Skip navigation

From Release 9.2 Database Security has been changed. For an installation, all tables delivered by the Platform Pack installer are locked down ( Public Shutdown ) & For an upgrade, only NEW tables delivered by the installer are locked down.

 

Here I am using the Oracle Database , for explaining the concept.

 

Platform pack

 

When we run the 9.2 Platform pack for the installation/Upgrade , we will provide the Admin Role & End user Role as JDEADMIN & JDEUSER in the OUI.

Proxy user :  JDE

 

Platform Pack Installer assigned the Database Role JDE_ADMIN & JDE_ROLE to the Proxy User JDE.

 

For the Other Schema ( users )

 

Platform Pack  Installer assigned the JDEUSER and JDE_ROLE to the other DB schema/user ( DV920, SY920, OL920, SVM920, PS920,TESTDTA,TESTCTL …..etc)

JDE_ROLE  Permission in the Database

 

JDE_ROLE has the below permission in the Database, Because of that E1 Users are able to make the connection with Database and able create a Table & View in the Database.

 

Data Source DB Permission

The main change in the E1 system from  9.2  is below, For example :  Business Data – Test ( TESTDTA)

 

For an Install

 

JDEADMIN & JDEUSER has the Alter, Delete , Insert, Update, Select Permissions for the each table which was created by platform pack on TESTDTA. Because of this E1 users are able to fetch the data , add the data, update the data, delete the data in the Database.

 

All other E1 Data Sources (DV920, SY920, OL920, SVM920, PS920,TESTDTA,TESTCTl  …..etc) also having the same DB Permission.

 

For an Upgrade

 

For an upgrade, only NEW tables delivered by the installer are locked down. The installer does not lock down the logic artifacts during the Platform Pack execution - only the tables.

Note : This is called as Public shutdown. If other application is using your main Database other than E1 then that DB user will not be able to access the E1 Data.

 

What is benefit of the DB Security application ( P986117 ) ?

 

P986117 is simply used for record keeping and enables access to the database without having to ask the database administrator to create a database role and login credentials.

 

For Example : If we want to create a E1 User with read only access ,

 

Before 9.2

 

  • we  need  to create a DB user with Read only permission in DB with a help of DB admin
  • we need to create a System user in JDE .
  • Assign the system user to E1 user

 

From 9.2


Note : Above method also work for 9.2 but From E1 we can do this task with a help of DBA administrator

  • we need to open the application P986117 by login into JDEPLAN ( before workbench)
  • Create the Enter the DB user name ( For example : E1Read ) and assign the permission for all the Data Source

  •   Run the Workbench
  •   We need to create a System user in JDE .
  •   Assign the system user to E1 user

 

Installation Workbench  ( install/Upgrade) will take care the DB user creation and assigning the DB permission in the Database. No need of DB admin to do the task.

 

Record Keeping Purpose

 

For the default installation enter the below two records in P986117 for all the E1 Data Source in P986117 before running the workbench (As per the attached guide ) but I think its just for record keeping purpose so I entered the records using web client (once installation is completed )

For More information

 

Guide : https://docs.oracle.com/cd/E53430_01/EOTSC/datasource_security.htm#EOTSC987

 

Learn jde : https://apexapps.oracle.com/pls/apex/f?p=44785:141:15740944425770::::P141_PAGE_ID,P141_SECTION_ID:343,2574#DBSecurity

 

Impact of missing Enhanced Database Security

 

l have seen the below scenarios where customer faced the issue if this DB privilege were not set properly

 

Case 1 : During the Upgrade ( Install/Upgrade )

 

When customer upgrading the E1 from old release to new release using install/Upgrade method ( Opposite to supported same machine upgrade ) , customer have to refresh the TESTDTA & TESTCTL from old release DB to 9.2 DB .

 

In this activity, if customer drops the TESTCTL and TESTDTA in the 9.2 DB and created the schema from old release. DB Role JDEUSER & JDE_ROLE will not be assigned and missing this permission will leads to Table conversion failure.

 

E1: UPG : Table Conversion Fails While Running the Upgrade Workbench With Error - "OCI0000017 - Unable to execute statement for describe - SELECT * FROM SY920.F0093" (Doc ID 2182159.1)

 

Case 2 : Creating the custom environment ( Without using Environment master or E1 scripts )

 

If customer creating the custom environment by copying the Table, OCM ...etc and creating the custom environment. The Database privilege discussed above will not be applied for the custom environment. This will leads customer in a situation where they cant use the custom environment.

Before 9.1 when A/R Receipt and A/P Payment entries were written to the G/L, the Document Company(alias KCO) was set to 00000. For business reasons many customers wanted to enforce restrictions by company via Row Security. And because the Document Company (alias KCO) was always 00000 for Accounts Receivable receipts and Accounts Payable payments they tried setting the Row Security by Company (alias CO) which was not part of the keys for the F0911 table.

 

This caused issues when generating the Automatic Entries for posting payments or receipts. When a payment or a receipt was in process of being written into the Account Ledger (F0911) table the system did a check to determine if the key values already existed. Security by CO could have prevented this check from finding existing records. Then the insert into F0911 table failed because the documents were duplicates based on the fact that all payments and receipts were written to Document Company (alias KCO) 00000 and that the Company (alias CO) is not part of the key for table F0911.

 

To address this issue in 9.1 the A/P Bank Account Company and the A/R Receipt Header Company are written to the Document Company for the G/L entries. We have added a new Next Number by Company for A/R Receipts to ensure the integrity of the  Next Numbers. A/P Next Numbers are not affected as they already exist. More information related to this can be found in Document Company (KCO) in the Account Ledger (F0911) Table for Accounts Payable Payments and Accounts Receivable Receipts (Doc ID 2187671.1).

Oracle OpenWorld 2016 offers a great opportunity to connect with hundreds of experts who can help customers get the most from their technology and make an impact on their business. Focused areas for demonstrations of development solutions allow customers to assess state-of-the-art technologies.

Here’s a preview of the innovative sessions dedicated to JD Edwards offered at this year’s Oracle OpenWorld:

These links are NOT available from the OpenWorld website. Please share them with your customers via your own message channels to provide guidance to strategic JD Edwards content, messaging, and demos.

JD Edwards is building on its strong relationship with partners to help customers move to the cloud. In latest JD Edwards Special Issue of Profit Magazine, read the interview with KPIT's Milind Joshi, vice president and head of its Oracle JD Edwards practice, to understand the importance of the cloud and begin to evaluate your own cloud strategy.

 

Find out how moving to cloud allows organizations to have laser focus on delivering business values, rather than focusing on the underlying platforms that support the business solutions. Read the article here.

Watch this interview with Bob Monahan, Vice President Product Management for Oracle JD Edwards for practical ideas on how to extend JD Edwards EnterpriseOne with Oracle’s IoT Cloud Service. Share the video with your customers who are exploring how to harness the power of the internet of things for their enterprise.

Read this interview with Lyle Ekdahl, Senior Vice President and General Manager of JD Edwards, in the JD Edwards Special Issue of Profit Magazine to find out how Digital Transformation has become the key to our customers’ competitiveness and success.

 

Use this article to show your customers and prospects JD Edwards’ commitment to and investment in technology and applications, such as Cloud, Mobility, and User Experience, that can make businesses stronger, more flexible, and solid to the core.

 

Find the article here.

  
  
    https://blogs.oracle.com/supportportal/resource/banners/banner-stars-bar-160817-1-640x220.jpg   
  
    Don't Miss Your Opportunity to Ask the Experts   
  
  
  
    Meet us at the Oracle Support Stars Bar this year and bring your toughest technical or configuration questions on any product. Our "Support Stars" specialize in everything from hardware systems, to database, middleware, applications, and cloud.   
  

    Discover the latest product features and a wealth of powerful tools, resources, and knowledge to help you manage your applications and technology.   

  

    During your Stars Bar visit, stop by our Mini-Briefing Center and learn about real-world solutions to build your success. Attend one of our 10-minute mini-briefings for a chance to win a prize giveaway.   

  

    We look forward to seeing you!   

  
     
                 
  
  
  
  
  
Where:
  
Moscone West    
     Booth 3451   
  
  
  
    When:   
  
    September 19 (Monday)    
     10:15 a.m. to 5:30 p.m. PT   
  
    September 20 (Tuesday)    
     10:15 a.m. to 5:15 p.m. PT   
  
    September 21 (Wednesday)    
     10:15 a.m. to 4:15 p.m. PT   
  
  
  
  
  
  
  
    https://blogs.oracle.com/supportportal/resource/banners/support-services-banner-v160825-5.jpg   
  
    Jump Start Your Oracle OpenWorld Experience   
  
  
    Working side-by-side with millions of Oracle users around the world, Oracle Support has developed a keen sense for solutions that work—insights, tips, and best practices.   
  
    Take advantage of our conference sessions, hands-on demos, and special events designed to help you excel in your role and build practical skills. Visit the Oracle Support Stars Bar and Mini-Briefing Center and generate new ideas and approaches. Use this opportunity to network with Oracle Support experts and your peers, all in one place and with one purpose—to help you succeed.   
  
  
  
    Meet with Oracle University   
  
    Oracle University offers preconference trainings on Sunday, September 18, 2016. This includes 20 unique, deep-dive training sessions.        
  
    Choose from sessions that cover the most popular Oracle technology topics or complete a certification exam cram course from our best instructors. Don't miss this one-of-a-kind opportunity.   
  
  
    https://blogs.oracle.com/supportportal/resource/sidebars/sidebar-oracle-u-v160829-1.png   
  
  
     
                 
  
  
  
  
 
 
    Jump Start Your Oracle OpenWorld Experience  
 
 
         https://blogs.oracle.com/supportportal/resource/sidebars/sidebar-webcast-collage-v160829-1-400x300.jpg       
 
    Working side-by-side with millions of Oracle users around the world, Oracle Support has developed a keen sense for solutions that work—insights, tips, and best practices.  
 
    Take advantage of our conference sessions, hands-on demos, and special events designed to help you excel in your role and build practical skills. Use this opportunity to network with Oracle Support experts and your peers, all in one place and with one purpose—to help you succeed.  
 
 
   
                
 
 
 
    Featured Events  
 
 
 
    Meet with Oracle University  
 
    Oracle University offers preconference trainings on Sunday, September 18, 2016. This includes 20 unique, deep-dive training sessions. Choose from sessions that cover the most popular Oracle technology topics or complete a certification exam cram course from our best instructors. Don't miss this one-of-a-kind opportunity.   
 
 
    https://blogs.oracle.com/supportportal/resource/sidebars/sidebar-oracle-u-v160829-1.png  
 
 
 
 
 
    https://blogs.oracle.com/supportportal/resource/logos/logo-mos-white-250x65.png  
    Monday Mix  
 
    https://blogs.oracle.com/supportportal/resource/sidebars/monday-mix-sidebar-image-1.png  
 
 
 
 
    Get in the Mix  
 
 
    Join us at the annual My Oracle Support Monday Mix, Oracle Support's unique customer appreciation event that complements the sessions and demos you'll attend all week at Oracle OpenWorld.  
 
    This year's Mix returns September 19, 2016 at Fang Restaurant in San Francisco, just a three-minute walk from Moscone Center on Howard Street. Engage with Oracle Support executives and engineers over drinks and hors d'oeuvres from 6:15 to 8:30 p.m.  
 
    Admission is free for Premier Support customers. Visit our website for more details.  
 
 
 
 
 
 
 
    Connect Ideas, Get Answers at the Stars Bar and Mini-Briefing Center  
 
    Meet us at the Oracle Support Stars Bar this year and bring your toughest technical or configuration questions on any product. Share your experiences and ideas with our "Support Stars" at Moscone West, booth 3451 on September 19–21. Specialists will be available in everything from hardware systems, to database, middleware, applications, and cloud.  
 
    Discover the latest product features and a wealth of powerful tools, resources, and knowledge to help you manage your applications and technology.     Find out more at the Stars Bars OpenWorld website.  
 
 
    https://blogs.oracle.com/supportportal/resource/sidebars/sidebar-stars-bar-v160829-1-400x215.png  
 
 
 
 

Filter Blog

By date: By tag:

Welcome to the My Oracle Support Community! We highly encourage you to personalize your community display name to make your activity more memorable. Please see https://community.oracle.com/docs/DOC-1022508 for instructions.