Integrate Oracle Applications R12 with Oracle Internet Directory and SSO

-----------------------------------------------------------------------------------------

High Level Steps

--------------------
Oracle 10g AS
1> Install Infra Oracle Application Server 10.1.2, OID
2> Upgrade the database of the infra from 10.1.0.4 to 10.1.0.5
3> Apply patch 4960210 to upgrade the apps server from 10.1.2 to 10.1.2.2

Oracle Application R12.0.4

4> Install Oracle Application R12.0.4 Already installed
5> Register Oracle Applications 11.5.10.2 with OID
6> Validate that Single Sign-On is Working Correctly

linux1 (10gAS Server) linux20 (R12 Server)

Oracle 10gAS (10.1.2.2) with R12.0.4
OID Single Node
SID - asinf SID - TEST

server name
1> Install Infra Oracle Application Server 10.1.2, OID

Download the software from http://otn.oracle.com

su root
useradd -g dba -d /d01/oracleAS/asinf asinf
mkdir p /d01/oracleAS
chown asinf :dba /d01/oraceAS
xhost +

su asinf
./runInstaller
Global Database name asinf.com
SID- asinf
welcome1
Instance name orasso
Ias_admin password welcome1
2> Upgrade the database of the infra from 10.1.0.4 to 10.1.0.5

Upgrade the database of the infra from 10.1.0.4 to 10.1.0.5

Stop all the infra components including OID database

Download the patch and apply the patch 4505133

Apply database patch p4505133_10105_LINUX

./runInstaller
sqlplus /as sysdba

1. Enter the following SQL*Plus commands:

2. SQL> STARTUP UPGRADE
3. SQL> SPOOL patch.log
4. SQL> @?/rdbms/admin/catpatch.sql
5. SQL> SPOOL OFF
6. Restart the database:
7. SQL> SHUTDOWN
8. SQL> STARTUP
9.
10. Run the utlrp.sql script to recompile all invalid PL/SQL packages now
instead of when the packages are accessed for the first time. This step is
optional but recommended.

SQL> @?/rdbms/admin/utlrp.sql
3> Apply patch 4960210 to upgrade the apps server from 10.1.2 to 10.1.2.2

All infra components should be started including datatabase, OID

su asinf
cd $ORACLE_HOME/bin
sh runstartupconsole start
welcome1
welcome1
welcome1
http://linux1.com:7777/pls/orasso
Login using orcladmin/welcome1

http://linux1.com:7777/oiddas - login using orcladmin/welcome1

Click Directory

orcladmin/welcome1
4> Install Oracle Application R12.0.4 Already installed
Follow the below steps

http://www.appsdba.info/docs/oracle_apps/Installation/R12/snir12-ln.pdf

* Create a user appsso later we shall move this user from Apps to OID

5 Register Oracle Applications R12 with OID

Before registering make sure to change the following profiles with the values give as
below.

Applications SSO Type: SSWAw/SSO

Applications SSO Auto Link User: Enable
Applications SSO Login Types: Both
Application SSO LDAP Synchronization: Enable
Applications SSO Enable OID Identity Add Event: Enable
Link Applications user with OID user with same username: Enable

Once the profiles are set, go ahead with OID/SSO registration

-- To deregister (for cloned instance)

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -deregister=yes -appspass=apps
-- Oracle Home Registration
$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registerinstance=yes

You are registering ORACLE HOME only.

Enter the host name where Oracle iAS Infrastructure database is installed ? linu
x1
Enter the LDAP Port on Oracle Internet Directory server ? 13060
Enter SSL LDAP Port on Oracle Internet Directory server ? 13130
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? we
lcome1
Enter Oracle E-Business apps database user password ? apps

*** Log File = /d01/oracle/TEST/inst/apps/TEST_linux20/logs/appl/rgf/TXK/txkSetS

SOReg_Thu_Sep_11_06_36_52_2008.xml

Beginning input parameter validation for Oracle Home Instance registration.

Input parameter validation for Oracle Home Instance registration completed.

BEGIN ORACLE HOME INSTANCE REGISTRATION:

Oracle Home Instance preferences stored successfully.
Oracle Home Instance registered successfully.

End of /d01/oracle/TEST/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.
pl : No Errors encountered
- SSO Registration
$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registersso=yes

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registersso=yes

You are registering this instance with SSO Server.

Enter Oracle E-Business apps database user password ? apps

*** Log File =

/d01/oracle/TEST/inst/apps/TEST_linux20/logs/appl/rgf/TXK/txkSetSSOReg_Thu_Sep_
11_06_37_48_2008.xml

Beginning input parameter validation for SSO registration.

Input parameter validation for SSO registration completed.

BEGIN SSO REGISTRATION:

Beginning to register partner application.
Partner application has been registered successfully.
Configuration file uploaded successfully.
Single Sign-On partner application registered successfully.

End of /d01/oracle/TEST/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl :
No Errors encountered

-- OID Registration
$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registeroid=yes

You are registering this instance with OID Server.

Enter LDAP Host name ? linux1

Enter the LDAP Port on Oracle Internet Directory server ? 13060

Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ?

welcome1

Enter the instance password that you would like to register this application instance with
? welcome1

Enter Oracle E-Business apps database user password ? apps

*** Log File =

/d01/oracle/TEST/inst/apps/TEST_linux20/logs/appl/rgf/TXK/txkSetSSOReg_Thu_Sep_
11_06_38_40_2008.xml

Beginning input parameter validation for OID registration.

Input parameters validation for OID registration completed.

BEGIN OID REGISTRATION:

Beginning to register Application and Service containers if necessary.

Application and Service containers were created successfully if necessary.

Beginning to register application in Oracle Internet Directory.

Registration of application in Oracle Internet Directory completed successfully.

-> LOADING:
/d01/oracle/TEST/apps/apps_st/appl/fnd/12.0.0/admin/template/AppsOIDRegistration.tm
p

Beginning to register provisioning profile in Oracle Internet Directory.

Registration of provisioning profile in Oracle Internet Directory completed successfully.

Application is now registered successfully with provisioning in Oracle Internet Directory.

End of /d01/oracle/TEST/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl :
No Errors encountered

De-Registrating OID/SSO

Deregister OID

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -deregisteroid=yes

Deregister SSO

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -deregistersso=yes

Deregister Instance

$FND_TOP/bin/txkrun.pl -script=SetSSOReg -deregisterinstance=yes

Once these 3 steps are done, bounce the application system middle tier, login to
application and change the profile options back to original value. Following values
should be made for the profile options.

Applications SSO Type: SSWAw/SSO

Applications SSO Auto Link User: Disable
Applications SSO Login Types: Local
Application SSO LDAP Synchronization: Disable
Applications SSO Enable OID Identity Add Event: Disable
Link Applications user with OID user with same username: Disable
Logon to Oracle Application

Re-Start the application

http://linux20:8010/OA_HTML/AppsLocalLogin.jsp
* Indirect link to Oracle Applications

Note: Synchronization happens from FND to OID and not viceversa

1.Oracle oracle11i login

----------------
http://linux20:8010/OA_HTML/AppsLocalLogin.jsp
2.Oracle SSo login

http://linux20.com:8001/OA_HTML/AppsLogin
6 Validate that Single Sign-On is Working Correctly

Oracle Application Server 10g with Oracle E-Business Suite

Release 11i Troubleshooting
Doc ID: Note:295606.1

SSO Task 4: Validate that Single Sign-On is Working

Correctly
To validate that Oracle E-Business Suite Release 11i has been properly registered as a
partner application to Single Sign-On, perform the following steps:

SSO Task 4, Step 1: Run the Diagnostic Utility

SSO Task 4, Step 1.1: Login locally to the E-Business Suite

Login as user "sysadmin" to the E-Business Suite locally using this URL:

Where <server> and <port> reflect the correct values for your environment.

SSO Task 4, Step 1.2: Launch Diagnostics

Select the responsibility "CRM HTML Administration" from the Navigator's left
pane
Select the function "Diagnostics" from the Navigator's right pane. This will
launch a new window. If you do not see a new window, make sure any browser
pop-up blockers are disabled.

SSO Task 4, Step 1.3: Run SSO Diagnostics

Click on the "Basic" tab

Choose "Application Object Library" from the Applications drop down
Click on "SSO Setup Tests" - Click on "Run Without Pre-Requisite"
All the tests should complete successfully
Click on the "Report" icon for each test and verify the results

SSO Task 4, Step 1.4: Run OID Diagnostics

Click on "OID Setup" - Click on "Run Without Pre-Requisite"

 All the tests should complete successfully
Click on the "Report" icon for each test and verify the results

SSO Task 4, Step 2: Verify that your Oracle E-Business Suite instance is correctly
integrated with Oracle Single Sign-on server.

Request the appropriate E-Business Suite login link, of the form:

http://linux20.com:8001/OA_HTML/AppsLogin

Where <host> and <port> reflect the correct values for your environment. This
should direct you to the Single Sign-On Login screen.

Now create a user orasso and login to Oracle application using the below link

http://linux20.com:8001/OA_HTML/AppsLogin

Login as orasso
 SSO Task 4, Step 2.2: Enter the username and password for a valid account in Oracle
Internet Directory. You should be directed to either the Oracle E-Business Suite home
page or a page that shows "More Information Requested".

SSO Task 4, Step 2.3: Click on the logout link on whichever of the pages that you see.
You should now be directed to the Single Sign-On Logout page. If so, then Single Sign-
On integration has been carried out correctly.

Also see Single Sign-On Processes and Troubleshooting .

SSO Task 4, Step 3: Verify that your Oracle E-Business Suite instance is correctly
integrated with Oracle Internet Directory.

SSO Task 4, Step 3.1: Check that there are no errors in the Oracle Internet Directory log
files for the E-Business Suite instance you have just configured. These files are on the
machine that hosts Oracle Internet Directory, under $ORACLE_HOME/ldap/odi/log.
There are two log files for each provisioning direction, so there will either be two or four
in total. The files for provisioning from Oracle Internet Directory to E-Business Suite end
with _E.aud and _E.trc. The files for provisioning from E-Business Suite to Oracle
Internet Directory end with _I.aud and _I.trc.

SSO Task 4, Step 3.2: Depending on how provisioning has been configured, try to create
a user from either E-Business Suite or Oracle Internet Directory. If you used the default
registration process, you may create a user either in E-Business Suite or Oracle Internet
Directory and see the newly-provisioned user appear in the other system within about two
minutes. The user details should be visible in the relevant .aud log files for users created
from Oracle Internet Directory to E-Business Suite. If so, then provisioning configuration
for Oracle Internet Directory has been performed correctly.

http://linux20:8001/OA_HTML/AppsLocalLogin.jsp

connect as sysadmin/sysadmin
https://metalink.oracle.com/metalink/plsql/f?p=130:14:11131203365242372614::::p14_d
atabase_id,p14_docid,p14_show_header,p14_show_help,p14_black_frame,p14_font:NO
T,295606.1,1,1,1,helvetica
http://home.c2i.net/toreingolf/oracle/ias1012/install.htm

http://beginapps.blogspot.com/2008/01/oracleas-10g-with-oracle-e-business.html - must
read

http://onlineappsdba.com/index.php/2008/06/14/user-created-in-apps-11ir1212i-not-
sync-to-oid/

http://advait.wordpress.com/enabling-oidsso-for-e-business-suite-r12/

Your first attempt should be to follow checklist as per metalink note 295606.1 (For 11i)
& 380487.1 (For R12/12i)