Database connection encryption and integrity with ColdFusion and Oracle thin client
As ColdFusion datasource we are using the Oracle thin client to connect with the database. So, basically we are using a JDBC URL such as jdbc:oracle:thin:@... and as Driver Class oracle.jdbc.OracleDriver. This works successfully however we would like to set encryption and integrity parameters as well. In Java this is done similarly by setting a Properties object prior to getting a connection as follows:
Properties prop = new Properties();
prop.put("oracle.net.encryption_client", "REQUIRED");
prop.put("oracle.net.encryption_types_client", "( DES40 )");
prop.put("oracle.net.crypto_checksum_client", "REQUESTED");
prop.put("oracle.net.crypto_checksum_types_client", "( MD5 )");
OracleDataSource ods = new OracleDataSource();
ods.setProperties(prop);
ods.setURL("jdbc:oracle:thin:@localhost:1521:main");
Connection conn = ods.getConnection();
Is there a way that I can pass these parameters to the ColdFusion datasource. Ideally, I would love to do this centrally in such way that a change to all the cfquery or cfstoredproc is not needed.
I also know that in application servers such as Oracle AS there is an option when creating a datasource which says "Add Properties". In there you can add such properties. So, I was thinking of maybe creating a JNDI DS in the app. server and then magically connecting to it but this may have some impacts on the app.
Besides this I was also thinking of communicating with the CF datasource through the CF admin API (cfide.adminapi.administrator) and also the option of extending the Oracle driver so that when CF connects with it these params are already set.
I would love to have your professional opinion and suggestions on this.
I believe the thin driver actually needs the IP address (not the DNS name). Also, is "java" the name of the Oracle instance to which you are trying to connect?
Try the following:String driver = "jdbc:oracle:thin";
String dbIP = "W2RZ1NXG01's IP address";
String dbPort = "1530";
String dbSid = "java";
String dbUser = "Admin";
String dbPswd = "apassword";
String cnctStr = driver + ":@" + dbIP + ":" + port + ":" + dbSid;
try
Class.forName("oracle.jdbc.driver.OracleDriver");
con = DriverManager.getConnection( cnctStr, dbUser, dbPswd );
stmt = con.createStatement();
stmt.executeUpdate(createString);
stmt.close();
con.close();
catch(SQLException ex)
System.err.println( "The following SQLException occurred: " + ex );
System.err.println( "Message: " + ex.getMessage() );
Similar Messages
-
CRM 5.0 Integration with Twitter and facebook
HI Experts,
i am working with SAP CRM 5.0 version,
My existing client want to set up SAP CRM with twitter and Facebook specially customor services ,
Does SAP CRM 5.0 has tight integration with twitter and facebook ,
if yes will you please share iinformation in terms of
1)Effort Estimation :manpoer
2)Costing details
Thanking you in advance
Pravin shete@sherrysarath: Could you share some documents to understand how standards works for this issue? And if there aren't standards requirements, could you share your custom solution.
@pravin wipro : Could you explain what are your requirements? -
DMS integration with PP and PS.
Hi SAP PLM experts,
I would like to know how mySAP PLM's DMS module is integrated with PS and PP module.
Any small scenario with T codes and configuration help is highly appriciated.
If you guyz have any documents/materials for this question, please mail the same to sudhu03 at gmail dot com.
Thanks in advance,
S.Achar.It is only through the object linkwhich you provide.
In the business perpective, we attach the contract documents, design drawings and other doucuments to the project for ready referance.
You can create the DIR directly from PS transaction or you can create it in DMS and attach it to the Project.
We do have the red lining to identify teh changes reqd in the document. -
OBIEE Installation doc's and integration with EBS 12.0.6.
HI,
I had installed OAS 10g with OSS and OID and integration with EBS R12.0.6.
Now I want to install OBIEE(On Linux) and wants to iuntegrate with SSO.
Please provide me the Master Doc for this and anyother private doc also if any.
thxHi,
Check this might be helpful... http://gerardnico.com/wiki/dat/obiee/linux_installation
http://onlineappsdba.com/index.php/2007/10/29/biee-installation-on-linux-business-intelligence-enterprise-edition/
To integrate with EBS check these.....http://it.toolbox.com/blogs/eye-on-obi/oracle-bi-applications-obiee-security-integration-with-oracle-ebusiness-suite-17246
http://obibb.wordpress.com/2010/07/30/integrating-oracle-ebs-and-oracle-bi-ee-part-i/
Thanks,
Srikanth -
Quality Center 11 (ALM) Query - Integration with Subversion and Jenkins
Hi OHPCPaT Forum,
Are there any restrictions to enabling the QC integration with Subversion and Jenkins when the QC server is a SaaS cloud instance? Is there any additional config I should be aware of?
Thanks in anticipationHi,
Yes all the users are facing the issue. Please find more details for the issue.
Currently we are upgrading Quality Center 10.0 to 11.0 with HP Enterprise Integration module for SAP applications. The project successfully upgraded from QC 10.0 to 11.0 but there are some error popup for the project for which Application Module and Enterprise Integration for SAP applications Version 2.6 was enabled
Quality Center Details:
HP Application Lifecycle Management 11.00
ALM patch level: 07
Quality Center 11.00 Enterprise Edition
Component Build
OTA Client 11.0.0.6051
User Interface 11.0.0.6051
WebGate Client 11.0.0.6051
Test Run Scheduler 11.0.0.6051
Execution Flow 11.0.0.6051
Site Administration Client 11.0.0.6051
Extension Version
Enterprise Integration for SAP applications 2.6.0.3232
Sprinter 11.0.0.6051
Application Model 2.6.0.917
Installation Steps followed:-
1.Installed HP ALM
2.Installed Patch Service Pack 2 (Patch 2,3,4)
3.Installed Patch 6
4.Installed Patch 7
5.Installed the Extensions HP Enterprise Integration module for SAP applications using Extension Deployment Tool by following the steps provided in the Addin Page
6.Created new project in HP ALM
7.Login to the project (no issue)
8.Enabled the Project Extensions
9.Login to the project (able to access the project but error message is popup when we access Test plan and Defect module)
Note: There is no error when we access the project for which the HP Enterprise Integration module for SAP applications EI not enabled. QC 11.0 is not integrated with any tools.
Let me know is there any step we missed or we need to do any manual steps we need to do before enabling EI -
Exchange 2013 owa integration with ADFS and cooexistance with exchange 2007
Team,
I have successfully integrated adfs 3.0 and Exchange 2013 owa and ecp. However, we have a coexistence environment with exchange 2007. When you access owa, which then redirects you to adfs, sign-in, and then get redirected back to owa. If your
mailbox is still within exchange 2007, you get a blank login page. If you mailbox is in exchange 2013 then you successfully get the owa page for 2013. The problem is that all exchange 2007 mailbox users get blank pages at login. So I have determined
that exchange 2013 cas is not doing the service location lookup on the mailbox to determine if a redirect to the legacy owa address is needed. Is there a configuration setting that I might be missing? Or does the integration with adfs and owa not support
the much needed mailbox lookup for a coexistance environment? A side note: if we enable FBA with owa, both login scenarios work just fine (legacy and new 2013). The legacy namespace has been created, and applied to the exchange 2007 urls.Hi,
Try using AD FS claims-based authentication with Outlook Web App and EAC
http://technet.microsoft.com/en-us/library/dn635116(v=exchg.150).aspx
Thanks,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Simon Wu
TechNet Community Support -
I am considering buying an iPad 3. I have an iMac with OSX 10.6.8. On the iMac I have many photos and work with iPhoto and Photoshop Elements on the computer. Can I interchange or transfer photos and other work from the iMac to the iPad? How?
velma Monreal wrote:
I am considering buying an iPad 3. I have an iMac with OSX 10.6.8. On the iMac I have many photos and work with iPhoto and Photoshop Elements on the computer. Can I interchange or transfer photos and other work from the iMac to the iPad? How?
Yes you can. In iPhoto create a Album with the photos you want in it. You can drag them from your Events folder. In iTunes with your iPad connected go to Photos by cliking on your iPad. You can then select the album or events you want. -
Share Cinema Display and peripherals with MBP and PC
Share Cinema Display and peripherals with MBP and PC
I am about to be forced to use a business network connected PC in my office, but I will continue to bring my personal MacBook Pro to work for my personal e-mail, calendar, internet, etc. (it will be connected to a seperate open DSL network). I am thinking about getting an Apple Cinema display and trying to use this one display for both computers. I would like a way to "switch back and forth" between the two systems, all the while using the same mouse, keyboard, printer and Cinema display.
Does anyone have any experience setting up what I am wanting to do?
Also, how does connecting an external display effect a MBP? Can you close the screen on the MBP, turning off the MBP's display but keeping the computer running? I'd like to be able to tuck the MBP out of the way to save deskspace but still be using it via the Cinema display and peripherals...
Thanks so much!You can use synergy (link: http://synergy2.sourceforge.net/) to link the mouse and keyboard across the two platforms.
If you want to use only one display, you'll need a KVM switch.
You can run the MBP either with it's own screen open, or shut it and use only the external screen.
Hopefully this helps a little... -
Hi,
I would like to copy my photos (from iphoto) and movies (from i movie) from my Mac book air to my imac in which I also have iphoto and imovie with photos and movies.
My goal is to have a unique source of photos and movies in my imac.
Thanks !
NicolasAs to iPhoto
Connect the two Macs together (network, firewire target mode, etc) or use an external hard drive formatted Mac OS extended (journaled) and drag the iPhoto library intact as a single entity from the old Mac to the pictures folder of the new Mac - launch iPhoto on the new mac and it will open the library and convert it as needed and you will be ready move forward.
For iMovie support please post in the iMovie forum
LN -
I just updated my Firefox browser to Firefox 8. I am a college student and practice with HTML and CSS for class assignments. The fonts in all my html documents are being overwritten online by your script typeface. I did not have this issue in the older version. I use an iMAC running OS10.6.8. How do I resolve this issue?
Starting with this, you have errors in your CSS code.
body {
margin-top: 0px;
margin-right: 0px;
margin-bottom: 0px;
margin-left: 0px;
color: 151515;
font-family: "Gill Sans", "Gill Sans MT", "Myriad Pro", "DejaVu Sans Condensed", Helvetica, Arial, sans-serif;
background-color: EFF5F8;
body {
margin:0;
color: #151515;
font-family: "Gill Sans", "Gill Sans MT", "Myriad Pro", "DejaVu Sans Condensed", Helvetica, Arial, sans-serif;
background-color: #EFF5F8;
font-size: 100%;
Related links:
Windows Chrome, why do my fonts look so bad? - Lee Green
css3 - Bad font rendering Chrome - Stack Overflow
Nancy O. -
Silverlight integration with coldfusion
Anyone have experiance with silverlight integration with coldfusion. I have a cf server running on ISS. If I install visual studio, how easy can I get my intergration happening?
I'll just add a 'me too'. Exactly the same with MySQL, CF 9, running FB 4.6 on W7 x64. Silent fail. I can't trace any more into the code as it is in the swc or something. Can anyone else confirm that they can use the auto-generated cfcs, .as's , etc., to create, update or delete records?
Joe -
Retrieving SLD and Integration builder username and pwd's
Hi,
I forgot my SLD and Integration builder username and pwds. my SLD pwd locked. Plz help me on this.
Thanks,
SatyaHi Satish,
you can unlock your user and use the same user after unlocking.
Go to SU01 and unlock your user. If you dont have access to SU01 contact your Basis/Security team so that they could be able to do it for you.
Regards,
Naveen -
Hi,
This is Sathish, I am trying to create a report and retrieve data through stored procedure using ODBC Connection. When connecting to the Stored Procedure it is showing Database Connection Error 42000:[Microsoft][ODBC driver for oracle] Syntax error or access violation' Error.
CRXI R2, Oracle 9i.
What do i do to solve this issue.
Regards,
SathishHi Satish
It could be an issue with the driver.
You can try with the OLEDB n Oracle native connection to test if the issue persists.
Also you can refer to the [Troubleshooting Database Connectivity for Crystal Reports|http://www.sdn.sap.com/irj/boc/index?rid=/library/uuid/d05b3bb7-0f28-2c10-4ea3-84dbdc4e414e&overridelayout=true]
Hope this helps!!
Regards
Sourashree -
Using SBO with Wyse Winterm S30 Thin Clients
I have a customer who is using Microsoft Terminal Services via Wyse Winterm S30 Thin cllents to access SBO over a VPN. We are experiencing excessive rolling (redisplay) when screens are refreshed. The problem is compounded if a Marketing Document contains multiple Text lines. We have two terminal servers, each with about 12 thin clients connected.
I would appreciate feedback from anyone with experience of using thin clients, regardless of brand.Hi,
Thin clients normally have a low memory allocation on the video card (8mb to 16MB) so this can be a problem. Check to see if you can change this in the BIOS on the WYSE. If not connect at 256 Colours to reduce this. If you have pictures linked to products then their resolution will not be good but for SAP itself the difference is small. Also rename the SAPSS.AVI to .old if you have not already done so so that the splash screen does not come up when logging in.
In my multimedia testing on thin clients, unrelated to SBO, I found that both memory and processor power made a huge difference, which is contrary to thin client manufacturer claims. As an example I used a 200MHz/64MB TC for a flash application and sound was about 3 seconds behind the image and the image update would skip 3 to 5 frames when updating. Moving to a 800Mhz/128MB TC The frame refresh rate was almost perfect and the sound was only about 0.5 seconds behind. I would therefore test on a more powerful thin client to see if it improves performance.
The S30 is a 400MHz (rated @ 533 on performance by AMD). Try a 1GHz TC with the maximum Video memory you can find.
We are currently using VXL Itona 800Mhz/128MB and do not experience too much rolling but we are using 256 colours.
Hope this helps. -
Install instructions for Search Modeler and integrating with Apps 11i
Below are all the steps I took for creating integrating Search Modeler with an Oracle E-Business Suite 11.5.10.2 ATG RUP 7 instance called ERNIE.
Much thanks to Oracle Support ( Rajesh Ghosh, Vikas Soolapani and Roger Ford), as this simply wouldn't have been possible without them.
There are a few things in this document that may not be pertinent to your environment if you're doing this. I've made attempts to clarify those possibly optional sections in the documentation.
I've broken the document down into the following multiple parts
o Setting up a new RedHat 4.8 x86 server called ausSEARCHdev (The server is in AUStin, TX, is dedicated to SEARCH, and is for our DEV environment)
o SES (Secure Enterprise Search 10.1.8.2 install
o SES 10.1.8.4 patchset install
o SES CPU patch apply
o Standalone OC4J and ADF installation
o Search Modeler installation and configuration
o Configure ERNIE Apps instance to be on valid self-signed SSL certificate
o Import ERNIE SSL certificate into SES and Search Modeler
using aussearchdev initially
rh4 x86, default oracle build
** htop and collectl are open source free performance monitoring packages we utilize**
--start
install htop and collectl
wget http://dag.wieers.com/rpm/packages/htop/htop-0.7-1.el4.rf.i386.rpm
rpm -ivh htop-0.7-1.el4.rf.i386.rpm
wget http://downloads.sourceforge.net/project/collectl/collectl/collectl-3.4.0-4/collectl-3.4.0-4.noarch.rpm?use_mirror=voxel
rpm -ivh collectl-3.4.0-4.noarch.rpm
chkconfig collectl on
service collectl start
**We still need to install the necessary rpms so that collectl logs are compressed
--end
useradd -u 501 oracle
groupadd -g 504 dba
usermod -G 504 oracle
verification:
[root@aussearchdev ~]# su - oracle
[oracle@aussearchdev ~]$ id
uid=501(oracle) gid=501(oracle) groups=501(oracle),504(dba)
passwd oracle
** /mnt/oraclebackup is a network dumpspot we use to hold Software installs, RPMs, etc
** /mnt/rpms is a network dumpspot we use to hold ISOs for OS software such as Redhat Linux
mkdir /mnt/oraclebackup
mkdir /mnt/rpms
add the following to /etc/fstab
XXXXXXX:/patches/oraclebackup /mnt/oraclebackup nfs defaults,hard,nolock 0 0
XXXXXXX:/esxpress/nfs /mnt/rpms nfs rw,addr=XXX.XXX.XXX.XXX 0 0
mount /mnt/rpms
Next need to install various oracle needed RPMs.
cd /mnt/rpms/rh40_upd8/RedHat/RPMS/
rpm -ivh perl-Compress-Zlib-1.42-1.el4.i386.rpm
rpm -ivh libaio-devel-0.3.105-2.i386.rpm
rpm -ivh sysstat-5.0.5-25.el4.i386.rpm
rpm -ivh unixODBC-devel-2.2.11-1.RHEL4.1.i386.rpm
service collectl restart
cd /tmp
wget http://oss.oracle.com/el4/oracle-validated/oracle-validated-1.0.0-18.el4.i386.rpm
rpm -ivh oracle-validated-1.0.0-18.el4.i386.rpm
Now we should have all the RPMs we need.
cd /etc/sysconfig/oracle-validated
./oracle-validated-verify
cd /var/log/oracle-validated/results
more orakernel.log
uname -a
should return 2.6.9 or higher
rpm -qa|grep gcc-
should return 3.4.3 or higher
rpm -qa|grep glibc
should return 2.3.4-2.9 or higher
rpm -qa|grep make
should return 3.80 or higher
rpm -qa|grep binutils
should return 2.15.92.0.2 or higher
rpm -qa|grep openmotif
should return 2.2.3-9.RHEL4.1 or higher
rpm -qa|grep compat-db
should return 4.1.25-9 or higher
rpm -qa|grep setarch
should return 1.6-1 or higher
cat /proc/sys/kernel/sem
should return 250 32000 100 128 or higher (250 32000 100 142 in our case)
cat /proc/sys/kernel/shmall (1073741824 in our case)
should return 2097152 or higher
cat /proc/sys/kernel/shmmax
should return half the size of physical memory (4294967295 in our case - NO LARGER on 32-bit OS)
cat /proc/sys/kernel/shmmni
should return 4096
cat /proc/sys/fs/file-max
should return 65536 (327679 in our case)
cat /proc/sys/net/ipv4/ip_local_port_range
should return 1024 65000
values in /etc/security/limits.conf set by oracle-validated rpm, no changes necessary
add the following line to /etc/pam.d/login
session required /lib/security/pam_limits.so
add the following to /etc/profile
if [ $USER = "oracle" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384 -n 65536
fi
fi
mkdir -p /d01/oracle
chmod 777 /d01/oracle
init 6 the box (aka reboot)
Time to start the SES 10.1.8.2 installer
running SES 10.1.8.2 installer
as oracle
cd /mnt/oraclebackup/deathstar_patches/SES/SES10182
./runInstaller
search server name sesprod
administrative password XXXXXXXX for dev,
http port 7777
destination path /d01/oracle/10.1.8/sesdev (dev)
data storage path /d01/oracle/sesdevdata (dev)
next
inventory /d01/oracle/oraInventory
dba group
run orainstroot.sh as requested
continue
all tests should pass, continue
finished clean
tried logging in to admin console at http://aussearchdev:7777/search/admin - worked fine
tried bringing up search query at http://aussearchdev:7777/search/query/search - worked fine
Now we need to get to 10.1.8.4 of SES
(yes, you need to keep the system up)
cd /mnt/oraclebackup/deathstar_patches/SES/SES10184/ses_10184pst_linux/
./runInstaller
Destination, choose sesdev
Next
Patchset successful
tried logging in to admin console at http://aussearchdev:7777/search/admin - worked fine
tried bringing up search query at http://aussearchdev:7777/search/query/search - worked fine
Apply CPU Patch to SES
CPU JAN 10 says patch 9119261 is required - but patch requires extended support contract
CPU OCT 09 says patch 8836540 is required - but patch requires extended support contract
CPU JUL 09 says patch 8534394 is required - but patch requires extended support contract
CPU APR 09 says patch 8290534 is required - and you can actually download it
Need opatch from 6880880
cp -r /mnt/oraclebackup/deathstar_patches/SES/CPUAPR09/OPatch $ORACLE_HOME
export PATH=$ORACLE_HOME/OPatch:$PATH
shut down everything
cd $ORACLE_HOME/bin
./searchctl stopall
cd /mnt/oraclebackup/deathstar_patches/SES/CPUAPR09/8290534
opatch apply
cd $ORACLE_HOME/cpu/CPUApr2009
**Note: your sys password is what you set for your administrative password above
sqlplus "sys/XXXXXX" as sysdba;
startup
@catcpu
@?/rdbms/admin/utlrp
shutdown immediate
exit
cd /d01/oracle/10.1.8/sesdev/cpu/view_recompile/
sqlplus "sys/XXXXXXX" as sysdba;
startup upgrade;
@view_recompile_jan2008cpu.sql
@?/rdbms/admin/utlrp
shutdown immediate
cd /d01/oracle/10.1.8/sesdev/jdk/jre/lib/ext
mv mail.jar $HOME/mail.jar.backup02222010
mv mailapi.jar $HOME/mailapi.jar.back02222010
cp /d01/oracle/10.1.8/sesdev/search/lib/mail.jar .
SES 10.1.8.4 is now installed and updated with latest available CPU
tried logging in to admin console at http://aussearchdev:7777/search/admin - worked fine
tried bringing up search query at http://aussearchdev:7777/search/query/search - worked fine
we're going to go with the standalone OC4j 10.1.3.3 and Oracle ADF 10.1.3.3 method
The URLs for these products are
http://blogs.oracle.com/ebssearch/2009/10/available_now_oracle_search_modeler_11_for_oracle_e-business_suite_11i.html
and specifically
OC4J - http://download.oracle.com/otn/java/oc4j/101330/oc4j_extended_101330.zip
ADF - http://www.oracle.com/technology/software/products/jdev/htdocs/adfinstaller10133.html
OC4J install
First you need to have Java 1.5 on the machine. Latest is 1.5.0_22. Package is in /mnt/oraclebackup/deathstar_patches/SES
as root on aussearchdev
cd /usr/local
cp /mnt/oraclebackup/deathstar_patches/SES/jdk-1_5_0_22-linux-i586.bin .
chmod 700 jdk-1_5_0_22-linux-i586.bin
./jdk-1_5_0_22-linux-i586.bin
yes
install OC4J just by copying over the directory
as oracle on aussearchdev
mkdir -p /d01/oracle/oc4j
cd /d01/oracle/oc4j
cp -r /mnt/oraclebackup/deathstar_patches/SES/oc4j/* .
ADF install
vi /mnt/oraclebackup/deathstar_patches/SES/adf/adfinstaller.properties
change the following
OracleHome = /mnt/oraclebackup/deathstar_patches/SES/adf
DesHome = /d01/oracle/oc4j/
type = OC4J
as root
cd /usr/bin
rm java
(yes)
ln -s /usr/local/jdk1.5.0_22/bin/java
su - oracle
java -version should now return 1.5.0_22
export JAVA_HOME=/usr/local/jdk1.5.0_22
cd /mnt/oraclebackup/deathstar_patches/SES/adf
java -jar runinstaller.jar -version
returns The version for the ADF libraries being installed is 10.1.3.41.57 - yes, that is apparently 10.1.3.3.
java -jar runinstaller.jar adfinstaller.properties
output looks good, do not be concerned by
WARNING: 'Could not delete: /d01/oracle/oc4j/BC4J/redist/bc4j' whilst deleting bc4j application
WARNING: 'Could not delete: /d01/oracle/oc4j/BC4J/redist/datatags' whilst deleting datatags application
as it was trying to delete the old version that didn't exist
Start OC4J
as oracle on aussearchdev
export JAVA_HOME=/usr/local/jdk1.5.0_22
export ORACLE_HOME=/d01/oracle/oc4j
cd $ORACLE_HOME/bin
./oc4j -start
you will be prompted for password - we're setting it. use XXXXXXXXXX
after it's up, kill it (ctrl-c) and restart it with
nohup ./oc4j -start &
last lines in nohup.out is
Starting OC4J from /d01/oracle/oc4j/j2ee/home ...
10/02/23 03:22:38 Oracle Containers for J2EE 10g (10.1.3.3.0) initialized
So now on to search modeler installation, going by Installation steps in Note 781366.1
8326128 - This is not a patch to be applied to the Apps, keep reading
as oracle on aussearchdev
cd /mnt/oraclebackup/deathstar_patches/SES/8326128
mkdir -p /d01/oracle/oc4j/uploaded
vi build.properties, changing
installation.type=OC4J
oracle.home=/d01/oracle/oc4j
deploy.server=aussearchdev.domainname.com
deploy.port=23791
web.port=7777
password=XXXXXXXXX
extra.classpath=/d01/oracle/oc4j/uploaded
now set the following environment values in your ssh session
export ORACLE_HOME=/d01/oracle/oc4j
export JAVA_HOME=/usr/local/jdk1.5.0_22
export PATH=$ORACLE_HOME/ant/bin:$ORACLE_HOME/bin:$PATH
ant main
whole bunch of stuff to screen, errors due to undeploy something that doesn't exist. Finished after a minute with
BUILD SUCCESSFUL
Total time: 58 seconds
Now on to post install steps
restart OC4j
cd $ORACLE_HOME/bin
./modeler.sh -shutdown -port 23791 -password r*l*r*0*
export ORACLE_HOME=/d01/oracle/oc4j
export JAVA_HOME=/usr/local/jdk1.5.0_22
export PATH=$ORACLE_HOME/ant/bin:$ORACLE_HOME/bin:$PATH
nohup ./modeler.sh -start &
end of nohup.out should show
Starting OC4J from /d01/oracle/oc4j/j2ee/home ...
Try going to http://aussearchdev:8888/modeler/faces/ModelerHome.jsp
Should get login screen, but wait, we haven't installed Oracle Apps interface yet...
Next let's do the Apps side of things
Going by note 953378.1
Using ERNIE (a development instance of E-Business Suite running 11.5.10.2 ATG RUP 7)
as applmgr on ausernieapp (ausernieapp is our app tier)
shut down apps services
apps patch 8225631
verify all the pre-req patches are in ERNIE
select * from ad_bugs where bug_number = '5903765';
select * from ad_bugs where bug_number = '6372396';
select * from ad_bugs where bug_number = '3219567';
select * from ad_bugs where bug_number = '3264822';
select * from ad_bugs where bug_number = '3261254';
select * from ad_bugs where bug_number = '5161676';
select * from ad_bugs where bug_number = '3036401';
select * from ad_bugs where bug_number = '3263588';
select * from ad_bugs where bug_number = '3264818';
select * from ad_bugs where bug_number = '3218526';
select * from ad_bugs where bug_number = '3263645';
select * from ad_bugs where bug_number = '4206794';
select * from ad_bugs where bug_number = '3262486';
select * from ad_bugs where bug_number = '3261243';
select * from ad_bugs where bug_number = '2614213';
select * from ad_bugs where bug_number = '3262159';
select * from ad_bugs where bug_number = '2819091';
select * from ad_bugs where bug_number = '3412795';
patch went in smooth
Log in to ERNIE Apps GUI as sysadmin user responsibility
Give users such as sysadmin FND Search Crawler responsibility
Go to system profile options, set
set FND: Search Enabling Flag to Y at site level
as applmgr on ausernieapp
cd /d01/oracle/ernieappl/fnd/11.5.0/patch/115/sql
sqlplus apps/$APPS_PWD @AFSRCHCF
Enter SES endpoint URL [e.g. http://ap637atg.us.oracle.com:7780]: http://aussearchdev.domainname.com:7777
Enter Apps Admin username [e.g. sysadmin]: sysadmin
Enter Apps Admin password: sysadmin_password
Enter SES Admin username [e.g. eqsys]: eqsys
Enter SES Admin password: eqsyspassword <-- This is the same as sys's password
on aussearchdev as oracle
had to kill modeler and start all the processes, so
kill -9 the modeler oc4j process, then
cd $ORACLE_HOME/bin
./searchctl startall
enter the password when prompted
in IE browser go to
http://aussearchdev.domainname.com:7777/search/admin
log in with eqsys password
global settings tab
identity management setup
click circle next to oracle.search.plugin.security.identity.ebs.EBS12IdentityPliginMgr
(yes, we're going with 12 even though we use Oracle Apps 11i)
http end point https://ausernieapp.domainname.com:8443/webservices/AppSearch/SecurityService
username sysadmin
password XXXXXXX
finish
Global Settings
Federation Trusted Entitites
####entity name sysadmin
####Entity Password XXXXXXXX
According to web conference with Oracle, this should NOT be eqsys but instead be sysadmin from above.
Select the Use Entity Plug-in for authentication check box
add
Trying to go to http://aussearchdev.domainname.com:7777/search/query/search and login (sysadmin / password)
stop midtier on both SES and Apps
cd $ORACLE_HOME/bin
./searchctl stopall
./adstpall.sh apps/$APPS_PWD on EBS app tier
start midtier on both SES and Apps
cd $ORACLE_HOME/bin
./searchctl startall
./adstrtal.sh apps/$APPS_PWD on EBS app tier
Now try and log in to Oracle SES user interface to verify the configuration
http://aussearchdev.domainname.com:7777/search/query
Now start up modeler again
export JAVA_HOME=/usr/local/jdk1.5.0_22
export ORACLE_HOME=/d01/oracle/oc4j
export PATH=$ORACLE_HOME/bin:$PATH
cd $ORACLE_HOME/bin
nohup ./modeler.sh -start &
Works now.
Now go to http://aussearchdev.domainname.com:8888/modeleradmin/AdminHome.jsp log in as oc4jadmin/XXXXXXX
Configure new target
Target Type 11i
Description ERNIE
Name ERNIE
EBS Database Host Name auserniedb
EBS Database Port 1521
EBS Database SID ERNIE
username apps
password XXXXXXXXx
oc4jadmin XXXXXXXx
export JAVA_HOME=/usr/local/jdk1.5.0_22
export ORACLE_HOME=/d01/oracle/oc4j
export PATH=$ORACLE_HOME/bin:$PATH
cd $ORACLE_HOME/j2ee/home
java -jar admin_client.jar deployer:oc4j:aussearchdev oc4jadmin XXXXXXXXX -addDataSourceConnectionPool -name "ERNIE2-pool" -factoryClass "oracle.jdbc.pool.OracleDataSource" -dbUser "apps" -dbPassword "XXXXXXX" -url "jdbc:oracle:thin:@auserniedb.domainname.com:1521:ERNIE" -applicationName appsearch
java -jar admin_client.jar deployer:oc4j:aussearchdev oc4jadmin XXXXXXX -addManagedDataSource -name "ERNIEDS" -jndiLocation "jdbc/ERNIEDS" -connectionPoolName "ERNIE2-pool" -applicationName appsearch
http://aussearchdev.domainname.com:8888/modeler/faces/ModelerHome.jsp
So, creating a self signed SSL certificate for ERNIE EBS instance (this will not work if you use an SSL certificate for another server like say, PROD)
doing this on ausernieapp
openssl genrsa -des3 -out ausernieapp.key 1024
PEM key is ausernieapp
openssl req -new -key ausernieapp.key -out ausernieapp.csr
PEM key is ausernieapp
Country US
State Texas
Locality Austin
Organization Name Corporation
Organizational Unit Name Information Technology
Common Name ausernieapp.domainname.com
Email address [email protected]
No challenge password
No optional company name
Now let's remove the passphrase from the key
cp ausernieapp.key ausernieapp.key.orig
openssl rsa -in ausernieapp.key.orig -out ausernieapp.key
Now let's generate a self-signed certificate
openssl x509 -req -days 1000 -in ausernieapp.csr -signkey ausernieapp.key -out ausernieapp.crt
Install the private key and certificate
cd $IAS_ORACLE_HOME/Apache/Apache/conf/ssl.crt
cp server.crt server.crt.backup.03102010
chown applmgr:applmgr server.crt.backup.03102010
cp $HOME/ausernieapp.crt /d01/oracle/ernieora/new/iAS/Apache/Apache/conf/ssl.crt/server.crt
cd $IAS_ORACLE_HOME/Apache/Apache/conf/ssl.key/
cp server.key server.key.backup.03102010
cp $HOME/ausernieapp.key /d01/oracle/ernieora/new/iAS/Apache/Apache/conf/ssl.key/server.key
chown applmgr:applmgr server.key.backup.03102010
bounce apache as applmgr
cd /d01/oracle/erniecomn/admin/scripts/ERNIE_ausernieapp
./adapcctl.sh stop
./adapcctl.sh start
In IE
https://ausernieapp.domainname.com:8443
Continue
Click on Certificate Error next to URL bar
Install Certificate -> Next-> Place all certificates in the following store -> trusted root certificate authorities ->finish
close browser, back to https://ausernieapp.domainname.com:8443
no errors,
Next step will be to import key into the SES and Search modelers
as oracle on aussearchdev
cd /d01/oracle/10.1.8/sesdev/jdk/jre/lib/security/
cp cacerts cacerts.backup.03102010
scp root@ausernieapp:/root/ausernieapp.crt .
export LANG=c
export PATH=$ORACLE_HOME/jdk/bin:$PATH
keytool -keystore ./cacerts -storepass changeit -alias rootausernieapp -import -trustcacerts -file ausernieapp.crt
--output
Owner: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Issuer: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Serial number: b4e92089cf73076f
Valid from: Wed Mar 10 13:22:38 CST 2010 until: Tue Dec 04 13:22:38 CST 2012
Certificate fingerprints:
MD5: 2C:6B:EE:1A:63:6D:XX:A6:05:90:F6:XX:DD:88:F7:80
SHA1: F8:DC:E5:2A:3E:68:XX:E1:EA:E4:75:AE:CC:4F:4A:10:2F:8A:FE:9B
Trust this certificate? [no]: yes
Certificate was added to keystore
Now load our cert
keytool -keystore ./cacerts -import -trustcacerts -file ausernieapp.crt
keytool -list -v -keystore ./cacerts now shows
Alias name: rootausernieapp
Creation date: Mar 10, 2010
Entry type: trustedCertEntry
Owner: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Issuer: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Serial number: b4e92089cf73076f
Valid from: Wed Mar 10 13:22:38 CST 2010 until: Tue Dec 04 13:22:38 CST 2012
Certificate fingerprints:
MD5: 2C:6B:EE:1A:63:6D:CB:XX:05:90:F6:78:DD:88:F7:80
SHA1: F8:DC:E5:2A:3E:68:9C:CE:EA:4E:75:AE:CC:FA:9E:10:2F:8A:FE:9B
Now we need to load it into the search modeler keystore
as root on aussearchdev
export JAVA_HOME=/usr/local/jdk1.5.0_22/
export PATH=$JAVA_HOME/bin:$PATH
cd /usr/local/jdk1.5.0_22/jre/lib/security/
scp root@ausernieapp:/root/ausernieapp.crt .
output
keytool -keystore ./cacerts -import -trustcacerts -file ausernieapp.crt
Enter keystore password: changeit
Owner: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Issuer: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Serial number: b4e92089cf73076f
Valid from: Wed Mar 10 13:22:38 CST 2010 until: Tue Dec 04 13:22:38 CST 2012
Certificate fingerprints:
MD5: 2C:6B:EE:1A:63:6D:CB:A1:05:90:F6:78:DD:88:F7:80
SHA1: F8:DC:E5:2A:3E:68:9C:CE:EA:4E:75:AE:CC:4F:9E:10:2F:8A:FE:9B
Trust this certificate? [no]: yes
Certificate was added to keystore
[root@aussearchdev security]#
output
For troubleshooting, if you go to end of /d01/oracle/10.1.8/sesdev/search/data/config/crawler.dat
you can modify the logLevel from the default of 4 to 2 to get better debug data. No services need to be restarted, it will become active with the next crawl.
While talking with Oracle, they mentioned the following patches
The patches identified 8321527 and 7586924 are SES patches to help with indexing
They also identified patch 9103851 which is an apps patch dealing with responsibilities <-- This is not yet available
Applying patch 7586924
as oracle on aussearchdev
cd $ORACLE_HOME/bin
./searchctl stopall
cd /mnt/oraclebackup/deathstar_patches/SES/post_patches/7586924
opatch apply
cd $ORACLE_HOME/bin
./searchctl startall
sqlplus eqsys/XXXXXX@SESDEV
define SCH_NAME=EQSYS
define PROXY_USER=EQPROXY
define INST_USER=EQ_TEST
@$ORACLE_HOME/search/admin/eq0pkh.sql
@$ORACLE_HOME/search/admin/eq0plb.sql
@$ORACLE_HOME/search/admin/eq0bug_7586924.sql
cd $ORACLE_HOME/search/data/config/
cp crawler.dat crawler.dat.backup.03102010
vi crawler.dat
We're using the Oracle E-Business Suite R12 crawler, so we will add the line
USE_IN_MEMORY_QUEUE Oracle E-Business Suite R12
as the line immediately preceding IMPORT -
so the end of the file looks like this:
# system properies: separated by space for multiple system properties or define multiple SYSTEM_PROPERTIES
# logLevel values: DEBUG(2), INFO(4), WARN(6), ERROR(8), FATAL(10)
SYSTEM_PROPERTIES -Doracle.search.logLevel=4 -Doracle.search.log=oracle.search.util.Log4jImpl
USE_IN_MEMORY_QUEUE Oracle E-Business Suite R12
IMPORT -
Now on to patch 8321527
cd /mnt/oraclebackup/deathstar_patches/SES/post_patches/8321527
cd $ORACLE_HOME/bin
./searchctl stopall
cd -
opatch apply
cd $ORACLE_HOME/bin
./searchctl startall
sqlplus eqsys/XXXXXXX@SESDEV
define SCH_NAME=EQSYS
define PROXY_USER=EQPROXY
select object_name from user_objects where status = 'INVALID';
--should be no rows selected
@$ORACLE_HOME/search/admin/eq0pkh.sql
@$ORACLE_HOME/search/admin/eq0plb.sql
--should be no rows selected
restart SES
cd -
./searchctl stopall
./searchctl startallBelow are all the steps I took for creating integrating Search Modeler with an Oracle E-Business Suite 11.5.10.2 ATG RUP 7 instance called ERNIE.
Much thanks to Oracle Support ( Rajesh Ghosh, Vikas Soolapani and Roger Ford), as this simply wouldn't have been possible without them.
There are a few things in this document that may not be pertinent to your environment if you're doing this. I've made attempts to clarify those possibly optional sections in the documentation.
I've broken the document down into the following multiple parts
o Setting up a new RedHat 4.8 x86 server called ausSEARCHdev (The server is in AUStin, TX, is dedicated to SEARCH, and is for our DEV environment)
o SES (Secure Enterprise Search 10.1.8.2 install
o SES 10.1.8.4 patchset install
o SES CPU patch apply
o Standalone OC4J and ADF installation
o Search Modeler installation and configuration
o Configure ERNIE Apps instance to be on valid self-signed SSL certificate
o Import ERNIE SSL certificate into SES and Search Modeler
using aussearchdev initially
rh4 x86, default oracle build
** htop and collectl are open source free performance monitoring packages we utilize**
--start
install htop and collectl
wget http://dag.wieers.com/rpm/packages/htop/htop-0.7-1.el4.rf.i386.rpm
rpm -ivh htop-0.7-1.el4.rf.i386.rpm
wget http://downloads.sourceforge.net/project/collectl/collectl/collectl-3.4.0-4/collectl-3.4.0-4.noarch.rpm?use_mirror=voxel
rpm -ivh collectl-3.4.0-4.noarch.rpm
chkconfig collectl on
service collectl start
**We still need to install the necessary rpms so that collectl logs are compressed
--end
useradd -u 501 oracle
groupadd -g 504 dba
usermod -G 504 oracle
verification:
[root@aussearchdev ~]# su - oracle
[oracle@aussearchdev ~]$ id
uid=501(oracle) gid=501(oracle) groups=501(oracle),504(dba)
passwd oracle
** /mnt/oraclebackup is a network dumpspot we use to hold Software installs, RPMs, etc
** /mnt/rpms is a network dumpspot we use to hold ISOs for OS software such as Redhat Linux
mkdir /mnt/oraclebackup
mkdir /mnt/rpms
add the following to /etc/fstab
XXXXXXX:/patches/oraclebackup /mnt/oraclebackup nfs defaults,hard,nolock 0 0
XXXXXXX:/esxpress/nfs /mnt/rpms nfs rw,addr=XXX.XXX.XXX.XXX 0 0
mount /mnt/rpms
Next need to install various oracle needed RPMs.
cd /mnt/rpms/rh40_upd8/RedHat/RPMS/
rpm -ivh perl-Compress-Zlib-1.42-1.el4.i386.rpm
rpm -ivh libaio-devel-0.3.105-2.i386.rpm
rpm -ivh sysstat-5.0.5-25.el4.i386.rpm
rpm -ivh unixODBC-devel-2.2.11-1.RHEL4.1.i386.rpm
service collectl restart
cd /tmp
wget http://oss.oracle.com/el4/oracle-validated/oracle-validated-1.0.0-18.el4.i386.rpm
rpm -ivh oracle-validated-1.0.0-18.el4.i386.rpm
Now we should have all the RPMs we need.
cd /etc/sysconfig/oracle-validated
./oracle-validated-verify
cd /var/log/oracle-validated/results
more orakernel.log
uname -a
should return 2.6.9 or higher
rpm -qa|grep gcc-
should return 3.4.3 or higher
rpm -qa|grep glibc
should return 2.3.4-2.9 or higher
rpm -qa|grep make
should return 3.80 or higher
rpm -qa|grep binutils
should return 2.15.92.0.2 or higher
rpm -qa|grep openmotif
should return 2.2.3-9.RHEL4.1 or higher
rpm -qa|grep compat-db
should return 4.1.25-9 or higher
rpm -qa|grep setarch
should return 1.6-1 or higher
cat /proc/sys/kernel/sem
should return 250 32000 100 128 or higher (250 32000 100 142 in our case)
cat /proc/sys/kernel/shmall (1073741824 in our case)
should return 2097152 or higher
cat /proc/sys/kernel/shmmax
should return half the size of physical memory (4294967295 in our case - NO LARGER on 32-bit OS)
cat /proc/sys/kernel/shmmni
should return 4096
cat /proc/sys/fs/file-max
should return 65536 (327679 in our case)
cat /proc/sys/net/ipv4/ip_local_port_range
should return 1024 65000
values in /etc/security/limits.conf set by oracle-validated rpm, no changes necessary
add the following line to /etc/pam.d/login
session required /lib/security/pam_limits.so
add the following to /etc/profile
if [ $USER = "oracle" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384 -n 65536
fi
fi
mkdir -p /d01/oracle
chmod 777 /d01/oracle
init 6 the box (aka reboot)
Time to start the SES 10.1.8.2 installer
running SES 10.1.8.2 installer
as oracle
cd /mnt/oraclebackup/deathstar_patches/SES/SES10182
./runInstaller
search server name sesprod
administrative password XXXXXXXX for dev,
http port 7777
destination path /d01/oracle/10.1.8/sesdev (dev)
data storage path /d01/oracle/sesdevdata (dev)
next
inventory /d01/oracle/oraInventory
dba group
run orainstroot.sh as requested
continue
all tests should pass, continue
finished clean
tried logging in to admin console at http://aussearchdev:7777/search/admin - worked fine
tried bringing up search query at http://aussearchdev:7777/search/query/search - worked fine
Now we need to get to 10.1.8.4 of SES
(yes, you need to keep the system up)
cd /mnt/oraclebackup/deathstar_patches/SES/SES10184/ses_10184pst_linux/
./runInstaller
Destination, choose sesdev
Next
Patchset successful
tried logging in to admin console at http://aussearchdev:7777/search/admin - worked fine
tried bringing up search query at http://aussearchdev:7777/search/query/search - worked fine
Apply CPU Patch to SES
CPU JAN 10 says patch 9119261 is required - but patch requires extended support contract
CPU OCT 09 says patch 8836540 is required - but patch requires extended support contract
CPU JUL 09 says patch 8534394 is required - but patch requires extended support contract
CPU APR 09 says patch 8290534 is required - and you can actually download it
Need opatch from 6880880
cp -r /mnt/oraclebackup/deathstar_patches/SES/CPUAPR09/OPatch $ORACLE_HOME
export PATH=$ORACLE_HOME/OPatch:$PATH
shut down everything
cd $ORACLE_HOME/bin
./searchctl stopall
cd /mnt/oraclebackup/deathstar_patches/SES/CPUAPR09/8290534
opatch apply
cd $ORACLE_HOME/cpu/CPUApr2009
**Note: your sys password is what you set for your administrative password above
sqlplus "sys/XXXXXX" as sysdba;
startup
@catcpu
@?/rdbms/admin/utlrp
shutdown immediate
exit
cd /d01/oracle/10.1.8/sesdev/cpu/view_recompile/
sqlplus "sys/XXXXXXX" as sysdba;
startup upgrade;
@view_recompile_jan2008cpu.sql
@?/rdbms/admin/utlrp
shutdown immediate
cd /d01/oracle/10.1.8/sesdev/jdk/jre/lib/ext
mv mail.jar $HOME/mail.jar.backup02222010
mv mailapi.jar $HOME/mailapi.jar.back02222010
cp /d01/oracle/10.1.8/sesdev/search/lib/mail.jar .
SES 10.1.8.4 is now installed and updated with latest available CPU
tried logging in to admin console at http://aussearchdev:7777/search/admin - worked fine
tried bringing up search query at http://aussearchdev:7777/search/query/search - worked fine
we're going to go with the standalone OC4j 10.1.3.3 and Oracle ADF 10.1.3.3 method
The URLs for these products are
http://blogs.oracle.com/ebssearch/2009/10/available_now_oracle_search_modeler_11_for_oracle_e-business_suite_11i.html
and specifically
OC4J - http://download.oracle.com/otn/java/oc4j/101330/oc4j_extended_101330.zip
ADF - http://www.oracle.com/technology/software/products/jdev/htdocs/adfinstaller10133.html
OC4J install
First you need to have Java 1.5 on the machine. Latest is 1.5.0_22. Package is in /mnt/oraclebackup/deathstar_patches/SES
as root on aussearchdev
cd /usr/local
cp /mnt/oraclebackup/deathstar_patches/SES/jdk-1_5_0_22-linux-i586.bin .
chmod 700 jdk-1_5_0_22-linux-i586.bin
./jdk-1_5_0_22-linux-i586.bin
yes
install OC4J just by copying over the directory
as oracle on aussearchdev
mkdir -p /d01/oracle/oc4j
cd /d01/oracle/oc4j
cp -r /mnt/oraclebackup/deathstar_patches/SES/oc4j/* .
ADF install
vi /mnt/oraclebackup/deathstar_patches/SES/adf/adfinstaller.properties
change the following
OracleHome = /mnt/oraclebackup/deathstar_patches/SES/adf
DesHome = /d01/oracle/oc4j/
type = OC4J
as root
cd /usr/bin
rm java
(yes)
ln -s /usr/local/jdk1.5.0_22/bin/java
su - oracle
java -version should now return 1.5.0_22
export JAVA_HOME=/usr/local/jdk1.5.0_22
cd /mnt/oraclebackup/deathstar_patches/SES/adf
java -jar runinstaller.jar -version
returns The version for the ADF libraries being installed is 10.1.3.41.57 - yes, that is apparently 10.1.3.3.
java -jar runinstaller.jar adfinstaller.properties
output looks good, do not be concerned by
WARNING: 'Could not delete: /d01/oracle/oc4j/BC4J/redist/bc4j' whilst deleting bc4j application
WARNING: 'Could not delete: /d01/oracle/oc4j/BC4J/redist/datatags' whilst deleting datatags application
as it was trying to delete the old version that didn't exist
Start OC4J
as oracle on aussearchdev
export JAVA_HOME=/usr/local/jdk1.5.0_22
export ORACLE_HOME=/d01/oracle/oc4j
cd $ORACLE_HOME/bin
./oc4j -start
you will be prompted for password - we're setting it. use XXXXXXXXXX
after it's up, kill it (ctrl-c) and restart it with
nohup ./oc4j -start &
last lines in nohup.out is
Starting OC4J from /d01/oracle/oc4j/j2ee/home ...
10/02/23 03:22:38 Oracle Containers for J2EE 10g (10.1.3.3.0) initialized
So now on to search modeler installation, going by Installation steps in Note 781366.1
8326128 - This is not a patch to be applied to the Apps, keep reading
as oracle on aussearchdev
cd /mnt/oraclebackup/deathstar_patches/SES/8326128
mkdir -p /d01/oracle/oc4j/uploaded
vi build.properties, changing
installation.type=OC4J
oracle.home=/d01/oracle/oc4j
deploy.server=aussearchdev.domainname.com
deploy.port=23791
web.port=7777
password=XXXXXXXXX
extra.classpath=/d01/oracle/oc4j/uploaded
now set the following environment values in your ssh session
export ORACLE_HOME=/d01/oracle/oc4j
export JAVA_HOME=/usr/local/jdk1.5.0_22
export PATH=$ORACLE_HOME/ant/bin:$ORACLE_HOME/bin:$PATH
ant main
whole bunch of stuff to screen, errors due to undeploy something that doesn't exist. Finished after a minute with
BUILD SUCCESSFUL
Total time: 58 seconds
Now on to post install steps
restart OC4j
cd $ORACLE_HOME/bin
./modeler.sh -shutdown -port 23791 -password r*l*r*0*
export ORACLE_HOME=/d01/oracle/oc4j
export JAVA_HOME=/usr/local/jdk1.5.0_22
export PATH=$ORACLE_HOME/ant/bin:$ORACLE_HOME/bin:$PATH
nohup ./modeler.sh -start &
end of nohup.out should show
Starting OC4J from /d01/oracle/oc4j/j2ee/home ...
Try going to http://aussearchdev:8888/modeler/faces/ModelerHome.jsp
Should get login screen, but wait, we haven't installed Oracle Apps interface yet...
Next let's do the Apps side of things
Going by note 953378.1
Using ERNIE (a development instance of E-Business Suite running 11.5.10.2 ATG RUP 7)
as applmgr on ausernieapp (ausernieapp is our app tier)
shut down apps services
apps patch 8225631
verify all the pre-req patches are in ERNIE
select * from ad_bugs where bug_number = '5903765';
select * from ad_bugs where bug_number = '6372396';
select * from ad_bugs where bug_number = '3219567';
select * from ad_bugs where bug_number = '3264822';
select * from ad_bugs where bug_number = '3261254';
select * from ad_bugs where bug_number = '5161676';
select * from ad_bugs where bug_number = '3036401';
select * from ad_bugs where bug_number = '3263588';
select * from ad_bugs where bug_number = '3264818';
select * from ad_bugs where bug_number = '3218526';
select * from ad_bugs where bug_number = '3263645';
select * from ad_bugs where bug_number = '4206794';
select * from ad_bugs where bug_number = '3262486';
select * from ad_bugs where bug_number = '3261243';
select * from ad_bugs where bug_number = '2614213';
select * from ad_bugs where bug_number = '3262159';
select * from ad_bugs where bug_number = '2819091';
select * from ad_bugs where bug_number = '3412795';
patch went in smooth
Log in to ERNIE Apps GUI as sysadmin user responsibility
Give users such as sysadmin FND Search Crawler responsibility
Go to system profile options, set
set FND: Search Enabling Flag to Y at site level
as applmgr on ausernieapp
cd /d01/oracle/ernieappl/fnd/11.5.0/patch/115/sql
sqlplus apps/$APPS_PWD @AFSRCHCF
Enter SES endpoint URL [e.g. http://ap637atg.us.oracle.com:7780]: http://aussearchdev.domainname.com:7777
Enter Apps Admin username [e.g. sysadmin]: sysadmin
Enter Apps Admin password: sysadmin_password
Enter SES Admin username [e.g. eqsys]: eqsys
Enter SES Admin password: eqsyspassword <-- This is the same as sys's password
on aussearchdev as oracle
had to kill modeler and start all the processes, so
kill -9 the modeler oc4j process, then
cd $ORACLE_HOME/bin
./searchctl startall
enter the password when prompted
in IE browser go to
http://aussearchdev.domainname.com:7777/search/admin
log in with eqsys password
global settings tab
identity management setup
click circle next to oracle.search.plugin.security.identity.ebs.EBS12IdentityPliginMgr
(yes, we're going with 12 even though we use Oracle Apps 11i)
http end point https://ausernieapp.domainname.com:8443/webservices/AppSearch/SecurityService
username sysadmin
password XXXXXXX
finish
Global Settings
Federation Trusted Entitites
####entity name sysadmin
####Entity Password XXXXXXXX
According to web conference with Oracle, this should NOT be eqsys but instead be sysadmin from above.
Select the Use Entity Plug-in for authentication check box
add
Trying to go to http://aussearchdev.domainname.com:7777/search/query/search and login (sysadmin / password)
stop midtier on both SES and Apps
cd $ORACLE_HOME/bin
./searchctl stopall
./adstpall.sh apps/$APPS_PWD on EBS app tier
start midtier on both SES and Apps
cd $ORACLE_HOME/bin
./searchctl startall
./adstrtal.sh apps/$APPS_PWD on EBS app tier
Now try and log in to Oracle SES user interface to verify the configuration
http://aussearchdev.domainname.com:7777/search/query
Now start up modeler again
export JAVA_HOME=/usr/local/jdk1.5.0_22
export ORACLE_HOME=/d01/oracle/oc4j
export PATH=$ORACLE_HOME/bin:$PATH
cd $ORACLE_HOME/bin
nohup ./modeler.sh -start &
Works now.
Now go to http://aussearchdev.domainname.com:8888/modeleradmin/AdminHome.jsp log in as oc4jadmin/XXXXXXX
Configure new target
Target Type 11i
Description ERNIE
Name ERNIE
EBS Database Host Name auserniedb
EBS Database Port 1521
EBS Database SID ERNIE
username apps
password XXXXXXXXx
oc4jadmin XXXXXXXx
export JAVA_HOME=/usr/local/jdk1.5.0_22
export ORACLE_HOME=/d01/oracle/oc4j
export PATH=$ORACLE_HOME/bin:$PATH
cd $ORACLE_HOME/j2ee/home
java -jar admin_client.jar deployer:oc4j:aussearchdev oc4jadmin XXXXXXXXX -addDataSourceConnectionPool -name "ERNIE2-pool" -factoryClass "oracle.jdbc.pool.OracleDataSource" -dbUser "apps" -dbPassword "XXXXXXX" -url "jdbc:oracle:thin:@auserniedb.domainname.com:1521:ERNIE" -applicationName appsearch
java -jar admin_client.jar deployer:oc4j:aussearchdev oc4jadmin XXXXXXX -addManagedDataSource -name "ERNIEDS" -jndiLocation "jdbc/ERNIEDS" -connectionPoolName "ERNIE2-pool" -applicationName appsearch
http://aussearchdev.domainname.com:8888/modeler/faces/ModelerHome.jsp
So, creating a self signed SSL certificate for ERNIE EBS instance (this will not work if you use an SSL certificate for another server like say, PROD)
doing this on ausernieapp
openssl genrsa -des3 -out ausernieapp.key 1024
PEM key is ausernieapp
openssl req -new -key ausernieapp.key -out ausernieapp.csr
PEM key is ausernieapp
Country US
State Texas
Locality Austin
Organization Name Corporation
Organizational Unit Name Information Technology
Common Name ausernieapp.domainname.com
Email address [email protected]
No challenge password
No optional company name
Now let's remove the passphrase from the key
cp ausernieapp.key ausernieapp.key.orig
openssl rsa -in ausernieapp.key.orig -out ausernieapp.key
Now let's generate a self-signed certificate
openssl x509 -req -days 1000 -in ausernieapp.csr -signkey ausernieapp.key -out ausernieapp.crt
Install the private key and certificate
cd $IAS_ORACLE_HOME/Apache/Apache/conf/ssl.crt
cp server.crt server.crt.backup.03102010
chown applmgr:applmgr server.crt.backup.03102010
cp $HOME/ausernieapp.crt /d01/oracle/ernieora/new/iAS/Apache/Apache/conf/ssl.crt/server.crt
cd $IAS_ORACLE_HOME/Apache/Apache/conf/ssl.key/
cp server.key server.key.backup.03102010
cp $HOME/ausernieapp.key /d01/oracle/ernieora/new/iAS/Apache/Apache/conf/ssl.key/server.key
chown applmgr:applmgr server.key.backup.03102010
bounce apache as applmgr
cd /d01/oracle/erniecomn/admin/scripts/ERNIE_ausernieapp
./adapcctl.sh stop
./adapcctl.sh start
In IE
https://ausernieapp.domainname.com:8443
Continue
Click on Certificate Error next to URL bar
Install Certificate -> Next-> Place all certificates in the following store -> trusted root certificate authorities ->finish
close browser, back to https://ausernieapp.domainname.com:8443
no errors,
Next step will be to import key into the SES and Search modelers
as oracle on aussearchdev
cd /d01/oracle/10.1.8/sesdev/jdk/jre/lib/security/
cp cacerts cacerts.backup.03102010
scp root@ausernieapp:/root/ausernieapp.crt .
export LANG=c
export PATH=$ORACLE_HOME/jdk/bin:$PATH
keytool -keystore ./cacerts -storepass changeit -alias rootausernieapp -import -trustcacerts -file ausernieapp.crt
--output
Owner: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Issuer: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Serial number: b4e92089cf73076f
Valid from: Wed Mar 10 13:22:38 CST 2010 until: Tue Dec 04 13:22:38 CST 2012
Certificate fingerprints:
MD5: 2C:6B:EE:1A:63:6D:XX:A6:05:90:F6:XX:DD:88:F7:80
SHA1: F8:DC:E5:2A:3E:68:XX:E1:EA:E4:75:AE:CC:4F:4A:10:2F:8A:FE:9B
Trust this certificate? [no]: yes
Certificate was added to keystore
Now load our cert
keytool -keystore ./cacerts -import -trustcacerts -file ausernieapp.crt
keytool -list -v -keystore ./cacerts now shows
Alias name: rootausernieapp
Creation date: Mar 10, 2010
Entry type: trustedCertEntry
Owner: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Issuer: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Serial number: b4e92089cf73076f
Valid from: Wed Mar 10 13:22:38 CST 2010 until: Tue Dec 04 13:22:38 CST 2012
Certificate fingerprints:
MD5: 2C:6B:EE:1A:63:6D:CB:XX:05:90:F6:78:DD:88:F7:80
SHA1: F8:DC:E5:2A:3E:68:9C:CE:EA:4E:75:AE:CC:FA:9E:10:2F:8A:FE:9B
Now we need to load it into the search modeler keystore
as root on aussearchdev
export JAVA_HOME=/usr/local/jdk1.5.0_22/
export PATH=$JAVA_HOME/bin:$PATH
cd /usr/local/jdk1.5.0_22/jre/lib/security/
scp root@ausernieapp:/root/ausernieapp.crt .
output
keytool -keystore ./cacerts -import -trustcacerts -file ausernieapp.crt
Enter keystore password: changeit
Owner: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Issuer: [email protected], CN=ausernieapp.domainname.com, OU=Information Technology, O=Corporation, L=Austin, ST=Texas, C=US
Serial number: b4e92089cf73076f
Valid from: Wed Mar 10 13:22:38 CST 2010 until: Tue Dec 04 13:22:38 CST 2012
Certificate fingerprints:
MD5: 2C:6B:EE:1A:63:6D:CB:A1:05:90:F6:78:DD:88:F7:80
SHA1: F8:DC:E5:2A:3E:68:9C:CE:EA:4E:75:AE:CC:4F:9E:10:2F:8A:FE:9B
Trust this certificate? [no]: yes
Certificate was added to keystore
[root@aussearchdev security]#
output
For troubleshooting, if you go to end of /d01/oracle/10.1.8/sesdev/search/data/config/crawler.dat
you can modify the logLevel from the default of 4 to 2 to get better debug data. No services need to be restarted, it will become active with the next crawl.
While talking with Oracle, they mentioned the following patches
The patches identified 8321527 and 7586924 are SES patches to help with indexing
They also identified patch 9103851 which is an apps patch dealing with responsibilities <-- This is not yet available
Applying patch 7586924
as oracle on aussearchdev
cd $ORACLE_HOME/bin
./searchctl stopall
cd /mnt/oraclebackup/deathstar_patches/SES/post_patches/7586924
opatch apply
cd $ORACLE_HOME/bin
./searchctl startall
sqlplus eqsys/XXXXXX@SESDEV
define SCH_NAME=EQSYS
define PROXY_USER=EQPROXY
define INST_USER=EQ_TEST
@$ORACLE_HOME/search/admin/eq0pkh.sql
@$ORACLE_HOME/search/admin/eq0plb.sql
@$ORACLE_HOME/search/admin/eq0bug_7586924.sql
cd $ORACLE_HOME/search/data/config/
cp crawler.dat crawler.dat.backup.03102010
vi crawler.dat
We're using the Oracle E-Business Suite R12 crawler, so we will add the line
USE_IN_MEMORY_QUEUE Oracle E-Business Suite R12
as the line immediately preceding IMPORT -
so the end of the file looks like this:
# system properies: separated by space for multiple system properties or define multiple SYSTEM_PROPERTIES
# logLevel values: DEBUG(2), INFO(4), WARN(6), ERROR(8), FATAL(10)
SYSTEM_PROPERTIES -Doracle.search.logLevel=4 -Doracle.search.log=oracle.search.util.Log4jImpl
USE_IN_MEMORY_QUEUE Oracle E-Business Suite R12
IMPORT -
Now on to patch 8321527
cd /mnt/oraclebackup/deathstar_patches/SES/post_patches/8321527
cd $ORACLE_HOME/bin
./searchctl stopall
cd -
opatch apply
cd $ORACLE_HOME/bin
./searchctl startall
sqlplus eqsys/XXXXXXX@SESDEV
define SCH_NAME=EQSYS
define PROXY_USER=EQPROXY
select object_name from user_objects where status = 'INVALID';
--should be no rows selected
@$ORACLE_HOME/search/admin/eq0pkh.sql
@$ORACLE_HOME/search/admin/eq0plb.sql
--should be no rows selected
restart SES
cd -
./searchctl stopall
./searchctl startall
Maybe you are looking for
-
My client sent out an email campaign to 81 recipients. The campaign generated 25 hard bounces. Is there a way to get more detailed information about the reason for these bounces? We are trying to evaluate this result -- a high rate of hard bounces (o
-
How do I choose a different adobe ID in creative cloud?
I have a MAC which has had a previously had another Adobe ID installed on it (I don't have access to that account or the email address it's associated with). I'm trying to sign up with a new Adbobe ID I just created but every time I install the Creat
-
Can't attach a Pages doc in an iWeb created site
We have created a web site using iWeb for some private school tutoring. We have set up a blog page for the students to use as a type of discussion board. We have comments and attachments enabled. For some reason, iWeb will not allow any document crea
-
"Database Audit Specification" not available.
Hi all, Been asked by one of the developers to audit delete & insert for one night only so I thought to investigate built in auditing via "new Database Audit Specification". I am in the sysadmin role but no option to add a database audit, the serv
-
Re: what happens to the online number after expiry...
I recently got a skype number. I spread it out to my friends. Now I also get calls from somebody I don't know - apparently this number have been used. What should I do? Also, I don't want my contacts to (mistakenly) call some other person should I de