Skip navigation.

APPS Blogs

Database validation failed while applying EBS R12.2 application patch : Oracle Apps DBA Training : Patches

Online Apps DBA - Mon, 2015-07-27 13:12

This post is from our Oracle Apps DBA – R12 Training ( next batch starts on 8th Aug, 2015) where we cover installation, patching, cloning and other maintenance tasks. We also cover upgrade of Oracle E-Business Suite 12.2.0 to 12.2.4 to show how to apply patches and new patch process in Oracle Apps.

One of the trainee from previous batch encountered issue while applying EBS R12.2 application patches 19330775 and 20677045 where command used is highlighted below. The new utility to apply patch is adop (prior to 12.2 you apply patches using adpatch)

adop phase=apply patches=19330775,20677045 hotpatch=yes merge=yes

But patch was failing with error message like:

adop is not able to detect any valid application tier nodes in ADOP_VALID_NODES table. Ensure autoconfig is run on all nodes.

So we run autoconfig (there is dedciated topic on Autoconfig in our Oracle Apps/R12 DBA Training) on both Apps Tier & DB Tier by using below commands

  1. Stop the application tier and Database tier
  2.  Autoconfig on Database tier
    a) Source the Oracle Database env
    b) cd $ORACLE_HOME/appsutil/scripts/$CONTEXT_NAME
    c) sh adautocfg.sh
    (Check the autoconfig logfiles for any error at $ORACLE_HOME/appsutil/log/$CONTEXT_NAME)
  3. Autoconfig on Apps Tier
    a) Please source the APPS environment
    b) cd $ADMIN_SCRIPTS_HOME
    c) sh adautocfg.sh

After running autoconfig on both the tiers, we again run the command to apply the patch. This time patch failed to execute some SQL statements and showing below error messages:

[Error]  Failed to execute SQL statement :

declare

    l_msg varchar2(4000);

 begin

    ad_zd_adop.adop_database_validations(l_msg);

    dbms_output.put_line(l_msg);

end;

[Error]                   Error Message :

[UNEXPECTED] Error occurred while performing database validations

blog

Solution:

To fix this issue, apply database patch 17693770 as per the instructions mentioned in Readme.

After applying 17693770 patch on database tier, issue got resolved and we were able to apply the patches successfully.

You can learn more from our expert team by registering to Oracle Apps DBA Training (next batch starts 8th Aug 2015- register early before 30th July to get 100 USD OFF)

K21 Technologies provide Full Money back Guarantee (If you are not happy after 2 sessions then you can ask for Full Money Back )

For further details and registration check

http://k21technologies.com/oracle-apps-dba-training

The post Database validation failed while applying EBS R12.2 application patch : Oracle Apps DBA Training : Patches appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

Mechanism level: GSSHeader did not find the right tag,Error when accessing OAM WNA resources

Online Apps DBA - Wed, 2015-07-22 01:04

Hi All,

After long gap I’m start writing blogs and I’m feeling for that.

Today I have faced login issue in WNA setup environment.

Requirement is user would need to login via WNA fallback authentication and access to the OAM WNA protected resources but it login request landed into error page “Account locked or disabled”.

From oam-server1.out logs

Note: If you are not able to see below then you should enable Kerberos trace level.

 <Jul 21, 2015 6:27:52 PM AEST> <Error> <oracle.oam.plugin> <BEA-000000> <Defective token detected (Mechanism level: GSSHeader did not find the right tag) GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag)         at sun.security.jgss.GSSHeader.<init>(GSSHeader.java:80)         at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:287)         at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:267)         at oracle.security.am.plugin.authn.SPNEGOLoginModule$1.run(SPNEGOLoginModule.java:139)         at javax.security.auth.Subject.doAs(Subject.java:394)         at oracle.security.am.plugin.authn.SPNEGOLoginModule.login(SPNEGOLoginModule.java:124)         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) Normally this issue appears to be that something different from a Kerberos or NTLM token is being sent by the Microsoft IE browser client machine.

OAM only accepts Kerberos or NTLM tokens for now.

We noticed browser was sending the following token when accessing in company network domain.

And it keeps sending this similar like “Authorization: Negotiate” string over and over.

Authorization: Negotiate

YIGeBgYrBgEFBQKggZMwgZCgGjAYBgorBgEEAYI3AgIeBgorBgEEAYI3AgIKonIEcE5FR09FWFRTAA

AAAAAAAABgAAAAcAAAAByYkcFlDJDJ1CLBKiPp1EHAWr1ZstiFepuJLBr7EduFitBaRa45+4nQ/AGW

5Jf/GwAAAAAAAAAAYAAAAAEAAAAAAAAAAAAAAEVyfDIyRYtIv9kqa6BepAo=

This is not a standard NTLM value, as normally when we review the headers we would expect to see either:

Authorization: Negotiate TlRMTVNTUAABAAA…. (NTLM)

Authorization: Negotiate YIIGeAYGK…(Kerberos)

then this will still not work for OAM WAN Fallback, since the token received by OAM Server is NOT an NTLM token like, but appears to be more related to a NEGOEXTS token, which the Windows 7 clients sometimes send.

So, the token was not sent correctly by the browser to OAM server.

Cause:

On the UNIX host, use kinit on your user account and use klist to verify that you have a ticket to the HTTP/DOMAIN.NAME@REALM.NAME principal or not.

In our cause we have encountered below exception

kinit(v5): Client not found in Kerberos database while getting initial credentials

We have found a DNS issue for application OAM hostname. OAM VIP host name was resolving to different hostname and Keytab was created based on VIP hostname not actual hostname different and frontend host which is critical specially for creating a keytab

Solution:

Re-generated the keytab for DNS resolve hostname as follow

ktpass -princ HTTP/DOMAIN.NAME@REALM.NAME

-mapuser aurdev\srv-oam-iap1 -pass <Password> -out master.keytab -kvno 0

 

Copy the new keytab into <Oracle Home>/server/config/ and restart OAM server.

Hope above information helped you to get out of the issues.

The post Mechanism level: GSSHeader did not find the right tag,Error when accessing OAM WNA resources appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

Oracle Supply Chain Management Cloud

OracleApps Epicenter - Thu, 2015-07-16 06:11
Cloud = Service-based computing model providing self-service, elasticity, shared resources, and pay-as-you-go New cloud computing technologies are enabling breakthrough innovations in supply chain management (SCM) applications delivered via software as a service (SaaS) models. To help companies support their complete quote-to-cash process in the Cloud, Oracle has expanded the Oracle Supply Chain Management Cloud with […]
Categories: APPS Blogs

How to become/learn Oracle Apps DBA R12.2 : Part I

Online Apps DBA - Wed, 2015-07-15 16:10

I started this blog 9 years back with first post as How to become Oracle Apps DBA (back then it was 11i) and with 225 comments, this is still the most common question I get in mail or on this blog.

We are starting our new batch for Oracle Apps DBA training (R12.2) from August 8, 2015 and first thing we cover is Architecture of Oracle E-Business Suite.  If you are learning (getting trained) on Oracle E-Business Suite on your own then first thing you should learn is Architecture of Oracle Apps.

As shown below Oracle E-Business suite is Three Tier Architecture

a) Database Tier : With Oracle Database where data resides
b) Application Tier : With Application & Web Server where business logic resides
c) Client Tier : browser based client from where end user access application

apps_architecture

 

Note: Till Oracle E-Business Suite R12.1 (prior versions include 12.0 & 11i), Application Tier uses 10g Application Server (or 9 for some versions of 11i). From Oracle E-Business Suite 12.2 onwards Application Tier is deployed on Oracle WebLogic Server as application Server.

 

applicationTierArchitecture

You can get more information on Architecture of Oracle E-Business Suite in Concepts Guide or learn it from our expert team by registering to Oracle Apps DBA Training (starting on 8th August) where Day1 covers

Architecture and File System
  • Architecture of R12.2
  • Changes in Oracle Apps from previous version
  • Requirement/Hardware Sizing Guidelines
  • File System Overview
  • Benefit of New Architecture
  • File System including Changes from previous version
Architecture and File System (Lab Activity)
  • Provide one working instance of R12.2 to the Trainee with Front end and backend access
  • Get comfortable with the Terminology/File system/Environment Variables
  • Understand the Architecture via Navigation

 

Get 200 USD off by registering before 20th July and use code A2OFF at time of checkout (We limit seats per batch to register early to avoid disappointment).

 

Previous in series Related Posts for 12.2 New Features
  1. ADOP : Online Patching in Oracle Apps (E-Business Suite) R12 12.2 : Apps DBA’s Must Read
  2. How to become/learn Oracle Apps DBA R12.2 : Part I

The post How to become/learn Oracle Apps DBA R12.2 : Part I appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

Introduction to Order Management Cloud Service -Welcome to the future with Oracle

OracleApps Epicenter - Mon, 2015-07-13 10:10
In Release 10, there is a new product called Oracle Order Management Cloud Service. This is an application available on Oracle cloud as a service to enable quote to cash process flow. This Module is typically used to designed toimprove order execution across quote to cash process. It includes predefined integrations, centrally-managed orchestration policies, fulfillment […]
Categories: APPS Blogs

What is Oracle Mobile Cloud Service (MCS)?

OracleApps Epicenter - Mon, 2015-07-13 00:00
  Oracle Mobile Cloud Service MCS is a cloud-based service that provides a unified hub for developing, deploying, maintaining, monitoring, and analyzing your mobile apps and the resources that they rely on. Oracle Mobile Cloud Service provides everything you need to build out your enterprise mobile strategy using innovative, state-of-the-art tools. With Oracle Mobile Cloud […]
Categories: APPS Blogs

Oracle Integration Cloud Service

OracleApps Epicenter - Sat, 2015-07-11 07:27
Do you know , Oracle Integration Cloud Service (ICS) is a simple and powerful integration platform in the cloud to maximize the value of your investments in SaaS and on-premise applications. Oracle Integration Cloud Service lets you connect to both cloud and on-premises applications, and is fully integrated with other Oracle Cloud offerings. UNDERSTAND THE […]
Categories: APPS Blogs

About BYOE – Bring Your Own Encryption

OracleApps Epicenter - Fri, 2015-07-10 08:14
BYOE aka Bring your own encryption is a security model that gives cloud customers complete control over the encryption of their data by allowing them to deploy a visualized instance of their own encryption software in tandem with the application they are hosting in the cloud. BYOE can help an organization that wishes to take […]
Categories: APPS Blogs

Learn Oracle Apps DBA (R12) with us:Training Starts on 8th of August

Online Apps DBA - Thu, 2015-07-09 05:40
Everyone having a similar question in mind when they are freshers or are into the same field same domain for years together that which technology we should learn which should be innovative, long running, having some sort of creative touch, and my answer to all those Tech geeks or would be tech geeks is – Oracle Technologies. Oracle from last few years (will not go beyond that !!!) has developed in such a fast pace that you cannot ignore it. When there are lots of development activities goes on and Go Live of the Projects, Testing then there is one Crucial member in the Company/Team who (usually gets ignore ;-)) manages all the environment and give optimise environment to perform all those things : Apps DBA. Apps DBA is combination of Oracle DBA and Oracle Applications- Double Power. Apps DBA is the first entry towards the Big technology which oracle has developed. Oracle Application licenses are increasing every year and all these company are looking for Good Apps DBA who has understanding, knowledge and one of the most important Learning Attitude, to do experiment (of course not on PROD!!!). Who can learn Apps DBA ? Logically if I want to answer. Here is the list
  • All the Freshers, Newbies or may be who want to enter Oracle Applications Area.
  • Who is into Core DBA from years and want new technology to learn.
Apps DBA requirement is not only conceptual but practical as well. As much as you make your hands dirty your leaning grows many folds. When I was at your stage I always search for such institute or training which gives more practical stuff, real time scenarios but was not able to get it, keeping that in mind K21 Technologies is starting Apps DBA Training of R12 from 8th Aug-2015. More Practical oriented, Dedicated instance to play around, mini projects, Support. Apps DBA is a gateway to enter Oracle Technologies and you can move further with many feathers like Fusion Middleware ,Fusion Applications, SOA etc. What topics I should learn to become Apps DBA To start with you should start with Architecture, Installation, Patching, Cloning, changing Schema Password, backup & recovery. We cover this all including hands-on where you do all these using our step by step instructions on our Server. Who ever wants to learn please get enrolled soon as seats are limited. K21 focus on Quality Training with Full Money back Guarantee (If you are not happy after 2 sessions then you can ask for Full Money Back )

For further details check

http://k21technologies.com/oracle-apps-dba-training

The post Learn Oracle Apps DBA (R12) with us:Training Starts on 8th of August appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

Installation steps of JDK 7 for Linux for Oracle Fusion Middleware

Online Apps DBA - Sun, 2015-07-05 14:40

This post covers procedure installs the Java Development Kit (JDK) for 64-bit RPM-based Linux platforms, such as Red Hat and SuSE, using an RPM. This post is from our Oracle Fusion Middleware (FMW) or Oracle Access Manager (OAM) training where we provide dedicated machine to trainees to practice but if you need to install similar setup on your local machine (We use Oracle Virtual Box with Oracle Linux 5.5 ).

You must be login as root user to install  this installation (Assumption is that you are installing JDK on 64 bit Linux)

1. Download the JDK software from here (jdk-7u60-linux-64.rpm)

new

2. The installation process should be carried out with the “root” user.

su – root

when prompted for password, enter the root password.

3. Navigate to the directory where your JDK software is downloaded

cd /stage/oracle/jdk

4. Install the package  using the command : rpm -ivh <package_name>

rpm -ivh  jdk-7u60-linux-x64.rpm

Note: This step will install JDK 1.7 under /usr/java/jdk1.7.0_60

5. To verify the version of java, navigate to the directory /usr/java/jdk1.7.0_60/bin and check javac and java versions. The version should be the latest installed JDK version.

Note: JDK is default installed under the directory /usr/java/jdk1.7.0_60

cd /usr/java/jdk1.7.0_60/bin

./java -version

jdk

 

6. Delete the .rpm file if you want to save disk space.

7. Exit the root shell. No need to reboot.

 

Reference:

 

If you are part of our training program and have not yet registered for closed Facebook Group then send request and post any technical queries.

 

 

 

Related Posts for Fusion Middleware
  1. Installation steps of JDK 7 for Linux for Oracle Fusion Middleware

The post Installation steps of JDK 7 for Linux for Oracle Fusion Middleware appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

WebLogic Server (FMW) : Generating Thread Dumps using OS commands

Online Apps DBA - Fri, 2015-07-03 03:33

This post is coming from our Oracle Fusion Middleware Training where we cover Oracle WebLogic Server on Day1 . One of the performance issue that commonly encountered in poorly written application (or on not so performant Fusion Middleware infrastructure) is Stuck Threads.

Stuck Threads in WebLogic Server means a thread performing the same request for a very long time and more than the configurable Stuck Thread Max Time in WebLogic .

Thread dumps are diagnosis information that is used to analyse and troubleshoot performance related issues such as server hangs, deadlocks, slow running, idle or stuck applications etc.

How to generate Thread dumps?
In this post, I will walk you through the steps to generate Thread dumps of a server using operating system (O.S.) commands.

1. Start the server from command line script (using nohup). Let us take managed server as an example for which we need to generate the thread dumps so start the server using script as shown below.
cd $DOMAIN_HOME/bin
nohup ./startManagedWeblogic.sh <Server_name> &

2. Now identify the PID (java Process ID) for the managed server using the below command:
ps auxwww | grep –i java | grep –i <server_name> (This command is for Solaris)

3. Now run the below command to create the thread dump.
kill -3 <PID>

(This will send a signal to the process whose dump we require. This signal causes the Java Virtual Machine to generate a stack trace of the process.)

This command will create thread dump in the nohup.out file (where we started the managed server)

4. Open the nohup.out file to see generated thread dumps:

References

Related Posts for WebLogic/FMW
  1. WebLogic Server (FMW) : Generating Thread Dumps using OS commands

The post WebLogic Server (FMW) : Generating Thread Dumps using OS commands appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

A week with Apple Watch: From Cynic to Believer

David Haimes - Wed, 2015-07-01 08:50

I had convinced myself the Apple Watch was an overpriced fitness band and that it wasn’t for me and was set to get a Garmin to track my running instead.  Then out of the blue I was given an Apple Watch.  So you can certainly put me down as a cynic, but I certainly like to think I am open minded, so here are my thoughts after a week with the watch.

The experience of getting it set up was surprisingly frustrating, I had to upgrade my phone to iOS 8 before I could activate the watch and that meant deleting things to free a few Gb of memory (to upgrade my Operating System, really?).  So everything had to wait until after I got home and backed up my phone.

First I got this rather cool visual on my watch to scan with the phone and then it was paired and I got this screen telling me the model that I had bought.  OK so I still could not get the time from this watch and I have had the thing all day, I’m getting a little impatient at this point.

watch pairingwatch pairing 2

After waiting about 5 minutes for it to synch, suddenly a load of my apps, including my email, texts, calendar, twitter fitness apps and more are available on my watch.  This is about to get interesting.

The first thing I noticed is that it is actually really easy to ready and see at a glance the notifications that are sent to your watch, such as Calendar reminders, text messages and Oracle Social Network updates (glad to see we are quick to the new platform with our own mobile apps).  This is good for me, I get a lot of these alerts and I found a glance at my wrist was much nicer than pulling out my phone and unlocking it and starting at it.  This sounds like a very small thing, but it is these small improvements in frequent interactions that make for a great user experience.  I also agree with Jeremy Ashley about the huge value in being able to retain eye contact, notifications on my watch are far less obtrusive and the glance at my wrist it is a great experience.

So I wanted to try using it for some different things so I decided to test out text messages first, a quick SMS to respond to my wife’s text ‘ETA?’ to let her know what time I am planning to get home.

My wife and I prefer very efficient communications.

My wife and I prefer very efficient communications.

So I tap once on that nice Reply button

IMG_0027

I can now either pick from a set of pre-defined responses and they would be sent without any other interaction from me. However I like the personal touch, this is my wife after all, so I decide I will click on the microphone icon to dictate a response.  I speak in my answer and see the sound wave at the bottom and the text comes up perfectly first time.

IMG_0028

So now I click done and get a really option to either send the audio or to just tap on the text and send that.  This is a great feature if maybe the voice to text didn’t work properly and I don’t want to waste time correcting it or speaking it again.

IMG_0021

After tapping on the text I am now done.  The whole interaction was very fast and felt very natural.  At this point I am really starting to like the Apple Watch.  In the next few days I try driving directions, twitter, my calendar, a variety of fitness apps and more and pretty much across the board I find the interactions are natural and quick and the fact I have to pull out my phone less is a much bigger deal than I expected.  I find I can glance down at my watch see a text or meeting reminder and carry on a conversation in a way that was not really possible if I had to pull my phone out.  The one app I haven’t yet mentioned is the time, I haven’t worn a watch for over 10 years and I have realized in the last week it’s much easier to glance at my wrist than to pull out my phone – who knew?


Categories: APPS Blogs

Basics of Patching in Oracle Apps (adpatch)

Online Apps DBA - Mon, 2015-06-29 15:09

 

Whenever a patch request comes in the first and foremost thing which has to be done by an Oracle apps DBA is to look into existing system, if the patch exists. We can query ad_bugs.login to sqlplus with apps user and fire the below command.

SQL> select bug_number,creation_date from apps.ad_bugs where bug_number in (‘&bug_number’);

 

Enter the patch number and if you see any rows, it means the patch is in the system already and you can go ahead and tell the business that patch already exists. You will see something like this.

But if you see no rows returned, then you have to set the ball rolling. Now you will have to perform the patch analysis of requested patch.

The next step would be to login to Oracle support with your credentials and open the README of the patch, There would be a pre-requisite section which would state that if there is any prerequisite of this patch which has to be applied. Now if you see a prerequisite then you will have to open the REDAME of that patch and check the prerequisite of that patch and this process goes on till there is no prerequisite.

From my personal experience I would suggest to prepare a template like below to do the analysis of the patch.

Now lets understand the example given above, the main patch requested in 123456, this patch has a pre-requisite 67890 and 67890 has a pre-requisite 8585858 and this has a pre-requisite 8686868.

So to apply the main patch we have to

a) First apply 8686868 and
b) Then 8585858 and
c) Then 67890 and then the main patch.

So now you will send this analysis back to your business and you will request for the downtime. Now downtime is calculated on the basis of your experience.

I assume that you have received the confirmation from the business to apply the patch. Download the patch in your patch top directory and unzip the file. After unzipping you will see a driver file like u123456.drv. When you will run adpatch (in 12.1) from this location it will ask you the name of the driver file and you have to give u123456.drv.

Now something about file systems, There are basically two types

1)Shared file systems
2)Distributed file systems

In my environment, I have shared file system and there are multiple web nodes. So in case of shared file system patches have to be applied on one node only since it is shared file system.

So let us assume that we have 3 application nodes and Non RAC DB server and also the patch is available only in American English and there are no other languages installed on the application.

Steps for patching (EBS 12.1) would be

  • Shut down the application on all the 3 nodes by logging into each node separately.
  • From adadmin put the application into maintenance mode
  • Take the count of invalids by logging to sql plus with apps user
  • Use adpatch to apply patches to the application.

 

  • Again check the count of invalid objects in database and compare with pre-patch application invalid count.
  • From adadmin disable the maintenance mode
  • Start the application on all the 3 nodes

Please don’t forget that for any operation to take place in the app, DB has to be up and running.

 

Please note that before doing any kind of patching activity, ask the unix team to perform the backup of the file systems because we can’t roll back the patch applied using adpatch

 

We will discuss more about patching in my next blog. Any comments or queries then post here

Related Posts for R12 Patches
  1. Basics of Patching in Oracle Apps (adpatch)

The post Basics of Patching in Oracle Apps (adpatch) appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

OAM Training (4th July) : EBS & AD Integration : 11gR2 PS3 Launch

Online Apps DBA - Sun, 2015-06-28 01:43

We announced OAM Training on 4th of July (only 3 seats left) and since our announcement lot of you asked what integration we are going to cover.  Looking at kind of queries we received, I though its worth posting here. We are going to cover

  • Oracle E-Business Suite (R12 – 12.1) integration with Oracle Access Manager
  • Microsoft Active Directory (AD)/Windows Native Authentication (WNA) integration with Oracle Access Manager (OAM) for Zero Single Sign-On.

Register here for Oracle Access Manager Training (100 USD off if you register before 1st July, last 3 seats before we close registration)

 

Oracle announced OAM 11gR2 PS3 in May 2013, register here for Technical Update on OAM 11gR2 PS3.

Related Posts for Oracle Access Manager
  1. OAM Training (4th July) : EBS & AD Integration : 11gR2 PS3 Launch

The post OAM Training (4th July) : EBS & AD Integration : 11gR2 PS3 Launch appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

Moved to new/better blog Feeds via eMail

Online Apps DBA - Mon, 2015-06-22 18:21

Screen shot 2015-06-23 at 01.12.28

.

If you subscribed to our blog onlineAppsDBA (using RSS feed) prior to April 2015 then from today you will receive email for new posts via new/better email service provider.

Emails for new post will come from email ID contactus[@]k21technologies.com and subject as [New Post] … and will look like image above.

Note: Ensure that you add email address contactus[@]k21technologies.com as safe sender list.

The post Moved to new/better blog Feeds via eMail appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

Server refused public-key signature despite accepting key!

Vikram Das - Mon, 2015-06-22 11:23
A new SFTP connection was not working, even though everything looked fine:

1. Permissions were correct on directories:
chmod go-w $HOME/
chmod 700 $HOME/.ssh
chmod 600 $HOME/.ssh/authorized_keys
chmod 600 $HOME/.ssh/id_rsa
chmod 644 $HOME/.ssh/id_rsa.pub
chmod 644 $HOME/.ssh/known_hosts

2. Keys were correctly placed
However, it still asked for password, whenever SFTP connection was done:
Using username "sftpuser".Authenticating with public key "rsa-key-20150214"Server refused public-key signature despite accepting key!Using keyboard-interactive authentication.Password:
I tried various things, none worked and I eventually went back to my notes for SFTP troubleshooting:
1. Correct Permissionschmod go-w $HOME/chmod 700 $HOME/.sshchmod 600 $HOME/.ssh/authorized_keyschmod 600 $HOME/.ssh/id_rsachmod 644 $HOME/.ssh/id_rsa.pubchmod 644 $HOME/.ssh/known_hosts
2. Make sure the owner:group on the directories and files is correct:
ls -ld  $HOME/ls -ld  $HOME/.sshls -ltr $HOME/.ssh
3. Login as root
chown user:group $HOME chown user:group $HOME/.sshchown user:group $HOME/.ssh/authorized_keyschown user:group $HOME/.ssh/id_rsachown user:group $HOME/.ssh/id_rsa.pubchown user:group $HOME/.ssh/known_hosts
4. Check for user entries in /etc/passwd and /etc/shadow
5. grep user /etc/shadow
When I did the 5th step, I found that /etc/shadow entry for the user didn't exist.  So I did these steps:
chmod 600 /etc/shadowvi /etc/shadowInsert this new line at the endsftpuser:UP:::::::Save Filechmod 400 /etc/shadow
It started working after that.
Categories: APPS Blogs

Is OAM alone enough or should I also learn OIM/SOA for Apps DBA ?

Online Apps DBA - Thu, 2015-06-18 14:49

We recently launched Oracle Access Manager Training (next batch starting on 6th July), one question that I’ve seen quite regularly is “I am an Oracle Apps DBA and learning OAM alone (without OIM/SOA and WebLogic) with Apps DBA will give me better opportunity or is it required to learn entire Identity Management Suite

Since OAM/OIM is very close to my heart (I wrote my first book on this topic) and I meet lot of Apps DBAs with similar question, I thought I should cover this question here .

Before I answer this question, let me first explain about OAM/OAM/SOA and other IAM products. Oracle Access Manager is recommended Web Single Sign-On product from Oracle Identity & Access Management Suite where other products include OIM, OID, OUD, OVD, OES, OMS, OAAM, OES, eSSO etc

Oracle Identity Manager is identity provisioning and management product that uses Oracle SOA Suite for approval based workflows and as Orchestration engine.

OAM and OIM products can be implemented independently and if you need just Single Sign-On (or Access Management) then Oracle Identity Manager (OIM) is not required . If you are using Oracle E-Business Suite (App R12) and just require SSO integration with Microsoft Active Directory (MS-AD)/Windows Native Authentication or with other oracle products like OBIEE, WebCenter etc then OIM/SOA is not required.

Having said that, it is better to know more so learning OIM will definitely help but I always believe in starting with small (keep things simple). I learnt OAM (Oblix that time) in 2003 and started OIM (Xelleterate at that time) 2 years later in 2005.

 

Note: OAM is deployed on WebLogic Server so basic WebLogic Concepts must also be learnt as part of OAM hence we cover WebLogic Domain, Admin/Managed Servers, Pack/Unpack, JDBC etc in our OAM 11gR2 Training/Workshop .

Tip for Apps DBAs to get better day rate/bigger role : Learn OAM and integrate EBS (R12) with OAM for Single Sign-On .

Having any doubt on what topics to learn then check what our OAM experts have to say  or leave a comment here for any other query .

Previous in series Related Posts for Access Manager
  1. Integration Steps – 10g AS with OAM (COREid)
  2. OAS – OAM (Access Manager / Oblix COREid) Integration Architecture
  3. Oblix COREid and Oracle Identity Management
  4. Installing Oracle Access Manager (Oblix COREid / Netpoint)
  5. Oracle Access Manager (Oblix COREid) 10.1.4.2 Upgrade
  6. Access Manager: WebGate Request Flow
  7. Introduction to Oracle Access manager : Identity and Access System – WebPass , Webgate, Policy Manager
  8. Certified Directory Server (AD, OID, Tivoli, Novell, Sun or OVD) and their version with Oracle Access Manager
  9. Install Oracle Access Manager (OAM) 10.1.4.3 Identity Server, WebPass, Policy Manager, Access Server, WebGate
  10. Multi-Language or multi-lingual Support/Documentation for Oracle Access Manager (OAM)
  11. OAM Policy Manager Setup Issue “Error in setting Policy Domain Root” : OAM with AD and Dynamic Auxiliary Class
  12. OAM 10.1.4.3 Installation Part II – Indentity Server Installation
  13. OAMCFGTOOL : OAM Configuration Tool for Fusion Middleware 11g (SOA/WebCenter) Integration with OAM
  14. Oracle Access Manager Installation Part III : Install WebPass
  15. OAM : Access Server Service Missing when installing Access Manager with ADSI for AD on Windows
  16. OAM : Create User Identity – You do not have sufficient rights : Create User Workflow
  17. Password Policy in Oracle Access Manager #OAM
  18. Changes in Oracle Access Manager 11g R1 (11.1.1.3)
  19. Agents in OAM 11g (WebGate 10g/11g, OSSO/mod_osso, AccessGate IDM Domain agent) aka PEP (Policy Enforcement Points)
  20. How to install Patches in Oracle Access Manager 10g : Bundle Patch / BPXX
  21. Session Management in #OAM 11g : SME , Idle Timeout, Session Lifetime
  22. Part IX : Install OAM Agent – 11g WebGate with OAM 11g
  23. How to integrate OAM 11g with OID 11g for User/Identity Store
  24. How to install Bundle Patch (BP) on OAM 11.1.1.3 – BP02 (10368022) OAM 11.1.1.3.2
  25. Error starting OAM on IBM AIX : AMInitServlet : failed to preload on startup oam java. lang. Exception InInitializer Error
  26. OAMCFG-60024 The LDAP operation failed. OAMCFG-60014 Oracle Access Manager is not configured with this directory
  27. How to Edit (create, delete, modify) Identity Store of OAM 11g from command line (WLST) – editUserIdentityStoreConfig
  28. OAM WebGate Registration RREG – Resource URL format is not valid
  29. Blank Screen on OAM 10g Identity Server Console : /identity/oblix
  30. Oracle 10g/11g webgate software download location
  31. How to find Webgate 10g/11g Version and Patches Applied
  32. OAM integration with OIF : Authentication Engine or Service Provider
  33. OAM 11g integration with Microsoft Windows Active Directory (WNA, IWA, Kerberos) for Zero Sign-On
  34. OAM 11g : How to change Security Mode (OPEN, SIMPLE, CERT) – WebGate to Access Server Communication
  35. Forgot Password link on OAM Login Page
  36. OIM-OAM-OAAM integration – Account Lockout in OAM obLoginTryCount , oblockouttime, MaxRetryLimit
  37. How to identify which LDAP (OID/AD/OVD) server OAM 11g connects to and as what user ?
  38. OAM 10g WebGate installation failed with Sorry Invalid User or Invalid Group
  39. Beware if you are running OAM in SIMPLE mode with 10g WebGate : Oracle AccessGate API is not initialized
  40. Troubleshooting : 11g WebGate with OHS 11g integrated with OAM 11g : OBWebGate_AuthnAndAuthz: Oracle AccessGate API is not initialized
  41. Deploying OAM in high availability across data centres in Active Active cluster : New Feature in OAM 11gR2 PS2
  42. New OAMConsole in OAM 11gR2 PS2 : Enabling Federation, STS, Mobile & Social in Oracle Access Management Suite 11.1.2.2
  43. OAM/WebGate troubleshooting : WebGate on Apache/OHS Unable to read the configuration file
  44. Is OAM alone enough or should I also learn OIM/SOA for Apps DBA ?

The post Is OAM alone enough or should I also learn OIM/SOA for Apps DBA ? appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

How to learn Oracle Access Manager (OAM) 11gR2

Online Apps DBA - Wed, 2015-06-17 12:57

Screen shot 2015-06-17 at 00.38.01

Identity Management Jobs have grown exponentially (specially in last one year) and Oracle is among Leader in Gartner’s Magic Quadrant for IAM. In this post I am going to cover how to learn Oracle Access Manager and things you should learn for Oracle Access Manager (OAM).

What is Oracle Access Manager : If you don’t know already Oracle Access Manager (OAM) is Oracle’s recommended Single Sign-On (SSO) solution for Web Access Management.

Why should you learn OAM : Single Sign-On and Web Access Management is very important for securing applications. With Cloud bases SAAS applications, it is more important for enterprises to implement federated Sign-On (Federation is now part of OAM in 11gR2 version). Oracle Access Manager (OAM) is also mandatory in Oracle Fusion Applications.

What roles are available for OAM : You can be an OAM Architect, Administrator, Implementor, or Developer.

What should I learn in OAM : For all the OAM roles, you should have fair understanding of Architecture, Component, and functionality of OAM. If you are an Architect, Administrator or Implementor then you also know Installation, Configuration, Integration , High Availability & Disaster Recovery setup.  If you are developer then you should be able to write authentication modules, policies , custom login pages etc.

Where can I learn OAM : If you prefer self learning then you can refer to Oracle’s Documentation on OAM or attend Oracle University Course (costs 4200 USD) or attend our Online Live Training on OAM (costs 997 USD) – next batch starts on 4th July (We provide Full Money back guarantee for 7 Days) .

What topics should I look in OAM Training :  To start with , you should learn minimum

  • Architecture of Oracle Access Manager (OAM)
  • Overview of WebLogic Server and Fusion Middleware
  • Overview of Oracle Identity & Access Management (OAM, OIM, OID, OUD, OAAM, OES..)
  • Installation & Configuration of OAM
  • Install & Configuration of OHS & WebGates
  • Migration of OSSO 10g to OAM 11g
  • Authentication & Authorization policies in OAM
  • Protecting resources using SSO
  • OAM Integration with LDAP Server (OID or OUD)
  • Deploying OAM in High Availability
  • Common Integration Scenarios for OAM
  • Overview of Oracle Identity

 

I am Oracle Apps DBA /DBA should I also learn OAM : Yes, you should learn Oracle Access Manager (OAM) as Apps DBAs with OAM experience earn 25-40% more. Single Sign-On is quite common these days and with Oracle Fusion Applications (OAM is mandatory in Fusion Apps), it is important that you learn Oracle Access Manager (OAM).

I still have some more queries related to OAM : Contact our OAM experts for any query related to OAM training requirements or post a comment here .

 

Register for our Online Live Training on OAM (costs 997 USD) –batch starts on 4th July, register early to avoid disappointment as seats are limited  (Our Oracle Fusion Middleware Course was sold out long before start date)

 

Related Posts for Oracle Access Manager
  1. How to learn Oracle Access Manager (OAM) 11gR2

The post How to learn Oracle Access Manager (OAM) 11gR2 appeared first on Oracle : Design, Implement & Maintain.

Categories: APPS Blogs

Where is my attachment??

OracleApps Epicenter - Mon, 2015-06-08 23:46
Where are attachments stored?   Whenever user upload a file from say transaction workbench, where will this file be store on the database? Also is there any physical file directory specific? We need to know where does Oracle store an attachment? In any of the FND application tables or in a file system?? How to […]
Categories: APPS Blogs

Accounting Flexfield Change: Can we change the value set of a segment(same size)

OracleApps Epicenter - Mon, 2015-06-08 23:46
We need to change the value set of one of the segments of our Accounting Flexfield. The new value set is of the same size. I need to know if that is allowed by Oracle Support. I read some articles where it says value set should not be changed if the max size is different. […]
Categories: APPS Blogs