I keep seeing things pop up and people having trouble getting the Discoverer / BIP integration working.  I will say this is not the easiest of configurations, but with some additional steps anyone should be able to complete the task.  For those of you that have been following along, the latest Discoverer Cumulative Patch (CU4, p6357481) was released and  the Discoverer / BIP integration was not included with created a new interop patch for everyone numbered 6622352.

Just a couple notes on the install.  If you are applying the patch to a unix system you’re going to have to run the dos2unix command on the CreateOIDContainer.sh file in the <OH>/discoverer/util directory.   Also, notice the CreateOIDContainer.sh file, yes its case sensitive and don’t forget to edit the file and replace the %ORACLE_HOME% directive with your actual Oracle Home path, while you’re at it make sure you chmod 750 CreateOIDContainer.sh too.  Can you tell it was a windows guy who wrote the script .

Anyways, before executing the CreateOIDContainer.sh script you’ll also need to properly setup all your paths which includes:
export ORACLE_HOME=<Your Oracle Home Path>
export LIBPATH=$ORACLE_HOME/lib32:$ORACLE_HOME/lib:$ORACLE_HOME/jlib:$LIBPATH
export LD_LIBRARY_PATH=$ORACLE_HOME/lib32:$ORACLE_HOME/lib:$ORACLE_HOME/jlib:$LD_LIBRARY_PATH


The big kicker that bit me this last time was that I was getting an error that the Discoverer product container doesn’t  exist in the OID Repository.  Well, for some reason that container doesn’t actually exist until a user is created in the OID through something like OIDDAS, since this client was using Server Chaining to bring in all their users (another blog post soon) we had never actually created a “new” native user in OID.

Needless to say the 10.1.2.3 Discoverer patch set can’t come soon enough which includes this patch with it.  Till then feel free to drop me a line if you have any questions.  If you want some more in depth examples of the config let me know and I’ll get some screen shots the next time I do this.

Lets start with a little overview of the OAAM Architecture. The software is made up of two components:

1. OASA – Oracle Adaptive Strong Authenticator
2. OARM – Oracle Adaptive Risk Manager

The OASA component is provides numerous means to protect from phishing, pharming, trojan, and keylogging attacks. The different authentication options are interesting and well designed to protect an organization. The OARM component tracks user usage patterns to help prevent fraud detection. It uses such things as your user name, known computer attributes, known locations you access the system from, etc. to build a comprehensive profile about you. It also allows organizations to monitor in real time what users are accessing their systems and either automatically or manually (through an operator) force a user to perform a secondary level of authentication to prove they are the actual person at the computer. The Risk Manager creates a virtual fingerprint of your users through a combination of IP addresses, geo location, city, state, country information, connection type, connection speed, routes, isp flag, ASN, carrier, top level domain, registering organization, hostnames, routers, and how quickly you navigate pages. You never realized there was so much stuff people could track you by and you don’t really have an option of controlling it.

OAAM is deployed just like any standard J2EE application. It’s packaged as a set of jar files, some static images, and database scripts with property files to link it all together. Nothing here that I haven’t done a million times before. So lets start at the bottom and work our way up. I started with a standard Oracle 10.1.4 OID /SSO deployment and 10.1.3 OC4J/OHS install. So onto the database.

The database much be of version 9.2.0.4 or higher, honestly, if you’re deploying a new software architecture and still using 9.2.0.4 database to store your data give me a call and I’d love to discuss the business reasons for sticking with that. Lucky for me, the basic OID install uses a 10.1.0.5 database so I’m ready.

The first step is to validate the database parameters so that they match the minimum requirements for the install. We first must get access to the pile so we can change it into an spfile to open the database. So first we log into the database as sys.

After we log into the database, create a pfile from the database parameters, after the pfile is created you need to then edit the init<sid>.ora file you’ve created. To do this we set our ORACLE_HOME, ORACLE_SID, and PATH.

$> export ORACLE_HOME=/software/oracle/oaam_oid_1014
$> export ORACLE_SID=oaamoid
$> export PATH=$ORACLE_HOME/bin:$PATH
$> sqlplus /nolog
sql> connect /as sysdba
sql> create pfile = ‘initoaamoid.ora’ from spfile;
sql> quit;
$> vi $ORACLE_HOME/dbs/initoaamoid.ora

Within the pfile you need to set the minimums for the following settings:

*.db_writer_processes=4
*.fast_start_mttr_target=300
*._hash_join_enabled=TRUE
*.open_cursors=2000
*.pga_aggregate_target=512M
*.processes=500
*.query_rewrite_enabled=’FALSE’
*.sessions=500
*.shared_pool_size=500M
*.star_transformation_enabled=’FALSE’
*.timed_statistics=TRUE
*.undo_management=’AUTO’
*.undo_retention=’3600′
*.session_cached_cursors=500
*.commit_write=’BATCH,NOWAIT’

One thing to note, commit_write is not a 10g R1 parameter, it was introduced in 10gR2, so the instructions are a bit off, but not hard to get around, just don’t put it in the end of your pfile. Write out your pfile to the OS and finally we log back into the database, create the spfile from the pfile and start the database.

$> sqlplus /nolog
sql> connect /as sysdba
sql> create spfile = ’spfileoaamoid.ora’ from pfile;
sql> startup
sql> quit

Once the database is started we then have to load all of the data that allows the components to run. To do this we log back into the database and then execute the db_setup.sql script.

$> sqlplus system/<oraclevms>
sql> @/software/source/oracle/AdaptiveAccessManager10g/oracle_fa_database/db_setup.sql;

The script asks you to enter the location where you want to put the two new tablespaces the application creates, the name of the user you want to use, and the password, then halfway through the script it asks you the name of your temp tablespace (TEMP). Once the script started executing it creates the actual tablespaces, database user, database objects, loads the initial data, and then the location database (for the ip address locations).

Alright, that was stupid simple, the database is done, stay tuned for the software deployment. I apologize for no pictures on this one, I was using a different machine than the one I normally do and my copy of SnagIt was setup to only snap one screen shot and overwrite it each time. I promise the rest of the install log will have pictures to go along. Thats all for now, check back in a few hours (maybe 24) for the java application deployment instructions.

As a lot of people know, much of my last year has been spending time away from my portal / BI beginnings and spending more time in the Identity Management space. This year at Oracle World, I’ll be presenting on one of Oracle’s new IdM products Oracle Adaptive Access Manager (OAAM). This product was an acquisition from an Indian company by the name of Bharosa, the Hindi word for trust. It really is a nice product, providing real time risk assessment for every user of your system, and provides authentication mechanisms, as strong as, or stronger than those expensive tokens everyone has. I think I’d got over a dozen at home from various clients who gave me one “just in case.” Those little buggers aren’t cheap. Anyways, over the next few days I’ll be digging into the new product. Going through the installation and configuration, running it against different applications and profiles and reporting back on what I find.

I really do like this product and its simplicity of deployment. Its nice to find something “simple” in the Oracle stack(s) to play with. Stay tuned.

Well, as many of you know, Dan Norris and I used to work together at ITC. He decided to go join some company known for handing out mints that tend to appear in peculiar places. In his post today he linked to the new site I’ve been working on. It’s obviously not live, but I linked in the blog section tonight. I still have some work to do on the templates in both the blog and wiki sections, some organization of the wiki, a couple entries in the FAQ, and a digg style rating system for users. I’ve worked out all my kinks with Amazon’s S3 service for the torrent downloads, now I’m in the process of uploading the initial VMs.

The first ones to be released will be a generic Oracle Enterprise Linux Update 5 VM with all the pre-configuration completed for database and application server installs. Next up will be a Portal 10.1.4 / BI 10.1.2.2.0 vm, an 11g database vm, and then hopefully Dan’s RAC vms.  The IdM VMs will come after that.  I’ve also had offers from Mark and John @ Rittmanmead.com for some of their BI and Data Warehousing VMs, hopefully I can catch up with them for dinner before the BIWA summit.

I’ve been busy with a whole bunch of client stuff lately, when Dan left ITC he also left me with a pretty healthy pipeline to deliver to, and I had already been booked for a client through the end of the year. (BTW, any Fusion Middleware guys need a job?) Needless to say, I’ve been a little busy lately and the horrible hotel upload speeds haven’t helped the situation in pushing things to Amazon.

So for now, go ahead, start using it. Tell me whats good, whats bad, what works, what doesn’t work, and I’ll do my best to keep on top of things. The OracleVMs.com project forum (http://www.oraclevms.com/forums/project.php?projectid=8) is the best place to log bugs, issues and feature requests. Feel free to start putting them there and I’ll slot them into the release cycle.

In the IOUG Fusion Task Force meeting this week, we were discussing what could be provided to build a better community around the Fusion Middleware world and it’s ever growing list of products and acquisitions. A lot of us are classic Oracle guys that have been doing Java, ADF, App Server, Portal, Discoverer, etc. since its first release. We’ve always known the standard Oracle Metalink, Forums, and ListServs for Oracle help when we need it. Now with so many acquisitions it’s getting incredibly hard to catch up and the communities for many of the new products don’t exist.

One of the big questions that came up was where have all the developers gone. For some reason the term “The Lost Developers” popped into my head, which of course popped the bad 80’s movie “The Lost Boys,” and in turn this bad graphic. (Trust me you don’t want to try and understand whats in my head)

But in all seriousness, where did everyone go. I know a lot of the people went to start their own independent consulting shops, some stayed with Oracle, but what about the rest of the world? What about all the customers and other implementation partners? I went through, looked at the acquisition list, and couldn’t find user groups or message boards for many of them. Maybe I’m looking in the wrong places or haven’t been taught the secret handshake yet, but here is the list I came up with:

Agile: Nothing
AppForge: Palm and Windows Media Local User Groups, nothing centralized
Bharosa: Nothing
Tangosol: LCUG (http://wiki.tangosol.com/display/LCUG/Home)
HotSip: Nothing
Siebel (Analytics): ITtoolbox Group (http://siebel.ittoolbox.com/groups/technical-functional/siebel-analytics-l)
SigmaDynamics: Nothing
Sleepycat: Nabble Forums (http://www.nabble.com/Berkeley-DB-f2899.html)
Stellent: Stellentforums.com and regional user groups
Context Media: Nothing
Oblix: Nothing
Octet String: Nothing
Thor Technologies: Nothing
TimesTen: Nothing
TripleHop: Nothing

Yes there are the Oracle boards, but many of them aren’t trolled by the experts of the acquired companies yet. So what happened? Where did everyone go? Right now I’m working on building a lot of pre-built virtual machines for my side project (thanks again for the people volunteering to help), but on the newer components I’m having to learn a ton as I go and it would be helpful to bounce ideas / questions off of people who have already been there and done that. I’m sure a lot of them are having the same problems now trying to deploy on to the Fusion Middleware stack.

So here it is, an open invite to come out of the corners and reveal yourselves. Where is everyone hiding? How can we build a better collaborative Oracle development world? I would love to hear people’s feedback. Maybe we need a myspace or facebook for Oracle people? I’m only half joking here, there sure are enough of us to keep it busy. What features would make it a kick ass collaboration environment? Forums? Wiki? Torrents? Instant Messaging? Desktop Sharing? Blogs Provider? Maybe just an Aggregator? Rent a VM development environments? Calendaring? Mapping? Presence? Ok, enough web 2.0 buzz words (crap, there was another one).

Call me, email me, IM me, post comments here, I just want to figure out how to make it easier on all of us.

After an eventful week in Seattle, I was supposed to take the red eye back to DC for the weekend.  The flight was supposed to leave at 11:30 pm, well its 1 am now and I’m still an hour from take off.  Which means its 5am in back home time.  I think all the airlines have gone to crap in the last 6 months, I can’t remember the las time I had a flight that went off without an issue.  Hopefully I make it home and can sleep off the rest of the morning, after the week I had lord knows I need it.

On a good note I got an email from my good friends at IOUG that they’ve selected my “Oracle Identity Management: The Total Identity Solution” presentation for Oracle World this year! Woo hoo!!! It’ll be my first time presenting at Oracle World, with the BI CAB meeting and Regional Directors Meeting its already shaping up to be a busy conference.  We’ve been thinking of doing “Ask the experts session” at the conference giving time for people to come by the booth and ask our top people just about anything they want.  Discuss a problem they have, demo a cool project we’re working on, or just shoot the … well you know.  We’ll see, I think it could be a fun idea and give me a chance to meet some really cool people.

Wow, just wow has its been incredibly busy lately.  Over the next few weeks I’ll be bouncing coast to coast every weekend.  This week I’m at Redwood Shores working with the new 11g FMW Beta.  I seriously underestimated the size of this release, just about everything is getting turned on its head for the better.  Thats about all I can say about it…

I got word on Friday that my info has finally been added to the list of Oracle Regional Directors (http://www.oracle.com/technology/community/ofm_directors/index.html#Topper).  I feel honored to be part of the group and can’t wait to start fulfilling all the requirements around it.

Next week I’m in Daytona for the Kaleidescope Conference speaking on IDM, AJAX and WS-Security.  These are the same presentations I did at Collaborate last month and got some decent reviews (also the same ones posted on this site if you can’t make it to the conference).  On a side note, in the spirit of Daytona Dan Norris and myself are planning on renting motorcycles one of the nights we are there.  If anyone else wants to join in the fun let me know, I think the cost for the day was between $100 – $150.

Lastly, I’ve been thinking about starting a website that would link technical people together.  There are a lot of great traveling consultants that are in a different city every week with a lot of Oracle product knowledge that you might not even know are working at the place next door.  Does anyone think building a site around linking technical people up for dinner in an area would be a good idea?  It would be something along with the lines of LinkedIn and It’s Just Lunch.  I’m just thinking out loud, its been something thats been in the back of my head for a while and keeps popping up as I’ve been flying around lately.