Installation of OID/OAM/OHS and integration with Oracle E-Business Suite (R12) for Single Sign-On (SSO) is covered in eBook . You can purchase this eBook online using Paypal or Credit Card
This post covers issue encountered during EBS logon using Oracle Access Manager (OAM) as Single Sign-On Engine.
Issue: User trying to access EBS (integrated with OAM for SSO) is re-directed to login page (deployed on EBS AccessGate) . On typing username password, user is redirected to EBS page with message “Your Oracle E-Business Suite Account has not been linked with the Single Sign-On Account that you just entered. Please enter your Oracle E-Business Suite information.”
First understand how SSO user (user stored in OID) is linked to EBS User (FND_USER).
1. Oracle Access Manager (OAM) by default validates username/password against weblogic’s embedded LDAP server. During EBS integration you point OAM to OID for username password validation. To change OAM 126.96.36.199 identity store to OID click here and for OAM 188.8.131.52 to OID integration steps click here
2. OID contains username/password and also referred as SSO user or SSO Account.
3. Users are synced between OID and EBS (FND_USER and optionally HR & TCA account) either using DIP or OIM (EBS UM connector). More on Oracle EBS integration with OIM using EBS-UM connector later
4. User in EBS is linked with OID using value in column USER_GUID from table FND_USER in EBS with attribute ORCLGUID in OID.
5. If for any user
i) USER_NAME in FND_USER table matches with UID attribute in OID
ii) USER_GUID is NULL in FND_USER for this user
iii) EBS Profile Option Applications SSO User Auto Link is set to enbaled
then EBS AccessGate will update USER_GUID (in FND_USER table) from ORCLGUID value retrieved from OID. This process is called Auto Linking of EBS user with OID.
Coming back to our issue – After OAM Logon user is redirected to EBS page with message “Your Oracle E-Business Suite Account has not been linked with the Single Sign-On Account that you just entered. Please enter your Oracle E-Business Suite information” could occur in following cases:
1. There is no user in EBS with USER_GUID (in FND_USER table) value same as ORCGUID in OID, and EBS Profile Option Applications SSO User Auto Link is set to blank or disabled (auto link is disabled)
2. EBS Profile Option Applications SSO User Auto Link is set to enabled but there is no user in EBS with USER_NAME (in FND_USER table) value same as UID attribute in OID. This means user is not synced from OID to EBS.
3. There is user in EBS with USER_GUID (in FND_USER table) value same as ORCGUID in OID but user is end dated in EBS (END_DATE in FND_USER table) – In this case you should see message “Error Occurred” after typing username/password in EBSAccessGate logon page.
eBook E-Business Suite (R12) integration with OID/OAM for Single Sign-On contains
- Installation and configuration of OID/DIP/OAM/OHS 184.108.40.206
- Integration of OAM with OID to authenticate users against OID
- Integration of EBS with OID for user synchronization between OID and EBS using DIP
- Deployment of EBS AccessGate
- Configuring required profile options in EBS for SSO
Related Posts for Apps SSO/OID Integration
- 25 Things Apps DBA should know for Apps 11i/R12 Integration with OID/SSO
- Questions for Oracle Apps 11i & R12 Integration with 10g AS/SSO
- Oracle Single Sign-On Server for Apps DBA
- Clone Apps 11i/R12/12i integrated with SSO
- Notes/Docs to integrate Apps 11i with 10g AS Portal/OID/SSO
- Migrate Users to/from OID and Oracle Apps 11i/R12
- User created in Apps 11i/R12/12i not sync to OID
- Apps 11i/R12/12i Registration/Deregistration with OID/SSO : internals
- Error while running SSO registration on 11i : txkrun.pl -script=SetSSOReg
- How to Deregister SSO/OID from Oracle Apps 11i/R12/12i
- Error adding new User (11i) – unable to call fnd_ldap _wrapper .create_user
- Unable to call fnd_ldap_wrapper . create_user / update_user ORA-20001
- Oracle Access Manager 11g is now certified with E-Business Suite (Apps) R12
- Integrate Oracle Apps (E-Business Suite) R12 with Oracle Access Manager (OAM) 11g for SSO
- EBusiness Suite (Apps R12) integration with OAM 11g : inter component communication and Ports to open in FireWall
- 10g WebGate Installation with OAM 11g : Access Server ID, Port and WebGate ID
- EBS R12 integration with WebCenter – Error retrieving WSDL at URL OA_HTML/ portlets/ WSRPBaseService?WSDL
- Integrate E-Business Suite with Oracle WebCenter (220.127.116.11) using OID and OAM (11g) as SSO
- EBS R12 integrated with SSO (OAM/OSSO) prompting for username / password again : Your Oracle E-Business Suite account has not been linked
- EBS OAM integration : Logout should re-direct to different URL
- Presenting at #UKOUG_APPS14 (8th Dec Monday 4:30 PM) : EBS integration with Identity Management