IBM Security Identity Governance and Intelligence, Version 5.2

Configuring the Oracle server

You must configure an installed Oracle server to work with IBM® Security Identity Governance and Intelligence virtual appliance.

Before you begin

You must have the Oracle server installed.
You must know the common database parameters, such as the IP address, server port, and SID.
If you want to change the default password - ideas - required to access the Identity Governance and Intelligence schemas, you must do so before you create the database. See Changing the default password for the database schemas.
Make understand and comply with the Hardware and software requirements.

About this task

Important: IBM Security Identity Governance and Intelligence, Version 5.2 does not support the pluggable database option in Oracle. When you install the Oracle database for IBM Security Identity Governance and Intelligence, clear the pluggable database option in Oracle, otherwise applying the database schema is not successful.

Use the following tags to customize the Oracle database.

Table 1. Tags to customize the IBM Security Identity Governance and Intelligence Oracle database installation
Tags	Description
IdeasSID	Oracle database instance name (SID)
DBServer	Oracle Server IP address or DNS name
DBPort	Oracle listener port

To install the IBM Security Identity Governance and Intelligence database on Oracle, complete the following procedure.

Procedure

Configure the tnsnames.ora file.
1. Log in with root privileges.
```
sudo su -
```
2. Switch to the oracle user.
```
sudo su oracle
```
3. Set the env variables:
```
. /usr/bin/oraenv
```
4. Start listener:
```
lsnrctl start
```
5. Start the database before you proceed any further.
6. Browse to the tnsnames.ora file. For example: oracle_home/db/network/admin
7. Open the file in a text editor. For example: vi
8. If the network instance is not configured correctly, add the following section:
```
<IdeasSID> =
  (DESCRIPTION =
    (ADDRESS_LIST =
      (ADDRESS = (PROTOCOL = TCP)(HOST = <DBserver>)(PORT = <DBport>))
    )
    (CONNECT_DATA =
      (SERVICE_NAME = <IdeasSID>)
    )
  )
```
9. Verify that the configuration is working by connecting to the database with the following command:
```
sqlplus system/<password>@<IdeasSID>
```
Unpack the following compressed file from the product package image or DVD:
```
SEC_IDNTY_GVN_INTL_xxx_V5.2_DT_IN_.zip
```
Where xxx can be CMP, ANL, LFC, or IEE, depending on which product media type that includes the IBM Security Identity Governance and Intelligence V5.2 Database Installation Scripts file you are using.
Extract the oracle_installation.zip file into a directory of your choice in your database server. For example, SCRIPT.

Choose and run the appropriate database creation script.

The following database scripts address different customer requirements and access restrictions to Oracle system accounts. The scripts in the following table are in the folder DB_INSTALLATION.

Table 2. Database scripts for different environments and access restrictions.
File name	Description
01-FULL-TBLS_USER_AND_OBJ-CREATION.sql	Interactive full DB creation.
02-FULL-TBLS_AND_USER-CREATION.sql	DBA service script. Table space and database user creation only.
02-FULL-TBLS_AND_USER-SIMULATION.sql	DBA service script. It generates as the output of the Oracle version-specific database installation script.
03-FULL-OBJ-CREATION.sql	DBA service script. Object creation only.
04-ADD_REALM-USER_AND_OBJ-CREATION.sql	Interactive full database creation for adding a realm.
05-ADD_REALM-USER-CREATION.sql	DBA service script. New realm object creation only.
05-ADD_REALM-USER-SIMULATION.sql	DBA service script. It generates as the output of the Oracle version-specific database installation script to create a new realm.
06-ADD_REALM-OBJ-CREATION.sql	DBA service script. Object creation only for adding new realm.

Only the first script is necessary for a common database configuration scenario with the following attributes:

Installation with a single realm
Installation by using Oracle system accounts for the entire installation

In the DB_INSTALLATION folder, the IGI_5_2_0_INSTALLATION subfolder, contains files that are used by the database scripts for the necessary operations.

To prepare the database, run the installation script for the IDEAS User Realm:

sqlplus system/<password>@<IdeasSID> @01-FULL-TBLS_USER_AND_OBJ-CREATION.sql

The script runs with the following result:



=================================
= IGI SUITE V5.2.0 INSTALLATION =
=================================

To continue with the installation you must input some values.
Some questions have a default answer, but you can otherwise input different values.

Enter datafile Path. Ex. /opt/oracle/oradata/<INSTANCE_NAME>
/ ATTENTION! ERROR ON INPUT MAY RESULT WITH WRONG INSTALLATION. 
BE SURE THAT THE INPUT PATH EXISTS AND THAT IT IS AN ABSOLUTE PATH! 
Enter datafile Path. NO DEFAULT! -> 
Value:  

=================================================================================
VARIABLE SUBSTITUTION RESULTS: 
IGA Core RELATED ACCESS ANALYTICS SCHEMA: 
-  DEFAULT VALUE : AA_CORE/ideas 
-  NEW VALUE     : AA_CORE/ideas 
IGA Core SCHEMA: 
-  DEFAULT VALUE : IGA_CORE/ideas 
-  NEW VALUE     : IGA_CORE/ideas 
IGA Core RELATED CCS SCHEMA: 
-  DEFAULT VALUE : CCS_CORE/ideas 
-  NEW VALUE     : CCS_CORE/ideas 
IGA Core RELATED REPORT SCHEMA: 
-  DEFAULT VALUE : IGA_REPORT_CORE/ideas 
-  NEW VALUE     : IGA_REPORT_CORE/ideas 
=================================================================================  
Please choose tablespace installation size (Small/Medium/Large). (default=M) [S/M/L]