Highlighted
Respected Contributor.
Respected Contributor.
904 views

Fresh installation IDM 4.8 with Oracle

Hi all
In a new installation with IDM 4.8

  • Metadirectory Server
    • SO: SLES 12 SP 4 (with out GUI)
    • edir: 9.2 (40201.14)
    • iManager (3.2.0)
    • IDM 4.8
  • IdApps server
    • SO: SLES 12 SP 4 (with out GUI)
    • IDM 4.8
  • Oracle Server (docker)
    • Oracle Database 18c Express Edition Release 18.0.0.0.0 - Production - Version 18.4.0.0.

In Oracle Database, create 2 PDBs: "idmuserappdb" and "igaworkflowdb"; in booth PDBs, create user "idmadmin"

When configure (configure.sh) idapps, obtains the error

"Connection to database failed. Check whether database is running or parameters provided is valid. Run upgrade after correcting problem"

Where I could increase the log (/var/opt/netiq/idm/log/idmconfigure.log), to see the connection you are trying to make, since from a DBeaver, I connect correctly to each of the databases.
I enclose the input.properties with the configuration we are trying.

Labels (1)
11 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Did the install complete or fail entirely?

What is your JDBC connect string look like?  Same one for DBeaver (Like Squirrel SQL/DBVis I assume?) or did you have to modify the connect string.

If you got the system installed, but DB failed, you can look in the /opt/netiq/idm/apps/tomcat/conf/server.xml and look at the DB definition strings and see what is set there and try different possible options

 

0 Likes
Highlighted
Respected Contributor.
Respected Contributor.

Thank you
I see the file you mention and verify what we find.
Since the documentation is not very clear, could you tell me if they did any installation in Oracle, and if what we do is correct, to create the 2 Database and create the same user in both?
Highlighted
Respected Contributor.
Respected Contributor.

Hi Geoffc
The installation did not appear any inconvenience. The error is when we try to configure it.

Answering your questions

Test with JDBC URL

jdbc:oracle:thin:@(DESCRIPTION =(ADDRESS = (PROTOCOL = TCP)(HOST = 10.1.30.52)(PORT = 1522))(CONNECT_DATA =(SERVER = DEDICATED)(SERVICE_NAME = igaworkflowdb)))
or
jdbc:oracle:thin:@10.1.30.52:1522/igaworkflowdb

Succesfuly conection


In "/opt/netiq/idm/apps/tomcat/conf/server.xml"

In this installation

<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>

Other Installation with postgresql

<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" />
<Resource auth="Container" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" name="UserDatabase" pathname="conf/tomcat-users.xml" type="org.apache.catalina.UserDatabase" />
<Resource auth="Container" driverClassName="org.postgresql.Driver" factory="com.netiq.tomcat.jdbc.pool.CustomBasicDataSourceFactory" initialSize="10" maxTotal="100" maxActive="50" maxIdle="10" maxWait="30000" minIdle="10" name="shared/IDMUADataSource" password="***pwd***" testOnBorrow="true" type="javax.sql.DataSource" url="jdbc:postgresql://<IP>:5432/idmuserappdb" username="idmadmin" validationInterval="120000" validationQuery="SELECT 1" />
<Resource auth="Container" driverClassName="org.postgresql.Driver" factory="com.netiq.tomcat.jdbc.pool.CustomBasicDataSourceFactory" initialSize="10" maxTotal="100" maxActive="50" maxIdle="10" maxWait="30000" minIdle="10" name="shared/IGADataSource" password="***pwd***" testOnBorrow="true" type="javax.sql.DataSource" url="jdbc:postgresql://<IP>:5432/igaworkflowdb" username="idmadmin" validationInterval="120000" validationQuery="SELECT 1" />
<Resource auth="Container" brokerName="LocalActiveMQBroker" brokerURL="tcp://localhost:61716" description="JMS Connection Factory" factory="org.apache.activemq.jndi.JNDIReferenceFactory" name="jms/ConnectionFactory" type="org.apache.activemq.ActiveMQConnectionFactory" />
<Resource auth="Container" description="Topic for IdmApps" factory="org.apache.activemq.jndi.JNDIReferenceFactory" name="topic/IDMNotificationDurableTopic" physicalName="IDMNotificationDurableTopic" type="org.apache.activemq.command.ActiveMQTopic" />
<Resource auth="Container" description="Topic for IdmApps email based approval" factory="org.apache.activemq.jndi.JNDIReferenceFactory" name="topic/EmailBasedApprovalTopic" physicalName="EmailBasedApprovalTopic" type="org.apache.activemq.command.ActiveMQTopic" />
</GlobalNamingResources>

I could see trying to adapt this configuration and place it in the other one, just to see if it continues with the configuration.

thank in advance

Highlighted
Knowledge Partner
Knowledge Partner

The Server.xml does not have the Oracle config in there. So yes, adapt the Postgress one with Oracle info as a first pass.

0 Likes
Highlighted
Respected Contributor.
Respected Contributor.

Hello, we have opened an SR, so that they tell us if they have detected any inconvenience with the identity application configuration process. Thank you

Highlighted
Trusted Contributor.
Trusted Contributor.

Exact same scenario happening here, fresh installation but MS SQL Server 2017 instead of Oracle only. We also are raising a SR. I´ll keep updating

Highlighted
Trusted Contributor.
Trusted Contributor.

You need to necessarily create TWO databases for installation of IDM 4.8. One for Identity Applications, other for the workflow engine. I was having the same problem, when I created an additional database and mentioned it during the configuration.sh, things went fine.

Hope it works for you too.

Highlighted
Respected Contributor.
Respected Contributor.

Hi
Finally we could do the installation with Oracle, only we had to modify the listener of the databases so that they were SID instead of Service.

One of the tests they requested was to invoke each of the databases with the following command
/opt/netiq/common/jre/bin/java -jar <ISO_mount>/common/lib/dbConnection.jar idmadmin <user_pwd> jdbc:oracle:thin:@<db_ip>:<db_port>:idmuserappdb Oracle /opt/netiq/idm/apps/ojdbc8.jar


If the connection has to be exclusively with "/" and not with ":", we were recommended to modify the file generated by the connection url.

Thanks All.
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Could you explain that again please?  I do not QUITE get your point.

 

Can you show us what your tried first, and what then youc hanged it to that worked?

 

I.e. I do not understand this sentence "

If the connection has to be exclusively with "/" and not with ":", we were recommended to modify the file generated by the connection url.

 

0 Likes
Highlighted
Respected Contributor.
Respected Contributor.

Hi Geoff,

I just stumbled accross this post when researching errors on configuring my IDM App environment (4.8.1 using Oracle DB)

I think, the problem is the connection String. When using the Service name it needs to have the /, when using the SID it needs to have the : between port and DB instance.

The issue is that the installation routine does not differ between Service and SID for IdApps (for reporting it does though!). So if you check the [Mountpoint]/common/scripts/database_conn.sh of the installation media you will see the following: 

database_conncheck()
{
if [ "$PROD_NAME" = "user_application" ]
then
if [ "${UA_WFE_DB_PLATFORM_OPTION}" == "oracle" ]
then
DB_TYPE="Oracle"
UA_DB_CONNECTION_URL="jdbc:oracle:thin:@${UA_WFE_DB_HOST}:${UA_WFE_DB_PORT}:${UA_DATABASE_NAME}"
WFE_DB_CONNECTION_URL="jdbc:oracle:thin:@${UA_WFE_DB_HOST}:${UA_WFE_DB_PORT}:${WFE_DATABASE_NAME}"
elif [ "${UA_WFE_DB_PLATFORM_OPTION}" == "mssql" ]
then
DB_TYPE="SQL Server"
UA_DB_CONNECTION_URL="jdbc:sqlserver://${UA_WFE_DB_HOST}:${UA_WFE_DB_PORT};DatabaseName=${UA_DATABASE_NAME}"
WFE_DB_CONNECTION_URL="jdbc:sqlserver://${UA_WFE_DB_HOST}:${UA_WFE_DB_PORT};DatabaseName=${WFE_DATABASE_NAME}"
fi
if [ "${UA_WFE_DB_PLATFORM_OPTION}" == "oracle" ] || [ "${UA_WFE_DB_PLATFORM_OPTION}" == "mssql" ]
then
#verify_db_connection ${UA_WFE_DATABASE_USER} ${UA_WFE_DATABASE_PWD} ${UA_WFE_DB_HOST} ${UA_WFE_DB_PORT} ${UA_DATABASE_NAME} ${DB_TYPE} ${UA_WFE_DB_JDBC_DRIVER_JAR}
verify_db_connection ${UA_WFE_DATABASE_USER} ${UA_WFE_DATABASE_PWD} "${UA_DB_CONNECTION_URL}" "${DB_TYPE}" ${UA_WFE_DB_JDBC_DRIVER_JAR}
UA_DB_CONN_RET=$?
verify_db_connection ${UA_WFE_DATABASE_USER} ${UA_WFE_DATABASE_PWD} "${WFE_DB_CONNECTION_URL}" "${DB_TYPE}" ${UA_WFE_DB_JDBC_DRIVER_JAR}
WFE_DB_CONN_RET=$?
DB_CONN_RET=0
if [ $UA_DB_CONN_RET -eq 1 ] || [ $WFE_DB_CONN_RET -eq 1 ]
then
DB_CONN_RET=1
fi

if [ $DB_CONN_RET -eq 1 ]
then
disp_str=`gettext install "Connection to database failed. Check whether database is running or parameters provided is valid. Run upgrade after correcting problem."`
write_and_log "$disp_str"
exit
else
disp_str=`gettext install "Database connection successful."`
write_and_log "$disp_str"
fi
fi

 

So with this setup the configuration can always just end up with an error.

So I guess when he changed from Service Name to SID the configuration worked.
Which does not mean this should not be fixed in the configuration routine and/or mentioned in the documentation as this definitely should not be a problem when I do have the choice between both!

 

Highlighted
Respected Contributor.
Respected Contributor.

I have to correct myself, I did find the part in the documentation that the DB Setup for Oracle does need the SID:

You can connect to the Oracle database by using Oracle System ID (SID) and Oracle Service Name. If you want to access the database by using a service name, complete the identity applications installation to one database instance by connecting through SID. After the installation is completed, perform the following actions.

https://www.netiq.com/documentation/identity-manager-48/setup_linux/data/configuring-identity-applications.html#connect-to-oracle-database-using-oracle-service-name

 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.