Leave a Comment:
33 comments
Can you have one eBusiness Suite instance linked to more than one OID/SSO instance. Looking to have internal users linked to SSO1/OID1, which delegates authentication to 3rd party LDAP and external (web) users authenticated by SSO2/OID2. Is this even possible?
ReplyYou can link multiple E-Business Suite instance to one OID/SSO.
I have not tried this but don’t see any issues in configuring one E-Business suite to multiple OID/SSO instance. I don’t understand requirement of such setup
Yes you can configure E-Business suite with OID/SSO and then configure OID/SSO to third party access management server like Oblix COREid or Netscape access manager with its own ldap server like iPlanet or AD
Replyyou site has very good ready to use material keep up the good work.
We have production database 11.5.10.2 we have integrated with SSO we are decommissioning it next month we have a large number of users in that database how can we backup the user definition and it in the new database.
and wil1 be have any issues in the SSO integration
ReplyHi Atul
We are implementing SSO with R12. while provisioning from OID to R12 , Additions and Deletes are getting propagated but updates in OID are not getting propagated to EBS.
When I disable a user in OID , it does not end date a user in FND_USER and same is with email address.
Any thoughts …..
ReplyThanks Atul for the response
Yes , Updates are included in the profile. I also see that events are being submitted succssfully in the logfiles. Here is the response from oracle
————————————–
If you simply disable the user from OID the account start and end date will not be updated, and users w
ith local access to the applications will not be affected.if on the other hand t
he user account is deleted from the Oracle Internet Directory the user will be e
nd-dated in Oracle E-Business Suite, in order to maintain an audit trail.
———————————————-
Please advise if that is the case. Any ideas how we can implement this
Thanks
ReplyDinesh,
Yes that’s true check page 77 of guide (You should login to metalink first to access this guide) https://metalink.oracle.com/metalink/plsql/docs/10g-Implementation.pdf
Soltion (Bit Tricky)
You can customize by creating workflow subscription (Check page 62 of above guide)
Hi all,
I need a document for SSO/OID installation.
for portal integration
thank you
lakshmi
Hi Guys
Iam Jaya Prakash, Iam having one query, i had cloned E-Buz from production to UAT Instance, with Deregistering OID server.
And when Am Tring to Integrating UAT E-Biz with UAT OID server, Iam Not able to Register
ReplyJaya,
What error message you are getting while registering UAT ebiz with UAT OID
Hi atul,
1)Iam having issue that My Production is integrated with SSO server,
2)My have done cloning from PROD to test without Deregistering SSO before cloning
3)Now Cloned Instance needs to Integrte with New SSO server
4)when I trying to Register cloned Instace to SSO server, In log file is showing PROD Information
Can Any one help to resolve this issue
Regards
Kumar
Hi,
You Can Remove the references instead of trying to deregister. check for syntax for removing references..
–Vivek
Hi Atul,
We wish to integrate Oracle Apps R12 (financials)just with OID 10g to ensure data synchronization.
For authentication, we will be dependent upon Oracle Apps’s default functionality and we do not need any third party access management sysetm.
Could you please guide me to get an document related to this scenario?
ReplyHi Atul,
We wish to integrate Oracle Apps R12 (financials)just with OID 10g to ensure data synchronization bothways.
For authentication, we will be dependent upon Oracle Apps’s default functionality and we do not need any third party access management sysetm.
1. Could you please guide me to get an document related to this scenario?
2. For this requirement of just user provisioining bothways, can we skip SSO?
Hi Atul,
We wish to integrate Oracle Apps R12 (financials)just with OID 10g to ensure data synchronization bothways.
For authentication, we will be dependent upon Oracle Apps’s default functionality and we do not need any third party access management sysetm.
1. Could you please guide me to get an document related to this scenario?
2. For this requirement of user provisioning bothways, can we skip with SSO?
@Ashish
1. Could you please guide me to get an document related to this scenario?
— http://onlineappsdba.com/index.php/2008/03/17/notesdocs-to-integrate-apps-11i-with-10g-as-portaloidsso/
— https://metalink.oracle.com/metalink/plsql/docs/10g-Implementation.pdf (Useful to understand concepts and valid for R12 as well)
— 376811.1 Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
2. For this requirement of just user provisioining bothways, can we skip SSO?
— Yes you can integrate just OID (and No SSO) – Get confirmation from support
— From Note 376811.1
$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registersso=no -registeroid=yes
ReplyHi Atul, Unfortunately the following document is not available. Could you please give me other link or suggest any other way to get the document.
https://metalink.oracle.com/metalink/plsql/docs/10g-Implementation.pdf
@ Ashish,
To access above doc , first login to Metalink and then in same browser type this URL (You should be able to access this Guide. I tried this and its accessible)
Atul
ReplyHi,
Please give me information regarding from where data flows into fnd_user table.
ReplyHi Atul
If I registered multiple EBS instances with single instance Of OID, How access across instances works. what I mean does OID has multiple entry for each user per instance?
TEST100 user created in LDAP synch to OID, and He is getting synch with all the registered EBS instances , since provision is from OID – FND_USERS.
BUT TEST100 should be able access only TEST and QA and not PROD instance ? How this works?
ReplyNo User will be only under single place which all registered EBS instances can use.
If you do not want two EBS instances to used by same user then register different OID.
So for Test & QA ebs use one OID and for PROD instance use second OID (Prod OID)
ReplyThanks for earlier reply one follow up question
I have following configuration
10g OSSO , 11g OID and EBD R12
1. 10g OSSO has separate host for database and web tier ( we call infrastructure host)
2. Actual LDAP services are unning on 11g OID
So When I run following
$FND_TOP/bin/txkrun.pl -script=SetSSOReg
What is first value do u provide ..
Hostname of Oracle Application Server Infrastructure database ?
Thanks
sanjay
@ Sanjay,
Use server details which hosts 10g OSSO schema for infrastructure host
Hi Atul,
we cloned an R12 production instance to test. During this process the Ebiz team forgot to deregister the earlier instance in test. After cloning they de-registered and registered. The sso is happening but there is an issue with OID. Below is the error we encountered while accessing. Please suggest how can we proceed.
Make sure that the Oracle Internet Directory Server specified in OIDhost, OIDsslport is up and running.
Base Exception : oracle.ias.repository.schema.SchemaException:
Unable to Create orclApplicationCommonName=zion,cn=Ebiz,cn=Products,cn=OracleContext,dc=test,dc=com in Oracle Internet Directory Server
ldap://new.test.com:10938/. Base Exception : oracle.ias.repository.schema.SchemaException: Unable to save Attribute for the cn=OracleDASCreateUser, cn=Groups,cn=OracleContext in Oracle Internet Directory Server ldap://new.test.com:10938/. Base Exception : javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 – Constraint Violation]; remaining name ‘cn=OracleDASCreateUser, cn=Groups,cn=OracleContext’
Regards,
vijay.
Can users be maintained when taking a clone for EBS 11i? I have always been told that while a download of fnd_users in the target can be taken pre-clone and then uploaded post-clone, that the per tables can not be maintained due to their tree structure. Is that accurate? If the HR tables can be maintained, then couldn’t the person_party_id be maintained which allow the user to be linked to a person record post clone? Every time I request to maintain users, I receive fnd_users that are not assigned (or linked) to person records. There must be a way to maintain the per tables. The user is rendered useless in the app without the person linkage.
Thoughts?
ReplyHello Atul,
We have a situation to pull in the data into our Datawarehouse from both R12 and 11i instances for BI/ Reporting. While 11i instances contain the historical data, R12 after Conversion will contain a last one year data, we are using ODI for integration. How do we load the same target warehouse with data from the 11i instances and 12 both? ( While the adapters provided to us in ODI for 11i and 12).
Is this a good approach ?
Thanks
Mitra
http://www.oracle.com/technetwork/middleware/id-mgmt/overview/oracleaccessmanagement-faq-1708096.pdf
Reply