Integrate Oracle Applications R12 with Oracle Internet Directory and SSO ----------------------------------------------------------------------------------------- High Level Steps -------------------- Oracle 10g AS 1> Install Infra Oracle Application Server 10.1.2, OID 2> Upgrade the database of the infra from 10.1.0.4 to 10.1.0.5 3> Apply patch 4960210 to upgrade the apps server from 10.1.2 to 10.1.2.2 Oracle Application R12.0.4 4> Install Oracle Application R12.0.4 – Already installed 5> Register Oracle Applications 11.5.10.2 with OID 6> Validate that Single Sign-On is Working Correctly

linux1 (10gAS Server) Oracle 10gAS (10.1.2.2) with OID SID - asinf – server name

linux20 (R12 Server) R12.0.4 Single Node

SID - TEST

1> Install Infra Oracle Application Server 10.1.2, OID

Download the software from http://otn.oracle.com su – root useradd -g dba -d /d01/oracleAS/asinf asinf

mkdir –p /d01/oracleAS chown asinf :dba /d01/oraceAS xhost + su – asinf ./runInstaller

Global Database name – asinf.com SID- asinf

welcome1

Instance name – orasso Ias_admin password – welcome1

2> Upgrade the database of the infra from 10.1.0.4 to 10.1.0.5

Upgrade the database of the infra from 10.1.0.4 to 10.1.0.5 Stop all the infra components including OID database Download the patch and apply the patch 4505133 Apply database patch p4505133_10105_LINUX ./runInstaller

sqlplus “/as sysdba”

1. Enter the following SQL*Plus commands: 2. SQL> STARTUP UPGRADE 3. SQL> SPOOL patch.log 4. SQL> @?/rdbms/admin/catpatch.sql 5. SQL> SPOOL OFF

6. Restart the database: 7. SQL> SHUTDOWN 8. SQL> STARTUP 9.

10. Run the utlrp.sql script to recompile all invalid PL/SQL packages now

instead of when the packages are accessed for the first time. This step is optional but recommended.

SQL> @?/rdbms/admin/utlrp.sql

3> Apply patch 4960210 to upgrade the apps server from 10.1.2 to 10.1.2.2 All infra components should be started including datatabase, OID su – asinf cd $ORACLE_HOME/bin sh runstartupconsole start

welcome1

welcome1

welcome1

http://linux1.com:7777/pls/orasso Login using orcladmin/welcome1 http://linux1.com:7777/oiddas - login using orcladmin/welcome1

Click Directory

orcladmin/welcome1

4> Install Oracle Application R12.0.4 – Already installed Follow the below steps http://www.appsdba.info/docs/oracle_apps/Installation/R12/snir12-ln.pdf

* Create a user appsso – later we shall move this user from Apps to OID

5 Register Oracle Applications R12 with OID

Before registering make sure to change the following profiles with the values give as below.

• Applications SSO Type: SSWAw/SSO • Applications SSO Auto Link User: Enable • Applications SSO Login Types: Both • Application SSO LDAP Synchronization: Enable • Applications SSO Enable OID Identity Add Event: Enable • Link Applications user with OID user with same username: Enable

Once the profiles are set, go ahead with OID/SSO registration

-- To deregister (for cloned instance) $FND_TOP/bin/txkrun.pl -script=SetSSOReg -deregister=yes -appspass=apps

-- Oracle Home Registration

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registerinstance=yes

You are registering ORACLE HOME only. Enter the host name where Oracle iAS Infrastructure database is installed ? linu x1 Enter the LDAP Port on Oracle Internet Directory server ? 13060 Enter SSL LDAP Port on Oracle Internet Directory server ? 13130 Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? we lcome1 Enter Oracle E-Business apps database user password ? apps *** Log File = /d01/oracle/TEST/inst/apps/TEST_linux20/logs/appl/rgf/TXK/txkSetS SOReg_Thu_Sep_11_06_36_52_2008.xml Beginning input parameter validation for Oracle Home Instance registration. Input parameter validation for Oracle Home Instance registration completed. BEGIN ORACLE HOME INSTANCE REGISTRATION: Oracle Home Instance preferences stored successfully. Oracle Home Instance registered successfully. End of /d01/oracle/TEST/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg. pl : No Errors encountered

- SSO Registration

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registersso=yes

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registersso=yes You are registering this instance with SSO Server. Enter Oracle E-Business apps database user password ? apps *** Log File = /d01/oracle/TEST/inst/apps/TEST_linux20/logs/appl/rgf/TXK/txkSetSSOReg_Thu_Sep_11_06_37_48_2008.xml Beginning input parameter validation for SSO registration. Input parameter validation for SSO registration completed. BEGIN SSO REGISTRATION: Beginning to register partner application. Partner application has been registered successfully.

Configuration file uploaded successfully. Single Sign-On partner application registered successfully. End of /d01/oracle/TEST/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl : No Errors encountered

-- OID Registration

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registeroid=yes

You are registering this instance with OID Server.

Enter LDAP Host name ? linux1

Enter the LDAP Port on Oracle Internet Directory server ? 13060

Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome1

Enter the instance password that you would like to register this application instance with ? welcome1

Enter Oracle E-Business apps database user password ? apps

*** Log File = /d01/oracle/TEST/inst/apps/TEST_linux20/logs/appl/rgf/TXK/txkSetSSOReg_Thu_Sep_11_06_38_40_2008.xml

Beginning input parameter validation for OID registration.

Input parameters validation for OID registration completed.

BEGIN OID REGISTRATION:

Beginning to register Application and Service containers if necessary.

Application and Service containers were created successfully if necessary.

Beginning to register application in Oracle Internet Directory.

Registration of application in Oracle Internet Directory completed successfully.

-> LOADING: /d01/oracle/TEST/apps/apps_st/appl/fnd/12.0.0/admin/template/AppsOIDRegistration.tmp

Beginning to register provisioning profile in Oracle Internet Directory.

Registration of provisioning profile in Oracle Internet Directory completed successfully.

Application is now registered successfully with provisioning in Oracle Internet Directory.

End of /d01/oracle/TEST/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl : No Errors encountered

De-Registrating OID/SSO

Deregister OID

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -deregisteroid=yes

Deregister SSO

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -deregistersso=yes

Deregister Instance

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -deregisterinstance=yes

Once these 3 steps are done, bounce the application system middle tier, login to application and change the profile options back to original value. Following values should be made for the profile options.

• Applications SSO Type: SSWAw/SSO • Applications SSO Auto Link User: Disable • Applications SSO Login Types: Local • Application SSO LDAP Synchronization: Disable • Applications SSO Enable OID Identity Add Event: Disable • Link Applications user with OID user with same username: Disable

Logon to Oracle Application

Re-Start the application http://linux20:8010/OA_HTML/AppsLocalLogin.jsp * Indirect link to Oracle Applications Note: Synchronization happens from FND to OID and not viceversa 1.Oracle oracle11i login ---------------- http://linux20:8010/OA_HTML/AppsLocalLogin.jsp 2.Oracle SSo login

http://linux20.com:8001/OA_HTML/AppsLogin

6 Validate that Single Sign-On is Working Correctly

Oracle Application Server 10g with Oracle E-Business Suite Release 11i Troubleshooting

Doc ID: Note:295606.1

SSO Task 4: Validate that Single Sign-On is Working

Correctly

To validate that Oracle E-Business Suite Release 11i has been properly registered as a partner application to Single Sign-On, perform the following steps:

SSO Task 4, Step 1: Run the Diagnostic Utility

SSO Task 4, Step 1.1: Login locally to the E-Business Suite

Login as user "sysadmin" to the E-Business Suite locally using this URL:

Where <server> and <port> reflect the correct values for your environment.

SSO Task 4, Step 1.2: Launch Diagnostics

• Select the responsibility "CRM HTML Administration" from the Navigator's left pane

• Select the function "Diagnostics" from the Navigator's right pane. This will launch a new window. If you do not see a new window, make sure any browser pop-up blockers are disabled.

SSO Task 4, Step 1.3: Run SSO Diagnostics

• Click on the "Basic" tab • Choose "Application Object Library" from the Applications drop down • Click on "SSO Setup Tests" - Click on "Run Without Pre-Requisite" • All the tests should complete successfully • Click on the "Report" icon for each test and verify the results

SSO Task 4, Step 1.4: Run OID Diagnostics

• Click on "OID Setup" - Click on "Run Without Pre-Requisite"

• All the tests should complete successfully • Click on the "Report" icon for each test and verify the results

SSO Task 4, Step 2: Verify that your Oracle E-Business Suite instance is correctly integrated with Oracle Single Sign-on server.

Request the appropriate E-Business Suite login link, of the form:

http://linux20.com:8001/OA_HTML/AppsLogin

Where <host> and <port> reflect the correct values for your environment. This should direct you to the Single Sign-On Login screen.

Now create a user orasso and login to Oracle application using the below link

http://linux20.com:8001/OA_HTML/AppsLogin

Login as orasso

SSO Task 4, Step 2.2: Enter the username and password for a valid account in Oracle Internet Directory. You should be directed to either the Oracle E-Business Suite home page or a page that shows "More Information Requested".

SSO Task 4, Step 2.3: Click on the logout link on whichever of the pages that you see. You should now be directed to the Single Sign-On Logout page. If so, then Single Sign-On integration has been carried out correctly.

Also see Single Sign-On Processes and Troubleshooting .

SSO Task 4, Step 3: Verify that your Oracle E-Business Suite instance is correctly integrated with Oracle Internet Directory.

SSO Task 4, Step 3.1: Check that there are no errors in the Oracle Internet Directory log files for the E-Business Suite instance you have just configured. These files are on the

machine that hosts Oracle Internet Directory, under $ORACLE_HOME/ldap/odi/log. There are two log files for each provisioning direction, so there will either be two or four in total. The files for provisioning from Oracle Internet Directory to E-Business Suite end

with _E.aud and _E.trc. The files for provisioning from E-Business Suite to Oracle

Internet Directory end with _I.aud and _I.trc.

SSO Task 4, Step 3.2: Depending on how provisioning has been configured, try to create a user from either E-Business Suite or Oracle Internet Directory. If you used the default registration process, you may create a user either in E-Business Suite or Oracle Internet Directory and see the newly-provisioned user appear in the other system within about two

minutes. The user details should be visible in the relevant .aud log files for users created from Oracle Internet Directory to E-Business Suite. If so, then provisioning configuration for Oracle Internet Directory has been performed correctly.

http://linux20:8001/OA_HTML/AppsLocalLogin.jsp

connect as sysadmin/sysadmin

https://metalink.oracle.com/metalink/plsql/f?p=130:14:11131203365242372614::::p14_database_id,p14_docid,p14_show_header,p14_show_help,p14_black_frame,p14_font:NOT,295606.1,1,1,1,helvetica http://home.c2i.net/toreingolf/oracle/ias1012/install.htm http://beginapps.blogspot.com/2008/01/oracleas-10g-with-oracle-e-business.html - must read http://onlineappsdba.com/index.php/2008/06/14/user-created-in-apps-11ir1212i-not-sync-to-oid/ http://advait.wordpress.com/enabling-oidsso-for-e-business-suite-r12/

Your first attempt should be to follow checklist as per metalink note 295606.1 (For 11i) & 380487.1 (For R12/12i)