Wednesday, March 28, 2012

Oracle EBS R12 – Rapid Cloning

1.      Copy the source system (PROD) to the target (TEST) system

First, the full file system backup (The TAR files) of the Oracle EBS production system should be copied to the test server. Then TAR files should be extracted to the location/mount point where required space available.


2.      Recreate the Symbolic Links of the target (TEST) system

The symbolic links libclntsh.so.10.1 in [RDBMS ORACLE_HOME]/lib and [RDBMS ORACLE_HOME]/lib32 folders should be pointing to the file libclntsh.so in same folder. If the symbolic link libclntsh.so.10.1 NOT points to the correct path of the file libclntsh.so, the symbolic link libclntsh.so.10.1 should be deleted and recreated by using following commands.

[root@oracle lib]$ rm libclntsh.so.10.1

[root@oracle lib]$ ln -s [RDBMS ORACLE_HOME]/lib/libclntsh.so  libclntsh.so.10.1

[root@oracle lib32]$ rm libclntsh.so.10.1

[root@oracle lib32]$ ln -s [RDBMS ORACLE_HOME]/lib32/libclntsh.so  libclntsh.so.10.1

Note: If the symbolic links are pointing to the correct path please IGNORE this step.

3.      Create a new OS User, Set User Ownership and Permissions for the entire file system

A new OS user should be created on the test server and the user should be added to the dba group.

[root@oracle /]$ useradd -g dba -d /home/oracle -m oracle

Then the entire file system should be given the permission and ownership should be set for the above user.

[root@oracle TEST]$ chmod –R 777 apps inst db

[root@oracle TEST]$ chown –R oracle:dba apps inst db

4.      Configure(Clone) the target(TEST) system

After completing above steps, now the target file system is ready to configure (clone) as a new test system. First the TEST system database should be cloned and then the TEST system application should be cloned. These cloning commands should be executed through the new OS user created (ORACLE).

First move to the below path and execute the following command to start the Database Tier Cloning.

[oracle@oracle TEST]$ cd [RDBMS ORACLE_HOME]/appsutil/clone/bin

[oracle@oracle bin]$   perl adcfgclone.pl dbTier

*** Example [RDBMS ORACLE_HOME] would be /u01/finsys/db/tech_st/11.1.0.

Then move to the below path and execute the following command to start the Application Tier Cloning.

[oracle@oracle TEST]$ cd [COMMON_TOP]/clone/bin
[oracle@oracle bin]$   perl adcfgclone.pl appsTier

*** Example [COMMON_TOP] would be /u01/finsys/apps/apps_st/comn


Following metalink documents could be referenced to get more information on Oracle EBS R12 cloning.
Cloning Oracle Applications Release 12 with Rapid Clone [ID 406982.1]
Using AutoConfig to Manage System Configurations in Oracle E-Business Suite Release 12 [ID 387859.1]
RC-20200: Fatal: Could not find Unzip. At this time only Native UnZip 5.X is supported (Doc ID 1410514.1)
Posted by at 11 comments:

Thursday, March 15, 2012

Usage of FNDCPASS Utility


FNDCPASS <APPS username>/<APPS password> 0 Y <SYSTEM username>/<SYSTEM password> <token> <username> <new_password>

Following are the FNDCPASS Utility options that could be used with different <token>.

1. Change the APPS and APPLSYS schema password

The SYSTEM token is used when changing the APPLSYS password.

FNDCPASS <logon> 0 Y <system/password> SYSTEM <username> <new_password>
FNDCPASS apps/apps 0 Y system/manager SYSTEM APPLSYS WELCOME

2. Change an Oracle Applications schema password (other than APPS/APPLSYS)

The ORACLE token is used when changing a SINGLE Applications schema password.

FNDCPASS <logon> 0 Y <system/password> ORACLE <username> <new_password>
FNDCPASS apps/apps 0 Y system/manager ORACLE GL GL1

3. Change all ORACLE schema passwords

The ALLORACLE token is used when changing ALL Applications schema passwords.

FNDCPASS <logon> 0 Y <system/password> ALLORACLE <new_password>
FNDCPASS apps/apps 0 Y system/manager ALLORACLE WELCOME

4. Change an Oracle Applications user's password

The USER token is used when changing an Applications USER password.

FNDCPASS <logon> 0 Y <system/password> USER <username> <new_password>
FNDCPASS apps/apps 0 Y system/manager USER VISION WELCOME


Important : Oracle Applications system should be shut down before changing any schema passwords. Also FND_USER and FND_ORACLE_USERID tables should be backed up before changing any passwords.

Refer My Oracle Support Document for more information.

ID 437260.1 - How to Change Applications Passwords using Applications Schema Password Change Utility (FNDCPASS or AFPASSWD)
Posted by at No comments:

Monday, March 12, 2012

Profiles and Password Verify Function - Oracle 11g

Verify Function is a quick and easy way to enforce quality of database passwords—for example, they should contain a certain number of characters, should not be identical to the username, and so on.

In Oracle Database 11g, verify_fnction_11g function could be found on password verification file utlpwdmg.sql in $ORACLE_HOME/rdbms/admin.

At the end of the script following lines are available.

ALTER PROFILE DEFAULT LIMIT
PASSWORD_LIFE_TIME 180
PASSWORD_GRACE_TIME 7
PASSWORD_REUSE_TIME UNLIMITED
PASSWORD_REUSE_MAX UNLIMITED
FAILED_LOGIN_ATTEMPTS 10
PASSWORD_LOCK_TIME 1
PASSWORD_VERIFY_FUNCTION verify_function_11G;

By executing this script utlpwdmg.sql, it will attach the function to the profile DEFAULT, which is the default profile for all users.

Following query can be used to check the profile of the all users.

SELECT * FROM DBA_PROFILES WHERE PROFILE = 'DEFAULT'

Following query can be used to check the users who have the DEFAULT profile assigned.

SELECT USERNAME, PROFILE FROM DBA_USERS


 -----------------------------------------------------------------------------------------------------------------

Parameter Default Setting Description
SEC_CASE_SENSITIVE_LOGON TRUE Controls case sensitivity in passwords. TRUE enables case sensitivity; FALSE disables it.
SEC_MAX_FAILED_LOGIN_ATTEMPTS No default setting Sets the maximum number of times a user is allowed to fail when connecting to an Oracle Call Interface (OCI) application.
FAILED_LOGIN_ATTEMPTS 10 Sets the maximum times a user login is allowed to fail before locking the account.
Note: You also can set limits on the number of times an unauthorized user (possibly an intruder) attempts to log in to Oracle Call Interface applications by using the SEC_MAX_FAILED_LOGIN_ATTEMPTS initialization parameter.
PASSWORD_GRACE_TIME 7 Sets the number of days that a user has to change his or her password before it expires.
PASSWORD_LIFE_TIME 180 Sets the number of days the user can use his or her current password.
PASSWORD_LOCK_TIME 1 Sets the number of days an account will be locked after the specified number of consecutive failed login attempts.
PASSWORD_REUSE_MAX UNLIMITED Sets the number of password changes required before the current password can be reused.
PASSWORD_REUSE_TIME UNLIMITED Sets the number of days before which a password cannot be reused.
Posted by at 10 comments:
Subscribe to: Posts (Atom)