Getting started with ORAchk for Oracle IAM

Getting started with ORAchk for Oracle IAM

Lets try to run ORAchk for Oracle IAM and get the report!
I'll run this tool with "Runtime execution of healthcheck" option because this healthcheck involves daily use for running IAM systems.

[oracle@oim11gr2ps2 orachk]$ unzip ./orachk_idm.zip
[oracle@oim11gr2ps2 orachk]$ ./orachk -idmruntime

Running orachk on Oracle Identity Management System:


JAVA_HOME is set to '/usr/java/jdk1.7.0_51/' on oim11gr2ps2. Do you want to continue with same[y/n][y] :

Initiating Oracle Identity Management discovery on oim11gr2ps2(Single Node) :

Running Oracle Identity Management healthchecks..


List of running databases
1. oimdb
2. None of above

Select databases from list for checking best practices. For multiple databases, select 1 for All or comma separated number like 1,2 etc [1-2][1].1
. .

. . . . . . . . . . . . . .
. . . . . . . . . .


*** Checking Best Practice Recommendations (PASS/WARNING/FAIL) ***



Collections and audit checks log file is
/oracle/orachk/orachk_oim11gr2ps2_oimdb_021516_134722/log/orachk.log



Checking for prompts in /home/oracle/.bash_profile on oim11gr2ps2 for oracle user...


. .
=============================================================
                    Node name - oim11gr2ps2
=============================================================
. . . . .

Collecting - Kernel parameters
Collecting - OS Packages
Collecting - OS Packages
Collecting - XML Checks


Data collections completed. Checking best practices on oim11gr2ps2.
--------------------------------------------------------------------------------------


 WARNING => Check has failed because "Allow Multiple Instances" and "Conditional" flags are not set for OIM process tasks. for oimdb
 WARNING => Check has failed because OIM features - Reconciliation or Provisioning or Request have not been selected for purge in the Online Data Purge scheduled job. for oimdb
 WARNING => Check has failed because Redo log member size is set to default 50 MB or less than recommended value of 512 MB. for oimdb
 WARNING => Verification of OIM Certification configuration has failed.
 FAIL =>    OimFrontEndURL and OIMExternalFrontEndURL are not configured properly in Discovery MBean.
 WARNING => Check has failed because DB indexes are not created for all the searchable UDFs of OIM User entity.
 FAIL =>    OIM-SOA is not configured properly.
 FAIL =>    OIM JDBC connection pool parameters are configured incorrectly.
 WARNING => Validation of Plugin and Adapter configuration failed.
 WARNING => Validation DomainLogBroadcastSeverity configuration for OIM server failed.
 FAIL =>    The service account don't have the rights to perform operation.
 WARNING => Check has failed because Access Policy Harvesting is not configured properly.
 FAIL =>    Check has failed because OIM Provisioning callback service deployment is in an invalid state.
 FAIL =>    Check has failed because OIM Scheduler service is not running, or Job history archival is not correctly configured.
 FAIL =>    Weblogic Admin credentials is not same across different configurations
 FAIL =>    JVM is not configured to use LargePages
 FAIL =>    Segregation of Duties(SoD) configuration done incorrectly


Best Practice checking completed.Checking recommended patches on oim11gr2ps2.
---------------------------------------------------------------------------------


---------------------------------------------------------------------------------


---------------------------------------------------------------------------------
              RDBMS homes patches summary report
---------------------------------------------------------------------------------
Total patches  Applied on RDBMS Applied on ASM ORACLE_HOME
---------------------------------------------------------------------------------
---------------------------------------------------------------------------------



---------------------------------------------------------------------------------

Detailed report (html) - /oracle/orachk/orachk_oim11gr2ps2_oimdb_021516_134722/orachk_oim11gr2ps2_oimdb_021516_134722.html


UPLOAD(if required) - /oracle/orachk/orachk_oim11gr2ps2_oimdb_021516_134722.zip

And here is some screens from report. My DEV environment has 67 points of System Health Score.

  1. Summary
  2. Here is list of checks with WARNING and FAIL status
  3. Click "View" from "Details" column and get recommendations

If I have more than one report, I can merge it:

[oracle@oim11gr2ps2 orachk]$ ./orachk -merge orachk_oim11gr2ps2_oimdb_021516_134722.zip,orachk_oim11gr2ps2_oimdb_102915_110553.zip,orachk_oim11gr2ps2_oimdb_102915_120922.zip

Merging following collections:

  orachk_oim11gr2ps2_oimdb_021516_134722.zip
  orachk_oim11gr2ps2_oimdb_102915_110553.zip
  orachk_oim11gr2ps2_oimdb_102915_120922.zip
.

Started merging orachk_oim11gr2ps2_oimdb_021516_134722.zip
  .........................................

Started merging orachk_oim11gr2ps2_oimdb_102915_110553.zip
  ..........................................

Started merging orachk_oim11gr2ps2_oimdb_102915_120922.zip
  ..........................................

---------------------------------------------------------------------------------
Detailed report (html) - /oracle/orachk/orachk_oim11gr2ps2_oimdb_021516_134722_merge/orachk_oim11gr2ps2_oimdb_021516_134722_merge.html


UPLOAD(if required) - /oracle/orachk/orachk_oim11gr2ps2_oimdb_021516_134722_merge.zip

ORAchk also contains Collection Manager. It is an APEX Application (CollectionManager_App.sql from orachk_idm.zip) that helps to manage and track ORAchk collection data uploaded to tables in a database.

Tags:

Add new comment