My Oracle Support Banner

Stack Patch Bundle for Oracle Identity Management Products (Doc ID 2657920.1)

Last updated on JULY 23, 2021

Applies to:

Oracle Identity Management Suite
Oracle Access Manager - Version 12.2.1.3.0 and later
Oracle Unified Directory - Version 12.2.1.3.0 and later
Oracle Internet Directory - Version 12.2.1.3.0 and later
Identity Manager - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Details

Background

Most 12.2.1.x Identity Management product installations require an Oracle Fusion Middleware product installation. In addition to the Oracle Fusion Middleware installation, Oracle Identity Governance also requires an Oracle SOA Suite installation.

Together with the actual Identity Management product installation, these dependent installed products share certain underlying tech stack components which can be impacted by updates or patches.

Starting in January 2020, quarterly testing and certification is provided for the applicable underlying component patches indicated for select Oracle Identity Management 12c products. This was announced in Document 2627261.1.

Details

To further simplify the patching process, starting with the July 2020 quarterly release, a Stack Patch Bundle (SPB) was made available for select version 12.2.1.4 Identity Management Products on Linux based platforms.
Starting with the January 2021, SPB availability was extended to the 12.2.1.3 version and with the April 2021 release, SPB was made available for Solaris, Solaris on SPARC and Windows platforms as well.

The quarterly SPB includes the bundle patches for each of the select Identity Manager products as well as the patches for their respective underlying components.

The SPB also includes the SPBAT tool which can be used to apply all of the patches for a single product with a single command by using a phased approach. 

The phases for patch application include:

Preparation (or prerequisite) Phase where you'll download, stage and verify the details needed for SPB and the SPBAT commands.

Analysis (or prestop) Phase where analysis is performed to identify corrective actions needed to address any conflicts or prerequisite requirements prior to starting the patch application process.

The result of this phase is an HTML report showing whether or not there are any missing prerequisite steps or patch conflicts requiring intervention (such as new one offs that might be needed as a result of the patch applications) and verification that you can proceed to apply the patches using the downtime command.

Patching (or downtime) Phase where the product specific patches are applied.

This phase is entered only after you've verified through the analysis phase that you're ready to apply the patches and after you've taken the necessary steps to back up the environment.

Poststart Phase where any additional required patching steps are performed.

System Overview Note: The following install scenarios are considered.

The MW_HOME (Middleware Home) setup for IDM 12.2.1.x is broken down in to the following categories:

  • Oracle Access Manager
  • Oracle Identity Governance
  • Collocated Oracle Universal Directory
  • Collocated Oracle Internet Directory

With respect to the SPB, the above categories are described as separate install types, each containing a dedicated MW_HOME deployed in dedicated VMs/Hosts.

In case the setup is spread across multiple VMs/Hosts, then perform the phased patch application steps for each MW_HOME on the respective VMs/Hosts.
If there are multiple MW_HOME locations on the same VM, then perform the phased patch application steps for each MW_HOME separately.
In the case that future functional support allows for two or more install types share the same MW_HOME, then perform the phased patch application steps for each install type against the MW_HOME.

Limitations

The SPBAT utility automates the binary patch apply for the patches that are obtained through the SPB bundle only. It excludes the configuration actions and server restart operations.
The SPBAT utility does not handle the start, stop, and postpatching configuration operations of the servers. The user can use either custom startup/shutdown scripts or the ones available with the product. The post patch configuration operations, if any, must be manually performed, as documented in the SPB README.txt
The SPBAT utility has minimalistic error handling, and it relies on the correctness of the input values provided by the user while using the tool.
The SPBAT utility does not create any backup of the environment/application/configuration/data prior to individual patching of the product or component.
The SPBAT utility does not provide rollback support. For any issues, use the backups (created during downtime) to restore the environment. However, while applying SPB, existing one-offs present in the MW_HOME can be rolled back. Manually review the MW_HOME inventory and re-apply any one-offs that might have been rolled back during the application of IDM SPB.

As all of the patches included and applied with SPB are not Zero-Downtime (ZDT) patches, SPB is also not ZDT eligible.

Product Specific Patches Included In the Current SPB

SPB Patch ID and VersionIdentity Management ProductPatches Included and Applied Using SPBReference/Details

 

 

 

 

 

 

12.2.1.4 Identity Management

July 2021 SPB

Current Version: 12.2.1.4.210721
Patch 33141144

 

 

 Oracle Access Manager

12.2.1.4

Patch 32971905 Oracle Access Manager BP 12.2.1.4.210607 released July 2021
Patch 28186730 OPatch 13.9.4.2.6 released July 2021
Patch 33059296 WLS PSU 12.2.1.4.210629 released July 2021
Patch 31544353 ADR CPU for WLS released July 2020
Patch 32973297 Coherence BP 12.2.1.4.10 released July 2021
Patch 33093748 FMW SPU released Apr 2021
Patch 32880070 FMW Common ThirdParty SPU Patch released July 2021
Patch 32999272 FMW Upgrade Patch released July 2021
Patch 33084721 ADF BP 12.2.1.4.210706 released July 2021
Patch 32784652 OPSS BP 12.2.1.4.210418 released Apr 2021
Patch 20812896 libOVD Patch
 

 

 Oracle Identity Governance

12.2.1.4

Patch 33092785 Oracle Identity Governance BP 12.2.1.4.210708 released July 2021
Patch 28186730 OPatch 13.9.4.2.6 released July 2021
Patch 33059296 WLS PSU 12.2.1.4.210629 released July 2021
Patch 31544353 ADR CPU for WLS released July 2020
Patch 32973297 Coherence BP 12.2.1.4.10 released July 2021
Patch 33093748 FMW SPU released Apr 2021
Patch 32880070 FMW Common ThirdParty SPU Patch released July 2021
Patch 32999272 FMW Upgrade Patch released July 2021
Patch 33084721 ADF BP 12.2.1.4.210706 released July 2021
Patch 32784652 OPSS BP 12.2.1.4.210418 released Apr 2021
Patch 32905339 WebCenter Core BP 12.2.1.4.210602 released July 2021
Patch 32957445 SOA BP 12.2.1.4.210602 released July 2021
Patch 32905339 OWSM BP 12.2.1.4.210520 released July 2021
 

 

 Oracle Unified Directory
Collocated Only

12.2.1.4

Patch 32730494 Oracle Unified Directory BP 12.2.1.4.210406 released Apr 2021
Patch 28186730 OPatch 13.9.4.2.6 released July 2021
Patch 33059296 WLS PSU 12.2.1.4.210629 released July 2021
Patch 31544353 ADR CPU for WLS released July 2020
Patch 32973297 Coherence BP 12.2.1.4.10 released July 2021
Patch 33093748 FMW SPU released Apr 2021
Patch 32880070 FMW Common ThirdParty SPU Patch released July 2021
Patch 32999272 FMW Upgrade Patch released July 2021
Patch 33084721 ADF BP 12.2.1.4.210706 released July 2021
 

 

Oracle Internet Directory
Collocated Only

12.2.1.4

Patch 33115009 Oracle Internet Directory BP 12.2.1.4.210714 released July 2021
Patch 28186730 OPatch 13.9.4.2.6 released July 2021
Patch 33059296 WLS PSU 12.2.1.4.210629 released July 2021
Patch 31544353 ADR CPU for WLS released July 2020
Patch 32973297 Coherence BP 12.2.1.4.10 released July 2021
Patch 33093748 FMW SPU released Apr 2021
Patch 32880070 FMW Common ThirdParty SPU Patch released July 2021
Patch 32999272 FMW Upgrade Patch released July 2021
Patch 33084721 ADF BP 12.2.1.4.210706 released July 2021
 

 

 

 

 

 

 

12.2.1.3 Identity Management

July 2021 SPB

 Current Version: 12.2.1.3.210721
Patch 33140990

 

Oracle Access Manager

12.2.1.3

Patch 33068703 Oracle Access Manager BP 12.2.1.3.210701 released July 2021
Patch 28186730 OPatch 13.9.4.2.6 released July 2021
Patch 33064699 WLS PSU 12.2.1.3.210630 released July 2021
Patch 31544340 ADR CPU for WLS released July 2020
Patch 31613012 OHT CPU for 12.2.1.3.0
Patch 32973279 Coherence 12.2.1.3.15 BP released July 2021
Patch 32910589 FMW Common ThirdParty SPU Patch released Apr 2021
Patch 32982708 FMW SPU released Apr 2021
Patch 32999272 FMW Upgrade Patch released July 2021
Patch 32997257 ADF 12.2.1.3.210614 BP released July 2021
Patch 32397127 OPSS 12.2.1.3.210420 BP released Apr 2021
Patch 26819748 libOVD One-Off patch released Aug 2020
Patch 25032984 JDBC Driver One-Off patch released Dec 2019
 

 

Oracle Identity Governance

12.2.1.3

Patch 33112283 Oracle Identity Governance BP 12.2.1.3.210713 released July 2021
Patch 28186730 OPatch 13.9.4.2.6 released July 2021
Patch 33064699 WLS PSU 12.2.1.3.210630 released July 2021
Patch 31544340 ADR CPU for WLS released July 2020
Patch 31613012 OHT CPU for 12.2.1.3.0
Patch 32973279 Coherence 12.2.1.3.15 BP released July 2021
Patch 32910589 FMW Common ThirdParty SPU Patch released Apr 2021
Patch 32982708 FMW SPU released Apr 2021
Patch 32999272 FMW Upgrade Patch released July 2021
Patch 32997257 ADF 12.2.1.3.210614 BP released July 2021
Patch 32397127 OPSS 12.2.1.3.210420 BP released Apr 2021
Patch 32944190 SOA BP 12.2.1.3.210530 released July 2021
Patch 32917014 OWSM BP 12.2.1.3.200524 released July 2021
Patch 32972706 WebCenter Core BP 12.2.1.3.210604 released July 2021
 

 

Oracle Unified Directory
Collocated Only

12.2.1.3

Patch 32746591 Oracle Unified Directory BP 12.2.1.3.210408 released Apr 2021
Patch 28186730 OPatch 13.9.4.2.6 released July 2021
Patch 33064699 WLS PSU 12.2.1.3.210630 released July 2021
Patch 31544340 ADR CPU for WLS released July 2020
Patch 31613012 OHT CPU for 12.2.1.3.0
Patch 32973279 Coherence 12.2.1.3.15 BP released July 2021
Patch 32910589 FMW Common ThirdParty SPU Patch released Apr 2021
Patch 32982708 FMW SPU released Apr 2021
Patch 32999272 FMW Upgrade Patch released July 2021
Patch 32997257 ADF 12.2.1.3.210614 BP released July 2021/td>
 

 Oracle Internet Directory
Collocated Only

12.2.1.3

Patch 33114859 Oracle Internet Directory BP 12.2.1.3.210714 released July 2021
Patch 28186730 OPatch 13.9.4.2.6 released July 2021
Patch 33064699 WLS PSU 12.2.1.3.210630 released July 2021
Patch 31544340 ADR CPU for WLS released July 2020
Patch 31613012 OHT CPU for 12.2.1.3.0
Patch 32973279 Coherence 12.2.1.3.15 BP released July 2021
Patch 32910589 FMW Common ThirdParty SPU Patch released Apr 2021
Patch 32982708 FMW SPU released Apr 2021
Patch 32999272 FMW Upgrade Patch released July 2021
Patch 32997257 ADF 12.2.1.3.210614 BP released July 2021

 

Actions

Overview

The Stack Patch Bundle contains a README.txt file with the steps needed to apply the patches. The following information is provided to assist in planning and understanding the end-to-end patching process.

Initial Preparation:
  1. Create or designate a directory where you will extract the contents of the SPB. The location should be accessible to all IDM hosts and have read, write and execute permissions enabled and since the SPB contains many patches, it's large - so this location should also have plenty of space. The path to this location will be used to build one of the required inputs to the SPB patching commands, <spb_download_dir>.
  2. Create or designate a directory for the logs and reports which will be generated by the patching tool.  This location will be a required input to the SPB patching commands, <log_dir>.
  3. Identify the ORACLE_HOME directory for your product.  This location is synonymous with the MW_HOME directory which is used in the SPB README.txt file and will also be a required input to the SPB patching commands, <mw_home>.
  4. Download the SPB and extract it to the directory indicated in step 1.
  5. Verify the OPatch version in your products ORACLE_HOME.  If it does not meet the minimum requirement (currently 13.9.4.2.4) unzip the included OPatch patch as indicated in the SPB README.txt file, perform a cold backup of the ORACLE_HOME and update opatch using the steps in the opatch readme file.
  6. In case the setup is spread across multiple VMs/Hosts, repeat these steps for each MW_HOME on the respective VMs/Hosts.
Analysis Phase:
  1. Using the variables identified earlier and the instructions in the SPB README.txt file, run the SPBAT prestop command for your product.
    For example, consider the case where you have a single node Oracle Identity Governance environment with the MW_HOME at /opt/oracle/IAM12c, the SPB has been downloaded and staged in /home/oracle/Downloads and a log directory OIGlogs has been created in the same location.
    In that case, the command to run prestop will be like:  
  2. While poststart is running, you'll see some output in the terminal window - which you'll need to keep open until it completes.
    The output includes information about logs which are generated as the command is run and details about an additional command you can run in a different terminal to know the status.
    When poststart completes it will show a message indicating either success or failure.
  3. After the poststart command has completed, follow the "After Server Startup" instructions for your product as provided in the SPB README.txt file.
    For example, the instructions for OIG are like:
         B) After Server Startup
              i. Update $OIM_ORACLE_HOME/server/bin/patch_oim_wls.profile
                  For detailed instructions, please refer to the section 'Stage 2: Filling in the patch_oim_wls.profile File' in IDM_SPB_12.2.1.4./etc/OIG_Bundle_Patch_Readme_12.2.1.4.200624.htm .
             ii.Execute $OIM_ORACLE_HOME/server/bin/patch_oim_wls.sh.
  4. As indicated in the OIG readme referenced above, for OIG installs, you'll need to clear out the contents of the tmp directory in each of the OIG managed servers $DOMAIN_HOME/servers/<SERVER_NAME> locations.
  5. In case the setup is spread across multiple VMs/Hosts, repeat these steps for each MW_HOME on the respective VMs/Hosts.
  6. Complete Validation - Once the SPB patching activity is complete, restart and verify the environment and URLs.

Contacts

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.