Highlighted steps :
1. Copy the Application to the DMZ server
2. Clone the Application Tier using adcfgclone.pl
3. Run the txkChangeProfH.sql under FND_TOP/patch/115/sql
@txkChangeProfH.sql SERVRESP
4. Run the Autoconfig all nodes
1. Database.
2. DMZ.
3. Internal Application server.
5. Change the profile Node Trust Level at the Server level to "External".
6. Change the profile Responsibility Trust Level at the desired responsibility level to "External".
7. Test both the DMZ and Internal URL's.
1.Pre-Clone Steps on Internal Server:
Run adpreclone.pl on MINEJand MINEZ with applcrp3 and oracrp3 users.
Take a backup of /d21/applcrp/CRP3 folder on MINEJ
Restore the Backup into MINE8 server under /d21 mount point.
Setup Host File:
Put the following entries in the Hosts File (/etc/hosts).
Change the owner Ship of /d21/oracrp3 folder and the file under it to applcrp3
Creating External Web Tier:
Create XML file for External Server:
Run adpreclone.pl to add the MINE8 server as a node to CRP3:
CONTEXT_FILE configuration:
Modify the following CONTEXT_FILE parameters:
s_applcsf
s_applptmp
s_appltmp
s_formshost
s_chronosURL
s_external_url
s_webentryhost
s_login_page
Run AutoConfig on al l the Nodes(Database,DMZ,Internal Application server.).
Configuring MINE8 for DMZ
Run the script txkChangeProfH.sql for the Profile option setup:
@$FND_TOP/patch/115/sql/txkChangeProfH.sql SERVRESP
Update Node Trust Level
Set the value of this profile option to External at the server level. The site level value should remain set to Normal.
Update List of Responsibility:
To change the value of the Responsibility Trust Level profile option at the responsibility level for a particular responsibility,
Environment Name: VISPRD
Machine:
Database/Conc/Admin Node: dbprd
Internal web/Form Node: appintprd
External Web Node: appextprd
Pre-Clone Steps on Internal Server
Run adpreclone.pl on appintprdand dbprd with applVISPRD and oraVISPRD users.
As oraVISPRD user:
cd $ORACLE_HOME/appsutil/scripts/VISPRD_dbprd
perl adpreclone.pl dbTier
As applVISPRD user:
cd $ADMIN_SCRIPTS_HOME
perl adpreclone.pl appsTier
Take a backup of /u01/applcrp/VISPRD folder on appintprd
Restore the Backup into appextprd server under /u01 mount point.
Setup Host File:
Put the following entries in the Hosts File (/etc/hosts)
10.211.16.92 dbprd.sonapglobal.com dbprd
10.223.18.72 appintprd.bn.sonap.net appintprd.bn
Change the owner Ship of /u01/oraVISPRD folder and the file under it to applVISPRD
cd /u01
chown –R oraVISPRD:dba oraVISPRD
Creating External Web Tier
Note: Your steps should be more specific than the examples shown.
Create XML file for External Server:
su – applVISPRD
cd /u01/applVISPRD/VISPRD/apps/apps_st/comn/clone/bin
perl adclonectx.pl contextfile=/u01/applVISPRD/VISPRD/inst/apps/VISPRD_appintprd/appl/admin/VISPRD_appintprd.xml
Enter the APPS password: sonapVISPRD
Target System Hostname (virtual or normal) [appextprd]:
Do you want the inputs to be validated (y/n) [n]? :
Target System Database SID: VISPRD
Target System Database Server Node [appextprd]: dbprd
Target System Base Directory: /u01/oraVISPRD/VISPRD
Target System Forms ORACLE_HOME Directory [/u01/oraVISPRD/VISPRD/apps/tech_st/10.1.2]:
Target System Web ORACLE_HOME Directory [/u01/oraVISPRD/VISPRD/apps/tech_st/10.1.3]:
Target System APPL_TOP Mountpoint [/u01/oraVISPRD/VISPRD/apps/apps_st/appl]:
Target System COMMON_TOP Directory [/u01/oraVISPRD/VISPRD/apps/apps_st/comn]:
Target System Instance Home Directory [/u01/oraVISPRD/VISPRD/inst]:
Username for the Applications File System Owner [applVISPRD]:
Group for the Applications File System Owner [dba]:
Target System Root Service [enabled]:
Target System Web Entry Point Services [enabled]:
Target System Web Application Services [enabled]:
Target System Batch Processing Services [disabled]:
Target System Other Services [enabled]:
Do you want to preserve the Display [appintprd:0.0] (y/n)? : n
Target System Display [appextprd:0.0]:
Do you want the the target system to have the same port values as the source system (y/n) [y]? : n
Target System Port Pool [0-99]: 1
Choose a value which will be set as APPLPTMP value on the target node [1]: 2
New context path and file name [/u01/oraVISPRD/VISPRD/inst/apps/VISPRD_appextprd/appl/admin/VISPRD_appextprd.xml]:
Cross Check if the Context File generated is correct or not, check with following command if the respective components are enabled on appextprd:
grep –i status $CONTEXT_FILE
Run adpreclone.pl to add the appextprd server as a node to VISPRD:
su - applVISPRD
cd /u01/applVISPRD/VISPRD/apps/apps_st/comn/clone/bin
perl adcfgclone.pl appsTier /u01/applVISPRD/VISPRD/inst/apps/VISPRD_appextprd/appl/admin/VISPRD_appextprd.xml
Enter the APPS password:
Check the logfile for any error.
CONTEXT_FILE configuration:
Modify the following CONTEXT_FILE parameters:
Context File Variable
Existing Value
New Value
s_applcsf
/u01/applVISPRD/VISPRD/inst/apps/VISPRD_appextprd/logs/appl/conc
/u01/applVISPRD/VISPRD/conc
s_appltmp
/u01/applVISPRD/VISPRD/inst/apps/VISPRD_appextprd/temp
/VISPRD_appltmp
s_applptmp
/u01/applVISPRD/VISPRD/inst/apps/VISPRD_appextprd/ptemp
/VISPRD_applptmp
s_formshost
appextprd
VISPRDext
s_chronosURL
http://appextprd.sonapglobal.com:8001/oracle_smp_chronos/oracle_smp_chronos_sdk.gif
http://VISPRDext.sonapglobal.com:8001/oracle_smp_chronos/oracle_smp_chronos_sdk.gif
s_external_url
http://appextprd.sonapglobal.com:8001
http://VISPRDext.sonapglobal.com:8001
s_webentryhost
appextprd
VISPRDext
s_login_page
http://appextprd.sonapglobal.com:8001/OA_HTML/AppsLogin
http://VISPRDext.sonapglobal.com:8001/OA_HTML/AppsLogin
Run AutoConfig on al l the Nodes.
Configuring appextprd for DMZ
Run the script txkChangeProfH.sql for the Profile option setup:
# sonapssh dbprd
$ su – applVISPRD
$ sqlplus appUpdate Hierarchy Types/sonapVISPRD @$FND_TOP/patch/115/sql/txkChangeProfH.sql SERVRESP
Run AutoConfig on all nodes.
q Update Node Trust Level
To change the value of the Node Trust Level profile option value to External for a particular node, perform the following steps:
1. Login to Oracle E-Bsonapness Suite as sysadmin user sonapng the internal URL
2. Select the System Administrator Responsibility
3. Select Profile / System
4. From the 'Find system profile option Values' window, select the server and get the valie appextprd into it.
5. Query for %NODE%TRUST%. You will see a profile option named 'Node Trust Level'. The value for this profile option at the site level will be Normal. Leave this setting unchanged.
6. Set the value of this profile option to External at the server level. The site level value should remain set to Normal
q Update List of Responsibility
To change the value of the Responsibility Trust Level profile option at the responsibility level for a particular responsibility, perform the following steps:
7. Login to Oracle E-Bsonapness Suite as sysadmin user sonapng the internal URL
8. Select System Administrator Responsibility
9. Select Profile / System
10. From the 'Find system profile option Values' window, select the responsibility that you want to make available to users logging in via the external web tier
11. Query for %RESP%TRUST%. You will see a profile option named 'Responsibility trust level'. The value for this profile option at site level will be Normal. Leave this setting unchanged.
12. Set the value of this profile option for the chosen responsibility to External at the responsibility level. The site-level value should remain Normal.
13. Repeat for all responsibilities that you want to make available from the external web tier.
List of Responsibilities which can be enabled on External Server is as followed:
Product Name
Externally Accessible Responsibilites
Additional Profile Options
iSupplier
POS Supplier Guest User
Plan to Pay Supplier View
Plan, Source, Pay Supplier View
Source to Pay Supplier View
Supplier Profile Manager
Procure to Pay Supplier View
POS: External URL
POS: Internal URL
Oracle Sourcing
Sourcing Supplier
PON: External Applications Framework Agent
PON: External login URL
Oracle iProcurement
Self Registered Employee Default Responsibility
Self Registered New User Default Responsibility
q Enable Oracle E-Business Suite Application Server Security
1. Set the value of Application Server Security Authentication (s_appserverid_authentication) to SECURE, in the CONTEXT_FILE on all the nodes.
2. Run AutoConfig on each Applications middle tier to complete the configuration.
3. After AutoConfig completes successfully, restart Oracle HTTP Server and OC4J processe
q Increase JVM Size
Change the following JVM parameter in the CONTEXT_FILE as mentioned in the below table:
Note: Take a backup of Context File before Changing.
Variable
Exisiting Value
New Value
s_oacore_jvm_start_options
-server -verbose:gc -Xmx512M -Xms128M -XX:MaxPermSize=160M
-server -verbose:gc –Xmx1024M –Xms521M -XX:MaxPermSize=256M
q Run Autoconfig
Run AutoConfig from ADMIN_SCRIPTS_HOME sonapng adautocfg.sh.
Enable SSL Login
Note:Include a subset of test steps that will confirm that the customization has been installed properly.
Reference
Metalink Document: “Oracle E-Bsonapness Suite R12 Configuration in a DMZ” Document ID: 380490.1
http://knoworacleappsdba.blogspot.com/2012/04/dmz-setup-on-oracle-ebs-r12.html
No comments:
Post a Comment