CA Identity Manager High Availability & JBoss Clustering

CA Identity Manager 12.x uses caching for transactions. The utilization of this feature can cause synchronization issues if the application is setup in a high availability mode without application server clustering.

An example I can give is a project I was involved with using JBoss as the CA IdM application server. As such I will be addressing JBoss clustering in this entry.

JBoss uses a Hypersonic database to manage internal JMS data (JMS Queues). JBoss uses the JMS queues for tracking tasks and processes within the application. It is recommended to use a shared MS SQL database for the JMS database. There are documents available online which explain how to migrate from Hypersonic to MS SQL. In my example we opted to use the same MS SQL infrastructure used by Identity Manager to house the JMS database. In simplified terms, the steps to accomplish to clustering of IdM on JBoss is as follows:

1. Create a new SQL database (JBOSS_JMS)
2. Create a user/owner for this DB (jbossjms)
3. Migrate JBoss to SQL from the Hypersonic DB
4. Bring all services back up and test to ensure the migration was successful
5. Follow the procedures in the IdM documentation to configure JBoss clustering

More Here


Oracle Fusion Stack 11g Install Videos

  • Oracle Identity Manger 11g
  • Oracle Access Manager 11g
  • Oracle Adaptive Access Manager 11g
  • Oracle Identity Federation 11g
  • Oracle Internet Directory 11g
  • Oracle Virtual Directory 11g
  • Oracle HTTP Server
  • Oracle Directory Integration Platform 11g
  • Oracle WebLogic Server 11g
  • Oracle Database 11gR2
  • Oracle Identity Navigator 11g
  • Oracle Authorization Policy Manager
  • Oracle Platform Security Services

  1. Installing Oracle Enterprise Linux 5 Update 3 on VMWare
  2. Installing and Configuring Oracle Database 11g Revision 2 (11gR2)
  3. Installing WebLogic Server 11gR1 (10.3.3)
          More Here

Configuring Design Console for OIM 11g

In OIM 11g, Design Console still is a required tool for system configuration, custom development and customization. But differently from OIM 9.x, Design Console 11g does not have its own installer anymore. It is installed and configured along with the OIM server installation.

One of the common questions around Design Console 11g is: if there is no installer anymore, how do I get it working on my desktop/laptop without installing the whole Identity and Access Management pack?

This is an easy task and this post describes the steps for getting it done:

1. If you don't have a JDK 1.6 in your laptop, you will have to install it.

2. Run the configuration script for OIM once again. The script is available at $IAM_HOME/bin (where IAM_HOME is the folder where the ‘Identity and Access Management Pack’ was installed). You have to run the ‘’ that is available at $IAM_HOME/bin folder and NOT the one available at ‘$IAM_HOME/common/bin/’

3. In the configuration wizard, select ‘Design Console’ checkbox ONLY.

4. In the next screen, enter the OIM server host and port name. The wizard will configure the Design Console files for you