Upgrade OID 11.1.1.7 to 11.1.1.9

Download Patch : 20995629

Backup Oracle home
tar -cvf OracleIDM1_backup.tar Oracle_IDM1

Backup OID instance
tar -cvf oid_inst1_backup.tar oid_inst1

Install patch 20995629
Execute from Disk1 ./runInstaller

clip_image001

clip_image002

clip_image003

clip_image004

clip_image005

clip_image006

clip_image007

clip_image008

clip_image009

clip_image010

clip_image011

Upgrade database schema using patch set assistant

clip_image002

clip_image004

clip_image006

clip_image008

image

clip_image012

clip_image014

clip_image016

clip_image018

 

Verify the upgrade
Check Binaries: Execute $ORACLE_HOME/OPatch/opatch lsinventory
Check Schema: select comp_name,owner,version from schema_version_registry where owner = ‘ODS’;

Reset The Last Applied Change Number in a Provisioning Profile

Issue faced
EBS provisioning profile trying to retrieve number of changes are more than size limit. Time to search all changes taken more than 3600ms i.e maximum time allowed for a search to complete.

image

You can check above configuration from enterprise manager or check “orcltimelimit “ “orclsizelimit” in cn=oid,cn=osdldapd,cn=subconfigsubentry

Verification

ldapsearch -h <hostname> -p <port> -D cn=orcladmin -w xxxxxx -b “” -s base “objectclass=*” lastchangenumber

ldapsearch -h <hostname> -p <port> -D cn=orcladmin -w xxxxxx -b “cn=provisioning profiles,cn=changelog subscriber,cn=oracle internet directory” -s sub objectclass=* | grep orcllastappliedchangenumber

lastchangenumber – orcllastappliedchangenumber > Maximum number of entries to be returned by search

Solution

Reset the last applied change number in provisioning profile.

oidprovtool operation=modify ldap_host=”<hostname>” ldap_port=”<port>” \
ldap_user_dn=”cn=orcladmin” ldap_user_password=”xxxx” application_dn= \
“orclApplicationCommonName=PROD,cn=EBusiness,cn=Products,cn=OracleContext,dc=domain”\
lastchangenumber=”XXXX”

At prompt, enter following details
Interface Connection information –> <Apps_DB_host>:<Apps_DB_Port>:<Apps_SID>:<Apps_schema_user>:<apps_password>

Weblogic Security Realm WLST import and export

Export
$DOMAIN_HOME/bin/setDomainEnv.sh
java weblogic.WLST
connect(‘weblogic’,’weblogic’, ‘t3://adminhostname:7001’)
domainRuntime()
cd(‘/DomainServices/DomainRuntimeService/DomainConfiguration/IDMDomain/SecurityConfiguration/IDMDomain/DefaultRealm/myrealm/AuthenticationProviders/DefaultAuthenticator’)
cmo.exportData(‘DefaultAtn’,’/u01/export/export.ldif’, Properties())

 

Import
$DOMAIN_HOME/bin/setDomainEnv.sh
java weblogic.WLST
connect(‘weblogic’,’weblogic’, ‘t3://adminhostname:7001’)
domainRuntime()
cd(‘/DomainServices/DomainRuntimeService/DomainConfiguration/IDMDomain/SecurityConfiguration/IDMDomain/DefaultRealm/myrealm/AuthenticationProviders/DefaultAuthenticator’)
cmo.importData(‘DefaultAtn’,’/u01/export/import.ldif’, Properties())

EBS–OAM Integration: Webgate allowed access to protected page GUID=null

When a user attempts to login to Oracle E-Business Suite, after entering their credentials the following error is displayed in the browser:
Internal Error: Webgate allowed access to protected page GUID=null

or

When testing response headers in step 4.4.3 a null value is returned for USER_ORCLGUID, instead of a valid value

Bug 19438948

As a workaround specify ‘orclguid’ as a ‘Prefetched Attribute’ in Oracle Access Manager:
Logon to the OAM Console:
http://<oamserver&gt;.<domain>:<adminport>/oamconsole
Click ‘User Identity Stores’ (in the ‘Configuration’ section) > select the Identity Store with a type of ‘OID’ (e.g. ‘EBSIdStore’ or ‘OIDIdentityStore’) in the ‘OAM ID Stores’ table >
Click ‘Edit’ > Enter orclguid in the ‘Prefetched Attributes’ field and click ‘Apply’ to save

ldapsearch with LDIF Files

Search for the existence of a list of userids that will be in the file

# ldapsearch -h hostname -p port -f filename.txt -D “cn=orcladmin” -w “password” -s sub -b “base_dn” “(uid=%s)”

where filename.txt contains userids
testuser1
testuser2

The lines in filename.txt are read one by one, and the value found is inserted where %s is in the search filter.

ldapsearch with LDIF Files

Search for the existence of a list of userids that will be in the file

# ldapsearch -h hostname -p port -f filename.txt -D “cn=orcladmin” -w “password” -s sub -b “base_dn” “(uid=%s)”

where filename.txt contains userids
testuser1
testuser2

The lines in filename.txt are read one by one, and the value found is inserted where %s is in the search filter.