Working
Environment:
Database
Version: 9.2.0.6.0
Application
Version: 11.5.10.2
Reference
Document: Doc ID: 287176.1
Reference
Document: Doc ID: 364439.1
Reference
Document: Doc ID: 308271.1
Reference
Document: Doc ID: 266376.1
First
Clone and create a Database tier and an Application tier (Internal
tier).
The
Database cloning can be done as usual using the rapid clone
technique. The Application cloning has to be done with more than one
application tier server node. Since we are going to create an
external tier, the cloning has to be done in this way else any one of
the application tier either internal or external only can be accessed
through the browser since there will be redirection.
Internal Application Tier Creation
Now
we can see the Internal Application Tier cloning in detailed step by
step process.
PROMPT :
Do you want to use
a virtual hostname for the target node (y/n) [n] ?
ANSWER :
n
PROMPT :
Target system
database SID [pdev]
ANSWER :
pdev
PROMPT :
Target system
database server node [oraapps]
ANSWER :
oraapps
PROMPT :
Target system
database domain name [yantro.com]
ANSWER :
PROMPT :
Does the target
system have more than one application tier server node (y/n) [n] ?
ANSWER :
y
PROMPT :
Does the target
system application tier utilize multiple domain names (y/n) [n] ?
ANSWER :
n
PROMPT :
Target system
concurrent processing node [oraapps]
ANSWER :
oraapps
PROMPT :
Target system
administration node [oraapps]
ANSWER :
oraapps
PROMPT :
Target system forms
server node [oraapps]
ANSWER :
oraapps
PROMPT :
Target system web
server node [oraapps]
ANSWER :
oraapps
PROMPT :
Is the target
system APPL_TOP divided into multiple mount points (y/n) [n] ?
ANSWER :
n
PROMPT :
Target system
APPL_TOP mount point [/pdev/p01/oracle/pixappl]
ANSWER :
/pdev/p01/oracle/pixappl
PROMPT :
Target system
COMMON_TOP directory [/pdev/p01/oracle/pixcomn]
ANSWER :
/pdev/p01/oracle/pixcomn
PROMPT :
Target system 8.0.6
ORACLE_HOME directory [/pdev/p01/oracle/pixora/8.0.6]
ANSWER :
/pdev/p01/oracle/pixora/8.0.6
PROMPT :
Target system iAS
ORACLE_HOME directory [/pdev/p01/oracle/pixora/iAS]
ANSWER :
/pdev/p01/oracle/pixora/iAS
PROMPT :
Do you want to
preserve the Display set to oraapps:0.0 (y/n) [y] ?
ANSWER :
y
PROMPT :
Location of the JDK
on the target system [/usr/java/jdk1.6.0_26]
ANSWER :
/usr/java/jdk1.6.0_26
PROMPT :
Target system
JRE_TOP [/usr/java/jdk1.6.0_26]
ANSWER :
/usr/java/jdk1.6.0_26
PROMPT :
UTL_FILE_DIR on
database tier consists of the following directories.
1. /usr/tmp
2. /usr/tmp
3.
/pdev/p02/oracle/pixdb/9.2.0/appsutil/outbound/pdev_oraapps
4. /usr/tmp
Choose a value
which will be set as APPLPTMP value on the target node [1]
ANSWER :
1
PROMPT :
Do you want to
reset custom variable settings(y/n) [n]
ANSWER :
n
Patch Requirements for Oracle E-Business Suite 11i Release 11i10
Now
the internal Application Tier is created successfully. Next we have
to create the External web tier but before this step there are some
conditions that have to be taken into consideration.In
order to configure your Oracle E-Business Suite Release 11i10
environment in a DMZ, you must apply the patches listed under the
"Required Patches" column of the table below. The AutoPatch
utility will inform you of any prerequisite patches that must also be
applied.
Required
Patch No
|
Description
|
Comments
|
11.5.10
Oracle E-business Suite Consolidated Update 1
|
This
patch is not required for customers who have performed the
following:
|
|
WTI
LITE PATCH
|
This
patch is not required for customers who have performed the
following:
or
|
|
AUTOCONFIG
SUPPORT FOR REVERSE PROXY, URL FIREWALL AND DMZ CONFIGURATION
(PHASE 1)
|
This
patch is not required if your E-business Suite instance have been
upgraded to 11.5.10 CU2 or later and also it has been upgraded to
TXK.M (4709948)
patchset or later.
|
|
TXK
(FND & ADX) AUTOCONFIG ROLLUP PATCH O (December 2006)
|
Apply the above patches in the order shown.
After
the patches have been applied successfully take the pre-cloned backup
of the internal application tier alone using the rapid clone
technique.
Now
we can create the external web tier in the server which we have
identified as the target server.
External Web Tier Creation
The
detailed step by step cloning process of the external web tier
creation is given below
PROMPT :
Do you want to use
a virtual hostname for the target node (y/n) [n] ?
ANSWER :
y
PROMPT :
Target hostname
[oraapps]
ANSWER :
external
PROMPT :
Target system
database SID [pdev]
ANSWER :
pdev
PROMPT :
Target system
database server node [oraapps]
ANSWER :
oraapps
PROMPT :
Target system
database domain name [yantro.com]
ANSWER :
yantro.com
PROMPT :
Does the target
system have more than one application tier server node (y/n) [n] ?
ANSWER :
y
PROMPT :
Does the target
system application tier utilize multiple domain names (y/n) [n] ?
ANSWER :
n
PROMPT :
Target system
concurrent processing node [oraapps]
ANSWER :
oraapps
PROMPT :
Target system
administration node [oraapps]
ANSWER :
oraapps
PROMPT :
Target system forms
server node [oraapps]
ANSWER :
oraapps
PROMPT :
Target system web
server node [oraapps]
ANSWER :
external
PROMPT :
Is the target
system APPL_TOP divided into multiple mount points (y/n) [n] ?
ANSWER :
n
PROMPT :
Target system
APPL_TOP mount point [/pdev/p01/oracle/pixappl]
ANSWER :
/pdev/p01/oracle/pixappl
PROMPT :
Target system
COMMON_TOP directory [/pdev/p01/oracle/pixcomn]
ANSWER :
/pdev/p01/oracle/pixcomn
PROMPT :
Target system 8.0.6
ORACLE_HOME directory [/pdev/p01/oracle/pixora/8.0.6]
ANSWER :
/pdev/p01/oracle/pixora/8.0.6
PROMPT :
Target system iAS
ORACLE_HOME directory [/pdev/p01/oracle/pixora/iAS]
ANSWER :
/pdev/p01/oracle/pixora/iAS
PROMPT :
Do you want to
preserve the Display set to oraapps:0.0 (y/n) [y] ?
ANSWER :
n
PROMPT :
Target system
Display [external:0.0]
ANSWER :
external:0.0
PROMPT :
Location of the JDK
on the target system [/usr/java/jdk1.6.0_26]
ANSWER :
/usr/java/jdk1.6.0_26
PROMPT :
Target system
JRE_TOP [/usr/java/jdk1.6.0_26]
ANSWER :
/usr/java/jdk1.6.0_26
PROMPT :
Do you want to
preserve the port values from the source system on the target system
(y/n) [y] ?
ANSWER :
n
PROMPT :
Target system
APPL_TOP of the Forms node
ANSWER :
/pdev/p01/oracle/pixappl
PROMPT :
Do you want to
reset custom variable settings(y/n) [n]
ANSWER :
n
Update Hierarchy Type
There
are a number of user profiles that are used to construct various URLs
in an E-Business Suite 11i environment. These user profiles are as
follows:
User
Profile Name
|
Internal
Name
|
1.
Applications Web Agent
|
APPS_WEB_AGENT
|
2.
Applications Servlet Agent
|
APPS_SERVLET_AGENT
|
3.
Applications JSP Agent
|
APPS_JSP_AGENT
|
4.
Applications Framework Agent
|
APPS_FRAMEWORK_AGENT
|
5.
ICX:Forms Launcher
|
ICX_FORMS_LAUNCHER
|
6.
ICX: Oracle Discoverer Launcher
|
ICX_DISCOVERER_LAUNCHER
|
7.
ICX: Oracle Discoverer Viewer Launcher
|
ICX_DISCOVERER_VIEWER_LAUNCHER
|
8.
Applications Help Web Agent
|
HELP_WEB_AGENT
|
9.
Applications Portal
|
APPS_PORTAL
|
10.
BOM:Configurator URL of UI Manager
|
CZ_UIMGR_URL
|
11.
ASO : Configurator URL
|
ASO_CONFIGURATOR_URL
|
12.
QP: Pricing Engine URL
|
QP_PRICING_ENGINE_URL
|
13.
TCF:HOST
|
TCF:HOST
|
The default hierarchy type value for the above profile options is Security. See diagram below:
The
configuration of the E-Business Suite environment for DMZ requires
these profile options hierarchy type to be set to SERVRESP. To
change the profile options hierarchy type values to SERVRESP,
execute the following SQL script as shown below:
- sqlplus <apps-schema-name>/<apps-passwd> @<FND_TOP>/patch/115/sql/txkChangeProfH.sql SERVRESP
Update
Node Trust Level
Oracle
E-Business Suite 11i has the capability to restrict access to a
predefined set of responsibilities based on the Web server from which
the user logs in. This capability is provided by tagging web servers
with a trust level. The server trust level indicates the level of
trust associated with the web server. Currently, three trust levels
are supported:
Administrative
Servers
marked as Administrative are
typically those used exclusively by system administrators. These
servers are considered secure and provide access to any and all
E-Business Suite functions.
Normal
Servers
marked as Normal are
those used by employees within a company’s firewall. Users logging
in from normal servers have access to only a limited set of
responsibilities.
External
Servers
marked as External are
those used by customers or employees outside of a company’s
firewall. These servers have access to an even smaller set of
responsibilities.
Node Trust Level (NODE_TRUST_LEVEL) is a server profile option. The default value for this profile option for all E-Business Suite middle tiers is set to Normal.
Identify
the external web tier in your Oracle E-business Suite 11i environment
and set the NODE_TRUST_LEVEL profile option value at the server level
to External.
See diagram below.
To change the value of the Node Trust Level profile option value for a particular node, perform the following steps:
- Login to Oracle E-Business Suite as sysadmin user using the internal URL
- Select System Administrator Responsibility
- Select Profile / System
- From the 'Find system profile option Values' window, select the server that you want to make external
- Query for %NODE%TRUST%. You will see a profile option named 'Node Trust Level'. The value for this profile option at site level will be Normal. Leave this setting as is
- Set the value of this profile option to External at the server level (not site level). The site-level value should remain Normal.
Update
List of Responsibilities
After updating the server-level profile value for Node Trust Level for the external web tier(s) to External, users can no longer see any responsibilities when they login to the external web tier. In order for a responsibility to be available from the external E-Business Suite web tier, set the Responsibility Trust Level profile option value for that responsibility to External at the responsibility level.
To
change the value of the Responsibility Trust Level profile option at
the responsibility level for a particular responsibility, perform the
following steps:
- Login to Oracle E-Business Suite as sysadmin user using the internal URL
- Select System Administrator Responsibility
- Select Profile / System
- From the 'Find system profile option Values' window, select the responsibility that you want to make external
- Query for %RESP%TRUST%. You will see a profile option named 'Responsibility trust level'. The value for this profile option at site level will be Normal.
- Set the value of this profile option for the chosen responsibility to External at responsibility level (not site level). The site-level value should remain Normal.
Update
Home Page Mode to Framework & Set Validation Level
The new Oracle E-Business Suite 11i Home page based on the Oracle Applications Framework architecture is required for the deployment of the Oracle E-Business Suite in a DMZ configuration. To enable this, apply the required patches mentioned above and set the self-service personal home page mode to "Framework Only" as shown in the diagram below.
To change the value of the Home page mode, perform the following steps:
- Login to Oracle E-Business Suite as sysadmin user using the internal URL
- Select System Administrator Responsibility
- Select Profile / System
- From the 'Find system profile option Values' window, query for %HOME%MODE%. You will see a profile option named 'Self Service Personal Home Page Mode' , set the value of this profile option to Framework Only.
To
change the value of the various validation levels, perform the
following steps:
- Login to Oracle E-Business Suite as sysadmin user using the internal URL
- Select System Administrator Responsibility
- Select Profile / System
- From the 'Find system profile option Values' window, query for %FND%VALIDATION%LEVEL. You will see a profile option named 'FND Validation Level ', set the value of this profile option to ERROR
- From the 'Find system profile option Values' window, query for %FND%FUNCTION%VALIDATION%. You will see a profile option named 'FND Function Validation Level ', set the value of this profile option to ERROR
- From the 'Find system profile option Values' window, query for %FRAMEWORK%VALIDATION%. You will see a profile option named 'Framework Validation Level ', set the value of this profile option to ERROR
No comments:
Post a Comment