Archive for the ‘App Server/Web Server’ Category

Tips & Tricks: Monitoring your Apache Web Server

Friday, July 22nd, 2011

**NOTE: As with all Tips and Tricks we provide on the IDMWorks blog, use the following AT YOUR OWN RISK.  We do not guarantee this will work in your environment and make no warranties***

Monitoring Apache Web Servers

Why?

Monitoring the status of an Apache Web Server that is hosting your web based application is very useful in the following situations:
•   To determine if your Web Server is accepting requests
•   The number of connected clients, status of client workers, and requests per second
•   Web Server up time and CPU load

How?

To monitor the Apache server during operation a simple modification can be used (and afterwards a browser can be connected to the status page on the Apache server to quickly access the results).

Steps:
Modify the httpd.conf file adding the following lines (change foo.com to the domain name where you will connect your browser to check for status):

<Location /server-status>

SetHandler server-status
Order Deny,Allow
Deny from all
Allow from .foo.com

</Location>

Access your web browser at http://{apache.server.name}/server-status?refresh=60.

This will provide a list of:

•   The number of worker serving requests
•   The number of idle worker
•   The status of each worker, the number of requests that worker has performed and the total number of bytes served by the worker (*)
•   A total number of accesses and byte count served (*)
•   The time the server was started/restarted and the time it has been running for
•   Averages giving the number of requests per second, the number of bytes served per second and the average number of bytes per request (*)
•   The current percentage CPU used by each worker and in total by Apache (*)
•   The current hosts and requests being processed (*)

(more…)

Tags: , , , , , ,
Posted in Apache Tomcat, App Server/Web Server, Tips & Tricks | No Comments »

Taking Control of Your Oracle Identity Manager Scheduler

Tuesday, June 14th, 2011

**NOTE: As with all Tips and Tricks we provide on the IDMWorks blog, use the following AT YOUR OWN RISK.  We do not guarantee this will work in your environment and make no warranties***

According to Oracle’s sizing guide for Oracle Identity Manager (OIM) 10g in a large deployment you should break up your clustered servers by task.   For example, if you have four nodes in your cluster, you may use two to handle user requests, two to handle provisioning processes and scheduled tasks.   This allows you to dedicate servers to the tasks you want them handling.  This combined with load balancing, either through Weblogic, or through an appliance, provide a high level of stability and availability.   However, one thing I noticed when reading through Oracle’s documentation is nowhere does it mention how to do it.

So how do you do it?

The scheduler service on each server can be enabled or disabled by the xlconfig.xml file that contains the settings for OIM.    This will set the scheduler service to either start or not when OIM starts on that node. The file is typically found in the OIM_HOME\xellerate\config folder and can be modified with any text editor.

Always note that it is a very bad idea to change settings in the xlconfig file if you don’t know what they doso proceed with caution.

Use the following instructions to disable the Scheduler service for any nodes you do not wish to have it running.

Step1: Open the xlconfig.xml file with the editor of your choice

I like to use textpad or notepad++.

Step2: Find the line below:

<StartOnDeployment>true</StartOnDeployment>

Step3 Edit the line so it looks as follows:

<StartOnDeployment>false</StartOnDeployment>

Step4 Save your file

Step5 Restart OIM

That’s it.  It’s also good to note that in that same area of the xlconfig file (just above the line you modified) you will find a commented section explaining the Scheduler properties and what can be modified.  This includes:

XLUserName
XLPasswordUsed to login into xellerate when executing the scheduled tasks.
StartOnDeployment - Set this to true to start scheduler along with application startup.
ThreadPoolSize - Number of threads that can run scheduled jobs simulteniously.
DataBasePoolSizeNumber of database connection scheduler can open.
JNDIName  – The name underwhich the scheduler will be bound into JNDI tree
DatabaseDeligate – Quartz Scheduler Database delegate class

By modifying these settings you can better tailor your environment to suite your needs in production or to troubleshoot your environment where tasks are jumping from node to node, making it difficult to track them in the log.

Questions, comments or concerns?  Feel free to reach out to us at IDMWorks.

Tags: , , , , , , , , , , ,
Posted in Identity Management, Identity Provisioning, Oracle Identity Manager, Security & Risk, Tips & Tricks, WebLogic | 1 Comment »

Uninstalling Oracle Fusion Middleware Products

Friday, March 25th, 2011

***NOTE: As with all Tips and Tricks we provide on the IDMWorks blog, use the following AT YOUR OWN RISK.  We do not guarantee this will work in your environment and make no warranties***

Recently I’ve had to uninstall Oracle Internet Directory and Oracle Virtual Directory version 11.1.1.2.0 on a Windows server. The uninstallation instructions provided in the Oracle Fusion Middleware Installation Guide are a good start, but some additional steps are required on the WebLogic side.

Here are the steps needed to uninstall OID and OVD 11g:

1. In a command prompt go to $ORACLE_HOME\oui\bin (i.e. C:\Oracle\Middleware\Oracle_IDM1)
2. Enter setup.exe –deinstall
3. After the Welcome screen you will get three options presented to you:
a. De-install Oracle Home
b. De-install ASInstances managed by WebLogic Domain
c. De-install Unmanaged ASInstances

Assuming you did a standard install of OID and OVD then you are going to have an ASInstance managed by WebLogic.

From this menu you want to select “option b” (De-Install ASInstances managed by WebLogic Domain).

Note: Make sure you de-install the ASInstance first before you uninstall Oracle Home. If you uninstall Oracle Home first, then the uninstaller will be gone and the ASInstance will still be remaining.

4. On the next screen you will need to enter the following information:

a. Domain Host Name:
b. Domain Port No: (i.e. 7001)
c. User name: (i.e. weblogic)
d. Password: <password for weblogic admin user)

Note: Make sure the WebLogic admin server is running.

5. On the next screen you must specify the Managed Instance Directory (i.e. C:\ Oracle\Middleware\asinst_1).

6. After the uninstall of the Managed instance is completed you will need to run the setup.exe –deinstall command again.

7. This time you want to select Deinstall Oracle Home.

8. Specify the Oracle Home Directory on the next screen (i.e. C:\Oracle\Middleware\Oracle_IDM1).

After the uninstall process is complete you are 3/4ths of the way done with completely uninstalling OID and OVD. The uninstall process leaves behind the IDMDomain (or whatever Domain name you provided during installation) that was created in WebLogic. If you try to re-install OID, OVD or any other Fusion Middleware IDM component you’ll have to specify another Domain name unless you take these additional steps:

1. Go to the IDMDomain folder in windows explorer (i.e. C:\Oracle\Middleware\user_projects\domains).
2. Delete the IDMDomain folder and all its contents.
3. After the domain is deleted you will need to update the NodeManager domain configuration. Navigate to the folder containing the nodemanager.domains file (i.e. C:\Oracle\Middleware\wlserver_10.3\common\nodemanager)

Note: Before modifying any files, it’s always best practice to make a copy of it first.

4. Open the file and remove the IDMDomain line. (i.e. IDMDomain=C\:\\Oracle\\Middleware\\user_projects\\domains\\IDMDomain)

5. Navigate to the folder containing the domain-registry.xml file (i.e. C:\Oracle\Middleware)

6. Open the file and remove the IDMDomain line.

7. Go to Start->All Programs->Oracle WebLogic->User Projects and delete the IDMDomain folder and its contents.

Note: Remember to also use the RCU to drop the OID database tables

Now you should have a clean WebLogic instance if you want to re-install OID or OVD.

Questions? Sound off below or ask us here at IDMWorks.

Tags: , , , , , , ,
Posted in Identity Management, Oracle Fusion Middleware, Oracle Identity Manager, Oracle Internet Directory, Oracle Virtual Directory, Tips & Tricks, WebLogic | No Comments »

Oracle Identity Manager (OIM) 11g install for Beginners (in the Cloud baby)!

Friday, March 4th, 2011

***NOTE: As with all Tips and Tricks we provide on the IDMWorks blog, use the following AT YOUR OWN RISK.  We do not guarantee this will work in your environment and make no warranties***

This is  a supplement to the post Setting up Oracle Identity and Access Management Suite (11g) in the Cloud: A few things that work & don’t work detailing  a basic install and the little errors that prevented it from running that were encountered when someone new to Oracle Identity Manager (11g) installed it in a Cloud environment.

To install OIM you have to go through several steps before you even start installing it.  Now I’m sure that most folks reading this have pre-existing environments that allow you to skip many of the following steps but let’s assume you are doing this from a brand spankin’ new MS Windows server.

Basically, you want to do the install first, and then the configuration.

1) You need to have the Java Development Kit (JDK) installed. Now you might think that just having it installed is good enough however the default installation path will put it in the ‘Program Files‘ folder.  Most MS Windows systems don’t have any particular preference however, your IDM install doesn’t like spaces in the file paths So be sure you have it installed in  a folder without spaces.

2) Be certain you are utilizing a static IP address. If you don’t, I would suggest reviewing the suggested fixes in the Setting up Oracle Identity and Access Management Suite (11g) in the Cloud: A few things that work & don’t work post.  Otherwise you will likely get a fair amount of errors when everything is up and running. The entire suite depends on having a static DNS name and IP address. When it doesn’t things fail without warning.

3) Now you should install the database. A few things to note here:

  • The database is where everything points to. Fortunately it’s not particularly hard to set up the software. Unfortunately the database itself has a few requirements. The  Setting up Oracle … in the Cloud post again covers the tricks needed to get this working properly but one thing I would add is that the default for the desktop install on the database has the wrong language code set. Don’t use it but do use “server” instead.

4) Once you have the database installed you have to run RCU.  Unfortunately RCU is a 32 bit program that is very picky about 64 bit operating systems. When installed in conjunction with a 64 bit database and then attempting to link the 32 bit RCU it would work until it attempted to add the OIM tables in.  Then it broke. The only fix I found was to use a 32 bit database. The RCU is just putting tables for the systems you are installing next to run off of, so we can assume it’s fully possible to drop the tables in manually, but I wouldn’t want to do it.

5) Assuming you finished the last few steps you can go onto the actual install of the programs. WebLogic first. If you are using the generic JAR installer, which you probably should be, you have to use your Java install to unpack it.  Now there is something you should take note of when you install WebLogic. There is a screen where it’s looking for Java packages. The generic JAR doesn’t have these with it. Again it is very picky about what folder it has selected to do the Java install with. It’s not so picky about whether or not the folder is occupied. Make sure it’s pointing to the right place. If all else fails, copy the Java bin to the area the installer wants. If you don’t things will install fine but never run (note: be sure to have the correct version installed as the systems are very specific about what they are compatible with).

6) Alrighty then, WebLogic is installed. Web/logic is the heart of everything else OIM related. With OIM installed you also need SOA. You have to install the .2 version and then upgrade to the .3 version. Typically this is a pretty straight forward install.

7) NOW we can install OIM. The OIM install itself is pretty easy again but it is the next few steps that can mess you up. Make sure you don’t start up the Configuration Manager quite yet.

8 ) Now we configure Weblogic. You are looking for a file called config.sh in a folder called common. It’s in the directory you installed all the stuff you have already installed. Now when you bring it up, you want to select the programs you want Weblogic to support. Then you have to connect to the database you have running still.  If you can’t connect make sure your password is right. If you still can’t connect then your database isn’t liking something.

9 ) Since you have WebLogic configured you now have to configure OIM.  It’s pretty straightforward. You point it at the WebLogic address that you setup and the program will register yourself. One thing you should look out for is the line OIM HTTP URL. This line should have your WebLogic connection address with a different port. In my silliness installing this once I had it as the same port, it allowed WebLogic to run, and OIM started up just fine, but after a moment OIM alone would stop, as well as the soa-infra server.

10) Start everything up!

Questions? Feel free to reach out to us at IDMWorks.

Tags: , , , , , ,
Posted in Cloud Computing, Identity Management, Oracle Identity Manager, Tips & Tricks, WebLogic | No Comments »

Setting up Oracle Identity and Access Management Suite (11g) in the Cloud: A few things that work & don’t work

Wednesday, March 2nd, 2011

***NOTE: As with all Tips and Tricks we provide on the IDMWorks blog, use the following AT YOUR OWN RISK.  We do not guarantee this will work in your environment and make no warranties***

The Oracle IAM 11g suite consists of several different products,  Identity Federation, Identity Manager, Internet Directory, and Access Manager, to name a few.  All of the products, rather most of the products, have the same basic requirements…database, RCU, WebLogic, and IDM  that must be installed.   Because of the nature of the Amazon EC2 Cloud there are a few things to keep in mind when building these components in the Cloud and a few things to do before starting your applications.  Please note this is all MS Windows centric.

Install order…

You can install the database or WebLogic first, it really doesn’t matter, but I typically will use the following order as it provides a good restore point:

FIRST:

  1. Database (software) install
  2. WebLogic 10.3.4 install
  3. IDM (software only install)

Back EVERYTHING Up

THEN:

  1. Install the listener
  2. Create database
  3. Run RCU
  4. Install SOA (only if needed)
  5. Configure IDM

When Installing the Database:

  1. A few things to do when installing the database (Cloud or not) is to set some environment variables in Windows, (this isn’t necessarily required with 11g as with older installs but can still be a time saver).   Regarding the Cloud, setting the ORACLE_HOSTNAME=”permanent name of machine”, is very helpful as both the listener and the dbconsole have real trouble starting after a reboot with changing names.  This will allow the database as a service in Windows successfully thus making it easier to remember what to type into the IDM RCU setup and IDM configuration setup.
  2. When creating the database set open cursors to 500, session cached cursors to 100, and processes to 500.  This can be done in the DBCA when creating the database by pressing the “All Initialization Parameters” button on the Configure Options screen (where you configure both the memory and character set.)

When Installing WebLogic:

Make sure you use the generic jar file with any 64 bit install.

  1. Install Java if needed and from a command prompt go to the directory where the jar file is located and type: ” java –jar wls1034_generic.jar” (or whatever the name of the jar is).

When Installing the Oracle IAM Suite:

Once the suite is configured for your application and the WebLogic domain created there are a few things that can be done to make life a little easier:

  1. You can edit the config.xml (located at Oraclehome\user_projects\domains\IDMDomain\config) file to point to the correct host name by changing all instances from ip-xxxxxxxx.ec2.internal to the hostname.cloud.<organization>.net to insure the admin console starts correctly.
  2. For those who use the Fusion Enterprise Console, it may have trouble starting due to a class path issue, however to correct the error open the setdomainenv.cmd and search for the following line

set POST_CLASSPATH=(Oracle_home)\wlserver_10.3\server\lib\weblogic.jar:;%POST_CLASSPATH%

Just after that line, add the following

set POST_CLASSPATH=(Oracle_home)\Oracle_IDM1\oui\jlib\lib\http_client.jar:;%POST_CLASSPATH%

3.  Save and Close the file

4.  Restart WebLogic for it to take effect.

Last but not least:

  1. Add the  host name ” ip-xxxxxxxxxxx.internal” from when the applications were configured to your Hosts file located at c:\windows\system32\drivers\etc pointing to 127.0.0.1 (the IP loop-back address in Windows).   This should help solve everything else not already solved.  This way, whenever you boot, any app that asks for the old name will be able to route to the server directly.  This might not be the cleanest solution but it’ll work.
  2. In fact, make sure all listening addresses in WebLogic are set to blank and the nodemanager set to localhost (if you set it to blank, it automatically sets to localhost) and launch your managed weblogic sessions with the loopback address ( to be sure it launches successfully).

The combination of these tricks should resolve most, if not all, issues in getting IDM environments up and running in the cloud.

PS: In order to start your environment:

To start WebLogic: oracle_home\user_projects\domains\IDMDomain\starweblogic.cmd

To start your Application: oracle_home\user_projects\domains\IDMDomain\bin\startmanagedweblogic Appservername http://serverhostname:7001

Questions? Feel free to reach out to us at IDMWorks.

Tags: , , , , , ,
Posted in Best Practices, Cloud Computing, Identity Management, Oracle Access Manager, Oracle Identity Manager, Tips & Tricks, WebLogic | 3 Comments »

Procedure to backup & restore Websphere configurations

Thursday, February 24th, 2011

***NOTE: As with all Tips and Tricks we provide on the IDMWorks blog, use the following AT YOUR OWN RISK.  We do not guarantee this will work in your environment and make no warranties***

So let us review backing up and restoring Websphere configurations.

PLEASE READ THIS FIRST: Always backup all existing configuration directories, using the backupConfig utility supplied with WebSphere, before performing any of the procedures described in this blog.

If the configuration changes applied by following one of these procedures results in the system no longer working, you can use the restoreConfig utility to return the configuration to its state prior to making the changes.

Backing up Websphere configurations:

  1. /bin/backupConfig (.bat/.sh) -username -password
  2. Backup setupCmdLine.bat on Windows systems or setupCmdLine.sh on UNIX systems from /bin or /bin (as the backupConfig utility does not backup this file).

Questions? Feel free to reach out to us at IDMWorks.

Tags: , , ,
Posted in Tips & Tricks, Websphere | No Comments »