Tuesday May 13, 2008

Oracle Database Vault 10.2.0.3 Certified with Apps 12

I am very pleased to announce that Oracle Database Vault 10.2.0.3 is now certified with E-Business Suite Release 12 on Linux-x86 platforms. This certification provides an upgrade path for current Database Vault-enabled EBS 11i instances to R12.

Database Vault example: Diagram showing how Database Vault prevents a privileged DBA user from accessing application data, while allowing the authorized Realm owner to access the same data


What is Oracle Database Vault?

A key challenge for security administrators is protecting enterprise data from insider attacks.  Oracle Database Vault
is an optional database feature that can help you defend against that class of threats, as well as build internal controls to help meet regulatory requirements for privacy and segregation of duties.

Oracle Database Vault can prevent highly privileged users, including powerful application DBAs and others, from accessing sensitive applications and data in Oracle databases outside their authorized responsibilities. You can use customizable Realms and rules to ensure that users, even administrators, have access only to what they need to do their job.

For more details about the prepackaged Realms we've created for E-Business Suite environments, see:

Certified Platforms

  • Linux x86-32
[Editor Note:  Due to a couple of things that I can't discuss publicly here, it is likely that DB Vault + R12 certifications for additional operating system platforms may be based on Database Vault 10.2.0.4. If you're not running Linux and/or upgrading from Apps 11i with DB Vault 10.2.0.3 already enabled, you may wish to reflect on how this fits into your implementation and upgrade plans. More details will be forthcoming. You're welcome to monitor or subscribe to this blog for updates, which I'll post as soon as soon as they're available.]

Prerequisites
  1. Oracle E-Business Suite Release Update Pack 12.0.4
  2. Oracle Database Vault 10.2.0.3
  3. Oracle Database Release 10gR2 (10.2.0.3)

References

Related Articles

The above is intended to outline our general product direction.  It is intended for information purposes only, and may not be incorporated into any contract.   It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions.  The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle. 

Tuesday Feb 19, 2008

Optimizing R12 Performance via OC4J Load-Balancing

Oracle Application Server provides features that allow customers to load balance their middle tier deployments.  OC4J Clustering in OracleAS 10g is one such deployment that is widely used in load balanced configurations.

Starting with Oracle E-Business Suite Release 12.0.2 (Release Update Pack 2), we support OC4J Clustering as part of AutoConfig's load balancing deployment options. This configuration option is supported for the OC4J instance running out of R12's 10.1.3 ORACLE_HOME.

Clustering Model

Oracle Application Server 10g 10.1.3 supports various models for OC4J clustering:
  • Dynamic node discovery
  • Static discovery servers
  • Cross topology gateways
  • Manual node configuration.
E-Business Suite Release 12 uses the manual node configuration model, which is also referred to as static node-to-node communication. Node and port information is manually specified in this mode. Configuration details are managed by Autoconfig, which handles all necessary settings in the R12 configuration files.

Figure-1 static node-to-node communication model

static-communication:

Deployment Options


Release 12 supports the following deployment options with OC4J clustering:
  1. Single Web Entry Point
  2. Multiple Web Entry Points

Prerequisites

  1. Oracle Applications Technology Stack Patch Set 2 5917601 or higher.
    • This Patch Set is included in the R12.ATG_PF.A.DELTA.2 5917344 and the Release 12.0.2 (Release Update Pack 2)
  2. A correctly-configured hardware load balancer

Configuring OC4J Load Balancing

Configuring both deployment options requires:
  1. Changing the E-Business Suite Context file using the Context File Editor
  2. Running AutoConfig
  3. Restarting the application tier server processes.
Single Web Entry Point

In this deployment option, there is single web entry point for the OC4J applications - oacore, forms and oafm services are configured to run on all or some of the application tier nodes.

Figure-2: Deployment model with Single Web Entry point and OC4J application running on all the nodes

SingleWebEntry: Architecture diagram showing an E-Business Suite environment with two application tier servers and a single webentry point

Multiple Web Entry Points

In this deployment option, there are multiple web entry points with OC4J applications running on selected application tier nodes.

Figure-3: Deployment model with Multiple Web Entry points and OC4J applications running on selected nodes

multipleweb: Architecture diagram showing a multinode Apps environment

References
Related Articles

Wednesday Jan 23, 2008

Hidden Features Revealed: Technology Inventory Utility for Apps 12

[Oct 24, 2008 Update: It turns out that this utility is documented in Chapter 5 of the "System Administrator's Guide - Maintenance." Who knew? So much documentation, so little time.]

[Editor:  One of the best-kept secrets in the Release 12 technology stack is an undocumented utility for generating reports about your servers.  This tool is a useful complement to the R12 Diagnostic Tools, and a handy way of getting a snapshot of the different ORACLE_HOMEs for a given node in your environment.  In this article, Prasad gives a quick rundown on using this hidden tool.]


The Technology Inventory Utility for Release 12 is a perl utility that uses the perl infrastructure installed with the Oracle E-Business Suite R12 technology stack. Here's a screenshot of the first few lines of the report (there's much more -- see the samples linked, below):

Technology Inventory Utility Sample Screenshot: Screenshot of sample Technology Inventory Utility report for E-Business Suite Release 12

This utility is available with the Release Update Pack 12.0.3 and higher. If you don't wish to apply that entire RUP, this utility can be applied via the latest Autoconfig patchset:

How to run the utility

On each of the Applications tier nodes:
  1. Source the env file on each of the Applications tier node
  2. Run the following command (all on a single line):

    $ADPERLPRG $FND_TOP/patch/115/bin/TXKScript.pl -script=$FND_TOP/patch/115/bin/txkInventory.pl
    -txktop=$APPLTMP
    -outfile=$APPLTMP/Report_Inventory.html


  3. Enter the apps password at the prompt
  4. Check the report generated in the location specified in the outfile argument of the command above.
The report generated by this utility is HTML by default. A text report also can be generated using a command line option.

On each of the DB tier nodes:
  1. Source the env file on each of the DB tier node
  2. Run the following command (all on a single line):

    $ADPERLPRG $ORACLE_HOME/appsutil/bin/TXKScript.pl 
    -script=$ORACLE_HOME/appsutil/bin/txkInventory.pl
    -txktop=$ORACLE_HOME/appsutil/temp
    -contextfile=$CONTEXT_FILE
    -outfile=$ORACLE_HOME/appsutil/temp/rep.html

  3. Enter the apps password at the prompt
  4. Check the report generated in the location specified in the outfile argument of the command above.
Information in the Report

This utility generates three different tables with node-specific information.

Overview of your system
  • Time stamp, Host name,Enabled services(depending on the node type, the following services will be displayed - Root Service, Web Entry Point Services, Web Application Services, Other Services)
  • Instance name, Platform, OS release,DB Host
  • Context file location,Report file location
List of Component Versions and Properties

The information listed here depends on the node type.

For a middle-tier HTTP service, versions of the following components are listed:
    • Oracle Application Server, Sun JDK, JDK on HTTP server node, AOLJ, BC4J, BI Beans, HTTP client, Java object cache, JRAD libraries, MDS, OA Framework, Oracle Help for Web, Oracle XML driver, UIX, OJSP, JDK version used by AD utilities on HTTP node, DB client(RSF) in 10.1.3 the Oracle Home, OWA packages
For a middle-tier Forms service, versions of the following components are listed:
    • 10g Developer, DB client(RSF) in the 10.1.2 Oracle Home, Forms run time configuration, JDK used by AD utilities in the Forms service node, Oracle Applciation Server patchset
For a middle-tier Concurrent Processing service, versions of the following components are listed:
    • JDK and JDK used by the AD utilities
For the DB-tier service, the following information is generated:
    • Database version, DB patchset version
    • init.ora parameters set by Autoconfig
    • If the node is RAC enabled or not
List of Applied Patches

The Code Inventory table list the one-off patches applied on each of the Oracle Home based on the node type.
    • For a middle-tier node - list of the one-off patches and the date they were applied on the C-Oracle Home ( 10.1.2), on the Java Oracle Home ( 10.1.3 OC4J)

    • For a DB tier node - list of the one-off patches and the date they were applied on the DB Oracle Home.
Sample Reports

Two samples of the database tier and application tier reports are available here:
Related Articles

About

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
4
5
6
7
8
9
10
11
12
13
14
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today