Apps password not working

 Someone changed apps password using 'alter user' which is not a good practice.

Now during a clone, password change is not working using FNDCPASS.


1) SEC_CASE_SENSITIVE_LOGON parameter is already set to FALSE

2) select fnd_web_sec.validate_login('GUEST','ORACLE') from dual;

FND_WEB_SEC.VALIDATE_LOGIN('GUEST','ORACLE')
--------------------------------------------------------------------------------
Y
3) There is no error on FNDCPASS but password change is not successful.



So, this is what we did as a fix,


Changed apps password to default apps/apps -- using 'alter user'.

Updated password in FND_ORACLE_USERID to apps using encrypted value.

and then re-tried FNDCPASS, this time it was successful.


EBSPROD> create table FND_ORACLE_USERID_BAK as (select * from FND_ORACLE_USERID);

Table created.

EBSPROD> create table FND_USER_BAK as (select * from FND_USER);

Table created.


SQL> ALTER USER apps IDENTIFIED BY apps;

User altered.

SQL> ALTER USER applsys IDENTIFIED BY apps;

User altered.

Below is the value for encrypted apps password --


SQL> update apps.FND_ORACLE_USERID set ENCRYPTED_ORACLE_PASSWORD = 'ZGA34EA20B5C4C9726CC95AA9D49EA4DBA8EDB705CB7673E645EED570D5447161491D78D444554655B87486EF537ED9843C8' where ORACLE_USERNAME in ('APPS', 'APPLSYS');

2 rows updated.

SQL> commit;

Commit complete.

#######################

col user_name for a30

select USER_NAME from APPS.fnd_user order by 1;

CREATE FUNCTION apps.decrypt_pin_func(in_chr_key IN VARCHAR2,in_chr_encrypted_pin IN VARCHAR2)

RETURN VARCHAR2

     AS

LANGUAGE JAVA NAME 'oracle.apps.fnd.security.WebSessionManagerProc.decrypt(java.lang.String,java.lang.String) return java.lang.String';

/

######################

SYSADMIN

=========

SELECT APPS.decrypt_pin_func('GUEST/ORACLE',(SELECT ENCRYPTED_FOUNDATION_PASSWORD from APPS.fnd_user where USER_NAME='GUEST')) from dual;

SELECT ENCRYPTED_USER_PASSWORD FROM APPS.FND_USER where USER_NAME='SYSADMIN';

SELECT APPS.decrypt_pin_func('&appspwd','&sysadminkey') from dual;

Business Continuity for Oracle E-Business Suite Release 12.2

 

Business Continuity for Oracle E-Business Suite Release 12.2 on Oracle Database 19c Using Physical Host Names (Doc ID 2617787.1)

Business Continuity for Oracle E-Business Suite Release 12.2 Using Oracle 12c (12.1.0.2) Physical Standby Database (Doc ID 1963472.1)

Business Continuity for Oracle E-Business Suite Release 12.2 Using Oracle 11g (11gR2) Physical Standby Database (Doc ID 1491855.1)

Oracle E-Business Suite Release 12.2: Upgrading to Oracle Database 19c with Existing Physical Standby (Doc ID 2665458.1)

Business Continuity for Oracle E-Business Suite Release 12.2 on Oracle Database 19c Using Logical Host Names (Doc ID 2617788.1)

Viewing Concurrent Request Output and Log Files in HTML/Browser

If the ouput and log files of the concurrent needs to be viewed in Browser, then we can perform the below action item. 1. Goto System Administrator responsibility and select Profile>System 2. Search for the 'Viewer:%' profile. 3. Set the profile Viewer: Application for Text to Browser. If this has to be set for all users then it has to be set at Site Level or for a particular user we can set it at user level. https://www.funoracleapps.com/2013/05/viewing-request-output-and-log-files-in.html

ORA-31626: job does not exist

dsvmofs> expdp system/XXXXX parfile=auexpfulltts.dat Export: Release 11.2.0.4.0 - Production on Wed Aug 17 05:29:16 2022 Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, OLAP, Data Mining and Real Application Testing options ORA-31626: job does not exist ORA-31633: unable to create master table "SYSTEM.SYS_EXPORT_FULL_05" ORA-06512: at "SYS.DBMS_SYS_ERROR", line 95 ORA-06512: at "SYS.KUPV$FT", line 1038 ORA-00372: file 7 cannot be modified at this time ORA-01110: data file 7: '/OFSSITDATA2/oradata/owad01.dbf' dsvmofs> cat auexpfulltts.dat directory=dmpdir metrics=y dumpfile=xttsfulltts%U.dmp filesize=1048576000 full=y exclude=STATISTICS logfile=expfulltts.log parallel=8 transportable=always version=12 dsvmofs> Root cause : Customer has SYS related tables in OWAPUB Tablespace, We made OWAPUB readonly as pert of TTS Activity. Solution : Moved the SYS related tables from OWAPUB tablespace to SYS. Other alternative solutions 1. Before restarting the expdp check if there are orphan Data Pump jobs left in database. Use << Note 336014.1 >> 2. After clearing the orphaned jobs if you still see the errors, Upload output of below queries. connect as sysdba spool boxa.html set pagesize 9999 set markup html on select name from v$database; SELECT * from v$version ; SELECT distinct(length(addr)*4) "Word Size" from v$process; SELECT owner,object_name,object_type,status from dba_objects where status = 'INVALID'; select owner,object_type,count(*) from dba_objects where status='INVALID' group by owner,object_type; SELECT SUBSTR(comp_id,1,15) comp_id, status, SUBSTR(version,1,10) version, modified, SUBSTR(comp_name,1,30) comp_name, substr(schema,1,15) as schema FROM dba_registry order by comp_id; select * from registry$history;

How to drop other schema’s Database link using SYS user | Drop db_link from other user

SQL> select owner,db_link from dba_db_links; OWNER DB_LINK ------------------------------ -------------------------------------- TEST TEST_DB_LINK SQL> sho user USER is "SYS" SQL> SQL> drop database link test.test_db_link; drop database link test.test_db_link * ERROR at line 1: ORA-02024: database link not found [test@test.test.com ~]$ cat drop_schema_dblink.sh username=$1 db_link=$2 sqlplus /nolog < SQL> Connected. SQL> " DB Link Before Drop" SQL> SQL> SQL> OWNER DB_LINK ------------------------------ ------------------------------ TEST TEST_DB_LINK SQL> 2 3 4 5 Procedure created. SQL> PL/SQL procedure successfully completed. SQL> Procedure dropped. SQL> " DB Link After Drop" SQL> no rows selected SQL> Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production With the Partitioning, Automatic Storage Management, OLAP, Data Mining and Real Application Testing options !

Implications of latest Oracle WebLogic Server connection filters for Oracle EBS r12.2 customers

Above screenshot might click many Apps DBAs who have recently applied - 1. April 2019 CPU Patch 2. Upgraded to Latest AD and TXK level (C.11) Recently I applied Oracle E-Business Suite Technology Stack Delta 11 on an EBS r12.2.7 implementation. After applying patch we went for sanity checks and when trying to open Weblogic Server console I got this - The Server is not able to service this request: [Socket:000445]Connection rejected, filter blocked Socket, weblogic.security.net.FilterException: [Security:090220]rule 2 Below are metalink ids ideally Apps DBAs should refer to for resolving this- Alternative Methods to Allow Access to Oracle WebLogic Server Administration Console from Trusted Hosts for Oracle E-Business Suite Release 12.2 (Doc ID 2542826.1) ORA-12547 While Client Connecting Via SSH Tunnel (Doc ID 454252.1) Oracle Community also has few tips for this- https://community.oracle.com/message/15413970#15413970 Troubleshooting Part - cd $FMW_HOME/user_projects/domains/EBS_domain_/config/ cat config.xml | grep connection-filte oracle.apps.ad.tools.configuration.wls.filter.EBSConnectionFilterImpl< connection-filter> appsnode * * allow 0.0.0.0/0 * * deny We will be exploring all the 3 scenarios with real-time usecases. Option 1: Adding Specific Trusted Hosts 1. This can be done by using context variable - s_wls_admin_console_access_nodes A comma seperated set of ips/hostnames(fqdns) can be used like as follows to allow set of system administrators/weblogic administrators to access console - host1.domain.com,host2.domain.com 2. Execute autoconfig on run filesystem. 3. Stop and start Oracle Weblogic admin server adadminsrvctl.sh stop adadminsrvctl.sh start 4. perform fs_clone to synchronize filesystems adop phase=fs_clone Option 2: Allowing an IP Range This option will be available after applying Patch 29781255:R12.TXK.C. There will be requirements where you need to provide IP range and it is important to first understandd how CIDR works. According to CIDR ruling, you can have a factor set to 4^n This implies we can have ip range as 4,16,64,256 Sample example to narrow down IP range - 195.168.1.32/24 ---> 256 IP Hosts 195.168.1.32/26 ---> 64 IP Hosts 195.168.1.32/28 ---> 16 IP Hosts 195.168.1.32/30 ---> 04 IP Hosts I first checked for patch if already applied as a standard practice. Query 1- set lines 1000 col APPLIED_FILE_SYSTEM_BASE for a40 SELECT b.bug_number, asp.adop_session_id, asp.bug_number patch#, asp.session_type, asp.applied_file_system_base, asp.start_date, asp.end_date FROM ad_bugs b, ad_patch_run_bugs prb, ad_patch_runs pr, ad_patch_drivers pd, ad_adop_session_patches asp WHERE b.bug_id = prb.bug_id AND prb.patch_run_id = pr.patch_run_id AND pr.patch_driver_id = pd.patch_driver_id AND pr.patch_run_id = asp.patchrun_id AND prb.applied_flag = 'Y' AND b.bug_number = '&bug_num'; Enter value for bug_num: 29781255 old 11: AND b.bug_number = '&bug_num' new 11: AND b.bug_number = '29781255' no rows selected Query 2- SELECT adb.bug_number,ad_patch.is_patch_applied('122', 1045, adb.bug_number) FROM ad_bugs adb WHERE adb.bug_number in (29781255); Query 3- select ad_patch.is_patch_applied('R12',-1,29781255) from dual; Once patch was applied, we update CONTEXT file on run fs as follows - cat $CONTEXT_FILE | grep wls | grep nodes 195.168.1.32/30 This can me below set of 4 ips - 195.168.1.32-to-195.168.1.35 Note: Easy way to calculate range of Ips is using online calculator - https://www.ipaddressguide.com/cidr Executed autoconfig and started admin server to reflect changes. Option 3: Adding Specific Trusted Hosts SSH tunneling is pre-requisite here and I achieved it using putty. For lab environment using static ips, this can be simply achieved using below - 1. Ssh -> Logging Provide Destination IP address and keep port for ssh as 22. Save it with some name to it can be loaded later for future reference. 2. Connection -> SSH -> Tunnels Provide Source port, client machine's port which is open and not blocked or used by any other application. In my case it was 81. Provide Destination Hostname:Port and click on 'Add' 3. Go back to session and save it. 4. If you are not intending to logon to server, you can use option under 'Ssh' - 5. Login to saved session and monitor Event log for putty Session - 5. Few more settings are required on your web-browser, I used Firefox here - 127.0.0.1 is for Localhost. Clear browser cache and try console again - https://maazdba.blogspot.com/2019/09/implications-of-latest-oracle-weblogic.html

 

Here’s how a 22-year-old made $1 million by selling NFT selfies

https://indianexpress.com/article/technology/crypto/heres-how-a-22-year-old-made-1-million-by-selling-nft-selfies-7728112/

https://photodoto.com/create-nft-from-photo/