LDAP port. For a simple test and engineering system LDAPS is not really required. Specially because we do not setup any EUS integration.

Conclusion

It works… but the directory server is far away from a high performance setup. Nevertheless it’s a nice and handy setup for simple engineering work and simple demos. Striving for a bit more performance? You may also setup OUD in a docker container. I’ll provide more information on this topic in a couple of day’s. If you can’t wait, take a look at my Docker OUD Repository on GitHub now (docker-oud or docker-oudsm).

Files and References

Below you find a few references related to Raspberry Pi, USB OTG or Oracle Unified Directory:

Software related to this project:

  • Raspbian Stretch Lite latest
  • Oracle JDK 8 Update 144 for ARM 32Bit VFP HardFP MOS Patch 26512975
  • Oracle Unified Directory 12.2.1.3.0 on Oracle Technology Network
  • Oracle Software Delivery Cloud OSDC
  • Oracle Unified Directory FMW 12.2.1.3.0 MOS Patch 26270957
  • OUD base environment installation script. It’s a bash script including a TAR.  oudbase_install.sh
  • OUD base environment as TAR archive without installation script.  oudbase_install.tgz

My Oracle Support Notes:

  • Oracle Unified Directory 12c PS3 Released [2300623.1]
  • All Java SE Downloads on MOS [1439822.1]
  • Information Center: Using Oracle Unified Directory (OUD) [1419823.2]

Articles in DOAG Red Stack Magazin

A while ago I wrote two articles for the DOAG Red Stack Magazin. In the meantime both articles have been published. For this reason I use the opportunity to make the PDF versions of the articles available on oradba.ch. The articles are written in German and available as Trivadis version as well Red Stack version. Although the articles versions differ only in the number of typos and layout.

None of the articles are currently available in english. On request I will write also articles about Oracle Unified Directory in English in the future. However, currently I still have a lot of ideas for blog posts about database security, enterprise user security and unified directory on my to-do list. And blog posts I usually write in english… 🙂

Start ODSM on boot using systemd

A couple of month ago I wrote blog on how to start Oracle Unified Directory (OUD) on system boot (see Start OUD Servers on Boot using systemd) using a unit file and systemd. Quite a simple and straightforward way to start OUD. Why not using the same approach for ODSM? This can be easily implemented, because my weblog infrastructure is only used for the ODSM domain.

Boot Properties File for ODSM

Normally the credentials must be specified when the weblogic server is started. To avoid this, a boot.properties file is defined. This file does contain the username and password of the weblogic admin. Excerpt from my weblogic startup log including the prompt for username and password.

...
<sep 7, 2017 6:01:09 AM CEST> <info> <weblogicserver> <bea -000377> <starting WebLogic Server with Java HotSpot(TM) 64-Bit Server VM Version 24.141-b31 from Oracle Corporation>
<sep 7, 2017 6:01:10 AM CEST> <info> <management> <bea -141107> <version: WebLogic Server 10.3.6.0.170418 PSU Patch for BUG25388747 WED MAR 21 18:34:42 IST 2017
WebLogic Server 10.3.6.0  Tue Nov 15 08:52:36 PST 2011 1441050 >
<sep 7, 2017 6:01:11 AM CEST> <info> <security> <bea -090065> <getting boot identity from user.>
Enter username to boot WebLogic server:weblogic
Enter password to boot WebLogic server:
<sep 7, 2017 6:01:39 AM CEST> <notice> <weblogicserver> <bea -000365> <server state changed to STARTING>
<sep 7, 2017 6:01:39 AM CEST> <info> <workmanager> <bea -002900> <initializing self-tuning thread pool>
...

ODSM just has an admin server. So let’s create the boot.properties file in the security folder of the admin server. Since this security directory may not already exist, we must create it beforehand. On my environment I’ve put the user projects outside of my middleware folder in /u00/app/oracle/user_projects. The working directory for the next couple of commands will be /u00/app/oracle/user_projects/domains/ODSM_domain.

cd /u00/app/oracle/user_projects/domains/ODSM_domain

ls servers/AdminServer
adr  cache  data  logs  sysman  tmp

mkdir -p servers/AdminServer/security
touch servers/AdminServer/security/boot.properties

Add values for username and password to the boot.properties file.

vi servers/AdminServer/security/boot.properties

username=weblogic
password=manager

The boot.properties file fortunately does not stay like this. so. During the first start of the weblogic server, the username and password is encrypted with AES.

cat servers/AdminServer/security/boot.properties
#Thu Sep 07 06:34:11 CEST 2017
password={AES}lCtDx2TYm8rHZt/n9CiwmCgbiPjE+noBdyI+1MmJ21o\=
username={AES}4ROGb6gIkFWhqQA6uoV2mTN7cZy/jdM/pUO4aDbB74k\=

Unit File for ODSM

After the weblogic server can now be started without password input, one only need the corresponding unit file to automatically start the ODSM domain during system boot. The unit file will be created as root in the folder /usr/lib/systemd/system. For my environment I do create the following unity file. Working directory, domain name, user name etc has to be adjusted accordingly for other environments. Add the following content to the new unit file.

sudo vi /usr/lib/systemd/system/wls_odsm.service

# -----------------------------------------------------------------------
#  Trivadis AG, Infrastructure Managed Services
#  Saegereistrasse 29, 8152 Glattbrugg, Switzerland
# -----------------------------------------------------------------------
#  File-Name........: wls_odsm.service
#  Author...........: Stefan Oehrli, stefan.oehrli at trivadis.com
#  Date.............: 07. Sept 2017
#  Revision.........: 1.0
#  Purpose..........: Unit file for ODSM domain
#  Usage............: systemctl enable wls_odsm.service
#  Notes............: --
# -----------------------------------------------------------------------
#  Revision history.:  
#  07.09.2017  soe     initial release
# -----------------------------------------------------------------------

[Unit]
Description=WLS ODSM Instance
Wants=network.target
After=network.target
 
[Service]
Type=simple
User=oracle
Group=osdba
WorkingDirectory=/u00/app/oracle/user_projects/domains/ODSM_domain
ExecStart=/u00/app/oracle/user_projects/domains/ODSM_domain/startWebLogic.sh
ExecStop=/u00/app/oracle/user_projects/domains/ODSM_domain/bin/stopWebLogic.sh
StandardOutput=syslog
 
[Install]
WantedBy=multi-user.target

As soon as we have the new unit file we have to enable the service. This also creates a softlink in /etc/systemd/system/multi-user.target.wants to the new unit file.

sudo systemctl enable wls_odsm.service
Created symlink from /etc/systemd/system/multi-user.target.wants/wls_odsm.service to /usr/lib/systemd/system/wls_odsm.service.

Start the admin server for the ODSM domain using systemctl.

sudo systemctl start wls_odsm.service

Stop the admin server for the ODSM domain using systemctl.

sudo systemctl stop wls_odsm.service

Display the status of the admin server for the ODSM domain.

sudo systemctl status wls_odsm.service
 wls_odsm.service - WLS ODSM Instance
   Loaded: loaded (/usr/lib/systemd/system/wls_odsm.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2017-09-07 06:55:25 CEST; 1min 32s ago
 Main PID: 10645 (startWebLogic.s)
   CGroup: /system.slice/wls_odsm.service
           ├─10645 /bin/sh /u00/app/oracle/user_projects/domains/ODSM_domain/startWebLogic.sh
           ├─10648 /bin/sh /u00/app/oracle/user_projects/domains/ODSM_domain/bin/startWebLogic.sh
           └─10695 /u00/app/oracle/product/jdk1.7.0_141/bin/java -server -Xms256m -Xmx512m -XX:MaxPermSize=512m -Dweblogic.Name=AdminServer -Djava.security.polic...

Sep 07 06:56:19 euterpe startWebLogic.sh[10645]: <sep 7, 2017 6:56:19 AM CEST> <notice> <server> <bea -002613> <channel "Default[4]" is now listening on ...p, http.>
Sep 07 06:56:19 euterpe startWebLogic.sh[10645]: <sep 7, 2017 6:56:19 AM CEST> <notice> <server> <bea -002613> <channel "Default" is now listening on fd1...p, http.>
Sep 07 06:56:19 euterpe startWebLogic.sh[10645]: <sep 7, 2017 6:56:19 AM CEST> <notice> <server> <bea -002613> <channel "Default[1]" is now listening on ...p, http.>
Sep 07 06:56:19 euterpe startWebLogic.sh[10645]: <sep 7, 2017 6:56:19 AM CEST> <notice> <server> <bea -002613> <channel "Default[5]" is now listening on ...p, http.>
Sep 07 06:56:19 euterpe startWebLogic.sh[10645]: <sep 7, 2017 6:56:19 AM CEST> <notice> <server> <bea -002613> <channel "Default[6]" is now listening on ...p, http.>
Sep 07 06:56:19 euterpe startWebLogic.sh[10645]: <sep 7, 2017 6:56:19 AM CEST> <notice> <server> <bea -002613> <channel "Default[7]" is now listening on ...p, http.>
Sep 07 06:56:19 euterpe startWebLogic.sh[10645]: <sep 7, 2017 6:56:19 AM CEST> <notice> <weblogicserver> <bea -000329> <started WebLogic Admin Server "Ad...ion Mode>
Sep 07 06:56:19 euterpe startWebLogic.sh[10645]: <sep 7, 2017 6:56:19 AM CEST> <warning> <server> <bea -002611> <hostname "
localhost", maps to multiple I...:0:0:0:1>
Sep 07 06:56:19 euterpe startWebLogic.sh[10645]: <sep 7, 2017 6:56:19 AM CEST> <notice> <weblogicserver> <bea -000365> <server state changed to RUNNING>
Sep 07 06:56:19 euterpe startWebLogic.sh[10645]: <sep 7, 2017 6:56:19 AM CEST> <notice> <weblogicserver> <bea -000360> <server started in RUNNING mode>
Hint: Some lines were ellipsized, use -l to show in full.

All in all, a simple and easy way to start the ODSM automatically at system boot.

Reference

Some references and links to MOS Notes:

Oracle Unified Directory 12 Released

Finally end of working day. But while reading some newsletter and mails on my way home, I realised that there will be some work at home. After a long wait, Oracle has finally released Oracle Unified Directory 12c 🙂

A overview of the new features:

  • Improved performance and scalability
  • Support for TNS aliases for Oracle Unified Directory deployments with Oracle Enterprise User Security (EUS) configured
  • Support for TLS 1.2 Protocols and Cipher Suites
  • Password-Based Key Derivation Function 2 Password Storage Schemes
  • ODSM Rebranding
  • Support for new log publishers that are configurable via OUDSM
  • Support for the Upgrade OUD Instance script
  • Support for WebLogic Scripting Tool provisioning commands
  • Support for new log publishers that are configurable via OUDSM
  • Support for Oracle Fusion Middleware configuration tools
  • Support for Oracle WebLogic Server 12.2.1.3
  • Support for Oracle JDK 1.8

See Fusion Middleware Release Notes What’s New in Oracle Identity Management 12c (12.2.1.3.0) for a full list of new features.

Links related to Oracle Unified Directory 12c:

Stay tuned, I’ll definitely write more blog posts on Oracle Unified Directory 12 soon.

Start OUD Servers on Boot using systemd

Starting Oracle Unified Directory on system boot is essential for production environment. Unfortunately OUD just provides a script to create the init.d script. But newer system in general use systemd initialise and startup. Nevertheless, creating a custom unit file for OUD is simple and straightforward. First, let’s create a regular init.d script with the create-rc-script from oud. The created custom script can be used as template for the systemd unit file.

create-rc-script does allow a couple of parameter to specify the script name, OS user for OUD and the JAVA_HOME. The following example of create-rc-script does show how to create a regular start script for OUD instance oud_ad_proxy.

export OUD_HOME=/u00/app/oracle/instances/oud_ad_proxy
export JAVA_HOME=/u00/app/oracle/product/jdk1.7.0_141

cd $OUD_HOME/OUD/bin
create-rc-script -f oud_ad_proxy.sh -u oracle -j $JAVA_HOME

This does create the following bornshell script for init.d.

#!/bin/sh
#
# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
#
#
# chkconfig: 345 90 30
# description: Oracle Unified Directory startup script
#


# Set the path to the Oracle Unified Directory instance to manage
INSTALL_ROOT="/u00/app/oracle/instances/oud_ad_proxy/OUD"
export INSTALL_ROOT

# Specify the path to the Java installation to use
OPENDS_JAVA_HOME="/u00/app/oracle/product/jdk1.7.0_141"
export OPENDS_JAVA_HOME

# Determine what action should be performed on the server
case "${1}" in
start)
  /bin/su - oracle -- "${INSTALL_ROOT}/bin/start-ds" --quiet
  exit ${?}
  ;;
stop)
  /bin/su - oracle -- "${INSTALL_ROOT}/bin/stop-ds" --quiet
  exit ${?}
  ;;
restart)
  /bin/su - oracle -- "${INSTALL_ROOT}/bin/stop-ds" --restart --quiet
  exit ${?}
  ;;
*)
  echo "Usage:  $0 { start | stop | restart }"
  exit 1
  ;;
esac

The same start / stop commands can now be used in the unit file. So let’s create a new custom unit file in /etc/systemd/system. The unit file is named according the old instance.

sudo vi /etc/systemd/system/oud_ad_proxy.service

Add the following content to the new unit file.

[Unit]
Description=OUD AD Proxy Instance oud_ad_proxy
Wants=network.target
After=network.target

[Service]
Type=forking
User=oracle
Group=osdba
Environment=OPENDS_JAVA_HOME="/u00/app/oracle/product/jdk1.7.0_141"
ExecStart=/u00/app/oracle/instances/oud_ad_proxy/OUD/bin/start-ds --quiet
ExecStop=/u00/app/oracle/instances/oud_ad_proxy/OUD/bin/stop-ds --quiet
ExecReload=/u00/app/oracle/instances/oud_ad_proxy/OUD/bin/stop-ds --restart --quiet
StandardOutput=syslog

[Install]
WantedBy=multi-user.target

As soon as we have the new unit file we have to enable the service.

sudo systemctl enable oud_ad_proxy.service

Start the OUD instance using systemctl.

sudo systemctl start oud_ad_proxy.service

Stop the OUD instance using systemctl.

sudo systemctl stop oud_ad_proxy.service

Display the status of the OUD service.

sudo systemctl status oud_ad_proxy.service

 oud_ad_proxy.service - OUD AD Proxy Instance oud_ad_proxy
   Loaded: loaded (/etc/systemd/system/oud_ad_proxy.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2017-05-16 22:41:09 CEST; 28s ago
  Process: 18300 ExecStop=/u00/app/oracle/instances/oud_ad_proxy/OUD/bin/stop-ds --quiet (code=exited, status=0/SUCCESS)
  Process: 18397 ExecStart=/u00/app/oracle/instances/oud_ad_proxy/OUD/bin/start-ds --quiet (code=exited, status=0/SUCCESS)
 Main PID: 18477 (java)
   CGroup: /system.slice/oud_ad_proxy.service
           └─18477 /u00/app/oracle/product/jdk1.7.0_141/jre/bin/java -server -Dorg.opends.server.scriptName=start-ds org.opends.server.core.DirectoryServer --configClass org.opends.server.extensions.ConfigFileHandler -...

May 16 22:41:01 euterpe systemd[1]: Starting OUD AD Proxy Instance oud_ad_proxy...
May 16 22:41:09 euterpe systemd[1]: Started OUD AD Proxy Instance oud_ad_proxy.

Some references and links to MOS Notes:

Environment Scripts for OUD

At Trivadis we do have the TVD-BasEnv™ to standardizes and simplifies the handling of environments for Oracle database and application server landscapes. This inspired me to create something similar for Oracle Unified Directory environments. Although current versions of TVD-BasEnv™ already support OUD and OID environment. I’ve had the situation, where I need some small and slimmed down environment scripts for dedicated OUD test servers. TVD-BasEnv™ is rather complex and brings a lot of nice features for Oracle Database environments with ASM, RAC, DataGuard and more stuff which is in general not required on a simple OUD server.

My OUD Base is basically just the oudenv.sh script, some configuration files and a bunch of aliases. The directory structure for the OUD binaries, scripts and configuration files is similar to what we use in TVD-BasEnv™ and based on OFA. It is written in bash and tested on my Oracle Linux VM’s and Raspberry Pi’s with Raspbian Jessy. It should also run on any other bash environment. Um, well OUD and Raspberry Pi? Yes I’ll explain this soon in an other blog post.

Setup the Environment

In general I do use a dedicated OS user for my Oracle installations. To keep it simple and clear I name it oracle. The following commands are run on my Raspberry Pi and therefore as OS user pi. Please adjust it accordingly. Create the user and the corresponding OS groups as pi user with sudo.

pi@oud2go:~ $ sudo adduser oracle
Adding user oracle ...
Adding new group oracle (1001) ...
Adding new user oracle (1001) with group oracle ...
Creating home directory /home/oracle ...
Copying files from /etc/skel ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for oracle
Enter the new value, or press ENTER for the default
    Full Name []: oracle
    Room Number []:
    Work Phone []:
    Home Phone []:
    Other []:
Is the information correct? [Y/n] y
pi@oud2go:~ $ sudo addgroup oinstall
Adding group oinstall (GID 1002) ...
Done.
pi@oud2go:~ $ sudo addgroup osdba
Adding group osdba (GID 1003) ...
Done.
pi@oud2go:~ $ sudo adduser oracle oinstall
Adding user oracle to group oinstall ...
Adding user oracle to group oinstall
Done.
pi@oud2go:~ $ sudo adduser oracle osdba
Adding user oracle to group osdba ...
Adding user oracle to group osdba
Done.

Create an ORACLE_BASE directory which is used for OUD and provide access to OS user oracle.

pi@pi2go:~ $ sudo mkdir -p /u00/app/oracle
pi@pi2go:~ $ sudo chown -R oracle:oinstall /u00/app/oracle

My OUD Base is available as Bash Install script with an embedded TAR ( oudbase_install.sh) or as plain TAR file ( oudbase_install.tgz). If you use the TAR file a few manuell configuration steps are required.

Install using oudbase_install.sh

This installation is straightforward as you can see in the usage.

2016-10-15_11:41:58  START: Start of oudbase_install.sh (Version 0.1) with
2016-10-15_11:41:58  INFO : Usage, oudbase_install.sh [-hv] [-b <oracle_base>]
2016-10-15_11:41:58  INFO :   [-i <oracle_instance_base>] [-m <oracle_home_base>] [-B <oud_backup_base>]
2016-10-15_11:41:58  INFO :
2016-10-15_11:41:58  INFO :   -h                          Usage (this message)
2016-10-15_11:41:58  INFO :   -v                          enable verbose mode
2016-10-15_11:41:58  INFO :   -b <oracle_base>            ORACLE_BASE Directory. Mandatory argument.
2016-10-15_11:41:58  INFO :   -i <oracle_instance_base>   Base directory for OUD instances (default $ORACLE_BASE/instances)
2016-10-15_11:41:58  INFO :   -m <oracle_home_base>       Base directory for OUD binaries (default $ORACLE_BASE/middleware)
2016-10-15_11:41:58  INFO :   -B <oud_backup_base>        Base directory for OUD backups (default $ORACLE_BASE/backup)
2016-10-15_11:41:58  INFO :
2016-10-15_11:41:58  INFO : Logfile : /u00/app/oracle/local/log/oudbase_install.log
2016-10-15_11:41:58  ERR  : Exit Code 1. Wrong amount of arguments. See usage for correct one.

We will just provide the ORACLE_BASE and use the default values for all other settings.

oracle@pi2go:~ $ ./oudbase_install.sh -v -b /u00/app/oracle
2016-10-15_11:44:03  START: Start of oudbase_install.sh (Version 0.1) with -v -b /u00/app/oracle
2016-10-15_11:44:03  INFO : processing commandline parameter
2016-10-15_11:44:03  Installing OUD Environment
2016-10-15_11:44:03  Create required directories in ORACLE_BASE=/u00/app/oracle
2016-10-15_11:44:03  Create Directory /u00/app/oracle/etc
2016-10-15_11:44:03  Create Directory /u00/app/oracle/local
2016-10-15_11:44:03  Create Directory /u00/app/oracle/backup
2016-10-15_11:44:03  Create Directory /u00/app/oracle/middleware
2016-10-15_11:44:03  Create Directory /u00/app/oracle/instances
2016-10-15_11:44:03  Extracting file into /u00/app/oracle/local
bin/
bin/oud_export.sh
bin/oud_backup.sh
bin/oudenv.sh
bin/oudbase_install.sh
bin/oud_status.sh
config/
certificates/
doc/
etc/
etc/oudtab
etc/oudenv.conf
etc/oud._DEFAULT_.conf
lib/
log/
log/oud_status.log
log/oud_export.log
log/oud_backup.log
log/oudbase_install.log
templates/
templates/cron.d/
templates/cron.d/oud
templates/.bash_profile
templates/ldif/
templates/ldif/oud_pi_init.ldif
templates/logrotate.d/
templates/logrotate.d/oud
2016-10-15_11:44:03  Please manual adjust your .profile to load / source your OUD Environment
2016-10-15_11:44:03  END  : of oudbase_install.sh

You have to change your bash profile to make sure that the environment is loaded. Just add the following lines.

oracle@pi2go:~ $ vi .profile
# Check OUD_BASE and load if necessary
if [ "${OUD_BASE}" = "" ]
  then
    if [ -f "${HOME}/.OUD_BASE" ]
      then
        . "${HOME}/.OUD_BASE"
      else
        echo "ERROR: Could not load ${HOME}/.OUD_BASE"
    fi
fi

# define an oudenv alias
alias oud='. ${OUD_BASE}/bin/oudenv.sh'

# source oud environment
. ${OUD_BASE}/bin/oudenv.sh

During the next logon you have the OUD Base available

Manual installation using oudbase_install.tgz

Ok, it is not really more complex just un-tar the file in a directory. Normally it is $ORACLE_BASE/local. Other directory probably have to be specified in the config file.

oracle@pi2go:~ $ cd /u00/app/oracle/
oracle@pi2go:~ $ mkdir local
oracle@pi2go:~ $ cd local
oracle@pi2go:~ $ tar zxvf oudbase_install.tgz

You also have to change your bash profile as mentioned above.

Examples

A few example how to use OUD Base to simplify OUD management.

Change environment to OUD instance oud_pi.

oracle@pi2go:~/ [oud_pi] oud_pi
Source environment for OUD Instance oud_pi
--------------------------------------------------------------
 Instance Name   : oud_pi
 Instance Home   : /u00/app/oracle/instances/oud_pi
 Oracle Home     : /u00/app/oracle/middleware/oud_11.1.2.3
 Instance Status : up
 LDAP Port       : 1389
 LDAPS Port      : 1636
 Admin Port      : 4444
 Replication Port: 8989
--------------------------------------------------------------

List available / running OUD instances using oudup or via alias u.

oracle@pi2go:~/ [oud_pi] oudup
TYPE INSTANCE   STATUS PORT HOME
---- ---------- ------ ---- ----------------------------------
OUD  oud_pi     up     4444 /u00/app/oracle/instances/oud_pi

Configuration and Architecture

Config Files

The OUD Base does have the following configuration files.

File Description
.OUD_BASE This is a simple file in the user home directory. It includes the pointer to the OUD Base directory. This file is used to initiate $OUD_BASE.
oudtab oudtab is a simple file which includes all OUD instance and there ports eg. default LDAP port, admin port, SSL port and replication port.
oudenv.conf This is the main configuration file for environment variables and aliases. It is loaded when an environment is set or changed. Location of oudenv.conf is $ETC_BASE.
oud._DEFAULT_.conf This configuration file for custom environment variables. Location of oud._DEFAULT_.conf is $ETC_BASE.
oud._INSTANCE_.conf This configuration file for custom environment variables for a dedicated OUD instance eg. oud_pi Location of oud._oud_pi_.conf is $ETC_BASE.

Directories and its variables

The following directory, environment variables and aliases are defined and used in OUD Base. Most of them are inspired by OFA (Oracle Flexible Architecture) and TVD-BasEnv™.

ENV Variable Alias Path Description
$ORACLE_BASE, $cdob cdob /u00/app/oracle Base directory for the oracle binaries
$OUD_BASE, $cdl cdl $ORACLE_BASE/local OUD Base directory with the scripts, config etc
cdl.bin $ORACLE_BASE/bin Scripts directory in OUD_BASE
$ETC_BASE, $etc etc, cdl.etc $ORACLE_BASE/etc OUD Base configuration directory
$LOG_BASE, $log log, cdl.log $ORACLE_BASE/log OUD Base log directory
$ORACLE_BASE/doc OUD Base documentation directory
$ORACLE_BASE/config Local directory for configuration files, LDIF etc to build an OUD instance
$ORACLE_BASE/certificates Local directory for certificates
$ORACLE_HOME, $cdh cdh $ORACLE_BASE/middleware/oud_11.1.2.3 Oracle Unified Directory binaries eg. 11.1.2.3
$JAVA_HOME /usr/lib/jvm/jre-1.7.0-oracle-1.7.0.101-1jpp.1.el7.x86_64 Java used for OUD
$OUD_INSTANCE_BASE, $cdib cdib $ORACLE_BASE/instances Base directory for the instance homes
oud_pi Alias to set environment for OUD instance oud_pi
$OUD_INSTANCE_HOME, $cdih cdih $ORACLE_BASE/instances/oud_pi OUD Instance Home directory for Instance oud_pi
$cdic cdic $OUD_INSTANCE_HOME/OUD/config Config directory for OUD instance oud_pi
$cdil cdil $OUD_INSTANCE_HOME/OUD/logs Log directory for OUD instance oud_pi

Variables

Variable besides the ones mentioned above.

Variable Description
$OUD_INSTANCE Name of the current OUD instance
$OUD_INST_LIST List of OUD instances taken from $OUDTAB
$PWD_FILE Password file for the OUD instance eg. ${ETC_BASE}/$OUD_INSTANCE_pwd.txt or ${ETC_BASE}/pwd.txt
$PORT OUD instance port taken from oudtab file
$PORT_ADMIN OUD instance admin port taken from oudtab file
$PORT_REP OUD instance replication port taken from oudtab file
$PORT_SSL OUD instance SSL port taken from oudtab file
$OUDTAB oudtab config file eg. ${ETC_BASE}/oudtab

Aliases

Alias Description
dsc dsconfig including hostname, $PORT_ADMIN and $PWD_FILE
dsrs dsreplication status
oud_pi OUD Base does generate an alias for each OUD instance based on its name. This allows to easily change the environment from one to an other OUD instance.
oud INSTANCE Use oud INSTANCE name to change the environment to a particular OUD instance
taa tea will do a tail -f on the OUD instance access log
tae tea will do a tail -f on the OUD instance error log
tas tea will do a tail -f on the OUD instance server.out log
tarep tea will do a tail -f on the OUD instance replication log
task task does run a manage-tasks with hostname, port etc parameter
u u runs oudup to display the current OUD Instances
vio vio opens the oudtab file eg. ${ETC_BASE}/oudtab

Conclusion

Although there is the possibility to use property files for OUD I’m still happy, that I have a bunch of aliases to set or change a few directories. Eg. jump to the log directory, view config files etc. Feel free to use the OUD Base as it is on your OUD environments at your own risk. It simplifies a few settings in particular if you have multiple OUD instance on one system. You may change, modify the scripts as you like. I can not guarantee, that the scripts do not have any errors or bugs. Please test before you start using them on a production environment.

Files and References

Below you find a few references related to Raspberry Pi, USB OTG or Oracle Unified Directory: