Friday, June 27, 2008

Oracle Names Server - version 9i

Few weeks back we had some requirement to change our existing version of Oracle Names server running on 8i to upgrade to latest. I thought of going to 10g, but unfortunately for me Oracle discontinue Oracle Names server in this release with LDAP. These I looked for 9i, but for that too I got mixed resonse, whether this version has Names server or not. But I got the answers after some good response in Oracle Forum from experts (Thanks to them). This was the official last release which carries Names Server and along with that it has LDAP too. So I got what I want, but how to do that, I mean how to install that: Here is How:

1. Run the Installaer and choose custom installation, as in standard ones you will not get Names Server.
2. Once the installation is done follow this link to configure it : http://download.oracle.com/docs/cd/B10501_01/network.920/a96580/namingcf.htm#506800
3. Start names server and either you can upload all information about you instances to connect via tnsnames.ora or individually add one entry, by netmgr > choose names server > select Manage data > add > enter details > execute.
4. Once you are done with above, just modify your client sqlnet.ora to use your names server.
NAMES.DIRECTORY_PATH=(ONAMES)
5. You can test your entry via namesctl command too like this :
NAMESCTL > QUERY alias a.smd
where alias is the name of the alias being used to connect with from the client application
6. Do a tnsping from client PC too.

Happy Troubleshooting !!!

Oracle Security Issue - DMZ

We come across a issue in our External Tier (which was outside Firewall) related to security. We were able to view some of the statis pages via playing around with external tier URL. Which is a serious security threat to our environment. After Looking at parameters in url_fw.conf and metalink we came across to following Profile values:
FND Function Validation Level
FND Validation Level
Framework Validation Level
There default value is "error", as per metalink note: 390203.1 we must not change them. Althought we were running on 11.5.9, but ATG patchset 4, that's why we have these values in our system and that saves us.

Happy Troubleshooting !!!

Wednesday, June 11, 2008

Some Tricks with unix command 'Tar'

Most of you might be aware of this very usefull command tar in unix. As per manual it has been read as " an archiving program designed to store and extract files from an archive file known as a tarfile". Here I am not going to give you syntax for this command. But how can you make it more useful in your day to day work. i.e Online compression of tar backup.

For online compress of files with gzip
tar cvf - * : gzip > file_name.tar.gz

For testing backup files
gunzip < file_name.tar.gz : tar tvf -

For extracting files from above compress
gunzip < file_name.tar.gz : tar xvf -

For Online extracting of files from compress tar file, this way no need to uncompress it
zcat file_name.tar.Z : tar xvf -

Make sure to replace colon ":" with pipe sign

Happy Troubleshooting !!!

ADDED OR REMOVED RESPONSIBILITY NOT DISPLAYING

While doing upgrade from 11.5.9 to 11.5.10.2 we encounter one issue. i.e. Whenever we add or modifying responsibility end date, it is not showing in responsibility LOV or at Framework Homepage. We have to bounce apache to resolve this issue. That shows we are having issue with Cache. It takes a while to resolve this issue but following notes worth reading it from metalink i.e 455194.1, which explain "Diagnosing database invalidation issues with Java Cache for eBusiness Suite" Following are the main points on which this note works :

In order to identify any issues, there are several steps to go through:-
1) Gather background information about the environment
Oracle Support need to have a good idea about your environment architecture in order to understand the problem fully.
2) Check latest Java Cache patches have been applied
Release 11i ATG RUP3 patchset was the first release where Java Caching became more noticeably used throughout eBiz. Since then there have been some issues fixed in various patches. It is strongly recommended to apply these patches to resolve the known issues
3) Confirm all eBiz nodes have been configured correctly
It is sometimes possible to misconstrue the required setup, particularly in complex architectures such as through firewalls. It is important to confirm the current setup to ensure all configuration is correct
4) Identify nature and scope of the issue
It may be that Java Caching and Database invalidation itself is functioning correctly, but just one or two specific components are not working. Each different type of data is stored in its own "Component Cache" within the Java Cache and has its own code to control it. For example, profile option changes may be working, but responsibility changes are not. It is important to understand which parts work (if any)
5) Gather additional data to help identify the failure point
Once all the basic checks have been done, the next level of investigation is to to enable detailed logging information. This level of detail does require patient and thorough review to be able to identify the failure point.

Unfortunately due to the complex nature of Java Caching, this may take several iterations of testing and data gathering before any firm conclusions can be reached.

Happy Troubleshooting !!!

10giAS SSO Integration issue with 11i -- Followup

Hope you remember our running issue of Administer Patner Application with 10g iAS - IDM version 10.1.4.0.1 with WNA. Oracle metalink note : 466930.1 describe this issue and Oracle has introduced Patch 5983637 which is nothing but 10.1.4.2.0 version of IDM. We are going to apply this patch soon.

Happy Troubleshooting !!!

Deleting Patner application in IDM version 10.1.4.0.1

We are running IDM version 10.1.4.0.1 with WNA (Kerberose) which has a bug which doesn't allow users to Administer Patner Application. To overcome this we left with no other option but to run ssoreg.sh.
We have to use following commands to delete Patner Application from SSO
ssoreg.sh -oracle_home_path $ORACLE_HOME
-site_name TEST
-config_mod_osso TRUE
-mod_osso_url https://hostname.domainname.com:8000
-update_mode DELETE
-config_file $ORACLE_HOME/Apache/Apache/conf/osso/osso-https.conf
-virtualhost

Once you are done with above step, its no done yet. You have to re register your SSO Apache URL with following command:
ssoreg.sh
-oracle_home_path $ORACLE_HOME
-site_name TEST
-config_mod_osso TRUE
-mod_osso_url https://hostname.domainname.com:8000
-config_file $ORACLE_HOME/Apache/Apache/conf/osso/osso-https.conf
-virtualhost

Run the command
$ORACLE_HOME/opmn/bin/opmnctl stopall
followed by
$ORACLE_HOME/opmn/bin/opmnctl startall

Once you are done with this you will be able to access your SSO URL.

Happy Troubleshooting !!!

Wednesday, June 4, 2008

Killing All processes at once

Yesterday we come across a situation where we have to kill all look-a-like processes at once, this is what we followed to get rid of it.
kill -9 `ps -ef : grep -i applmgr : grep -i 889 : grep -v grep : awk '{print $2}'`
ps -efw : grep -i applmgr : grep : grep -v grep : awk '{print "kill -9 "$2}'

Note: Kindly replace colon (:) with pipe sign
Happy Troubleshooting !!!