How to end a user decsion?
hi friends,
in my work flow these are the steps.
START
userdecission1
if yes .
continue.
else.
stop. "end of workflow.
userdecission2
if yes
continue.
else.
stop. " here i want go to end of workflow. but it's going for next userdecission3.
userdecission3
if yes
continue.
else.
stop.
END
this is the process in my workflow. now the problem is..
in first userdecission1.
if it's yes then it's going for next step.
if it's no then directly it goes to workflow END.
in second userdecission2.
if it's yes then it's going for next step.
it it's no then it's going next USEDECISSION3 step. But, here i want it's has to go to END of work flow.
how to connect it directly to END of workflow.
Regards,
Shankar.
Hi,
As there are three user-decision.
According to ur requirement if u want to stop the processisng anywhere in wf.
U have to use Process-control step-type.
this is used to complete n obsolete the work-item/workflow.
u have to choose complete workflow according to reqt.
Thanks,
Mamta
Similar Messages
-
How Front End pool deals with fail over to keep user state?
Hello to all, I searched a lot of articles to understand how Lync 2010 keeps user state if a fail happens in a Front Pool node, but didn't find anything clear.
I found a MS info. about ths topic : " The Front End Servers maintain transient information—such as logged-on state and control information for an IM, Web, or audio/video (A/V) conference—only for the duration of a user’s session.
This configuration
is an advantage because in the event of a Front End Server failure, the clients connected to that server can quickly reconnect to another Front End Server that belongs to the same Front End pool. "
As I read, the client uses DNS to reconnect to another Front End in the pool. When it reconnects to an available server, does he lose what he/she was doing at Lync client? Can the server that is now hosting his section recover all
"user's session data"? Is positive, how?
Regards, EEOC.The presence information and other dynamic user data is stored in the RTCDYN database on the backend SQL database in a 2010 pool:
http://blog.insidelync.com/2011/04/the-lync-server-databases/ If you fail over to another pool member, this pool member has access to the same data.
Ongoing conversations and the like are cached at the workstation.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications -
Hi All.
How to end/terminate and assignment with end dated entered by user Apps R12.1?
when i try to end or terminate and assignemnt the sysdate is begin registered for effective_end date.
any help is reaaly greatly appriciated
thanks and regards
SoniHi Soni,
What is the end date you want to enter as. Are you talking about 31-Dec-4712. If not, please change the sytem effective date (calendar icon on the oracle menu) to the date you want to terminate and follow the termination process.
Thanks,
Avinash -
How to end user session correctly as sys or system user
Hi,
Database version Oracle 10.2.0.3
We have to end user sessions to update database content. We cant stop/shutdown the instance but we have to assure that some users are not logged on.
So we are looking for a solution to end some arbitrary user sessions as sys or system user without using the KILL USER SESSION option. We want to assure that the user sessions end correctly.
Is there a possibility or a command in Oracle 10g to end a user session correctly ?
Thanks for your assistance.http://download.oracle.com/docs/cd/B19306_01/server.102/b14200/statements_2013.htm#i2053602
I think DISCONNECT SESSION Clause is what you are looking for.
Let us know if this is not the case. -
How to check SSO user from database?
Hi:
I've posted this topic in Forms forum:
How to check SSO user from database?
then as I've been told, it's better to post it here, so ...... here is the question:
I'm writing a "before delete trigger" to insert into log table before delete. Is there a way that I know from database the current SSO user when SSO users share one database user?
Just like in Oracle Application Express there is v('APP_USER') to know the current user.
Saad,End users are manipulating data through Oracle Forms(and SSO through portal) and the thing I need is to trace the SSO username from database without modifying forms, I mean purely from database taking into consideration that SSO users are sharing one database user. Is it possible?
Saad, -
How do I remove user account with UID=0 (except of root)
Macbook Pro 13; I have Parallels software and did not realize I needed to upgrade to version 10 before upgrading to OS X Yosemite. I get an error stating Parallels 10 cannot be installed because there is a user account other than root that has UID=0. I checked UIDs in Terminal Utilities and there is one other username with UID=0 How do I remove username peggy?
MacBook-Pro:~ pmcvicar$ dscl . -list /Users UniqueID
_amavisd 83
_appleevents 55
_appowner 87
_appserver 79
_ard 67
_assetcache 235
_astris 245
_atsserver 97
_avbdeviced 229
_calendar 93
_ces 32
_clamav 82
_coreaudiod 202
_coremediaiod 236
_cvmsroot 212
_cvs 72
_cyrus 77
_devdocs 59
_devicemgr 220
_displaypolicyd 244
_distnote 241
_dovecot 214
_dovenull 227
_dpaudio 215
_eppc 71
_ftp 98
_geod 56
_iconservices 240
_installassistant 25
_installer 96
_jabber 84
_kadmin_admin 218
_kadmin_changepw 219
_krb_anonymous 234
_krb_changepw 232
_krb_kadmin 231
_krb_kerberos 233
_krb_krbtgt 230
_krbfast 246
_krbtgt 217
_launchservicesd 239
_lda 211
_locationd 205
_lp 26
_mailman 78
_mcxalr 54
_mdnsresponder 65
_mysql 74
_netbios 222
_netstatistics 228
_networkd 24
_nsurlsessiond 242
_nsurlstoraged 243
_pcastagent 55
_pcastlibrary 225
_pcastserver 56
_postfix 27
_postgres 216
_qtss 76
_sandbox 60
_screensaver 203
_scsd 31
_securityagent 92
_serialnumberd 58
_softwareupdate 200
_spotlight 89
_sshd 75
_svn 73
_taskgated 13
_teamsserver 94
_timezone 210
_tokend 91
_trustevaluationagent 208
_unknown 99
_update_sharing 95
_usbmuxd 213
_uucp 4
_warmd 224
_webauthserver 221
_windowserver 88
_www 70
_xcsbuildagent 237
_xcscredserver 238
_xgridagent 86
_xgridcontroller 85
daemon 1
deputydebi 504
Guest 201
nobody -2
peggy 0
pmcvicar 501
root 0
MacBook-Pro:~ pmcvicar$BobM53, That would be needed regardless of what front end my users log in with, in my case I was looking for them to access the DIT via the DSCC/DCC, which is not possible. Regardless, thank you for your reply, it is reassuring to know I am headed in the right direction.
I am now looking towards installing something else like Apache Directory Studio, or some other GUI for users to manage the directory.
I will most likely create one or more ACI's to build groups, adding members to those groups as needed; each group being allowed to perform functions such as create users, lockout users, add/modify hosts, etc.
I will most likely follow the steps outlined in:
Directory Server Groups, Roles, and CoS - 11g Release 1 (11.1.1.7.0)
Slightly OT, does anyone have a suitable and similar proven method to "lockdown" root accounts, and who has root access?
Thank you -
How to get All Users from OID LDAP
Hi all,
I have Oracle Internet Directory(OID) and have created the users in it manually.
Now I want to extract all the users from OID. How can I get Users from OID??
Any response will be appritiated. If some one could show me demo code for that I shall be greatful to you.
Thanks and reagards
Pravyhi,
the notes from metalink:
bgards
elvis
Doc ID: Note:276688.1
Subject: How to copy (export/import) the Portal database schemas of IAS 9.0.4 to another database
Type: BULLETIN
Status: PUBLISHED
Content Type: TEXT/X-HTML
Creation Date: 18-JUN-2004
Last Revision Date: 05-AUG-2005
How to copy (export/import) Portal database schemas of IAS 9.0.4 to another database
Note 276688.1
Download scripts Unix: Attachment 276688.1:1
Download Perl scripts (Unix/NT) :Attachment 276688.1:2
This article is being delivered in Draft form and may contain errors. Please use the MetaLink "Feedback" button to advise Oracle of any issues related to this article.
HISTORY
Version 1.0 : 24-JUN-2004: creation
Version 1.1 : 25-JUN-2004: added a link to download the scripts from Metalink
Version 1.2 : 29-JUN-2004: Import script: Intermedia indexes are recreated. Imported jobs are reassigned to Portal. ptlconfig replaces ptlasst.
Version 1.3 : 09-JUL-2004: Additional updates. Usage of iasconfig.xml. Need only 3 environment variables to import.
Version 1.4 : 18-AUG-2004: Remark about 9.2.0.5 and 10.1.0.2 database
Version 1.5 : 26-AUG-2004: Duplicate job id
Version 1.6 : 29-NOV-2004: Remark about WWC-44131 and WWSBR_DOC_CTX_54
Version 1.7 : 07-JAN-2005: Attached perl scripts (for NT/Unix) at the end of the note
Version 1.8 : 12-MAY-2005: added a work-around for the WWSTO_SESS_FK1 issue
Version 1.9 : 07-JUL-2005: logoff trigger and 9.0.1 database export, import in 10g database
Version 1.10: 05-AUG-2005: reference to the 10.1.2 note
PURPOSE
This document explains how to copy a Portal database schema from a database to another database.
It allows restoring the Portal repository and the OID security associated with Portal.
It can be used to go in production by copying physically a database from a development portal to a production environment and avoid to use the export/import utilities of Portal.
This note:
uses the export/import on the database level
allows the export/import to be done between different platforms
The script are Unix based and for the BASH shell. They can be adapted for other platforms.
For the persons familiar with this technics in Portal 9.0.2, there is a list of the main differences with Portal 9.0.2 at the end of the note.
These scripts are based on the experience of a lot of persons in Portal 902.
The scripts are attached to the note. Download them here: Attachment 276688.1:1 : exp_schema_904.zip
A new version of the script was written in Perl. You can also download them, here: Attachment 276688.1:2 : exp_schema_904_v2.zip. They do exactly the same than the bash ones. But they have the advantage of working on all platforms.
SCOPE & APPLICATION
This document is intented for Portal administrators. For using this note, you need basic DBA skills.
This notes is for Portal 9.0.4.x only. The notes for Portal 9.0.2 are :
Note 228516.1 : How to copy (export/import) Portal database schemas of IAS 9.0.2 to another database
Note 217187.1 : How to restore a cold backup of a Portal IAS 9.0.2 on another machine
The note for Portal 10.1.2 is:
Note 330391.1 : How to copy (export/import) Portal database schemas of IAS 10.1.2 to another databaseMethod
The method that we will follow in the document is the following one:
Export:
- export of the 4 portal schemas of a database (DEV / development)
- export the LDAP OID users and groups (optional)
Install a new machine with fresh IAS installation (PROD / production)
Import:
- delete the new and empty portal schema on PROD
- import the schemas in the production database in place of the deleted schemas
- import the LDAP OID users and groups (optional)
- modify the configuration such that the infrastructure uses the portal repository of the backup
- modify the configuration such that the portal repository uses the OID, webcache and SSO of the new infrastructure
The export and the import are divided in several steps. All of these steps are included in 2 sample scripts:
export : exp_portal_schema.sh
import : imp_portal_schema.sh
In the 2 scripts, all the steps are runned in one shot. It is just an example. Depending of the configuration and circonstance, all the steps can be runned independently.
Convention
Development (DEV) is the name of the machine where resides the copied database
Production (PROD) is the name of the machine where the database is copied
Prerequisite
Some prerequisite first.
A. Environment variables
To run the import/export, you will need 3 environment variables. In the given scripts, they are defined in 'portal_env.sh'
SYS_PASSWORD - the password of user sys in the Portal database
IAS_PASSWORD - the password of IAS
ORACLE_HOME - the ORACLE_HOME of the midtier
The rest of the settings are found automatically by reading the iasconfig.xml file and querying the OID. It is done in 'portal_automatic_env.sh'. I wish to write a note on iasconfig.xml and the way to transform it in usefull environment variables. But it is not done yet. In the meanwhile, you can read the old 902 doc, that explains the meaning of most variables :
< Note 223438.1 : Shell script to find your portal passwords, settings and place them in environment variables on Unix >
B. Definition: Cutter database
A 'Cutter Database' is the term used to designate a Database created by RepCA or OUI and that contains all the schemas used by a IAS 9.0.4 infrastructure. Even if in most cases, several schemas are not used.
In Portal 9.0.4, the option to install only the portal repository in an empty database has been removed. It has been replaced by RepCA, a tool that creates an infrastructure database. Inside all the infrastucture database schemas, there are the portal schemas.
This does not stop people to use 2 databases for running portal. One for OID and one for Portal. But in comparison with Portal 9.0.2, all schemas exist in both databases even if some are not used.
The main idea of Cutter database is to have only 1 database type. And in the future, simplify the upgrades of customer installation
For an installation where Portal and OID/SSO are in 2 separate databases, it looks like this
Portal 9.0.2 Portal 9.0.4
Infrastructure database
(INFRA_SID)
The infrastructure contains:
- OID (used)
- OEM (used)
- Single Sign-on / orasso (used)
- Portal (not used)
The infrastructure contains:
- OID (used)
- OEM (used)
- Single Sign-on / orasso (used)
- Portal (not used)
Portal database
(PORTAL_SID)
The custom Portal database contains:
- Portal (used)
The custom Portal database (is also an infrastructure):
- OID (not used)
- OEM (not used)
- Single Sign-on / orasso (not used)
- Portal (used)
Whatever, the note will suppose there is only one single database. But it works also for 2 databases installation like the one explained above.
C. Directory structure.
The sample scripts given inside this note will be explained in the next paragraphs. But first, the scripts are done to use a directory structure that helps to classify the files.
Here is a list of important files used during the process of export/import:
File Name
Description
exp_portal_schema.sh
Sample script that exports all the data needed from a development machine
imp_portal_schema.sh
Sample script that import all the data into a production machine
portal_env.sh
Script that defines the env variable specific to your system (to configure)
portal_automatic_env.sh
Helper script to get all the rest of the Portal settings automatically
xsl
Directory containing all the XSL files (helper scripts)
del_authpassword.xsl
Helper script to remove the authpassword tags in the DSML files
portal_env_unix.sql
Helper script to get Portal settings from the iasconfig.xml file
exp_data
Directory containing all the exported data
portal_exp.dmp
export on the database level of the portal, portal_app, ... database schemas
iasconfig.xml
copy the name of iasconfig.xml of the midtier of DEV. Used to get the hostname and port of Webcache
portal_users.xml
export from LDAP of the OID users used by Portal (optional)
portal_groups.xml export from LDAP of the OID groups used by Portal (optional)
imp_log
Directory containing several spool and logs files generated during the import
import.log Log file generated when running the imp command
ptlconfig.log
Log generated by ptlconfig when rewiring portal to the infrastructure.
Some other spool files.
D. Known limitations
The scripts given in this note have the following known limitations:
It does not copy the data stored in the SSO schema: external applications definitions and the passwords stored for them.
See in the post steps: SSO migration to know how to do.
The ssomig command resides in the Infrastructure Oracle home. And all commands of Portal in the Midtier home. And practically, these 2 Oracle homes are most of the time not on the same machine. This is the reason.
The export of the users in OID exports from the default user location:
ldapsearch .... -b "cn=users,dc=domain,dc=com"
This is not 100% correct. The users are by default stored in something like "cn=users,dc=domain,dc=com". So, if the users are stored in the default location, it works. But if this location (user install base) is customized, it does not work.
The reason is that such settings means that the LDAP most of the time highly customized. And I prefer that the administrator to copy the real LDAP himself. The right command will probably depend of the customer case. So, I prefered not to take the risk..
orclCommonNicknameAttribute must match in the Target and Source OID .
The orclCommonNicknameAttribute must match on both the source and target OID. By default this attribute is set to "uid", so if this has been changed, it must be changed in both systems.
Reference Note 282698.1
Migration of custom Java portlets.
The script migrates all the data of Portal stored in the database. If you have custom java portlet deployed in your development machine, you will need to copy them in the production system.
Step 1 - Export in Development (DEV)
To export a full Portal installation to another machine, you need to follow 3 steps:
Export at the database level the portal schemas + related schemas
Get the midtier hostname and port of DEV
Export of the users and groups with LDAPSEARCH in 2 XML files
A script combining all the steps is available here.
A. Export the 4 portals schemas (DEV)
You need to export 3 types of database schemas:
The 4 portal schemas created by default by the portal installation :
portal,
portal_app,
portal_demo,
portal_public
The schemas where your custom database portlets / providers resides (if any)
- The custom schemas you have created for storing your portlet / provider code
The schemas where your custom tables resides. (if any)
- Your custom schemas accessed by portal and containing only data (tables, views ...)
You can get an approximate list of the schemas: default portal schemas (1) and database portlets schemas (2) with this query.
SELECT USERNAME, DEFAULT_TABLESPACE, TEMPORARY_TABLESPACE
FROM DBA_USERS
WHERE USERNAME IN (user, user||'_PUBLIC', user||'_DEMO', user||'_APP')
OR USERNAME IN (SELECT DISTINCT OWNER FROM WWAPP_APPLICATION$ WHERE NAME != 'WWV_SYSTEM');
It still misses your custom schemas containing data only (3).
We will export the 4 schemas and your custom ones in an export file with the user sys.
Please, use a command like this one
exp userid="'sys/change_on_install@dev as sysdba'" file=portal_exp.dmp grants=y log=portal_exp.log owner=(portal,portal_app,portal_demo,portal_public)The result is a dump file: 'portal_exp.dmp'. If you are using a database 9.2.0.5 or 10.1.0.2, the database of the exp/imp dump file has changed. Please read this.
B. Hostname and port
For the URL to access the portal, you need the 2 following infos to run the script 'imp_portal_schema.sh below :
Webcache hostname
Webcache listen port
These values are contained in the iasconfig.xml file of the midtier.
iasconfig.xml
<IASConfig XSDVersion="1.0">
<IASInstance Name="ias904.dev.dev_domain.com" Host="dev.dev_domain.com" Version="9.0.4">
<OIDComponent AdminPassword="@BfgIaXrX1jYsifcgEhwxciglM+pXod0dNw==" AdminDN="cn=orcladmin" SSLEnabled="false" LDAPPort="3060"/>
<WebCacheComponent AdminPort="4037" ListenPort="7782" InvalidationPort="4038" InvalidationUsername="invalidator" InvalidationPassword="@BR9LXXoXbvW1iH/IEFb2rqBrxSu11LuSdg==" SSLEnabled="false"/>
<EMComponent ConsoleHTTPPort="1813" SSLEnabled="false"/>
</IASInstance>
<PortalInstance DADLocation="/pls/portal" SchemaUsername="portal" SchemaPassword="@BR9LXXoXbvW1c5ZkK8t3KJJivRb0Uus9og==" ConnectString="cn=asdb,cn=oraclecontext">
<WebCacheDependency ContainerType="IASInstance" Name="ias904.dev.dev_domain.com"/>
<OIDDependency ContainerType="IASInstance" Name="ias904.dev.dev_domain.com"/>
<EMDependency ContainerType="IASInstance" Name="ias904.dev.dev_domain.com"/>
</PortalInstance>
</IASConfig>
It corresponds to a portal URL like this:
http://dev.dev_domain.com:7782/pls/portalThe script exp_portal_schema.sh copy the iasconfig.xml file in the exp_data directory.
C. Export the security: users and groups (optional)
If you use other Single Sing-On uses than the portal user, you probably need to restore the full security, the users and groups stored in OID on the production machine. 5 steps need to be executed for this operation:
Export the OID entries with LDAPSEARCH
Before to import, change the domain in the generated file (optional)
Before to import, remove the 'authpassword' attributes from the generated files
Import them with LDAPADD
Update the GUID/DN of the groups in portal tables
Part 1 - LDAPSEARCH
The typical commands to do this operation look like this:
ldapsearch -h $OID_HOSTNAME -p $OID_PORT -X -b "cn=portal.040127.1384,cn=groups,dc=dev_domain,dc=com" -s sub "objectclass=*" > portal_group.xml
ldapsearch -h $OID_HOSTNAME -p $OID_PORT -X -D "cn=orcladmin" -w $IAS_PASSWORD -b "cn=users,dc=dev_domain,dc=com" -s sub "objectclass=inetorgperson" > portal_users.xmlTake care about the following points
The groups are stored in a LDAP directory containing the date of installation
( in this example: portal.040127.1384,cn=groups,dc=dev_domain,dc=com )
If the domain of dev and prod is different, the exported files contains the name of the development domain in the form of 'dc=dev_domain,dc=com' in a lot of place. The domain name needs to be replaced by the production domain name everywhere in the files.
Ldapsearch uses the option '- X '. It it to export to DSML files (XML). It avoids a problem related with common LDAP files, LDIF files. LDIF files are wrapped at 78 characters. The wrapping to 78 characters make difficult to change the domain name contained in the LDIF files. XML files are not wrapped and do not have this problem.
A sample script to export the 2 XML files is given here in : step 3 - export the users and groups (optional) of the export script.
Part 2 : change the domain in the DSML files
If the domain of dev and prod is different, the exported files contains the name of the development domain in the form of 'dc=dev_domain,dc=com' in a lot of place. The domain name need to be replaced by the production domain name everywhere in the files.
To do this, we can use these commands:
cat exp_data/portal_groups.xml | sed -e "s/$DEV_DN/$PROD_DN/" > imp_log/portal_groups.xml
cat exp_data/portal_users.xml | sed -e "s/$DEV_DN/$PROD_DN/" > imp_log/temp_users.xml
Part 3 : Remove the authpassword attribute
The export of all attributes from the all users has also exported an automatically generated attribute in OID called 'authpassword'.
'authpassword' is a list automatically generated passwords for several types of application. But mostly, it can not be imported. Also, there is no option in ldapsearch (that I know) that allows removing an attribute. In place of giving to the ldapsearch command the list of all the attributes that is very long, without 'authpassword', we will remove the attribute after the export.
For that we will use the fact that the DSML files are XML files. There is a XSLT in the Oracle IAS, in the executable '$ORACLE_HOME/bin/xml'. XSLT is a standard specification of the internet consortium W3C to transform a XML file with the help of a XSL file.
Here is the XSL file to remove the authpassword tag.
del_autpassword.xsl
<!--
File : del_authpassword.xsl
Version : 1.0
Author : mgueury
Description:
Remove the authpassword from the DSML files
-->
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xml:output method="xml"/>
<xsl:template match="*|@*|node()">
<xsl:copy>
<xsl:apply-templates select="*|@*|node()"/>
</xsl:copy>
</xsl:template>
<xsl:template match="attr">
<xsl:choose>
<xsl:when test="@name='authpassword;oid'">
</xsl:when>
<xsl:when test="@name='authpassword;orclcommonpwd'">
</xsl:when>
<xsl:otherwise>
<xsl:copy>
<xsl:apply-templates select="*|@*|node()"/>
</xsl:copy>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
</xsl:stylesheet>
And the command to make the transfomation:
xml -f -s del_authpassword.xsl -o imp_log/portal_users.xml imp_log/temp_users.xmlWhere :
imp_log/portal_users.xml is the final file without authpassword tags
imp_log/temp_users.xml is the input file with the authpassword tags that can not be imported.
Part 4 : LDAPADD
The typical commands to do this operation look like this:
ldapadd -h $OID_HOSTNAME -p $OID_PORT -D "cn=orcladmin" -w $IAS_PASSWORD -c -X portal_group.xml
ldapadd -h $OID_HOSTNAME -p $OID_PORT -D "cn=orcladmin" -w $IAS_PASSWORD -c -X portal_users.xmlTake care about the following points
Ldapadd uses the option ' -c '. Existing users/groups are generating an error. The option -c allows continuing and ignoring these errors. Whatever, the errors should be checked to see if it is just existing entries.
A sample script to import the 2 XML files given in the step 5 - import the users and groups (optional) of the import script.
Part 5 : Update the GUID/DN
In Portal 9.0.4, the update of the GUID is taken care by PTLCONFIG during the import. (Import step 7)
D. Example script for export
Here is a example script that combines the 3 steps.
Depending of you need, you will :
or execute all the steps
or just execute the 1rst one (export of the database users). It will be enough you just want to login with the portal user on the production instance.
if your portal repository resides in a database 9.2.0.5 or 10.1.0.2, please read this
you can download all the scripts here, Attachment 276688.1:1
Do not forget to modify the script to your need and mostly add the list of users like explained in point A above.
exp_portal_schema.sh
# BASH Script : exp_portal_schema.sh
# Version : 1.3
# Portal : 9.0.4.0
# History :
# mgueury - creation
# Description:
# This script export a portal dump file from a dev instance
# -------------------------- Environment variables --------------------------
. portal_env.sh
# In case you do not use portal_env.sh you have to define all the variables
# For exporting the dump file only.
# export SYS_PASSWORD=change_on_install
# export PORTAL_TNS=asdb
# For the security (optional)
# export IAS_PASSWORD=welcome1
# export PORTAL_USER=portal
# export PORTAL_PASSWORD=A1b2c3de
# export OID_HOSTNAME=development.domain.com
# export OID_PORT=3060
# export OID_DOMAIN_DN=dc=`echo $OID_HOSTNAME | cut -d '.' -f2,3,4,5,6 --output-delimiter=',dc='`
# ------------------------------ Help function -----------------------------------
function press_any_key() {
if [ $PRESS_ANY_KEY_AFTER_EACH_STEP = "Y" ]; then
echo
echo Press enter to continue
read $ANY_KEY
else
echo
fi
echo "------------------------------- Export ------------------------------------"
# create a directory for the export
mkdir exp_data
# copy the env variables in the log just in case
export > exp_data/exp_env_variable.txt
echo "--------------------- step 1 - export"
# export the portal users, but take care to add:
# - your users containing DB providers
# - your users containing data (tables)
exp userid="'sys/$SYS_PASSWORD@$PORTAL_TNS as sysdba'" file=exp_data/portal_exp.dmp grants=y log=exp_data/portal_exp.log owner=(portal,portal_app,portal_demo,portal_public)
press_any_key
echo "--------------------- step 2 - store iasconfig.xml file of the MIDTIER"
cp $MIDTIER_ORACLE_HOME/portal/conf/iasconfig.xml exp_data
press_any_key
echo "--------------------- step 3 - export the users and groups (optional)"
# Export the groups and users from OID in 2 XML files (not LDIF)
# The OID groups of portal are stored in GROUP_INSTALL_BASE that depends
# of the installation date.
# For the user, I use the default place. If it does not work,
# you can find the user place with:
# > exec dbms_output.put_line(wwsec_oid.get_user_search_base);
# Get the GROUP_INSTALL_BASE used in security export
sqlplus $PORTAL_USER/$PORTAL_PASSWORD@$PORTAL_TNS <<IASDB
set serveroutput on
spool exp_data/group_base.log
begin
dbms_output.put_line(wwsec_oid.get_group_install_base);
end;
IASDB
export GROUP_INSTALL_BASE=`grep cn= exp_data/group_base.log`
echo '--- Exporting Groups'
echo 'creating portal_groups.xml'
ldapsearch -h $OID_HOSTNAME -p $OID_PORT -X -s sub -b "$GROUP_INSTALL_BASE" -s sub "objectclass=*" > exp_data/portal_groups.xml
echo '--- Exporting Users'
echo 'creating portal_users.xml'
ldapsearch -h $OID_HOSTNAME -p $OID_PORT -D "cn=orcladmin" -w $IAS_PASSWORD -X -s sub -b "cn=users,$OID_DOMAIN_DN" -s sub "objectclass=inetorgperson" > exp_data/portal_users.xml
The script is done to run from the midtier.
Step 2 - Install IAS in a new machine (PROD)
A. Installation
This note does not distinguish if Portal is sharing the same database than Single-Sign On and OID. For simplicity, I will speak only about 1 database. But I could also create a second infrastructure database just for the portal repository. This way is better for production system, because the Portal repository is only product used in the 2nd database. Having 2 separate databases allows taking easily backup of the portal repository.
On the production machine, you need to install a fresh install of IAS 9.0.4. Take care to use :
the same IAS patchset 9.0.4.1, 9.0.4.2, ...on the middle-tier and infrastruture than in development
and same characterset than in development (or UTF8)
The result will be 2 ORACLE_HOMES and 1 infrastructure database:
the ORACLE_HOME of the infrastructure (SID:infra904)
the ORACLE_HOME of the midtier (SID:ias904)
an infrastructure database (SID:asdb)
The empty new Portal install should work fine before to go to the next step.
B. About tablespaces (optional)
The size of the tablespace of the production should match the one of the Developement machine. If not, the tablespace will autoextend. It is not really a concern, but it is slow. You should modify the tablespaces for to have as much space on prod and dev.
Also, it is safer to check that there is enough free space on the hard disk to import in the database.
To modify the tablespace size, you can use Oracle Entreprise Manager console,
On Unix, . oraenv
infra904oemapp dbastudio
On NT Start/ Programs/ Oracle Application server - infra904 / Enterprise Manager Console
Launch standalone
Choose the portal database (typically asdb.domain.com)
Connect with a DBA user, sys or system
Click Storage/Tablespaces
Change the size of the PORTAL, PORTAL_DOC, PORTAL_LOGS, PORTAL_IDX tablespaces
C. Backup
It could be a good idea to take a backup of the MIDTIER and INFRASTRUCTURE Oracle Homes at that point to allow retesting the import process if it fails for any reason as much as you want without needing to reinstall everything.
Step 3 - Import in production (on PROD)
The following script is a sample of an Unix script that combines all the steps to import a portal repository to the production machine.
To import a portal reporistory and his users and group in OID, you need to do 8 things:
Stop the midtier to avoid errors while dropping the portal schema
SQL*Plus with Portal
Drop the 4 default portal schemas
Create the portal users with the same passwords than the just deleted users and give them grants (you need to create your own custom shemas too if you have some).
Import the dump file
Import the users and groups into OID (optional)
SQL*Plus with SYS : Post import changes
Recompile everything in the database
Reassign the imported jobs to portal
SQL*Plus with Portal : Post import changes
Recreate the Portal intermedia indexes
Correct an import errror on wwsrc_preference$
Make additional post import changes, by updating some portal tables, and replacing the development hostname, port or domain by the production ones.
Rewire the portal repository with ptlconfig -dad portal
Restart the midtier
Here is a sample script to do this on Unix. You will need to adapt the script to your needs.
imp_portal_schema.sh
# BASH Script : imp_portal_schema.sh
# Version : 1.3
# Portal : 9.0.4.0
# History :
# mgueury - creation
# Description:
# This script import a portal dump file and relink it with an
# infrastructure.
# Script to be started from the MIDTIER
# -------------------------- Environment variables --------------------------
. portal_env.sh
# Development and Production machine hostname and port
# Example
# .._HOSTNAME machine.domain.com (name of the MIDTIER)
# .._PORT 7782 (http port of the MIDTIER)
# .._DN dc=domain,dc=com (domain name in a LDAP way)
# These values can be determined automatically with the iasconfig.xml file of dev
# and prod. But if you do not know or remember the dev hostname and port, this
# query should find it.
# > select name, http_url from wwpro_providers$ where http_url like 'http%'
# These variables are used in the
# > step 4 - security / import OID users and groups
# > step 6 - post import changes (PORTAL)
# Set the env variables of the DEV instance
rm /tmp/iasconfig_env.sh
xml -f -s xsl/portal_env_unix.xsl -o /tmp/iasconfig_env.sh exp_data/iasconfig.xml
. /tmp/iasconfig_env.sh
export DEV_HOSTNAME=$WEBCACHE_HOSTNAME
export DEV_PORT=$WEBCACHE_LISTEN_PORT
export DEV_DN=dc=`echo $OID_HOSTNAME | cut -d '.' -f2,3,4,5,6 --output-delimiter=',dc='`
# Set the env variables of the PROD instance
. portal_env.sh
export PROD_HOSTNAME=$WEBCACHE_HOSTNAME
export PROD_PORT=$WEBCACHE_LISTEN_PORT
export PROD_DN=dc=`echo $OID_HOSTNAME | cut -d '.' -f2,3,4,5,6 --output-delimiter=',dc='`
# ------------------------------ Help function -----------------------------------
function press_any_key() {
if [ $PRESS_ANY_KEY_AFTER_EACH_STEP = "Y" ]; then
echo
echo Press enter to continue
read $ANY_KEY
else
echo
fi
echo "------------------------------- Import ------------------------------------"
# create a directory for the logs
mkdir imp_log
# copy the env variables in the log just in case
export > imp_log/imp_env_variable.txt
echo "--------------------- step 1 - stop the midtier"
# This step is needed to avoid most case of ORA-01940: user connected
# when dropping the portal user
$MIDTIER_ORACLE_HOME/opmn/bin/opmnctl stopall
press_any_key
echo "--------------------- step 2 - drop and create empty users"
sqlplus "sys/$SYS_PASSWORD@$PORTAL_TNS as sysdba" <<IASDB
spool imp_log/drop_create_user.log
---- Drop users
-- Warning: You need to stop all SQL*Plus connection to the
-- portal schema before that else the drop will give an
-- ORA-01940: cannot drop a user that is currently connected
drop user portal_public cascade;
drop user portal_app cascade;
drop user portal_demo cascade;
drop user portal cascade;
---- Recreate the users and give them grants"
-- The new users will have the same passwords as the users we just dropped
-- above. Do not forget to add your exported custom users
create user portal identified by $PORTAL_PASSWORD default tablespace portal;
grant connect,resource,dba to portal;
create user portal_app identified by $PORTAL_APP_PASSWORD default tablespace portal;
grant connect,resource to portal_app;
create user portal_demo identified by $PORTAL_DEMO_PASSWORD default tablespace portal;
grant connect,resource to portal_demo;
create user portal_public identified by $PORTAL_PUBLIC_PASSWORD default tablespace portal;
grant connect,resource to portal_public;
alter user portal_public grant connect through portal;
start $MIDTIER_ORACLE_HOME/portal/admin/plsql/wwv/wdbigra.sql portal
exit
IASDB
press_any_key
echo "--------------------- step 3 - import"
imp userid="'sys/$SYS_PASSWORD@$PORTAL_TNS as sysdba'" file=exp_data/portal_exp.dmp grants=y log=imp_log/import.log full=y
press_any_key
echo "--------------------- step 4 - import the OID users and groups (optional)"
# Some errors will be raised when running the ldapadd because at least the
# default entries will not be able to be inserted. Remove them from the
# ldif file if you want to avoid them. Due to the flag '-c', ldapadd ignores
# duplicate entries. Another more radical solution is to erase all the entries
# of the users and groups in OID before to run the import.
# Replace the domain name in the XML files.
cat exp_data/portal_groups.xml | sed -e "s/$DEV_DN/$PROD_DN/" > imp_log/portal_groups.xml
cat exp_data/portal_users.xml | sed -e "s/$DEV_DN/$PROD_DN/" > imp_log/temp_users.xml
# Remove the authpassword attributes with a XSL stylesheet
xml -f -s xsl/del_authpassword.xsl -o imp_log/portal_users.xml imp_log/temp_users.xml
echo '--- Importing Groups'
ldapadd -h $OID_HOSTNAME -p $OID_PORT -D "cn=orcladmin" -w $IAS_PASSWORD -c -X imp_log/portal_groups.xml -v
echo '--- Importing Users'
ldapadd -h $OID_HOSTNAME -p $OID_PORT -D "cn=orcladmin" -w $IAS_PASSWORD -c -X imp_log/portal_users.xml -v
press_any_key
echo "--------------------- step 5 - post import changes (SYS)"
sqlplus "sys/$SYS_PASSWORD@$PORTAL_TNS as sysdba" <<IASDB
spool imp_log/sys_post_changes.log
---- Recompile the invalid packages"
-- On the midtier, the script utlrp is not present. This step
-- uses a copy of it stored in patch/utlrp.sql
select count(*) INVALID_OBJECT_BEFORE from all_objects where status='INVALID';
start patch/utlrp.sql
set lines 999
select count(*) INVALID_OBJECT_AFTER from all_objects where status='INVALID';
---- Jobs
-- Reassign the JOBS imported to PORTAL. After the import, they belong
-- incorrectly to the user SYS.
update dba_jobs set LOG_USER='PORTAL', PRIV_USER='PORTAL' where schema_user='PORTAL';
commit;
exit
IASDB
press_any_key
echo "--------------------- step 6 - post import changes (PORTAL)"
sqlplus $PORTAL_USER/$PORTAL_PASSWORD@$PORTAL_TNS <<IASDB
set serveroutput on
spool imp_log/portal_post_changes.log
---- Intermedia
-- Recreate the portal indexes.
-- inctxgrn.sql is missing from the 9040 CD-ROMS. This is the bug 3536937.
-- Fixed in 9041. The missing script is contained in the downloadable zip file.
start patch/inctxgrn.sql
start $MIDTIER_ORACLE_HOME/portal/admin/plsql/wws/ctxcrind.sql
---- Import error
alter table "WWSRC_PREFERENCE$" add constraint wwsrc_preference_pk
primary key (subscriber_id, id)
using index wwsrc_preference_idx1
begin
DBMS_RLS.ADD_POLICY ('', 'WWSRC_PREFERENCE$', 'WEBDB_VPD_POLICY',
'', 'webdb_vpd_sec', 'select, insert, update, delete', TRUE,
static_policy=>true);
end ;
---- Modify tables with full URLs
-- If the domain name of prod and dev are different, this step is really important.
-- It modifies the portal tables that contains reference to the hostname or port
-- of the development machine. (For more explanation: see Addional steps in the note)
-- groups (dn)
update wwsec_group$
set dn=replace( dn, '$DEV_DN', '$PROD_DN' )
update wwsec_group$
set dn_hash = wwsec_api_private.get_dn_hash( dn )
-- users (dn)
update wwsec_person$
set dn=replace( dn, '$DEV_DN', '$PROD_DN' )
update wwsec_person$
set dn_hash = wwsec_api_private.get_dn_hash( dn)
-- subscriber
update wwsub_model$
set dn=replace( dn, '$DEV_DN', '$PROD_DN' ), GUID=':1'
where dn like '%$DEV_DN%'
-- preferences
update wwpre_value$
set varchar2_value=replace( varchar2_value, '$DEV_DN', '$PROD_DN' )
where varchar2_value like '%$DEV_DN%'
update wwpre_value$
set varchar2_value=replace( varchar2_value, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where varchar2_value like '%$DEV_HOSTNAME:$DEV_PORT%'
-- page url items
update wwv_things
set title_link=replace( title_link, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where title_link like '%$DEV_HOSTNAME:$DEV_PORT%'
-- web providers
update wwpro_providers$
set http_url=replace( http_url, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where http_url like '%$DEV_HOSTNAME:$DEV_PORT%'
-- html links created by the RTF editor inside text items
update wwv_text
set text=replace( text, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where text like '%$DEV_HOSTNAME:$DEV_PORT%'
-- Portlet metadata nls: help URL
update wwpro_portlet_metadata_nls$
set help_url=replace( help_url, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where help_url like '%$DEV_HOSTNAME:$DEV_PORT%'
-- URL items (There is a trigger on this table building absolute_url automatically)
update wwsbr_url$
set absolute_url=replace( absolute_url, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where absolute_url like '%$DEV_HOSTNAME:$DEV_PORT%'
-- Things attributes
update wwv_thingattributes
set value=replace( value, '$DEV_HOSTNAME:$DEV_PORT', '$PROD_HOSTNAME:$PROD_PORT' )
where value like '%$DEV_HOSTNAME:$DEV_PORT%'
commit;
exit
IASDB
press_any_key
echo "--------------------- step 7 - ptlconfig"
# Configure portal such that portal uses the infrastructure database
cd $MIDTIER_ORACLE_HOME/portal/conf/
./ptlconfig -dad portal
cd -
mv $MIDTIER_ORACLE_HOME/portal/logs/ptlconfig.log imp_log
press_any_key
echo "--------------------- step 8 - restart the midtier"
$MIDTIER_ORACLE_HOME/opmn/bin/opmnctl startall
date
Each step can generate his own errors due to a lot of factors. It is better to run the import step by step the first time.
Do not forget to check the output of log files created during the various steps of the import:
imp_log/drop_create_user.log
Spool when dropping and recreating the portal users
imp_log/import.log Import log file when importing the portal_exp.dmp file
imp_log/sys_post_changes.log
Spool when making post changes with SYS
imp_log/portal_post_changes.log
Spool when making post changes with PORTAL
imp_log/ptlconfig.log
Log file of ptconfig when rewiring the midtier
Step 4 - Test
A. Check the log files
B. Test the website and see if it works fine.
Step 5 - take a backup
Take a backup of all ORACLE_HOME and DATABASES to prevent all hardware problems. You need to copy:
All the files of the 2 ORACLE_HOME
And all the database files.
Step 6 - Additional steps
Here are some additional steps.
SSO external application ( that are part of the orasso schema and not imported yet )
Page URL items ( they seems to store the full URL ) - included in imp_portal_schema.sh
Web Providers ( the URL needs to be changed ) - included in imp_portal_schema.sh
Text items edited with the RTF editor in IE and containing links - included in imp_portal_schema.sh
Most of them are taken care by the "step 8 - post import changes". Except the first one.
1. SSO import
This script imports only Portal and the users/groups of OID. Not the list of the external application contained in the orasso user.
In Portal 9.0.4, there is a script called SSOMIG that resides in $INFRA_ORACLE_HOME/sso/bin and allows to move :
Definitions and user data for external applications
Registration URLs and tokens for partner applications
Connection information used by OracleAS Discoverer to access various data sources
See:
Oracle® Application Server Single Sign-On Administrator's Guide 10g (9.0.4) Part Number B10851-01
14. Exporting and Importing Data
2. Page items: the page URL items store the full URL.
This is Bug 2661805 fixed in Portal 9.0.2.6.
This following work-around is implemented in post import step of imp_portal_schema.sh
-- page url items
update wwv_things
set title_link=replace( title_link, 'dev.dev_domain.com:7778', 'prod.prod_domain.com:7778' )
where title_link like '%$DEV_HOSTNAME:$DEV_PORT%'
2. Web Providers
The URL to the Web providers needs also change. Like for the Page items, they contain the full path of the webserver.
Or you can get the list of the URLs to change with this query
select name, http_url from PORTAL.WWPRO_PROVIDERS$ where http_url like '%';
This following work-around is implemented in post import step of imp_portal_schema.sh
-- web providers
update wwpro_providers$
set http_url=replace( http_url, 'dev.dev_domain.com:7778', 'prod.prod_domain.com:7778' )
where http_url like '%$DEV_HOSTNAME:$DEV_PORT%'
4. The production and development machine do not share the same domain
If the domain of the production and the development are not the same, the DN (name in LDAP) of all users needs to change.
Let's say from
dc=dev_domain,dc=com -> dc=prod_domain,dc=com
1. before to upload the ldif files. All the strings in the 2 ldifs files that contain 'dc=dev_domain,dc=com', have to be replaced by 'dc=prod_domain,dc=com'
2. in the wwsec_group$ and wwsec_person$ tables in portal, the DN need to change too.
This following work-around is implemented in post import step of imp_portal_schema.sh
-- groups (dn)
update wwsec_group$
set dn=replace( dn, 'dc=dev_domain,dc=com', 'dc=prod_domain,dc=com' )
update wwsec_group$
set dn_hash = wwsec_api_private.get_dn_hash( dn )
-- users (dn)
update wwsec_person$
set dn=replace( dn, 'dc=dev_domain,dc=com', 'dc=prod_domain,dc=com' )
update wwsec_person$
set dn_hash = wwsec_api_private.get_dn_hash( dn)
5. Text items with HTML links
Sometimes people stores full URL inside their text items, it happens mostly when they use link with the RichText Editor in IE .
This following work-around is implemented in post import step in imp_portal_schema.sh
-- html links created by the RTF editor inside text items
update wwv_text
set text=replace( text, 'dev.dev_domain.com:7778', 'prod.prod_domain.com:7778' )
where text like '%$DEV_HOSTNAME:$DEV_PORT%'
6. OID Custom password policy
It happens quite often that the people change the password policy of the OID server. The reason is that with the default policy, the password expires after 60 days. If so, do not forget to make the same changes in the new installation.
PROBLEMS
1. Import log has some errors
A. EXP-00091 -Exporting questionable statistics
You can ignore this error.
B. IMP-00017 - WWSRC_PREFERENCE$
When importing, there is one import error:
IMP-00017: following statement failed with ORACLE error 921:
"ALTER TABLE "WWSRC_PREFERENCE$" ADD "
IMP-00003: ORACLE error 921 encountered
ORA-00921: unexpected end of SQL commandThe primary key is not created. You can create it with this commmand
in SQL*Plus with the user portal.. Then readd the missing VPD policy.
alter table "WWSRC_PREFERENCE$" add constraint wwsrc_preference_pk
primary key (subscriber_id, id)
using index wwsrc_preference_idx1
begin
DBMS_RLS.ADD_POLICY ('', 'WWSRC_PREFERENCE$', 'WEBDB_VPD_POLICY',
'', 'webdb_vpd_sec', 'select, insert, update, delete', TRUE,
static_policy=>true);
end ;
Step 8 in the script "imp_portal_schema.sh" take care of this. This can also possibly be solved by the
C. IMP-00017 - WWDAV$ASL
. importing table "WWDAV$ASL"
Note: table contains ROWID column, values may be obsolete 113 rows importedThis error is normal, the table really contains a ROWID column.
D. IMP-00041 - Warning: object created with compilation warnings
This error is normal too. The packages giving these error have
dependencies on package not yet imported. A recompilation is done
after the import.
E. ldapadd error 'cannot add add entries containing authpasswords'
# ldap_add: DSA is unwilling to perform
# ldap_add: additional info: You cannot add entries containing authpasswords.
"authpasswords" are automatically generated values from the real password of the user stored in userpassword. These values do not have to be exported from ldap.
In the import script, I remove the additional tag with a XSL stylesheet 'del_authpassword.xsl'. See above.
F. IMP-00017: WWSTO_SESSION$
IMP-00017: following statement failed with ORACLE error 2298:
"ALTER TABLE "WWSTO_SESSION$" ENABLE CONSTRAINT "WWSTO_SESS_FK1""
IMP-00003: ORACLE error 2298 encountered
ORA-02298: cannot validate (PORTAL.WWSTO_SESS_FK1) - parent keys not found
Here is a work-around for the problem. I will normally integrate it in a next version of the scripts.
SQL> delete from WWSTO_SESSION_DATA$;
7690 rows deleted.
SQL> delete from WWSTO_SESSION$;
1073 rows deleted.
SQL> commit;
Commit complete.
SQL> ALTER TABLE "WWSTO_SESSION$" ENABLE CONSTRAINT "WWSTO_SESS_FK1";
Table altered.
G. IMP-00017 - ORACLE error 1 - DBMS_JOB.ISUBMIT
This error can appear during the import when the import database is not empty and is already customized for some reasons. For example, you export from an infrastructure and you import in a database with a lot of other programs that uses jobs. And unhappily the same job id.
Due to the way the export/import of jobs is done, the jobs keeps their id after the import. And they may conflict.
IMP-00017: following statement failed with ORACLE error 1: "BEGIN DBMS_JOB.ISUBMIT(JOB=>42,WHAT=>'begin execute immediate " "''begin wwutl_cache_sys.process_background_inval; end;'' ; exc" "eption when others then wwlog_api.log(p_domain=> ''utl'', " " p_subdomain=>''cache'', p_name=>''background'', " " p_action=>''process_background_inval'', p_information => ''E" "rror in process_background_inval ''|| sqlerrm);end;', NEXT_DATE=" ">TO_DATE('2004-08-19:17:32:16','YYYY-MM-DD:HH24:MI:SS'),INTERVAL=>'SYSDATE " "+ 60/(24*60)',NO_PARSE=>TRUE); END;"
IMP-00003: ORACLE error 1 encountered ORA-00001: unique constraint (SYS.I_JOB_JOB) violated
ORA-06512: at "SYS.DBMS_JOB", line 97 ORA-06512: at line 1
Solutions:
1. use a fresh installed database,
2. Due that the jobs conflicting are different because it happens only in custom installation, there is no clear rule. But you can
recreate the jobs lost after the import with other_ids
and/or change the job id of the other program before to import. This type of commands can help you (you need to do it with SYS)
select * from dba_jobs;
update dba_jobs set job=99 where job=52;
commit
2. Import in a RAC environment
Be aware of the Bug 2479882 when the portal database is in a RAC database.
Bug 2479882 : NEEDED TO BOUNCE DB NODES AFTER INSTALLING PORTAL 9.0.2 IN RAC NODE3. Intermedia
After importing a environment, the intermedia indexes are invalid. To correct the error you need to run in SQL*Plus with Portal
start $MIDTIER_ORACLE_HOME/portal/admin/plsql/wws/inctxgrn.sql
start $MIDTIER_ORACLE_HOME/portal/admin/plsql/wws/ctxcrind.sql
But $MIDTIER_ORACLE_HOME/portal/admin/plsql/wws/inctxgrn.sql is missing in IAS 9.0.4.0. This is Bug 3536937. Fixed in 9041. The missing scripts are contained in the downloadable zip file (exp_schema904.zip : Attachment 276688.1:1 ), directory sql. This means that practically in 9040, you have to run
start sql/inctxgrn.sql
start $MIDTIER_ORACLE_HOME/portal/admin/plsql/wws/ctxcrind.sql
In the import script, it is done in the step 6 - recreate Portal Intermedia indexes.
You can not WA the problem without the scripts. Running ctxcrind.sql alone does not work. You will have this error:
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "PORTAL.WWERR_API_EXCEPTION", line 164
ORA-06512: at "PORTAL.WWV_CONTEXT", line 1035
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "PORTAL.WWERR_API_EXCEPTION", line 164
ORA-06512: at "PORTAL.WWV_CONTEXT", line 476
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-20000: Oracle Text error:
DRG-12603: CTXSYS does not own user datastore procedure: WWSBR_THING_CTX_69
ORA-06512: at line 13
4. ptlconfig
If you try to run ptlconfig simply after an import you will get an error:
Problem processing Portal instance: Configuring HTTP server settings : Installing cache data : SQL exception: ERROR: ORA-23421: job number 32 is not a job in the job queue
This is because the import done by user SYS has imported the PORTAL jobs to the SYS schema in place of portal. The solution is to run
update dba_jobs set LOG_USER='PORTAL', PRIV_USER='PORTAL' where schema_user='PORTAL';
In the import script, it is done in the step 8 - post import changes.
5. WWC-41417 - invalid credentials.
When you try to login you get:
Unexpected error encountered in wwsec_app_priv.process_signon (User-Defined Exception) (WWC-41417)
An exception was raised when accessing the Oracle Internet Directory: 49: Invalid credentials
Details
Error:Operation: dbms_ldap.simple_bind_s
OID host: machine.domain.com
OID port number: 4032
Entry DN: orclApplicationCommonName=PORTAL,cn=Portal,cn=Products,cn=OracleContext. (WWC-41743)Solution:
- run secupoid.sql
- rerun ptlconfig
This problem has been seen after using ptlasst in place of ptlconfig.
6. EXP-003 with a database 9.2.0.5 or 10.1.0.2
In fact, the DB format of imp/exp has changed in 9.2.0.5 or 10.1.0.2. The EXP-3 error only occurs when the export from the 9.2.0.5.0 or 10.1.0.2.0 database is done with a lower release export utility, e.g. 9.2.0.4.0.
Due to the way this note is written, the imp/exp utility used is the one of the midtier (9014), if your portal resides in a 9.2.0.5 database, it will not work. To work-around the problem, there are 2 solutions:
Change the script so that it uses the exp and imp command of database.
Make a change to the 9.2.0.5 or 10.1.0.2 database to make them compatible with previous version. The change is to modify a database internal view before to export/import the data.
A work-around is given in Bug 3784697
1. Make a note of the export definition of exu9tne from
$OH/rdbms/admin/catexp.sql
2. Copy this to a new file and add "UNION ALL select * from sys.exu9tneb" to the end of the definition
3. Run this as sys against the DB to be exported.
4. Export as required
5. Put back the original definition of exu9tne
eg: For 9204 the workaround view would be:
CREATE OR REPLACE VIEW exu9tne (
tsno, fileno, blockno, length) AS
SELECT ts#, segfile#, segblock#, length
FROM sys.uet$
WHERE ext# = 1
UNION ALL
select * from sys.exu9tneb
7. EXP-00006: INTERNAL INCONSISTENCY ERROR
This is Bug 2906613.
The work-around given in this bug is the following:
- create the following view, connected as sys, before running export:
CREATE OR REPLACE VIEW exu8con (
objid, owner, ownerid, tname, type, cname,
cno, condition, condlength, enabled, defer,
sqlver, iname) AS
SELECT o.obj#, u.name, c.owner#, o.name,
decode(cd.type#, 11, 7, cd.type#),
c.name, c.con#, cd.condition, cd.condlength,
NVL(cd.enabled, 0), NVL(cd.defer, 0),
sv.sql_version, NVL(oi.name, '')
FROM sys.obj$ o, sys.user$ u, sys.con$ c,
sys.cdef$ cd, sys.exu816sqv sv, sys.obj$ oi
WHERE u.user# = c.owner# AND
o.obj# = cd.obj# AND
cd.con# = c.con# AND
cd.spare1 = sv.version# (+) AND
cd.enabled = oi.obj# (+) AND
NOT EXISTS (
SELECT owner, name
FROM sys.noexp$ ne
WHERE ne.owner = u.name AND
ne.name = o.name AND
ne.obj_type = 2)
The modification of exu8con simply adds support for a constraint type that had not previously been supported by this view. There is no negative impact.
8. WWSBR_DOC_CTX_54 is invalid
After the recompilation of the package, one package remains invalid (in sys_post_changes.log):
INVALID_OBJECT_AFTER
1
select owner, object_name from all_objects where status='INVALID'
CTXSYS WWSBR_DOC_CTX_54
CREATE OR REPLACE procedure WWSBR_DOC_CTX_54
(rid in rowid, bilob in out NOCOPY blob)
is begin PORTAL.WWSBR_CTX_PROCS.DOC_CTX(rid,bilob);end;
This object is not used anymore by portal. The error can be ignored. The procedure can be removed too. This is Bug 3559731.
9. You do not have permission to perform this operation. (WWC-44131)
It seems that there are problems if
- groups on the production machine are not residing in the default place in OID,
- and that the group creation base and group search base where changed.
After this, the cloning of the repository work without problem. But it seems that the command 'ptlconfig -dad portal' does not reset the GUID and DN of the groups correctly. I have not checked this yet.
The solution seems to use the script given in the 9.0.2 Note 228516.1. And run group_sec.sql to reset all the DN and GUID in the copied instance.
10. Invalid Java objects when exporting from a 9.x database and importing in a 10g database
If you export from a 9.x database and import in a 10g database, after running utlrp.sql, 18 Java objects will be invalid.
select object_name, object_type from user_objects where status='INVALID'
SQL> /
OBJECT_NAME OBJECT_TYPE
/556ab159_Handler JAVA CLASS
/41bf3951_HttpsURLConnection JAVA CLASS
/ce2fa28e_ProviderManagerClien JAVA CLASS
/c5b98d35_ServiceManagerClient JAVA CLASS
/d77cf2ab_SOAPServlet JAVA CLASS
/649bf254_JavaProvider JAVA CLASS
/a9164b8b_SpProvider JAVA CLASS
/2ee43ac9_StatefulEJBProvider JAVA CLASS
/ad45acec_StatelessEJBProvider JAVA CLASS
/da1c4a59_EntityEJBProvider JAVA CLASS
/66fdac3e_OracleSOAPHTTPConnec JAVA CLASS
/939c36f5_OracleSOAPHTTPConnec JAVA CLASS
org/apache/soap/rpc/Call JAVA CLASS
org/apache/soap/rpc/RPCMessage JAVA CLASS
org/apache/soap/rpc/Response JAVA CLASS
/198a7089_Message JAVA CLASS
/2cffd799_ProviderGroupUtils JAVA CLASS
/32ebb779_ProviderGroupMgrProx JAVA CLASS
18 rows selected.
This is a known issue. This can be solved by applying patch one of the following patch depending of your IAS version.
Bug 3405173 - PORTAL 9.0.4.0.0 PATCH FOR 10G DB UPGRADE (FROM 9.0.X AND 9.2.X)
Bug 4100409 - PORTAL 9.0.4.1.0 PATCH FOR 10G DB UPGRADE (FROM 9.0.X AND 9.2.X)
Bug 4100417 - PORTAL 9.0.4.2.0 PATCH FOR 10G DB UPGRADE (FROM 9.0.X AND 9.2.X)
11. Import : IMP-00003: ORACLE error 30510 encountered
When importing Portal 9.0.4.x, it could be that the import of the database side produces an error ORA-30510.The new perl script work-around the issue in the portal_post_import.sql script. But not the BASH scripts. If you use the BASH scripts, after the import, please run this command manually in SQL*Plus logged as portal.
---- Import error 2 - ORA-30510 when importing
CREATE OR REPLACE TRIGGER logoff_trigger
before logoff on schema
begin
-- Call wwsec_oid.unbind to close open OID connections if any.
wwsec_oid.unbind;
exception
when others then
-- Ignore all the errors encountered while unbinding.
null;
end logoff_trigger;
This is logged as <Bug;4458413>.
12. Exporting from a 9.0.1 database and import in a 9.2.0.5+ or 10g DB
It could be that when exporting from a 9.0.1 database to a 10g database that the java classes do not get compiled correctly. The following errors are seen
ORA-29534: referenced object PORTAL.oracle/net/www/proto/https/HttpsURLConnection could not be resolved
errors:: class oracle/net/www/proto/https/HttpsURLConnection
ORA-29521: referenced name oracle/security/ssl/OracleSSLSocketFactoryImpl could not be found
ORA-29521: referenced name oracle/security/ssl/OracleSSLSocketFactory could not be found
In such a case, please apply the following patches after the import in the 10g database.
Bug 3405173 PORTAL REPOS DB UPGRADE TO 10G: for Portal 9.0.4.0
Bug 4100409 PORTAL REPOS DB UPGRADE TO 10G: for Portal 9.0.4.1
Main Differences with Portal 9.0.2
For the persons used to this technics in Portal 9.0.2, you could be interested to read the main differences with the same note for Portal 9.0.2
Portal 9.0.2
Portal 9.0.4
Cutter database
Portal 9.0.2 can be part of an infrastructure database or in a custom external database.
In Portal 9.0.2, the portal schema is imported in an empty database.
Portal 9.0.4 can only be installed in a 'Cutter database', a database created with RepCA or OUI containing always OID, DCM and so on...
In Portal 9.0.4, the portal schema is imported in an 'Cutter database' (new)
group_sec.sql
group_sec.sql is used to correct the GUIDs of OID stored in Portal
ptlconfig -dad portal -oid is used to correct the GUIDs of OID stored in Portal (new)
1 script
The import / export are divided by several steps with several scripts
The import script is done in one step
Additional steps are included in the script
This requires to know the hostname and port of the original development machine. (new)
Import
The steps are:
creation of an empty database
creation of the users with password=username
import
The steps are:
creation of an IAS 10g infrastructure DB (repca or OUI)
deletion of new portal schemas (new)
creation of the users with the same password than the schemas just dropped.
import
DAD
The dad needed to be changed
The passwords are not changed, the dad does not need to be changed.
Bugs
In portal 9.0.2, 2 bugs were workarounded by change_host.sh
In Portal 9.0.4, some tables additional tables needs to be updated manually before to run ptlasst. This is #Bug:3762961#.
export of LDAP
The export is done in LDIF files. If the prod and the dev have different domain, it is quite difficult to change the domain name in these file due to the line wrapping at 78 characters.
The export is done in XML files, in the DSML format (new). It is a lot easier to change the XML files if the domain name is different from PROD to DEV.
Download
You have to cut and paste the scripts
The scripts are attached to the note. Just donwload them.
Rewiring
9.0.2 uses ptlasst.
ptlasst.csh -mode MIDTIER -i custom -s $PORTAL_USER -sp $PORTAL_PASSWORD -c $PORTAL_HOSTNAME:$PORTAL_DB_PORT:$PORTAL_SERVICE_NAME -sdad $PORTAL_DAD -o orasso -op $ORASSO_PASSWORD -odad orasso -host $MIDTIER_HOSTNAME -port $MIDTIER_HTTP_PORT -ldap_h $INFRA_HOSTNAME -ldap_p $OID_PORT -ldap_w $IAS_PASSWORD -pwd $IAS_PASSWORD -sso_c $INFRA_HOSTNAME:$INFRA_DB_PORT:$INFRA_SERVICE_NAME -sso_h $INFRA_HOSTNAME -sso_p $INFRA_HTTP_PORT -ultrasearch -oh $MIDTIER_ORACLE_HOME -mc false -mi true -chost $MIDTIER_HOSTNAME -cport_i $WEBCACHE_INV_PORT -cport_a $WEBCACHE_ADM_PORT -wc_i_pwd $IAS_PASSWORD -emhost $INFRA_HOSTNAME -emport $EM_PORT -pa orasso_pa -pap $ORASSO_PA_PASSWORD -ps orasso_ps -pp $ORASSO_PS_PASSWORD -iasname $IAS_NAME -verbose -portal_only
9.0.4 uses ptlconfig (new)
ptlconfig -dad portal
Environment variables
A lot of environment variables are needed
Just 3 environment variables are needed:
- password of SYS
- password of IAS,
- ORACLE_HOME of the Midtier
All the rest is found in iasconfig.xml and LDAP (new)
TO DO
- Check if the orclcommonapplication name fits SID.hostname
- Check what gives the import of a portal30 upgraded schema inside a schema named portal
- Explain how to copy the portal*.dbf files in place of export/import and the limitation of tra -
How to avoid the user selecting a different path in my installer
Hello again all you helpful forum-goers!
I have an application and a corresponding installer, and then I have a separate installer putting some support files in the same directory. My problem is that if the user selects a different path to which to install my primary application, the secondary installer will not put the required support files in the same spot.
Now, I think I've figured out how to get the user-selected path from the "Run executable at the end of installation" option in the Advanced pane of the LabVIEW installer configuration, and I can pass that in to my secondary installer, and that should fix the problem. However, what I'd really like to do is just not give the user the option to install my primary application in a different directory to begin with. I've looked, but cannot find any way to do that.
Does anyone know of any way to not present the option to install an application in a different directory when using the LabVIEW installer?
Thanks in advance for any suggestions,
-JoeBen64,
That's great! Thank you so much for your quick reply. The only reason I haven't already accepted that as my solution is that it requires a manual post-compile change to a text file. Ideally I'd prefer not to have to remember to do that every time I rebuild my installer. Is there any way that you know of to automate the process?
If not, I'm happy to have a good solution even if it takes an extra step each time to implement.
-Joe -
Question on how to Hide the User Name, Password, and Domain fields in the MDT Wizard
MDT 2012 U1
Deploying Windows 7 via Offline Media (ISO) to MS Virtual PC's
I am looking on how to Hide the User Name, Password, and Domain fields which are prepopulated in the MDT wizard via the CS.ini (Not so concerned about the Domain field as I am User Name and Password)
We do need the Computer Name and OU fields to be seen, so skipping the wizard is not a option
The client just does not want these fields to be seen by the end users, they dont want them to even know the account name used for adding the machine to the domain, of course the password is not displayed but it must not be displayed either.
But since we use the fields they must still be fuctional just not seen.
Thanks.....
If this post is helpful please click "Mark for answer", thanks! Kind regardsYou shouldn't have to edit DeployWiz_Definition_ENU.xml. You should only need to add "SkipAdminPassword=YES" to the CS.ini file and your authentication information.
Example:
[Settings]
Priority=Default
Properties=MyCustomProperty
[Default]
OSInstall=Y
SkipCapture=NO
SkipAdminPassword=YES
UserID=<MyUserID>
UserPassword=<MyPassword>
UserDomain=<MyDomain.com>
SkipProductKey=NO
SkipComputerBackup=YES
SkipBitLocker=NO
-Nick O.
Nick,
SkipAdminPassword=YES is for:
You can skip the Administrator Password wizard page by using this property in the
customsettings.ini.
I am hidding the Username/Password/and domain field in the computer name Wizard pane which is read from the cs.iniDomainAdmin=xxxxx
DomainAdminPassword=xxxxx
DomainAdminDomain=xxxxxx
JoinDomain=xxxxxx
If this post is helpful please click "Mark for answer", thanks! Kind regards -
Hi,
I am trying to create user accounts via PowerShell instead of the Gui in server 2008 R2 (PowerShell 2.0).
I know how to create a user account with the following Power Shell command below is one from a dummy domain I created to practice.
PS C:\Users\Administrator> New-ADUser -SamAccountName "TestOut" -UserPrincipalNa
me "[email protected]" -GivenName "Test" -Surname "out" -DisplayName "Testou
t" -Name "Testout" -Enabled $true -Path "CN=users,DC=bwcat,DC=net,DC=int" -Accou
ntPassword (Read-Host -AsSecureString "Enter Account Password")
However when doing day to day tasks where I work normally we have a new hire, they contact IT and ask that a user account is created. I will ask who they would like to mirror.
I then would go into the gui pull up the user that they want to mirror right click him and choose copy. This would create a new user account that I would then fill out.
I am wondering if its possible to do this same thing via PowerShell, or if its not an option because it takes more work type up everything than it does to go into the gui and do it.
Anyway thanks for the help.Hi Wilder, hi Mark,
first of all: The tutorial sources Mark posted - especially the book "Powershell 3 in A month of lunches" - are good to get a baseline start. A really great reference, especially when you try to learn it while still dealing with your daily business.
On another note, Wilder: While I fully agree that learning things sequentially is usually the best, I too jumped right in instead of learning how to walk first (though it's been some time now. Fewer years than you'd think, but still ...). So I thought I'd
give you a little aid with that function husk, so you could just stuff interesting bits into an available structure, making use of the fun tools in a useful context (It's fun fiddling around with the commands, but if you have to type in all of them manually
each time, using the GUI is often just faster. Doing fun things and being efficient with it feels even better though ...). So ... while I
do agree with yourself, learn it the Correct & Proper Way, I also do
intend to finish this little explanation about the husk, all the way to the end.
Everything below this paragraph is part of this.
function Copy-ADUser
<#
.SYNOPSIS
A brief description of the Copy-ADUser function.
.DESCRIPTION
A detailed description of the Copy-ADUser function.
.PARAMETER GivenName
A description of the GivenName parameter.
.PARAMETER Surname
A description of the Surname parameter.
.PARAMETER Template
A description of the Template parameter.
.EXAMPLE
PS C:\> Copy-ADUser -GivenName "Max" -Surname "Mustermann" -Template "Jonny.Normal"
.NOTES
Additional information about the function.
#>
[CmdletBinding()]
Param (
[Parameter(Mandatory = $true)]
[string]
$Surname,
[Parameter(Mandatory = $true)]
[string]
$GivenName,
[Parameter(Mandatory = $true)]
[string]
$Template
) # Create finished Strings
$JoinedName = $GivenName + "." + $Surname
# Create new User
$NewUser = New-ADUser -Surname $Surname -GivenName $GivenName -DisplayName "$Surname, $GivenName" -SamAccountName $JoinedName -Name "$Surename, $GivenName" -PassThru
# Copy from old User
$NewUser | Add-ADPrincipalGroupMembership -MemberOf (Get-ADPrincipalGroupMembership $Template | Where { $_.Name -ne 'Domain Users' })
# Do Whatever else you feel like doing
This is again the same function husk I posted earlier. Only this time, I filled a little logic (the pieces that were already posted in this thread). This time, I'll not only go over each part again ... I'll do it by reposting the segments and trying to show
some examples on how to modify the parts. Thus some of it will be repetitive, but this way all the info is in one spot.
Segment: Comment Based Help
<#
.SYNOPSIS
A brief description of the Copy-ADUser function.
.DESCRIPTION
A detailed description of the Copy-ADUser function.
.PARAMETER GivenName
A description of the GivenName parameter.
.PARAMETER Surname
A description of the Surname parameter.
.PARAMETER Template
A description of the Template parameter.
.EXAMPLE
PS C:\> Copy-ADUser -GivenName "Max" -Surname "Mustermann" -Template "Jonny.Normal"
.NOTES
Additional information about the function.
#>
That's the premier documentation part of a function, that teaches a user what the function does and how to use it. It's what's shown when using the Get-Help cmdlet.
Comment texts are not restricted to single lines however. For example you could replace ...
.EXAMPLE
PS C:\> Copy-ADUser -GivenName "Max" -Surname "Mustermann" -Template "Jonny.Normal"
... with ...
.EXAMPLE
PS C:\> Copy-ADUser -GivenName "Max" -Surname "Mustermann" -Template "Jonny.Normal"
Creates a new user named Max Mustermann and copies the group memberships of the already existing user Jonny Normal to this new User
... and get an explanation on what the example does when using Get-Help with the
-Detailed parameter (Explaining examples is always a good idea).
Segment: Parameter
[CmdletBinding()]
Param (
[Parameter(Mandatory = $true)]
[string]
$Surname,
[Parameter(Mandatory = $true)]
[string]
$GivenName,
[Parameter(Mandatory = $true)]
[string]
$Template
This is the segment that tells Powershell what input your function accepts. Each parameter of Copy-ADUser you set will be available in the next segment as a variable of the same name. You can add additional parameters if you need more information for your
logic. For example, let's add a parameter that allows you to specify what Organization the new user should belong to:
[CmdletBinding()]
Param (
[Parameter(Mandatory = $true)]
[string]
$Surname,
[Parameter(Mandatory = $true)]
[string]
$GivenName,
[string]
$Organization,
[Parameter(Mandatory = $true)]
[string]
$Template
That's how that would look like. You may notice that I didn't add the line with
"[Parameter(Mandatory = $true)] this time. This means you
may add the Organization parameter when calling Copy-ADUser, but you need not.
Segment: Logic
# Create new User
$NewUser = New-ADUser -Surname $Surname -GivenName $GivenName -DisplayName "$Surname, $GivenName" -SamAccountName "$GivenName.$Surename" -Name "$Surename, $GivenName" -PassThru
# Copy from old User
$NewUser | Add-ADPrincipalGroupMembership -MemberOf (Get-ADPrincipalGroupMembership $Template | Where { $_.Name -ne 'Domain Users' })
# Do Whatever else you feel like doing
This is the part of the function that does the actual work. Compared to the first husk I posted, this time there are two commands in it (and some comments). First, I create a new user, using the information passed into
the parameters -Surname and -GivenName. Then I Copy the group memberships of the user identified by the information given by the
-Template parameter.
So, let's modify it!
# Tell the user you are starting
Write-Host "Starting to create the user account for $GivenName $Surname"
# Create new User
$NewUser = New-ADUser -Surname $Surname -GivenName $GivenName -DisplayName "$Surname, $GivenName" -SamAccountName "$GivenName.$Surename" -Name "$Surename, $GivenName" -PassThru
# Tell the user you are copying Group Memberships
Write-Host "Copying the group-memberhips of $Template to $GivenName $Surname"
# Copy from old User
$NewUser | Add-ADPrincipalGroupMembership -MemberOf (Get-ADPrincipalGroupMembership $Template | Where { $_.Name -ne 'Domain Users' })
# Do Whatever else you feel like doing
Now after adding a few lines, the logic will tell us what it's doing (and do so before it
is taking action)!
Hm ... didn't we create a change in the Parameter Segment to add an -Organization parameter? Let's use it!
# If the -Organization parameter was set, the $Organization variable will be longer than 0. Thus do ...
if ($Organization.Length -gt 0)
# Tell the user you are starting
Write-Host "Starting to create the user account for $GivenName $Surname in the Organization $Organization"
# Create new User
$NewUser = New-ADUser -Surname $Surname -GivenName $GivenName -DisplayName "$Surname, $GivenName" -SamAccountName "$GivenName.$Surename" -Name "$Surename, $GivenName" -Organization $Organization -PassThru
# If the -Organization parameter was NOT set, the $Organization variable will have a length of 0. Thus the if-condition does not apply, thus we do the else block
else
# Tell the user you are starting
Write-Host "Starting to create the user account for $GivenName $Surname"
# Create new User
$NewUser = New-ADUser -Surname $Surname -GivenName $GivenName -DisplayName "$Surname, $GivenName" -SamAccountName "$GivenName.$Surename" -Name "$Surename, $GivenName" -PassThru
# Tell the user you are copying Group Memberships
Write-Host "Copying the group-memberhips of $Template to $GivenName $Surname"
# Copy from old User
$NewUser | Add-ADPrincipalGroupMembership -MemberOf (Get-ADPrincipalGroupMembership $Template | Where { $_.Name -ne 'Domain Users' })
# Do Whatever else you feel like doing
There! Now we first check whether the -Organization parameter was set (it's not mandatory after all, so you can skip it). If it
was set, do whatever is in the curly braces after if (...). However, if it wasn't set, do whatever is in the curly braces after
else.
And that concludes my "minor" (and hopefully helpful) tutorial on how to use the function husk I posted :)
With this, whenever you find another cool command that helps you in the user creation process, you can simply add it, similar to what I did in these examples.
And if it all didn't make much sense, go through the tutorials in proper order and come back - it'll make much more sense then.
Cheers and good luck with PowerShell,
Fred
There's no place like 127.0.0.1 -
How to Move Local Users to Network Domain Users
Before you follow these instructions...... I'm a rank amateur so I'd check to see if the smart kids have corrected my errors or improved on the method in the replies below
The reason for the post is I have good and established local user accounts on all the computers and moving them to domain controlled accounts is the one topic I could not find a script to follow that worked for my low level of knowledge of OS X.
Let me first explain my setup and needs. I'm replacing a Windows Home Server (WHS) with the Mac Mini Server. My goal was to have the Mac Mini as the server holding all our photos, data, etc. and running a user account to run the family iTunes account to feed the Apple TV and be the backup / sync point for a family sized set of iPod Touches, iPads and iPhones. I want to be able to log into each mac and have the same information setting, links, etc........ basically walk around the house, find any mac shaped device not used by someone else, log in and carry on where I was before - with the MacBook Air having a portable account so it can come travelling with us.
The key hardware is...
Mac Mini Server running Snow Leopard 10.6.8
Apple TV
2 x iMac Running Lion 10.7.1 [upgraded from 10.6.8]
MacBook Air running Lion 10.7.1 [upgraded from 10.6.8]
Normal stuff like wifi, hubs and a router doing the DHCP (and for me reserving IP addresses based on the 'MAC Address' to save me having to manually configure all the IP addresses)
Key Resources I used as I learnt how to do this; to level set you all, I'm a relative newcomer to OS X having had a Windows life with Linux for fun, so i'm not a mac or IT specialist but like to play around.
Apple's podcast series 'Apple Quick Tour of Leopard Server' - this is great, it informed me and kept me motivated through all the bah moments, all 33 episodes and it's in the iTunes store as a podcast.
The book 'Mac OS X Snow Leopard Server For Dummies' - I bought this about half way through the whole process and wish i'd bought it earlier, my reccomendation would be get the Kindle version so you can search it for advice.
The excellent information on DNS from Hoffman Labs http://labs.hoffmanlabs.com/node/1436
The video 'Setting up a primary DNS zone.....' from Lynda.com on youtube http://www.youtube.com/watch?v=OOEgQY9oFK4
The Series of PDF document on Snow Leopard Server from Apple http://support.apple.com/manuals#mac%20os%20x%20server%20v10.6
And finally this excellent post from Joe Ferrante which was the core of what I used http://joeferrante.net/how-to-migrate-local-user-account-to-network-user-account -with-networked-home-folder-on-snow-leopard-server/
Right off we go....
Setting up the Server [this took me 6 goes to get it right as I learnt a little each time].
So i'm not going to go through this step by step because it in the 'dummies' book and the videos from Apple above and those will be better than anything I write but here's my details/advice.
I split the primary disc into 2 partitions using disk utility so I could reformat the operating system without moving my data.
100GB for the OS X system
400GB for user data
Install OS X from the DVD, press the buttons based on your desires but stop at the bit about naming you computer titled Network Names
READ UP ON DNS - this one of the reason I had so many goes as it was the 1st time i've set up a server like this using DNS and guessing didn't get me there.
If you don't have one buy a domain name for your network it make it much easier in the long run & is $10 well spent
The name needs to be [the computer name].[your domain name].[com or net or org, etc]
So if you want you computer to be called fred and you bought or have the domain location.com enter fred.location.com in the primary DNS name box
This shoud automatically put fred in the computer name box.
Follow along with the set up guide to finish
After you have finished the set up test the DNS with NSLOOKUP in a terminal window
nslookup fred.location.com in my example and you should get the IP
Add your servers IP address to the list of DNS servers in network preferences on the client mac.
Bind [link] the client computers to the server in Accounts on the client computer - I used the 'dummies' book for this but there's lots of data on the web.
Clean up the user profile on the client to reduce the size of the Home folder as much as possible or the data transfer is loooooooonnnnng - i also connect the iMac on a cable rather than wifi to speed it up.
Read Joe's post http://joeferrante.net/how-to-migrate-local-user-account-to-network-user-account -with-networked-home-folder-on-snow-leopard-server/ and follow along.useful info I learnt somewhere - to get the paths to the folders correct in the terminal window go to the folder in Finder and then drag it to the terminal window and let go - this will put the correct link in the instruction.
You now need to be on a terminal window on your server, with a finder window open and logged into the client as the user you are moving
THE CLIENT COMPUTER NEEDS TO BE LOGGED OUT or logged in as a different user than the one you're trying to move.
so when you're at the right point - type sudo cp -R then hit the space bar, drag the existing user folder onto the finder window, add the /* and hit space then find the users folder on the server and drag that onto the terminal window to complete the instruction.
Hit enter and wait a while assuming it starts ok - i used network traffic on the Activity Monitor utility to check if it was working.
If you got this far and it all worked - login to the profle you moved on any computer linked to the server or the server but not the original client computer to see if it worked and all your setting and data are intact and then delete the profile off the original client if it was ok [archiving the home directory took ages for me].
As you can probably guess most of this was good learning for me and it worked successfully for me in the end, moving all my history, saved password, etc, etc without any problems.
Hope this helps other in the same situation & feel free to expand or correct this if I've missed anything.
EdHi,
I was unable to access the Joe Ferrante information (it appears to now requrie a password and was not able to determine how a username and password were assigned) Would you happen to have a copy of the post that you refer to above?
I am still at the early stages of this process but am hoping that the steps you refer to are going to get me where I want to be. Your stated end goal is where I hope to get to.
Thanks,
Sean -
How to create a user in oracle.
how to create a user in oracle level.i know how to create from front end.can any body suggest.how to create oracle user from backend.
Thanks,
DaveHi,
We can use the 'hr_user_acct_internal.create_fnd_user' API to create the users. The sample code is as follows:
BEGIN
apps.hr_user_acct_internal.create_fnd_user
(p_user_name => 'XXX',
p_password => 'XXX',
p_employee_id => 1234(This is the person id from per_all_people_f),
p_user_id => x_user_id,
p_user_start_date => SYSDATE,
p_email_address => 'XXX',
p_description => 'XXX',
p_password_date => NULL
COMMIT;
END;
and to add the responsibility to the user, we can use the following code.
BEGIN
fnd_user_pkg.addresp
(username => 'XXX',
resp_app => user_res_rec.application_short_name,
resp_key => user_res_rec.responsibility_key,
security_group => 'STANDARD',
description => 'DESCRIPTION',
start_date => SYSDATE,
end_date => NULL
END
Best Regards
Arun Kumar S.R
Apps Associates -
How to find out user exits of t-code va03
hi all
how to find out user exits of any t-code .
regards
deepakHi Deepak,
<b>Try this code.</b>
*& Report Z_USEREXIT *
REPORT Z_USEREXIT
NO STANDARD PAGE HEADING.
*& Enter the transaction code that you want to search through in order
*& to find which Standard SAP User Exits exists.
*& Tables
TABLES : tstc, "SAP Transaction Codes
tadir, "Directory of Repository Objects
modsapt, "SAP Enhancements - Short Texts
modact, "Modifications
trdir, "System table TRDIR
tfdir, "Function Module
enlfdir, "Additional Attributes for Function Modules
tstct. "Transaction Code Texts
*& Variables
DATA : jtab LIKE tadir OCCURS 0 WITH HEADER LINE.
DATA : field1(30).
DATA : v_devclass LIKE tadir-devclass.
*& Selection Screen Parameters
SELECTION-SCREEN BEGIN OF BLOCK a01 WITH FRAME TITLE text-001.
SELECTION-SCREEN SKIP.
PARAMETERS : p_tcode LIKE tstc-tcode OBLIGATORY.
SELECTION-SCREEN SKIP.
SELECTION-SCREEN END OF BLOCK a01.
*& Start of main program
START-OF-SELECTION.
Validate Transaction Code
SELECT SINGLE * FROM tstc
WHERE tcode EQ p_tcode.
Find Repository Objects for transaction code
IF sy-subrc EQ 0.
SELECT SINGLE * FROM tadir
WHERE pgmid = 'R3TR'
AND object = 'PROG'
AND obj_name = tstc-pgmna.
MOVE : tadir-devclass TO v_devclass.
IF sy-subrc NE 0.
SELECT SINGLE * FROM trdir
WHERE name = tstc-pgmna.
IF trdir-subc EQ 'F'.
SELECT SINGLE * FROM tfdir
WHERE pname = tstc-pgmna.
SELECT SINGLE * FROM enlfdir
WHERE funcname = tfdir-funcname.
SELECT SINGLE * FROM tadir
WHERE pgmid = 'R3TR'
AND object = 'FUGR'
AND obj_name = enlfdir-area.
MOVE : tadir-devclass TO v_devclass.
ENDIF.
ENDIF.
Find SAP Modifactions
SELECT * FROM tadir
INTO TABLE jtab
WHERE pgmid = 'R3TR'
AND object = 'SMOD'
AND devclass = v_devclass.
SELECT SINGLE * FROM tstct
WHERE sprsl EQ sy-langu
AND tcode EQ p_tcode.
FORMAT COLOR COL_POSITIVE INTENSIFIED OFF.
WRITE:/(19) 'Transaction Code - ',
20(20) p_tcode,
45(50) tstct-ttext.
SKIP.
IF NOT jtab[] IS INITIAL.
WRITE:/(95) sy-uline.
FORMAT COLOR COL_HEADING INTENSIFIED ON.
WRITE:/1 sy-vline,
2 'Exit Name',
21 sy-vline ,
22 'Description',
95 sy-vline.
WRITE:/(95) sy-uline.
LOOP AT jtab.
SELECT SINGLE * FROM modsapt
WHERE sprsl = sy-langu AND
name = jtab-obj_name.
FORMAT COLOR COL_NORMAL INTENSIFIED OFF.
WRITE:/1 sy-vline,
2 jtab-obj_name HOTSPOT ON,
21 sy-vline ,
22 modsapt-modtext,
95 sy-vline.
ENDLOOP.
WRITE:/(95) sy-uline.
DESCRIBE TABLE jtab.
SKIP.
FORMAT COLOR COL_TOTAL INTENSIFIED ON.
WRITE:/ 'No of Exits:' , sy-tfill.
ELSE.
FORMAT COLOR COL_NEGATIVE INTENSIFIED ON.
WRITE:/(95) 'No User Exit exists'.
ENDIF.
ELSE.
FORMAT COLOR COL_NEGATIVE INTENSIFIED ON.
WRITE:/(95) 'Transaction Code Does Not Exist'.
ENDIF.
Take the user to SMOD for the Exit that was selected.
AT LINE-SELECTION.
GET CURSOR FIELD field1.
CHECK field1(4) EQ 'JTAB'.
SET PARAMETER ID 'MON' FIELD sy-lisel+1(10).
CALL TRANSACTION 'SMOD' AND SKIP FIRST SCREEN.
<b>plz reward points if helpful or if it solves ur query.</b>
Thanks
Chinmay -
How to find the user exit for a screen..
Hi,
plz help me how to find the user exit for a screen..?
Regards
AnbuHi,
check this program this will give you the list of user-exit and BADI for the perticular Tcode.
REPORT zuserexit_badi.
TABLES : tstc,
tadir,
modsapt,
modact,
trdir,
tfdir,
enlfdir,
sxs_attrt ,
tstct.
DATA : jtab LIKE tadir OCCURS 0 WITH HEADER LINE.
DATA : field1(30).
DATA : v_devclass LIKE tadir-devclass.
PARAMETERS : p_tcode LIKE tstc-tcode,
p_pgmna LIKE tstc-pgmna .
DATA wa_tadir TYPE tadir.
START-OF-SELECTION.
IF NOT p_tcode IS INITIAL.
SELECT SINGLE * FROM tstc WHERE tcode EQ p_tcode.
ELSEIF NOT p_pgmna IS INITIAL.
tstc-pgmna = p_pgmna.
ENDIF.
IF sy-subrc EQ 0.
SELECT SINGLE * FROM tadir
WHERE pgmid = 'R3TR'
AND object = 'PROG'
AND obj_name = tstc-pgmna.
MOVE : tadir-devclass TO v_devclass.
IF sy-subrc NE 0.
SELECT SINGLE * FROM trdir
WHERE name = tstc-pgmna.
IF trdir-subc EQ 'F'.
SELECT SINGLE * FROM tfdir
WHERE pname = tstc-pgmna.
SELECT SINGLE * FROM enlfdir
WHERE funcname = tfdir-funcname.
SELECT SINGLE * FROM tadir
WHERE pgmid = 'R3TR'
AND object = 'FUGR'
AND obj_name EQ enlfdir-area.
MOVE : tadir-devclass TO v_devclass.
ENDIF.
ENDIF.
SELECT * FROM tadir INTO TABLE jtab
WHERE pgmid = 'R3TR'
AND object IN ('SMOD', 'SXSD')
AND devclass = v_devclass.
SELECT SINGLE * FROM tstct
WHERE sprsl EQ sy-langu
AND tcode EQ p_tcode.
FORMAT COLOR COL_POSITIVE INTENSIFIED OFF.
WRITE:/(19) 'Transaction Code - ',
20(20) p_tcode,
45(50) tstct-ttext.
SKIP.
IF NOT jtab[] IS INITIAL.
WRITE:/(105) sy-uline.
FORMAT COLOR COL_HEADING INTENSIFIED ON.
Sorting the internal Table
SORT jtab BY object.
DATA : wf_txt(60) TYPE c,
wf_smod TYPE i ,
wf_badi TYPE i ,
wf_object2(30) TYPE c.
CLEAR : wf_smod, wf_badi , wf_object2.
Get the total SMOD.
LOOP AT jtab INTO wa_tadir.
AT FIRST.
FORMAT COLOR COL_HEADING INTENSIFIED ON.
WRITE:/1 sy-vline,
2 'Enhancement/ Business Add-in',
41 sy-vline ,
42 'Description',
105 sy-vline.
WRITE:/(105) sy-uline.
ENDAT.
CLEAR wf_txt.
AT NEW object.
IF wa_tadir-object = 'SMOD'.
wf_object2 = 'Enhancement' .
ELSEIF wa_tadir-object = 'SXSD'.
wf_object2 = ' Business Add-in'.
ENDIF.
FORMAT COLOR COL_GROUP INTENSIFIED ON.
WRITE:/1 sy-vline,
2 wf_object2,
105 sy-vline.
ENDAT.
CASE wa_tadir-object.
WHEN 'SMOD'.
wf_smod = wf_smod + 1.
SELECT SINGLE modtext INTO wf_txt
FROM modsapt
WHERE sprsl = sy-langu
AND name = wa_tadir-obj_name.
FORMAT COLOR COL_NORMAL INTENSIFIED OFF.
WHEN 'SXSD'.
For BADis
wf_badi = wf_badi + 1 .
SELECT SINGLE text INTO wf_txt
FROM sxs_attrt
WHERE sprsl = sy-langu
AND exit_name = wa_tadir-obj_name.
FORMAT COLOR COL_NORMAL INTENSIFIED ON.
ENDCASE.
WRITE:/1 sy-vline,
2 wa_tadir-obj_name HOTSPOT ON,
41 sy-vline ,
42 wf_txt,
105 sy-vline.
AT END OF object.
WRITE : /(105) sy-uline.
ENDAT.
ENDLOOP.
WRITE:/(105) sy-uline.
SKIP.
FORMAT COLOR COL_TOTAL INTENSIFIED ON.
WRITE:/ 'No.of Exits:' , wf_smod.
WRITE:/ 'No.of BADis:' , wf_badi.
ELSE.
FORMAT COLOR COL_NEGATIVE INTENSIFIED ON.
WRITE:/(105) 'No userexits or BADis exist'.
ENDIF.
ELSE.
FORMAT COLOR COL_NEGATIVE INTENSIFIED ON.
WRITE:/(105) 'Transaction does not exist'.
ENDIF.
AT LINE-SELECTION.
DATA : wf_object TYPE tadir-object.
CLEAR wf_object.
GET CURSOR FIELD field1.
CHECK field1(8) EQ 'WA_TADIR'.
READ TABLE jtab WITH KEY obj_name = sy-lisel+1(20).
MOVE jtab-object TO wf_object.
CASE wf_object.
WHEN 'SMOD'.
SET PARAMETER ID 'MON' FIELD sy-lisel+1(10).
CALL TRANSACTION 'SMOD' AND SKIP FIRST SCREEN.
WHEN 'SXSD'.
SET PARAMETER ID 'EXN' FIELD sy-lisel+1(20).
CALL TRANSACTION 'SE18' AND SKIP FIRST SCREEN.
ENDCASE.
Reagards,
Bharat. -
How to send a user defined parameter to a web form?
Hi,
I4m looking for a solution how to send a user defined parameter to a web form when I start the form from a html-page.
I think that it should work to add the parameter to the URL.
Example: I added myparam=myvalue at the end oft the URL
http://my.server.com:7777/f60cgi?form=myform.fmx&userid=scott/tiger@mydb&otherparams=useSDI=NO&lookAndFeel=generic&colorScheme=teal&myparam=myvalue
How can I fetch the parameter myparam in forms?You have the user the otherParams parameter, which you can specify in the formsweb.cfg file, or override on the url. e.g. http://myhost/servlet/f690servlet?config=myApp&otherParams=myParam=myValue
In the Forms Builder, in the Navigator window, there is a node called Parameters. Create one in there, and then you can refer to it like a block variable. e.g. if :myparam = 'myvalue' then...
At runtime, Forms will match up any parameters on the command with parameters defined in your form, and populate them for you. You don't have to do anything.
Regards,
Robin Zimmermann
Forms Product Management
Maybe you are looking for
-
SSRS 2008 R2 Calendar Control not working and report not refreshing on pressing enter in Chrome.
-
Safari won't refresh updated page
Altho' Explorer shows an updated page that I posted today, the same URL continues to show the former page in Safari. I emptied the Cache, Reset Safari and rebooted the computer but the same older page still shows up. Another page that I updated earli
-
Savs as and Print options to be restricted in Portal DMS
Hi experts, When the user opens a document in Portal DMS I need to restrict save option and print option. Is this possible if yes could you please give me the possible solution. Please help me in this waititng for your response. Regards, Shilpa.
-
I am unable to install Forms 11g on Vista 64 bit. I've applied all as Jan Carlin's suggested and had no success The installation fails on Create Domain. the installation basically timeout after 10 minutes or so with errors relating to Node Manager I'
-
My wife's black MacBook keyboard has suddenly stopped functioning correctly, it had slept overnight and had stopped working, no shutdowns or restarts. The 7 u j m and the ; ' keys are unresponsive in higher and lower case. I have tried resetting the