Create LOV from OID entries
I do not know how to build a LOV from the available list of user ids in Internet Directory. My intention is to use the Internet Directory as my "system of record" for Personnel and reference the User ID in records in the database. Is there a way to build a materialized view for this? or is there some other mechanism you can point me to?
I am building a slew of data capture forms of which I would like to enter the userid of the logged in user. I know how to use wwctx_api.get_user_id however my user may want to override their name with someone else.
Ergo, my need for an LOV.
I had the same problem
not sure about going to the tables direct, a little messy
have a look a d the OID developers guide there is an example of querying the OID using DBMS_LDAP
here is my fucntion to get the parameter that i need form OID it returns any array of records then you can process the array
type user_profile_rec is record (
first_name varchar2(100)
,last_name varchar2(100)
,cn varchar2(100)
,dn varchar2(200)
,displayname varchar2(200)
,jpegPhoto varchar2(10000)
,orclisvisible varchar2(10));
type profile_array is table of user_profile_rec index by binary_integer;
function user_profiles ( ldap_host VARCHAR2 default portal.wwsec_oid.GET_OID_HOST
,ldap_port VARCHAR2 default portal.wwsec_oid.GET_OID_PORT
,ldap_user VARCHAR2
,ldap_passwd VARCHAR2
,ldap_base VARCHAR2
,search_letter varchar2
) return profile_array
as
-- this function uses the dbms_ldap package to query the ldap repsoitory
-- to get the user details.
-- this will search the named source
-- create ldap parameters
retval PLS_INTEGER;
my_session DBMS_LDAP.session;
my_attrs DBMS_LDAP.string_collection;
my_message DBMS_LDAP.message;
my_entry DBMS_LDAP.message;
entry_index PLS_INTEGER;
my_dn VARCHAR2(256);
my_attr_name VARCHAR2(256);
my_ber_elmt DBMS_LDAP.ber_element;
attr_index PLS_INTEGER;
i PLS_INTEGER;
my_vals DBMS_LDAP.STRING_COLLECTION ;
-- ldap_host VARCHAR2(256);
-- ldap_port VARCHAR2(256);
-- ldap_user VARCHAR2(256);
-- ldap_passwd VARCHAR2(256);
-- ldap_base VARCHAR2(256);
-- value to hold the return string from ldap
val DBMS_LDAP.STRING_COLLECTION ;
-- create the varray variables ( define find in the package spec
profile_rec user_profile_rec;
profile_varray profile_array;
begin
retval := -1;
/*ldap_host := 'uk-abi-sap01.uk.evotecoai.com' ;
ldap_port := '4032';
ldap_user := 'cn=orcladmin';
ldap_passwd:= '1vindaloo';
ldap_base := 'cn=users,dc=uk,dc=evotecoai,dc=com';
-- Choosing exceptions to be raised by DBMS_LDAP library.
DBMS_LDAP.USE_EXCEPTION := TRUE;
my_session := DBMS_LDAP.init(ldap_host,ldap_port);
-- bind to the directory
retval := DBMS_LDAP.simple_bind_s(my_session,ldap_user, ldap_passwd);
-- issue the search
my_attrs(1) := 'sn'; -- retrieve all attributes
my_attrs(2) := 'dn'; -- retrieve all attributes
my_attrs(3) := 'cn'; -- retrieve all attributes
my_attrs(4) := 'givenname'; -- retrieve all attributes
my_attrs(5) := 'orclisvisible'; -- retrieve all attributes
my_attrs(5) := 'displayname'; -- retrieve all attributes
my_attrs(6) := 'jpegPhoto'; -- retrieve all attributes
retval := DBMS_LDAP.search_s(my_session, ldap_base,DBMS_LDAP.SCOPE_SUBTREE,'sn='||UPPER(search_letter)||'*',my_attrs,0,my_message);
-- count the number of entries returned
retval := DBMS_LDAP.count_entries(my_session, my_message);
-- get the first entry
my_entry := DBMS_LDAP.first_entry(my_session, my_message);
entry_index := 1;
-- Loop through each of the entries one by one
while my_entry IS NOT NULL loop
-- print the current entry
-- return the dn for the current user row
my_dn := DBMS_LDAP.get_dn(my_session, my_entry);
profile_rec.dn := my_dn;
-- gets the arribs the check to make sure one is returned then assign to the array
val:= dbms_ldap.GET_VALUES( LD=>my_session, LDAPENTRY=>my_entry, ATTR=>'givenname' );
-- check if returned
if val.COUNT > 0 then
-- loop thought the values
FOR i in val.FIRST..val.LAST loop
-- set the value in the array
profile_rec.first_name := SUBSTR(val(i),1,200);
end loop;
end if;
-- get the sn
i:=1;
val:= dbms_ldap.GET_VALUES( LD=>my_session, LDAPENTRY=>my_entry, ATTR=>'sn' );
if val.COUNT > 0 then
FOR i in val.FIRST..val.LAST loop
profile_rec.last_name := SUBSTR(val(i),1,200);
end loop;
end if;
-- get cn
i:=1;
val:= dbms_ldap.GET_VALUES( LD=>my_session, LDAPENTRY=>my_entry, ATTR=>'cn' );
if val.COUNT > 0 then
FOR i in val.FIRST..val.LAST loop
profile_rec.cn := SUBSTR(val(i),1,200);
end loop;
end if;
-- get orclisvisible
i:=1;
val:= dbms_ldap.GET_VALUES( LD=>my_session, LDAPENTRY=>my_entry, ATTR=>'orclisvisible' );
if val.COUNT > 0 then
FOR i in val.FIRST..val.LAST loop
profile_rec.orclisvisible := SUBSTR(val(i),1,200);
end loop;
end if;
-- get orclisvisible
i:=1;
val:= dbms_ldap.GET_VALUES( LD=>my_session, LDAPENTRY=>my_entry, ATTR=>'displayname' );
if val.COUNT > 0 then
FOR i in val.FIRST..val.LAST loop
profile_rec.displayname := SUBSTR(val(i),1,200);
end loop;
end if;
-- get orclisvisible
i:=1;
val:= dbms_ldap.GET_VALUES( LD=>my_session, LDAPENTRY=>my_entry, ATTR=>'jpegPhoto' );
if val.COUNT > 0 then
FOR i in val.FIRST..val.LAST loop
profile_rec.jpegPhoto := SUBSTR(val(i),1,200);
end loop;
end if;
-- itterate thoguht the array
-- set the values of the record to the array
profile_varray(entry_index).cn := profile_rec.cn;
profile_varray(entry_index).first_name := profile_rec.first_name;
profile_varray(entry_index).last_name := profile_rec.last_name;
profile_varray(entry_index).dn := profile_rec.dn;
profile_varray(entry_index).displayname :=profile_rec.displayname;
profile_varray(entry_index).orclisvisible :=profile_rec.orclisvisible;
profile_varray(entry_index).jpegPhoto :=profile_rec.jpegPhoto;
my_entry := DBMS_LDAP.next_entry(my_session, my_entry);
entry_index := entry_index+1;
end loop;
-- unbind from the directory
retval := DBMS_LDAP.unbind_s(my_session);
-- return the arreay
return profile_varray;
end user_profiles;
Similar Messages
-
Creating LOV from 2 different tables
I tried doing some searches on this, but haven't been able to find an answer. Can I create an LOV (to populate a select list) from two different tables? Both tables have the exact same column names/datatypes, just different data.
Or if this isn't possible, should I just create a new table, and then do a union query to populate it with the values from both of these tables? Just wondering if anyone's had experience with this situation. Thanks!Hmm. That is weird. Wonder why it's not working for me.
The SORT_ORDER column appears in both tables. I was hoping to be able to sort by the number value that appears in this column in both tables (could duplicate values in this table be causing an issue?).
I even tried changing it to:
SELECT DISPLAY_AS d1, CONTENT_KEY v1
FROM SER_LISTS_JOB_TYPE
WHERE ACTIVE = 'YES'
UNION
SELECT DISPLAY_AS d2, CONTENT_KEY v2
FROM SER_LISTS_COMPANY_TYPE
WHERE ACTIVE = 'YES'
ORDER BY SORT_ORDERBut still get the same error message.
Message was edited by:
taneal
OK. It appears the ORDER BY SORT_ORDER was causing the issue. I took it out and it worked. The only problem is that I have 1 duplicate entry, called "Other" that now appears twice in my LOV. Any thoughts on this? The value of CONTENT_KEY is different, but the value for DISPLAY_AS is the same. Is there anyway to pull out one of these? -
Fastest way to create buttons from TOC entries?
I am trying to make a TOC interactive by applying rollovers and links to each entry. What is the fastest way to create buttons out of each entry? Would the "create outlines" command be appropriate? As it stands now, I am copying an entry, pasting it into a new frame, aligning it over the original entry, then converting to button and applying behaviors. There's got to be a more efficient way to do this!
Using CS3 Design Standard.
Thanks for any help you can provide.Matt,
function(){return A.apply(null,[this].concat($A(arguments)))}
Sorry about the attachment. Not sure what happened
See
Announcement: File Attachments temporarily disabled
above. The "temporarily" was an understatement at the time -- this has been in effect for, what? the past 2 years? Now it's just a poignant Daily Reminder of Jive's many shortcomings. -
How to Create LOVs in ADF pragmatically if DataControl is from WebService
Hi All,
I consumed Web-services in ADF application to do CRUD operation on some tables(for example i created one web service which perform all crud operations on database that tables are mapped)
now what i required is i consumed that web services, I created DC from that WS ,And In ADF application i created insert operation the data is inserting well,but that tables are mapped i want to
display LOVs for that foreign-keys as we know id we created ADF application from database we ll able to create LOVs like thatbut this is possible to create only through pragmatically.
is there any links for creating LOVs from Web-services Data Control.
Thanks
ShankarHi,
if you accept lists to hold the LOV data, then here is an example : http://www.oracle.com/technetwork/developer-tools/adf/learnmore/index-101235.html#CodeCornerSamples --> sample 70
Frank -
How To Display User Photo (jpegphoto attribute) From OID LDAP Entry
Hello everyone,
I've spent a few days looking for a solution to this problem with no luck.
I have a PLSQL database package that generates an organisation chart of users. It works fine but I am struggling to retrieve the users photo.
I have tried linking to the jpg files in my /oiddas/ui/oracle/ldap/das/Images/users/ folder but these files do not always exist so this is unreliable. These files only appear to be created if a user has previously viewed their profile in Self Service Console. Even if the files exist they are often out of date and don't reflect the photo held in OID.
I know the photo is stored in the jpegphoto attribute and I have been using DBMS_LDAP calls to retrieve other user details but I just can not find a definitive answer to how I send this image to the browser.
If anyone has any ideas, sample code or web links it would be appreciated.
Thanks,
MattThe idea would be to get the attribute value from OID using DBMS_LDAP or Java (whatever is easyer for you) and dump it in a file. Then generate the URL to the file.
When you initiate the LDAP connection to get the picture, remember to specify jpegphoto as a binary attribute.
Octavian -
Can't create multiple dependent LOVs from the same bind variable
Hi all,
I'm having difficulty creating multiple dependent LOVs from queries based on the same bind variable in my JSF application (JDev 10.1.3.1). Basically I have a static LOV in a af:selectOneChoice component from which users select a value which then becomes the bind variable value for two separate queries that generate two different dependent LOV. Having developed the code along the lines of Steve Muench 's blog (http://radio.weblogs.com/0118231/2006/04/03.html#a685), the first dependent LOV works really well. The first dynamic LOV gets refreshed whenever the list from the static LOV changes, and I can execute other queries based on the values selected.
The problem arises when I want to create the second dynamic/dependent LOV that has the same bind variable based on the same selected value from the static LOV. Here I would also like the functionality whereby the second dynamic LOV is also refreshed after the selected value in the static LOV changes. Thinking that all I had to do was replicate the methodology used in creating the first dependent LOV, I created the second iterator, invokeAction and other binding components in the PageDef. The executable section now looks like the following:
<iterator id="SelectStaticQueryViewObjIterator"
Binds="SelectStaticQueryViewObj" RangeSize="-1"
DataControl="DMSApplicationModule1DataControl"/>
<invokeAction id="refreshDynamicQuery1BindParameter"
Binds="ExecuteWithParams1" Refresh="prepareModel"
RefreshCondition="#{empty requestScope.VariableChanged}"/>
<iterator id="SelectDynamicQuery1ViewObjIterator"
Binds="SelectDynamicQuery1ViewObj" RangeSize="-1"
DataControl="DMSApplicationModule1DataControl"/>
<invokeAction id="refreshDynamicQuery2BindParameter"
Binds="ExecuteWithParams2" Refresh="prepareModel"
RefreshCondition="#{empty requestScope.VariableChanged}"/>
<iterator id="SelectDynamicQuery2ViewObjIterator"
Binds="SelectDynamicQuery2ViewObj" RangeSize="-1"
DataControl="DMSApplicationModule1DataControl"/>I now have a problem whereby everytime I change the value of the static LOV, multiple HTML components for the same ADF component are being generated (the LOVs are refreshed via PPR). The surprising thing is that this duplicating behaviour applies to all ADF components listed after the first dynamic LOV in the *.jspx source. For example, I have a <af:outputText="Test Text"/> component created after the first dynamic LOV. Each time the value in the static LOV changes, a duplicate HTML component is created. This also applies to the 'related' second dynamic LOV which is bound to a af:selectOneChoice component - multiple dropdown lists are created. I've checked with the browser's Page Source and there are actually multiple html components being generated with their own unique ADF-generated IDs. I've tried all different options for the Referesh and RefreshCondition attibutes in the second invokeAction element but nothing seems to eliminate this issue.
Any suggestions about how I might create multiple dependent LOVs from the same bind variable that get refreshed when the selected value changes would be greatly appreciated.
Thanks
GeorgeHi all,
Just updating the thread on how I've overcome this issue. As it stood the manner in which I was trying to solve my use case, as described above, was creating an absolute mess. Then with a blank sheet of paper I quickly realised that a much simpler solution would be to create a whole series of master-detail VOs and build my components around them. Thankfully I haven't had any issues going down this path as yet.
Cheers
George -
When creating PDFs from WORD 2010 I cannot get the TOC heading entries as hyperlinks
When creating PDFs from WORD 2010 I cannot get the TOC heading entries as hyperlinks. I used to be able to do this in WORD 2003. I tried to create a PDF from Acrobat by selecting File > Create PDF >navigate to the WORD file > select three checkboxes >
Any help with getting the TOC heading entries as hyperlinks?Try to do it from Word using the ribbon.
-
REP-52284: Failed to get create resource URL from OiD.
Any one using SSO and Reports ever get this error message? I cannot find any relavant information on this error in the documentation ...
Any assistance appreciatedI'm getting the same error:
REP-52284: Failed to get create resource URL from OiD.
running the URL:
http://host:7778/reports/rwservlet?server=rep_new&report=test.rdf&destype=cache&desformat=html&ssoconn=rep
using several different oracle accounts. It seems like it just started happening. Like you, I haven't found any details on OTN or Metalink.
Doug -
User can't see some OID entry from 3rd party ldap browser but OAM?
Hi All,
after tried to applied access control to some OID entry, user then can't see that entry from 3rd party ldap browster, and this is a expected behavior, but why the same user can see that entry from user management interface of OAM?
Regards,
MaksonHi Makson,
OAM's Identity Server binds to OID as a single user* (typically an OID admin, even orcladmin) and applies only those acl's that have been defined within OAM. So when you login to OAM as end-user X, the Identity Server (eg orcladmin) checks to see what rights within OAM have been defined for User X - but in this scenario any rights defined within OID are not applied to user X. By default, OAM end-users have no access to information in ldap (although the OAM Admins have full access by default).
Regards,
Colin
*Depending on how you are accessing OAM, you may see extra binds in the OID logs when the end-users actually login to OAM. -
User not created in OIM 11gr2 - trusted reconciliation from OID
Hello,
in my tests I'm trying to do a trusted reconciliation from OID to OIM.
I checked the errors below in the log file and I checked the column on the database. The column is there but I can't understand why this error appear.
I did a select on this table and this column is empty (select RA_USERLOGIN7C7B96D4 from RA_OIDTRUSTEDUSERBCBD344A).
INFO: Generic Information: select USR_KEY from usr where USR_MIDDLE_NAME is null and USR_UDF_ORCLGUID=? and USR_FIRST_NAME=? and USR_EMAIL=? and USR_LAST_NAME=? and USR_STATUS=? and USR.USR_STATUS != 'Deleted' AND ((UPPER(USR.USR_LOGIN)=UPPER(RA_OIDTRUSTEDUSERBCBD344A.RA_USERLOGIN7C7B96D4)))
INFO: Generic Information: Params = [CF7C29EE75F5A78FE040A8C084000DE8, orcladmin, orcladmin, orcladmin, Enabled]
SEVERE: Generic Information: {0}
oracle.iam.reconciliation.exception.DBAccessException: Failed SQL:: select USR_KEY from usr where USR_MIDDLE_NAME is null and USR_UDF_ORCLGUID=? and USR_FIRST_NAME=? and USR_EMAIL=? and USR_LAST_NAME=? and USR_STATUS=? and USR.USR_STATUS != 'Deleted' AND ((UPPER(USR.USR_LOGIN)=UPPER(RA_OIDTRUSTEDUSERBCBD344A.RA_USERLOGIN7C7B96D4))) =>PARAMS:: [CF7C29EE75F5A78FE040A8C084000DE8, orcladmin, orcladmin, orcladmin, Enabled]
at oracle.iam.reconciliation.utils.DBAccessTemplate.executeQuery(DBAccessTemplate.java:71)
at oracle.iam.reconciliation.impl.BaseEntityTypeHandler.executeSql(BaseEntityTypeHandler.java:508)
at oracle.iam.reconciliation.impl.UserHandler.getMatchingKeys(UserHandler.java:601)
at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.ignoreEvent(ReconOperationsServiceImpl.java:556)
at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.ignoreEvent(ReconOperationsServiceImpl.java:535)
at sun.reflect.GeneratedMethodAccessor3188.invoke(Unknown Source)
at org.quartz.core.JobRunShell.run(JobRunShell.java:203)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:529)
Caused by: java.sql.SQLSyntaxErrorException: ORA-00904: "RA_OIDTRUSTEDUSERBCBD344A"."RA_USERLOGIN7C7B96D4": invalid identifier
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:462)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:405)
at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:931)
at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:481)
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:205)
After this error the log shows:
SEVERE: oracle.iam.connectors.icfcommon.recon.SearchReconTask : handle : Recon event skipped
oracle.iam.connectors.icfcommon.exceptions.OIMException: Thor.API.Exceptions.tcAPIException: Child tables only supported at account-level
at oracle.iam.connectors.icfcommon.service.oim11.OIM11Reconciliation.processEvent(OIM11Reconciliation.java:101)
Please help me on this and tell me if I am missing something here.
ThanksI've found something that worked for me. When executing the trusted recon schedule task, the "Configuration Lookup" field in the "OID Server" IT Resource has to have the value "Lookup.OID.Configuration.Trusted". On the other hand, when executing the user sync recon schedule task, this field must have the value "Lookup.OID.Configuration.Trusted".
The lookups' names can be different if you've manually renamed them.
--jtellier -
How to get All Users from OID LDAP
Hi all,
I have Oracle Internet Directory(OID) and have created the users in it manually.
Now I want to extract all the users from OID. How can I get Users from OID??
Any response will be appritiated. If some one could show me demo code for that I shall be greatful to you.
Thanks and reagards
Pravyhi,
the notes from metalink:
bgards
elvis
Doc ID: Note:276688.1
Subject: How to copy (export/import) the Portal database schemas of IAS 9.0.4 to another database
Type: BULLETIN
Status: PUBLISHED
Content Type: TEXT/X-HTML
Creation Date: 18-JUN-2004
Last Revision Date: 05-AUG-2005
How to copy (export/import) Portal database schemas of IAS 9.0.4 to another database
Note 276688.1
Download scripts Unix: Attachment 276688.1:1
Download Perl scripts (Unix/NT) :Attachment 276688.1:2
This article is being delivered in Draft form and may contain errors. Please use the MetaLink "Feedback" button to advise Oracle of any issues related to this article.
HISTORY
Version 1.0 : 24-JUN-2004: creation
Version 1.1 : 25-JUN-2004: added a link to download the scripts from Metalink
Version 1.2 : 29-JUN-2004: Import script: Intermedia indexes are recreated. Imported jobs are reassigned to Portal. ptlconfig replaces ptlasst.
Version 1.3 : 09-JUL-2004: Additional updates. Usage of iasconfig.xml. Need only 3 environment variables to import.
Version 1.4 : 18-AUG-2004: Remark about 9.2.0.5 and 10.1.0.2 database
Version 1.5 : 26-AUG-2004: Duplicate job id
Version 1.6 : 29-NOV-2004: Remark about WWC-44131 and WWSBR_DOC_CTX_54
Version 1.7 : 07-JAN-2005: Attached perl scripts (for NT/Unix) at the end of the note
Version 1.8 : 12-MAY-2005: added a work-around for the WWSTO_SESS_FK1 issue
Version 1.9 : 07-JUL-2005: logoff trigger and 9.0.1 database export, import in 10g database
Version 1.10: 05-AUG-2005: reference to the 10.1.2 note
PURPOSE
This document explains how to copy a Portal database schema from a database to another database.
It allows restoring the Portal repository and the OID security associated with Portal.
It can be used to go in production by copying physically a database from a development portal to a production environment and avoid to use the export/import utilities of Portal.
This note:
uses the export/import on the database level
allows the export/import to be done between different platforms
The script are Unix based and for the BASH shell. They can be adapted for other platforms.
For the persons familiar with this technics in Portal 9.0.2, there is a list of the main differences with Portal 9.0.2 at the end of the note.
These scripts are based on the experience of a lot of persons in Portal 902.
The scripts are attached to the note. Download them here: Attachment 276688.1:1 : exp_schema_904.zip
A new version of the script was written in Perl. You can also download them, here: Attachment 276688.1:2 : exp_schema_904_v2.zip. They do exactly the same than the bash ones. But they have the advantage of working on all platforms.
SCOPE & APPLICATION
This document is intented for Portal administrators. For using this note, you need basic DBA skills.
This notes is for Portal 9.0.4.x only. The notes for Portal 9.0.2 are :
Note 228516.1 : How to copy (export/import) Portal database schemas of IAS 9.0.2 to another database
Note 217187.1 : How to restore a cold backup of a Portal IAS 9.0.2 on another machine
The note for Portal 10.1.2 is:
Note 330391.1 : How to copy (export/import) Portal database schemas of IAS 10.1.2 to another databaseMethod
The method that we will follow in the document is the following one:
Export:
- export of the 4 portal schemas of a database (DEV / development)
- export the LDAP OID users and groups (optional)
Install a new machine with fresh IAS installation (PROD / production)
Import:
- delete the new and empty portal schema on PROD
- import the schemas in the production database in place of the deleted schemas
- import the LDAP OID users and groups (optional)
- modify the configuration such that the infrastructure uses the portal repository of the backup
- modify the configuration such that the portal repository uses the OID, webcache and SSO of the new infrastructure
The export and the import are divided in several steps. All of these steps are included in 2 sample scripts:
export : exp_portal_schema.sh
import : imp_portal_schema.sh
In the 2 scripts, all the steps are runned in one shot. It is just an example. Depending of the configuration and circonstance, all the steps can be runned independently.
Convention
Development (DEV) is the name of the machine where resides the copied database
Production (PROD) is the name of the machine where the database is copied
Prerequisite
Some prerequisite first.
A. Environment variables
To run the import/export, you will need 3 environment variables. In the given scripts, they are defined in 'portal_env.sh'
SYS_PASSWORD - the password of user sys in the Portal database
IAS_PASSWORD - the password of IAS
ORACLE_HOME - the ORACLE_HOME of the midtier
The rest of the settings are found automatically by reading the iasconfig.xml file and querying the OID. It is done in 'portal_automatic_env.sh'. I wish to write a note on iasconfig.xml and the way to transform it in usefull environment variables. But it is not done yet. In the meanwhile, you can read the old 902 doc, that explains the meaning of most variables :
< Note 223438.1 : Shell script to find your portal passwords, settings and place them in environment variables on Unix >
B. Definition: Cutter database
A 'Cutter Database' is the term used to designate a Database created by RepCA or OUI and that contains all the schemas used by a IAS 9.0.4 infrastructure. Even if in most cases, several schemas are not used.
In Portal 9.0.4, the option to install only the portal repository in an empty database has been removed. It has been replaced by RepCA, a tool that creates an infrastructure database. Inside all the infrastucture database schemas, there are the portal schemas.
This does not stop people to use 2 databases for running portal. One for OID and one for Portal. But in comparison with Portal 9.0.2, all schemas exist in both databases even if some are not used.
The main idea of Cutter database is to have only 1 database type. And in the future, simplify the upgrades of customer installation
For an installation where Portal and OID/SSO are in 2 separate databases, it looks like this
Portal 9.0.2 Portal 9.0.4
Infrastructure database
(INFRA_SID)
The infrastructure contains:
- OID (used)
- OEM (used)
- Single Sign-on / orasso (used)
- Portal (not used)
The infrastructure contains:
- OID (used)
- OEM (used)
- Single Sign-on / orasso (used)
- Portal (not used)
Portal database
(PORTAL_SID)
The custom Portal database contains:
- Portal (used)
The custom Portal database (is also an infrastructure):
- OID (not used)
- OEM (not used)
- Single Sign-on / orasso (not used)
- Portal (used)
Whatever, the note will suppose there is only one single database. But it works also for 2 databases installation like the one explained above.
C. Directory structure.
The sample scripts given inside this note will be explained in the next paragraphs. But first, the scripts are done to use a directory structure that helps to classify the files.
Here is a list of important files used during the process of export/import:
File Name
Description
exp_portal_schema.sh
Sample script that exports all the data needed from a development machine
imp_portal_schema.sh
Sample script that import all the data into a production machine
portal_env.sh
Script that defines the env variable specific to your system (to configure)
portal_automatic_env.sh
Helper script to get all the rest of the Portal settings automatically
xsl
Directory containing all the XSL files (helper scripts)
del_authpassword.xsl
Helper script to remove the authpassword tags in the DSML files
portal_env_unix.sql
Helper script to get Portal settings from the iasconfig.xml file
exp_data
Directory containing all the exported data
portal_exp.dmp
export on the database level of the portal, portal_app, ... database schemas
iasconfig.xml
copy the name of iasconfig.xml of the midtier of DEV. Used to get the hostname and port of Webcache
portal_users.xml
export from LDAP of the OID users used by Portal (optional)
portal_groups.xml export from LDAP of the OID groups used by Portal (optional)
imp_log
Directory containing several spool and logs files generated during the import
import.log Log file generated when running the imp command
ptlconfig.log
Log generated by ptlconfig when rewiring portal to the infrastructure.
Some other spool files.
D. Known limitations
The scripts given in this note have the following known limitations:
It does not copy the data stored in the SSO schema: external applications definitions and the passwords stored for them.
See in the post steps: SSO migration to know how to do.
The ssomig command resides in the Infrastructure Oracle home. And all commands of Portal in the Midtier home. And practically, these 2 Oracle homes are most of the time not on the same machine. This is the reason.
The export of the users in OID exports from the default user location:
ldapsearch .... -b "cn=users,dc=domain,dc=com"
This is not 100% correct. The users are by default stored in something like "cn=users,dc=domain,dc=com". So, if the users are stored in the default location, it works. But if this location (user install base) is customized, it does not work.
The reason is that such settings means that the LDAP most of the time highly customized. And I prefer that the administrator to copy the real LDAP himself. The right command will probably depend of the customer case. So, I prefered not to take the risk..
orclCommonNicknameAttribute must match in the Target and Source OID .
The orclCommonNicknameAttribute must match on both the source and target OID. By default this attribute is set to "uid", so if this has been changed, it must be changed in both systems.
Reference Note 282698.1
Migration of custom Java portlets.
The script migrates all the data of Portal stored in the database. If you have custom java portlet deployed in your development machine, you will need to copy them in the production system.
Step 1 - Export in Development (DEV)
To export a full Portal installation to another machine, you need to follow 3 steps:
Export at the database level the portal schemas + related schemas
Get the midtier hostname and port of DEV
Export of the users and groups with LDAPSEARCH in 2 XML files
A script combining all the steps is available here.
A. Export the 4 portals schemas (DEV)
You need to export 3 types of database schemas:
The 4 portal schemas created by default by the portal installation :
portal,
portal_app,
portal_demo,
portal_public
The schemas where your custom database portlets / providers resides (if any)
- The custom schemas you have created for storing your portlet / provider code
The schemas where your custom tables resides. (if any)
- Your custom schemas accessed by portal and containing only data (tables, views ...)
You can get an approximate list of the schemas: default portal schemas (1) and database portlets schemas (2) with this query.
SELECT USERNAME, DEFAULT_TABLESPACE, TEMPORARY_TABLESPACE
FROM DBA_USERS
WHERE USERNAME IN (user, user||'_PUBLIC', user||'_DEMO', user||'_APP')
OR USERNAME IN (SELECT DISTINCT OWNER FROM WWAPP_APPLICATION$ WHERE NAME != 'WWV_SYSTEM');
It still misses your custom schemas containing data only (3).
We will export the 4 schemas and your custom ones in an export file with the user sys.
Please, use a command like this one
exp userid="'sys/change_on_install@dev as sysdba'" file=portal_exp.dmp grants=y log=portal_exp.log owner=(portal,portal_app,portal_demo,portal_public)The result is a dump file: 'portal_exp.dmp'. If you are using a database 9.2.0.5 or 10.1.0.2, the database of the exp/imp dump file has changed. Please read this.
B. Hostname and port
For the URL to access the portal, you need the 2 following infos to run the script 'imp_portal_schema.sh below :
Webcache hostname
Webcache listen port
These values are contained in the iasconfig.xml file of the midtier.
iasconfig.xml
<IASConfig XSDVersion="1.0">
<IASInstance Name="ias904.dev.dev_domain.com" Host="dev.dev_domain.com" Version="9.0.4">
<OIDComponent AdminPassword="@BfgIaXrX1jYsifcgEhwxciglM+pXod0dNw==" AdminDN="cn=orcladmin" SSLEnabled="false" LDAPPort="3060"/>
<WebCacheComponent AdminPort="4037" ListenPort="7782" InvalidationPort="4038" InvalidationUsername="invalidator" InvalidationPassword="@BR9LXXoXbvW1iH/IEFb2rqBrxSu11LuSdg==" SSLEnabled="false"/>
<EMComponent ConsoleHTTPPort="1813" SSLEnabled="false"/>
</IASInstance>
<PortalInstance DADLocation="/pls/portal" SchemaUsername="portal" SchemaPassword="@BR9LXXoXbvW1c5ZkK8t3KJJivRb0Uus9og==" ConnectString="cn=asdb,cn=oraclecontext">
<WebCacheDependency ContainerType="IASInstance" Name="ias904.dev.dev_domain.com"/>
<OIDDependency ContainerType="IASInstance" Name="ias904.dev.dev_domain.com"/>
<EMDependency ContainerType="IASInstance" Name="ias904.dev.dev_domain.com"/>
</PortalInstance>
</IASConfig>
It corresponds to a portal URL like this:
http://dev.dev_domain.com:7782/pls/portalThe script exp_portal_schema.sh copy the iasconfig.xml file in the exp_data directory.
C. Export the security: users and groups (optional)
If you use other Single Sing-On uses than the portal user, you probably need to restore the full security, the users and groups stored in OID on the production machine. 5 steps need to be executed for this operation:
Export the OID entries with LDAPSEARCH
Before to import, change the domain in the generated file (optional)
Before to import, remove the 'authpassword' attributes from the generated files
Import them with LDAPADD
Update the GUID/DN of the groups in portal tables
Part 1 - LDAPSEARCH
The typical commands to do this operation look like this:
ldapsearch -h $OID_HOSTNAME -p $OID_PORT -X -b "cn=portal.040127.1384,cn=groups,dc=dev_domain,dc=com" -s sub "objectclass=*" > portal_group.xml
ldapsearch -h $OID_HOSTNAME -p $OID_PORT -X -D "cn=orcladmin" -w $IAS_PASSWORD -b "cn=users,dc=dev_domain,dc=com" -s sub "objectclass=inetorgperson" > portal_users.xmlTake care about the following points
The groups are stored in a LDAP directory containing the date of installation
( in this example: portal.040127.1384,cn=groups,dc=dev_domain,dc=com )
If the domain of dev and prod is different, the exported files contains the name of the development domain in the form of 'dc=dev_domain,dc=com' in a lot of place. The domain name needs to be replaced by the production domain name everywhere in the files.
Ldapsearch uses the option '- X '. It it to export to DSML files (XML). It avoids a problem related with common LDAP files, LDIF files. LDIF files are wrapped at 78 characters. The wrapping to 78 characters make difficult to change the domain name contained in the LDIF files. XML files are not wrapped and do not have this problem.
A sample script to export the 2 XML files is given here in : step 3 - export the users and groups (optional) of the export script.
Part 2 : change the domain in the DSML files
If the domain of dev and prod is different, the exported files contains the name of the development domain in the form of 'dc=dev_domain,dc=com' in a lot of place. The domain name need to be replaced by the production domain name everywhere in the files.
To do this, we can use these commands:
cat exp_data/portal_groups.xml | sed -e "s/$DEV_DN/$PROD_DN/" > imp_log/portal_groups.xml
cat exp_data/portal_users.xml | sed -e "s/$DEV_DN/$PROD_DN/" > imp_log/temp_users.xml
Part 3 : Remove the authpassword attribute
The export of all attributes from the all users has also exported an automatically generated attribute in OID called 'authpassword'.
'authpassword' is a list automatically generated passwords for several types of application. But mostly, it can not be imported. Also, there is no option in ldapsearch (that I know) that allows removing an attribute. In place of giving to the ldapsearch command the list of all the attributes that is very long, without 'authpassword', we will remove the attribute after the export.
For that we will use the fact that the DSML files are XML files. There is a XSLT in the Oracle IAS, in the executable '$ORACLE_HOME/bin/xml'. XSLT is a standard specification of the internet consortium W3C to transform a XML file with the help of a XSL file.
Here is the XSL file to remove the authpassword tag.
del_autpassword.xsl
<!--
File : del_authpassword.xsl
Version : 1.0
Author : mgueury
Description:
Remove the authpassword from the DSML files
-->
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xml:output method="xml"/>
<xsl:template match="*|@*|node()">
<xsl:copy>
<xsl:apply-templates select="*|@*|node()"/>
</xsl:copy>
</xsl:template>
<xsl:template match="attr">
<xsl:choose>
<xsl:when test="@name='authpassword;oid'">
</xsl:when>
<xsl:when test="@name='authpassword;orclcommonpwd'">
</xsl:when>
<xsl:otherwise>
<xsl:copy>
<xsl:apply-templates select="*|@*|node()"/>
</xsl:copy>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
</xsl:stylesheet>
And the command to make the transfomation:
xml -f -s del_authpassword.xsl -o imp_log/portal_users.xml imp_log/temp_users.xmlWhere :
imp_log/portal_users.xml is the final file without authpassword tags
imp_log/temp_users.xml is the input file with the authpassword tags that can not be imported.
Part 4 : LDAPADD
The typical commands to do this operation look like this:
ldapadd -h $OID_HOSTNAME -p $OID_PORT -D "cn=orcladmin" -w $IAS_PASSWORD -c -X portal_group.xml
ldapadd -h $OID_HOSTNAME -p $OID_PORT -D "cn=orcladmin" -w $IAS_PASSWORD -c -X portal_users.xmlTake care about the following points
Ldapadd uses the option ' -c '. Existing users/groups are generating an error. The option -c allows continuing and ignoring these errors. Whatever, the errors should be checked to see if it is just existing entries.
A sample script to import the 2 XML files given in the step 5 - import the users and groups (optional) of the import script.
Part 5 : Update the GUID/DN
In Portal 9.0.4, the update of the GUID is taken care by PTLCONFIG during the import. (Import step 7)
D. Example script for export
Here is a example script that combines the 3 steps.
Depending of you need, you will :
or execute all the steps
or just execute the 1rst one (export of the database users). It will be enough you just want to login with the portal user on the production instance.
if your portal repository resides in a database 9.2.0.5 or 10.1.0.2, please read this
you can download all the scripts here, Attachment 276688.1:1
Do not forget to modify the script to your need and mostly add the list of users like explained in point A above.
exp_portal_schema.sh
# BASH Script : exp_portal_schema.sh
# Version : 1.3
# Portal : 9.0.4.0
# History :
# mgueury - creation
# Description:
# This script export a portal dump file from a dev instance
# -------------------------- Environment variables --------------------------
. portal_env.sh
# In case you do not use portal_env.sh you have to define all the variables
# For exporting the dump file only.
# export SYS_PASSWORD=change_on_install
# export PORTAL_TNS=asdb
# For the security (optional)
# export IAS_PASSWORD=welcome1
# export PORTAL_USER=portal
# export PORTAL_PASSWORD=A1b2c3de
# export OID_HOSTNAME=development.domain.com
# export OID_PORT=3060
# export OID_DOMAIN_DN=dc=`echo $OID_HOSTNAME | cut -d '.' -f2,3,4,5,6 --output-delimiter=',dc='`
# ------------------------------ Help function -----------------------------------
function press_any_key() {
if [ $PRESS_ANY_KEY_AFTER_EACH_STEP = "Y" ]; then
echo
echo Press enter to continue
read $ANY_KEY
else
echo
fi
echo "------------------------------- Export ------------------------------------"
# create a directory for the export
mkdir exp_data
# copy the env variables in the log just in case
export > exp_data/exp_env_variable.txt
echo "--------------------- step 1 - export"
# export the portal users, but take care to add:
# - your users containing DB providers
# - your users containing data (tables)
exp userid="'sys/$SYS_PASSWORD@$PORTAL_TNS as sysdba'" file=exp_data/portal_exp.dmp grants=y log=exp_data/portal_exp.log owner=(portal,portal_app,portal_demo,portal_public)
press_any_key
echo "--------------------- step 2 - store iasconfig.xml file of the MIDTIER"
cp $MIDTIER_ORACLE_HOME/portal/conf/iasconfig.xml exp_data
press_any_key
echo "--------------------- step 3 - export the users and groups (optional)"
# Export the groups and users from OID in 2 XML files (not LDIF)
# The OID groups of portal are stored in GROUP_INSTALL_BASE that depends
# of the installation date.
# For the user, I use the default place. If it does not work,
# you can find the user place with:
# > exec dbms_output.put_line(wwsec_oid.get_user_search_base);
# Get the GROUP_INSTALL_BASE used in security export
sqlplus $PORTAL_USER/$PORTAL_PASSWORD@$PORTAL_TNS <<IASDB
set serveroutput on
spool exp_data/group_base.log
begin
dbms_output.put_line(wwsec_oid.get_group_install_base);
end;
IASDB
export GROUP_INSTALL_BASE=`grep cn= exp_data/group_base.log`
echo '--- Exporting Groups'
echo 'creating portal_groups.xml'
ldapsearch -h $OID_HOSTNAME -p $OID_PORT -X -s sub -b "$GROUP_INSTALL_BASE" -s sub "objectclass=*" > exp_data/portal_groups.xml
echo '--- Exporting Users'
echo 'creating portal_users.xml'
ldapsearch -h $OID_HOSTNAME -p $OID_PORT -D "cn=orcladmin" -w $IAS_PASSWORD -X -s sub -b "cn=users,$OID_DOMAIN_DN" -s sub "objectclass=inetorgperson" > exp_data/portal_users.xml
The script is done to run from the midtier.
Step 2 - Install IAS in a new machine (PROD)
A. Installation
This note does not distinguish if Portal is sharing the same database than Single-Sign On and OID. For simplicity, I will speak only about 1 database. But I could also create a second infrastructure database just for the portal repository. This way is better for production system, because the Portal repository is only product used in the 2nd database. Having 2 separate databases allows taking easily backup of the portal repository.
On the production machine, you need to install a fresh install of IAS 9.0.4. Take care to use :
the same IAS patchset 9.0.4.1, 9.0.4.2, ...on the middle-tier and infrastruture than in development
and same characterset than in development (or UTF8)
The result will be 2 ORACLE_HOMES and 1 infrastructure database:
the ORACLE_HOME of the infrastructure (SID:infra904)
the ORACLE_HOME of the midtier (SID:ias904)
an infrastructure database (SID:asdb)
The empty new Portal install should work fine before to go to the next step.
B. About tablespaces (optional)
The size of the tablespace of the production should match the one of the Developement machine. If not, the tablespace will autoextend. It is not really a concern, but it is slow. You should modify the tablespaces for to have as much space on prod and dev.
Also, it is safer to check that there is enough free space on the hard disk to import in the database.
To modify the tablespace size, you can use Oracle Entreprise Manager console,
On Unix, . oraenv
infra904oemapp dbastudio
On NT Start/ Programs/ Oracle Application server - infra904 / Enterprise Manager Console
Launch standalone
Choose the portal database (typically asdb.domain.com)
Connect with a DBA user, sys or system
Click Storage/Tablespaces
Change the size of the PORTAL, PORTAL_DOC, PORTAL_LOGS, PORTAL_IDX tablespaces
C. Backup
It could be a good idea to take a backup of the MIDTIER and INFRASTRUCTURE Oracle Homes at that point to allow retesting the import process if it fails for any reason as much as you want without needing to reinstall everything.
Step 3 - Import in production (on PROD)
The following script is a sample of an Unix script that combines all the steps to import a portal repository to the production machine.
To import a portal reporistory and his users and group in OID, you need to do 8 things:
Stop the midtier to avoid errors while dropping the portal schema
SQL*Plus with Portal
Drop the 4 default portal schemas
Create the portal users with the same passwords than the just deleted users and give them grants (you need to create your own custom shemas too if you have some).
Import the dump file
Import the users and groups into OID (optional)
SQL*Plus with SYS : Post import changes
Recompile everything in the database
Reassign the imported jobs to portal
SQL*Plus with Portal : Post import changes
Recreate the Portal intermedia indexes
Correct an import errror on wwsrc_preference$
Make additional post import changes, by updating some portal tables, and replacing the development hostname, port or domain by the production ones.
Rewire the portal repository with ptlconfig -dad portal
Restart the midtier
Here is a sample script to do this on Unix. You will need to adapt the script to your needs.
imp_portal_schema.sh
# BASH Script : imp_portal_schema.sh
# Version : 1.3
# Portal : 9.0.4.0
# History :
# mgueury - creation
# Description:
# This script import a portal dump file and relink it with an
# infrastructure.
# Script to be started from the MIDTIER
# -------------------------- Environment variables --------------------------
. portal_env.sh
# Development and Production machine hostname and port
# Example
# .._HOSTNAME machine.domain.com (name of the MIDTIER)
# .._PORT 7782 (http port of the MIDTIER)
# .._DN dc=domain,dc=com (domain name in a LDAP way)
# These values can be determined automatically with the iasconfig.xml file of dev
# and prod. But if you do not know or remember the dev hostname and port, this
# query should find it.
# > select name, http_url from wwpro_providers$ where http_url like 'http%'
# These variables are used in the
# > step 4 - security / import OID users and groups
# > step 6 - post import changes (PORTAL)
# Set the env variables of the DEV instance
rm /tmp/iasconfig_env.sh
xml -f -s xsl/portal_env_unix.xsl -o /tmp/iasconfig_env.sh exp_data/iasconfig.xml
. /tmp/iasconfig_env.sh
export DEV_HOSTNAME=$WEBCACHE_HOSTNAME
export DEV_PORT=$WEBCACHE_LISTEN_PORT
export DEV_DN=dc=`echo $OID_HOSTNAME | cut -d '.' -f2,3,4,5,6 --output-delimiter=',dc='`
# Set the env variables of the PROD instance
. portal_env.sh
export PROD_HOSTNAME=$WEBCACHE_HOSTNAME
export PROD_PORT=$WEBCACHE_LISTEN_PORT
export PROD_DN=dc=`echo $OID_HOSTNAME | cut -d '.' -f2,3,4,5,6 --output-delimiter=',dc='`
# ------------------------------ Help function -----------------------------------
function press_any_key() {
if [ $PRESS_ANY_KEY_AFTER_EACH_STEP = "Y" ]; then
echo
echo Press enter to continue
read $ANY_KEY
else
echo
fi
echo "------------------------------- Import ------------------------------------"
# create a directory for the logs
mkdir imp_log
# copy the env variables in the log just in case
export > imp_log/imp_env_variable.txt
echo "--------------------- step 1 - stop the midtier"
# This step is needed to avoid most case of ORA-01940: user connected
# when dropping the portal user
$MIDTIER_ORACLE_HOME/opmn/bin/opmnctl stopall
press_any_key
echo "--------------------- step 2 - drop and create empty users"
sqlplus "sys/$SYS_PASSWORD@$PORTAL_TNS as sysdba" <<IASDB
spool imp_log/drop_create_user.log
---- Drop users
-- Warning: You need to stop all SQL*Plus connection to the
-- portal schema before that else the drop will give an
-- ORA-01940: cannot drop a user that is currently connected
drop user portal_public cascade;
drop user portal_app cascade;
drop user portal_demo cascade;
drop user portal cascade;
---- Recreate the users and give them grants"
-- The new users will have the same passwords as the users we just dropped
-- above. Do not forget to add your exported custom users
create user portal identified by $PORTAL_PASSWORD default tablespace portal;
grant connect,resource,dba to portal;
create user portal_app identified by $PORTAL_APP_PASSWORD default tablespace portal;
grant connect,resource to portal_app;
create user portal_demo identified by $PORTAL_DEMO_PASSWORD default tablespace portal;
grant connect,resource to portal_demo;
create user portal_public identified by $PORTAL_PUBLIC_PASSWORD default tablespace portal;
grant connect,resource to portal_public;
alter user portal_public grant connect through portal;
start $MIDTIER_ORACLE_HOME/portal/admin/plsql/wwv/wdbigra.sql portal
exit
IASDB
press_any_key
echo "--------------------- step 3 - import"
imp userid="'sys/$SYS_PASSWORD@$PORTAL_TNS as sysdba'" file=exp_data/portal_exp.dmp grants=y log=imp_log/import.log full=y
press_any_key
echo "--------------------- step 4 - import the OID users and groups (optional)"
# Some errors will be raised when running the ldapadd because at least the
# default entries will not be able to be inserted. Remove them from the
# ldif file if you want to avoid them. Due to the flag '-c', ldapadd ignores
# duplicate entries. Another more radical solution is to erase all the entries
# of the users and groups in OID before to run the import.
# Replace the domain name in the XML files.
cat exp_data/portal_groups.xml | sed -e "s/$DEV_DN/$PROD_DN/" > imp_log/portal_groups.xml
cat exp_data/portal_users.xml | sed -e "s/$DEV_DN/$PROD_DN/" > imp_log/temp_users.xml
# Remove the authpassword attributes with a XSL stylesheet
xml -f -s xsl/del_authpassword.xsl -o imp_log/portal_users.xml imp_log/temp_users.xml
echo '--- Importing Groups'
ldapadd -h $OID_HOSTNAME -p $OID_PORT -D "cn=orcladmin" -w $IAS_PASSWORD -c -X imp_log/portal_groups.xml -v
echo '--- Importing Users'
ldapadd -h $OID_HOSTNAME -p $OID_PORT -D "cn=orcladmin" -w $IAS_PASSWORD -c -X imp_log/portal_users.xml -v
press_any_key
echo "--------------------- step 5 - post import changes (SYS)"
sqlplus "sys/$SYS_PASSWORD@$PORTAL_TNS as sysdba" <<IASDB
spool imp_log/sys_post_changes.log
---- Recompile the invalid packages"
-- On the midtier, the script utlrp is not present. This step
-- uses a copy of it stored in patch/utlrp.sql
select count(*) INVALID_OBJECT_BEFORE from all_objects where status='INVALID';
start patch/utlrp.sql
set lines 999
select count(*) INVALID_OBJECT_AFTER from all_objects where status='INVALID';
---- Jobs
-- Reassign the JOBS imported to PORTAL. After the import, they belong
-- incorrectly to the user SYS.
update dba_jobs set LOG_USER='PORTAL', PRIV_USER='PORTAL' where schema_user='PORTAL';
commit;
exit
IASDB
press_any_key
echo "--------------------- step 6 - post import changes (PORTAL)"
sqlplus $PORTAL_USER/$PORTAL_PASSWORD@$PORTAL_TNS <<IASDB
set serveroutput on
spool imp_log/portal_post_changes.log
---- Intermedia
-- Recreate the portal indexes.
-- inctxgrn.sql is missing from the 9040 CD-ROMS. This is the bug 3536937.
-- Fixed in 9041. The missing script is contained in the downloadable zip file.
start patch/inctxgrn.sql
start $MIDTIER_ORACLE_HOME/portal/admin/plsql/wws/ctxcrind.sql
---- Import error
alter table "WWSRC_PREFERENCE$" add constraint wwsrc_preference_pk
primary key (subscriber_id, id)
using index wwsrc_preference_idx1
begin
DBMS_RLS.ADD_POLICY ('', 'WWSRC_PREFERENCE$', 'WEBDB_VPD_POLICY',
'', 'webdb_vpd_sec', 'select, insert, update, delete', TRUE,
static_policy=>true);
end ;
---- Modify tables with full URLs
-- If the domain name of prod and dev are different, this step is really important.
-- It modifies the portal tables that contains reference to the hostname or port
-- of the development machine. (For more explanation: see Addional steps in the note)
-- groups (dn)
update wwsec_group$
set dn=replace( dn, '$DEV_DN', '$PROD_DN' )
update wwsec_group$
set dn_hash = wwsec_api_private.get_dn_hash( dn )
-- users (dn)
update wwsec_person$
set dn=replace( dn, '$DEV_DN', '$PROD_DN' )
update wwsec_person$
set dn_hash = wwsec_api_private.get_dn_hash( dn)
-- subscriber
update wwsub_model$
set dn=replace( dn, '$DEV_DN', '$PROD_DN' ), GUID=':1'
where dn like '%$DEV_DN%'
-- preferences
update wwpre_value$
set varchar2_value=replace( varchar2_value, '$DEV_DN', '$PROD_DN' )
where varchar2_value like '%$DEV_DN%'
update wwpre_value$
set varchar2_value=replace( varchar2_value, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where varchar2_value like '%$DEV_HOSTNAME:$DEV_PORT%'
-- page url items
update wwv_things
set title_link=replace( title_link, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where title_link like '%$DEV_HOSTNAME:$DEV_PORT%'
-- web providers
update wwpro_providers$
set http_url=replace( http_url, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where http_url like '%$DEV_HOSTNAME:$DEV_PORT%'
-- html links created by the RTF editor inside text items
update wwv_text
set text=replace( text, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where text like '%$DEV_HOSTNAME:$DEV_PORT%'
-- Portlet metadata nls: help URL
update wwpro_portlet_metadata_nls$
set help_url=replace( help_url, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where help_url like '%$DEV_HOSTNAME:$DEV_PORT%'
-- URL items (There is a trigger on this table building absolute_url automatically)
update wwsbr_url$
set absolute_url=replace( absolute_url, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where absolute_url like '%$DEV_HOSTNAME:$DEV_PORT%'
-- Things attributes
update wwv_thingattributes
set value=replace( value, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where value like '%$DEV_HOSTNAME:$DEV_PORT%'
commit;
exit
IASDB
press_any_key
echo "--------------------- step 7 - ptlconfig"
# Configure portal such that portal uses the infrastructure database
cd $MIDTIER_ORACLE_HOME/portal/conf/
./ptlconfig -dad portal
cd -
mv $MIDTIER_ORACLE_HOME/portal/logs/ptlconfig.log imp_log
press_any_key
echo "--------------------- step 8 - restart the midtier"
$MIDTIER_ORACLE_HOME/opmn/bin/opmnctl startall
date
Each step can generate his own errors due to a lot of factors. It is better to run the import step by step the first time.
Do not forget to check the output of log files created during the various steps of the import:
imp_log/drop_create_user.log
Spool when dropping and recreating the portal users
imp_log/import.log Import log file when importing the portal_exp.dmp file
imp_log/sys_post_changes.log
Spool when making post changes with SYS
imp_log/portal_post_changes.log
Spool when making post changes with PORTAL
imp_log/ptlconfig.log
Log file of ptconfig when rewiring the midtier
Step 4 - Test
A. Check the log files
B. Test the website and see if it works fine.
Step 5 - take a backup
Take a backup of all ORACLE_HOME and DATABASES to prevent all hardware problems. You need to copy:
All the files of the 2 ORACLE_HOME
And all the database files.
Step 6 - Additional steps
Here are some additional steps.
SSO external application ( that are part of the orasso schema and not imported yet )
Page URL items ( they seems to store the full URL ) - included in imp_portal_schema.sh
Web Providers ( the URL needs to be changed ) - included in imp_portal_schema.sh
Text items edited with the RTF editor in IE and containing links - included in imp_portal_schema.sh
Most of them are taken care by the "step 8 - post import changes". Except the first one.
1. SSO import
This script imports only Portal and the users/groups of OID. Not the list of the external application contained in the orasso user.
In Portal 9.0.4, there is a script called SSOMIG that resides in $INFRA_ORACLE_HOME/sso/bin and allows to move :
Definitions and user data for external applications
Registration URLs and tokens for partner applications
Connection information used by OracleAS Discoverer to access various data sources
See:
Oracle® Application Server Single Sign-On Administrator's Guide 10g (9.0.4) Part Number B10851-01
14. Exporting and Importing Data
2. Page items: the page URL items store the full URL.
This is Bug 2661805 fixed in Portal 9.0.2.6.
This following work-around is implemented in post import step of imp_portal_schema.sh
-- page url items
update wwv_things
set title_link=replace( title_link, 'dev.dev_domain.com:7778', 'prod.prod_domain.com:7778' )
where title_link like '%$DEV_HOSTNAME:$DEV_PORT%'
2. Web Providers
The URL to the Web providers needs also change. Like for the Page items, they contain the full path of the webserver.
Or you can get the list of the URLs to change with this query
select name, http_url from PORTAL.WWPRO_PROVIDERS$ where http_url like '%';
This following work-around is implemented in post import step of imp_portal_schema.sh
-- web providers
update wwpro_providers$
set http_url=replace( http_url, 'dev.dev_domain.com:7778', 'prod.prod_domain.com:7778' )
where http_url like '%$DEV_HOSTNAME:$DEV_PORT%'
4. The production and development machine do not share the same domain
If the domain of the production and the development are not the same, the DN (name in LDAP) of all users needs to change.
Let's say from
dc=dev_domain,dc=com -> dc=prod_domain,dc=com
1. before to upload the ldif files. All the strings in the 2 ldifs files that contain 'dc=dev_domain,dc=com', have to be replaced by 'dc=prod_domain,dc=com'
2. in the wwsec_group$ and wwsec_person$ tables in portal, the DN need to change too.
This following work-around is implemented in post import step of imp_portal_schema.sh
-- groups (dn)
update wwsec_group$
set dn=replace( dn, 'dc=dev_domain,dc=com', 'dc=prod_domain,dc=com' )
update wwsec_group$
set dn_hash = wwsec_api_private.get_dn_hash( dn )
-- users (dn)
update wwsec_person$
set dn=replace( dn, 'dc=dev_domain,dc=com', 'dc=prod_domain,dc=com' )
update wwsec_person$
set dn_hash = wwsec_api_private.get_dn_hash( dn)
5. Text items with HTML links
Sometimes people stores full URL inside their text items, it happens mostly when they use link with the RichText Editor in IE .
This following work-around is implemented in post import step in imp_portal_schema.sh
-- html links created by the RTF editor inside text items
update wwv_text
set text=replace( text, 'dev.dev_domain.com:7778', 'prod.prod_domain.com:7778' )
where text like '%$DEV_HOSTNAME:$DEV_PORT%'
6. OID Custom password policy
It happens quite often that the people change the password policy of the OID server. The reason is that with the default policy, the password expires after 60 days. If so, do not forget to make the same changes in the new installation.
PROBLEMS
1. Import log has some errors
A. EXP-00091 -Exporting questionable statistics
You can ignore this error.
B. IMP-00017 - WWSRC_PREFERENCE$
When importing, there is one import error:
IMP-00017: following statement failed with ORACLE error 921:
"ALTER TABLE "WWSRC_PREFERENCE$" ADD "
IMP-00003: ORACLE error 921 encountered
ORA-00921: unexpected end of SQL commandThe primary key is not created. You can create it with this commmand
in SQL*Plus with the user portal.. Then readd the missing VPD policy.
alter table "WWSRC_PREFERENCE$" add constraint wwsrc_preference_pk
primary key (subscriber_id, id)
using index wwsrc_preference_idx1
begin
DBMS_RLS.ADD_POLICY ('', 'WWSRC_PREFERENCE$', 'WEBDB_VPD_POLICY',
'', 'webdb_vpd_sec', 'select, insert, update, delete', TRUE,
static_policy=>true);
end ;
Step 8 in the script "imp_portal_schema.sh" take care of this. This can also possibly be solved by the
C. IMP-00017 - WWDAV$ASL
. importing table "WWDAV$ASL"
Note: table contains ROWID column, values may be obsolete 113 rows importedThis error is normal, the table really contains a ROWID column.
D. IMP-00041 - Warning: object created with compilation warnings
This error is normal too. The packages giving these error have
dependencies on package not yet imported. A recompilation is done
after the import.
E. ldapadd error 'cannot add add entries containing authpasswords'
# ldap_add: DSA is unwilling to perform
# ldap_add: additional info: You cannot add entries containing authpasswords.
"authpasswords" are automatically generated values from the real password of the user stored in userpassword. These values do not have to be exported from ldap.
In the import script, I remove the additional tag with a XSL stylesheet 'del_authpassword.xsl'. See above.
F. IMP-00017: WWSTO_SESSION$
IMP-00017: following statement failed with ORACLE error 2298:
"ALTER TABLE "WWSTO_SESSION$" ENABLE CONSTRAINT "WWSTO_SESS_FK1""
IMP-00003: ORACLE error 2298 encountered
ORA-02298: cannot validate (PORTAL.WWSTO_SESS_FK1) - parent keys not found
Here is a work-around for the problem. I will normally integrate it in a next version of the scripts.
SQL> delete from WWSTO_SESSION_DATA$;
7690 rows deleted.
SQL> delete from WWSTO_SESSION$;
1073 rows deleted.
SQL> commit;
Commit complete.
SQL> ALTER TABLE "WWSTO_SESSION$" ENABLE CONSTRAINT "WWSTO_SESS_FK1";
Table altered.
G. IMP-00017 - ORACLE error 1 - DBMS_JOB.ISUBMIT
This error can appear during the import when the import database is not empty and is already customized for some reasons. For example, you export from an infrastructure and you import in a database with a lot of other programs that uses jobs. And unhappily the same job id.
Due to the way the export/import of jobs is done, the jobs keeps their id after the import. And they may conflict.
IMP-00017: following statement failed with ORACLE error 1: "BEGIN DBMS_JOB.ISUBMIT(JOB=>42,WHAT=>'begin execute immediate " "''begin wwutl_cache_sys.process_background_inval; end;'' ; exc" "eption when others then wwlog_api.log(p_domain=> ''utl'', " " p_subdomain=>''cache'', p_name=>''background'', " " p_action=>''process_background_inval'', p_information => ''E" "rror in process_background_inval ''|| sqlerrm);end;', NEXT_DATE=" ">TO_DATE('2004-08-19:17:32:16','YYYY-MM-DD:HH24:MI:SS'),INTERVAL=>'SYSDATE " "+ 60/(24*60)',NO_PARSE=>TRUE); END;"
IMP-00003: ORACLE error 1 encountered ORA-00001: unique constraint (SYS.I_JOB_JOB) violated
ORA-06512: at "SYS.DBMS_JOB", line 97 ORA-06512: at line 1
Solutions:
1. use a fresh installed database,
2. Due that the jobs conflicting are different because it happens only in custom installation, there is no clear rule. But you can
recreate the jobs lost after the import with other_ids
and/or change the job id of the other program before to import. This type of commands can help you (you need to do it with SYS)
select * from dba_jobs;
update dba_jobs set job=99 where job=52;
commit
2. Import in a RAC environment
Be aware of the Bug 2479882 when the portal database is in a RAC database.
Bug 2479882 : NEEDED TO BOUNCE DB NODES AFTER INSTALLING PORTAL 9.0.2 IN RAC NODE3. Intermedia
After importing a environment, the intermedia indexes are invalid. To correct the error you need to run in SQL*Plus with Portal
start $MIDTIER_ORACLE_HOME/portal/admin/plsql/wws/inctxgrn.sql
start $MIDTIER_ORACLE_HOME/portal/admin/plsql/wws/ctxcrind.sql
But $MIDTIER_ORACLE_HOME/portal/admin/plsql/wws/inctxgrn.sql is missing in IAS 9.0.4.0. This is Bug 3536937. Fixed in 9041. The missing scripts are contained in the downloadable zip file (exp_schema904.zip : Attachment 276688.1:1 ), directory sql. This means that practically in 9040, you have to run
start sql/inctxgrn.sql
start $MIDTIER_ORACLE_HOME/portal/admin/plsql/wws/ctxcrind.sql
In the import script, it is done in the step 6 - recreate Portal Intermedia indexes.
You can not WA the problem without the scripts. Running ctxcrind.sql alone does not work. You will have this error:
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "PORTAL.WWERR_API_EXCEPTION", line 164
ORA-06512: at "PORTAL.WWV_CONTEXT", line 1035
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "PORTAL.WWERR_API_EXCEPTION", line 164
ORA-06512: at "PORTAL.WWV_CONTEXT", line 476
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-20000: Oracle Text error:
DRG-12603: CTXSYS does not own user datastore procedure: WWSBR_THING_CTX_69
ORA-06512: at line 13
4. ptlconfig
If you try to run ptlconfig simply after an import you will get an error:
Problem processing Portal instance: Configuring HTTP server settings : Installing cache data : SQL exception: ERROR: ORA-23421: job number 32 is not a job in the job queue
This is because the import done by user SYS has imported the PORTAL jobs to the SYS schema in place of portal. The solution is to run
update dba_jobs set LOG_USER='PORTAL', PRIV_USER='PORTAL' where schema_user='PORTAL';
In the import script, it is done in the step 8 - post import changes.
5. WWC-41417 - invalid credentials.
When you try to login you get:
Unexpected error encountered in wwsec_app_priv.process_signon (User-Defined Exception) (WWC-41417)
An exception was raised when accessing the Oracle Internet Directory: 49: Invalid credentials
Details
Error:Operation: dbms_ldap.simple_bind_s
OID host: machine.domain.com
OID port number: 4032
Entry DN: orclApplicationCommonName=PORTAL,cn=Portal,cn=Products,cn=OracleContext. (WWC-41743)Solution:
- run secupoid.sql
- rerun ptlconfig
This problem has been seen after using ptlasst in place of ptlconfig.
6. EXP-003 with a database 9.2.0.5 or 10.1.0.2
In fact, the DB format of imp/exp has changed in 9.2.0.5 or 10.1.0.2. The EXP-3 error only occurs when the export from the 9.2.0.5.0 or 10.1.0.2.0 database is done with a lower release export utility, e.g. 9.2.0.4.0.
Due to the way this note is written, the imp/exp utility used is the one of the midtier (9014), if your portal resides in a 9.2.0.5 database, it will not work. To work-around the problem, there are 2 solutions:
Change the script so that it uses the exp and imp command of database.
Make a change to the 9.2.0.5 or 10.1.0.2 database to make them compatible with previous version. The change is to modify a database internal view before to export/import the data.
A work-around is given in Bug 3784697
1. Make a note of the export definition of exu9tne from
$OH/rdbms/admin/catexp.sql
2. Copy this to a new file and add "UNION ALL select * from sys.exu9tneb" to the end of the definition
3. Run this as sys against the DB to be exported.
4. Export as required
5. Put back the original definition of exu9tne
eg: For 9204 the workaround view would be:
CREATE OR REPLACE VIEW exu9tne (
tsno, fileno, blockno, length) AS
SELECT ts#, segfile#, segblock#, length
FROM sys.uet$
WHERE ext# = 1
UNION ALL
select * from sys.exu9tneb
7. EXP-00006: INTERNAL INCONSISTENCY ERROR
This is Bug 2906613.
The work-around given in this bug is the following:
- create the following view, connected as sys, before running export:
CREATE OR REPLACE VIEW exu8con (
objid, owner, ownerid, tname, type, cname,
cno, condition, condlength, enabled, defer,
sqlver, iname) AS
SELECT o.obj#, u.name, c.owner#, o.name,
decode(cd.type#, 11, 7, cd.type#),
c.name, c.con#, cd.condition, cd.condlength,
NVL(cd.enabled, 0), NVL(cd.defer, 0),
sv.sql_version, NVL(oi.name, '')
FROM sys.obj$ o, sys.user$ u, sys.con$ c,
sys.cdef$ cd, sys.exu816sqv sv, sys.obj$ oi
WHERE u.user# = c.owner# AND
o.obj# = cd.obj# AND
cd.con# = c.con# AND
cd.spare1 = sv.version# (+) AND
cd.enabled = oi.obj# (+) AND
NOT EXISTS (
SELECT owner, name
FROM sys.noexp$ ne
WHERE ne.owner = u.name AND
ne.name = o.name AND
ne.obj_type = 2)
The modification of exu8con simply adds support for a constraint type that had not previously been supported by this view. There is no negative impact.
8. WWSBR_DOC_CTX_54 is invalid
After the recompilation of the package, one package remains invalid (in sys_post_changes.log):
INVALID_OBJECT_AFTER
1
select owner, object_name from all_objects where status='INVALID'
CTXSYS WWSBR_DOC_CTX_54
CREATE OR REPLACE procedure WWSBR_DOC_CTX_54
(rid in rowid, bilob in out NOCOPY blob)
is begin PORTAL.WWSBR_CTX_PROCS.DOC_CTX(rid,bilob);end;
This object is not used anymore by portal. The error can be ignored. The procedure can be removed too. This is Bug 3559731.
9. You do not have permission to perform this operation. (WWC-44131)
It seems that there are problems if
- groups on the production machine are not residing in the default place in OID,
- and that the group creation base and group search base where changed.
After this, the cloning of the repository work without problem. But it seems that the command 'ptlconfig -dad portal' does not reset the GUID and DN of the groups correctly. I have not checked this yet.
The solution seems to use the script given in the 9.0.2 Note 228516.1. And run group_sec.sql to reset all the DN and GUID in the copied instance.
10. Invalid Java objects when exporting from a 9.x database and importing in a 10g database
If you export from a 9.x database and import in a 10g database, after running utlrp.sql, 18 Java objects will be invalid.
select object_name, object_type from user_objects where status='INVALID'
SQL> /
OBJECT_NAME OBJECT_TYPE
/556ab159_Handler JAVA CLASS
/41bf3951_HttpsURLConnection JAVA CLASS
/ce2fa28e_ProviderManagerClien JAVA CLASS
/c5b98d35_ServiceManagerClient JAVA CLASS
/d77cf2ab_SOAPServlet JAVA CLASS
/649bf254_JavaProvider JAVA CLASS
/a9164b8b_SpProvider JAVA CLASS
/2ee43ac9_StatefulEJBProvider JAVA CLASS
/ad45acec_StatelessEJBProvider JAVA CLASS
/da1c4a59_EntityEJBProvider JAVA CLASS
/66fdac3e_OracleSOAPHTTPConnec JAVA CLASS
/939c36f5_OracleSOAPHTTPConnec JAVA CLASS
org/apache/soap/rpc/Call JAVA CLASS
org/apache/soap/rpc/RPCMessage JAVA CLASS
org/apache/soap/rpc/Response JAVA CLASS
/198a7089_Message JAVA CLASS
/2cffd799_ProviderGroupUtils JAVA CLASS
/32ebb779_ProviderGroupMgrProx JAVA CLASS
18 rows selected.
This is a known issue. This can be solved by applying patch one of the following patch depending of your IAS version.
Bug 3405173 - PORTAL 9.0.4.0.0 PATCH FOR 10G DB UPGRADE (FROM 9.0.X AND 9.2.X)
Bug 4100409 - PORTAL 9.0.4.1.0 PATCH FOR 10G DB UPGRADE (FROM 9.0.X AND 9.2.X)
Bug 4100417 - PORTAL 9.0.4.2.0 PATCH FOR 10G DB UPGRADE (FROM 9.0.X AND 9.2.X)
11. Import : IMP-00003: ORACLE error 30510 encountered
When importing Portal 9.0.4.x, it could be that the import of the database side produces an error ORA-30510.The new perl script work-around the issue in the portal_post_import.sql script. But not the BASH scripts. If you use the BASH scripts, after the import, please run this command manually in SQL*Plus logged as portal.
---- Import error 2 - ORA-30510 when importing
CREATE OR REPLACE TRIGGER logoff_trigger
before logoff on schema
begin
-- Call wwsec_oid.unbind to close open OID connections if any.
wwsec_oid.unbind;
exception
when others then
-- Ignore all the errors encountered while unbinding.
null;
end logoff_trigger;
This is logged as <Bug;4458413>.
12. Exporting from a 9.0.1 database and import in a 9.2.0.5+ or 10g DB
It could be that when exporting from a 9.0.1 database to a 10g database that the java classes do not get compiled correctly. The following errors are seen
ORA-29534: referenced object PORTAL.oracle/net/www/proto/https/HttpsURLConnection could not be resolved
errors:: class oracle/net/www/proto/https/HttpsURLConnection
ORA-29521: referenced name oracle/security/ssl/OracleSSLSocketFactoryImpl could not be found
ORA-29521: referenced name oracle/security/ssl/OracleSSLSocketFactory could not be found
In such a case, please apply the following patches after the import in the 10g database.
Bug 3405173 PORTAL REPOS DB UPGRADE TO 10G: for Portal 9.0.4.0
Bug 4100409 PORTAL REPOS DB UPGRADE TO 10G: for Portal 9.0.4.1
Main Differences with Portal 9.0.2
For the persons used to this technics in Portal 9.0.2, you could be interested to read the main differences with the same note for Portal 9.0.2
Portal 9.0.2
Portal 9.0.4
Cutter database
Portal 9.0.2 can be part of an infrastructure database or in a custom external database.
In Portal 9.0.2, the portal schema is imported in an empty database.
Portal 9.0.4 can only be installed in a 'Cutter database', a database created with RepCA or OUI containing always OID, DCM and so on...
In Portal 9.0.4, the portal schema is imported in an 'Cutter database' (new)
group_sec.sql
group_sec.sql is used to correct the GUIDs of OID stored in Portal
ptlconfig -dad portal -oid is used to correct the GUIDs of OID stored in Portal (new)
1 script
The import / export are divided by several steps with several scripts
The import script is done in one step
Additional steps are included in the script
This requires to know the hostname and port of the original development machine. (new)
Import
The steps are:
creation of an empty database
creation of the users with password=username
import
The steps are:
creation of an IAS 10g infrastructure DB (repca or OUI)
deletion of new portal schemas (new)
creation of the users with the same password than the schemas just dropped.
import
DAD
The dad needed to be changed
The passwords are not changed, the dad does not need to be changed.
Bugs
In portal 9.0.2, 2 bugs were workarounded by change_host.sh
In Portal 9.0.4, some tables additional tables needs to be updated manually before to run ptlasst. This is #Bug:3762961#.
export of LDAP
The export is done in LDIF files. If the prod and the dev have different domain, it is quite difficult to change the domain name in these file due to the line wrapping at 78 characters.
The export is done in XML files, in the DSML format (new). It is a lot easier to change the XML files if the domain name is different from PROD to DEV.
Download
You have to cut and paste the scripts
The scripts are attached to the note. Just donwload them.
Rewiring
9.0.2 uses ptlasst.
ptlasst.csh -mode MIDTIER -i custom -s $PORTAL_USER -sp $PORTAL_PASSWORD -c $PORTAL_HOSTNAME:$PORTAL_DB_PORT:$PORTAL_SERVICE_NAME -sdad $PORTAL_DAD -o orasso -op $ORASSO_PASSWORD -odad orasso -host $MIDTIER_HOSTNAME -port $MIDTIER_HTTP_PORT -ldap_h $INFRA_HOSTNAME -ldap_p $OID_PORT -ldap_w $IAS_PASSWORD -pwd $IAS_PASSWORD -sso_c $INFRA_HOSTNAME:$INFRA_DB_PORT:$INFRA_SERVICE_NAME -sso_h $INFRA_HOSTNAME -sso_p $INFRA_HTTP_PORT -ultrasearch -oh $MIDTIER_ORACLE_HOME -mc false -mi true -chost $MIDTIER_HOSTNAME -cport_i $WEBCACHE_INV_PORT -cport_a $WEBCACHE_ADM_PORT -wc_i_pwd $IAS_PASSWORD -emhost $INFRA_HOSTNAME -emport $EM_PORT -pa orasso_pa -pap $ORASSO_PA_PASSWORD -ps orasso_ps -pp $ORASSO_PS_PASSWORD -iasname $IAS_NAME -verbose -portal_only
9.0.4 uses ptlconfig (new)
ptlconfig -dad portal
Environment variables
A lot of environment variables are needed
Just 3 environment variables are needed:
- password of SYS
- password of IAS,
- ORACLE_HOME of the Midtier
All the rest is found in iasconfig.xml and LDAP (new)
TO DO
- Check if the orclcommonapplication name fits SID.hostname
- Check what gives the import of a portal30 upgraded schema inside a schema named portal
- Explain how to copy the portal*.dbf files in place of export/import and the limitation of tra -
Synchronization from OID to AD failed by using ActiveExport profile
Hi All
Synchronization from OID to AD failed by using ActiveExport profile
and i use copy activeexp.map.master that contains
DomainRules
cn=Users,dc=software,dc=raya,dc=corp:CN=Users,DC=twa,DC=com:
AttributeRules
# Organizational Unit Mapping
ou: : :organizationalunit:ou: : organizationalunit
# Container mapping
cn: : :orclcontainer: cn: :Container
#Domain cannot be exported
#name: : :domain: dc: :domain
cn:1: :inetorgperson:cn: :User
cn:1: :inetorgperson:SAMAccountName: :User
# attribute rule for mapping Active Directory LOGIN id
#mail: : :person:sn: :User:
mail: : :person:UserPrincipalName: :User:
# attribute rule for mapping entry and to create orclUserV2
# There should be a mapping rule with orcluserv2 objectclass
# without which the PORTAL may not function properly
cn: : :inetorgperson:givenname: :person
givenName: : :person:displayName: :person
# mail needs to be assigned valid value for default settings ing DAS
mail: : :inetorgperson:mail: :person
# The next mapping rule is for synchronizing password from OID to AD.
# Additional configuration is required. Please refer to DIP documentation
# for details.
# NOTE - To synchronize password from OID to AD, uncomment the next rule.
# userpassword: : :person:unicodepwd: :person:
# Setting useraccountcontrol to "544" (0x220) means
# 1) regular account 2) password not required 3) user account is enabled
cn: : :person:useraccountcontrol: :person:"544"
mobile: : :inetorgperson:mobile: :organizationalperson:
# GROUP ENTRY MAPPING RULES
cn: : :orclgroup:cn: :group:
# This will work successfully only when cn doesn't have any
# special characters associated with it.
cn: : :orclgroup:SAMAccountName: :group:
uniquemember: : :groupofuniquenames:member: :group:
when i check the log file i found
Trace Log Started at Mon Jul 24 07:54:58 EEST 2006
tampro.Twa.com:389
rdn value is missing in change record when performing insert operation. Please ensure that required mapping rule is specified in the profile.
java.lang.NullPointerException
at oracle.ldap.odip.gsi.ActiveWriter.insert(ActiveWriter.java:286)
at oracle.ldap.odip.gsi.LDAPWriter.writeChanges(LDAPWriter.java:272)
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:581)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:200)
null
ActiveExport:Error in Mapping Enginejava.lang.NullPointerException
java.lang.NullPointerException
at java.io.Writer.write(Writer.java:126)
at java.io.PrintStream.write(PrintStream.java:303)
at java.io.PrintStream.print(PrintStream.java:462)
at java.io.PrintStream.println(PrintStream.java:599)
at java.lang.Throwable.printStackTrace(Throwable.java:461)
at oracle.ldap.odip.engine.ODIException.printStackTrace(ODIException.java:296)
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:740)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:200)
Updated Attributes
orclodipLastExecutionTime: 20060724075501
orclLastAppliedChangeNumber: 3833
orclOdipSynchronizationStatus: Mapping Failure, Agent Execution Not Attempted
orclOdipSynchronizationErrors: Unknown Error Encountered
Sleeping for 1 secs
can any one tell me what can i do ?If its a very rare failure, then as you mentioned, you can skip it..
-
PS: WBS is not flowing for a Material, while creating delivery from Project
Hi,
While creating delivery from Project thro CNS0, WBS is not flowing for a Material in delivery, in turn WBS is not flowing in Billing document for same material, in turn not allowing to Post the Billing document to Accounting.
Error while releasing Billing to the Accounting: Accounting Entry is not generated. Error Message:Assign Condition type
YMRG in COPA.
Pls let me know, what can be the reason ?
Thanks.
Amit.Hi Kuldeep,
Check this note,
Note 159387 - Message BP603: incorrect line item is displayed
Its valid only till 4.6. Might give you some idea but.
Regards,
Gokul -
How to cancell PO from Service Entry sheet
Hi,
We have many open service Purchase orders in the system(More than 1800) and we would like to cancell these PO's as business dont need the service.
Scenario:
We have raised PR, which is approved by multi level approvals
After PR is approved, PO is created again approved by multi level approvals
Now 1% of the above PO's required to be cancelled which is almost aroung 1800 in number.
Pls note that we have Funds management active, so budget has consumed in the system during PR/PO process.
Now if we cancel PO's then even PR's also to be cancelled which is very lengthy process, Is there any other way to do this.
Can we do anything from service entry sheet?
Regards,
SunilHi Sameer
I don't think you can close the PO from ML81N without posting some form of service receipt.
Do you have any experiences with the mass maintenance transactions?
After reading some of the discussions below I would suggest you use the MEMASSPO transaction to set the deletion indicator on each PO item (EKPO-LOEKZ) to "L". Running transaction MASS for business object will get you to the same functionallity.
There is also a MEMASSRQ transaction (or MASS for business object BUS2105) which you can use to quickly set the closed indicator for the corresponding requisition lines.
This doc http://scn.sap.com/docs/DOC-25758 written by Parag Parikh should help if you don't have any experience.
Regards
Robyn -
Cannot create mysites from powershell: Original XSLT List View Web Part not found
I have a bizarre problem in my SharePoint 2013 farm. This does not occur in my test farm, only in the farm we were going to go live with.
I'm on windows Server 2012, SQLServer 2012 SP1, SharePoint 2013 April CU. 1 appserver/centraladmin server, 2 web servers.
When I log into our mysitehost and click newsfeed, it will create a mysite (even though first it displays "we are sorry there was a problem creating your site")
But from powershell, whether I use $UserProfile.CreatePersonalSite() or New-SPSite, I get the following error:
Original XSLT List View Web Part not found
So far I've only found one other person with this:
http://social.msdn.microsoft.com/Forums/sharepoint/en-US/2503e42c-e114-4e89-8e00-89fe70f0b154/cannot-create-sharepoint-mysite-programmatically
This is a brand new farm, created with the same scripts I created my test farm with, and same version of SharePoint. Only the service accounts are different. (Farm account has admin on the servers right now since I was setting up profile service).
Some other errors from the same correlation ID that look related:
It can't seem to find the listemplate 101
And something looks wrong with the MySiteDocumentLibrary feature
I have tried the following:
1. run psconfig.exe on each server
2. install-spfeature -AllExistingFeatures
3. looped through the directory under Features and for each called Install-SPFeature $dirname -Force
4. uninstalled and reinstalled MySiteDocumentLibrary feature
5. blew away the whole farm (removed all servers from farm, deleted all databases) and recreated it.
6. tried creating the UPA from the CentralAdmin gui.
The only real difference I can think of between the working farm and non working farm is, I installed the working farm using RTM, then as they came out added the March PU and April CU. For this farm I installed RTM and March and April, and then ran my build
farm script.
I am at a loss. What do I need to do, re-install the binaries? That's all I can think of. What I love is that our test / POC system worked fine, and now 2 weeks before go-live I'm seeing errors on the production servers I've never seen before. Using the
same scripts no less.
Feature Activation: Feature 'Fields' (ID: 'ca7bd552-10b1-4563-85b9-5ed1d39c962a') was activated
Feature Activation: Feature 'CTypes' (ID: '695b6570-a48b-4a8e-8ea5-26ea7fc1d162') was activated
No document templates uploaded for list "$Resources:core,global_onet_solutiongallery_list;" -- none found for list template "100"
Failed to find <ListTemplate> tag corresponding to ID "101", tried both onet.xml for site definition ID "0" language "1033" and global site definition. Operation failed.
No document templates uploaded for list "$Resources:core,stylelibraryList;" -- none found for list template "121".
System.Runtime.InteropServices.COMException: A user may not remove his or her own account from a site collection.<nativehr>0x81020051</nativehr><nativestack></nativestack>, StackTrace: at Microsoft.SharePoint.SPUserCollection.UpdateMembers
Feature Activation: Feature 'MySitePersonalSite' (ID: 'f661430e-c155-438e-a7c6-c68648f1b119') was activated
Feature Activation: Activating Feature 'MySiteDocumentLibrary'
Calling 'FeatureActivated' method of SPFeatureReceiver for Feature 'MySiteDocumentLibrary'
SharePoint Foundation Upgrade MySiteDocumentLibraryFeatureReceiveraj08n INFO Creating new My Documents library
Unknown SPRequest error occurred. More information: 0x80070002
SPRequest.GetMetadataForUrl: UserPrincipalName=, AppPrincipalName= ,bstrUrl=http://contoso/personal/cbuchholz/DOCUMENTS ,METADATAFLAGS=59
System.IO.FileNotFoundException: <nativehr>0x80070002</nativehr><nativestack></nativestack>, StackTrace: at Microsoft.SharePoint.SPWeb.GetObjectForUrl at Microsoft.SharePoint.Portal.UserProfiles.MySiteDocumentLibraryUtil.GetSPObjectFromUrl ...
<nativehr>0x80070002</nativehr><nativestack></nativestack>There is no Web named "/personal/cbuchholz/DOCUMENTS"
Possible mismatch between the reported error with code = 0x81070504 and message: "There is no Web named "/personal/cbuchholz/DOCUMENTS"." and the returned error with code 0x80070002.
Attemping to add webpart id 0F6072F2-E804-4CFD-837E-BB37332B9D1C to web http://contoso/personal/cbuchholz
Adding XsltListViewWebPart calling SPRequest::CreateListViewPart. Web part id 0F6072F2-E804-4CFD-837E-BB37332B9D1C, web http://contoso/personal/cbuchholz
Feature receiver assembly 'Microsoft.SharePoint.Portal, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c', class 'Microsoft.SharePoint.Portal.UserProfiles.MySiteDocumentLibraryFeatureReceiver', method 'FeatureActivated' for feature 'e9c0ff81-d821-4771-8b4c-246aa7e5e9eb' threw an exception: System.InvalidOperationException: Original XSLT List View Web Part not found at Microsoft.SharePoint.Portal.UserProfiles.MySiteDocumentLibraryUtil.ReplaceListViewWebPart
Feature Activation: Threw an exception, attempting to roll back. Feature 'MySiteDocumentLibrary'
Exception in EnsureFeaturesActivatedAtSite: System.InvalidOperationException: Original XSLT List View Web Part not found
Failed to activate site-collection-scoped features for template 'SPSPERS#2' in site collection 'http://contoso/personal/cbuchholz'
Failed to apply template "SPSPERS#2" to web at URL "http://contoso/personal/cbuchholz
I've had other problems in this farm: the bug where when you add Administrators to a Search Service via the Manage Service Applications page, it removes the SPSearchDBAdmin role from the search service process account. That one did not happen in the other farm.
At least other people have that one and I could just use the farm admin instead (still troublng of course).Ok,
Here is the problem:
When creating a mysite from powershell or script, apparently you can ONLY do this from a wfe (or a server running Microsoft SharePoint Foundation Web Application in services on server).
You CANNOT create mysites from script on your appserver if it is not also a Web Application Server. I confirmed the same is true in my test farm. I guess I was always running most of these scripts on the webserver.
I searched all over and cannot find this documented anywhere.
Who do I contact to have Microsoft document this?
It's Thursday morning, I've been working non stop since Saturday morning so you don't have to :)
Maybe you are looking for
-
Your Computer was restarted because of a problem
Hi, I got a Macbook pro last year and it was working fine until a few months back the model is an old A1150 and I am getting this problem. Everytime I turn on the computer it restart by itself after that it works fine and I get this error. I have rep
-
My itunes account is locked.
I was trying to create a new iTunes ID password, but I could not which of my cars was the most favorite. I assumed one of my BMW's?? Tried them all. Please help!
-
How to display a pdf file in jsp
hi, How to display a pdf file in jsp iam having a class which will return fileinputstream of the file object. the pdf file is in server. regards Arul
-
Compiling with reference to internal scripting implementation (NativeArray)
I'm interpreting a snippet of JavaScript and getting an object back, but in some cases the object returned is an array. If I ask the returned object for its class I get: sun.org.mozilla.javascript.internal.NativeArraySounds great, so in the case of a
-
Photo stream all go to iphoto not other ios
Hello, We have a few iDevices in our family, tied to a single Apple ID/iCloud account, and also an iMac at home. What I would like to be able to do is have all the photos taken with any of our iDevices 'flow' via the Photo Stream to iPhoto on our Mac