Professional Documents
Culture Documents
Page 1 of 42
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On [ID
376811.1]
Modified 04-FEB-2010
Type HOWTO
Status PUBLISHED
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
January 2010
This document contains information for integrating Oracle Application Server 10g Enterprise Edition with Oracle E-Business Suite release 12. You should
read and understand all content described here before you begin your installation.
The most current version of this document can be obtained in Metalink Note 376811.1
There is a change log at the end of this document.
Section 1: Overview
Section 2: Features and Supported Architectures
Section 3: Components and Build Versions
Section 4: Before You Begin
Section 5: Pre-Install Tasks
Section 6: Implement Oracle Single Sign-On Support for the E-Business Suite
Section 7: Available Documentation
Appendix A: Advanced Configuration - Manual OSSO/OID Registration
Appendix B: Product-Specific OSSO Exceptions
Appendix C: Known Issues
Conventions
Convention
Meaning
Represents 'line continuation character'. It can be used to to break command (in UNIX) into
two or more lines.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
[ ] or { }
Directory Paths
Directory paths in this document are relative to the top level installation directory for the Oracle
E-Business Suite. e.g. if you installed the Oracle E-Business Suite under a directory
named /my/appsinstall then [iAS_ORACLE_HOME]/Apache in this document will mean the
fully qualified path: /my/appsinstall/apps/tech_st/10.1.3/Apache.
Page 2 of 42
Full path to the Applications context file on the application tier or database tier. The default
locations are as follows.
CONTEXT_FILE
CONTEXT_NAME
The CONTEXT_NAME variable specifies the name of the Applications context that is used by
AutoConfig. The default is [SID]_[hostname]. To find exact value of your instance
CONTEXT_NAME you can refer variable s_contextname in Application tier context file.
Directory Location
[DB_ORACLE_HOME]
[ORIGINAL_ORACLE_BASE]
This is the directory under which the HTTP ORACLE_HOME and the 10.1.2
technology stack ORACLE_HOME is installed. The default location for this
directory is [top level apps install directory]/apps/tech_st
[ORAHTTP_TOP]
The directory where your HTTP Server is installed. The default location is
[HTTP_ORACLE_HOME]/Apache
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
[HTTP_ORACLE_HOME]
AS 10.1.2 ORACLE_HOME
AS 10.1.3 ORACLE_HOME
Page 3 of 42
Advisory for E-Business Suite Customers using Oracle Application Server 10g
Oracle recommends that customers apply only OracleAS 10g Enterprise Edition releases and patches that have been certified with the E-Business Suite
Release 12, as documented in the following Metalink Notes:
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and OracleAS Single Sign-On (Note 376811.1)
Using Discoverer 10.1.2 with Oracle E-Business Suite Release 12 (Note 373634.1)
Enabling SSL in Oracle E-Business Suite Release 12 (Note 376700.1)
Using Oracle Portal 10g with Oracle E-Business Suite Release 12 (Note 380484.1)
Installing and Configuring Web Cache 10g and Oracle E-Business Suite 12 (380486.1)
There may be specific circumstances where it is necessary for E-Business Suite customers to apply uncertified OracleAS 10g Enterprise Edition one-offs,
patchsets, or MLRs. Oracle strongly recommends applying such patches only if the circumstances clearly demand it. Customers apply uncertified
OracleAS 10g Enterprise Edition patches at their own risk, and Oracle strongly recommends that customers take complete backups of their OracleAS 10g
+ E-Business Suite integrated environments prior to patch application.
E-Business Suite customers may verify the certification status of specific OracleAS 10g Enterprise Edition patches by logging Service Requests via Oracle
Metalink using the following information:
Section 1: Overview
This document contains information for integrating Oracle Application Server 10g Enterprise Edition with the E-Business Suite. Benefits of this
configuration include E-Business Suite support for the following services running on servers external to the E-Business Suite environment:
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 4 of 42
On one or more standalone servers external to the existing Oracle E-Business Suite Release 12 environment.
In separate ORACLE_HOMEs on existing servers
In the existing Oracle E-Business Suite Release 12 Oracle Application Server 10g 10.1.2 ORACLE_HOME for Forms and Reports
In the existing Oracle E-Business Suite Release 12 Oracle Application Server 10g 10.1.3 ORACLE_HOME for Web and Java services
For more information about E-Business Suite Release 12 architectures, see Oracle Applications Concepts, Release 12 (Part No. B31450-01).
1. Install Oracle Application Server 10g Enterprise Edition on a standalone server or in a separate ORACLE_HOMEs on an existing server.
2. Install interoperability patches to integrate the Oracle Application Server 10g Enterprise Edition server with the E-Business Suite environment.
3. Synchronize user information between the Oracle Application Server 10g Enterprise Edition server and the E-Business Suite environment.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 5 of 42
As a partner application, the E-Business Suite also supports Single Sign-Off. Release 12 users can simultaneously terminate a Oracle Single Sign-On
session and log out of all active partner applications by logging out of a single partner application. Selecting Logout in a partner application returns users to
the Single Sign-Off page, where logout occurs
OSSO
External third-party access manager (e.g. Windows Native Authentication)
Native E-Business Suite combined with one of the above
Combination of the above
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 6 of 42
A. OID
B. External third-party user repository (e.g. Microsoft Active Directory)
C. Combination of the above
Note: FND_USER may not be used as the exclusive authentication source when Release 12 is integrated
with Oracle Application Server 10g Enterprise Edition.
For more detailed explanation, See Oracle Application System Administrator's Guide-Security, Release 12 (Part No. B3145103).
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 7 of 42
Release
12.0.x to 12.1.x
10.1.2
10.1.3
10.1.2
Release
10.1.4.3.0
10.1.4.3.0
10.1.4.2.0
10.1.2.3.0
10.1.2.3.0
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 8 of 42
Pre-Install Task 1: Install Oracle Remote Diagnostic Agent for E-Business Suite (optional)
Pre-Install Task 1, Step 1: Install Oracle Remote Diagnostic Agent
The Oracle Remote Diagnostic Agent may optionally be installed in your E-Business Suite environment to streamline the process of
gathering diagnostic information when filing Service Requests (SR's) with Oracle Support. If you plan to enable Oracle Single Sign-On for
multiple E-Business Suite instances, then each instance must have the Oracle Remote Diagnostic Agent installed.
Obtain Note 314422.1 Oracle Remote Diagnostic Agent (RDA) from Oracle MetaLink. Download and install the appropriate version of the
Oracle Remote Diagnostic Agent for your operating system platform.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 9 of 42
Obtain the CD Pack for Oracle Application Server 10g Enterprise Edition for your operating system platform.
Oracle Application Server 10g (10.1.4.0.1) provides a comprehensive Identity and Access Management solution. To enable Oracle
Single Sign-On Support for E-Business suite Release 12, one need to select 'Oracle Application Server Infrastructure 10g' as a
product during Install
The Oracle Application Server 10g application server installation and the Oracle Application Server 10g Infrastructure may reside on a
single host or on separate hosts
The Oracle Application Server 10g application server installation and the Oracle Application Server 10g Infrastructure must be in
separate ORACLE_HOMEs
The Oracle Application Server 10g Infrastructure must not be installed in the Oracle E-Business Suite Release 12 database. For more
details, see Oracle MetaLink Note 251627.1, Installing an OracleAS Metadata Repository with an Oracle E-Business Suite Database.
The application server installation and the infrastructure must not be installed in the ORACLE_HOME of an existing Oracle EBusiness Suite Release 12 application-tier server node
This is not a comprehensive list of architectural requirements for Oracle Application Server 10g Enterprise Edition. Review the
documentation and release notes for your operating system platform for additional details.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 10 of 42
Identity Management components like Oracle Internet Directory, Oracle Single Sign-On, and Delegated Administration Services, and
may be installed at the same time as the "Metadata Repository"
Pre-Install Task 3:Upgrade OracleAS 10g Infrastructure (10.1.2.0.2) to Oracle Identity Management 10g (10.1.4.0.1)
Pre-Install Task 3, Step 1:
Before starting your upgrade, make a complete backup of your environment. In particular, ensure that you have backed up the Oracle
Application Server 10g, the Oracle Application Server 10g infrastructure, and the inventory location.
If you have an existing OracleAS 10.1.2.0.2 Infrastructure, upgrade it to Oracle Identity Management 10g (10.1.4.0.1) referring
'Upgrade and Compatibility Guide' for your operating system platform. Refer 'Chapter 3: Understanding Version Compatibility' in
particular, to identify existing Oracle Homes to upgrade.
Keep existing 10.1.2.0.2 Middle-Tier Instance(s) as it is. They will continue to function as normal with Oracle Identity Management 10g
(10.1.4.0.1)
No additional steps are required to refresh existing OSSO, OID, Portal and/or Discoverer registrations performed with E-Business
suite Release 12 using previous versions. These will be preserved and will continue to function as normal after upgrade to 10.1.4.0.1.
Certified AS Patchset
Download Location
5983637
7215628
Oracle Application Server and Oracle Developer Suite 10g Release 2 (10.1.2) Patch Set 2 (10.1.2.2.0)
4960210
Oracle Application Server and Oracle Developer Suite 10g Release 2 (10.1.2) Patch Set 3 (10.1.2.3.0)
5983622
On
de
Follow the installation instructions provided in the patch README to install the patch on your Identity Management Server and to check
supported operating systems.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 11 of 42
Oracle always recommends latest certified AS patchset for E-Business Suite customers.
Section 6: Implement Oracle Single Sign-On Support For the E-Business Suite
OSSO Task 1: Install E-Business Suite OSSO 10g Integration Patch
The E-Business Suite Release 12 Rapid Install includes all patches required for integration with Oracle Single Sign-On and Oracle Internet Directory 10g.
No additional patches are required.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 12 of 42
Note: If you are integrating Oracle 10gAS OSSO/OID with AIX based Oracle E-Business Suite Release 12, then OID registration will fail with following
error. Apply patch 5855635 to AS 10.1.3 ORACLE_HOME of Release 12. See known issue section and patch readme for more details.
java.lang.UnsatisfiedLinkError: jmisc (A file or directory in the path name does not exist.)
OSSO Task 2: Configure Oracle Identity Management 10g (10.1.4.x) Components with E-Business Suite
Note: See Oracle Applications System Administrator's Guide - Security, Release 12 (Part No. B31451-03) , which provides various scenarios for
synchronizing user information between Oracle E-Business Suite and Oracle Internet Directory.
The following steps create a default configuration employing bidirectional synchronization of user information between Oracle Internet Directory and
the E-Business Suite. This default configuration meets the majority of customer requirements, but before proceeding further, you should review Oracle
Applications System Administrator's Guide - Security, Release 12 (Part No. B31451-03) to evaluate whether an alternate configuration better meets
your needs. If so, you may elect to perform a manual configuration, as detailed in Appendix A.
If you need to use different settings, please refer to Appendix A: Advanced Configuration - Manual OSSO/OID Registration
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 13 of 42
Parameter Description
Example
Comments
Hostname of Oracle
Application Server
Infrastructure database
{mandatory}
alpha.company.com
389
[password]
Password of Oracle
Internet Directory admin
user, "orcladmin
{mandatory}
welcome123
No comment needed.
welcome123
No comment needed.
orcladmin
apps name
s_contextname
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
11
12
12
svcname
Provisiontype
ldaphost
dbldapauthlevel
s_contextname
beta.company.com
13
dbwalletdir
FND_DB_WALLET_DIR
14
dbwalletpass
[password]
15
rdbmsdn
Page 14 of 42
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 15 of 42
Check that the environment variable TWO_TASK (or LOCAL on Windows) is set correctly, by executing the command
sqlplus [apps user]/[apps password]@[two_task or local]
This will confirm that you are able to connect to the E-Business Suite database.
Execute the following command if you want to use the default (simple) registration, but with a different provisioning type:
$FND_TOP/bin/txkrun.pl -script=SetSSOReg \
-provisiontype=[Provision Type]
where [Provision Type] corresponds to the provisioning type that you wish to use.
WINDOWS
On Windows, you must pass all the arguments on a single command line, pressing [Return] once at the end. Execute the
following command if you want to use the default (simple) registration that uses bidirectional provisioning:
%ADPERLPRG% %FND_TOP%\bin\txkrun.pl -script=SetSSOReg
Execute the following command if you want to use the default (simple) registration, but with a different provisioning type:
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 16 of 42
where [Provision Type] corresponds to the provisioning type that you wish to use.
Parameter Prompts:
The registration script will prompt for several parameters. Use the parameter values from the Parameter Checklist that you compiled. The
script will prompt for the parameters in the following order:
Enter
Enter
Enter
Enter
Enter
Enter
the host name where Oracle iAS Infrastructure database is installed ? ap6013atg.us.oracle.com
the LDAP Port on Oracle Internet Directory server ? 13061
SSL LDAP Port on Oracle Internet Directory server ? 13131
the Oracle Internet Directory Administrator (orcladmin) Bind password ? manager2
the instance password that you would like to register this application instance with ? test123
Oracle E-Business apps database user password ? APPS
Note: You can use the default (simple) registration and still chose a different provisioning type. You can do so by passing
provisioningtype=[1-4] as part of script execution. For more details about Provisioning Types, please refer Appendix A: Section 4:
Provisioning
Here is an example that chooses OutBound Provisioning instead of the default:
UNIX
$FND_TOP/bin/txkrun.pl -script=SetSSOReg -provisiontype=3
WINDOWS
%ADPERLPRG% %FND_TOP%\bin\txkrun.pl -script=SetSSOReg \
- provisiontype=3
If you need to override additional registration parameters, please refer to Appendix A: Advanced Configuration - Manual OSSO/OID
Registration
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 17 of 42
If you do not see this confirmation, examine the following file to investigate the problem:
$APPLRGF/TXK/txkSetSSOReg_[timestamp].xml
OSSO Task 2, Step 7: Enable SQL*Net Access to the E-Business Suite Database for OracleAS 10g Hosts (Conditional)
Perform this step if your E-Business Suite environment has enabled the "Enable Restricted Access" feature. This security feature restricts
SQL*Net access to the E-Business Suite Release 12 database based on a white list of authorized hosts. If you already enabled this feature
in Release 12 and you are enabling Oracle Single Sign-On for the first time, you must add the Oracle Application Server 10g application tier
hosts to the SQL*Net white list before user information can be synchronized between Oracle Internet Directory and the E-Business Suite.
Oracle Applications Manager provides a wizard to restrict SQL*Net access to the database from your middle-tier hosts. If you enable the
SQL*Net Access security option, you can select which hosts have SQL*Net access to the database. (Navigation: Oracle Applications
Manager=>Applications Dashboard=>Security=>Manage Security Options)
Using this wizard you can specify a list of hosts that can access the Oracle Applications Database via SQL*Net. To do so, you need to
complete the following tasks.
1. Run this wizard
2. Run AutoConfig on Database Tier
3. Bounce the TNS Listener for the new settings to take effect
Note: All virtual hosts must be manually reconciled with the appropriate physical mapping. Individual physical machines must be registered. You
cannot specify subnet masks. You must register a resolvable network address.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 18 of 42
The Oracle E-Business Suite Oracle HTTP Server must be stopped and restarted for your changes to take effect.
For information about autoconfig, stopping and starting Applications processes, see Using AutoConfig to Manage System Configurations with
Oracle E-Business Suite Release 12 (Oracle Metalink Note 387859.1)
Login as user "sysadmin" to the E-Business Suite locally using this URL:
http[s]://[server][:port]/OA_HTML/AppsLocalLogin.jsp
Where [server] and [port] reflect the correct values for your environment.
Select the responsibility "CRM HTML Administration" from the Navigator's left pane
Select the function "Diagnostics" from the Navigator's right pane. This will launch a new window. If you do not see a new window,
make sure any browser pop-up blockers are disabled.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 19 of 42
Enter "%Object%" in the field alongside "Search by Application Name" and click "Go" button
Check "Select" in the 'Application Object Library' row of the "Results" table and click "Select" button
Expand "SSO Setup Tests"
Select all of the tests and click "Execute" button
Click "Test Inputs" icon in the "E-Business account SSO Information" row
Click "Add Another Row" in the "Custom Inputs" table
Verify that "sysadmin2 is displayed in the "ebizAccount" field and click "Apply" button
Select all of the tests and click "Submit" button
Click "Refresh" button until all tests have completed
All Tests should complete successfully
If any errors are encountered click "View Report" icon for further details
Note: SSO Diagnostics will fail if E-Business Suite is SSL Enabled or using SSL Accelerator. You can ignore the error. Please refer
known issues: 5765693 and 8773543 for more details.
OSSO Task 3, Step 2 Verify OSSO integration with Oracle E-Business Suite
OSSO Task 3, Step 2.1
Request the appropriate E-Business Suite login link, of the form:
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 20 of 42
http://[host]:[port]/OA_HTML/AppsLogin
Where [host] and [port] reflect the correct values for your environment. This should direct you to the Oracle Single Sign-On
Login screen.
OSSO Task 3, Step 3: Verify that your Oracle E-Business Suite instance is correctly integrated with Oracle Internet Directory.
OSSO Task 3, Step 3.1:
Check that there are no errors in the Oracle Internet Directory log files for the E-Business Suite instance you have just
configured. These files are on the machine that hosts Oracle Internet Directory, under $ORACLE_HOME/ldap/odi/log. There
are two log files for each provisioning direction, so there will either be two or four in total. The files for provisioning from Oracle
Internet Directory to E-Business Suite end with _E.aud and _E.trc. The files for provisioning from E-Business Suite to Oracle
Internet Directory end with _I.aud and _I.trc.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 21 of 42
Documentation for creating the standalone Oracle Application Server 10g instance
Concepts
Section 1: Registration
To register E-Business instance with OSSO and OID servers.
Section 1.1: Register All
To register Oracle Home, with OSSO Server, instance with OID server in a single command.
Section 1.2. Register Instance
To Register Oracle Home only.
Section 1.3: Register OSSO
To register instance with OSSO Server only.
Section 1.4: Register OID
To register instance with OID Server only.
Section 2: Deregistration
To deregister E-Business instance with OSSO and OID servers.
Section 2.1: Deregister All
To deregister instance from OID Server, instance from OSSO server and Oracle Home in a single command.
Section 2.2: Deregister OID
To deregister instance from OID Server only.
Section 2.3: Deregister OSSO
To deregister instance from OSSO Server only.
Section 2.4: Deregister Instance
To deregister Oracle Home only.
Section 3: Remove References
Section 4: Provisioning
Section 5: Troubleshooting
Attention: Source the E-Business Suite environment file as the owner of the application tier file system before executing the utility for registration or
de-registration purpose.
Concepts
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 22 of 42
There are three components that can be registered or de-registered in Release 12 with the OSSO/OID registration utility. The utility automatically detects
the registered components and performs registration for the un-registered components. So there is no need to pass individual registration arguments.
If you have a Single Node deployment then run the utility for OSSO/OID Registration as after sourcing the Application Tier environment file:
txkrun.pl -script=SetSSOReg
And if you have a Multi-node deployment then run the utility as above on each Web Node for Registration or De-Registration. Services needs to be
restarted after Registration and De-Registration.
Details about the three components are below.
Three Components
Oracle Home Registration
10.1.3 Oracle Home needs to be registered in the Infrastructure instance before either OID or OSSO registration can be attempted. We refer
to this as registering an Oracle Home instance i.e. "registerinstance". Oracle Home needs to be registered only once per EBusiness
Deployment including multinode deployments. In a multi node deployment, it can be done on any node.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 23 of 42
node. The registration utility automatically detects the components needs to be registered and performs
registration. When the OSSO configuration file is generated from the first node on which the utility is run, the file
gets uploaded to FND_LOBS table in the EBusiness Database. From other nodes, the OSSO registration is
detected and the file is pulled from the FND_LOBS table and copied to the config home.
Description
-provisiontype=1
-provisiontype=2
-provisiontype=3
-provisiontype=4
Section 1: Registration
OSSO-OID Registration can be done using a single command (Section 1.1). Even though it can be done in a single command it is divided into three parts.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 24 of 42
Attention: If you are trying to integrate an Oracle E-Business Suite Release 12 Vision instance created by Rapid Install with Oracle Single
Sign-On or Oracle Internet Directory of Oracle AS 10g, following error will be displayed by the registration utility:
*** ERROR : Previous registration detected with application name : Vision la4008
See known issues section for workaround and other details.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 25 of 42
Note:
1. User need to restart the middle-tier services
2. If it fails to register instance itself, user can rerun this command with valid arguments.
3. If it fails after instance registration user can do OSSO Registration as explained in Section 1.3 and OID
Registration as explained in Section 1.4
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 26 of 42
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 27 of 42
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? manager2
Enter Oracle E-Business apps database user password ? APPS
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 28 of 42
Note:
1. User needs to restart the services.
2. Instance should be registered with Infrastructure DB host already. Otherwise register the instance as explained in Section 1.2
and then try to register OSSO.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 29 of 42
Section 2: Deregistration
OSSO-OID Deregistration can be done using a single command (2.1). Even though it can be done in a single command it is divided into three parts
OID Deregistration
OSSO Deregistration
Instance Deregistration
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 30 of 42
Note:
1. Prompts for ldaphost and ldapport if those are not existing in the database as fnd user preferences.
2. If it fails to deregister this instance, same command can be executed by passing valid arguments.
3. If it fails to deregister this instance with OSSO server, the deregister this instance with OSSO server as explained in Section 2.3
and deregister this instance with infrastructure host as explained in Section 2.4
4. If it fails to deregister this instance with infrastructure host, then deregister this instance with infrastructure host as explained in
Section 2.4
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 31 of 42
$FND_TOP/bin/txkrun.pl \
-script=SetSSOReg \
-deregister=yes \
-appspass=APPS \
[-oidadminuser=cn=orcladmin \]
-oidadminuserpass=manager2 \
[-ldaphost=ap6013atg \]
[-ldapport=13061 \]
[-appname=[s_dbSid] \]
[-svcname=[s_dbSid] ]
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 32 of 42
Note: Prompts for ldaphost and ldapport if those are not existing in the database as fnd user preferences.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 33 of 42
$FND_TOP/bin/txkrun.pl \
-script=SetSSOReg \
-deregistersso=yes \
-appspass=APPS
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 34 of 42
Section 4: Provisioning
There are four types of provisioning provided by the registration utility. These provisioning can be later customized to suit your needs.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 35 of 42
This is set by "-provisiontype=1" command line argument during OID registration. This is the default provisioning type set by the
registration utility.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 36 of 42
Then profile_mode is
BOTH
INBOUND
OUTBOUND
BOTH
4.5.4: Execute the step in 4.5.2 to ensure that provisioning has been modified as per the command.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 37 of 42
If the above properties are missing then the ORACLE_HOME has not been registered.
3. If registering for OSSO, verify that [ORA_CONFIG_HOME]/10.1.3/Apache/Apache/conf/httpd.conf has the directive to include "mod_osso.conf" is
uncommented.
4. Ensure that the DBC file has been generated correctly under $FND_SECURE directory.
5. Additional Notes in Oracle MetaLink Note 295606.1
Product Name
229
Oracle Marketing
937
OSSO Exception
Comments
Yes
Yes
1129
Yes
1293
Oracle Projects
Yes
1009
Yes
385
Yes
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 38 of 42
Oracle iRecruitment
Yes
174
Oracle Workflow
Yes
757
Yes
Problem
Workaround
1) Connect to DB using APPS schema user
9151196
7704258
Getting error while creating new user in Oracle E-Business suite Release
12 after enabling OSSO
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 39 of 42
la4008
6058405
NA
5440880
5765693
"SSO Setup Tests" under SSO Diagnostics fails with errors ie. "/AppsLogin
NA
MUST be mapped to java.lang.Class"
5855635
(IBM/AIX 5L)
AIX customers on base Release 12, OID registration will fail with below
exception:
Apply patch 5855635
java.lang.UnsatisfiedLinkError: jmisc (A file or directory in the path name
does not exist.)
Change Log
Date
Description
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 40 of 42
*Corrected 'Oracle Workflow' link to point it to note: "396314.1 - Oracle Workflow Documentation Resources, Release 12".
*Modified link under "Integration with Third-Party Access Management Systems and LDAP Directories", as it was incorrect, to
"http://download-west.oracle.com/docs/cd/B28196_01/idmanage.1014/b15988/tpsso.htm#Integration"
July 23, 2007
Modified table under Under "Section 3: Components and Supported Versions, Section 3.1, Oracle Application Server 10g Enterprise
Edition"
Removed notebox under "Appendix A: Advanced Configuration - Manual OSSO/OID Registration, Section 2: Deregistration", as bug
5754706 is already fixed.
Added bugs 5999577, 6058405 and 5440880 as Known issues with w/a wherever available.
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 41 of 42
Removed Option C for "Supported Architectures and Configurations, 8. What the user sees after sign-on"
Added patch 6198537 details for "OEL4.0 PLATFORM", under Section 5, Pre-Install Task 2, Step 1.
Added Section "Pre-Install Task 4: Apply the latest certified Application Server Patchset" under "Section 5: Pre-Install Tasks" to
provide information about all certified patchsets
Added column 'One-off Patch details (if any)' in table under "Section 5, Pre-Install Task 4: Apply the latest certified Application Server
Patchset"
Added information about patch 8811442
Related
Products
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010
Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
Page 42 of 42
Oracle E-Business Suite > Applications Technology > Technology Components > Oracle Applications Technology Stack
Keywords
JAVA.LANG.UNSATISFIEDLINKERROR; UPGRADE TO 10.1.4.0.1
Back to top
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=376811.1
8/10/2010