Apps 11i/R12/12i Registration/Deregistration with OID/SSO : internals
Q. If you have multiple nodes with multiple URL’s (intapps.com , extapps.com..) in apps (11i/R12), how many times you have to run OID/SSO Registration Process ?
Q. In which table (in Apps), Single Sign-On URL’s are stored ?
Q. In which table (in SSO), all partner applications (including apps stored) ?
Q. Where is OID, apps 11i/R12 details are stored (which tree) ?
Q. If you change apps password in Apps (11i/R12) instance integrated with OID & SSO what additional steps you need to follow ?
Q. How to clone Apps (11i/R12) instance integrated with OID & SSO ?
Well if you looking for answer to these and many more interesting questions have a look at four days Apps 11i integration with 10gAS (OID/SSO/Portal) training here
Q. Which script to use for manual OID/SSO registration/deregistration with Apps 11i ?
txkrun.pl -script=SetSSOReg where txkrun.pl is in $FND_TOP/bin
Q. What are other important files being called from txkrun.pl ?
$FND_TOP/patch/115/bin/txkSetSSOReg.pl
$AU_TOP/perl/TXK/advconfig/OID.pm
$AU_TOP/perl/TXK/advconfig/SSO.pm
Q. Where are registration/deregistration related logs stored ?
1. $APPLRGF/sso/ where $APPLRGF defaults to $COMMON_TOP/rgf/$CONTEXT_NAME
or
2. $COMMON_TOP/rgf/$CONTEXT_NAME/sso(Above two location are same)
txkSetSSOReg_$day_$Mon_$DD_$timestamp.log – Apps to SSO/OID registration/ deregistration log file
.
What happens when you run “txkrun.pl -script=SetSSOReg” ?
Above script is to register Apps with OID & SSO using default template file. Here are steps in background
Validation Phase – Above script
i) Checks if script can connect to orasso schema in SSO Repository using
“java oracle.apps.fnd.txk.TXKTestJDBCConn”
ii) Checks if script can connect to apps schema in apps (11i/R12) Repository using
“java oracle.apps.fnd.txk.TXKTestJDBCConn”
iii) Extract & Validate “Apps Framework Agent” Value from database at all level (Site, Server, User)
iv) Create and load “SSOSDK” schema in Apps Database
v) Extracts ssosdk_902.zip into $APPLRGF/sso/sso/902sdk
vi) Checks if any application URL (from step iii) is already registered (If not go to step vii)
If it finds any application URL (from step iii) already registered with SSO, registration script will fail with error “This partner application is already registered” (Common issue in reregistration after cloning)
Fix : is to deregister application URL from SSO using
“txkrun.pl -script=SetSSOReg -deregister=Yes”
“txkrun.pl -script=SetSSOReg -removereferences=Yes”
vii) does OID validation like,
Is template file available ?
Can script bind to ldap (OID) server?
Can orcladmin modify entry in OID ?
Validates AppsName is correct with valid character ?
Validates apps password is correct ?
Checks that application name is not already registered in OID ?
.
Execution Phase – Above script
viii) If validation for SSO and OID is successful then script start with SSO registration using
“java oracle.security.sso.enabler.SSORegistrar -mode ADD -ssoc …”
Register all Apps URL stored in “Apps Framework Agent” (at Site, Server, User, Responsibility level)
ix) Register Apps in OID by adding apps container under
cn=EBusiness, cn=Products, cn=OracleContext, $your_default_realm_in_OID
x) Create ldif file of format $APPLRGF/ AppsOIDRegistration_$Day$dd_$timestamp.ldif using template file $FND_TOP/ admin/ template/ XXXXRegistration.tmp
xi) Load ldif file (in above step) & provisioning profile ldif file in to OID using ldapmodify
Finally you should see output like “End of $FND_TOP/patch/115/bin/txkSetSSOReg.pl No Errors encountered”
.
What happens when you run “txkrun.pl -script=SetSSOReg -deregister=Yes” ?
Above script is to deregister SSO & OID from Apps & 10g AS Infrastructure Tier. Here are steps in background
SSO validation phase – Above script
i) Checks if ssosdk schema exists
ii) Checks if script can connect to orasso schema in SSO database
iii) Checks if script can connect to apps schema in apps database
OID Validation Phase – Above script
iv) Checks if script can bind to LDAP (OID) server using SSL OID port
v) Validates orcladmin password in OID using ldapbind
vi) Checks if orcladmin account can delete entry in OID (not actually deleting any entry)
vii) Validates Apps Name, Service Name, Instance Password and ACCOUNTS from OID
SSO deregistration Phase – Above script
viii) Extract ssosdk_902.zipinto $APPLRGF/sso/sso/902sdk
ix) Checks if any partner application (Apps Framework Agent) already registered
x) Removes entry (partner application related to apps ) from SSO (SSOSDK in 11i & ORASSO in SSO Server) using “java oracle.security.sso.enabler.SSORegistrar -mode REMOVE…..”
.
OID Deregistration Phase – Above script
xi) Checks provisioning profile which are candidate for deregistration and create LDIF file of type $APPLRGF/ sso/ RemoveGUID_$GUID_$Day$dd_$timestamp.ldif using template file $FND_TOP/admin/template/ProvDeRegistration.tmp
xii) Runs ldapdelete using above ldif file to delete any provisioning profile from OID
xiii) Creates ldif file of format DeRegistration_$Day$dd_$timestamp.ldif to list application to deregister from OID and then run ldapdelete to delete application (11i/r12) from OID