Enabling OID/SSO for E-Business Suite R12

Following procedure shows registering Oracle E-Business suite R12 with OID and enabling SSO. This is based on metalink note ID 376811.1

There are three components that can be registered or de-registered in Release 12 with the SSO/OID registration utility. The utility automatically detects the registered components and performs registration for the un-registered components. So there is no need to pass individual registration arguments.

SSO-OID Registration can be done using a single command (Section 1.1). Even though it can be done in a single command it is divided into three parts.

  • Oracle Home Registration.
  • SSO Registration.
  • OID Registration.

Here we will see registering each component individually.

Also we need to have Oracle Application server 10g installed before proceeding for OID/SSO registration. Here are the list of component and supported version.

Components

Oracle E-Business Suite R12
The following components must be used on the E-Business Suite instance:

Component Name
Release
Oracle E-Business Suite Release 12
12.0.0
Oracle 10g Application Server
10.1.2
Oracle 10g Application Server
10.1.3
Oracle Developer 10g (includes Oracle Forms)
10.1.2
Oracle Application Server 10g Enterprise Edition

The following Oracle Application Server 10g Enterprise Edition components must be used on the standalone instance:

Component Name Release
Oracle Application Server 10g Enterprise Edition 10.1.2.0.2
Oracle Single Sign-On 10g 10.1.2.0.2
Oracle Internet Directory 10g 10.1.2.0.2
Oracle Portal 10g (optional) 10.1.4
Oracle Discoverer 10g (optional) 10.1.2.0.2

Before registering make sure to change the following profiles with the values give as below.

  • Applications SSO Type: SSWAw/SSO
  • Applications SSO Auto Link User: Enable
  • Applications SSO Login Types: Both
  • Application SSO LDAP Synchronization: Enable
  • Applications SSO Enable OID Identity Add Event: Enable
  • Link Applications user with OID user with same username: Enable

Once the profiles are set, go ahead with OID/SSO registration.

Registering with OID/SSO

Oracle Home Registration

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -registerinstance=yes

You are registering ORACLE HOME only.

Enter the host name where Oracle iAS Infrastructure database is installed ? ocvmrh2119.us.oracle.com
Enter the LDAP Port on Oracle Internet Directory server ? 389
Enter SSL LDAP Port on Oracle Internet Directory server ? 636
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome1
Enter Oracle E-Business apps database user password ? apps

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Wed_Jun_20_05_14_34_2007.xml

Beginning input parameter validation for Oracle Home Instance registration.
Input parameter validation for Oracle Home Instance registration completed.

BEGIN ORACLE HOME INSTANCE REGISTRATION:
Oracle Home Instance preferences stored successfully.
Oracle Home Instance registered successfully.

 

 

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

SSO Registration

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -registersso=yes

You are registering this instance with SSO Server.

Enter Oracle E-Business apps database user password ? apps

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Wed_Jun_20_05_16_22_2007.xml

Beginning input parameter validation for SSO registration.
Input parameter validation for SSO registration completed.

BEGIN SSO REGISTRATION:
Beginning to register partner application.
Partner application has been registered successfully.
Configuration file uploaded successfully.
Single Sign-On partner application registered successfully.

 

 

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

OID Registration

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -registeroid=yes

You are registering this instance with OID Server.

Enter LDAP Host name ? ocvmrh2119.us.oracle.com
Enter the LDAP Port on Oracle Internet Directory server ? 389
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome1
Enter the instance password that you would like to register this application instance with ? welcome1
Enter Oracle E-Business apps database user password ? apps

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Wed_Jun_20_05_17_54_2007.xml

Beginning input parameter validation for OID registration.
Input parameters validation for OID registration completed.

 

BEGIN OID REGISTRATION:
Beginning to register Application and Service containers if necessary.
Application and Service containers were created successfully if necessary.
Beginning to register application in Oracle Internet Directory.
Registration of application in Oracle Internet Directory completed successfully.
-> LOADING:  /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/admin/template

/AppsOIDRegistration.tmp

Beginning to register provisioning profile in Oracle Internet Directory.
Registration of provisioning profile in Oracle Internet Directory completed successfully.
Application is now registered successfully with provisioning in Oracle Internet Directory.

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

Users are automatically synched up from local repository to OID repository. So when you create a user in local using AppsLocalLogin.jsp it will be automatically reflected in SSO.

Try to login to AppsLocalLogin.jsp and create a new user. Please note that if you dont give any numeric value in password then you may encounter following error.

Unable to call fnd_ldap_wrapper.create_user due to the following reason:
.
ORA-20001: Unable to call fnd_ldap_wrapper.create_user due to the following
reason:
An unexpected error occurred. Please contact your System Administrator

Example if you give your password as welcome, then you may get above error. For this, you need to give a numberic value in your password like welcome1. This behaviour is because while creating users in Apps (even via Forms) by logging via AppsLocalLogin.jsp, it will send the user to OID. In attempting to do so, it will check the OID’s password policies. According to the policies, a password should be alpha numeric.

De-Registrating OID/SSO

Deregister OID

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -deregisteroid=yes

You are deregistering this instance from OID Server.

===============================================================

WARNING: You have selected to deregister individual components.
This might leave some components still at registered state
which might create inconsistencies at run time.
It is recommended that you use “-deregister=Yes” to completely deregister
the Oracle EBusiness instance from OID server
OR
Individually deregister components using “-deregisteroid=Yes”,
“-deregistersso=Yes” and “-deregisterinstance=Yes”.

===============================================================
Enter Oracle E-Business apps database user password ? apps
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome1

 

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Thu_Jun_21_00_12_25_2007.xml

Beginning input parameter validation for OID de-registration.
Input parameters validation for OID de-registration completed.

 

BEGIN OID DE-REGISTRATION:
Beginning to delete provisioning profile for this application.
Provisioning profile for this application has been deleted successfully.
Beginning to de-register this application from Oracle Internet Directory.
This application has been de-registered successfully from Oracle Internet Directory.
-> LOADING:  /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/admin/template

/AppsOIDDeRegistration.tmp
Removing OID References Started.
Removing OID References Completed Successfully.
OID DE-REGISTRATION COMPLETED.

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

Deregister SSO

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -deregistersso=yes

You are deregistering this instance from SSO Server.

===============================================================

WARNING: You have selected to deregister individual components.
This might leave some components still at registered state
which might create inconsistencies at run time.
It is recommended that you use “-deregister=Yes” to completely deregister
the Oracle EBusiness instance from OID server
OR
Individually deregister components using “-deregisteroid=Yes”,
“-deregistersso=Yes” and “-deregisterinstance=Yes”.

===============================================================
Enter Oracle E-Business apps database user password ? apps

 

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Thu_Jun_21_00_14_52_2007.xml

Beginning input parameter validation for SSO de-registration.
Input parameters validation for SSO de-registration completed.

BEGIN SSO DE-REGISTRATION:
Partner application registered with SSO Server and will be de-registered.
Partner application has been de-registered successfully.
Configuration file deleted successfully.
SSO DE-REGISTRATION COMPLETED.

 

 

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

Deregister Instance

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -deregisterinstance=yes

You are deregistering ORACLE HOME only.

===============================================================

WARNING: You have selected to deregister individual components.
This might leave some components still at registered state
which might create inconsistencies at run time.
It is recommended that you use “-deregister=Yes” to completely deregister
the Oracle EBusiness instance from OID server
OR
Individually deregister components using “-deregisteroid=Yes”,
“-deregistersso=Yes” and “-deregisterinstance=Yes”.

===============================================================
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome1
Enter Oracle E-Business apps database user password ? apps

 

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Thu_Jun_21_00_16_25_2007.xml

Beginning input parameter validation for Oracle Home Instance de-registration.
Input parameter validation for Oracle Home Instance de-registration completed.

BEGIN ORACLE HOME INSTANCE DE-REGISTRATION:
Oracle Home Instance de-registered successfully from Infrastructure Host.
Oracle Home Instance preferences removed successfully
ORACLE HOME INSTANCE DE-REGISTRATION COMPLETED.

 

 

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

Once these 3 steps are done, bounce the application system middle tier, login to application and change the profile options back to original value. Following values should be made for the profile options.

  • Applications SSO Type: SSWAw/SSO
  • Applications SSO Auto Link User: Disable
  • Applications SSO Login Types: Local
  • Application SSO LDAP Synchronization: Disable
  • Applications SSO Enable OID Identity Add Event: Disable
  • Link Applications user with OID user with same username: Disable

 

3 Comments

    1. Unable to call fnd_ldap_wrapper.create_user due to the following reason:
      .
      ORA-20001: Unable to call fnd_ldap_wrapper.create_user due to the following
      reason:
      An unexpected error occurred. Please contact your System Administrator

      For the above issue in R12. We did the following and the bouced the Application Services.

      1) Connect to DB using APPS schema user

      2) Run fnd_oid_plug.setPlugin as shown below:

      SQL> execute fnd_oid_plug.setPlugin(default_user_repository =>’cn=Users,dc=us,dc=oracle,dc=com’);
      Changed the above parameters as per our setup

      Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s