Category: Oracle Application R12

Oracle E-Business Suite R12 – Profiles

Published on by Advait4 Comments

Profile Options in Oracle Application Object Library

This section lists each profile option in Oracle Application Object Library. These profile options are grouped into categories based on their functional area and are available to every product in Oracle Applications. For each profile option, we give a brief overview of how Oracle Application Object Library uses the profile’s setting.

Unless otherwise noted, a profile option uses the Security hierarchy type.

A table is provided for most profile options that lists the access levels for the profile option (at which levels the system administrator can set the profile option). For Security profile options, there are four possible levels at which system administrators can view and update a profile option value: site, application, responsibility, and user. This table lists whether the profile option’s value is visible at each of these levels, and whether it is updatable at each level.

Concurrent Processing Execution

The internal name for this profile category is FND_CP_EXECUTION.

Concurrent:Active Request Limit

You can limit the number of requests that may be run simultaneously by each user. or for every user at a site. If you do not specify a limit, no limit is imposed.

Users cannot see or update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User Yes Yes

The internal name for this profile option is CONC_REQUEST_LIMIT.

Concurrent:Attach URL

Setting this option to “Yes” causes a URL to be attached to request completion notifications. When a user submits a request, and specifies people to be notified in the Defining Completion Options region, everyone specified is sent a notification when the request completes. If this profile option is set to Yes, a URL is appended to the notification that enables them to view the request results online.

Only the System Administrator can update this profile option.

Users can see but not update this profile option.

This profile options is visible at all levels but can only updated at the Site level.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_ATTACH_URL.

Concurrent:Conflicts Domain

Specify a conflict domain for your data. A conflict domain identifies the data where two incompatible programs cannot run simultaneously.

Users can see but not update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_CD_ID.

Concurrent:Collect Request Statistics

Set this profile option to “Yes” to have statistics for your runtime concurrent processes collected.

To review the statistics you must run the Purge Concurrent Request and/or Manager Data program to process the raw data and have it write the computed statistics to the FND_CONC_STAT_SUMMARY table. You can then retrieve your data from this table using SQL*PLUS or on a report by report basis using the Diagnostics window from the Requests window.

Users cannot see nor change this profile option.

This profile option is visible at all levels but can only be updated at the Site level.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes No
User Yes No

The internal name for this profile option is CONC_REQUEST_STAT.

Concurrent:Date Parameter Increment Option

Use this profile to control how date parameters are automatically incremented for concurrent requests. In the Standard Request Submission window, the user can specify if to run a request periodically. The user can then specify that the interval be based on the start date of the requests, or specify the interval using a unit of time and number of units.

If this profile is set to “Start Date” then the date parameters for a given request will be incremented according to the difference between the requested start date of the request and the requested start date of the previous request. If this profile is set to “Resubmit” any date parameters are incremented according to the current request’s date parameter and the amount of time represented by the number of units (RESUBMIT_INTERVAL) and the unit of time (RESUBMIT_INTERVAL_UNIT_CODE).

Level Visible Allow Update
Site Yes Yes
Application Yes No
Responsibility Yes No
User Yes No

The internal name for this profile option is CONC_DATE_INCREMENT_OPTION.

Concurrent:Hold Requests

You can automatically place your concurrent requests on hold when you submit them.

The default is “No”. The concurrent managers run your requests according to the priority and start time specified for each.

Changing this value does not affect requests you have already submitted.

“Yes” means your concurrent requests and reports are automatically placed on hold. To take requests off hold, you:

  • Navigate to the Requests window to select a request
  • Select the Request Control tabbed region
  • Uncheck the Hold check box

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_HOLD.

Concurrent:Multiple Time Zones

“Yes” sets the default value to ‘Sysdate-1’ for the ‘Schedules Start Date’ used by request submissions. Sysdate-1 ensures that you request is scheduled immediately regardless of which time zone your client session is running in. You should use this profile option when the client’s session is running in a different time zone than the concurrent manager’s session.

Users cannot see nor change this profile option.

This profile option is visible at all four levels and updatable at the Site level.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User No No

The internal name for this profile option is CONC_MULTI_TZ.

Concurrent:Print on Warning

Set this profile option to “Yes” if you want concurrent request output to be printed if the requests completes with a status of Warning.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_PRINT_WARNING.

Concurrent:Report Copies

You can set the number of output copies that print for each concurrent request. The default is set to 1.

  • Changing this value does not affect requests that you have already submitted.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_COPIES.

Concurrent:Request Priority

This displays the default priority number for your concurrent requests. Only a system administrator can change your request priority.

Requests normally run according to start time, on a “first-submitted, first-run” basis. Priority overrides request start time. A higher priority request starts before an earlier request.

Priorities range from 1 (highest) to 99 (lowest). The standard default is 50.

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_PRIORITY.

Concurrent:Save Output

The Concurrent: Save Output profile is used to determine whether the default behavior of certain concurrent programs should be to save or delete their output files. This only affects concurrent programs that were created in the character mode versions of Oracle Applications and that have a null value for “Save Output”.

  • “Yes” saves request outputs.
  • Some concurrent requests do not generate an output file.
  • If your request output is saved, you can reprint a request. This is useful when requests complete with an Error status, for example, the request runs successfully but a printer malfunctions.
  • Changing this value does not affect requests you have already submitted.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_SAVE_OUTPUT.

Concurrent:Sequential Requests

You can force your requests to run one at a time (sequentially) according to the requests’ start dates and times, or allow them to run concurrently, when their programs are compatible.

  • Concurrent programs are incompatible if simultaneously accessing the same database tables incorrectly affects the values each program retrieves.
  • When concurrent programs are defined as incompatible with one another, they cannot run at the same time.

“Yes” prevents your requests from running concurrently. Requests run sequentially in the order they are submitted.

“No” means your requests can run concurrently when their concurrent programs are compatible.

Changing this value does not affect requests you have already submitted.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_SINGLE_THREAD.

Concurrent:Wait for Available TM

You can specify the maximum number of seconds that the client will wait for a given transaction manager (TM) to become available before moving on to try a different TM.

Users can see and update this profile option.

This profile option is visible and updatable at the site and application levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility No No
User No No

The internal name for this profile option is CONC_TOKEN_TIMEOUT.

Concurrent Processing File Server

The internal name for this profile category is FND_CP_FILE_SERVER.

RRA:Delete Temporary Files

When using a custom editor to view a concurrent output or log file, the Report Review Agent will make a temporary copy of the file on the client. Set this profile to “Yes” to automatically delete these files when the user exits Oracle Applications.

Only the System Administrator can update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FS_DELETE.

RRA:Enabled

Set this user profile to “Yes” to use the Report Review Agent to access files on concurrent processing nodes.

Only the System Administrator can update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FS_ENABLED.

RRA: Service Prefix

Using this new profile option allows you to override the default service name prefix (FNDFS_) assigned to the Report Review Agent. By assigning a new prefix to the Report Review Agent you can avoid having multiple instances of the Applications share executables.

Valid values for this option must be nine characters or less and use only alphanumeric characters or the underscore. We recommend using the underscore character as the last character of your value as in the default value “FNDFS_”.

Users cannot see or update this profile option.

This profile option is visible and updatable at the site level only.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User No No

The internal name for this profile option is FS_SVC_PREFIX.

Attention: GLDI will not support the “RRA: Service Prefix” profile until release 4.0 and so uses the default prefix “FNDFS_” regardless of the value entered for the profile option. Consequently, you must ensure that at least one of your Report Review Agents maintains the default prefix in order for GLDI to access the application executables.

RRA:Maximum Transfer Size

Specify, in bytes, the maximum allowable size of files transferred by the Report Review Agent, including those downloaded by a user with the “Copy File…” menu option in the Oracle Applications Report File Viewer and those “temporary” files which are automatically downloaded by custom editors. For example, to set the size to 64K you enter 65536. If this profile is null, there is no size limit.

Only the System Administrator can update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FS_MAX_TRANS.

Concurrent Processing Manager

The internal name for this profile category is FND_CP_MANAGER.

Concurrent:Debug Flags

Your Oracle support representative may access this profile option to debug Transaction Managers. Otherwise, it should be set to null.

Users cannot see nor change this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_DEBUG.

Concurrent:GSM Enabled

Use this profile option to enable Generic Service Management.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User No No

The internal name for this profile option is CONC_GSM_ENABLED.

Concurrent:OPP Process Timeout

This profile option specifies the amount of time the manager waits for the OPP to actually process the request.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_PP_PROCESS_TIMEOUT.

Concurrent:OPP Response Timeout

This profile option specifies the amount of time a manager waits for the OPP to respond to its request for post processing.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_PP_RESPONSE_TIMEOUT.

Concurrent:PCP Instance Check

This profile option controls whether Parallel Concurrent Processing (PCP) will be sensitive to the state (up or down) of the database instance connected to on each middle-tier node.

When this profile option is set to “OFF”, PCP will not provide database instance failover support; however, it will provide middle-tier node failover support when a node goes down.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User No No

The internal name for this profile option is CP_INSTANCE_CHECK.

Concurrent Processing Submission

The internal name for this profile category is FND_CP_SUBMISSION.

Concurrent:Allow Debugging

This profile option allows debug options to be accessed by the user at submit time.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_CONC_ALLOW_DEBUG.

Concurrent:Enable Request Submission in View Mode

Use this profile option to enable Request Submission in View Requests mode.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_FNDRSRUN_MODE.

Concurrent:Report Access Level

Determines access privileges to report output files and log files generated by a concurrent program. This profile option can be set by a System Administrator to User or Responsibility.

If your Concurrent:Report Access Level profile option is set to “User” you may:

  • View the completed report output for your requests online
  • View the diagnostic log file for those requests online. (system administrator also has this privilege)
  • Reprint your completed reports, if the Concurrent:Save Output profile option is set to “Yes”.
  • If you change responsibilities, then the reports and log files available for online review do not change.

If your Concurrent:Report Access Level profile option is set to “Responsibility”, access to reports and diagnostic log files is based on the your current responsibility.

  • If you change responsibilities, then the reports and log files available for online review change to match your new responsibility. You can always see the output and log files from reports you personally submit, but you also see reports and log files submitted by any user from the current responsibility.

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at the site, responsibility, and user levels.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_REPORT_ACCESS_LEVEL.

Concurrent:Request Start Time

You can set the date and time that your requests are available to start running.

  • If the start date and time is at or before the current date and time, requests are available to run immediately.
  • If you want to start a request in the future, for example, at 3:45 pm on June 12, 2002, you enter 2002/06/12 15:45:00 as the profile option value.

Attention: You must ensure that this value is in canonical format (YYYY/MM/DD HH24:MI:SS) to use the Multilingual Concurrent Request feature.

  • You must include both a date and a time.
  • Changing this value does not affect requests that you have already submitted.
  • Users can override the start time when they submit requests. Or, this profile option can be left blank and users will be prompted for a start time when they submit requests.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_REQ_START.

Concurrent: Show Requests Summary After Each Request Submission

Using this new profile option, you can choose to either have the Requests Summary displayed each time you submit a request, or retain the request submission screen.

The default is “Yes”. “Yes” means the Requests Summary screen is displayed each time you submit a request.

If you choose “No”, a decision window is opened asking you if you wish to submit another request. When you choose to submit another request you are returned to the submission window and the window is not cleared, allowing you to easily submit copies of the same request with minor changes.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_REQ_SUMMARY.

Concurrent:Validate Request Submission

This profile option prompts users in SRS form if no options or parameters have been changed from their defaults.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_VALIDATE_SUBMISSION.

Printer

You can select the printer which prints your reports. If a printer cannot be selected, contact your system administrator. Printers must be registered with Oracle Applications.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is PRINTER.

Concurrent Processing View Requests

The internal name for this profile category is FND_CP_VIEW_REQUESTS.

Concurrent:Show Request Set Stages

Set this profile option value to Yes to show request set stages in the concurrent request screens.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CONC_SHOW_STAGES.

Concurrent:URL Lifetime

The numeric value you enter for this profile option determines the length of time in minutes a URL for a request ouput is maintained. After this time period the URL will be deleted from the system. This profile option only affects URLs created for requests where the user has entered values in the notify field of the Submit Request or Submit Request Set windows.

Attention: All request ouput URLs are deleted when the Purge Concurrent Requests and Manager… program is run even if the URL liftime has not expired.

Users can see and update this profile option.

This profile option is visible and updatable at the all levels.

Level Visible Allow Update
Site Yes Yes
Application Yes No
Responsibility Yes No
User Yes No

The internal name for this profile option is CONC_URL_LIFETIME.

FND: Default Request Days

This profile option specifies the default number of days to view requests.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_DEFAULT_REQUEST_DAYS.

Maximum Page Length

Determines the maximum number of lines per page in a report.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is MAX_PAGE_LENGTH.

Viewer: Application for HTML, PCL, PDF, Postscript, Text, and XML

These profile options determine the applications a user will use to view reports in the given output formats. For example, you could set Viewer: Application for Text to ‘application/word’ to view a Text report in Microsoft Word.

Valid values are defined by the system administrator in the Viewer Options form.

Users can see and update these profile options.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal names for these profile options are FS_MIME_HTML, FS_MIME_PCL, FS_MIME_PDF, FS_MIME_PS, FS_MIME_TEXT, and FS_MIME_XML.

Viewer:Default Font Size

Using this new profile option, you can set the default font size used when you display report output in the Report Viewer.

The valid values for this option are 6, 8, 10, 12, and 14.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FNDCPVWR_FONT_SIZE.

Viewer: Text

The Viewer: Text profile option allows you to send report output directly to a browser window rather than using the default Report Viewer. Enter “Browser” in this profile option to enable this feature.

Users can see and update the Viewer:Text profile option.

This profile option is both visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is EDITOR_CHAR.

Database

The internal name for this profile category is FND_DATABASE.

Database Instance

Entering a valid two_task connect string allows you to override the default two_task. This profile is specifically designed for use with Oracle Parallel Server, to allow different responsibilities and users to connect to different nodes of the server.

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is INSTANCE_PATH.

FND: Resource Consumer Group

Resource consumer groups are used by the Oracle8i Database Resource Manager, which allocates CPU resources among database users and applications. Each form session is assigned to a resource consumer group. The system administrator can assign users to a resource consumer group for all of their forms sessions and transactions. If no resource consumer group is found for a process, the system uses the default group “Default_Consumer_Group”.

Users can see this profile option, but they cannot update it.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_RESOURCE_CONSUMER_GROUP.

Two Task

This profile option should be set by AutoConfig. only.

The TWO_TASK for the database. This profile is used in conjunction with the Gateway User ID profile to construct a connect string for use in creating dynamic URLs for the Web Server. This should be set to the SQL*NET. alias for the database.

Note: The TWO_TASK must be valid on the node upon which the WebServer is running

Users can see and but not update this profile option.

This profile option is visible at all levels but may only be updated at site level.

Level Visible Allow Update
Site Yes Yes
Application Yes No
Responsibility Yes No
User Yes No

The internal name for this profile option is TWO_TASK.

Debug

The internal name for this profile category is FND_DEBUG.

Account Generator:Debug Mode

This profile option controls Oracle Workflow process modes for the Account Generator feature in flexfields. This profile option should normally be set to “No” to improve performance. If you are testing your Account Generator implementation and using the Oracle Workflow Monitor to see your results, set this profile option to “Yes”.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is ACCOUNT_GENERATOR:DEBUG_MODE.

BIS/AOL:Debug Log Directory

The directory for BIS debugging log files.

Users can see and change this profile option.

System administrators can see and update this profile option at the site level only.

The internal name for this profile option is BIS_DEBUG_LOG_DIRECTORY.

FND: Override Directory

The FND:Override Directory profile option is used by the Work Directory feature. The value of FND: Override Directory should be the directory containing your alternate files. Typically, this profile option should be set at the User level only.

Using the Work Directory and this profile option should be done for debugging only, as they present a security risk.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is APPLWRK.

Utilities: Diagnostics

Utilities: Diagnostics determines whether a user can automatically use the Diagnostics features. If Utilities:Diagnostics is set to Yes, then users can automatically use these features. If Utilities:Diagnostics is set to No, then users must enter the password for the APPS schema to use the Diagnostics features.

Users cannot see nor change this profile option.

This profile option is visible and updatable at the all levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is DIAGNOSTICS.

Utilities:SQL Trace

This profile option is used by concurrent processing only. SQL trace files can be generated for individual concurrent programs. The trace can be enabled at the user level by setting the profile “Utilities:SQL Trace” to “Yes”. This profile can be enabled for a user only by System Administrator so that it is not accidentally turned on and disk usage can be monitored.

For more information on SQL trace, see the Oracle database documentation.

Users cannot see nor change this profile option.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is SQL_TRACE.

Deployment

The internal name for this profile category is FND_DEPLOYMENT.

Forms Runtime Parameters

Use this profile to specify certain forms runtime parameters. The profile value must be entered in as parameter=value. Each parameter-value pair must be separated by a single space. For example:

record=collect log=/tmp/frd.log debug_messages=yes

In order for the parameters updated in this profile option to go into effect, you must exit and log back in to Oracle Applications.

Users can see but not update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_MORE_FORM_PARAMS.

Gateway User ID

Oracle login for gateway account. This should be the same as the environment variable GWYUID. For example, applsyspub/pub.

Users cannot see or update this profile option.

This profile option is visible at all levels but can only be updated at the site level.

Level Visible Allow Update
Site Yes Yes
Application Yes No
Responsibility Yes No
User Yes No

The internal name for this profile option is GWYUID.

Site Name

Site Name identifies an installation of Oracle Applications. The value of this profile should be set via AutoConfig.

The Site Name appears in the title of the MDI window. If you want additional information on your installation to appear in the title, for example, “Test” or “Production”, you can add that information here.

Users cannot see nor change this profile option.

This profile option is visible and updatable at the site level.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User No No

The internal name for this profile option is SITENAME.

Socket Listener Port

This profile option defines the port number used by the Forms Client Controller.

The default value for this profile option is ‘6945’.

The E-Business Suite Home page uses the Socket Listener Port profile for launching forms from Framework HTML sessions. With this architecture, a user navigating through different forms/responsibilities in a Framework session will reuse the same Oracle Forms session instead of opening multiple ones. So a user will never have more than one Forms session open on his/her PC at any given time, for a given database.

It is possible to have multiple Oracle Forms sessions open where each is connected to a different database, but the Socket Listener Port profile must be set to a different value beforehand on each database. For example, set it to 6945 on database A, 6946 on database B, and 6947 on database C. This profile option must be set at the site level in advance of any users attempting to use this functionality, as it cannot be set on a per-user basis.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User No No

The internal name for this profile option is SOCKET_LISTENER_PORT.

TCF: HOST

Set this to the name of the host running the TCF Socket Server.

This profile option is visible at all levels and updatable at the site and application level only.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes No
User Yes No

The internal name for this profile option is TCF:HOST.

TCF: PORT

Set this profile option to the port number at which TCF Socket Server accepts connections.

Users can see and but not update this profile option.

This profile option is visible at all levels and updatable at the site and application level only.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes No
User Yes No

The internal name for this profile option is TCF:PORT.

Discoverer

The internal name for this profile category is FND_DISCOVERER.

ICX: Discoverer Launcher, Forms Launcher, and Report Launcher

These profile options are used by the Oracle Applications Personal Homepage.

Set the site level value of each of these profile options to the base URL for launching each application. The profile option value should be sufficient to launch the application, but should not include any additional parameters which may be supplied by the Personal Homepage.

Users can see these profile options, but they cannot update them.

These profile options are visible and updatable at all levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for these profile options are ICX_DISCOVERER_LAUNCHER, ICX_FORMS_LAUNCHER, and ICX_REPORT_LAUNCHER.

Document Sequencing

The internal name for this profile category is FND_DOC_SEQ.

Sequential Numbering

Sequential Numbering assigns numbers to documents created by forms in Oracle financial products. For example, when you are in a form that creates invoices, each invoice document can be numbered sequentially.

Sequential numbering provides a method of checking whether documents have been posted or lost. Not all forms within an application may be selected to support sequential numbering.

Sequential Numbering has the following profile option settings:

Always Used You may not enter a document if no sequence exists for it.
Not Used You may always enter a document.
Partially Used You will be warned, but not prevented from entering a document, when no sequence exists.

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at the site, application, and responsibility levels.

Note: If you need to control Sequential Numbering for each of your set of books, use the ‘Responsibility’ level. Otherwise, we recommend that you use either the ‘Site’ or ‘Application’ level to set this option.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User No No

The internal name for this profile option is UNIQUE:SEQ_NUMBERS.

Flexfields

The internal name for this profile category is FND_FLEXFIELDS.

Flexfields:AutoSkip

You can save keystrokes when entering data in your flexfields by automatically skipping to the next segment as soon as you enter a complete valid value into a segment.

  • “Yes” means after entering a valid value in a segment, you automatically move to the next segment.
  • “No” means after entering a valid value in a segment, you must press [Tab] to go to the next segment.

Note: You may still be required to use tab to leave some segments if the valid value for the segment does not have the same number of characters as the segment. For example, if a segment in the flexfield holds values up to 5 characters and a valid value for the segment is 4 characters, AutoSkip will not move you to the next segment.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FLEXFIELDS:AUTOSKIP.

Flexfields:BiDi Direction

This profile option controls the appearance of the flexfields window in Applications running in Semitic languages. Possible values are “Left To Right” and “Right To Left”.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FLEXFIELDS:BIDI_DIRECTION.

Flexfields:Open Descr Window

You can control whether a descriptive flexfield window automatically opens when you navigate to a customized descriptive flexfield.

  • “Yes” means that the descriptive flexfield window automatically opens when you navigate to a customized descriptive flexfield.
  • “No” means that when you navigate to a customized descriptive flexfield, you must choose Edit Field from the Edit menu or use the List of Values to open the descriptive flexfield window.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FLEXFIELDS:OPEN_DESCR_WINDOW.

Note: This profile option does not apply to descriptive flexfields in folders.

Flexfields:Open Key Window

You can control whether a key flexfield window automatically opens when you navigate to a key flexfield.

  • “Yes” means that the key flexfield window automatically opens when you navigate to a key flexfield.
  • “No” means that when you navigate to a key flexfield, you must choose Edit Field from the Edit menu or use the List of Values to open the key flexfield window.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FLEXFIELDS:OPEN_KEY_WINDOW.

Flexfields:Shorthand Entry

If shorthand flexfield entry is defined for your flexfield, you can use a shorthand alias to automatically fill in values for some or all of the segments in a flexfield.

Not Enabled Shorthand Entry is not available for any flexfields for this user, regardless of whether shorthand aliases are defined.
New Entries Only Shorthand Entry is available for entering new records in most foreign key forms. It is not available for combinations forms, updating existing records, or entering queries.
Query and New Entry Shorthand Entry is available for entering new records or for entering queries. It is not available for updating existing records.
All Entries Shorthand Entry is available for entering new records or updating old records. It is not available for entering queries.
Always Shorthand Entry is available for inserting, updating, or querying flexfields for which shorthand aliases are defined.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FLEXFIELDS:SHORTHAND_ENTRY.

Flexfields:Show Full Value

If an alias defines valid values for all of the segments in a flexfield, and Flexfields: Shorthand Entry is enabled, when you enter the alias the flexfield window does not appear.

“Yes” displays the full flexfield window with the cursor resting on the last segment.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FLEXFIELDS:SHOW_FULL_VALUE.

Flexfields:Validate On Server

This profile option is set to “Yes” to enable server side, PL/SQL flexfields validation for Key Flexfields. This improves performance when using Key Flexfields over a wide area network by reducing the number of network round trips needed to validate the entered segment combinations.

You may find, however, that your validation’s performance is better with client side validation. In this case, set this profile option to “No”.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FLEXFIELDS:VALIDATE_ON_SERVER.

Folders

The internal name for this profile category is FND_FOLDERS.

Folders:Allow Customization

Your system administrator controls whether you can create or customize a folder definition layout in folder block.

  • “Yes” means that you can create or customize a folder definition, that is, the entire Folder menu is enabled in the folder block.
  • “No” means that you can only open an existing folder definition in a folder block, that is, only the Open option is enabled in the Folder menu.

Users can see this profile option, but they cannot update it.

Level Visible Allow Update
Site No No
Application No No
Responsibility No No
User Yes Yes

The internal name for this profile option is FLEXVIEW:CUSTOMIZATION.

Forms UI

The internal name for this profile category is FND_FORMS_UI.

Flexfields:LOV Warning Limit

Use Flexfields:LOV Warning Limit to improve efficiency when retrieving a list of values.

Sometimes, particularly when no reduction criteria has been specified, an LOV can take a very long time to run if there is a very significant amount of data in it. Set this profile option to the number of rows to be returned before the user is asked whether to continue retrieving the entire list.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is QUICKPICK_ROWS_BEFORE_WARN.

FND: Enable Cancel Query

Oracle Applications allows end users to cancel certain long-running queries, such as retrieving data in a block. When these operations exceed a threshold of time, approximately ten seconds, a dialog will display that allows the user to cancel the query.

Set the FND: Enable Cancel Query profile option to Yes if you wish to enable the ability to cancel a form query. This profile option may be set at the site, application, responsibility or the user level.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_ENABLE_CANCEL_QUERY.

FND: Indicator Colors

The default for this profile option is null, which means “Yes.” When this profile option is set to Yes:

  • Required fields are displayed in yellow.
  • Queryable fields are displayed in a different color while in enter-query mode.
  • Fields that cannot be entered (read-only) are rendered in dark gray.

Users can see and update this profile option.

Level Visible Allow Update
Site No No
Application No No
Responsibility No No
User Yes Yes

The internal name for this profile option is FND_INDICATOR_COLORS.

Forms Keyboard Mapping File

Use this profile option to define the path of the Keyboard Mapping File.

The “Keys” window displays the keystrokes to perform standard Forms operations, such as “Next Block” and “Clear Record.” This window can be viewed at anytime by pressing Ctrl+k. The keyboard mappings can be customized as follows:

  • The System Administrator must locate the Oracle Forms resource file on the middle tier, typically called fmrweb.res.
  • Make a copy of the file, name it as desired, and locate it in the same directory as the original
  • Open the new file in any text editor and make the desired keystroke mapping changes. Comments at the top of the file explain how the mappings are performed.
  • To run the new mapping file, specify the complete path and file name in this profile option.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_FORMS_TERM.

Indicate Attachments

This profile option allows you to turn off indication of attachments when querying records (for performance reasons).

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is ATCHMT_SET_INDICATOR.

Java Color Scheme

If the Java Look and Feel profile option is set to Oracle, the Java Color Scheme can be specified as follows:

  • Swan (default)
  • Teal
  • Titanium
  • Red
  • Khaki
  • Blue
  • Olive
  • Purple

The Java Color Scheme profile has no effect if the Java Look and Feel is set to Generic.

Attention: Setting the Java Color Scheme profile option to a value other than ‘swan’ (the default value) can have a considerable impact on forms user response time performance.

For some users, setting this profile option to a value other than ‘swan’ may be desirable for accessibility reasons. See: Oracle Applications Accessibility Features and “Accessibility in Oracle Forms Applications” at http://www.oracle.com/accessibility/apps02.html.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_COLOR_SCHEME.

Java Look and Feel

Oracle Applications Professional User Interface (Forms-based applications) can be run with either the Oracle Look and Feel or the Generic Look and Feel. The Oracle Look and Feel consists of a new look and feel for each item, and a predefined set of color schemes. The Generic Look and Feel adheres to the native interface and color scheme of the current operating system.

To specify the look and feel set this profile to “generic” or “oracle”.

If the Oracle Look and Feel is used, the profile Java Color Scheme can be set. The Java Color Scheme profile has no effect if the Java Look and Feel is set to Generic.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_LOOK_AND_FEEL.

Framework Logging and Alerting

The internal name for this profile category is FND_FWK_LOGGING_ALERTING.

FND: Log Filename for Middle-Tier

The file name for the file to hold debugging messages used in the Logging Service. If the value of this profile option is null, then the Logging Service is turned off.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is AFLOG_FILENAME.

FND: Log Level

The Logging Service can filter out debugging messages depending on their priority level.. There are five levels of the Debug/Trace Service:. In order from highest priority to lowest priority, they are: Errors, Exceptions, Events, Procedures, and Statements. The Debug Log Level is the lowest level that the user wants to see messages for.. The possible profile option values are Null (which means off), and the five priority levels above. For instance, if the “FND: Debug Log Level” profile is set to “EVENT”, then the file will get the messages that the programmer had marked as “EVENT”, “EXCEPTION”, or “ERROR”.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is AFLOG_LEVEL.

FND: Log Module

The Logging Service can filter out debugging messages depending on their module. Module names are unique across applications and coding languages. If a module is specified for this profile option, then only messages for that module will be written to the log file. If this profile option is left blank then messages for all modules will be written to the log file.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is AFLOG_MODULE.

iHelp

The internal name for this profile category is FND_IHELP.

Applications Help Web Agent

Applications Help Web Agent is optional and should only be used if you want to launch online help on a web server different from the one specified by the Applications Servlet Agent.

Attention: For most installations, this profile should be set to NULL. Only specify a value if you want to use a different web server than that for the Applications Servlet Agent.

Specify the entire online help URL for this profile’s value:

 http://<host name of servlet agent>:<port number of servlet                agent>/OA_HTML/jsp/fnd/fndhelp.jsp?dbc=<DBC file name>

If this profile option is not set, the online help tree navigator will default to starting up at the host name and port number that is specified by the Applications Servlet Agent profile option. The DBC file used will be that of the database where online help was invoked.

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at all levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is HELP_WEB_AGENT.

Help Localization Code

This code determines which localized context-sensitive help files a user accesses.

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at the responsibility and user levels.

Level Visible Allow Update
Site No No
Application No No
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is HELP_LOCALIZATION_CODE.

Help Tree Root

This profile option determines which tree is shown in the navigation frame when context-sensitive help is launched.

If Help Tree Root is set to “null” or “NULL” (case insensitive), then the online help is launched in a single frame, without the navigation and search features.

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at all levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is HELP_TREE_ROOT.

Help Utility Download Path

Use this profile option to define the directory into which the Help Utility downloads help files from the Oracle Applications Help System.

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at all levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is HELP_UTIL_DL_PATH.

Help Utility Upload Path

Use this profile option to define the directory from which the Help Utility uploads help files to the Oracle Applications Help System.

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at all levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is HELP_UTIL_UL_PATH.

Multi Organization Setup

The internal name for this profile category is FND_MULTI_ORG.

MO:Operating Unit

In Multiple Organization installations, Oracle Applications uses the profile option MO: Operating Unit to link an operating unit to a responsibility. You must set this profile option for each responsibility. For more information on setting this profile option, see: Multiple Organizations in Oracle Applications.

Users can see but not update this profile option.

This profile option is visible and updatable at the responsibility level only.

Level Visible Allow Update
Site No No
Application No No
Responsibility Yes Yes
User No No

The internal name for this profile option is ORG_ID.

NLS

The internal name for this profile category is FND_NLS.

Currency:Mixed Precision

Use Mixed Currency Precision to specify how many spaces are available to the right of the decimal point when displaying numbers representing different currencies.

  • Normally, currency numbers are right-justified.
  • Each currency has its own precision value that is the number of digits displayed to the right of a decimal point. For U.S. dollars the precision default is 2, so an example display is 345.70.
  • Set Mixed Currency Precision to be equal to or greater than the maximum precision value of the currencies you are displaying.

For example, if you are reporting on rows displaying U.S. dollars (precision=2), Japanese yen (precision=0), and Bahraini dinar (precision=3), set Mixed Currency Precision=3.

Note: The Currency profile options pertain to currency only, not to other numeric fields.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CURRENCY:MIXED_PRECISION.

Currency:Negative Format

You can use different formats to identify negative currency. The default identifier is a hyphen ( – ) preceding the currency amount, as in “-xxx”. You can also select:

Angle brackets < > < xxx >

Trailing hyphen – xxx –

Parentheses ( ) ( xxx )

Square Brackets [ ] [ xxx ]

Note: The Currency profile options pertain to currency only, not to other numeric fields.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CURRENCY:NEGATIVE_FORMAT.

Note: Currency:Negative Format only affects the display of currency values . Non-currency negative numbers appear with a preceding hyphen regardless of the option selected here.

Currency:Positive Format

You can use different formats to identify positive currency values. The default condition is no special identifier.

Note: The Currency profile options pertain to currency only, not to other numeric fields.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CURRENCY:POSITIVE_FORMAT.

Currency:Thousands Separator

You can separate your currency amounts in thousands by placing a thousands separator. For example, one million appears as 1,000,000.

Users can see and update this profile option.

Note: The Currency profile options pertain to currency only, not to other numeric fields.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is CURRENCY:THOUSANDS_SEPARATOR.

Default Country

This is the default source for the Country field for all address zones and is used by the Flexible Address Formats feature, the Flexible Bank Structures feature and the Tax Registration Number and Taxpayer ID validation routines.

The profile can be set to any valid country listed in the Maintain Countries and Territories form and can be set to a different value for each user.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is DEFAULT_COUNTRY.

FND: Native Client Encoding

FND: Native Client Encoding indicates the character set that a client machine uses as its native character set. The value must be one of the Oracle character sets and should correspond to the client native character set. The character set used in a client machine varies depending on language and platform. For example, if a user uses a Windows machine with Japanese, the value should be JA16SJIS. But if a user uses a Solaris machine with Japanese, the value should be JA16EUC. The value is normally set in the user level since each user uses different machine, but it can be set in every level for a default value.

This profile option is used when storing text data. When a user uploads text files as attachments, the current value of FND: Native Client Encoding is stored along with the text data. With the value of this profile option, the server can then convert the text data to another character set as necessary when the text data is downloaded.

Users can see and update this profile option.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_NATIVE_CLIENT_ENCODING.

ICX: Preferred Currency

This profile determines in which currency a user will see the currency number in the UI.

For example, the source currency number might be stored in database such as 10.00 as US Dollar (USD), but the displayed currency number is based on the currency set in this profile option such as 1,200 as Japanese Yen (JPY). In this multi-currency conversion, USD is source currency and JPY is the profile option value.

This profile option is for currency display purpose especially for self-service type applications.

This profile option is a generic preference that a user can set through the Oracle Application Framework Preferences page. The profile option values is used across the Oracle E-Business Suite so that the user sees currency numbers in all applications based on the currency chosen.

The currencies must be set up through the Oracle General Ledger application properly (the following must be set properly: Enabled/Disabled, Active Date and Exchange ratio between currencies). Proper setup ensures that the currency chosen is available in the system, and the currency number can be converted from the source (functional) currency to the target currency (the currency chosen by a user as this profile option value) with the specified exchange ratio. This profile option is tightly linked to GL currency setup. For more information, see:

Defining Currencies.

Users can see and update this profile option.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User Yes Yes

The internal name for this profile option is ICX_PREFERRED_CURRENCY.

Server Timezone

The time zone of the database server.

Users can see this profile option, but they cannot update it.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User No No

The internal name for this profile option is SERVER_TIMEZONE_ID.

Personalization

The internal name for this profile category is FND_PERSONALIZATION.

Initialization SQL Statement – Custom

This profile option allows you to add site-specific initialization code (such as optimizer settings) that will be executed at database session initialization. The value of this profile option must be a valid SQL statement.

The system administrator may set this profile option at any level.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_INIT_SQL.

Security

The internal name for this profile category is FND_SECURITY.

AuditTrail:Activate

You can turn AuditTrail on or off (Yes or No). The default setting is No (Off).

When you enter or update data in your forms, you change the database tables underlying the forms you see and use.

AuditTrail tracks which rows in a database table(s) were updated at what time and which user was logged in using the form(s).

  • Several updates can be tracked, establishing a trail of audit data that documents the database table changes.
  • AuditTrail is a feature enabled on a form-by-form basis by a developer using Oracle’s Application Object Library.
  • All the forms that support AuditTrail are referred to as an audit set.
  • Not all forms may be enabled to support AuditTrail.
  • To enable or disable AuditTrail for a particular form, you need access to Oracle Application Object Library’s Application Developerresponsibility.

Users cannot see nor change this profile option.

This profile option is visible and updatable at the site and application levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility No No
User No No

The internal name for this profile option is AUDITTRAIL:ACTIVATE.

Enable Security Groups

This profile option is used by the Security Groups feature, which is used by HRMS security only. For more information on Security Groups, see the Oracle HRMS documentation.

The possible values are ‘None’ (N), and ‘Service Bureau’ (Y).

Only the System Administrator can update this profile option.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility No No
User No No

The internal name for this profile option is ENABLE_SECURITY_GROUPS.

Hide Diagnostics Menu Entry

This profile option determines whether users can access the Diagnostics menu entry from the Help menu. The default value is Yes, with the Diagnostics menu entry is hidden. If it is set to No, the Diagnostics menu entry is visible.

Users cannot see nor change this profile option.

This profile option is visible and updatable at the all levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is FND_HIDE_DIAGNOSTICS.

ICX: Limit time

This profile option determines the absolute maximum duration (in hours) of a user’s session, regardless of activity.

Users cannot see or update this profile option.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User Yes Yes

The internal name for this profile option is ICX_LIMIT_TIME.

ICX: Session Timeout

This profile option determines the length of time (in minutes) of inactivity in a user’s session before the session is disabled. If the user does not perform any operation in Oracle Applications for longer than this value, the session is disabled. The user is provided the opportunity to re-authenticate and re-enable a timed-out session. If re-authentication is successful, the session is re-enabled and no work is lost. Otherwise, Oracle Applications exit without saving pending work.

If this profile option to 0 or NULL, then user sessions will never time out due to inactivity.

Users can see this profile option, but they cannot update it.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is ICX_SESSION_TIMEOUT.

Node Trust Level

Determines the level of trust assigned to a Web server. This profile option uses the Server hierarchy type. This profile option is used in conjunction with the profile option Responsibility Trust Level. For more information on using these profile options, see: Restricting Access to Responsibilities Based on User’s Web Server.

Users can see but not update this profile option.

This profile option is visible and updatable at the site and server level only.

Level Visible Allow Update
Site Yes Yes
Server Yes Yes
User No No

The internal name for this profile option is NODE_TRUST_LEVEL.

Responsibility Trust Level

Responsibilities or applications with the specified level of trust can only be accessed by an application server with at least the same level of trust.

This profile option is used in conjunction with the profile option Node Trust Level. For more information on using these profile options, see:Restricting Access to Responsibilities Based on User’s Web Server.

Users can see this profile option, but they cannot update it.

The system administrator access is described in the following table:

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User No No

The internal name for this profile option is APPL_SERVER_TRUST_LEVEL.

Sign-On:Audit Level

Sign-On:Audit Level allows you to select a level at which to audit users who sign on to Oracle Applications. Four audit levels increase in functionality: None, User, Responsibility, and Form.

None is the default value, and means do not audit any users who sign on to Oracle Applications.

Auditing at the User level tracks:

  • who signs on to your system
  • the times users log on and off
  • the terminals in use

Auditing at the Responsibility level performs the User level audit functions and tracks:

  • the responsibilities users choose
  • how much time users spend using each responsibility

Auditing at the Form level performs the Responsibility level audit functions and tracks:

  • the forms users choose
  • how long users spend using each form
  • System Administrator visible, updatable at all levels.

Users cannot see nor change this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is SIGNONAUDIT:LEVEL.

Sign-On:Notification

“Yes” displays a message at login that indicates:

  • If any concurrent requests failed since your last session,
  • How many times someone tried to log on to Oracle Applications with your username but an incorrect password, and
  • When the default printer identified in your user profile is unregistered or not specified.

Users can see and update this profile option.

This profile option is visible and updatable at all four levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is SIGNONAUDIT:NOTIFY.

Signon Password Case

Oracle Applications gives you the ability to control case sensitivity in user passwords through this profile option. This profile has two possible settings:

  • Sensitive – Passwords are stored and compared as they are, with the password case preserved. During validation, the entered password must match the decrypted version otherwise an error message is displayed. With Release 12, this option is the default behavior. All newly created or changed passwords are treated as case sensitive.

Note: Users who have not changed their passwords since the installation of release 12 are not affected until they do change their passwords.

A password expiration utility is available if the System Administrator requires that all users convert to case sensitive passwords upon the next login. This utility expires all passwords in FND_USER, including that of SYSADMIN and default Vision accounts, and can be run as a SQL Script ($FND_TOP/sql/AFCPEXPIRE.sql) or as a Concurrent Program (FNDCPEXPIRE_SQLPLUS).

  • Insensitive (or unset) – Passwords are treated as case insensitive. In Insensitive mode, passwords are stored and compared in uppercase, similar to that in earlier releases. During validation, the entered password and the decrypted password are compared in uppercase. If the passwords do not match, an error is displayed.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User No No

The internal name for this profile option is SIGNON_PASSWORD_CASE.

Signon Password Failure Limit

The Signon Password Failure Limit profile option determines the maximum number of login attempts before the user’s account is disabled.

Users cannot see or update this profile option.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User Yes Yes

The internal name for this profile option is SIGNON_PASSWORD_FAILURE_LIMIT.

Signon Password Hard to Guess

The Signon Password Hard to Guess profile option sets rules for choosing passwords to ensure that they will be “hard to guess.” A password is considered hard-to-guess if it follows these rules:

  • The password contains at least one letter and at least one number.
  • The password does not contain the username.
  • The password does not contain repeating characters.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User Yes Yes

The internal name for this profile option is SIGNON_PASSWORD_HARD_TO_GUESS.

Signon Password Length

Signon Password Length sets the minimum length of an Applications signon password. If no value is entered the minimum length defaults to 5.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User Yes Yes

The internal name for this profile option is SIGNON_PASSWORD_LENGTH.

Signon Password No Reuse

This profile option specifies the number of days that a user must wait before being allowed to reuse a password.

Users can see but not update this profile option.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User Yes Yes

The internal name for this profile option is SIGNON_PASSWORD_NO_REUSE.

Single Sign-On Account Settings

The internal name for this profile category is FND_SSO_ACCOUNT_SETTINGS.

ICX: Client IANA Encoding

This profile option is used to determine the character set of text displayed by Java Server pages. The value is the code set of the middle tier. It is used to allow the online help system to support languages other than American English. The default setting is the Western European character set (ISO-8859-1).

This profile option should be set only at the site level.

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at the all levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is ICX_CLIENT_IANA_ENCODING.

Web Server Deployment

The internal name for this profile category is FND_WS_DEPLOYMENT.

Applications Servlet Agent

This profile option must be set to the URL base for the servlet execution engine on Apache. Oracle Applications uses the value of this profile option to construct URLs for JSP and SERVLET type functions. The syntax is:

 https://<hostname>:<port>/<servlet_zone>

Example:

 https://ap523sun.us.oracle.com:8888/oa_servlets

Users can see this profile option, but they cannot update it.

This profile option is visible and updatable at all levels.

Level Visible Allow Update
Site Yes Yes
Application Yes Yes
Responsibility Yes Yes
User Yes Yes

The internal name for this profile option is APPS_SERVLET_AGENT.

Applications Web Agent

Provides the base URL for the Apps Schema’s WebServer DAD. You set this profile option during the install process.

This profile option is visible and updatable at all levels.

Level Visible Allow Update
Site Yes Yes
Application No No
Responsibility No No
User Yes Yes

The internal name for this profile option is APPS_WEB_AGENT.

 

Advertisement

Understanding AutoConfig

Published on by Advait3 Comments

Introduction:

AutoConfig is the tool, which is used to configure oracle application systems. Its basically a perl script with a shell wrapper over it. At present there are more then 300 configuration files and environment files in application system. Whenever a change is made to any of the configuration parameter, the change needs to be propagated correctly to correct configuration and environment files. Managing such changes in such large number of files is really difficult.

Context File:

AutoConfig uses a file called context file, which is used to configure changes. Context file is a XML file having all the parameters of application system. These parameters are part of some configuration file for some services or it may be part of some environment file. When we create an application system (using Rapid install), context file gets created automatically will all the parameters and there values. Most of the parameters take default value, where as some parameters takes the value that is supplied at the time of installation.

Optionally we can create context file separately using adbldxml.sh/adbldxml.pl script. These scripts are present in $FND_TOP/bin directory. adbldxml.sh in turn runs oracle.apps.ad.context.GenerateContext java class.

Following is an example entry for the context variable “domainname” from the log file of adbldxml.pl run:

 [ s_domainname ]
SEVERITY         : INFO   
SOURCE SEARCHED  : Using System commands to get Domain name value   
SEARCH RESULTS   : Domainname could not be found using system commands.   
SOURCE SEARCHED  : Database table - GLOBAL_NAME   
SEARCH RESULTS   : Query on database table GLOBAL_NAME returned - XXXX.WORLD;  

                   Table is hosting incorrect value for domain.

SOURCE SEARCHED  : Prompting the user for the domain name.  
SEARCH RESULTS   : Value accepted from the user - its.yale.edu  
VALUE ASSIGNED   : its.yale.edu  
USER ACTION      : No action required          

The above entry shows the sources searched, search results for each search and the final assignment for the context variable domainname. As you can see adbldxml.pl provides the search information in great detail in its log file. This log file helps a lot in debugging adbldxml.pl behavior.

Each placeholder in the template file has a corresponding xml node (a context variable) in the context file. They all have a mandatory attribute called oa_var, the attribute value for this attribute is the placeholder name. Each node is primarily identified by the oa_var attribute value and can optionally have other attributes like oa_type, oa_enabled scope and default. The node’s only child is a text node, which stores the placeholder’s environment specific value. From here on I will refer to this text value as the “text value of the context variable”. The description of these context variables along with their oa_var value can be seen in adctxinf.tmp (stored in $AD_TOP/admin/template).

Context variables in the context file are organized in a hierarchical order, hence the choice of xml to store them. These context variables mainly lie under five top level parent nodes i.e. oa_system, oa_host, oa_install, oa_environments and oa_processes. Each top level parent node is further divided into further levels before you reach the real context variables.

To change any configuration option in the Oracle Applications environment, we need to change the value of corresponding context variable in the context file and then run autoconfig for our changes to take effect. For example if we need to change the web server port then we would change the text value of the context variable “webport” (oa_var value s_webport), and then run autoconfig. Since the context file is just an xml file, it can be updated in many ways. I will describe some of them later.

How it works:

Each configuration file has one (sometimes two, one for NT and one for UNIX) corresponding template file (provided by autoconfig patches, stored in $PROD_TOP/admin/template directory). Profile options and other instance specific information in the database is maintained by many sql scripts, called from wrapper shell/perl scripts. These scripts also have corresponding template files (also provided by autoconfig patches, `in $PROD_TOP/admin/templates). In these template files all the environment specific values are replaced by placeholders (like %s_webhost%).

Following entry in httpd.conf

Timeout 300 is replaced by following in its template $FND_TOP/admin/template/httpd_ux_ias1022.conf

Timeout %s_ohstimeout%

Environment specific values for this placeholder is stored in an environment specific xml file (called application context file) stored in $APPL_TOP/admin.

For e.g.

For the above placeholder the value stored in the xml file is:

<ohstimeout oa_var=”s_ohstimeout”>300</ohstimeout>

Each placeholder has a corresponding xml node in the context file. The placeholder name is the value for the “oa_var” attribute of the xml node, the placeholder name without the prefix “s_” (generally) is the node name for the xml node and the value is stored as a child text node. These xml nodes are termed as context variables by Oracle documentation and each node primarily is identified by its oa_var attribute value. So effectively we can say that in the above case we replace “300” by context variable “ohstimeout” whose oa_var value is “s_ohstimeout”.

Configuration files can be easily created from the template file by just replacing all the placeholders with the corresponding values from the context file. This process is termed as “instantiating the template” in Oracle documentation.

Driver files (stored in $PROD_TOP/admin/driver) store information about what to do with each template (e.g. instantiate it and replace the existing configuration file with it, instantiate it and run it). These files are named as <PROD_TOP>tmpl.drv (e.g. adtmpl.drv, fndtmpl.drv etc.) They contain one line for each template they manage.

When autoconfig (adconfig.pl or adconfig.sh) runs it just processes the driver file for each product, line by line doing what the driver file instructs it to do. The order of execution of each line is not sequential as we shall see later. The diagram below depicts the autoconfig functionality.

auto.jpg

Editing context file:

1. Editcontext

Editcontext is a java application provided by oracle for updating the values in the context file. It is provided as a patch (patch: 2873456). Editcontext provides a list of all the updatable context variable values along with their titles. The title is not the variable name or value of oa_var attribute, but it is derived from adctxinf.xml, which comes with the editcontext patch and stores the title along with the oa_var value for each context variable. Editcontext only lists those context variables, which are listed in its repository (adxmlctx.tmp). If you find that, not all variables are listed, then the version of this file is probably lower than the adxmlctx.tmp stored in $AD_TOP/admin/template. In that case just copy this file from $AD_TOP/admn/template to the editcontext repository (i.e. <patch unzip directory>/editcontext/etc).

After launching editcontext, we have to find the context variable that we want to update. Once we find it, we can just change the value and save the new value to the context file (To be precise editcontext rewrites the whole context file instead of just updating one value). Since the list of context variables is quite long, it may take a while to find the desired context variable in the list.

2.      Oracle Applications Manager

Oracle Applications Manager is a web-based portal for managing Oracle Applications. Along with many other features, this product has a section for updating the context files. This product lists everything for each context variable i.e. name, oa_var attribute value, description, and real updateable value. Moreover instead of giving us a long list of context variables to search from, it divides the context file into many sections and each section is displayed in the xml tree format making it easier to find a particular context variable. It also provides us with the option of adding custom context variables (which we will look at in the customization section).

One thing to remember while updating context variables using OAM is that what it displays is gotten; by parsing the context file stored in fnd_oam_context_files table (Autoconfig at each run uploads the context file in this table). When we try to update the context file, OAM first update’s the status flag from ‘S’ to ‘H'(History) for our context file record, it then inserts another row for the same context file with status ‘S’. (OAM inserts another row instead of updating the existing row to maintain change history for each context file) It then requests the specific node’s FNDFS listener for updating the file on the file system (autoconfig uses the file on the file system). So we have to make sure that the FNDFS listeners are running on all the nodes before using OAM to update the context file.

With all the features of Oracle Applications Manager mentioned above, updating context files using Oracle Applications Manager seems to be the direction Oracle is trying to move.

3.      Scripted Update

EditContext and Oracle Application Manager are good for updating context file if you need to update one or two context variables. If you need to modify quite a few variables (for e.g. if you need to update all the ports in the context file) then using these GUI tools do become cumbersome. It would be nice to have a scripted way of updating lots of values in the context file using a data source of changes. I will describe two ways of achieving this using Oracle supplied code.

a. Java class oracle.apps.ad.context.UpdateContext

This java class allows us to change one context variable at a time from the command line. But we can easily use a shell/perl/python/tcl/etc script to call this class multiple times for different context variables based on a changes file, which stores all our required changes

For example let’s say we need to change the following context variables. The first column is the oa_var values of the context variable and the second column is desired value. These values are stored in a file changes.txt

 s_webport 7777
 s_webport_pls 9999
 s_oprocmgr_port 9997
 s_active_webport 9996
 s_forms_servlet_portrange 1801-1810
 s_oacore_servlet_portrange 2801-2810

The following perl script loops through each record in changes.txt and updates the context file by calling the java class once for each line. The syntax it uses to call this java class is:

java oracle.apps.ad.context.UpdateContext CONTEXT NAME VALUE

where

CONTEXT – Context File Name
NAME – context variable name
VALUE – Desired Changed value

b. Using Perl Module TXK::XML:

The above technique works well but it is quite heavy on resource consumption, since we start a new jvm for every update. For every update the java code has to parse the xml file, create the DOM tree, do the update in memory and then write it back to the file system. It would be more efficient if we could just parse the xml file only once and do all our updates before writing the xml file to the file system. This can be achieved by using oracle supplied perl module TXK::XML (Found in $AU_TOP/perl/TXK). For using TXK::XML we load the context file as as TXK::XML object, change the configuration option values by using setOAVar method ot the TXK::XML object and then write the file back to the file system. The only thing to take note of is setOAVar expects a hash reference as the input variable. This hash will contain the list of context variables to be changed in a key value pair; the key is the oa_var value of the context variable and the value is the corresponding desired values.

If we use any programmatic method to update the context file, we are not allowing OAM to maintain a change history for all our context files, which is very important since context file is the central repository for all the configuration options. This can be easily taken care by updating the existing record for our context file to status ‘H’ in fnd_oam_context_files table and then inserting the changed context file into the table using executable FNDCPUCF (in $FND_TOP/bin).

Since the context file is just an xml file, you can basically use any xml parser or write your own xml parser to do the updates, but in my experience the above mentioned methods has been the least error prone and least time consuming. Moreover in all of the above methods I am using Oracle’s code to update the xml file.

The Template Files

Template files are files, which are merged with the context file (instantiated) to produce configuration files or scripts to update the database. They are stored in <PROD_TOP>/admin/templates directory. Autoconfig patches/Technology stack patches install new templates or upgrade existing templates. Now let’s look at how these template files are created.

Let’s take a small configuration file REP60_<SID>.ora (Reports server configuration file):

mailprofile="$Header: REP60_server.ora 115.5 2004/03/24 01:10:51 njoseph ship $"
nlssupport=yes
maxconnect=20
cachedir="/u02/app/oracle/product/8.0.6/reports60/server/cache"
cachesize=50
minengine=5
maxengine=10
initengine=5
maxidle=30
security=1
englife=50

If we replace all the environment specific values with context variables from the context file, then this is what we get:

mailprofile="$Header: REP60_server.ora 115.5 2004/03/24 01:10:51 njoseph ship $"
nlssupport=yes
maxconnect=20
cachedir="%s_tools_oh%/reports60/server/cache"
cachesize=50
minengine=%s_minengine%
maxengine=%s_maxengine%
initengine=0
maxidle=30
security=1
englife=50

And now we have a template file corresponding to the Reports server configuration file. The placeholder values enclosed by “%” correspond to the context variable in the context file. If we instantiate this template using the values from the context file we can easily recreate our configuration file. All the configuration files and sql scripts are converted to templates in similar fashion and supplied to us by autoconfig patches.

The Driver Files

Driver files, as the name suggests drives what autoconfig does (stored in <PROD_TOP>/admin/driver). They are named as <PROD_TOP>tmpl.drv i.e. adtmpl.drv, fndtmpl.drv etc. Autoconfig patches install and update these driver files. Each driver file has one line for each template it manages. Each line tells autoconfig what to do with that template. This is achieved by using a particular syntax that conveys the relevant information to autoconfig. Following is the syntax for the lines in the driver files.

<PROD> <Location> < Name> <Action> <Dest directory> <Dest file name> <File permission>

 For e.g.
 ad admin/template adconfig.txt INSTE8 /admin     adconfig.txt      600
Column Description
PROD Product Name
Location Directory underneath PROD_TOP where the template is located. Generally “admin/template”.
Name Name of the template File
Action Type of action to be performed on this template (Refer to the following table for description of different kinds of action)
Dest Directory Destination directory of the instantiated template file. We can use context variables enclosed In “” to specify the destination directory. For example if we want to specify $APPL_TOP/admin as the destination directory we would specify it as “<at>/admin” in the driver file.
Dest file name Destination configuration file name for the instantiated template file. We can use context variables enclosed in “” to specify the destination configuration file name. For example if the destination file has Database SID we can specify it as “<SID>.env” in the driver file.
File Permission Autoconfig generates the configuration file with the provided unix style permission.

Actions:

Action Description
INSTE8
  • Instantiate (replace context variables with values from xml context file)
  • Copy the result to the <Dest directory>/<Dest file name> overwriting the existing configuration file, if one exists.
  • Change the permission to <File permission>
INSTE8_SETUP
  • Instantiate (replace context variables with values from xml context file)
  • Copy the result to the <Dest directory>/<Dest file name> overwriting the existing file, if one exists.
  • Change the permission to <File permission>
  • Execute the instantiated file.
INSTE8_APPLY
  • Instantiate (replace context variables with values from xml context file)
  • Copy the result to the <Dest directory>/<Dest file name> overwriting the existing file, if one exists.
  • Change the permission to <File permission>
  • Execute the instantiated file.
INSTE8_PRF
  • Instantiate (replace context variables with values from xml context file)
  • Copy the result to the <Dest directory>/<Dest file name> overwriting the existing file, if one exists.
  • Change the permission to <File permission>
  • Execute the instantiated file.
INSTALL
  • Instantiate the template file only if the resulting configuration file does not already exist.

Though the description of three of the actions is same, they are there to get different execution order within autoconfig’s execution of each driver file. The execution order in which autoconfig processes each line is INSTE8, INSTALL, INSTE8_SETUP, INSTE8_APPLY and INSTE8_PRF. These actions mark the different phases of autoconfig i.e. Setup phase, Apply phase and Profile phase. It’s also possible to run autoconfig only up to a particular phase.

The driver file syntax also supports if then else branching based on type of node (i.e. web, admin, forms etc), which is useful in a multi node installation. The syntax also supports the branching based on the platform type (Unix or Windows). This allows having multiple templates for each configuration file and instantiating a particular template based on the platform.

For e.g.
if platform NT
ad admin/template APPLSYS_nt.env INSTE8 .env 600
endif

or

if installation-type admin node nodedev forms formsdev web webdev
ad admin/template adconfig.txt INSTE8 /admin adconfig.txt 600
end if

The driver file syntax also supports including other driver files which are processed by autoconfig recursively

For e.g.
#include        fnd     admin/driver    fndtmpl.drv

When autoconfig (adconfig.pl or adconfig.sh) runs it just processes each product’s driver file respecting the, if then else branching as it processes the lines in the driver files. It also processes all included driver files recursively.

 

Enabling SSL in Oracle E-Business Suite Release 12

Published on by Advait2 Comments

Overview

SSL stands for Secure Socket Layer which is protocol developed by Netscape. Data Transferred between Server & Client is secured (Encrypted).
Usually data transmitted between client machine & server (Web Server on http protocol & Forms Server on Sockets ) is clear text packets. Any one can put Packet Sniffer between Client machine & Server & can open & read all data transaction between your machine & Server (If he/she has network access) Hacker can get your Username/Password or any sensitive data. This become critical when you have Internet access to Oracle Applications 11i (Usually Self Service Implementation)

Communication between Client & Oracle Applications happens via three components.

  • Oracle Web Server (Initial Connection & all self service access is via Web Server/Apache). If your Form Server is in servlet Mode then Core Applications are also accessed via Web Server (oacore Component)
  • Oracle Form Server: For Core Oracle Application Access (Forms)
  • Database : You access web server which in turn talks to database Server via UTL_HTTP package via dad (/pls/$SID)

So You enable SSL on particular component depending on your requirement & component which is accessible over Internet & should be secured. You can Implement across all three component or only one or any two.

Concept:

SSL is a technology that defines the essential functions of mutual authentication, data encryption, and data integrity for secure transactions. Exchange of data between the client and server in such secure transactions is said to use the Secure Sockets Layer (SSL).

SSL uses 2 types of Certificates:

1.  User certificates:

These are Certificates issued to servers or users to prove their identity in a public key/private key exchange.

2.  Trusted certificates:

These are Certificates representing entities that you trust – such as certificate authorities that sign the user certificates they issue.

How SSL works with Middle Tier Oracle HTTP Server:

  1. The client sends a request to the server using HTTPS connection mode.
  2. The server presents its certificate to the client. This certificate contains the server’s identifying information.
  3. The client checks its list of Trust points and compares the information in the certificate with the server’s public key. If it matches, the server is authenticated as a trusted server.
  4. The client sends the server a list of the encryption levels, or ciphers, that it can use.
  5. The server receives the list and selects the strongest level of encryption that they have in common.
  6. The client creates a session key which is used to encrypt the data and sends this session key to the server which can decrypt the data with its private key

How SSL works with Oracle Database Server:

  1. The UTL_HTTP package is used for making HTTP callouts from SQL and PL/SQL to a Web Node (Oracle HTTP server).
  2. When the package fetches data from a Web site using HTTPS, it specifies the location to the Oracle Wallet that resides on the database server. This wallet contains the certificate for the Certifying Authority (CA) who signed the Web node’s server certificate.

Process:

For converting the application into SSL we need to have a Digital certificate. A Certificate Authority is a trusted third party responsible for issuing, revoking, and renewing digital certificates. All digital certificates are signed with the Certificate Authority’s private key to ensure authenticity. The Certificate Authority’s Public Key is widely distributed.

A Certificate Signing Request (CSR) is a digital file, which contains your public key and your name. You send the CSR to a Certifying Authority (CA) to be converted into a real Certificate.

A digital certificate is an electronic document that binds an identity to a pair of electronic keys that can be used to encrypt and sign digital information. A trusted third party, called a Certification Authority (CA), issues certificates. The document is usually in a standard X509 format and contains three elements:

  1. Entity attributes (information about your organization)
  2. Public key (which is bound to your organization)
  3. Digital signature of the trusted CA private key

Verisign (http://verisign.com/) will allow your organization to apply for a free trial certificate, which will be valid for 2 weeks for testing purposes.

Private (Server) Key:

The private key file is a digital file that you generate and for use to decrypt messages sent to you. The certificate request (CSR) that you send to your Certificate Authority (CA) is derived from this private key. Therefore, the resulting digital certificate (containing your public key), which is issued by your CA, is bound to this private key.

We will now look into the actual procedure for enabling the application with SSL. Not that below explanation is based on metalink note ID376700.1.

Middle tier setup

To start with SSL setup we have to create a certification request through Oracle wallet manager.

Step 1) Create wallet on the apps side

  • Login to application tier with applmgr user ID and navigate to $INST_TOP/ora/10.1.3 directory and source .env file present at that location. This will make 10.1.3 (IAS_ORACLE_HOME) as your ORACLE_HOME.
  • Navigate to $INST_TOP/certs/Apache directory.
  • Backup Apache directory
  • Start Oracle wallet manager

bash-2.05$ owm &
[1] 16555

  • Navigate Wallet -> New
    Answer No to: “Your default wallet directory doesn’t exist. Do you wish to create it now?”
    Set the wallet manager password (example. Welcome)
  • Click Yes when prompted “A new empty wallet has been created. Do you wish to create a certificate request at this time”.

Following screen appears

untitled.jpg

Common Name           – Your hostname
Organization Unit       – Your department name
Organization                – Your company name
Location/City              – Your city name
State/Province            – Your state name
Country                     – Your country name

Press OK once you fill all information. Save wallet in $INST_TOP/certs/Apache folder with name (server_name).cer

Once saved, it will ask, “A wallet already exist, you want to override”. You can say yes.
Click on certificate Request in the list provided on left side of Oracle wallet manager window and you can see your request contents on right side as seen in below screen.

untitled1.jpg

  • Wallet -> Autologin (Enable)
  • Wallet -> Save

Once you get the request content, you have to get the certificates from certifying Authority like verisign. Currently the certificate request that you created is your .cer file. Using this file you can get the actual certificate file, which will be .crt file. Along with that file you will also get your private key file (.key). So after getting certificate you will have 3 files with you

  1. Certificate request file (.cer)
  2. Actual certificate file (.crt)
  3. Private Key file (.key)

Once you get the certificate, you have to generate CA certification file. Since for any SSL certificate we need to have CA(Certifying Authority) file. Some of the certifying authority companies also provide CA files. But here we will see how to generate CA file from certificate file (.crt).

Step 2) Creating your certifying authority’s certificate

  • Copy/ftp (binary mode) .crt to the your PC desktop
  • Double-click the file and go to Certification Path tab
  • Double click on VeriSign/RSA Secure Server CA
  • Go to Details tab and press Copy to File…
  • Press Next and select “Base-64 encoded X.509(.CER)” and press next
  • Give the name as ca
  • Press Finish

A new ca.cer file will be present in your local PC. FTP back ca.cer file to your UNIX host.

Step 3) Converting the existing cert files

  • Source the .env file again present at location $INST_TOP/ora/10.1.3
  • Change dir to $INST_TOP/certs/Apache
  • Copy .crt, ca.crt, servername.key to the current dir.
  • Execute the following command:
    $ORACLE_HOME/Apache/Apache/bin/ssl2ossl -cert ./.crt -key ./.key -cafile ./ca.cer -wallet . -ssowallet yes

Step 4) Appstier setup
Edit the context xml file in $APPL_TOP/admin, change the SSL related variables to SSL values

SSL Related Variables in the Context File
Variable Non-SSL Value SSL Value
s_url_protocol http https
s_local_url_protocol http https
s_webentryurlprotocol http https
s_active_webport same as s_webport same as s_webssl_port
s_webssl_port not applicable default is 4443
s_https_listen_parameter not applicable same as s_webssl_port
s_help_web_agent url constructed with http protocol and s_webport for both non-SSL and SSL
s_login_page url constructed with http protocol and s_webport url constructed with https protocol and s_webssl_port
  • Execute autoconfig
  • Bounce the mid-tier services

Step 5) DB Tier Setup

Once you run autoconfig on Apps Tier, you need to do wallet setup on DB tier as well. Since R12 is autoconfig enabled, there will be a directory called appsutil in ORACLE_HOME on database side. Follow below steps to carry out the setup on database side.

  • Login to DB tier as oracle user
  • Change dir to $ORACLE_HOME/appsutil
  • Create a new dir with name as wallet
  • Start Oracle Wallet Manager (owm &)
  • Wallet -> New
  • Answer No to: “Your default wallet directory doesn’t exist. Do you wish to create it now?”
  • Click No when prompted “A new empty wallet has been created. Do you wish to create a certificate request at this time”
  • Save Wallet
  • Copy ca.crt from the appl_top to $ORACLE_HOME/appsutil/wallet
  • Navigate Operations-> Import Trusted Certificate
  • Navigate to ca.crt
  • Once import completed. Save wallet
  • Navigate wallet-> autologin (enable)
  • Save wallet

Step 6) Sanity check

  • New Appslogin url: https://(hostname):(port)/OA_HTML/AppsLogin
  • Notice the lock sign in the statusbar (bottom) of the browser. Click on the sign to verify the certificate
  • Sanity check all the components.
  • Login to db as sqlplus apps/(apps password)
  • select utl_http.request(‘https://(hostname):(port)’,null,’file:(path to ORACLE_HOME/appsutil/wallet)’, null) from dual;
  • It should display the first 2000 Chars of the html page.

 

Enabling OID/SSO for E-Business Suite R12

Published on by Advait5 Comments

Following procedure shows registering Oracle E-Business suite R12 with OID and enabling SSO. This is based on metalink note ID 376811.1

There are three components that can be registered or de-registered in Release 12 with the SSO/OID registration utility. The utility automatically detects the registered components and performs registration for the un-registered components. So there is no need to pass individual registration arguments.

SSO-OID Registration can be done using a single command (Section 1.1). Even though it can be done in a single command it is divided into three parts.

  • Oracle Home Registration.
  • SSO Registration.
  • OID Registration.

Here we will see registering each component individually.

Also we need to have Oracle Application server 10g installed before proceeding for OID/SSO registration. Here are the list of component and supported version.

Components

Oracle E-Business Suite R12
The following components must be used on the E-Business Suite instance:

Component Name
 
Release
 
Oracle E-Business Suite Release 12
 
12.0.0
 
Oracle 10g Application Server
 
10.1.2
 
Oracle 10g Application Server
 
10.1.3
 
Oracle Developer 10g (includes Oracle Forms)
 
10.1.2
 
Oracle Application Server 10g Enterprise Edition

The following Oracle Application Server 10g Enterprise Edition components must be used on the standalone instance:

Component Name Release
Oracle Application Server 10g Enterprise Edition 10.1.2.0.2
Oracle Single Sign-On 10g 10.1.2.0.2
Oracle Internet Directory 10g 10.1.2.0.2
Oracle Portal 10g (optional) 10.1.4
Oracle Discoverer 10g (optional) 10.1.2.0.2

Before registering make sure to change the following profiles with the values give as below.

  • Applications SSO Type: SSWAw/SSO
  • Applications SSO Auto Link User: Enable
  • Applications SSO Login Types: Both
  • Application SSO LDAP Synchronization: Enable
  • Applications SSO Enable OID Identity Add Event: Enable
  • Link Applications user with OID user with same username: Enable

Once the profiles are set, go ahead with OID/SSO registration.

Registering with OID/SSO

Oracle Home Registration

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -registerinstance=yes

You are registering ORACLE HOME only.

Enter the host name where Oracle iAS Infrastructure database is installed ? ocvmrh2119.us.oracle.com
Enter the LDAP Port on Oracle Internet Directory server ? 389
Enter SSL LDAP Port on Oracle Internet Directory server ? 636
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome1
Enter Oracle E-Business apps database user password ? apps

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Wed_Jun_20_05_14_34_2007.xml

Beginning input parameter validation for Oracle Home Instance registration.
Input parameter validation for Oracle Home Instance registration completed.

BEGIN ORACLE HOME INSTANCE REGISTRATION:
Oracle Home Instance preferences stored successfully.
Oracle Home Instance registered successfully.

 

 

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

SSO Registration

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -registersso=yes

You are registering this instance with SSO Server.

Enter Oracle E-Business apps database user password ? apps

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Wed_Jun_20_05_16_22_2007.xml

Beginning input parameter validation for SSO registration.
Input parameter validation for SSO registration completed.

BEGIN SSO REGISTRATION:
Beginning to register partner application.
Partner application has been registered successfully.
Configuration file uploaded successfully.
Single Sign-On partner application registered successfully.

 

 

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

OID Registration

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -registeroid=yes

You are registering this instance with OID Server.

Enter LDAP Host name ? ocvmrh2119.us.oracle.com
Enter the LDAP Port on Oracle Internet Directory server ? 389
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome1
Enter the instance password that you would like to register this application instance with ? welcome1
Enter Oracle E-Business apps database user password ? apps

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Wed_Jun_20_05_17_54_2007.xml

Beginning input parameter validation for OID registration.
Input parameters validation for OID registration completed.

 

BEGIN OID REGISTRATION:
Beginning to register Application and Service containers if necessary.
Application and Service containers were created successfully if necessary.
Beginning to register application in Oracle Internet Directory.
Registration of application in Oracle Internet Directory completed successfully.
-> LOADING:  /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/admin/template

/AppsOIDRegistration.tmp

Beginning to register provisioning profile in Oracle Internet Directory.
Registration of provisioning profile in Oracle Internet Directory completed successfully.
Application is now registered successfully with provisioning in Oracle Internet Directory.

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

Users are automatically synched up from local repository to OID repository. So when you create a user in local using AppsLocalLogin.jsp it will be automatically reflected in SSO.

Try to login to AppsLocalLogin.jsp and create a new user. Please note that if you dont give any numeric value in password then you may encounter following error.

Unable to call fnd_ldap_wrapper.create_user due to the following reason:
.
ORA-20001: Unable to call fnd_ldap_wrapper.create_user due to the following
reason:
An unexpected error occurred. Please contact your System Administrator

Example if you give your password as welcome, then you may get above error. For this, you need to give a numberic value in your password like welcome1. This behaviour is because while creating users in Apps (even via Forms) by logging via AppsLocalLogin.jsp, it will send the user to OID. In attempting to do so, it will check the OID’s password policies. According to the policies, a password should be alpha numeric.

De-Registrating OID/SSO

Deregister OID

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -deregisteroid=yes

You are deregistering this instance from OID Server.

===============================================================

WARNING: You have selected to deregister individual components.
This might leave some components still at registered state
which might create inconsistencies at run time.
It is recommended that you use “-deregister=Yes” to completely deregister
the Oracle EBusiness instance from OID server
OR
Individually deregister components using “-deregisteroid=Yes”,
“-deregistersso=Yes” and “-deregisterinstance=Yes”.

===============================================================
Enter Oracle E-Business apps database user password ? apps
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome1

 

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Thu_Jun_21_00_12_25_2007.xml

Beginning input parameter validation for OID de-registration.
Input parameters validation for OID de-registration completed.

 

BEGIN OID DE-REGISTRATION:
Beginning to delete provisioning profile for this application.
Provisioning profile for this application has been deleted successfully.
Beginning to de-register this application from Oracle Internet Directory.
This application has been de-registered successfully from Oracle Internet Directory.
-> LOADING:  /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/admin/template

/AppsOIDDeRegistration.tmp
Removing OID References Started.
Removing OID References Completed Successfully.
OID DE-REGISTRATION COMPLETED.

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

Deregister SSO

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -deregistersso=yes

You are deregistering this instance from SSO Server.

===============================================================

WARNING: You have selected to deregister individual components.
This might leave some components still at registered state
which might create inconsistencies at run time.
It is recommended that you use “-deregister=Yes” to completely deregister
the Oracle EBusiness instance from OID server
OR
Individually deregister components using “-deregisteroid=Yes”,
“-deregistersso=Yes” and “-deregisterinstance=Yes”.

===============================================================
Enter Oracle E-Business apps database user password ? apps

 

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Thu_Jun_21_00_14_52_2007.xml

Beginning input parameter validation for SSO de-registration.
Input parameters validation for SSO de-registration completed.

BEGIN SSO DE-REGISTRATION:
Partner application registered with SSO Server and will be de-registered.
Partner application has been de-registered successfully.
Configuration file deleted successfully.
SSO DE-REGISTRATION COMPLETED.

 

 

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

Deregister Instance

bash-2.05$ $FND_TOP/bin/txkrun.pl \
> -script=SetSSOReg \
> -deregisterinstance=yes

You are deregistering ORACLE HOME only.

===============================================================

WARNING: You have selected to deregister individual components.
This might leave some components still at registered state
which might create inconsistencies at run time.
It is recommended that you use “-deregister=Yes” to completely deregister
the Oracle EBusiness instance from OID server
OR
Individually deregister components using “-deregisteroid=Yes”,
“-deregistersso=Yes” and “-deregisterinstance=Yes”.

===============================================================
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome1
Enter Oracle E-Business apps database user password ? apps

 

 

*** Log File = /dy/oracle/product/test12/inst/apps/test12_ap101fam/logs/appl/rgf/TXK/

txkSetSSOReg_Thu_Jun_21_00_16_25_2007.xml

Beginning input parameter validation for Oracle Home Instance de-registration.
Input parameter validation for Oracle Home Instance de-registration completed.

BEGIN ORACLE HOME INSTANCE DE-REGISTRATION:
Oracle Home Instance de-registered successfully from Infrastructure Host.
Oracle Home Instance preferences removed successfully
ORACLE HOME INSTANCE DE-REGISTRATION COMPLETED.

 

 

End of /dy/oracle/product/test12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/

txkSetSSOReg.pl : No Errors encountered

Once these 3 steps are done, bounce the application system middle tier, login to application and change the profile options back to original value. Following values should be made for the profile options.

  • Applications SSO Type: SSWAw/SSO
  • Applications SSO Auto Link User: Disable
  • Applications SSO Login Types: Local
  • Application SSO LDAP Synchronization: Disable
  • Applications SSO Enable OID Identity Add Event: Disable
  • Link Applications user with OID user with same username: Disable

 

Cleaning up the system – 11i and R12

Published on by Advait2 Comments

Here is the small post which describes the potential placed where log files and trace files are present and can be cleaned up. This is requied when you want to free up space on the system.

Cleaning up R12 instance:

Following are the locations in applmgr side which you can check and clean up. Be careful while cleaning up the log files, because some might be needed for analysis or might contan errors for some reproducible test case. So if you delete some log file which is needed, you might have to redo that work. Usually its a good idea to leave the logs which are 1-2 days old and delete the other older logs

Main location for logs and other not useful files on applmgr side:

Forms dump files : $INST_TOP/logs/ora/10.1.2/forms

Reports Cache : $INST_TOP/logs/ora/10.1.2/reports/cache

Apache logs : $INST_TOP/logs/ora/10.1.3/Apache

OPMN Logs : $INST_TOP/logs/ora/10.1.3/opmn

Its advisable not to remove any logs under $INST_TOP/logs/ora/10.1.3/j2ee directory since these are very important logs and are required frequently for debugging.

Logs for service management : $INST_TOP/logs/appl/admin/log

Concurrent Manager logs : $INST_TOP/logs/appl/conc/log

Concurrent Manager out files : $INST_TOP/logs/appl/conc/out

Other then these directories if you have some patch downloaded at some location, it is advisable to remove those patches once applied.

Main location for logs and other not useful files on oracle side:

Cleanup background_dump_dest, user_dump_dest and core_dump_dest directories on database side. These locations usually have huge trace files.

Check the location of ORACLE_HOME using du -sh command. Usually the size of ORACLE_HOME should be aounr 3-4G. If size of ORACLE_HOME (other then datafiles) is abnormally large like 7-8G or more then you need to investigate which directory is consuming more space and accordingly clean up that directory if appropriate.

In some situation if it becomes impossible to clean up the space (because there are no trace files to cleanup) and you desperately want the space to be available on the file system, then you can connect to database as sysdba and try to reduce the size of temp files using “alter database tempfile .. resize” comamnd. This will release some space and prevent database from crashing in case file system is reaching 100% full.

Again if some patches are downloaded for application, make sure to remove the patches zip files once they are applied.

Some times we upgrade the database to a major release, like from 9i to 10g or from 10g to 11g. In that case its advicable to remove the old ORACLE_HOME. This will not only save space but also will avoid confusion.

Cleaning up 11i instance:

Main location for logs and other not useful files on applmgr side:

Logs for Concurrent manager, forms and reports: $COMMON_TOP/admin/log/$CONTEXT_NAME

Out files for Concurrent managers: $COMMON_TOP/admin/out/$CONTEXT_NAME

Apache Log files: $IAS_ORACLE_HOME/Apache/Apache/logs

Jserv Log files: $IAS_ORACLE_HOME/Apache/Jserv/logs

There are some log files in $APPL_TOP/admin/$TWO_TASK/log and $AD_TOP/log, but its advisable not to delete these logs as they are very important for debugging.

Main location for logs and other not useful files on oracle side:

Cleanup background_dump_dest, user_dump_dest and core_dump_dest directories on database side. These locations usually have huge trace files.

Hope this helps !!

AutoConfig Search Utility

Published on by Advait1 Comment

Sometime if we want to find out a variable to be changed in context file, but we dont know the exact name and the meaning of the variable then we can use autoconfig search utility. Search utility will ask for the keyword to be searched for and will generate the report based on the available variables contaning that search keyword. It will also give the description about the autoconfig variables, which is very useful.

Following is the way to use search utility

-bash-3.00$ perl $FND_TOP/bin/txkrun.pl -script=GenCtxInfRep -keyword=mwa -outfile=$OA_HTML/txkContext_Apps.html
*** ALL THE FOLLOWING FILES ARE REQUIRED FOR RESOLVING RUNTIME ERRORS
*** Log File = /slot/ems2815/appmgr/inst/apps/az1mq206_rws60043rems/logs/appl/rgf/TXK/txkGenCtxInfRep_Wed_Jun_17_00_04_30_2009.log 
Program : /slot/ems2815/appmgr/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkGenCtxInfRep.pl started @ Wed Jun 17 00:04:30 2009

*** Log File = /slot/ems2815/appmgr/inst/apps/az1mq206_rws60043rems/logs/appl/rgf/TXK/txkGenCtxInfRep_Wed_Jun_17_00_04_30_2009.log 

The HTML report is generated in /slot/ems2815/appmgr/apps/apps_st/comn/webapps/oacore/html/txkContext_Apps.html

Program : /slot/ems2815/appmgr/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkGenCtxInfRep.pl completed @ Wed Jun 17 00:04:59 2009

End of /slot/ems2815/appmgr/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkGenCtxInfRep.pl : No Errors encountered
-bash-3.00$

Here I used the keyword as mwa and the report will give all variables having mwa as sub-string. The report will look as shown in this link.

Hope this helps !!

The report will look as shown in this link

Oracle EBS R12 is now certified with 11g Database

Published on by Advait3 Comments

Today, Oracle has announced that Oracle E-Business Suite R12 is certified with Oracle database 11g R1, the project I was actively involved into.

This announcement for EBS Release 12 version 12.0.4 and up includes:

  • Oracle Database 11gR1 Version 11.1.0.6
  • Oracle Database 11gR1 Version 11.1.0.6  Real Application Clusters (RAC)

Prerequisites & Interoperability

For prerequisites and interoperability, refer to the relevant OracleMetalink Notes listed in the documentation section below.

Platforms certified

  • Linux x86
  • IBM AIX
  • Sun Solaris SPARC
  • HP-UX PA-RISC
  • HP-UX Itanium
  • Linux x86-64

Documentation

  • OracleMetalink Note 735276.1 – Interoperability Notes E-Business Suite R12 with Oracle Database 11gR1 (11.1.0)
  • OracleMetalink Note 466649.1 – Using Oracle 11g Release 1 Real Application Clusters and Automatic Storage Management with Oracle E-Business Suite Release 12

Enabling Forms Tracing – Oracle E-Business Suite R12

Published on by Advait1 Comment

Introduction:

Some times we need to diagnose the issue or error coming in forms. For such situation we need to get more information about the issue we are facing in forms. One of the best way to get such information is using tracing.

Many types of tracing are available in forms. We will discuss couple of methods for enabling the tracing and see how that can help us in diagnosing the issue.

Enabling SQL Tracing

First we see how to enable a normal SQL tracing. In my case I have a forms where I am entering few values and then saving the form. This will have some insert and updates command in the backend which will get executed when we save the form. SQL tracing is used to track those DML queries to debug the issue. When we open the form we can see on the menu option

Help -> Diagnostic -> Trace ->

Here we have many options available (default is ‘No Trace’). We can enable tracing by selecing on of the options from here.  ‘Regular Trace’ gives the least information and ‘Trace with Binds and Waits’ (level 12) gives maximum information. Be careful while enabling SQL trace with wait and binds as this will make the trace file huge.

Also we can start the tracing in the middle of forms sessions also. Example in my case I wanted to check the last insert/update DML statements that gets fired when we save the form. So after we fill all the values in the fields, we can start the tracing so that the initial select statement does not come in trace file.

When we enable the trace it will give the trace file location (This location will be the location of USER_DUMP_DESTINATION parameter of database).

After you save the form you can stop tracing by selecting ‘No Trace’ again from Help -> Diagnostic -> Trace -> No Trace

Use tkprof to covert trace file in readable format.

-bash-2.05b$ tkprof md9ys210_ora_20412_MFG.trc
output = trace_sql.txt

TKPROF: Release 10.2.0.4.0 – Production on Mon Jul 28 23:54:31 2008

Copyright (c) 1982, 2007, Oracle.  All rights reserved.

-bash-2.05b$

Enabling Forms Tracing

Another way for debugging is to enable tracing at forms level for a particular user. This method is also explained in metalink note ID 373548.1. By default, it will trace errors only. To utilize the full flexibility of Forms Trace, the record=forms parameter must be used in conjunction with the tracegroup parameter.

Applications Development has created several recommended levels of tracing, which are predefined in the file $ORA_CONFIG_HOME/10.1.2/forms/server/ftrace.cfg

  • light (0-71,192): Records user actions, error messages and form service events.
  • medium (0-97,192,194,195): Includes events in the light tracegroup also captures built-in and user-exit events.
  • full (0-98,100-199): Captures all information that is currently available through Forms Tracing.
  • dbsql (32,64,98,100,101,136,137,192): All events related to the database and forms interaction with it
  • network (64,32,128,129,131,130,132,133,134,192): All events related to communications between client tier and Forms server.

In my case I am enabling the tracing for SQLs.

Please follow below steps to enable form level tracing.

  1. Sign on to Oracle Applications as a user with the System Administrator responsibility.
  2. Select the System Administrator responsibility.
  3. Select the Profile -> System function (this will launch Forms).
  4. Search for the Applications user and the profile option Forms Runtime Parameters.
  5. Add the required parameters, using the syntax: record=forms tracegroup=dbsql
    You can use any other value also for tracegroup depending on your requirement. Examples:

    record=forms tracegroup=medium

    Note the space between the parameter/value pairs.

  6. Commit the changes and log out of Applications.
  7. Restart the Forms OC4J group using either adformsctl.sh (servlet) or adformsrvctl.sh (socket).
  8. Log in to Applications as the user whose Forms Runtime Parameters profile option was amended.

Before doing this, metalink note ID also mention to append “record=forms” at the end of ICX: Forms Launcher profile for that user. Example

http://rws60048rems.us.oracle.com:8058/forms/frmservlet?record=forms

But when I tried that I got following error.

FRM-90926: Duplicate Parameter on command line.

So I removed record=forms and I was able to generate the trace files without any issue. This may be some issue with my instance.

Once you set the profile “Forms Runtime Parameters”, bounce the forms and try to accecss forms, it will generate a trace file at the location defined by FORMS_TRACE_DIR. After you finish the navigation in form and exit, your trace file will get created FORMS_TRACE_DIR location.

This file will be in binary format and cannot be read. You need to convert this into .txt or .html format using following command

java -cp $ORACLE_HOME/forms/java/frmxlate.jar oracle.forms.diagnostics.Xlate datafile=forms_8842.trc outputfile=forms_trace1.html outputclass=WriteOutHTML

Here,

datafile=forms_8842.trc is the name of trace file that got created due to activities on forms.

outputfile=forms_trace1.html is the name of output file that will get created. You can use html or .txt

outputclass=WriteOutHTML parameter decides if the output file should be HTML or TXT. If you use just WriteOut then output file will be TXT. If you use WriteOutHTML then output file will be HTML.

The output HTML file will look like this.

Hope this helps !!

References:

Metalink note ID 373548.1

Important tables for ADPATCH

Published on by Advait3 Comments

Here are some of the important tables used by and updated by ADPATCH utility.

AD_APPL_TOPS

This table holds the various APPL-TOP’s in the Oracle Applications installation that have ever been patched.

AD_APPLIED_PATCHES

AD_APPLIED_PATCHES holds information about the “distinct” Oracle Applications patches that have been applied. If 2 patches happen to have the same name but are different in content (eg. “merged” patches), then they are considered distinct and this table will therefore hold 2 records.

AD_BUGS

AD_BUGS holds information about the various Oracle Applications bugs whose fixes have been applied (ie. patched) in the Oracle Applications installation.

AD_PATCH_DRIVERS

This table holds information about the patch drivers that comprise a patch.

AD_FILE_VERSIONS

This table holds the various versions of Oracle Applications files (real files, not “pseudo-files”), that have ever been patched or executed in the Oracle Applications installation.

AD_FILES

AD_FILES is the “files repository”. It contains information about the various files that have been patched in the Oracle Applications installation.
Some entries are “pseudo-files” and not real files, (eg. directories) in which case some of the columns are not applicable and would then hold the value “DUMMY”

AD_PATCH_DRIVER_LANGS

NLS patches (or more specifically, NLS patch drivers) pertain to a language or multiple languages. This table holds that language (or multiple languages).

AD_PATCH_DRIVER_MINIPKS

This table holds information about the various Mini Packs contained in a patch (driver)

AD_PATCH_RUN_BUG_ACTIONS holds the various actions present in “applied” bug (fix). If Autopatch determined not to apply a bug (fix), then this table will not hold any records for that “unapplied” bug fix.

AD_PATCH_RUN_BUG_ACTIONS

Even though a patch may have been applied on an Oracle Applications installation, some actions in some of its included bugs (fixes) may not have got executed if the “Autopatch” utility determined that it was not necessary to execute those actions. In such cases, EXECUTED_FLAG is set to N.

AD_PATCH_RUN_BUGS

This table holds information about the bugs fixed in a specific run of Autopatch.
AD_PATCH_RUN_BUGS holds information about the various bugs fixed in a specific run of Autopatch.

Even though a patch may have been applied on an Oracle Applications installation, some bugs (fixes) contained in it may not get applied due to some reason. In such cases, the REASON_NOT_APPLIED column holds the reason.

AD_PATCH_RUNS

AD_PATCH_RUNS holds information about the various invocations of Autopatch for applying Oracle Applications patches to a specific release of an Oracle Applications installation.

If multiple drivers are run in one invocation of Autopatch, they result in multiple records in this table. These multiple records will all have the same SESSION_ID (because they arose from one Autopatch invocation), but different TASK_NUMBER’s. The TASK_NUMBER’s in this case will be numbered sequentially as 1, 2, 3, etc.
Note that when the database driver of a Maintenance Pack is applied, it bumps up the release version by creating a new record in AD_RELEASES, which is then pointed to by the UPDATED_TO_RELEASE_ID column of the old record.

AD_RELEASES

AD_RELEASES holds the various Oracle Applications releases that an installation of Oracle Applications has gone through in its entire life cycle.

It should be noted that START_DATE_ACTIVE, END_DATE_ACTIVE and BASE_RELEASE_FLAG are loosely-maintained informational columns and are not accurately maintained, and therefore should not be relied upon heavily.

AD_PATCH_COMMON_ACTIONS

This table holds distinct information about the various actions that are (often repeatedly) performed by Autopatch as part of applying patches.

Hope this helps !!

References:

Metalink ETRM DIRECT ACCESS DOCUMENT 150230.1

Patching history of a file – adfhrept.sql

Published on by AdvaitLeave a comment

Oracle Apps 11i and E-Business Suite R12 provides a wonderful utility to get the history of any file applied through patches. When a patch it applied higher version file get implemented in application. This utility will give complete history about a file starting from the initial release till now and which patch has introduced which release at what date.

The file name is adfhrept.sql and is present under $AD_TOP/patch/115/sql

Following is the usage of file.

adfhrept.sql <filename>\

<latest file version only? (Y/N)> \
<start date(mm/dd/rr or ALL)> \
<end date (mm/dd/rr or ALL)> <patchtype/ALL> <language/ALL> \
<appltop/ALL>

<limit to forms server? (Y/N)> \
<limit to web server?(Y/N)> \
<limit to node server? (Y/N)> \
<limit to admin server?(Y/N)> \
<only patches that change DB? (Y/N)>

For example:

-bash-2.05b$ sqlplus apps/apps @adfhrept.sql adphst.odf N 12/01/00 12/31/08 ALL ALL ALL N N N N N

SQL*Plus: Release 8.0.6.0.0 – Production on Mon Jun 30 12:56:21 2008

(c) Copyright 1999 Oracle Corporation.  All rights reserved.

Connected to:
Oracle8i Enterprise Edition Release 8.1.7.4.0 – Production
With the Partitioning option
JServer Release 8.1.7.4.0 – Production

Writing data to report file adfilerep.xml…

Done writing data to report file adfilerep.xml

Note:
To view the XML report from browser
Copy file adfilerep.xml to OA_HTML top directory

Disconnected from Oracle8i Enterprise Edition Release 8.1.7.4.0 – Production
With the Partitioning option
JServer Release 8.1.7.4.0 – Production

This sql will create an XML file at the same location from where you are running this utility. You need to mode the XML file to OA_HTML where its corresponding XSLT file is present. You can then access this XML file using the URL: http://(hostname):(Apache port)/OA_HTML/adfilerep.xml

The output will looks like this.

Hope this helps !!

Reference:

Metalink Note ID: 162498.1