How to autopopulate user_guid in fnd_user table ( EBS Blank Page)

 Issue: 

EBS Local Login url is working fine. When accessing sso url, users are getting error as below appended to the url. And login page will be blank.

One of the reason could be : OAM Authentication is fine but during authorization process, OAM is unable to map guid from oid to user_guid in fnd_user. This can be due to user_guid being null in fnd_user table.
As per the process, when user logins for the first time, user_guid need to be populated automatically (from oid)

Query guid from oid and update fnd_user table with that.

ldapsearch -h oidhost.appsolworld.com -p 3060 -D "cn=orcladmin" -w orcladmpwd -b "cn=Users,dc=dc,dc=online,dc=org" -s sub "(uid=$1)" orclsamaccountname krbprincipalname mail orcluserprincipalname orclguid

Pass userid to this command which gives guid along with other details.

Update fnd_user table with above guid :

update fnd_user  set user_guid='' where user_name like '';

Solution: 

As per the process, when user logins for the first time, user_guid need to be populated automatically.
So, why is this not happening. This can be due to binding issue from oid to EBS.
You can verify as below :

"AppsDN" user is a special administration account which ebs uses to connect to OID for integration tasks when integrating with OID.


- Determine the 'AppsDN' username/password connected to EBS as apps user
select fnd_preference.get('#INTERNAL', 'LDAP_SYNCH','USERNAME') Apps_Instance_OID_Account from dual;

Output :                               orclapplicationcommonname=ebsinstancename,cn=ebusiness,cn=products,cn=oraclecontext,dc=dc,dc=online,dc=org


select fnd_preference.eget('#INTERNAL', 'LDAP_SYNCH','EPWD','LDAP_PWD') Password from dual;
Output :    *****

** This is the password which you gave when registering oid with EBS for the prompt :
"Enter the instance password that you would like to register this application instance with?"


Use the above outputs and test the bind as below from EBS:

ldapbind -D orclapplicationcommonname=ebsinstancename,cn=ebusiness,cn=products,cn=oraclecontext,dc=dc,dc=online,dc=org -w ****** -h idhost.appsolworld.com -p 3060



(idhost.appsolworld.com is the server where oid is installed)
ldap_bind: Invalid credentials
ldap_bind: additional info: Password Policy Error :9000: GSL_PWDEXPIRED_EXCP :Your Password has expired. Please contact the Administrator to change your password.


Note : 

 To resolve this, password need to be updated in ODSM (default port 7005 for odsm):

http://oidhost.appsolworld.com:7005/odsm

Go to “Data Browser” -> “Root” -> dc=org -> dc=online -> dc=dc -> cn=OracleContext -> cn=Products -> cn=EBusiness -> select respective orclApplicationCommonName
  in this case, "ebsinstancename"

In the right window, update “userpassword” with password  (result of abov query) and click apply.
Then, check the bind again:

ldapbind -D orclapplicationcommonname=ebsinstancename,cn=ebusiness,cn=products,cn=oraclecontext,dc=dc,dc=online,dc=org -w **** -h idhost.appsolworld.com -p 3060

bind successful

Steps to test:

Nullify a user guid in EBS :  update fnd_user  set user_guid=null where user_name like 'USER';
Access EBS SSO URL : For ex, http://appsolworld.com
Once Home page is shown, check the user_guid column from fnd_user table, it should be populated same as from oid.
select user_guid from fnd_user where user_name like 'USER';

Comments

Post a Comment

Popular posts from this blog

How to fix Oracle SQL Developer connection issue "Got minus one from a read call"

Image
 During connection from SQL Developer to EBS database got below error message: Status : Failure - Test failed: IO Error: Got minus one from a read call Following solution can be done : 1. Go to directory $ORACLE_HOME / network / admin 2. Modify sqlnet.ora file with following parameter : tcp.validnode_checking = no 3. If you don 't want to disable this, you can put the machine names as follows: tcp.invited_nodes=(machine1, machine2) 3. Bounce the listener. Due to security enhancements it is not good to put tcp.validnode_checking = no or comment out will through error when we start listener like below: Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=shsebs7idb1.appsolworld.com)(PORT=1522))) TNS-00584: Valid node checking configuration error TNS-12560: TNS:protocol adapter error Better plan is to add localhost or IP address of client (Local Computer) in the sqlnet.ora file That will solve the problem NAMES.DIRECTORY_PATH=(TNSNAMES, ONAMES, HOSTNAME) SQLNET.EXPI
Read more

Few Important steps of Oracle Database Clone

 Make Sure oraInst.loc location is correct and accessble. [demantra@dsiddem ~]$ cat /etc/oraInst.loc inventory_loc=/orastage/oraInventory inst_group=dba [demantra@dsiddem ~]$ cd /orastage/oraInventory [demantra@dsiddem oraInventory]$ ls -ltr total 16 drwxrwx---. 5 demantra dba 4096 Jul 22 19:37 backup drwxrwx---. 2 demantra dba 4096 Jul 22 19:37 ContentsXML drwxrwx---. 2 demantra dba 4096 Jul 22 19:37 locks drwxrwx---. 3 demantra dba 4096 Jul 23 10:08 logs Remove Oracle Home from Inventory [demantra@dsiddem oraInventory]$ cd $ORACLE_HOME/oui/bin [demantra@dsiddem bin]$ ./runInstaller -detachHome ORACLE_HOME=$ORACLE_HOME Starting Oracle Universal Installer... Checking swap space: must be greater than 500 MB.   Actual 3039 MB    Passed The inventory pointer is located at /etc/oraInst.loc Run Clone.pl [demantra@dsiddem bin]$ echo $ORACLE_HOME /dnbsid/demantra/oracle/19.0.0 [demantra@dsiddem bin]$ echo $ORACLE_BASE /dnbsid/demantra [demantra@dsiddem bin]$ E01=ORACLE_HOME=$ORACLE_HOME [dema
Read more