Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out

Installing Oracle 10giAS on HP UNIX

VIEWS: 13 PAGES: 122

									10g AS & 11E-Business Suite
        Integration
       Technical Reference
     Adnan Siddiqui – WHITTMANHART
                          Oct 21, 2005
                  NCOAUG Conference
Build 2.2
• Section 1: Overview
• Section 2: Features and Supported
    Architectures
•   Section 3: Current Build Version
•   Section 4: Before You Begin
•   Section 5: Pre-Install Tasks
•   Section 6: Implement Single Sign-On Support for
    the E-Business Suite
•   Section 7: Configure Oracle Portal 10g with the
    E-Business Suite

                   Prepared by: Adnan Siddiqui    2
• Section 8: Configure Oracle Discoverer 10g with
    the E-Business Suite
•   Section 9: Obtaining Technical Support
•   Section 10: Available Documentation
•   Section 11: Conventions and Important
    Directory Locations
•   Appendix A: Timeout Behavior
•   Appendix B - Product-Specific SSO Exceptions
•   Appendix C - Summary of Bugs Fixed by Builds
•   Appendix D - De-Registering an Oracle E-
    Business Suite 11i Instance from OID Server

                   Prepared by: Adnan Siddiqui      3
Overview
    This document contains information for installing Oracle Application
    Server 10g with the E-Business Suite. Benefits of this configuration
    include E-Business Suite support for the following services running
    on one or more standalone servers external to the existing Oracle
    E-Business Suite Release 11i environment:
•   Oracle Single Sign-On (SSO) 9.0.4.1
•   Oracle Internet Directory (OID) 9.0.4.1
•   Oracle Portal 9.0.4.1
•   Discoverer 9.0.4.1
•   Third-party single sign-on solutions
•   Third-party Lightweight Directory Access Protocol (LDAP) directories




                          Prepared by: Adnan Siddiqui                  4
Overview
The installation process consists of four phases:
1. Install Oracle Application Server 10g on a standalone
   server.
2. Migrate an existing E-Business Suite application tier
   server node to 9iAS Release 1.
3. Install interoperability patches to integrate the
   standalone server with the E-Business Suite
   environment.
4. Synchronize user information between the standalone
   server and the E-Business Suite environment.


                    Prepared by: Adnan Siddiqui            5
Features and Supported
Architectures
• Accessing E-Business Suite Instances with Single
    Sign-On
•   Using Oracle Portal to Access the E-Business
    Suite
•   Integration with Third-Party Single Sign-On
    Services and LDAP Directories
•   Using Discoverer 10g with the E-Business Suite
•   Supported Architectures and Configurations

                   Prepared by: Adnan Siddiqui       6
Accessing E-Business Suite
Instances with Single Sign-On
Oracle Application Server 10g , Oracle Internet Directory , Oracle Single Sign-on Server , and the
    Oracle Single Sign-on Software Development Kit are required to enable Single Sign-On
    functionality for the E-Business Suite.
• Implementing Single Sign-On (SSO) functionality for the E-Business Suite allows organizations to
    share one user definition throughout multiple parts of their enterprise. Typically, the common
    user definition is stored in a Lightweight Directory Access Protocol (LDAP) repository such as
    Oracle Internet Directory (OID). Oracle Internet Directory serves as a central repository for user
    credentials and other user information for all Oracle products, including Oracle Application Server
    10g and Oracle Portal. This user information is periodically synchronized with the E-Business Suite
    instance
• Oracle Single Sign-on Software Development Kit (SSOSDK) release 9.0.2 is required to support
    Oracle Single Sign-On 10g integration with the E-Business Suite. It allows the E-Business Suite to
    register as a partner application to the Oracle Single Sign-On Server, giving users the ability to
    access other registered partner applications with a single credential (for example, a
    username/password combination).
• Oracle Single Sign-on Software Development Kit (SSOSDK) release 9.0.2 is required to support
    Oracle Single Sign-On 10g integration with the E-Business Suite. It allows the E-Business Suite to
    register as a partner application to the Oracle Single Sign-On Server, giving users the ability to
    access other registered partner applications with a single credential (for example, a
    username/password combination).




                                     Prepared by: Adnan Siddiqui                                     7
Using Oracle Portal to Access the
E-Business Suite
Oracle Application Server 10g , Oracle Internet Directory , Oracle Single Sign-
   on Server , Oracle Single Sign-on Software Development Kit , and Oracle
   Portal are required to enable portal functionality for the E-Business Suite.
Use of Oracle Portal is optional. Oracle Single Sign-On is a mandatory
   prerequisite for Oracle Portal.
Oracle Portal can optionally be implemented to provide a single customized
   portal that allows access to one or more E-Business Suite instances. As part
   of Oracle9i Application Server, Oracle Portal can provide users with
   corporate and customized personal home pages accessible via Web
   browsers. These home pages may contain corporate announcements, stock
   tickers, news headlines, and links to other web-based services. Oracle
   Portal may connect to external applications (for example, Hotmail, Yahoo!)
   and partner applications that share their user authorization and session
   management models with Oracle Portal.




                            Prepared by: Adnan Siddiqui                       8
Using Oracle Portal to Access the
E-Business Suite
• Oracle Portal may be configured to access one or more E-Business
  Suite environments. Oracle Portal users may add links to their home
  pages to access E-Business Suite modules, and may display some
  information (for example, Oracle Workflow notifications) directly on
  their home pages. Users may access links from their Portal pages to
  predefined reports and analysis workbooks for E-Business Suite data
  using Discoverer 10g .
• E-Business Suite links and data are delivered to Oracle Portal via
  portlets. Portlets can be displayed on customized Oracle Portal
  home pages. Portlets installed on an E-Business Suite instance
  communicate with Oracle Portal via Web providers. E-Business
  Suite Web providers are registered in the Portal Repository




                         Prepared by: Adnan Siddiqui                 9
Integration with Third-Party Access
Management Systems and LDAP
Directories standardized on third-party access management
• Organizations that have
    systems (for example, Microsoft Windows/Kerberos or Netegrity SiteMinder)
    can optionally integrate them with Oracle Single Sign-On server .
    Integration is via APIs that enable the Oracle Single Sign-On server to act
    as an authentication gateway between third-party single sign-on systems
    and the E-Business Suite.
•   In this configuration, the Oracle Single Sign-On server, the third-party
    single sign-on server, and the partner application form a chain of trust. The
    Oracle Single Sign-On server delegates authentication to the third-party
    single sign-on server, becoming essentially a partner application to it. The
    E-Business Suite and other Oracle products continue to work only with the
    Oracle Single Sign-On server, and are unaware of the third-party single
    sign-on server. Implicitly, however, they trust the third-party server.
•   Organizations that have standardized on third-party Lightweight Directory
    Access Protocol (LDAP) directories can optionally integrate them with Oracle
    Internet Directory. Oracle Internet Directory synchronizes with third-party
    metadirectory solutions and has an out-of-the-box solution for
    synchronizing with SunONE (iPlanet) and Microsoft Active Directory .


                             Prepared by: Adnan Siddiqui                       10
Using Discoverer 10g with the E-
Business Suite
OracleAS Discoverer 10g is optional for E-
  Business Suite users.
It may also be implemented independently
  of the components mentioned earlier.




               Prepared by: Adnan Siddiqui   11
Supported Architectures and
Configurations
1. Type of integration with Release 11i
• The following architectures and
  configuration options are certified and
  supported with this release:
  – SSO and OID only
  – SSO and OID and Portal
  – Discoverer only
  – Discoverer with either A or B configurations
    above

                 Prepared by: Adnan Siddiqui       12
2. Location of Oracle Application
Server 10g install
• On existing 11i application tier server
  node (running Oracle9i Application
  Server 1.0.2.2.2) in separate
  ORACLE_HOMEs. Discoverer 4i and 10g
  cannot run simultaneously in this
  configuration.
• Physically separate standalone server

                Prepared by: Adnan Siddiqui   13
Users are authenticated by

• SSO
• External third-party access manager (e.g.
  Windows Native Authentication)
• Local 11i sign-on combined with one of
  the above
• Combination of the above


               Prepared by: Adnan Siddiqui    14
Master source-of-truth for user
information
• OID
• External third-party user repository (e.g. Microsoft Active
    Directory)
•   Combination of the above

Note: Unlike in 9iAS Release 1 configurations using Login
  Server release 3.0.9 , FND_USER may not be used as
  the exclusive authentication source when Release 11i is
  integrated with Oracle Application Server 10g. Also
  password synchronization was not available until the
  Build 2.2 version

                      Prepared by: Adnan Siddiqui           15
Direction of synchronization of user
information with third-party user
repository
• From OID to third-party user repository
• From third-party user repository to OID
• Combination of the above




              Prepared by: Adnan Siddiqui   16
Method for initial population of user
information in OID and 11i
•   From 11i to OID
•   From OID to 11i
•   From third-party user repository to OID to 11i
•   Independently in OID, independently in 11i,
    then link on first sign-on with link-on-the-fly
•   From third-party user repository to OID,
    independently in 11i, then link on first sign-on
    with link-on-the-fly
•   Combination of the above

                    Prepared by: Adnan Siddiqui        17
Method for ongoing updates to
user information
• From 11i to OID
• From OID to 11i
• From third-party user repository to OID to
  11i
• Combination of the above



                Prepared by: Adnan Siddiqui   18
What the user sees after sign-on

• Portal home page
• Oracle Applications Framework home page
• Either of the above, on a per-user basis




               Prepared by: Adnan Siddiqui   19
Other supported options

• Allow user to associate OID account with
 multiple Release 11i accounts




               Prepared by: Adnan Siddiqui   20
Section 3: Build Versions and
Components
• Current Version
  – E-Business Suite Release 11i SSO 10g
    Interoperability Patch is at Build 2.2 as of
    February 2005. Current available Build
    Version available Build 3.0 is available




                  Prepared by: Adnan Siddiqui      21
Upgrading from previous versions

• If you are on Build 2.0 or 2.1
  – Build 2.2 is a Maintenance Pack for Build 2.0,
    and only contains incremental fixes.
  – Build 2.2 Patch 3800808 must be applied on
    top of Build 2.0.
  – If you have installed the 11.5.10 Maintenance
    Pack, you must install Patch 3979044.
  – If you have installed the 11.5.10 Rapid Install,
    you must install Patch 4053247

                  Prepared by: Adnan Siddiqui     22
Upgrading Oracle E-Business Suite
Release 11i Instances
• The Oracle E-Business Suite Release 11i SSO 10g
  Integration Patch is at Build 3.0 as of September
  2005.
   – Build 3.0 patch is 4364537 "Build 3.0 E-Business Suite SSO 10g
     Integration"
   – Builds 1.0, 2.1, and 2.2 are superseded by Build 3.0.
   – If you are currently on Build 1.0, 2.1, or 2.2, you must apply the
     Build 3.0, patch 4364537
   – No additional steps are required to refresh existing SSO, OID,
     and Portal registrations performed with previous Builds. These
     will be preserved and will continue to function as normal.
   – As an Early Adopter Program participant, you must upgrade to
     the Generally Available configuration.



                         Prepared by: Adnan Siddiqui                 23
Components

• The following components must be used
 on the standalone instance:
 Application Server 10g Enterprise             9.0.4.1
 Edition
 Oracle Single Sign-On                         9.0.4.1

 Oracle Internet Directory                     9.0.4.1
 Oracle Portal                                 9.0.4.1
 Oracle Discoverer                             9.0.4.1
                 Prepared by: Adnan Siddiqui             24
Component
• The following components must be used on the
  E-Business Suite instance:
   Component Name                               Release
   Oracle E-Business Suite Release 11.5.8 or
   11i                              above
   Oracle9i Application Server      1.0.2.2.2
   Release 1 Enterprise Edition
Supported operating system platforms are: Solaris,
  HP-UX, AIX, Linux and Windows.

                  Prepared by: Adnan Siddiqui             25
Section 4: Before You Begin
• Before you proceed any further, ensure that you have obtained the
  following:
• From the Oracle Store or the Oracle Technology Network :
   – CD Pack for Oracle Application Server 10g (9.0.4) Enterprise Edition
   – CD Pack for Oracle9i Application Server Release 1.0.2.2.2 Enterprise
     Edition.
   To check if the correct version of Oracle9i Application Server 1.0.2.2.2 is
     already installed on your system:
       Execute the following command in the $iAS_HOME/Apache/Apache/bin
         directory:
            % httpd -v
       If the reported version number is 1.3.19 then you do not need the Oracle9i
          Application Server Release 1.0.2.2.2 CD Pack




                            Prepared by: Adnan Siddiqui                             26
Before You Begin
• From OracleMetaLink :
• Note 233436.1- Installing Oracle Application Server 10g with Oracle E-
    Business Suite Release 11i (the latest version of this document)
•   Note 261914.1- Implementing Oracle Application Server 10g with Oracle E-
    Business Suite Release 11i
•   Note 257798.1 - Using Discoverer 10g with Oracle Applications 11i
•   Note 146468.1 - Installing Oracle9i Application Server with Oracle
    Applications 11i
•   Note 186981.1 - Oracle9i Application Server (9iAS) with Oracle E-Business
    Suite Release 11i Frequently Asked Questions
•   Note 216208.1 - Oracle9i Application Server (9iAS) with Oracle E-Business
    Suite Release 11i Troubleshooting
•   Note 175853.1- Oracle Remote Diagnostic Agent (RDA)
•   Patch 2762435 - SSO SDK schema upgrade script from 3.0.7 TO 9.0.2




                            Prepared by: Adnan Siddiqui                     27
Before You Begin – Required
Patches
The following patches are password protected and are available only to
   registered participants in the OracleAS 10g + Release 11i Early
   Adopter Program.
Registered participants may obtain passwords for these patches by
   filing a Technical Assistance Request via Metalink.
Oracle Support Engineers must ensure that all customers requesting
   these patches are registered and listed on the OracleAS 10g +
   Release 11i Early Adopter Program website (Oracle Internal).
    – Patch 3500912 (Build 2.0: E-Business Suite SSO 10g Interoperability -
      Rollup B) - Integrating E-Business Suite 11i with OAS 10g
    – Patch 3800808 (Build 2.2: Fixes for 3500912 - E-Business Suite SSO
      10g Interoperability - Rollup B)
    – Patch 3979044 - Fixes for SSOAppsLogout.jsp File Driver Issues for
      11.5.10 Maintenance Pack users
    – Patch 4053247 - Explicit Grant for Guest User to access Link Account
      Page for 11.5.10 Rapid Install users



                           Prepared by: Adnan Siddiqui                    28
Section 5: Pre-Install Tasks
Perform the following pre-install tasks before you start your installation:

Pre-Install Task 1: Install Oracle Remote Diagnostic Agent for E-
   Business Suite (optional)

The Oracle Remote Diagnostic Agent may optionally be installed in your E-
   Business Suite environment to streamline the process of gathering
   diagnostic information when filing Technical Assistance Requests (TARs)
   with Oracle Support. If you plan to enable Single Sign-On for multiple E-
   Business Suite instances, then each instance must have the Oracle Remote
   Diagnostic Agent installed.

Obtain Note 175853.1 Oracle Remote Diagnostic Agent (RDA) from
   OracleMetaLink. Download and install the appropriate version of the Oracle
   Remote Diagnostic Agent for your operating system platform.



                             Prepared by: Adnan Siddiqui                      29
Upgrade E-Business Suite to Oracle9i
Application Server release 1.0.2.2.2
Enterprise Edition
The Oracle E-Business Suite Release 11i technology stack must have the
   Oracle9i Application Server Release 1.0.2.2.2 Enterprise Edition installed
   before integrating Release 11i with the standalone instance of Oracle
   Application Server 10g release 9.0.4.1.

• If your environment was created with the 11.5.7 or above Rapid Installs:
    Your technology stack is already at the Oracle9i Application Server release
    1.0.2.2.2 Enterprise Edition level. You may skip this pre-install task.
•   If your environment was created using the 11.5.1 to 11.5.5 Rapid Installs:
    You must upgrade your environment to Oracle9i Application Server release
    1.0.2.2.2 Enterprise Edition level. Follow OracleMetaLink Note 146468.1,
    "Installing Oracle9i Application Server with Oracle E-Business Suite 11i". Do
    not execute post installation steps titled "Install and Configure Enterprise
    Single Sign-On and Portal 3i" as those steps are replaced by installing
    Oracle Application Server 10g Single Sign-On and Portal 10g.




                             Prepared by: Adnan Siddiqui                        30
Install DBMS_LDAP on E-Business
Suite Database-Tier Server Node
The Oracle database must be installed with the Oracle Internet
    Directory option to support synchronization of user information
    between Oracle Internet Directory and the E-Business Suite. Check
    your version-specific and platform-specific Database Installation
    Guide for details.
Perform this task on the database tier server node for your E-Business
    Suite environment, with your ORACLE_HOME environment variable
    pointing to your DB_ORACLE_HOME:

    1. Source the file [DB_ORACLE_HOME]/<dbname>.env to set the
       environment correctly
    2. Start SQL*Plus as SYSDBA and execute the following command: desc
       DBMS_LDAP
    3. If the package does not exist, run catldap.sql located in
       $ORACLE_HOME/rdbms/admin/ as SYSDBA



                          Prepared by: Adnan Siddiqui                     31
Install Oracle Application Server
10g Enterprise Edition
• Perform this task to install and upgrade
  Oracle Application Server 10g Enterprise
  Edition from 9.0.4 to 9.0.4.1.
• This task creates the standalone Oracle
  Application Server 10g server that will
  be associated with the E-Business Suite
  server.


                Prepared by: Adnan Siddiqui   32
• The Oracle Application Server 10g application server installation and
  the Oracle Application Server 10g infrastructure may reside on a
  single host or on separate hosts
• The Oracle Application Server 10g application server installation and
  the Oracle Application Server 10g infrastructure must be in separate
  ORACLE_HOMEs
• The Oracle Application Server 10g Infrastructure must not be
  installed in the Oracle E-Business Suite Release 11i database
• The application server installation and the infrastructure must not
  be installed in the ORACLE_HOME of an existing Oracle E-Business
  Suite Release 11i application-tier server node.




                         Prepared by: Adnan Siddiqui                 33
Pre-Install

• Check hardware requirements
• Check for the latest Java 2 Standard
 Edition Version




                Prepared by: Adnan Siddiqui   34
Pre-Install Check for Single Sign-On

• If you wish to use OracleAS 10g to enable
 single sign-on for Release 11i
 environments, you will require (at
 minimum):
  – An OracleAS Infrastructure 10g
    installation of the Identity Management
    and OracleAS Metadata Repository
    components.

               Prepared by: Adnan Siddiqui    35
If you wish to use OracleAS Portal to
access Release 11i environments, you
will require (at minimum):

• An OracleAS Infrastructure 10g installation
    of the Identity Management and OracleAS
    Metadata Repository components
•   An Oracle Application Server 10g (middle
    tier) installation of the Business
    Intelligence and Forms components



                 Prepared by: Adnan Siddiqui    36
Pre-Install Patches

• Obtain Oracle Application Server 10g
  Patch Set 1 (9.0.4.1.0) 3784229 for your
  operating system.
• Follow the instructions to apply it to your
  system




                Prepared by: Adnan Siddiqui     37
Test Your 10g AS Environment
Test your Oracle Application Server 10g environment. At minimum, the
following test is recommended to ensure that the Identity Management
infrastructure is working correctly:

   – Start Oracle Internet Directory Delegated Administration Services by
     going to:
     http://<host_name>.<domain>:<Infrastructure http port
     number>/oiddas
   – Log in using the orcladmin userid
   – Navigate to Directory > Create.
   – Create a test userid, supplying a password and other user
     information. Click Submit.
   – Log out.
   – Log into Oracle Internet Directory Delegated Administration Services
     using the newly created test userid.
   – Ensure the Directory Integration and Provisioning Platform Server is
     running. The command ps -ef | grep odi should show a process called
     $ORACLE_HOME/bin/odisrv running.

                          Prepared by: Adnan Siddiqui                       38
Back Up Your System

• After successfully testing your installation,
  make a complete backup of your
  environment. In particular, ensure that
  you have backed up the Oracle Application
  Server 10g, the Oracle Application Server
  10g infrastructure, and the inventory
  location.


                 Prepared by: Adnan Siddiqui   39
Implement Single Sign-On Support
For the E-Business Suite
• The Oracle Single Sign-On Software Development Kit (SSO SDK) is
  required to support Single Sign-On functionality in E-Business Suite
  environments. It allows the E-Business Suite to register as a partner
  application to the Oracle Single Sign-On Server, giving users the
  ability to access other registered partner applications with a single
  credential (username/password). Single Sign-On SDK release 9.0.2
  also supports features that allow the E-Business Suite to link one or
  more user accounts in the E-Business Suite to a single user in the
  Oracle Internet Directory.
• If you wish to enable Single Sign-On for multiple E-Business Suite
  instances, then the tasks in this section must be performed on each
  instance.




                         Prepared by: Adnan Siddiqui                 40
SSO SDK
• The SSO SDK is a separate component, and is
    not delivered with any version of the Oracle
    Application Server.
•   The current version is 9.0.2, which is compatible
    with E-Business Suite Release 11i and AS 10g.
•   If you previously installed SSO SDK 3.0.9 to
    support integration of Release 11i with Portal
    3.0.9, you must upgrade to SSO SDK 9.0.2
•   Obtain SSO SDK patch #: 2762435 from
    Metalink


                    Prepared by: Adnan Siddiqui     41
• If your environment was created using
 Oracle E-Business Suite Release 11.5.10
 Rapid Install you can skip installation of
 SSO SDK and go to SSO Task 1, Step 3.
 SSO SDK is installed by default in Oracle
 E-Business Suite Release 11.5.10 Rapid
 Install.


               Prepared by: Adnan Siddiqui    42
SSO SDK

• Perform this step on the database tier
  server node for your E-Business Suite
  environment.
• The SSO SDK should be installed in a
  separate database schema named ssosdk
  in an E-Business Suite database. The
  "apps" schema will serve as the partner
  application schema for SSO SDK.
                Prepared by: Adnan Siddiqui   43
• Follow the steps to install the SSO SDK
• Unzip the downloaded patch
• Create the SSO SDK database schema




                Prepared by: Adnan Siddiqui   44
SSO SDK
• Upgrade from earlier SSO SDK release:

• Upgrade existing database objects
  If you have previously installed the SSO SDK 3.0.9 in your E-
  Business Suite environment (e.g. by following MetaLink Note
  146469.1 to enable Single Sign-On via Login Server 3.0.9, or portal
  support via Portal 3.0.9), your existing SSO SDK schema must be
  upgraded with the ssosdkup.sql script:
• % cd /tmp/ssosdk902/packages
  % sqlplus <307_sdk_schema>/password
• SQL> @ssosdkup.sql
  SQL> exit




                         Prepared by: Adnan Siddiqui                45
SSO SDK
• Fresh install of SSO SDK 9.0.2

• If you have not previously installed the SSO SDK release 3.0.9, you
  must create a database schema in your Oracle Applications 11i
  database, in which the SSO SDK database objects will be
  loaded. We strongly recommend 'ssosdk' as the name of this
  schema.
• % sqlplus /NOLOG
  SQL> connect sys/<sys_password> as sysdba
  SQL> create user ssosdk identified by <ssosdk_schema_password>
          default tablespace <portal tablespace>
          temporary tablespace TEMP;
  SQL> grant connect, resource to ssosdk;
  SQL> quit



                         Prepared by: Adnan Siddiqui                46
SSO SDK
• Load SSO SDK database objects

• From the packages sub directory, load the
    database objects into the ssosdk schema by
    running the script loadsdk.sql:
•   % cd /tmp/ssosdk902/packages
    % sqlplus ssosdk/<ssosdk_schema_password>
    SQL> @loadsdk.sql


                  Prepared by: Adnan Siddiqui    47
SSO SDK
• Create grants and synonyms

• Run the script grantapp.sql to create synonyms
    and grants for the SSO SDK objects used by the
    E-Business Suite code in the apps schema:
•   % cd /tmp/ssosdk902/packages
    % sqlplus ssosdk/<ssosdk_schema_password>
    SQL> @grantapp.sql <apps_schema_name>
    <apps_schema_password> ssosdk

                   Prepared by: Adnan Siddiqui     48
SSO – E-Business Suite Registration
Perform this step on the Oracle Application
Server 10g application server.
• Register the E-Business Suite as a Partner
    Application with Oracle Single Sign-On 10g server

    The E-Business Suite must be registered as a partner
    application to Oracle Single Sign-On server. See Oracle
    Application Server 10g Single Sign-On Administrator's
    Guide (Part # B10851-01) for additional conceptual
    background about registering partner applications with
    Oracle Single Sign-On.
•   Single Sign-On administrative functions are performed
    through the Single Sign-On home page . Perform the
    following steps to register the E-Business Suite as a
    partner application in Oracle Single Sign-On
                       Prepared by: Adnan Siddiqui            49
SSO
• To access the Oracle Application Server 10g
  Single Sign-On home page, enter a URL of the
  following form:
  – http://host:port/pls/Single_Sign_On_DAD (Single Sign
    On DAD = orasso)
  – where host is the name of computer on which the
    Oracle10g Single Sign-On server is located, port is the
    port number of the server, and Single_Sign_On_DAD
    is the database access descriptor for the Single Sign-
    On schema. The default DAD is orasso.

                    Prepared by: Adnan Siddiqui          50
Access Partner Applications
• The Access Partner Applications page appears. Select Login in the
    upper right corner of the Access Partner Applications page.
•   The Single Sign-On Login page appears. Enter your user name and
    password and then select the Login button.
•   The Single Sign-On home page appears. To perform administrative
    functions, select the SSO Server Administration link.
•   From the Administer Partner Applications page, select Add Partner
    Application.
•   The Create Partner Application page appears. In the Partner
    Application Login section, enter the following pieces of information:




                           Prepared by: Adnan Siddiqui                  51
Access Partner Application
•   Name: Oracle E-Business Suite Release 11i (<dbSid>)
•   For example:
    Oracle E-Business Suite Release 11i (vis1159)
•   Home URL: <Public page URL for the E-Business Suite 11i instance>
•   For example:
    http://myhost.oraclecorp.com:7890/
•   Success URL: http://<SERVER>:<PORT>/oa_servlets/AppsSSOServlet
•   For example:
    http://myhost.oracle.com:7890/oa_servlets/AppsSSOServlet
•   Logout URL: http://<SERVER>:<PORT>/OA_HTML/SSOAppsLogout.jsp
•   For example:
    http://myhost.oraclecorp.com:7890/OA_HTML/SSOAppsLogout.jsp
•   In the Valid Login Time frame section, enter the dates when users can log in to the application
    through the Single Sign-On server. If you leave the End Date field blank, users can log in to the
    application indefinitely.
•   In the Application Administrator section, enter the e-mail address and other information for
    the application contact person or administrator.
•   Select OK. The new partner application appears in the Edit/Delete Partner Application list on
    the Partner Application page.




                                    Prepared by: Adnan Siddiqui                                   52
Edit Partner Application

• Note the ID, Token, Encryption Key,
 Login URL and other information on the
 resulting page. This information is needed
 to run the regapp.sql script in the next
 step.




               Prepared by: Adnan Siddiqui   53
E-Business Environment
Configuration
• In your E-Business Suite environment, log
  in to your ssosdk schema and run the
  script regapp.sql found in the packages
  subdirectory of the SSO SDK Patch
  downloaded in earlier Steps.
• % sqlplus
  ssosdk/<ssosdk_schema_password>
  SQL> @regapp.sql
                Prepared by: Adnan Siddiqui   54
• Supply the following parameters required by the regapp.sql script:
• Listener_Token: Listener token for the application to be registered
    as a partner application.
•   The value for Listener_Token must the same as the dbc filename for
    your E-Business Suite environment, and can be obtained from the
    function FND_WEB_CONFIG.DATABASE_ID.
•   The format of possible acceptable values for this parameter will vary
    depending upon your Release 11i version and whether certain
    additional features, such as Real Application Clusters (RAC), have
    been implemented. Acceptable values for Listener_Token will take
    one of the following forms:
•   <database_hostname>_<instance_name>
•   <instance_name>
•   To determine the value that you must provide for this parameter,
    log in to your E-Business Suite environment as the apps user and
    run the following SQL query:
•   SQL> select fnd_web_config.database_id from dual;
•   Note that this value can be overidden by setting the
    APPS_SSO_LISTENER_TOKEN profile.
•   Enter the value returned from the SQL query when prompted for
    Listener_Token.

                          Prepared by: Adnan Siddiqui                  55
• Site_ID: Site ID for your application.
  Description: Enter the value noted when
  registering the Partner Application above,
  or ask your SSO Server Administrator.
• Site_Token: Site token for your
  application. Enter the value noted when
  registering the Partner Application above,
  or ask your SSO Server Administrator.
• Login_URL: Login URL of the SSO Server
  Description: Enter the value noted when
  registering the Partner Application above,
  or ask your SSO Server Administrator.

                Prepared by: Adnan Siddiqui   56
• Encryption_Key: Encryption key for your
  partner application
  Description: Enter the value noted when
  registering the Partner Application above,
  or ask your SSO Server Administrator.
• IP_Check: IP address check flag for
  security purpose.
  Set to: N (must be entered in upper case)




               Prepared by: Adnan Siddiqui   57
Install E-Business Suite SSO 10g
Interoperability Patch (3500912)
and Build 2.2 Patch (3800808)
• Apply patch on your E-Business environment
• If your environment was created using Oracle E-
    Business Suite Release 11.5.10 Rapid Install
    you can skip steps 2-3 of this Task, and proceed
    to (Install patch 3800808).
•   Patch 3500912 is installed by default in Oracle E-
    Business Suite Release 11.5.10 Rapid Install.


                    Prepared by: Adnan Siddiqui     58
SSO For Multiple E-Business Suite
Instances
• If you wish to enable Single Sign-On for multiple E-
  Business Suite instances, then the tasks in this section
  must be performed on each instance.
• Installation of an SSO (or other) patch may fail if an up
  to date snapshot of the APPL_TOP file system cannot be
  found.
• AutoPatch error:
  This patch has some prerequisites specified, but a
  "snapshot" of this APPL_TOP's file-system has never
  been taken, thereby rendering it impossible to check for
  the prerequisites.
• Please take a "snapshot" of this APPL_TOP using "AD
  Administration" first

                     Prepared by: Adnan Siddiqui          59
Interoperability Patch for Build 2.2
& Build 3
• If you upgraded your environment with
 one of the following:
  – 11.5.10 Maintenance Pack
  – 3262159 11i.FND.H patch
  – Before you apply patch 3500912, you MUST
  – Obtain the patch 3979044 "Fixes for
    SSOAppsLogout.jsp File Driver Issues".


                Prepared by: Adnan Siddiqui    60
Interoperability Patch for Build 2.2
& Build 3
• Obtain patch 3500912, " E-Business Suite
  SSO 10g Interoperability - Rollup B" .
• For Build 3.0: Apply patch 4364537 (Sept
  05)




               Prepared by: Adnan Siddiqui   61
Interoperability Patch for Build 2.2
& Build 3
• Patch 3500912 will automatically identify any prerequisites that it does not
   find on your system. Prerequisites for patch 3500912 are listed here for
   reference only -- you do not need to download these unless prompted to do
   so during the installation of patch 3500912:
    –   2655277   -   Patch 11i.FND.G
    –   3313291   -   AOL JAVA ROLL UP PATCH J
    –   2728236   -   Patch 11i.OWF.G
    –   3409889   -   CONSOLIDATED FIXES ON TOP OF OWF G ROLLUP 5
    –   2790616   -   Mini-Pack 11i.HZ.K
    –   3162988   -   OA Framework Rollup Patch 5.7H - V5
    –   2420923   -   Patch 11i.JTT.D
    –   2752002   -   ORACLE DIAGNOSTICS VERSION 2.1
    –   2368042   -   Patch 11i.JTA.D (JTA 11.5.7.6)
    –   2611764   -   JUMF115-A: USER MANAGEMENT ROLLUP PATCH
    –   2709371   -   E-BUSINESS SUITE EXCEPTIONS PASE I: PLSQL AND DATA MODEL
• The pre-requisite list for Build 3.0 is not included here


                                Prepared by: Adnan Siddiqui                  62
Interoperability Patch Fixes for
Build 2.2 & Build 3
• For Build 2.2
  – Obtain patch 3800808, "Build 2.2 fixes for
    3500912".
• There are no fixes for Build 3.0




                  Prepared by: Adnan Siddiqui    63
More Patches

• Obtain and install the following patches
  from Metalink
• Patch 4053247, "Explicit Grant for Guest
  user to access Link Account Page".




                Prepared by: Adnan Siddiqui   64
Compile Invalid Objects In Your E-
Business Environment
• Some database objects may be marked for
    recompilation as a result of the above steps.
•   Check for invalid database objects. If there are
    any remaining invalid database objects, use the
    $ORACLE_HOME/rdbms/admin/utlrp.sql utility to
    recompile all invalid objects in all schemas in the
    database.



                     Prepared by: Adnan Siddiqui      65
Pre-Registeration Check List For E-
Business Provisioning Configuration
• Configure Oracle E-Business Suite as
 a Provisioning Integrated Application
 with Oracle Internet Directory
  – Prior to attempting to configure Oracle E-
    Business Suite as a provisioning integrated
    application with OID, please make sure you've
    gathered all the information required by the
    following preregistration checklist.


                 Prepared by: Adnan Siddiqui   66
E-Business Provisioning
Configuration
• Source the iAS environment file
    <iAS_ORACLE_HOME>/<SID>_<hostname>.env
•   Source the Applications environment file
    – $APPL_TOP/<SID>_<hostname>.env
      (Do not source the APPSORA.env file)

• Windows
    – Execute the Applications environment file
      %APPL_TOP%\<SID>_<hostname>.cmd
      (Do not source the APPSORA.cmd file.)

    – Execute the iAS environment file
      <iAS_ORACLE_HOME>\<SID>_<hostname>.cmd
      (Do not execute this command without executing
      %APPL_TOP%\<SID>_<hostname>.cmd first)
                         Prepared by: Adnan Siddiqui   67
Check specific environment settings

• Ensure perl from the <iAS_ORACLE_HOME>/bin
    directory is in the path. If not, apply the latest
    AutoConfig rollup patch. See Oracle MetaLink
    Note 165195.1 for details.
•   Check that the environment variable TWO_TASK
    (or LOCAL on Windows) is set correctly, by
    executing the command:
•   sqlplus <apps user>/<apps passwd>
•   This will confirm that you are able to connect to
    the E-Business Suite database.


                    Prepared by: Adnan Siddiqui      68
Check perl Version

• If your environment is not AutoConfig
  enabled, you must ensure your perl
  version is 5.005 or higher. You can check
  the version with the command:
• perl -v
• Also ensure that environment variable
  PERL5LIB is set correctly.

                Prepared by: Adnan Siddiqui   69
Run OID registration script
• This script is used to register an Oracle E-
    Business Suite 11i instance with Oracle Internet
    Directory. Choose either Option A for interactive
    mode of execution, or Option B for non-
    interactive mode.
•   For debugging purposes, it is recommended that
    system administrators keep careful records of all
    information entered in this step.


                    Prepared by: Adnan Siddiqui     70
Run OID registration script
Option A: Interactive mode

 – Execute the following command. On UNIX, you can
   split the command over multiple command lines, by
   entering the '\' continuation character followed by
   <Return>:
 – perl -I$AU_TOP/perl \
   $FND_TOP/patch/115/bin/TXKScript.pl \
   -script=$FND_TOP/patch/115/bin/txkConfigureOID.pl
   \
   -txktop=$AU_TOP/perl

                  Prepared by: Adnan Siddiqui        71
• On Windows, you must pass all the arguments on a single command
    line, pressing <Return> once at the end.
•   In interactive mode, the script will prompt for the parameters
    required, in this order:
•   Enter the LDAP Host ? <ldap host>
•   (Fully qualified name recommended, e.g. alpha.surby.com rather
    than just alpha.)
•   Enter the LDAP Port ? <ldap port>
•   Enter the LDAP Bind Password ? <OID administrator bind
    password>
•   Enter the password that you would like to register this E-Business
    Instance with? <E-Business instance password>
•   Note: This is the master password used to register the E-Business
    Suite instance in Oracle Internet Directory. Release 11i services use
    this password at a later time for certain security validations. This is
    a critical password governing communications from the E-Business
    Suite instance to OID, and it should be made as secure as possible.
•   This is the first time that this password is created, so it does not
    need to match any other prior existing passwords.
•   Enter Oracle E-Business apps database user password ? <Apps
    password>

                           Prepared by: Adnan Siddiqui                    72
Run OID registration script
Option B: Non-interactive mode
•   Execute the following command. On UNIX, you can split the command over multiple command
    lines, by entering the '\' continuation character followed by <Return>:
•   $ perl -I$AU_TOP/perl \
    $FND_TOP/patch/115/bin/TXKScript.pl \
    -script=$FND_TOP/patch/115/bin/txkConfigureOID.pl \
    -txktop=$AU_TOP/perl \
    -ldapHost=<ldap host> \
    -ldapPort=<ldap port> \
    -bindPwd=<OID administrator bind password> \
    -instPwd=<E-Business instance password> \
    -appsPwd=<apps password> \
•   Optional arguments include:
•   -appName=<usually SID>\               (less than 24 chars)
    -svcName=<unique service name>\ (less than 80 chars)
    -provTmp=<full path to provisioning template>/ProvBiDirection.tmp \
    -workDir=<full path to a secure working directory>
•   On Windows, you must pass all the arguments on a single command line, pressing <Return>
    once at the end.




                                 Prepared by: Adnan Siddiqui                                  73
De-Registering an E-Business
Instance
• If the the perl script above fails at some point during execution, you
  will be prompted to remove any partial registration information
  created until that point. You're strongly advised to enter 'Yes' to
  proceed with the deregistration:
• "NOTE: Registration Failed, please see the above log file for details.
  It is recommended that you now choose 'Y' to remove this
  partial registration and re-register after correcting the
  failures during the registration process.
  Do you want to de-Register(Y/N) ?"
• You must de-register a previously registered instance before
  attempting
  to register the same instance again. Re-running the registration by
  using the same application name won't overwrite the existing
  instance.



                          Prepared by: Adnan Siddiqui                  74
Confirm successful OID script
completion
• When the OID registration script completes
    successfully, it will print the following line:
•   End of
    <FND_TOP>/patch/115/bin/txkConfigureOID.pl:
    No errors encountered.
•   If you do not see this confirmation, examine the
    <working
    directory>/oid/txkConfigure_[timestamp]_stdout
    .log file to investigate the problem.

                    Prepared by: Adnan Siddiqui    75
Enable Workflow subscriptions
• You now need to enable Workflow subscriptions, as follows.
• Log in locally to Oracle E-Business Suite as SYSADMIN, at:
     http://<HOST>[:PORT]/OA_HTML/AppsLocalLogin.jsp
•   Select the responsibility, "Workflow - Administer Web Applications"
•   Launch the function "Business Events"
•   Search for event "oracle.apps.global.user.change"
•   Enable the following subscriptions:
     – fnd_user_pkg.user_change
     – fnd_user_pkg.user_create_rf
     – wf_oid.user_change




                           Prepared by: Adnan Siddiqui                    76
Disable the following subscription

• Disable the following
  – wf_sso.user_create_rf




                Prepared by: Adnan Siddiqui   77
Configure the E-Business Suite to
Use SSO for Authentication
• The user directory to be used for Single
 Sign-On authentication must be identified
 via the "Applications SSO Type"
 Applications 11i system profile option. If
 you wish to enable Single Sign-On for
 multiple E-Business Suite instances, then
 this task must be performed on each
 instance

                Prepared by: Adnan Siddiqui   78
Configure the E-Business Suite to
Use SSO for Authentication
• Step 1: Log onto Applications 11i with
  System Administrator responsibilities.
• Step 2: Set the value of the
  "Applications SSO Type" system profile
  option to "SSWA w/SSO".




               Prepared by: Adnan Siddiqui   79
Install E-Business Suite Single Sign-On
Patches for Individual Product Families
• Certain product families in the E-Business
 Suite require product-specific patches to
 enable use of Single Sign-On functionality.
 After you have applied the patches
 required for the Single Sign-On technology
 stack, you must perform the relevant
 product-specific tasks listed if you use any
 of the following products.

                Prepared by: Adnan Siddiqui    80
Validate that Single Sign-On is
Working Correctly
• Verify that your Oracle E-Business Suite
  instance is correctly integrated with Oracle
  Single Sign-on server.
• Request the appropriate E-Business Suite
  login link, of the form:
  http://[host]:[port]/oa_servlets/AppsLogin
• This should direct you to the Single Sign-
 On Login screen.

                 Prepared by: Adnan Siddiqui   81
Validate that Single Sign-On is
Working Correctly
• Enter the username and password for an
 account in the enterprise user directory
 (for example, Oracle Internet Directory).
 You should be directed to either the
 Oracle E-Business Suite home page, or a
 page that shows "More Information
 Requested".


               Prepared by: Adnan Siddiqui   82
Validate that Single Sign-On is
Working Correctly
• Click on the logout link. You should now
 be directed to the Single Sign-On Logout
 page. If so, then single sign-on integration
 has been carried out correctly.




                Prepared by: Adnan Siddiqui   83
Verify E-Business Suite Integration
with Oracle Internet Directory
• Check that there are no errors in the Oracle Internet
  Directory log files for the E-Business Suite instance you
  have just configured. These files are on the machine that
  hosts Oracle Internet Directory, under
  $ORACLE_HOME/ldap/odi/log. There are two log files for
  each provisioning direction, so there will either be two or
  four in total. The files for provisioning from Oracle
  Internet Directory to E-Business Suite end with _E.aud
  and _E.trc. The files for provisioning from E-Business
  Suite to Oracle Internet Directory end with _I.aud and
  _I.trc.


                     Prepared by: Adnan Siddiqui           84
Verify E-Business Suite Integration
with Oracle Internet Directory
• Depending on how provisioning has been
  configured, try to create a user from either E-
  Business Suite, or Oracle Internet Directory. The
  user should be provisioned into the other system
  within about two minutes. The user details
  should also be visible in the relevant .aud log file
  mentioned in 2.1. If so, then provisioning
  configuration for Oracle Internet Directory has
  been performed correctly.

                   Prepared by: Adnan Siddiqui      85
Configure Oracle Portal 10g with
the E-Business Suite
• This section describes how to integrate Oracle Portal 10g
  (Version 9.0.4.1) with your existing E-Business Suite
  system. You must have previously completed the Single
  Sign-On and Oracle Internet Directory integrations
  detailed in the previous sections above.
• This is optional and intended only for those who wish to
  integrate Oracle Portal 10g (Version 9.0.4.1) with the E-
  Business Suite. The steps in this section document the
  tasks necessary to set up a default portal page which
  can access your E-Business Suite system.



                     Prepared by: Adnan Siddiqui          86
Apply Portal 3.0.9 JPDK in your E-
Business Suite environment
• Perform this step on your E-Business Suite
    application tier server node tier with your
    ORACLE_HOME environment variable pointing to
    your iAS 1.0.2.2 HTTP_ORACLE_HOME. This
    patch is necessary for Oracle E-Business Suite
    Framework web portlet provider to communicate
    with Oracle Portal 10g.
•   Source the file
    [HTTP_ORACLE_HOME]/<dbname>.env to set
    the environment correctly
•   Download patch 3418272 from MetaLink .

                   Prepared by: Adnan Siddiqui   87
Apply Portal 3.0.9 JPDK in your E-
Business Suite environment
• Follow the instructions in the patch to apply it to your system.
  However, apply only c3418272.csh (or c3418272.cmd for Windows).
  Do not apply the script d3418272.csh (or d3418272.cmd on
  Windows) that is delivered as a part of this patch. The d3418272.*
  script is not required for Release 11i environments that are
  integrated with Oracle Application Server 10g.
• The c3418272.csh script will exit without a message after
  completion. Immediately after applying c3418272.csh, verify that it
  has been run successfully by issuing the following command:
• >echo $?
• The error code returned should be 0, indicating successful
  completion.




                          Prepared by: Adnan Siddiqui                88
Apply Portal 3.0.9 JPDK / XML Parser
9.0.4 compatibility patch 3615177 in
your E-Business Suite environment
• Perform this step on your E-Business Suite
    application tier server node tier with your
    ORACLE_HOME environment variable pointing to
    your iAS 1.0.2.2 HTTP_ORACLE_HOME. This
    patch is necessary for Oracle E-Business Suite
    Framework web portlet provider to communicate
    with Oracle Portal 10g.
•   Source the file
    [HTTP_ORACLE_HOME]/<dbname>.env to set
    the environment correctly

                   Prepared by: Adnan Siddiqui   89
Set Up E-Business Suite Framework
Web Provider
• Perform this task in your E-Business Suite environment.
• This task sets the appropriate system variables to enable
  the E-Business Suite Framework Web Provider, also
  known as the Oracle Applications Framework Web
  Provider. System variables that need to be set include
  the Cookie Domain and session.topleveldomain. Since
  these variables in their respective configuration files are
  maintained by AutoConfig, these changes must be
  made using the Oracle Applications Manager or the
  AutoConfig Context Editor tool. Do not make the
  following changes by manually modifying any
  configuration files.

                      Prepared by: Adnan Siddiqui           90
Apply Oracle Applications Web
Provider patch
Perform this task in your E-Business Suite
environment
• Download patch 3467547, "Oracle
  Applications Web Provider v5.7V5A" from
  Metalink.
• Follow the instructions in the patch to
  apply it to your system



                Prepared by: Adnan Siddiqui   91
Apply Patch 4176598.
In Your E-Business Environment
• Perform this step if all of the following
  conditions apply:
  – You are using Oracle Applications Framework
    11.5.10
  – You are using Oracle Applications Framework
    Portlets




                 Prepared by: Adnan Siddiqui      92
Apply Patch In Your E-Business
Environment
• Download & apply patch 4176598
• Apply latest AutoConfig patch




              Prepared by: Adnan Siddiqui   93
Edit the AutoConfig Context File
 In Your E-Business Environment
• If you are currently using E-Business Suite level 11.5.9
  or above, or have applied FND.G patchset (or above),
  you will use Oracle Applications Manager to edit your
  context file. For all previous versions, you will use the
  AutoConfig Context Editor tool.
• To edit the context file using Oracle Applications
  Manager, login to Oracle Applications Manager and
  navigate to Site Map > Applications Context Editor >
  Edit Parameters > System.
• To edit the context file using the AutoConfig Context
  Editor tool, enter the following commands:
• % cd [COMMON_TOP]/util/editcontext/
  % ./editcontextM

                      Prepared by: Adnan Siddiqui             94
Set the "Cookie Domain" Variable
In Your E-Business Environment
• Using the AutoConfig Context Editor tool or
    Oracle Applications Manager, update the value
    of variable "Cookie Domain" using the
    following logic:
•   If the last domain of your current setting for the
    profile option APPS_WEB_AGENT is one of these
    five domains: .com, .org, .edu, .gov, .net,
    then Cookie Domain must be set to the last
    two domains of APPS_WEB_AGENT.

                    Prepared by: Adnan Siddiqui      95
Set the "Session topleveldomain
comment" in your E-Business
Environment
• By default the value for variable "Session
  topleveldomain comment" is set to "#". This needs
  to be changed to enable the Oracle Applications
  Framework Web Provider.
• Changing the default value will result in changes to the
  session.topleveldomain entry in AutoConfig controlled file
  zone.properties. Do not make manual changes to this
  file.
• Using the AutoConfig Context Editor tool or Oracle
  Applications Manager, update the value of variable
  variable "Session topleveldomain comment" to
  blank.


                     Prepared by: Adnan Siddiqui          96
Specify AS10g hosts in your E-
Business Environment
• Using the AutoConfig Context Editor tool or Oracle
  Applications Manager, update the value of variable
  "OProcMgr Trusted Nodes"
  (oacore_trusted_oproc_nodes), a list of comma
  separated host names with domain names or IP
  addresses that you want to give access to all servlets. In
  this list you must include the machine where you
  installed AS 10g Portal. In addition, if the associated
  Infrastructure database is installed on a different
  machine, you must also include the machine where you
  installed the Infrastructure database.
• Example: "OprocMgr Trusted Nodes" set to
  "ap123sun.us.oracle.com,ap456sun.us.oracle.com"

                     Prepared by: Adnan Siddiqui           97
Regenerate AutoConfig configuration
files in your E-Business Environment
• Run the AutoConfig tool again to regenerate all
    configuration files. This step updates the
    session.topleveldomain directive in
    zone.properties and also regenerates all
    configuration files maintained by AutoConfig.
•   For example, on UNIX:
•   %
    [COMMON_TOP]/admin/scripts/<SID>/adautocf
    g.sh

                   Prepared by: Adnan Siddiqui      98
Restart Apache in your E-Business
Envrionment
• Running AutoConfig may change your existing
    environment files. After running AutoConfig, you
    should always set the environment before you
    run any Applications utilities in order to apply
    the changed environment variables.
•   Restart Apache by running the adapcctl.sh
    script.
•   For example, on UNIX:
•   %
    [COMMON_TOP]/admin/scripts/<SID>/adapcctl.
    sh

                    Prepared by: Adnan Siddiqui    99
Register the Oracle Applications
Framework Web Provider in your
10g AS Environment
• The Oracle Applications Framework Web
 Provider for the E-Business Suite environment
 must be registered in Oracle Portal. Once the
 Oracle Applications Framework Web Provider
 has been registered in this task, portlets
 delivered for Oracle E-Business Suite Release 11i
 may be added to custom portal pages that you
 create for your users.


                 Prepared by: Adnan Siddiqui    100
Perform Portal Tasks
• Open the following URL and click the Login link at the
  top of the page:
• http://<oas10g_hostname>:<oas10g_applicationtier_po
  rtnumber>/pls/portal
• For example,
  http://machine.us.oracle.com:8888/pls/portal
• Ensure a user exists in your E-Business Suite instance
  with the same name as a portal administrator in Oracle
  Portal. By default, the orcladmin user has administrative
  privileges for Portal. Link the E-Business Suite user with
  the same name to the Oracle Portal user

                     Prepared by: Adnan Siddiqui           101
Create a Portal Page Group for the
Applications instance
• You need to create a page group in Portal in which all
  pages for this Applications instance will be stored. To
  create a page group, navigate to the "Build" tab and
  select the "Create Page Group" link.
• Set the Display Name for this page group to "Oracle E-
  Business Suite Page Group (<dbSid>)" and provide
  values for other required fields, including Name,
  Display Name, and Default Language. Spaces are
  not allowed for the Name field. Grant 'View' Access
  Privileges to group 'AUTHENTICATED_USERS'.



                     Prepared by: Adnan Siddiqui           102
Register the Oracle Applications
Web Provider
Peform this step in your 10g AS
• This step registers the Oracle Applications Web Provider for this
    Applications instance in Portal. Navigate to "Administer" tab ->
    "Portlets" region -> "Register a Provider" link.
•   Provider Information:
•   Name: OAFrameworkWebProvider_<dbSID>
•   Display Name: Oracle Applications Framework Provider
    (<dbSID>)
•   Timeout: 100
•   Timeout Message: Oracle E-Business Suite Framework Web
    Provider for (<dbSid>) Timed Out
•   Implementation Style: Web




                           Prepared by: Adnan Siddiqui                 103
Register the Oracle Applications
Web Provider
Perform this step in your 10g AS
• General Properties:
• URL: http://[Release_11i_host]:[port]/servlet/framework
    For example: http://myserver.mydomain.com:5001/servlet/framework.
•   Note that this URL refers to your Release 11i application server and not the
    standalone Oracle Application Server 10g instance.
•   Select the box labeled Web provider in same cookie domain as the
    portal?
•   Select the radio button labeled The user has the same identity in the
    Web providers application as in the Single Sign-On identity.
•   User/Session Information:
•   Select the User option
•   Login Frequency: Once per User Session
•   Ensure that the check box next to Require session specific
    information... is deselected.




                             Prepared by: Adnan Siddiqui                      104
Publish the newly registered
provider
•    To publish the newly created Oracle Applications
     Framework Web Provider:
1.   Navigate to Administer > Portlets> Display Portlet
     Repository > Portlet Staging Area
2.   Select your new provider from the list.
3.   From your provider's page, verify that a list of portlets
     is visible, then navigate to Edit > Access. The
     "Access" link is in the upper-left portion of the page.
4.   Select Display Page to Public Users.
•    Log out from Oracle Portal.


                       Prepared by: Adnan Siddiqui         105
Refreshing Portlet Repository

• If new Applications portlets are added
   later via additional patches, you will
   need to refresh the Portlet Repository for
   the Applications Framework Provider:
1. Navigate to Administer > Portlets>
   Refresh Portlet Repository
2. Click OK.

                Prepared by: Adnan Siddiqui   106
Set Up Portlet Usage and Default
Portal Home Page
•    Set the Applications Portal profile option to the Oracle
     Portal Home
1.   Log in to Oracle Applications with the System Administrator
     responsibility.
2.   Navigate to Profile > System.
3.   Query the Applications Portal profile option.
4.   Set the Applications Portal profile option to the Portal Home,
     using the following syntax:
•    http://[oas10g_hostname]:[oas10g_application_tier_PORT]/pls/por
     tal/[PORTAL_ACCOUNT].home
•    For example:
     http://oas10ginstall.us.oracle.com:8888/pls/portal/portal.home




                         Prepared by: Adnan Siddiqui             107
Set Up Portlet Usage and Default
Portal Home Page
• You must set this profile to your Portal
 10g Home each time you run AutoConfig,
 because AutoConfig does currently
 overwrite the profile with the Portal 3.0.9
 Home. This known issue will be addressed
 with the next AutoConfig rollup patch.



                Prepared by: Adnan Siddiqui   108
Assign responsibilities to users for
access to portlets
• A portlet is treated as a function within E-Business Suite
  security, and is assigned to a menu. This menu in turn
  is associated with a responsibility. In order to use a
  portlet, a user must be assigned a responsibility that has
  a menu with the portlet on it.
• The E-Business Suite delivers several portlets that are
  assigned to the Preferences menu. The Preferences
  menu is assigned to the "Preferences - Self Service Web
  Applications'" responsibility. You may assign the
  "Preferences - Self Service Web Applications"
  responsibility to users to give them access to these
  portlets. In the future, additional portlets will be
  available and accessible via other responsibilities.

                      Prepared by: Adnan Siddiqui         109
Create a new Portal Home Page
• The home page is the first page that is displayed
    to a user after logging in to Oracle Portal. This
    step provides high-level guidance for creating a
    new portal page which can be later set to be the
    default page that users see when they log into
    Portal.
•   Log in to Portal using an account that has Portal
    administration rights sufficient to create Portal
    pages (e.g. orcladmin).

                    Prepared by: Adnan Siddiqui    110
• Select the "Build" tab and use the Page Group drop down list to
  select the "Oracle E-Business Suite Page Group (<dbSid>)" created
  earlier.
• Select the "Create a Page" link to start a wizard that will lead
  guide you through the steps for creating a new portal page.
• The Create a Page wizard will lead you through the steps for
  creating a new page, each step presenting different options for how
  the page should look and function. Your choices for many of these
  settings will depend upon the look-and-feel that you wish to
  establish for your own custom portal. At minimum, it is
  recommended that you set the following options as you proceed
  through the "Create a Page" steps:
   – On the first step: Set Page Caching for this page to to Page
     Definition Only
   – On the final step: Grant Access to a user or group to which you want
     to grant access privileges. At minimum, you must grant View access to
     your users before they can view the new page that you're creating.




                         Prepared by: Adnan Siddiqui                   111
Add Portlets and Other Content to
Default Portal Home Page
• Once the Create a Page wizard completes, you
    will see a blank page, optionally with banners
    and other items formatted in the style that you
    selected. You must now add content to this
    page.
•   Any portlets may be added to the your new
    page, including standard portlets delivered with
    Oracle Portal, portlets for Release 11i, third-
    party portlets, and custom portlets.

                    Prepared by: Adnan Siddiqui    112
Add Application Navigator Portlet

• Click the Add Portlets icon in the region in
    which you want to add a portlet.
•   In the Portlet Repository, locate the Oracle
    Applications Framework Web Provider and select
    the 'Applications Navigator' portlet. Clicking on
    the portlet will add it to the "Selected Portlets"
    list. Click "OK" and then select the "Builder" link
    to return to the top-level Portal menu.


                     Prepared by: Adnan Siddiqui     113
Set a system-level default page
• Once you have created a Portal page, you may
     register this page as the default home page
     that all Portal users see when they log on to
     Portal for the first time.
•    Ensure this page is visible to all users with a
     valid username and password:
    1. Edit the page you just created and click on the
       Access link.
    2. Ensure that the checkbox labled Display Page to
       Public Users is unchecked.
    3. In the section labeled Grant Access, click on the
       Browse Groups icon and select the
       "AUTHENTICATED_USERS" group.
    4. Click on Add button and then click OK to confirm.
                     Prepared by: Adnan Siddiqui       114
Set a system-level default page

• In the Portal Builder, select the
  Administer tab > Services > Global
  Settings.
• Next to the Default Home Page field,
  click the Browse Pages icon to see a list
  of pages from which to choose. Navigate
  to the your newly created portal
  page. Click Return Object > OK.
                Prepared by: Adnan Siddiqui   115
Test the new system-level default
page
• Log in into Oracle Portal as a user who is
  not a Portal Administrator.
• Verify that the default Portal Home Page is
  displayed successfully.




                Prepared by: Adnan Siddiqui    116
Congratulations!

• You have successfully completed the
 Oracle Portal 10g installation and
 implementation




               Prepared by: Adnan Siddiqui   117
Appendix A -        De-Registering an Oracle E-
Business Suite 11i Instance from OID Server

• Option A : Interactive mode of de-registration
  perl -I$AU_TOP/perl \
  $FND_TOP/patch/115/bin/TXKScript.pl \
  -script=$FND_TOP/patch/115/bin/txkConfigureOID.pl \
  -txktop=$AU_TOP/perl \
  -deRegister=Yes




                   Prepared by: Adnan Siddiqui          118
• On Windows, you must pass all the arguments on a single command
  line, pressing once at the end.
  The script will prompt for the parameters in this order:
  Enter the LDAP Host ?
  Enter the LDAP Port ?
  Enter the LDAP Bind Password ?
  Enter Oracle E-Business apps database user password ? Option B :
  Non-interactive mode of de-registration
  $ perl -I$AU_TOP/perl \
  $FND_TOP/patch/115/bin/TXKScript.pl \
  -script=$FND_TOP/patch/115/bin/txkConfigureOID.pl \
  -txktop=$AU_TOP/perl \
  -ldapHost= \
  -ldapPort= \
  -bindPwd= \
  -appsPwd= \
  -deRegister=Yes
  On Windows, you must pass all the arguments on a single command
  line, pressing once at the end

                         Prepared by: Adnan Siddiqui            119
Confirm successful script
completion
• When the OID registration script completes
    successfully, it will print the following line:

    End of /patch/115/bin/txkConfigureOID.pl: No
    errors encountered.

    If you do not see this confirmation, examine the
•   /oid/txkConfigure_[timestamp]_stdout.log file to
    investigate the problem.

                      Prepared by: Adnan Siddiqui     120
Questions?




             Prepared by: Adnan Siddiqui   121
Thank you
Adnan Siddiqui – Whittmanhart
asiddiqui@whittmanhart.com




              Prepared by: Adnan Siddiqui   122

								
To top