Oracle Application R12(12.0.x) | JRE | UNKNOWN Publisher

January 19, 2018

Hi guys

This time I am going to post a solution towards one of the nagging annoyances with Oracle application R12 (12.0.6 in our specific case) & JRE securities those were implemented by JRE 7 (1.7.x)

Our instance was upgraded to use JRE 6 almost 5 years back during 12.0.4 to 12.0.6 upgrade and ever since there were dozens of JRE updates & the current JRE 1.8.0_161 (AS on 19th January 2018) & with each update, whatever the runtime parameters we add specifically for Oracle Application used to get removed, forcing us to renter it for each user.

I’ve been searching for a proper solution, not only towards the runtime parameter fix, for the security prompts those started annoying our end users whenever they tried to launch the forms, once after we forcefully updated many users who were sticking to 1.6 JRE

So after referring many documents, using some of the past experiences dealing with security certificates, I believe, have figured out how to get rid of those annoyances, minimum for a while.

Solution 1

Runtime parameters being removed after each JRE update

jre

Add a new environment JAVA_TOOL_OPTIONS with a value -Djava.vendor=”Sun Microsystems Inc.”

You may add it under your specific user or system wide, which I usually prefer so that I don’t have to worry about the next user who will be using the same system (for some reasons)

ENV

Solution 2

Addressing JAVA security prompts

Trying to open the forms with latest JRE without adding exceptions will produce the following JAVA security error

1.png

Now we need to add the application URL with complete port details to the security tab of JRE

2

Now, we will be presented with the “toughest” situation to resolve, which will be explained later.

3

Clicking the More Information, JAVA presents more details about the digital certificate issues, stating the publisher of the digital certificate as UNKNOWN, hence this warning appears for the end user each time whenever the user tries to open a Forms based module.

4

You may require Domain Administrator/Administrator privileges to continue the below fixes

1st we have to retrieve the certificate from Oracle application server. Login as application manager user to LINUX environment (We’re setting up the entire stuffs for R12 application that is running on 64Bit Linux)

download $APPL_TOP/admin/appltop.cer file to local computer (If your implementation team has cloned the instances across, the appltop.cer will remain the same across different servers, so the single certificate integration with the user computer should deal with all different instances of the Oracle application (Test, Development & Production)

Once the certificate is downloaded or copied to the local computer, you need to install it. We’ll install the certificate twice, in two different locations.

Follow the images below for more details

5

We will install the certificate for the “Local Machine”, so that all users using the same computer will get benefitted

6

For the 1st instance, We MUST install this certificate to “Trusted Root Certification Authorities” Container.

For 78

 

9

Once the certificate is imported, We should install the certificate once again, Select “Local System” and follow the prompts. We don’t have to specify the container this time.

10

Now, trying to open a forms based module will present you another warning

11

Checking “Do not show this again for apps from the publisher and location above” will suppress this dialog until the certificate remains the same for the application server.

Hope this helps few out there!

regards,

rajesh

 

 

Advertisements

Oracle Application R12 | HTML Page load issues with Internet Explorer 11 | Windows 10

January 7, 2018

Hi guys

Our Oracle application R12 (12.0.6) instance has JDK 6 environment & We don’t have any plans to migrate to any recent versions of Oracle Application those are supported by later Java environments.

Almost all users those use Oracle applications are using JRE for many other engineering programs (Calculations programs by Vendors) & frequent updates of the JRE happens automatically at the user ends. We have a significant crowd that is still using JRE 1.6_20 as base JRE, who seldom have the following issue(s) discussed below.

Over Windows 10, Internet Explorer 11 fails to load HTML pages properly & many times after the logon to the application, the HTML menu page is loaded in the explorer, leaving a 4-5 white space lines. Refer the image below

halfpage

Basically this issue is observed with boxes those have latest JRE (x86) installed and used with parameter -Djava.vendor=”Sun Microsystems Inc.”

image

Oracle blogs strictly says, Compatibility view for Oracle applications R12 shouldn’t be enabled for Internet Explorer 11. I have tried enabling the Compatibility view for the Oracle applications, without any positive changes.

As a last resort, I reset the Internet Explorer 11

image

and after restarting the computer, Oracle Application HTML pages started loading correctly, without leaving white spaces between the IE Window and application top frame.

Hope this helps few folks out there!

rajesh


R12 | Clone response file | adcfgclone automation

December 8, 2015

Hi guys

If you are familiar with R12 cloning, the entire process requires loads of input from a DBA before the cloning really starts kicking in. Now, there could be hundreds of reasons for the cloning process to fail and keeping on entering the responses for the cloning prompts are NOT at all fun, minimum for me.

So I started searching for “R12 clone response file” & google landed me in this post

https://community.oracle.com/thread/2142127?start=0&tstart=0

Excellent way Hussein Sawwan-Oracle has explained how to create the response files for both db, apps tier.

 

clone

First of all, context file to response file creation has a validation flag, which confirms the responses provided are valid throughout the response collection. This validate has a downside with the port pool selection. You will receive a port is not free error while the Oracle application is online, for which a system reboot is most recommended (rather than selecting “No” for the validation process”) after graceful shutdown of both application and database tiers.

I’m using .bash_profile files to source the environment for both my Oracle (oraprod) and Application Manager (applprod) accounts, hence I was able to shorten the efforts like following

As Oracle user (oraprod)

# cd $ORACLE_HOME/appsutil/clone/bin
# perl adclonectx.pl contextfile=$CONTEXT_FILE outfile=/u02/db.xml

Provided the responses and the db.xml was successfully created under /u02 and the context file creation log was created under /u02/log folder.

Please make sure you do “echo $CONTEXT_FILE” to check whether you $CONTEXT_FILE returns a meaningful file name!

As Application Manager user (applprod)

# cd $COMMON_TOP/clone/bin
# perl adclonectx.pl contextfile=$CONTEXT_FILE outfile=/u02/appl.xml

Now you should able to run the cloning processes using the newly cloned context files, for example

# perl adcfgclone.pl dbTier /u02/db.xml
# perl adcfgclone.pl appsTier /u02/appl.xml

That’s all folks, it works like a charm & you are NOT anymore typing in whole those lengthy paths and other variables :)

regards,

rajesh


RC-50004, AC-00005: No write permissions for creating the Context file – /tmp/temp.xml

December 8, 2015

Hi guys

Linux file/folder permissions could be very confusing for a beginner, minimum for me! After these many years of interacting with Linux I still get confused deciding what rights should be given to users or groups on certain folders :)

I came across a situation where the application tier cloning was continuously failing with the title error

RC-50004, AC-00005: No write permissions for creating the Context file – /tmp/temp.xml ?

I checked the for the /tmp folder permissions and realized the application user (applmgr/appltest) had proper right permissions on /tmp folder, yet the adcfgclone will not proceed after


Do you want to preserve the Display [erp-prod:0.0] (y/n) ? : n

Target System Display [erp-prodbak:0.0] :
RC-50004: Error occurred in CloneContext:
AC-00005: No write permissions for creating the Context file - /tmp/temp.xml
Raised by oracle.apps.ad.context.AppsContext
Check Clone Context logfile /u01/applprod/PROD/apps/apps_st/comn/clone/bin/CloneContext_1208121418.log for details.

After few attempts I came against another blog, that was explaining the situation in a different way. http://newgendba.blogspot.com/2009/08/how-to-quick-solve-this-post-clone.html

Blogger has suggested to check whether temp.xml created by another user exist in the /tmp folder, which was the actual reason in my case. I found temp.xml file created by “root” and deleted the same and cloning process just went all the way fine.

 

Hope this info helps few of those once in a bluemoon DBAs out there :)

 

regards,

rajesh

 


Oracle Applications R12 “Emergency” Rapid Clone

October 20, 2013

There could be occasions when as an apps DBA you would be asked to provide a fresh clone either over test or development environment to address a serious issue.

Rapid Clone hierarchy usually requires a DBA to pre-clone both application & database tiers, shutting down the source system and then souring the relevant folders to target system.

Today we are going to share a minor hack which could help you, when you cannot JUST shutdown a Production instance, however the cloned instance is a mandatory element to deal with a particular situation.

(Please note, this hack is ONLY applicable to situations where the backups were made without running PRE-CLONE or errors were raised stating

  1. Control file creation failed : ORA-01503: CREATE CONTROLFILE failed
  2. Certain database files were not recognized as part of the database : ORA-01565: error in identifying file)

Errors and example scenarios as mentioned with this thread

#cd /backup

#time tar –zcvf apps.tar.gz /u01/applprod/PROD/apps/*

(use “time” to check how much time the activity has taken)

Once the application tier has been tar balled

#time tar –zcvf db.tar.gz /u01/oraprod/PROD/db/*

Wait until the tar ball created

Now you can SCP the tar balls to your target system

scp –pr *.tar.gz root@targetsystem:/backup

The approximate time to transfer a database tar ball in 100GB size should be 33-35 minutes and the application tar ball in size 31GB around 9-10 minutes

Backup (if required after running the pre-clone) of your TEST/Development instance and delete the application and database folders (make sure you have shutdown the application and database instances)

#cd /u02/oratest/TEST/db

#rm –rf *

#cd /u02/appltest/TEST

#rm –rf *

Now extract the tar balls to respective base paths

#time tar –zxvf /backup/apps.tar.gz

We are already in the folder /u02/appltest/TEST so the application instance files will be extracted in the same location

Once the extraction is over, we can go ahead with extracting the database tier files

#cd /u02/oratest/TEST/db

#tar –zxvf db.tar.gz

Wait until the extraction part is over

The real hack starts from here

#cd /u02/oratest/TEST/db/tech_st/10.2.0/appsutil

#rm –rf *

Switch to source system (Aka Production instance)

#su – oraprod

If the .bash_profile has an exclusive call for the environment sourcing, your environment will be automatically sourced, else source it

Run pre-clone for the database tier now

$perl adpreclone.pl dbTier

Once the pre-clone activities completed successfully, switch to

$cd $ORACLE_HOME/appsutil

Create a tar file

$tar –zcvf appsutil.tar.gz *

Now move the new tar file to your TEST/Development instance

$scp –pr appsutil.tar.gz root@targetsystem:/backup

From the target system, move to

#cd /u02/oratest/TEST/db/tech_st/10.2.0/appsutil

Unzip the appsutil.tar.gz

#tar –zxvf /backup/appsutil.tar.gz

Once the files are extracted, change the ownership of the base path once again

#chown –R oratest:oinstall /u02/oratest

Change the access permissions

#chmod –R 777 /u02/oratest

Now as user “oratest” you can start the database tier cloning

#su – oratest

$cd /u02/oratest/TEST/db/tech_st/10.2.0/appsutil/clone/bin

$perl adcfgclone.pl dbTier

Once the database tier cloning completes successfully, you can proceed with application tier cloning, which doesn’t require any specific hacks

Side notes:

In my case I found that the “Gather schema statistics” program was missing from the scheduled jobs list. If you are experiencing slowness with your freshly cloned instance, it is highly recommended to run the said program prior going ahead with any other activities.

Make sure you would clear the cache under global configurations.

Hope you enjoyed another “hack” from us! Our sincere thanks and gratitude to Ravi Purbia (Sr. Apps DBA Consultant) who has provided us the details about this particular hack.

regards,

for Windows7bugs

admin