Tuesday, September 25, 2012
Friday, September 21, 2012
Expire All FND_USER Passwords?
“Expire all FND_USER passwords”
This is available starting in RUP4. Requires Patch 4676589 ATG RUP 4.
The script to expire all passwords in the fnd_user table is $FND_TOP/sql/AFCPEXPIRE.sql. It can be executed from SQL*Plus or as a Concurrent Program:
sqlplus -s APPS/<pwd> @AFCPEXPIRE.sql
or
Submit concurrent request: CP SQL*Plus Expire FND_USER Passwords
This script sets the fnd_user.password_date to null for all users which causes all user passwords to expire. It can also be run as a SQL*Plus concurrent program. The user will need to create a new password upon the next login.
“Expire all FND_USER passwords”
This is available starting in RUP4. Requires Patch 4676589 ATG RUP 4.
The script to expire all passwords in the fnd_user table is $FND_TOP/sql/AFCPEXPIRE.sql. It can be executed from SQL*Plus or as a Concurrent Program:
sqlplus -s APPS/<pwd> @AFCPEXPIRE.sql
or
Submit concurrent request: CP SQL*Plus Expire FND_USER Passwords
This script sets the fnd_user.password_date to null for all users which causes all user passwords to expire. It can also be run as a SQL*Plus concurrent program. The user will need to create a new password upon the next login.
FND_USER script
Purpose-
Can be used to create an FND_USER for any developer that joins the team
This simple script will set all the desired admin responsibilities and all common profile options for a given FND_USER.
Salient features of this simple script are
1. If a user is inactive, that FND_USER will be re-activated
2. If any of their Sysadmin or WF Admin or Application Developer or Functional Admin responsibilities are inactive, those responsibilities will be re-activated
3. Add commonly used responsibilities will be assigned to the user
3. Personalization, Diagnostic and Utilities profile options will be assigned to this user.
4. Password expiration will be removed from the FND_USER
In a nutshell, use this script to enable a user and to enable all their administrator responsibilities.
This script can be run as many times for any given user.
In case a user does not exist, then new user will be created with default password being oracle123
SCRIPT BELOW
################################################################################
Please find the script below
Save this as a SQL File, and it will prompt for parameter User Name
DECLARE
v_session_id INTEGER := userenv('sessionid');
v_user_name VARCHAR2(30) := upper('&Enter_User_Name');
result BOOLEAN;
v_user_id INTEGER;
FUNCTION check_fu_name(p_user_name IN VARCHAR2) RETURN BOOLEAN IS
CURSOR c_check IS
SELECT 'x' FROM fnd_user WHERE user_name = p_user_name;
p_check c_check%ROWTYPE;
BEGIN
OPEN c_check;
FETCH c_check
INTO p_check;
IF c_check%FOUND
THEN
/*Yes, it exists*/
CLOSE c_check;
RETURN TRUE;
END IF;
CLOSE c_check;
RETURN FALSE;
END check_fu_name;
BEGIN
IF NOT (check_fu_name(p_user_name => v_user_name))
THEN
fnd_user_pkg.createuser(x_user_name => v_user_name
,x_owner => ''
,x_unencrypted_password => 'oracle123'
,x_session_number => v_session_id
,x_start_date => SYSDATE - 10
,x_end_date => SYSDATE + 100
,x_last_logon_date => SYSDATE - 10
,x_description => 'BNitin'
,x_password_date => SYSDATE - 10
,x_password_accesses_left => 10000
,x_password_lifespan_accesses => 10000
,x_password_lifespan_days => 10000
,x_employee_id => NULL /*Change this id by running below SQL*/
/*
SELECT person_id
,full_name
FROM per_all_people_f
WHERE upper(full_name) LIKE '%' || upper('<ampersand>full_name') || '%'
GROUP BY person_id
,full_name
*/
,x_email_address => ' abc@gmail.com'
,x_fax => ''
,x_customer_id => ''
,x_supplier_id => '');
dbms_output.put_line ( 'FND_USER Created' ) ;
ELSE
fnd_user_pkg.updateuser(x_user_name => v_user_name
,x_owner => 'CUST'
,x_end_date => fnd_user_pkg.null_date
,x_password_date => SYSDATE - 10
,x_password_accesses_left => 10000
,x_password_lifespan_accesses => 10000
,x_password_lifespan_days => 10000);
dbms_output.put_line ( 'End Date removed from FND_USER ' ) ;
END IF;
SELECT user_id
INTO v_user_id
FROM fnd_user
WHERE user_name = v_user_name;
fnd_user_pkg.addresp(username => v_user_name
,resp_app => 'FND'
,resp_key => 'FND_FUNC_ADMIN'
,security_group => 'STANDARD'
,description => 'BNitin dbawalkspot.com'
,start_date => SYSDATE - 1
,end_date => SYSDATE + 10000);
fnd_user_pkg.addresp(username => v_user_name
,resp_app => 'SYSADMIN'
,resp_key => 'SYSTEM_ADMINISTRATOR'
,security_group => 'STANDARD'
,description => 'BNitin dbawalkspot.com'
,start_date => SYSDATE - 1
,end_date => SYSDATE + 10000);
fnd_user_pkg.addresp(username => v_user_name
,resp_app => 'FND'
,resp_key => 'FNDWF_ADMIN_WEB'
,security_group => 'STANDARD'
,description => 'BNitin dbawalkspot.com'
,start_date => SYSDATE - 1
,end_date => SYSDATE + 10000);
fnd_user_pkg.addresp(username => v_user_name
,resp_app => 'FND'
,resp_key => 'APPLICATION_DEVELOPER'
,security_group => 'STANDARD'
,description => 'BNitin dbawalkspot.com'
,start_date => SYSDATE - 1
,end_date => SYSDATE + 10000);
fnd_user_pkg.addresp(username => v_user_name,
resp_app => 'ICX',
resp_key => 'PREFERENCES',
security_group => 'STANDARD',
description => 'BNitin dbawalkspot.com',
start_date => sysdate - 1,
end_date => null);
result := fnd_profile.save(x_name => 'APPS_SSO_LOCAL_LOGIN'
,x_value => 'BOTH'
,x_level_name => 'USER'
,x_level_value => v_user_id);
result := fnd_profile.save(x_name => 'FND_CUSTOM_OA_DEFINTION'
,x_value => 'Y'
,x_level_name => 'USER'
,x_level_value => v_user_id);
result := fnd_profile.save(x_name => 'FND_DIAGNOSTICS'
,x_value => 'Y'
,x_level_name => 'USER'
,x_level_value => v_user_id);
result := fnd_profile.save(x_name => 'DIAGNOSTICS'
,x_value => 'Y'
,x_level_name => 'USER'
,x_level_value => v_user_id);
result := fnd_profile.save(x_name => 'FND_HIDE_DIAGNOSTICS'
,x_value => 'N'
,x_level_name => 'USER'
,x_level_value => v_user_id);
COMMIT;
END;
/
################################################################################
Purpose-
Can be used to create an FND_USER for any developer that joins the team
This simple script will set all the desired admin responsibilities and all common profile options for a given FND_USER.
Salient features of this simple script are
1. If a user is inactive, that FND_USER will be re-activated
2. If any of their Sysadmin or WF Admin or Application Developer or Functional Admin responsibilities are inactive, those responsibilities will be re-activated
3. Add commonly used responsibilities will be assigned to the user
3. Personalization, Diagnostic and Utilities profile options will be assigned to this user.
4. Password expiration will be removed from the FND_USER
In a nutshell, use this script to enable a user and to enable all their administrator responsibilities.
This script can be run as many times for any given user.
In case a user does not exist, then new user will be created with default password being oracle123
SCRIPT BELOW
################################################################################
Please find the script below
Save this as a SQL File, and it will prompt for parameter User Name
DECLARE
v_session_id INTEGER := userenv('sessionid');
v_user_name VARCHAR2(30) := upper('&Enter_User_Name');
result BOOLEAN;
v_user_id INTEGER;
FUNCTION check_fu_name(p_user_name IN VARCHAR2) RETURN BOOLEAN IS
CURSOR c_check IS
SELECT 'x' FROM fnd_user WHERE user_name = p_user_name;
p_check c_check%ROWTYPE;
BEGIN
OPEN c_check;
FETCH c_check
INTO p_check;
IF c_check%FOUND
THEN
/*Yes, it exists*/
CLOSE c_check;
RETURN TRUE;
END IF;
CLOSE c_check;
RETURN FALSE;
END check_fu_name;
BEGIN
IF NOT (check_fu_name(p_user_name => v_user_name))
THEN
fnd_user_pkg.createuser(x_user_name => v_user_name
,x_owner => ''
,x_unencrypted_password => 'oracle123'
,x_session_number => v_session_id
,x_start_date => SYSDATE - 10
,x_end_date => SYSDATE + 100
,x_last_logon_date => SYSDATE - 10
,x_description => 'BNitin'
,x_password_date => SYSDATE - 10
,x_password_accesses_left => 10000
,x_password_lifespan_accesses => 10000
,x_password_lifespan_days => 10000
,x_employee_id => NULL /*Change this id by running below SQL*/
/*
SELECT person_id
,full_name
FROM per_all_people_f
WHERE upper(full_name) LIKE '%' || upper('<ampersand>full_name') || '%'
GROUP BY person_id
,full_name
*/
,x_email_address => ' abc@gmail.com'
,x_fax => ''
,x_customer_id => ''
,x_supplier_id => '');
dbms_output.put_line ( 'FND_USER Created' ) ;
ELSE
fnd_user_pkg.updateuser(x_user_name => v_user_name
,x_owner => 'CUST'
,x_end_date => fnd_user_pkg.null_date
,x_password_date => SYSDATE - 10
,x_password_accesses_left => 10000
,x_password_lifespan_accesses => 10000
,x_password_lifespan_days => 10000);
dbms_output.put_line ( 'End Date removed from FND_USER ' ) ;
END IF;
SELECT user_id
INTO v_user_id
FROM fnd_user
WHERE user_name = v_user_name;
fnd_user_pkg.addresp(username => v_user_name
,resp_app => 'FND'
,resp_key => 'FND_FUNC_ADMIN'
,security_group => 'STANDARD'
,description => 'BNitin dbawalkspot.com'
,start_date => SYSDATE - 1
,end_date => SYSDATE + 10000);
fnd_user_pkg.addresp(username => v_user_name
,resp_app => 'SYSADMIN'
,resp_key => 'SYSTEM_ADMINISTRATOR'
,security_group => 'STANDARD'
,description => 'BNitin dbawalkspot.com'
,start_date => SYSDATE - 1
,end_date => SYSDATE + 10000);
fnd_user_pkg.addresp(username => v_user_name
,resp_app => 'FND'
,resp_key => 'FNDWF_ADMIN_WEB'
,security_group => 'STANDARD'
,description => 'BNitin dbawalkspot.com'
,start_date => SYSDATE - 1
,end_date => SYSDATE + 10000);
fnd_user_pkg.addresp(username => v_user_name
,resp_app => 'FND'
,resp_key => 'APPLICATION_DEVELOPER'
,security_group => 'STANDARD'
,description => 'BNitin dbawalkspot.com'
,start_date => SYSDATE - 1
,end_date => SYSDATE + 10000);
fnd_user_pkg.addresp(username => v_user_name,
resp_app => 'ICX',
resp_key => 'PREFERENCES',
security_group => 'STANDARD',
description => 'BNitin dbawalkspot.com',
start_date => sysdate - 1,
end_date => null);
result := fnd_profile.save(x_name => 'APPS_SSO_LOCAL_LOGIN'
,x_value => 'BOTH'
,x_level_name => 'USER'
,x_level_value => v_user_id);
result := fnd_profile.save(x_name => 'FND_CUSTOM_OA_DEFINTION'
,x_value => 'Y'
,x_level_name => 'USER'
,x_level_value => v_user_id);
result := fnd_profile.save(x_name => 'FND_DIAGNOSTICS'
,x_value => 'Y'
,x_level_name => 'USER'
,x_level_value => v_user_id);
result := fnd_profile.save(x_name => 'DIAGNOSTICS'
,x_value => 'Y'
,x_level_name => 'USER'
,x_level_value => v_user_id);
result := fnd_profile.save(x_name => 'FND_HIDE_DIAGNOSTICS'
,x_value => 'N'
,x_level_name => 'USER'
,x_level_value => v_user_id);
COMMIT;
END;
/
################################################################################
Wednesday, September 12, 2012
Using Lightweight MLS With Oracle E-Business Suite Release 12.1.3
There was a requirement where we had to store the item's descriptions in 5 languages(Countries of business for us). This was only required for reporting purposes. It was not required to have forms and self service pages in other languages.
Here the feature of Lightweight MLS came in very handy. Its introduced in 12.1.3
What it does- IT ENABLES ADDITIONAL LANGUAGES WITHOUT THE NEED TO APPLY THE NLS PATCH
Steps to enable MLS-
There was a requirement where we had to store the item's descriptions in 5 languages(Countries of business for us). This was only required for reporting purposes. It was not required to have forms and self service pages in other languages.
Here the feature of Lightweight MLS came in very handy. Its introduced in 12.1.3
What it does- IT ENABLES ADDITIONAL LANGUAGES WITHOUT THE NEED TO APPLY THE NLS PATCH
Steps to enable MLS-
- From OAM go to License Manager and activate the desired language
- From AD Admin -Choose 'Maintain Application Database Entities' option and then the 'Maintain Multi-Lingual Tables' task
- Run the message synchronization script-$FND_TOP/patch/115/sql/AFMSGSYNC.sql
$ sqlplus apps/apps @AFMSGSYNC.sql
NOTE: This script synchronizes the language data in FND_NEW_MESSAGES table
with the base language data.
Press RETURN to continue.
Currently, following languages are installed:
CODE NAME STATUS
---- ------------------------ ------------
US American English Base
D German Install
FRC Canadian French Install
Please choose Oracle Language code from the installed languages.
For example JA for Japanese. This language data will be synchronized
with the base language data.
Language Code: D
You chose Spanish (D).
Is this correct language to synchronize [Yes] ?
Reading FND_NEW_MESSAGES table to see if language data exists.
No Spanish language data exists in FND_NEW_MESSAGES table.
Base language data will be copied to this language. Do you wish to proceed [No] ? Yes
Synchronization is in progress...
Synchronization has been done.
Please do a 'commit' if changes are OK. Otherwise, do a 'rollback'.
SQL> commit;
Commit complete.
Bounce the application tier services and we have light weight MLS enabled
Friday, August 17, 2012
Upgrading to Oracle Identity Management (11.1.1.5.0)
Upgrading to Oracle Identity Management (11.1.1.5.0)
Understanding the Oracle Identity Management Installation
Oracle Identity Management 11g includes two distinct suitesUnderstanding the Oracle Identity Management Installation
- Overview and Structure of Oracle Identity Management 11g Installation
-Oracle Identity Management 11g Release 1 (11.1.1.5.0)
-Oracle Identity and Access Management 11g Release 1 (11.1.1.5.0)
Oracle Identity Management 11g Release 1 (11.1.1.5.0)
To install Oracle Identity Management 11g Release 1 (11.1.1.5.0) you must install
Oracle Identity Management 11g Release 1 (11.1.1.2.0) first.
To install Oracle Identity Management 11g Release 1 (11.1.1.2.0), use ofm_idm_win_
11.1.1.2.0_32_disk1_1of1.zip (for Windows) or ofm_idm_linux_
11.1.1.2.0_32_disk1_1of1.zip (for Linux) comprising the following products:
– Oracle Internet Directory (OID)
– Oracle Virtual Directory (OVD)
– Oracle Directory Services Manager (ODSM)
– Oracle Directory Integration Platform (ODIP)
– Oracle Identity Federation (OIF)
Then you must patch your Oracle Identity Management 11.1.1.2.0 to Oracle Identity
Management 11.1.1.5.0 using the ofm_idm_win_11.1.1.5.0_32_disk1_
1of1.zip (for Windows) or ofm_idm_linux_11.1.1.5.0_32_disk1_1of1.zip
(for Linux)
Oracle Identity and Access Management 11g Release 1 (11.1.1.5.0)
To install Oracle Identity and Access Management 11g Release 1 (11.1.1.5.0), use ofm_
iam_generic_11.1.1.5.0_disk1_1of1.zip comprising the following Oracle Identity and Access Management 11.1.1.5.0 products:
– Oracle Identity Manager (OIM)
– Oracle Access Manager (OAM)
– Oracle Identity Navigator (OIN)
– Oracle Adaptive Access Manager (OAAM)
– Oracle Entitlements Server (OES)
Structure of the Installation
You can install both of the Oracle Identity Management products under a common
Middleware Home directory. When you install these suites on the same machine, two
Oracle Home directories are created on the machine .
For example, the first one, IDM_Home can be the IDM_Home
directory for
- Oracle Internet Directory
- Oracle Virtual Directory
- Oracle Directory Services Manager
- Oracle Directory Integration Platform
- Oracle Identity Federation
The second one, IAM_Home can be the IDM_Home directory for
Oracle Identity Manager
Oracle Access Manager
Oracle Adaptive Access Manager
Understanding Oracle Fusion Middle and Oracle Identity Management
Oracle Fusion Middleware-
It is a collection of standards based software products that spans a range of tools and services.
It entails
JAVA EE and developer tools
Integration Services
Business Intelligence
Collaboration
Oracle Fusion Middleware offers complete support for
-Development
-Deployment
-Management
Oracle Enterprise Manager Fusion Middleware Control-
It is a web browser based GUI that you can use to monitor and administer Oracle Fusion Middleware components including Oracle Identity Management Components that are installed in Oracle Weblogic Server domains.
Oracle Identity Management-
It enables enterprises to manage the end-to-end lifecycle of user identities across all enterprise resources-both within and beyond the firewall.
Within OIM , you can
Oracle Internet Directory (OID)
Oracle Directory Integration Platform (ODIP)
Oracle Virtual Directory (OVD)
Oracle Directory Services Manager (ODSM)
Oracle Identity Federation (OIF)
Oracle Identity and Access Management 11g Release 1 (11.1.1.5.0) Components
Oracle Identity Manager (OIM)
Oracle Access Manager (OAM)
Oracle Adaptive Access Manager (OAAM)
Oracle Identity Navigator (OIN)
Oracle Entitlement Server (OES)
Spl Instructions for Oracle Single Sign On (OSSO) and Oracle Delegated Admin Services Users
OSSO and Oracle Delegated Admin Services are reqd components for
If you have OSSO 10g (10.1.2.3 or 10.1.4.3) installed on your topology, upgrade OSSO on 10g to Oracle Access Manager 11g.
NOTE- Installing OSSO 10g for use with OID 11g Rel1(11.1.1.5.0) is not supported
You can continue to use OSSO 10g or Oracle Delegated Admin Services Rel10g with OID Rel10g
It is a collection of standards based software products that spans a range of tools and services.
It entails
JAVA EE and developer tools
Integration Services
Business Intelligence
Collaboration
Oracle Fusion Middleware offers complete support for
-Development
-Deployment
-Management
Oracle Enterprise Manager Fusion Middleware Control-
It is a web browser based GUI that you can use to monitor and administer Oracle Fusion Middleware components including Oracle Identity Management Components that are installed in Oracle Weblogic Server domains.
Oracle Identity Management-
It enables enterprises to manage the end-to-end lifecycle of user identities across all enterprise resources-both within and beyond the firewall.
Within OIM , you can
- Deploy applications faster
- Apply the most granular protection to enterprise resources
- Automatically eliminate latent access privileges
- and Much more..
Oracle Internet Directory (OID)
Oracle Directory Integration Platform (ODIP)
Oracle Virtual Directory (OVD)
Oracle Directory Services Manager (ODSM)
Oracle Identity Federation (OIF)
Oracle Identity and Access Management 11g Release 1 (11.1.1.5.0) Components
Oracle Identity Manager (OIM)
Oracle Access Manager (OAM)
Oracle Adaptive Access Manager (OAAM)
Oracle Identity Navigator (OIN)
Oracle Entitlement Server (OES)
Spl Instructions for Oracle Single Sign On (OSSO) and Oracle Delegated Admin Services Users
OSSO and Oracle Delegated Admin Services are reqd components for
- Oracle Portal
- Forms
- Reports
- Discoverer Release 10g and Release 11g
If you have OSSO 10g (10.1.2.3 or 10.1.4.3) installed on your topology, upgrade OSSO on 10g to Oracle Access Manager 11g.
NOTE- Installing OSSO 10g for use with OID 11g Rel1(11.1.1.5.0) is not supported
You can continue to use OSSO 10g or Oracle Delegated Admin Services Rel10g with OID Rel10g
Tuesday, August 14, 2012
Oracle Identity Manager Architecture
- Oracle Identity Manager is J2EE ( provisioning, request processing and job scheduling) and Web based (profile management and delegated administration) application
- OIM is J2EE based application deployed on J2EE compliant application server (Weblogic, Tomcat, IBM websphere) and repository in relation database ( ORACLE , MYSQL)
- For OIM certification matrix Click here
Subscribe to:
Posts (Atom)