7 Reconfiguring Application Server Instances

When you installed Oracle Application Server, you chose an installation type and the components you wanted to configure. For J2EE and Web Cache installations, you could choose if you wanted to use Infrastructure Services. After installation, you may want to add or delete components, or even change the installation type. Or, you may want to start using Infrastructure Services with your J2EE and Web Cache installation. This chapter describes how to make these types of changes.

It contains the following topics:

Expanding a Middle-Tier Installation
Configuring Additional Components After Installation
Deconfiguring Components
Deleting OC4J Instances
Configuring J2EE and Web Cache to Use Infrastructure Services
Disabling and Enabling Anonymous Binds

If you have disabled anonymous binds in Oracle Internet Directory, you must enable them before you make configuration changes. See Section 7.6, "Disabling and Enabling Anonymous Binds" for more information.

7.1 Expanding a Middle-Tier Installation

There are three types of middle-tier installations. The types are ordered in that each contains all of the components in the previous installation type, plus additional components. The installation types, in order from lowest to highest, are:

J2EE and Web Cache
Portal and Wireless (includes all components in J2EE and Web Cache)
Business Intelligence and Forms (includes all components in J2EE and Web Cache, Portal and Wireless)

When you installed Oracle Application Server, you chose an installation type based on the components you required at the time. You may decide later that you want to use additional components that are available in a higher installation type. For example, you may have installed a J2EE and Web Cache, and then decide later that you want to use OracleAS Portal.

To accomplish this, you can expand your application server installation by installing a higher installation type in the same Oracle home using Oracle Universal Installer. Options for expanding a middle-tier installation are shown in Table 7-1.

Table 7-1 Options for Expanding a Middle-Tier Installation

You can expand this type of installation:	To this type of installation:	Result:
J2EE and Web Cache	Portal and Wireless	You are given the option of configuring Portal and Wireless.
Portal and Wireless	Business Intelligence and Forms	You are given the option of configuring Discoverer, Forms, Reports, and Personalization.

When you expand an installation:

All of your current configured components are maintained.
The disk files for the additional components in the higher installation type are installed in your Oracle home.
You are given the option of configuring any of the additional components in the higher installation type.

Note the following:

You must configure OracleAS Web Cache before you expand a J2EE and Web Cache instance. If you did not configure OracleAS Web Cache during installation, see Section 7.2.1, "Configuring OracleAS Web Cache After Installation" for instructions.
You cannot reduce an installation by installing a lower installation type in the same Oracle home. For example, you cannot install a J2EE and Web Cache installation in an Oracle home that contains a Portal and Wireless installation. If you want to exclude certain components from your installation, you can disable them. See Section 3.4, "Enabling and Disabling Components" for more information.
You can only expand middle-tier installations; you cannot expand an Infrastructure installation.

See Also:
Oracle Application Server Installation Guide for complete instructions on expanding a middle-tier installation

7.2 Configuring Additional Components After Installation

When you installed Oracle Application Server, you were allowed to select the components you wanted to configure. You may decide later you want to configure one of the components you did not select during installation. For example, if you installed J2EE and Web Cache and did not choose to configure OracleAS Web Cache, you can configure OracleAS Web Cache after installation.

You can configure components after installation using the Select Component page in the Application Server Control Console. From the Home page, click Configure Component. The Select Component page is displayed, as shown in Figure 7-1.

Figure 7-1 Configuring Components with Application Server Control Console

Description of "Figure 7-1 Configuring Components with Application Server Control Console"

Table 7-2 lists which components can be configured after installation and provides pointers to instructions for using Application Server Control Console to configure and verify each component.

Table 7-2 Components That Can Be Configured After Installation

To configure this component:	In these Installation types:	For instructions, refer to:
Web Cache	J2EE and Web Cache	Section 7.2.1
Portal	Portal and Wireless Business Intelligence and Forms	Section 7.2.2
Wireless	Portal and Wireless Business Intelligence and Forms	Section 7.2.3
Discoverer	Business Intelligence and Forms	Section 7.2.4
Forms	Business Intelligence and Forms	Section 7.2.5
Reports Services	Business Intelligence and Forms	Section 7.2.6
Personalization	Business Intelligence and Forms	Section 7.2.7
Single Sign-On	Infrastructure	Section 7.2.8
Delegated Administration Service	Infrastructure	Section 7.2.9
Directory Integration and Provisioning	Infrastructure	Section 7.2.10

7.2.1 Configuring OracleAS Web Cache After Installation

This section describes how to configure OracleAS Web Cache after installation.

7.2.1.1 Things to Know Before You Start

During installation, port numbers were reserved for OracleAS Web Cache services. You can find the port numbers in the following file:

(UNIX) ORACLE_HOME/install/portlist.ini
(Windows) ORACLE_HOME\install\portlist.ini

The port numbers are listed as:

Web Cache HTTP Listen port = port_number
Web Cache HTTP Listen (SSL) port = port_number
Web Cache Administration port = port_number
Web Cache Invalidation port = port_number
Web Cache Statistics port = port_number

These port numbers will be used when you configure OracleAS Web Cache. If you want to use different port numbers, you can change them after you configure OracleAS Web Cache.

7.2.1.2 Configuring OracleAS Web Cache

To configure OracleAS Web Cache, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleAS Web Cache.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Web Cache from the menu. Click Continue.
On the Login page, in the Administration Password field, enter the ias_admin password. Click Finish.

7.2.1.3 Post-Configuration Tasks

When the configuration is finished, take the following steps:

In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
Verify that Web Cache is listed in the System Components section. It will have a status of Down. Select the check box next to Web Cache and click Start.
When the operation completes, verify that Web Cache shows a status of Up. Then, click Web Cache and verify that the Web Cache Home page is displayed.
On the Web Cache Home page, click Administration to set up OracleAS Web Cache.

See Also:
Oracle Application Server Web Cache Administrator's Guide for basic setup and configuration tasks

7.2.2 Configuring OracleAS Portal After Installation

This section describes how to configure OracleAS Portal after installation.

Note that you must configure OracleAS Web Cache before you expand a J2EE and Web Cache instance. If you did not configure OracleAS Web Cache during installation, see Section 7.2.1 for instructions. If you expand the instance before configuring OracleAS Web Cache, see Section 7.2.2.4.

7.2.2.1 Things to Know Before You Start

Before you configure OracleAS Portal, make sure that the sqlnet.ora file contains the following line, and that LDAP is listed in the line:

NAMES.DIRECTORY_PATH= (TNSNAMES, LDAP, ONAMES, HOSTNAME)

The sqlnet.ora file is located in the following directory:

(UNIX) Oracle_Home/network/admin
(Windows) Oracle_Home\network\admin

7.2.2.2 Configuring OracleAS Portal

To configure OracleAS Portal, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleAS Portal.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Portal from the menu. Click Continue.
On the Login page, in the Administration Password field, enter the ias_admin password. Click Finish.

7.2.2.3 Post-Configuration Tasks

When the configuration is finished, take the following steps:

In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
Verify that OC4J_Portal and Portal:portal are listed in the System Components section.
Restart Oracle HTTP Server and start OC4J_Portal:
1. In the System Components table, select HTTP_Server, and click Restart.
2. Select OC4J_Portal, and then click Start.
  
  The home OC4J instance will be Down after configuring OracleAS Portal through Application Server Control Console. If you wish to start this service, click the home component in the System Components section, then click Start.
Verify that OC4J_Portal and Portal:portal both have a status of Up:
1. Click OC4J_Portal and verify that the OC4J_Portal page is displayed.
2. Click Portal:portal and verify that the Portal page is displayed.
  
  Initially, the Portal:portal status may be displayed as Down. This is normal. The status should be updated approximately five minutes after configuration.

If this is the first instance of OracleAS Portal to use this OracleAS Metadata Repository, run the following command in the middle-tier Oracle home (make sure the ORACLE_HOME environment variable is set before you run this command):

On UNIX:

ORACLE_HOME/portal/conf/ptlconfig -dad portal [-pw PORTAL_schema_password]

On Windows:

ORACLE_HOME\portal\conf\ptlconfig -dad portal [-pw PORTAL_schema_password]

This script writes OracleAS Portal configuration entries into the OracleAS Metadata Repository. Do not run this script if there are other OracleAS Portal instances using the OracleAS Metadata Repository, because this script will overwrite any existing OracleAS Portal configuration entries in the OracleAS Metadata Repository.

Note:

The PORTAL schema password is stored in the Oracle Internet Directory and the entry may be viewed by an administrator using the oidadmin utility with the following path under Entry Management:

OrclResourceName=PORTAL,orclReferenceName=iasdb.myhost.mycompany.com, cn=IAS Infrastructure Databases,cn=IAS,cn=Products,cn=OracleContext

Verify that you can access OracleAS Portal at the following URL:
```
http://hostname.domain:port/pls/portal
```
In the URL, hostname.domain is the OracleAS Portal host and port is the OracleAS Web Cache HTTP Listen port for the OracleAS Portal instance. For example:
```
http://myhost.mycompany:7777/pls/portal
```
You can log in to OracleAS Portal as the user portal.
- If this is the first OracleAS Portal instance to use the OracleAS Metadata Repository, the password is the original ias_admin password you supplied for this middle tier during installation. The original ias_admin password is required, even if you changed the ias_admin password after installation.
- If this is not the first OracleAS Portal instance to use the OracleAS Metadata Repository, the password is either:
  - The original ias_admin password for the first middle tier associated with the OracleAS Metadata Repository
  - The current portal password, if the administrator changed the portal user password after the first OracleAS Portal instance was installed
See Also:
Oracle Application Server Portal Configuration Guide for more information on configuring OracleAS Portal

Note:

When OracleAS Portal is configured using Oracle Enterprise Manager, the Oracle Ultra Search instance is not configured automatically and therefore the Ultra Search Administration link in OracleAS Portal will not work. For instructions on how to create an Oracle Ultra Search instance, see Oracle Ultra Search Administrator's Guide.

7.2.2.4 Steps Needed If OracleAS Portal Configured Before OracleAS Web Cache

If you expanded the instance before you configured OracleAS Web Cache, you must take the following steps to correct the situation:

Configure OracleAS Web Cache, as described in Section 7.2.1.
Edit iasconfig.xml and change the port that OracleAS Portal is listening on to match that of OracleAS Web Cache. The file is located in:
```
(UNIX) ORACLE_HOME/portal/conf]
(Windows) ORACLE_HOME\portal\conf
]
```

Run the following command to make Oracle Application Server aware of the change:

On UNIX:

ORACLE_HOME/portal/conf/ptlconfig update ptlconfig -dad portal [-pw PORTAL_schema_password]

On Windows:

ORACLE_HOME\portal\conf\ptlconfig update ptlconfig -dad portal [-pw PORTAL_schema_password]

7.2.3 Configuring OracleAS Wireless After Installation

This section describes how to configure OracleAS Wireless after installation.

7.2.3.1 Configuring OracleAS Wireless

To configure OracleAS Wireless, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleAS Wireless.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Wireless. Click Continue.
On the Login page:
- User Name: Enter cn=orcladmin, or the distinguished name of a user in the iASAdmins group.
- Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.

7.2.3.2 Post-Configuration Tasks

When the configuration is finished, take the following steps:

In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
Verify that OC4J_Wireless and Wireless are listed in the System Components section. OC4J_Wireless and Wireless will have a status of Down. Select the check boxes next to OC4J_Wireless and Wireless, and click Start.
When the operation completes, verify that OC4J_Wireless and Wireless have a status of Up. Click OC4J_Wireless and verify that the OC4J_Wireless page is displayed. Click Wireless and verify that the Wireless page is displayed.
Select the check boxes next to HTTP_Server and Web Cache, and click Restart.
Verify that you can access OracleAS Wireless at the following URL:
```
http://hostname.domain:port/webtool/login.uix
```
In the URL, hostname.domain is the OracleAS Wireless host and port is the OracleAS Web Cache HTTP listen port number for the instance.

You can log in as the user orcladmin with the orcladmin password.

See Also:
Oracle Application Server Wireless Administrator's Guide for more information on configuring OracleAS Wireless

7.2.4 Configuring OracleBI Discoverer After Installation

This section describes how to configure OracleBI Discoverer after installation.

7.2.4.1 Configuring OracleBI Discoverer

To configure OracleBI Discoverer, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleBI Discoverer.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Discoverer. Click Continue.
On the Login page, in the Administration Password field, enter the ias_admin password. Click Finish.

7.2.4.2 Post-Configuration Tasks

When the configuration is finished, take the following steps:

In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
If you did not have an OC4J_BI_Forms instance before, you will have one now. The OC4J_BI_Forms instance will have a status of Down. You will also have a Discoverer instance with a status of Down. Select the check boxes next to OC4J_BI_Forms and Discoverer, and click Start.
When the operation completes, verify that OC4J_BI_Forms and Discoverer have a status of Up. Click OC4J_BI_Forms and verify that the OC4J_BI_Forms page is displayed. Click Discoverer and verify that the Discoverer page is displayed.
Select the check box next to HTTP_Server, and click Restart.

Check that OracleBI Discoverer services are started.

For all of these URLs, hostname.domain is the host on which Discoverer is installed and port is the Web Cache HTTP listen port number.

Discoverer Viewer:

http://hostname.domain:port/discoverer/viewer

Discoverer Plus:

http://hostname.domain:port/discoverer/plus

Discoverer Portlet Provider:

http://hostname.domain:port/discoverer/portletprovider

See Also:

Oracle Business Intelligence Discoverer Configuration Guide for additional steps for configuring OracleBI Discoverer, including installing OracleBI Discoverer workbooks and End User Layer (EUL) into each database that contains data to be analyzed

7.2.5 Configuring OracleAS Forms Services After Installation

This section describes how to configure OracleAS Forms Services after installation.

7.2.5.1 Configuring OracleAS Forms Services

To configure OracleAS Forms Services, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleAS Forms Services.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Forms. Click Continue.
On the Login page:
- User Name: Enter cn=orcladmin, or the distinguished name of a user in the iASAdmins group.
- Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.

7.2.5.2 Post-Configuration Tasks

When the configuration is finished, take the following steps:

In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
If you did not have an OC4J_BI_Forms instance before, you will have one now. The OC4J_BI_Forms instance will have a status of Down. You will also have a Forms instance with a status of Down. Select the check box next to OC4J_BI_Forms and click Start.
When the operation completes, verify that OC4J_BI_Forms and Forms have a status of Up. Click OC4J_BI_Forms and verify that the OC4J_BI_Forms page is displayed. Click Forms and verify that the Forms page is displayed.
Verify that you can access OracleAS Forms Services at the following URL:
```
http://hostname.domain:port/forms/frmservlet
```
In the URL, hostname.domain is the OracleAS Forms Services host and port is the OracleAS Web Cache HTTP listen port number.

If you do not have Oracle JInitiator installed on your system, you are prompted to install and run it. Click Yes, then follow the directions in the wizard.

When the page is displayed, try to access the links on this page to verify that the Forms servlet is available.
Refer to the OracleAS Forms Services online help for more information on configuring OracleAS Forms Services. Specifically, note that if you want to manage OracleAS Forms Services runtime processes through the Application Server Control Console, the entry em_mode in the default section of the Forms Web Configuration must be set to the value 1 (the default is 0). Also, to view OracleAS Forms Services trace output, the entry for allow_debug in that section should be set to true.

See Also:
Oracle Application Server Forms Services Deployment Guide

7.2.6 Configuring OracleAS Reports Services After Installation

This section describes how to configure OracleAS Reports Services after installation.

7.2.6.1 Things to Know Before You Start

During installation, port numbers were reserved for OracleAS Reports Services. You can find the port numbers in the following file:

(UNIX) ORACLE_HOME/install/portlist.ini
(Windows) ORACLE_HOME\install\portlist.ini

The port numbers are listed as:

Reports Services bridge port = 14011
Reports Services discoveryService port = 14021

These port numbers will be used when you configure OracleAS Reports Services. If you want to use different port numbers, you can change them after you configure OracleAS Reports Services.

7.2.6.2 Configuring OracleAS Reports Services

To configure OracleAS Reports Services, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleAS Reports Services.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Reports Server. Click Continue.
On the Login page:
- User Name: Enter cn=orcladmin, or the distinguished name of a user in the iASAdmins group.
- Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.

7.2.6.3 Post-Configuration Tasks

When the configuration is finished, take the following steps:

In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
If you did not have an OC4J_BI_Forms instance before, you will have one now and it will have a status of Down. You will also have a Reports Server:rep_server instance with a status of Down. Select the check boxes next to OC4J_BI_Forms and Reports Server: rep_server and click Start.
When the operation completes, verify that OC4J_BI_Forms and Reports Server: rep_server have a status of Up. Click OC4J_BI_Forms and verify that the OC4J_BI_Forms page is displayed. Click Reports Server: rep_server and verify that the Reports page is displayed.
Specify your outgoing mail server.
1. Edit the following file:
  - On UNIX systems:
```
ORACLE_HOME/reports/conf/rep_server_name.conf
```
  - On Windows systems:
```
ORACLE_HOME\reports\conf\rep_server_name.conf
```
2. Uncomment the pluginParam name="mailServer" element and update it with the outgoing mail server name. For example, change the following line:
```

```
  To:
```
<pluginParam name="mailServer">smtpserver.myco.com</pluginParam>
```
3. Save and close the file.
Verify that OracleAS Reports Services is started, by using the following URL:
```
http://hostname.domain:port/reports/rwservlet/getserverinfo
```
In the URL, hostname.domain is the OracleAS Reports Services host and port is the OracleAS Web Cache HTTP listen port number.

You can log in as orcladmin with the orcladmin password.

See Also:
Oracle Application Server Reports Services Publishing Reports to the Web for more information on configuring and using Reports

7.2.7 Configuring OracleAS Personalization After Installation

To configure OracleAS Personalization. run the OracleAS Personalization Schema Creation Wizard, which creates the required schemas in the Oracle database.

7.2.8 Configuring OracleAS Single Sign-On After Installation

This section describes how to configure OracleAS Single Sign-On after installation.

7.2.8.1 Configuring OracleAS Single Sign-On

To configure OracleAS Single Sign-On, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the Infrastructure instance in which you want to configure OracleAS Single Sign-On.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Single Sign-On Server. Click Continue.
On the Login page:
- User Name: Enter cn=orcladmin, or the distinguished name of a user in the iASAdmins group.
- Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.

7.2.8.2 Post-Configuration Tasks

When the configuration is finished, take the following steps:

In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
If you did not have an OC4J_SECURITY instance before, you will have one now. The OC4J_SECURITY instance will have a status of Down. You will also have a Single Sign-On:orasso instance with a status of Down. Select the check box next to OC4J_SECURITY and click Start.

Note: You cannot start the Single Sign-On:orasso instance. This feature is started and stopped when you start and stop HTTP_Server and OC4J_SECURITY.
When the operation completes, verify that OC4J_SECURITY has a status of Up.

Note: The Single Sign-On:orasso status may be displayed as Down. This is normal. The status should be updated approximately five minutes after configuration.
Select HTTP_Server and click Restart.
Verify that you can access OracleAS Single Sign-On at the following URL:
```
http://hostname.domain:port/pls/orasso
```
In the URL, hostname.domain is the host on which OracleAS Single Sign-On is installed and port is the Infrastructure HTTP Server port.

You can log in as orcladmin with the orcladmin password.

See Also:
Oracle Application Server Single Sign-On Administrator's Guide for more information on configuring OracleAS Single Sign-On

7.2.9 Configuring Oracle Delegated Administration Services After Installation

This section describes how to configure Oracle Delegated Administration Services after installation.

7.2.9.1 Things to Know Before You Start

When you configure Oracle Delegated Administration Services after installation, you will see the following results:

The URL for Oracle Delegated Administration Services is set up.
The appropriate privileges are created.
Oracle Delegated Administration Services are deployed in the OC4J_SECURITY instance.

7.2.9.2 Configuring mod_osso for Oracle Delegated Administration Services

Before you configure Oracle Delegated Administration Services, you must make sure mod_osso is configured, as follows:

Check if mod_osso is configured in the Oracle home where you want to configure Oracle Delegated Administration Services. Examine the following file:
- On UNIX systems:
```
ORACLE_HOME/Apache/Apache/conf/httpd.conf
```
  Look for the following line in the file:
```
include "ORACLE_HOME/Apache/Apache/conf/mod_osso.conf"
```
- On Windows systems:
```
ORACLE_HOME\Apache\Apache\conf\httpd.conf
```
  Look for the following line in the file:
```
include "ORACLE_HOME\Apache\Apache\conf\mod_osso.conf"
```
ORACLE_HOME refers to the directory where you want to configure Oracle Delegated Administration Services.

If the line starts with #, then it is commented out and mod_osso is not configured in this installation. Perform step 2 to configure mod_osso.

If the line is not commented out, mod_osso is already configured. You can proceed and configure Oracle Delegated Administration Services using Application Server Control, as described in Section 7.2.9.3, "Configuring Delegated Administration Service".

To configure mod_osso manually, perform these steps:

Set the ORACLE_HOME environment variable to the full path of the directory where you want to configure Oracle Delegated Administration Services.
On UNIX systems, set the LD_LIBRARY_PATH, LD_LIBRARY_PATH_64, LIB_PATH, or SHLIB_PATH environment variables to the proper values, as shown in Table 1-1. The actual environment variables and values that you have to set depend on the type of your UNIX operating system.
On Windows systems, set the PATH environment variable to contain %ORACLE_HOME%\lib.

Run the following command (all on one line). Note: for the -classpath parameter, do not type any space characters after the colon (:) and semicolon (;) characters, as indicated by <no spaces>.

On UNIX:

$ORACLE_HOME/jdk/bin/java
-classpath .:$ORACLE_HOME/sso/lib/ossoreg.jar:<no spaces>
$ORACLE_HOME/jlib/ojmisc.jar:<no spaces>
$ORACLE_HOME/jlib/repository.jar:<no spaces>
$ORACLE_HOME/j2ee/home/jazn.jar:$ORACLE_HOME/jdk/lib/dt.jar:<no spaces>
$ORACLE_HOME/jdk/lib/tools.jar:$ORACLE_HOME/jlib/infratool.jar
oracle.ias.configtool.UseInfrastructure i
 -f $ORACLE_HOME/config/infratool_mod_osso.properties
 -h OIDhost -p OIDport -u OIDadminName -w OIDclearTextPassword
 -o ORACLE_HOME -m ASinstanceName
 -infra infraGlobalDBName -mh host -sso true
 -sslp sslPort -sslf false

On Windows:

%ORACLE_HOME%\jdk\bin\java
-classpath .;%ORACLE_HOME%\sso\lib\ossoreg.jar;<no spaces>
%ORACLE_HOME%\jlib\ojmisc.jar;<no spaces>
%ORACLE_HOME%\jlib\repository.jar;<no spaces>
%ORACLE_HOME%\j2ee\home\jazn.jar;<no spaces>
%ORACLE_HOME%\jdk\lib\dt.jar;<no spaces>
%ORACLE_HOME%\jdk\lib\tools.jar;%ORACLE_HOME%\jlib\infratool.jar
oracle.ias.configtool.UseInfrastructure i
 -f %ORACLE_HOME%\config\infratool_mod_osso.properties
 -h OIDhost -p OIDport -u OIDadminName -w OIDclearTextPassword
 -o ORACLE_HOME -m ASinstanceName
 -infra infraGlobalDBName -mh host -sso true
 -sslp sslPort -sslf false

Table 7-3 describes the parameters that require values.

Table 7-3 Parameters for Configuring mod_osso

Parameter	Description^Foot 1
`-h` `OIDhost`	Specifies the name of the computer where Oracle Internet Directory is running. You can determine this value from the `OIDhost` parameter in the `ORACLE_HOME/config/ias.properties` file.
`-p` `OIDport`	Specifies the port number on which Oracle Internet Directory is listening. You can determine this value from the `OIDport` parameter in the `ORACLE_HOME/config/ias.properties` file.
`-u` `OIDadminName`	Specifies the login name for Oracle Internet Directory. Use the superuser: `cn=orcladmin`.
`-w` `OIDclearTextPassword`	Specifies the password for the Oracle Internet Directory user.
`-o` `ORACLE_HOME`	Specifies the full path to the directory where you installed OracleAS Infrastructure 10g.
`-m` `ASinstanceName`	Specifies the name of the OracleAS Infrastructure 10g instance where you want to configure mod_osso. You can determine this value from the `IASname` parameter in the `ORACLE_HOME/config/ias.properties` file.
`-infra` `infraGlobalDBname`	Specifies the name of the OracleAS Metadata Repository database. You can determine this value from the `InfrastructureDBCommonName` parameter in the `ORACLE_HOME` `/config/ias.properties` file.
`-mh` `host`	Specifies the full hostname (including the domain name) of the computer where you want to configure Oracle Delegated Administration Services.
`-sslp` `sslPort`	Specifies the SSL port for Oracle Internet Directory. You can determine this value from the `OIDsslport` parameter in the `ORACLE_HOME/config/ias.properties` file.

^Footnote 1Paths are shown in UNIX format; invert the slashes for Windows.

If you needed to perform the previous step, restart OC4J and Oracle HTTP Server, using the opmnctl command:

On UNIX systems:

ORACLE_HOME/opmn/bin/opmnctl restartproc ias-component=OC4J
ORACLE_HOME/opmn/bin/opmnctl restartproc ias-component=HTTP_Server

On Windows systems:

ORACLE_HOME\opmn\bin\opmnctl restartproc ias-component=OC4J
ORACLE_HOME\opmn\bin\opmnctl restartproc ias-component=HTTP_Server

7.2.9.3 Configuring Delegated Administration Service

To configure Oracle Delegated Administration Services, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the Infrastructure instance in which you want to configure Oracle Delegated Administration Services.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Delegated Administration Service. Click Continue.
On the Login page:
- User Name: Enter cn=orcladmin.
- Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.

7.2.9.4 Post-Configuration Tasks

When the configuration is finished, take the following steps:

In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
If you did not have an OC4J_SECURITY instance before, you will have one now. The OC4J_SECURITY instance will have a status of Down. Select the check box next to OC4J_SECURITY and click Start.

Select HTTP_Server and click Restart. Stop and restart all components, using the opmnctl command:

On UNIX systems:

ORACLE_HOME/opmn/bin/opmnctl stopall
ORACLE_HOME/opmn/bin/opmnctl startall

On Windows systems:

ORACLE_HOME\opmn\bin\opmnctl stopall
ORACLE_HOME\opmn\bin\opmnctl startall

Verify that Oracle Delegated Administration Services is started by navigating to the following URL:
```
http://hostname.domain:port/oiddas
```
In the URL, hostname.domain is the host on which Oracle Delegated Administration Services is installed and port is the Infrastructure HTTP Server port.

See Also:
Oracle Internet Directory Administrator's Guide for more information on configuring Oracle Delegated Administration Services

7.2.10 Configuring Directory Integration and Provisioning After Installation

To configure Directory Integration and Provisioning after installation, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the Infrastructure instance in which you want to configure Directory Integration and Provisioning.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Directory Integration and Provisioning. Click Continue.
On the Login page:
- User Name: Enter cn=orcladmin.
- Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.
When the configuration is finished, click OK. The Application Server Home page appears.

See Also:
Oracle Internet Directory Administrator's Guide for more information on configuring Directory Integration and Provisioning

7.3 Deconfiguring Components

You can configure components at the following times:

During installation, by selecting the component on the Select Configuration Options screen on Oracle Universal Installer
After installation, using the Configure Component page of the Application Server Control Console
When expanding an installation, by selecting the component on the Select Configuration Options screen in Oracle Universal Installer

After you have configured a component, you cannot deconfigure it. An alternative is to disable the component, which prevents it from starting when you start your application server instance. It also removes the component from the System Components list in the Application Server Control Console, and from the opmnctl status output. Section 3.4, "Enabling and Disabling Components" describes how to disable a component.

7.4 Deleting OC4J Instances

Guidelines for deleting OC4J instances are as follows:

You cannot delete OC4J instances that were created by Oracle Application Server during installation.

These include home, OC4J_BI_FORMS, OC4J_Portal, OC4J_Wireless, and OC4J_SECURITY. An alternative is to disable an OC4J instance, which prevents it from starting when you start your application server instance. It also removes the component from the System Components list on the Application Server Control Console, and from the opmnctl status output.

See Also:
Section 3.4, "Enabling and Disabling Components"
You can delete OC4J instances that were created by a user after installation.

Deleting these instances removes all applications deployed to the instance. You can delete an OC4J instance using dcmctl or the Application Server Control Console.

To delete an OC4J instance using dcmctl:
```
(UNIX) ORACLE_HOME/dcm/bin/dcmctl removeComponent -co OC4J_instance_name
(Windows) ORACLE_HOME\dcm\bin\dcmctl removeComponent -co OC4J_instance_name
```
For example, on UNIX:
```
ORACLE_HOME/dcm/bin/dcmctl removeComponent -co OC4J_myapps
```
To delete an OC4J instance using the Application Server Control Console:
1. Navigate to the Application Server Home page for the instance that contains the OC4J instance.
2. In the System Components section, select the check box for the OC4J instance and click Delete OC4J Instance.

7.5 Configuring J2EE and Web Cache to Use Infrastructure Services

When you install a J2EE and Web Cache instance, you have the option of using the following Infrastructure Services:

Oracle Identity Management

This enables the J2EE and Web Cache instance to use Single Sign-On services.
OracleAS Farm Repository Management

This adds the J2EE and Web Cache instance to the farm of a specified repository, thus enabling it to join an OracleAS Cluster.

If you did not choose these options during installation, you can configure them after installation using the Infrastructure page on the Application Server Control Console, shown in Figure 7-2.

Figure 7-2 Application Server Control Console Infrastructure Page

Description of "Figure 7-2 Application Server Control Console Infrastructure Page"

This section contains the following procedures for configuring a J2EE and Web Cache instance to use Infrastructure services:

To configure a J2EE and Web Cache instance to use Oracle Identity Management, refer to Section 7.5.1.
To configure a J2EE and Web Cache instance to use OracleAS Metadata Repository, refer to Section 7.5.2. Note that the instance must already use Oracle Identity Management.
To configure a J2EE and Web Cache instance to use an Existing Database (an OracleAS Metadata Repository that is not registered with Oracle Internet Directory used by this instance), refer to Section 7.5.3. Note that the instance may or may not use Oracle Identity Management.
If you have Oracle Identity Management and OracleAS Metadata Repository, and want to configure a J2EE and Web Cache instance to use OracleAS Metadata Repository only, you can follow the instructions in Section 7.5.4. In this scenario, OracleAS Metadata Repository is registered with Oracle Internet Directory.

Note that Oracle strongly recommends that you do not do this, but instead configure the instance to use Oracle Identity Management and then configure the instance to use the OracleAS Metadata Repository using the instructions in Section 7.5.2.
To configure a J2EE and Web Cache instance to use an existing file-based repository, refer to Section 7.5.5.
To configure a J2EE and Web Cache instance to use a new file-based repository, refer to Section 7.5.6.

7.5.1 Configuring Instances to Use Oracle Identity Management

This section describes how to configure a J2EE and Web Cache instance to use Oracle Identity Management, as shown in Figure 7-3.

Figure 7-3 J2EE and Web Cache Using Identity Management

J2EE and Web Cache With Identity Management

Description of "Figure 7-3 J2EE and Web Cache Using Identity Management"

Before you start, make sure that:

The Oracle Identity Management instance is started (status is Up).
You know the Oracle Internet Directory host and port numbers.
You know the password for cn=orcladmin, or another user who is a member of the iASAdmins group.

Then, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the Identity Management section, click Configure.

On the Internet Directory page:

Host: Enter the fully-qualified name of the Oracle Internet Directory host.
Port: If you do not check Use only SSL connections with Internet Directory, enter the non-SSL Oracle Internet Directory port number. Otherwise, enter the SSL Oracle Internet Directory port number.

Use only SSL connections with Internet Directory: By default, some middle-tier components connect to Oracle Internet Directory using non-SSL connections. If you want components to connect only to Oracle Internet Directory using SSL, check this box and make sure you entered the SSL Oracle Internet Directory port number in the Port field.

Note:

If you enter an SSL port number and inadvertently do not select Use only SSL connections with Internet Directory, the SSL port number takes precedence and connections to the Oracle Internet Directory are limited to secure connections only.

If this is not the behavior you intended, you can return to the Identity Management Wizard, enter a non-SSL port in the Port field, and make sure that Use only SSL connections with Internet Directory is cleared.

Click Next.

On the Login page:
- User Name: Enter cn=orcladmin, or the distinguished name of a user in the iASAdmins group.
- Password: Enter the password for the user.
Click Next.
On the Validation page, you receive informational messages regarding the validation of this operation and a warning that all of the components in the instance will be stopped. If you receive any error message, follow the instructions for investigating them. Otherwise, if the operation is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
1. Click Home to navigate to the Home page for the middle-tier instance.
2. Click Start All.

Your J2EE and Web Cache instance is now configured to use Oracle Identity Management services.

7.5.2 Configuring Instances with Oracle Identity Management to Use OracleAS Metadata Repository

This section describes how to configure a J2EE and Web Cache instance to use OracleAS Metadata Repository. This procedure requires that the J2EE and Web Cache instance is already using Oracle Identity Management, and OracleAS Metadata Repository is registered with that Oracle Identity Management, as shown in Figure 7-4.

Figure 7-4 J2EE and Web Cache (with Identity Management) Using OracleAS Metadata Repository

Description of "Figure 7-4 J2EE and Web Cache (with Identity Management) Using OracleAS Metadata Repository "

Before you start, make sure that:

OracleAS Metadata Repository is started (status is Up).
The Oracle Identity Management instance is started (status is Up).
You know the password for cn=orcladmin, or another user who is a member of the iASAdmins group.

Then, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the OracleAS Farm Repository Management section, click Configure.
On the Source page, choose OracleAS Metadata Repository. Then, click Next.
On the Internet Directory page:
- User Name: Enter cn=orcladmin or the distinguished name of a user in the iASAdmins group.
- Password: Enter the password for the user.
Notice that Use Only SSL connections with Internet Directory is grayed out. This is because you cannot specify this option in this operation.

Click Next.
On the Location page, select the OracleAS Metadata Repository you want to use from the Repository list. The Default Schema is always DCM. Then, click Next.
On the Validation page, you receive informational messages regarding the validation of this operation and a warning that components will be stopped. If you receive any error message, follow the instructions for investigating them. Otherwise, if the repository you specified is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
1. Click Home to navigate to the Home page for the middle-tier instance.
2. Click Start All.

Your J2EE and Web Cache instance is now in the OracleAS Metadata Repository's farm and can join an OracleAS Cluster in that farm.

See Also:

Oracle Application Server High Availability Guide for information on creating and using OracleAS Clusters

7.5.3 Configuring Instances to Use an Existing Database as a Repository

This section describes how to configure a J2EE and Web Cache instance to use an Existing Database (an OracleAS Metadata Repository that is not registered with Oracle Internet Directory) as the metadata repository. The J2EE and Web Cache instance may use Oracle Identity Management, as shown in Figure 7-5, or it may not, as shown in Figure 7-6.

Figure 7-5 J2EE and Web Cache (with Identity Management) Using an Existing Database

Description of "Figure 7-5 J2EE and Web Cache (with Identity Management) Using an Existing Database "

Figure 7-6 shows the J2EE and Web Cache instance using an existing database as a metadata repository, but not using Oracle Identity Management.

Figure 7-6 J2EE and Web Cache (Without Identity Management) Using an Existing Database

Description of "Figure 7-6 J2EE and Web Cache (Without Identity Management) Using an Existing Database"

Before you start, make sure that:

The Existing Database is started (status is Up).
You know the Net listener port and the service name for the Existing Database. These are listed in the entry for the Existing Database in the following file:
- On UNIX systems:
```
EXISTING_DB_ORACLE_HOME/network/admin/tnsnames.ora
```
- On Windows systems:
```
EXISTING_DB_ORACLE_HOME\network\admin\tnsnames.ora
```
You know the password for the DCM schema in the database.

If you have just installed the Existing Database and have not used the DCM schema yet, note that the password is generated randomly during installation. To change the random password to a known value, use the ALTER USER command in SQL*Plus, as shown in the following example (be sure to set the ORACLE_HOME and ORACLE_SID environment variables first):
```
sqlplus "SYS/sys_password as SYSDBA"
SQL> ALTER USER dcm IDENTIFIED BY new_password;
```
If the schema is already in use, use the current password. To find the current password, use the following command:
```
SELECT password FROM dba_users WHERE username='DCM';
```

Then, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the OracleAS Farm Repository Management section, click Configure.
On the Source page, choose Existing Database. (Note: If the OracleAS Metadata Repository option is grayed out, it is because the J2EE and Web Cache instance is not using Oracle Identity Management). Then, click Next.
On the Login page, fill in the following fields:
- User Name: DCM.
- Password: Enter the DCM schema password.
- Hostname and Port: Enter the hostname and Net listener port for the Existing Database. For example: myhost:1521.
- Service Name: Enter the service name for the Existing Database. For example, orcl.myco.com.
Click Next.
On the Validation page, you receive informational messages regarding the validation of this operation. If you receive any error message, follow the instructions for investigating them. Otherwise, if the operation is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
1. Click Home to navigate to the Home page for the instance.
2. Click Start All.

Your J2EE and Web Cache instance is now in the Existing Database's farm and can join an OracleAS Cluster in that farm.

7.5.4 Configuring Instances Without Oracle Identity Management to Use OracleAS Metadata Repository

This section describes how to configure a J2EE and Web Cache instance to use OracleAS Metadata Repository for its metadata. This procedure assumes that OracleAS Metadata Repository is registered with Oracle Internet Directory and that the J2EE and Web Cache instance is not using Oracle Identity Management.

Caution:

This configuration is not recommended. Instead, Oracle recommends that you register the J2EE and Web Cache with Oracle Identity Management (see Section 7.5.1) and then configure it to use OracleAS Metadata Repository (see Section 7.5.2).

This configuration is shown in Figure 7-7.

Figure 7-7 J2EE and Web Cache (Without Identity Management) Using OracleAS Metadata Repository

Description of "Figure 7-7 J2EE and Web Cache (Without Identity Management) Using OracleAS Metadata Repository"

Before you start, make sure that:

OracleAS Metadata Repository is started (status is Up)
You know the password for the DCM schema in the database

If you have just installed the Existing Database and have not used the DCM schema yet, note that the password is generated randomly during installation. To change the random password to a known value, use the ALTER USER command in SQL*Plus, as shown in the following example (be sure to set the ORACLE_HOME and ORACLE_SID environment variables first):
```
sqlplus "SYS/sys_password as SYSDBA"
SQL> ALTER USER dcm IDENTIFIED BY new_password;
```
If the schema is already in use, use the current password. To find the current password, use the following command:
```
SELECT password FROM dba_users WHERE username='DCM';
```
The Oracle Identity Management instance to which OracleAS Metadata Repository is registered is started (status is Up)
You know the password for cn=orcladmin, or another user who is a member of the iASAdmins group

Then, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the OracleAS Farm Repository Management section, click Configure.
On the Source page, choose Existing Database. (Note: The OracleAS Metadata Repository option is grayed out because the J2EE and Web Cache instance is not using Oracle Identity Management). Then, click Next.
On the Login page, fill in the following fields:
- User Name: Enter DCM.
- Password: Enter the DCM schema password.
- Hostname and Port: Enter the hostname and Net listener port for the Existing Database. For example: myhost:1521.
- Service Name: Enter the service name for OracleAS Metadata Repository. For example, orcl.myco.com.
Click Next.
On the Validation page, you receive informational messages regarding the validation of this operation. If you receive any error message, follow the instructions for investigating them. Otherwise, if the operation is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
1. Click Home to navigate to the Home page for the instance.
2. Click Start All.

Your J2EE and Web Cache instance is now in the OracleAS Metadata Repository's farm and can join an OracleAS Cluster in that farm.

7.5.5 Configuring Instances to Use an Existing File-Based Repository

This section describes how to configure a J2EE and Web Cache instance to use an existing file-based repository. The instance does not use Oracle Identity Management or OracleAS Metadata Repository.

Before you start, make sure that:

The instance that contains the file-based repository is started (status is Up).
You know the File-Based Repository ID for the farm. The ID can be found on the Infrastructure page of an instance already in the farm.

Then, take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the OracleAS Farm Repository Management section, click Configure.
On the Source page, choose Existing file-based repository. Then, click Next.
In the Location page, enter the File-Based Repository ID for the farm. The ID can be found on the Infrastructure page of an instance already in the farm. Then, click Next.
The Validation page displays informational messages regarding the validation of this operation. If you receive any error message, follow the instructions for investigating them. Otherwise, if the repository you specified is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
1. Click Home to navigate to the Home page for the instance.
2. Click Start All.

7.5.6 Configuring Instances to Use a New File-Based Repository

This section describes how to configure a J2EE and Web Cache instance to create and use a new file-based repository. The instance does not use Oracle Identity Management or OracleAS Metadata Repository.

Take the following steps:

Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the OracleAS Farm Repository Management section, click Configure.
On the Source page, choose New file-based repository. Then, click Next.
The Validation page displays informational messages regarding the validation of this operation. If you receive any error message, follow the instructions for investigating them. Otherwise, if the repository you specified is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
1. Click Home to navigate to the Home page for the instance.
2. Click Start All.

7.6 Disabling and Enabling Anonymous Binds

Beginning with Release 2 (10.1.2.0.2), you can enable and disable anonymous binds (anonymous authentication) in Oracle Internet Directory. By default, anonymous binds are enabled.

Although disabling anonymous binds is useful in many runtime environments, most configuration changes, such as the following, require that anonymous binds are enabled:

Installing new components with Oracle Universal Installer
Configuring components with Application Server Control Console
Changing the host name, domain name, or IP address of a host on which you have installed Oracle Application Server
Cloning

7.6.1 Disabling Anonymous Binds for RunTime Environments

To disable anonymous binds, take the following steps:

Shut down all middle tiers that are connected to the OracleAS Infrastructure, as described in Section 3.2.6, "Stopping a Middle-Tier Instance".

Shut down OracleAS Infrastructure, in all Infrastructure Oracle homes:

(UNIX) ORACLE_HOME/opmn/bin/opmnctl stopall
(Windows) ORACLE_HOME\opmn\bin\opmnctl stopall

Start Oracle Internet Directory, because it must be started while you perform the procedure:

(UNIX) ORACLE_HOME/bin/oidmon connect=db_connect_string start
(Windows) ORACLE_HOME\bin\oidmon connect=db_connect_string start

Edit the ias.properties file for each middle tier connected to the OracleAS Infrastructure and for the Infrastructure Oracle home that contains OracleAS Single Sign-On and Oracle Delegated Administration Services. The ias.properties file is located in the following directory:
```
(UNIX) ORACLE_HOME/config
(Windows) ORACLE_HOME\config
```
In the ias.properties file, add the OIDAnonymousDisabled property to the file and set it to true:
```
OIDAnonymousDisabled=true
```
Edit the dads.conf file for each middle tier connected to the OracleAS Infrastructure and for the Infrastructure Oracle home that contains OracleAS Single Sign-On and Oracle Delegated Administration Services. The dads.conf file is located in the following directory:
```
(UNIX) ORACLE_HOME/Apache/modplsql/conf
(Windows) ORACLE_HOME\Apache\modplsql\conf
```
By default, the PlsqlDatabaseConnectString parameter contains a value that uses the LDAP name resolution format, for example:
```
PlsqlDatabaseConnectString cn=orcl, cn=oraclecontext NetServiceNameFormat
```
Comment out this line. (Do not delete it because you will need to revert to it if you want to enable anonymous binds in the future.)

Add the following line, which changes the value of the PlsqlDatabaseConnectString parameter to use the host:port:service format instead of LDAP name resolution:
```
PlsqlDatabaseConnectString db_host:db_hostdb_listener_port:db_service_name
```
In the example, db_host is the name of the host on which the OracleAS Metadata Repository for OracleAS Single Sign-On is installed, db_listener_port is the listener port for that OracleAS Metadata Repository, and db_service_name is the service name for the OracleAS Metadata Repository.
Use the ldapmodify command to disable anonymous binds. Use the command on the Oracle home that contains Oracle Internet Directory.

Take the following steps:
1. Create a text file with the following lines:
```
dn:
changetype: modify
replace: orclanonymousbindsflag
orclanonymousbindsflag: 0
```
2. Use the ldapmodify command, calling the text file created in the previous step as input. In the following example, the text file is named anon_off.ldif:
```
(Unix) ORACLE_HOME/bin/ldapmodify -h host -p port -D cn=orcladmin -w password -v -f anon_off.ldif
(Windows) ORACLE_HOME\bin\ldapmodify -h host -p port -D cn=orcladmin -w password -v -f anon_off.ldif
```

Stop Oracle Internet Directory:

(UNIX) ORACLE_HOME/bin/oidmon connect=db_connect_string stop
(Windows) ORACLE_HOME\bin\oidmon connect=db_connect_string stop

Start OracleAS Infrastructure, including Oracle Internet Directory, in the Oracle Internet Directory Oracle home, then in any other OracleAS Infrastructure Oracle homes:
```
(UNIX) ORACLE_HOME/opmn/bin/opmnctl startall
(Windows) ORACLE_HOME\opmn\bin\opmnctl startall
```
Start all middle tiers that are connected to the Infrastructure, as described in Section 3.2.5, "Starting a Middle-Tier Instance".

7.6.2 Enabling Anonymous Binds for Configuration Changes

If you have disabled anonymous binds, you must take the following steps to enable anonymous binds before you can make configuration changes to Oracle Application Server middle tiers or OracleAS Infrastructure:

Shut down all middle tiers that are connected to the OracleAS Infrastructure, as described in Section 3.2.6, "Stopping a Middle-Tier Instance".

Shut down OracleAS Infrastructure, in all Infrastructure Oracle homes:

(UNIX) ORACLE_HOME/opmn/bin/opmnctl stopall
(Windows) ORACLE_HOME\opmn\bin\opmnctl stopall

Start Oracle Internet Directory, because it must be started while you perform the procedure:

(UNIX) ORACLE_HOME/bin/oidmon connect=db_connect_string start
(Windows) ORACLE_HOME\bin\oidmon connect=db_connect_string start

Edit the ias.properties file for each middle tier connected to the OracleAS Infrastructure and for the Infrastructure Oracle home that contains OracleAS Single Sign-On and Oracle Delegated Administration Services. The ias.properties file is located in the following directory:
```
(UNIX) ORACLE_HOME/config
(Windows) ORACLE_HOME\config
```
In the ias.properties file, set the OIDAnonymousDisabled property to false:
```
OIDAnonymousDisabled=false
```
If the property does not exist in the file, or if it is set to false, anonymous binds are enabled.
Edit the dads.conf file for each middle tier connected to the OracleAS Infrastructure and for the Infrastructure Oracle home that contains OracleAS Single Sign-On and Oracle Delegated Administration Services. The dads.conf file is located in the following directory:
```
(UNIX) ORACLE_HOME/Apache/modplsql/conf
(Windows) ORACLE_HOME\Apache\modplsql\conf
```
If you previously commented out the line that contains the PlsqlDatabaseConnectString parameter with a value that uses the LDAP name resolution format, uncomment out that line. If you deleted the line, add a line using the following format:
```
PlsqlDatabaseConnectString cn=orcl, cn=oraclecontext NetServiceNameFormat
```
If you previously added a line similar to the following, which contains the PlsqlDatabaseConnectString parameter with a value that use host:port:service format, comment out the line:
```
PlsqlDatabaseConnectString db_host:db_hostdb_listener_port:db_service_name
```
Use the ldapmodify command to enable anonymous binds. Use the command on the Oracle home that contains Oracle Internet Directory.

Take the following steps:
1. Create a text file with the following lines:
```
dn:
changetype: modify
replace: orclanonymousbindsflag
orclanonymousbindsflag: 1
```
2. Use the ldapmodify command, calling the text file created in the previous step as input. In the following example, the text file is named anon_on.ldif:
```
(Unix) ORACLE_HOME/bin/ldapmodify -h host -p port -D cn=orcladmin -w password -v -f anon_on.ldif
(Windows) ORACLE_HOME\bin\ldapmodify -h host -p port -D cn=orcladmin -w password -v -f anon_on.ldif
```

Stop Oracle Internet Directory:

(UNIX) ORACLE_HOME/bin/oidmon connect=db_connect_string stop
(Windows) ORACLE_HOME\bin\oidmon connect=db_connect_string stop

Start OracleAS Infrastructure, including Oracle Internet Directory, in the Oracle Internet Directory Oracle home, then in any other OracleAS Infrastructure Oracle homes:
```
(UNIX) ORACLE_HOME/opmn/bin/opmnctl startall
(Windows) ORACLE_HOME\opmn\bin\opmnctl startall
```
Start all middle tiers that are connected to the Infrastructure, as described in Section 3.2.5, "Starting a Middle-Tier Instance".