Interview Question

 Super

• oracle-apps-basics
• listener-interview-question
• interview-question-on-adutilities
• mobile-servermsca
• cloning-interview-questions
• Patching-Interview-Question
• file-system
• Concurrent Manager

Oracle Apps Scripts

    Concurrent Request 

• Long Running Requests
• Find Manager of a Request
• Find Running node of a request
• Find Concurrent Requests submitted by a particular user
• Request completed with Error
• Request to check dumplicate

  Concurrent Manager 

• Concurrent Manager Status
• Concurrent Queue Status
• Concurrent Manager Log location
• Find log file count

  

 Schema and User Related   

• schemas-register-under-erp-all
• query-to-check-sysadmin-respo
• respo-assigned-to-user

Concurrent Manager

 Super

• Concurrent Manager
• Output-post-processor
• XML Post Processor
• XML-publisher
• Concurrent Manager Queries

Usage of OC4J in Release 12

 We have gather below details but still unable to understand that why two services are there in OC4J in Release 12. My questions are:

[1] If OACORE is there and most of the components are based on Framework in Release 12 then what is the requirement of OAFM? 

[2] Is OAFM is only for mapviewer, ascontrol and "Oracle Transport Agent" if we use them?

[3] Why there is seperate process for HTTP_Server as given below if OACORE is already there.

I have gathered below details from various source but still unable to understand fully above three questions.

* Oacore: This runs the OA Framework -based applications (Core Application Modules).
* Forms: This runs the Forms-based applications (using Servlet Mode).
* OAFM (Oracle Apps Fusion Middleware): This is responsible for running the web services , mapviewer, ascontrol (Oracle Transport Agent).


[oratrain@ndaeasdb01 scripts]$ ./adopmnctl.sh status

You are running adopmnctl.sh version 120.4

Checking status of OPMN managed processes...

Processes in Instance: TRAIN_ndaeasdb01.ndaeasdb01.xone.xansa.com
------------------------------------------------+---------
ias-component | process-type | pid | status
------------------------------------------------+---------
OC4J | oafm | 19974 | Alive
OC4J | forms | 19888 | Alive
OC4J | oacore | 19768 | Alive
HTTP_Server | HTTP_Server | 19711 | Alive



Web Entry Point Services          HTTP Server 

Web Application Services          OACORE OC4J 
                    Forms OC4J 
                    OAFM OC4J

EBS login flow

Before jumping into the flow, lets brush up the role of APPLSYSPUB, GUEST, APPLSYS and APPS user.

When we login to applications,initially oracle applications connect to public schema, APPLSYSPUB. This schema has sufficient privileges to perform the authentication of an Applications User (FND user), which includes running PL/SQL packages to verify the username/password combination and the privilege to record the success or failure of a login attempt.
The public ORACLE username and password that grants access to the Oracle E-Business Suite initial sign-on form. The default is APPLSYSPUB/PUB.
Once we change the APPLSYSPUB password must propagate the change to application tier configuration files. If the instance is Autoconfig enabled, must edit the CONTEXT file on each tier prior to running Autoconfig.
In the CONTEXT file, locate the autoconfig variable “s_gwyuid_pass” and set it to the new password, then run AutoConfig in each applications nodes.
When Autoconfig is not being used:
If you are not using Autoconfig you must manually edit the following configuration files :
1) FND_TOP/resource/appsweb.cfg
2) OA_HTML/bin/appsweb.cfg
3) FND_TOP/secure/HOSTNAME_DBNAME.dbc

To change password of APPLSYSPUB with FNDCPASS:
$FNDCPASS APPS/[apps_pass] 0 Y SYSTEM/[system_pass] ORACLE APPLSYSPUB [new_passs].

0 & Y are flags for FNDCPASS
0 is request id (request ID 0 is assigned to request ID's which are not submitted via Submit Concurrent Request Form)
'Y' indicates that this method is directly invoked from the command-line and not from the Submit Request Form.
All application tier processes (Apaches) must be restarted following the password change.

Role of GUEST user/schema in Oracle Applications:
GUEST is a dummy schema.
By default it has ORACLE as password.
GUEST/ORACLE password is present in DBC file at $FND_TOP/secure directory as well as at $FND_TOP/secure/SID_hostname directory.
If a user logs in without any role mappings, the user will get the Guest role, which has a default permission of "R".
GUEST user is used by JDBC Drivers and Oracle Self Service Web Applications like istore, irecruitment, iprocurement, ipayables, ireceivables etc to make initial Connection.

Role of APPLSYS & apps user/schema in Oracle Applications:
APPLSYS user is same as other oracle users like AP, AR, GL etc which hold their set of tables, views etc. In the same manner APPLSYS Account holds its set of tables like FND_USER and FND_APPLICATION, AD_APPLIED_PATCHES etc.
Applsys schema has applications technology layer products like FND and AD etc.
Apps is a universal schema, it has synonyms to all base product tables and sequences. This also has code objects for all products (triggers, views, packages, synonyms etc).
APPS is central Schema which holds synonyms for all other Users Database Objects.

Note: APPLSYS and APPS should have same password.

Reason why these contains same password.

Both apps & applsys need to have same password because when you sign on to apps, initially it connects to a public schema called APPLSYSPUB. This validates AOL name and password that we enter (operations/welcome). Once this is verified we select responsibility, this is validated by APPLSYS schema and then it connects to apps schema.
During signon process it uses both applsys and apps, hence this expects both the password to be identical. If the password for applsys & apps are not identical (Different) Try changing apps password to something else and try to login, the validation at the last stage would fail. This would result in failure of application login.

Difference B/W APPLSYSPUB & GUEST:
APPLSYSPUB/PUB - is DB user which is used by any utility to retrieve APPS schema password for further logins.
GUEST/ORACLE - is EBS user with no or max limited privileges to execute authorization function.That is why Guest user cannot be end dated.

Now lets jump into the login flow:

1.Webserver receives the user request for the particular port number. Web server Binds the request with the port number.

2.Based on the cookie webserver serves the request by sending login page

3.The application user name and password is entered by the user(operations/welcome)

4.DB connection is established using APPLSYSPUB user. This user “APPLSYSPUB” is having access to fnd_user view and a small set of other public tables needed to establish the initial connection.

5.Once DB connection is established FND_USER table is used to get ENCRYPTED_FOUNDATION_PASSWORD.

6.Using GUEST/ORACLE password combination and ENCRYPTED_FOUNDATION_PASSWORD  string obtained from 2 above, we get Apps schema password.

7.Internally it tries to connect to Apps schema with the password retrieved in step 3 above. If the connection fails, then

   a)The GUEST username password is incorrect

   b)The FNDNAM (APPS) environment variable is set incorrectly.

   c)Some other problem prevented a connection


8.Using Apps password obtained in Step 3 and ENCRYPTED_USER_PASSWORD string from FND_USER table, password for Application user (e.g. SYSADMIN) is obtained.

9. The Application user password obtained in Step 5 is compared to the application user password entered by user in login screen. If both passwords match then user is   allowed to get into self-service.

10. A list of responsibilities assigned to that user is shown.  The user picks one of the responsibilities listed.

11. The responsibility and application name is validated by connecting to Applsys schema(fnd_Responsibility, fnd_application…….)
Note: Here we should remember the difference between applsys and apps schema. Applsys schema contains ad,fnd objects whereas apps schema is a global schema contains all application objects.

12. Once the application is validated , Connecting to apps schema to get access application tables. This is the reason why we should have apps and applsys passwords should be same

13. Once a particular form is selected the .dbc file is accessed to get the information about the GUEST username/pwd

============
Note: Oracle doesn't store the hash value of the passwords. It just store the whole password in the encrypted format and get stored in FND_USER table(encrypted_user_password). Thus during authentication of a front end user, it is done on the stored password. Decryption of the stored password takes place FND_WEB_SEC package which is found under apps schema. The decryption key for the user password is the decrypted “ENCRYPTED_FOUNDATION_PASSWORD” of the guest user. Meaning that the first step to decrypt the user password is to decrypt the foundation password of the guest user.

There are certain changes for EBS 12.2 as 10.1.3 application server is replaced by Weblogic server. Thus the login flow will be slight different

When a HTTP request is made for EBS, the request is received by the Oracle HTTP Server (OHS).
When the configuration of OHS is for a resource that needs to be processed by Java, such as logging into EBS, the OHS configuration will redirect the request to the Web Logic Server (WLS) Java process (OACore in this case).
WLS determines the J2EE application that should deal with the request, which is called “oacore”.
This J2EE application needs to be deployed and available for processing requests in order for the request to succeed.   The J2EE application needs to access a database and does this via a datasource which is configured within WLS.
Here is the processing in terms of URL(Login HTTP headers)
When the EBS login works OK, the browser will be redirected to various different URLs in order for the login page to be displayed.  The page flow below shows the URLs that will be called to display the login page:

/OA_HTML/AppsLogin
EBS Login URL
/OA_HTML/AppsLocalLogin.jsp
Redirects to local login page
/OA_HTML/RF.jsp?function_id=1032925&resp_id=-1&resp_appl_id=-1&security_group_id=0&lang_code=US&oas=3TQG_dtTW1oYy7P5_6r9ag..&params=5LEnOA6Dde-bxji7iwlQUg
Renders the login page
The URLs after the user enters username and password, then clicks the “login” button are shown below/OA_HTML/OA.jsp?page=/oracle/apps/fnd/sso/login/webui/MainLoginPG&_ri=0&_ti=640290175&language_code=US&requestUrl=&oapc=2&oas=4hoZpUbqVSrv9IE0iJdY1g..
/OA_HTML/OA.jsp?OAFunc=OANEWHOMEPAGE
/OA_HTML/RF.jsp?function_id=MAINMENUREST&security_group_id=0
Renders user home page
Once the users home page is displayed, the logout flow also redirects to several different URL before returning to the login page:
/OA_HTML/OALogout.jsp?menu=Y
Logout icon has been clicked
/OA_HTML/AppsLogout
/OA_HTML/AppsLocalLogin.jsp?langCode=US&_logoutRedirect=y
Redirects to the login page
/OA_HTML/RF.jsp?function_id=1032925&resp_id=-1&resp_appl_id=-1&security_group_id=0&lang_code=US&oas=r6JPtR7-a4n5U2H3–ytEg..&params=1JU-PCsoyAO7NMAeJQ.9N6auZoBnO8UYYXjUgSPLHdpzU3015KGHA668whNgEIQ4


Reference:http://johanlouwers.blogspot.in/2006/12/oracle-applications-passwords.html
               12.2 E-Business Suite Technology Stack Summary Of The iAS / HTTP Server Login Process And What To Expect When One Of The Login Components Fails (Doc ID 1984710.1)

R12 Workflow Notification Mailer Configuration

The main component of the Oracle Workflow Notification Mailer is the executable

WFMAIL. This is a server side program that queries the database for any pending

notifications. It then dispatches these notifications by calling sendmail for UNIX and the MAPI APIs for Microsoft Windows NT. The notification mailer also queries the local inbox for incoming messages. These messages are validated and then passed to the database for response processing. To configure Workflow Notification Mailer we have to do OS level setup (Sendmail) and Application level setup.

1.) Sendmail should be installed by default when you install RedHat Linux. If it is not then you need to install the Sendmail RPM’s with the Red Hat distribution .

2.) we need to configure a means for the user to retrieve any emails that are waiting for them on the server. One of the packages that do this is dovecot, which handles POP and IMAP mailboxes in clear text or with link encryption (POPS and IMAPS); IMAPS is the preferred mail protocol for MUAs.

3.) There are two kinds of Notification Outbound & Inbound in Workflow Mailer
  For Outbound Notification, CM (Concurrent Manager) node should be able to connect to SMTP (Simple Mail Transfer Protocol) server/relay.
  For Inbound Notification (Optional), CM node should be able to connect to IMAP (Internet Message Access Protocol) Server.

4.) Workflow Notification Mailer in background run as Concurrent Manager (Workflow Mailer Service, Workflow Agent Listener Service)

5.)Schedule the Workflow Background process, Notification Mailer concurrent requests 

6.) Select Workflow Manager in OAM from pull down menu once you login to OAM.
7.) Click Notification Mailer status icon to navigate to the Service Component page for Notification Mailers. Status of Notification Mailers is down.
8.) Select Workflow Notification Mailer Service component under Service Components page. Click edit to access Notification Mailer Configuration wizard.
9.) Enter the name of the SMTP MAIL SERVER information under Outbound Email Account region.
10.) Select the Inbound Processing parameter in Inbound Mail Email Account (IMAP)region to enable inbound email processing. Enter name of the inbound IMAP mail server, the username and passwd of the email account that the Notification Mailer uses to receive email messages,and the reply-to address of the mail account which receive incoming messages to which notification responses should be sent.
6. Confirm the changes by clicking apply. Now check the status of the Workflow Notification Mailer service component is runing on Service components page

EBS R12 Standby Apps tier sync

Primary Application tier is connected to Primary database and Standby Application tier is connected to Standby database.

Now we need to sync in standby Apps tier with Primary Apps tier.

There are two ways to consider sync of filesystem from primary to standby node.

 Rsync command can be kept in crontab to continuouly write the changes on stanndby

Method 1:

1) Enabled full filesystem sync from Primary to Standby Application Tier

2) Whenever you perform a DR switch, rename standby Application Servers hostname to primary application hosts.

3) Also, perform changes in DNS as well

Method 2:

1) Enabled sync of Run Filesystem and FS_NE

2) Whenever you perform a DR switch run adcfgclone.pll on AppsTier to reconfigure Apps.

3) Perform any post configuration steps like WF Configuration, Update paths,etc.,

Method 2 is little complex as this need thorough testing specifically for post steps. Method 1 doesn't is much simpler and faster to bring up Apps incase of any disaster.

For more details on how to setup standby appication, follow the below MOS ID

Business Continuity for Oracle E-Business Suite Release 12.2 Using Oracle 12c (12.1.0.2) Physical Standby Database (Doc ID 1963472.1)

==============================

         

Instructions for OPRD:

cd /OPRD/shared/apps/apps_st

tar -cvf appl_backup.tar appl

shutdown services on external node amxp05ext01b

rsync -rptgl -e ssh --progress --exclude admin applmgr@amxp05ext01ba:/OPRD/shared/apps/apps_st/appl/ /OPRD/shared/apps/apps_st/appl/

run adadmin to recompile all plsql/menu/forms for US

After the rsync only the following forms should be reported as not compiling successfully:

The following Oracle Forms objects did not generate successfully:

cs      forms/US        CSXSRCT1.fmx

cs      forms/US        CSXSRCT2.fmx

cs      forms/US        CSXSRISR.fmx

startup services on external node amxp05ext01b

Backout instructions for OPRD

login as applmgr to amxq05ext01b

cd /OPRD/shared/apps/apps_st

tar -xvf appl_backup.tar