Skip navigation

JDE EnterpriseOne Support Blog

8 Posts authored by: Karthickrajan.K-Oracle

This blog will help you to debug your Orchestration using Orchestrator Studio Debugger. From 9.2.4.3 Tools Release , we can debug the Orchestration Object from Orchestrator Studio.

The JD Edwards EnterpriseOne Orchestrator provides a way to debug your orchestrations. Debug Orchestrations is the tool that you can use to determine the state of your orchestration at any point during execution. Debug Orchestrations provides a view into an orchestration, enabling the designer to run an orchestration step-by-step and ensure that the data is correct at each step until the final orchestration output

 

As orchestrations become more complex, orchestration designers need a view of the data that is passed from one step to another to ensure that the orchestration is working as designed. Use the Debug Orchestrations to stop execution so that you can see the state of the orchestration at a specific point by reviewing the values of input parameters, output parameters, and variables. When the orchestration execution is stopped, you can review the output line by line to check for issues.

Orchestration debugger will be invoked when we click on the "Debug" button  

RLtn Orchestrations Name Description Raw Name SR_lnput_AB ORCH FOIOI Fetch data from FOIOI Send Blank Values Value Clear Debug O Run

Below features are available in Orchestrator Debugger

 

  • Run - Runs an orchestration until completion unless you set up breakpoints. If you set breakpoints, this option executes an orchestration till the breakpoint is reached or resumes a suspended orchestration.
  • Step Forward - Executes the orchestration one step at a time. When a step has been executed successfully, a green check mark appears on the step.
  • Stop Orchestration - Stops the execution of an orchestration.
  • Orchestration input - Shows or hides the dialog box to enter or edit the initial orchestration inputs.
  • Clear Break points - Removes all the breakpoints that you have set for the orchestration in the debug mode.
  • Close the debugger - Exits Debug Orchestrations.

000000 Debug Orchestration Last Step Input Variable Output Input Key No data to display.

For this demo purpose , we create the below simple orchestration to verify whether AB number is present in the system and notify via mail.

 

Follow the below steps to debug the Orchestration

 

  • Login into Orchestrator Studio
  • Select the Orchestration
  • Click Run Orchestration

         

 

  • We can set the break point by selecting the circle highlighted in the below screenshot

Breakpoints enable you to define where or when to halt the execution of an orchestration. You use breakpoints to run the orchestration until it reaches a certain step.

 

In the debug mode, a blue circle appears to the right of the step in the orchestration flow. You can set a breakpoint by clicking either the blue circle or the step in the orchestration flow. A blue dot appears next to the orchestration step indicating that the breakpoint has been set.

 

If you set a breakpoint and click the Run/Resume icon on the Debug Orchestrations panel, the orchestration runs until it encounters that step. To continue execution after the breakpoint, you can use the Run/Resume or Step Forward icons on the Debug Orchestrations panel.

  • Success condition debug flow

True False Start SR_F0101 MSG send AB success Noti... o

  • Failure condition debug flow

     o Sta o MSG_send AE success_Noti... o True False Rule Valid AB

  • Data Section information - The Data tab displays all the available data that the orchestration consumes and generates, which includes the data that the orchestration consumes from a step. This tab displays the following information:

 

Step Variables. Displays all the variables created by the steps that have been executed. Variables from steps are added to the top of the list, so the most recent variables are shown at the top. Variables of single values like strings and numbers can be changed before resuming the orchestration. Variables containing arrays or JSON objects are read only.

 

Orchestration Inputs. Displays the values for inputs that were defined initially to start the orchestration.

 

System Values. Displays the values for the default inputs: User Address Book Number, User Name, System Date, and Orchestration Input. The values for these inputs represent the originator of the orchestration when executed at runtime. The system values are not editable as these are fixed for an orchestration.

 

History. Displays a record of the of the values for a variable that is overwritten. For each overwritten variable, click the History icon displayed in its row. The History dialog box lists the orchestration steps where the specific variable is used along with the values. Similarly, the Output tab displays the history of the overwritten output values.

000000 Debug Orchestration Data Input Key SR FOIOI Address Number Alpha Name Business Unit SR_F0101.output Orchestration Inputs System Values Last Step Input Variable Ou tput Financial/Distribution Company

  • Last Step section information - Displays the outputs generated from the previous step that was executed in the orchestration.

SR_f010' Rule_Va

000000 Debug Orchestration Data 1 "SR 8101": "tableld": " "rowset " : Last Step Ou tput FOIØI" , "Address Number": "1", "Alpha Name": "Financial/Distribution Company" , "Business unit". "records": "moreRecords": false

  • Output section information - Displays the accumulative output generated for all the steps in the orchestration until the breakpoint.

   

000000 Debug Orchestration "tableld": "FØIOI", Data "SR FOIe1": "rowset" : Last Step Output "Address Number": "1" "Alpha Name": "Financial/t)istribution Company" , "Business Unit": " "records": 1, "moreRecords": false

For more information refer the guide -->  Debugging an Orchestration (Release 9.2.4.3)

This blog will help to start the AIS Scheduler automatically whenever AIS Service is restarted, so we no need to use postman or curl call to start the AIS Scheduler.

This feature is available starting from the tools release 9.2.4.0

Follow the below steps to auto start AIS Scheduler

  1. Configure rest.ini
  2. Restart HTML & AIS Service
  3. Verify the AIS Scheduler status
  4. Schedule a orchestration to autostart

Step 1 : Configure rest.ini

 

Login into SM console then access the AIS Instance on which you want to enable this feature. Now under configuration section , change the view as "Advanced" and click on Miscellaneous section

Enter the below values as shown in the below screenshot. For more information on these setting refer the document -->  Configuring AIS Server Manager Settings

Now Click on Synchronize configuration button to Synchronize the rest.ini changes

Step 2 : Restart HTML & AIS Service

Note : HTML Service should be restarted before AIS Service. 

We can use SM console to restart HTML Service

Once HTML Service has been started successfully , now start the AIS Service using SM console

Step 4 : Verify the AIS Scheduler status

 

Verify the AIS Server e1root.log to verify whether AIS Scheduler has been started successfully or not.

We can also verify the status from Orchestrator Studio --> Scheduler User Interface

 

Step 4 : Schedule a orchestration to autostart

 

To test whether scheduler auto start the AIS Server jobs , we created the below simple orchestration to submit the UBE R0006P every 1 hour

 

Whenever below orchestration is executed it will submit the UBE R0006P

This Orchestration is attached to the schedule "Every 1 hour" to trigger the job.

Now Login into Orchestrator Studio then access scheduler user interface & click on the below highlighted option to make this job as an autostart job

These records are stored in the table F980059. These records can be viewed or deleted using the application P980059

Restart the HTML Service and AIS Server Service. We can verify from AIS Server Scheduler UI , whether jobs are running or not. Now this orchestration is scheduled to run at every 1 hour & these job will be auto started whenever AIS Server is restarted. Here after we no need to use postman or curl call to start the AIS Scheduler.

For more information refer the guide --> JD Edwards EnterpriseOne Application Interface Services Server Reference Guide

Starting with Tools Release 9.2.2.4, the scheduler which is included with the AIS server installation, can now be configured to make the scheduler resilient, where you are able to store the job specifications for scheduled notifications and orchestrations centrally in the database. This blog will help you to understand the E1 AIS Server Scheduler Resilience feature & this blog will help you to enable this feature in your setup.

As notifications and orchestrations are incorporated into critical business processes, the scheduling and execution of those notifications and orchestrations becomes equally critical. The scheduler must be able to tolerate failures, restart with minimum human intervention, and load balance in that if one scheduler instance begins to fall behind, another can pick up the overflow.

 

  • To make the scheduler resilient, you can store the scheduled job properties for notifications and orchestrations centrally in the database. 
  • This means that if you are running a single instance of the scheduler, the scheduler can restart from a failure and continue processing from the queue of scheduled jobs without an administrator having to resubmit all jobs manually.

 

Steps to enable Scheduler Resilience

 

  1. Download the Quartz SQL Script
  2. Create the Quartz tables in E1 Database
  3. Configure the rest.ini
  4. Start the Scheduler

 

Step 1 : Download the Quartz SQL Script

 

We can download the Quartz SQL Script from the website --> http://www.quartz-scheduler.org

  • Extract the download using 7 zip and navigate to the below location

Note : For this example , we are using the E1 Setup which is running on Oracle Database, So we will be using the tables_oracle.sql to create the Quartz table in the next step

Step 2 : Create Quartz tables in E1 Database

 

Here we are creating the schema "QUARTZ" where we are going to create the Quartz table. You can work with your DBA to create the required schema with the security permission as per your setup.

 

Example SQL Script

 

--Create User

Create User QUARTZ Identified by QUARTZ;

 

--Create Table Space

CREATE TABLESPACE QUARTZT DATAFILE 'QUARTZT01.dbf' SIZE 20M AUTOEXTEND ON;

CREATE TABLESPACE QUARTZI DATAFILE 'QUARTZI01.dbf' SIZE 20M AUTOEXTEND ON;

 

-- Alter USER SQL

ALTER USER "QUARTZ"  DEFAULT TABLESPACE "QUARTZT" TEMPORARY TABLESPACE "TEMP" ;

 

-- Assign ROLES SYSTEM PRIVILEGES

Grant JDEUSER to QUARTZ;

Grant JDE_ROLE to QUARTZ;

GRANT CREATE SESSION,CONNECT, RESOURCE TO QUARTZ;

 

-- QUOTAS

ALTER USER "QUARTZ" QUOTA UNLIMITED ON QUARTZT;

ALTER USER "QUARTZ" QUOTA UNLIMITED ON QUARTZI;

 

      Make sure you are able to login into Database using the QUARTZ user ID and password

    

      Now run the Quartz SQL Script (tables_oracle.sql) by login into the user (QUARTZ) which we created in above step

    

  • Quartz Tables are created successfully 

  

Step 3 : Configure the rest.ini

 

Using Server Manager Console we can update the rest.ini of the AIS Server. 

Access the AIS Instance then navigate to the Configuration  --> Miscellaneous Section

  • Now synchronize the changes and restart the AIS Server

Important Notes

The AIS Servers containing the scheduler will access the Quartz runtime database through JDBC. If your AIS Server is deployed to WebLogic and your database is Oracle, the JDBC driver will already have been installed and you can skip this step.

 

For more information on obtaining, uploading, and installing JDBC drivers, see the Manage JDBC Drivers chapter in the JD Edwards EnterpriseOne Tools Server Manager Guide.

Step 4 : Start the Scheduler

 

Using Postman or SOAP UI tool , we can start the DV AIS Server Scheduler. It is a good practice to make sure standard scheduler works by unchecking the "Scheduler Resilience" setting in AIS option. If it works, then check the option restart AIS and test.

 

Rest API End Point : http://AISserver:port/jderest/v2/scheduler/start

 

You can run the below SQL Query to verify whether AIS Server Scheduled jobs are stored in Database

We have created simple test notification and scheduled to run at every 5 mins. AIS Scheduler successfully executing these jobs at scheduled time.

Now we can have multiple AIS schedulers to do the load balancing or fail over by enabling this feature. For more information refer the guide --> Configuring Scheduler Resilience (Release 9.2.2.4)

Also refer the document --> E1: AIS: ORCH: Setting up Quartz Scheduler Resilience to be used with Notifications and Orchestrations (TR 9.2.2.4) (Doc ID 2368608.1) & guide --> Configuring Scheduler Resilience (Release 9.2.2.4)
which has the configuration details for SQL Database and DB2 Database Setup

During the Package deployment , we need to lock/unlock the JOB Queue using P986130 Application

P986130 is designed to lock/unlock one Job Queue at a times. So if we have many job queues in the system then this process will be a time consuming one during the package deployment window. Now we can use orchestration to lock or unlock all the job queues with very less effort. This blog will help you to create the Orchestration for this requirement.

 

Steps to create the Lock or Unlock Job Queue Orchestration

 

  • Create Form Service Request
  • Create Rule
  • Create Orchestration
  • Test the Orchestration

 

Step 1 : Create Form Service Request

 

We need to pass the Grid Data (Multiple rows) of P986130 to the orchestration to execute the orchestration in a loop. So that we can lock or unlock the multiple job queue using Orchestration!

 

Here we are creating two Form Service Request to change the Job Queue Status

  • Get Grid Data of P986130 Form Service Request will save the Grid data in the Grid Data Set

  • Grid Data which we got from the First Service Request will be passed to "Lock or Unlock Job Queue" Service to update the multiple records.

 

Follow the below steps to create the "Grid Data of P986130" Form Service Request

  • Login into Orchestrator Studio
  • Click on Service request button
  • Click on Create Service Request --> Form Request

           

        Form Service Request Input

 

Host Name             --> Enterprise Server Name

Port Number          --> Enterprise Server Port Number

Job Queue Status  --> Enterprise Server Job Queue Status

 

You can use Process Recorder or Orchestrator Studio to create this service request. Create the Service Request with below Order of the Execution         

     

Form Service Request Output

 

Grid Data Set Name --> Grid Data

 

Host Name            --> Grid Enterprise Server

Job Queue             --> Grid Job Queue

Job Queue Status --> Grid Job Queue Status

Port Number        --> Grid Port Number

Follow the below steps to create the "Lock or Unlock Job Queue" Form Service Request      

  • Grid Data which we got from the First Service Request will be passed to "Lock or Unlock Job Queue" Service to update the multiple records.
  • Click on Service request button
  • Click on Create Service Request --> Form Request

    

        Form Service Request Input

Host Name             --> Enterprise Server Name                   

Port Number          --> Enterprise Server Port Number      

Job Queue Status  --> Enterprise Server Job Queue Status

 

You can use Process Recorder or Orchestrator Studio to create this service request. Create the Service Request with below Order of the Execution

Form Service Request Output

 

You can return the data which you want to see in the Orchestration Output

 

Here we are returning the below data

Host Name            --> Enterprise Server

Port Number        --> Enterprise Server Port Number


Step 2 : Create a Rule

 

Job Queue Status is saved in the table as numeric ( 01 or 02 ). It would be good to pass the String Lock or Unlock as input when compare to 01 or 02.

 

To achieve this we are creating the below rule

   When the input is equal to Lock then this rule will return true or it will return false

                           

         Step 3 : Create Orchestration

 

         Here we are creating two orchestration to lock and unlock the Job Queue. Follow the below steps to Lock or Unlock Job Queue Orchestration

 

  • Call the Rule and Form Request which we created on the above steps in the below order

  • Add the below Orchestration Inputs and Variables

 

Orchestration Inputs

 

Enterprise Server

Port Number

Lock or Unlock

 

Variables

 

Lock Job Queue     = 01

Unlock Job Queue = 02

  • Map the Data input for Rule

  • Map the Data Input for Get Grid Data of P986130  - True Condition     

    

  • Map the Data Input for Lock or Unlock Job Queue - True Condition

  • Map the Data Input for Lock or Unlock Job Queue - False Condition

  • Click on Define Output

 

  • Make sure to select the below Output then only Data Set from Grid Data of P986130 Form Request will be passed to Orchestration in a loop

       Step 4 : Test the Orchestration

 

       We can test the Orchestration using Orchestrator Client

 

Case 1 : Lock Job Queue

 

Login into Orchestrator Client then run the Lock or Unlock Job Queue Orchestration by passing the Enterprise Server Name and Port Number and Lock or Unlock condition

 

  •   Before running the Orchestration

  •     Run the Orchestration

  •     Job Queue Locked successfully !

   Case 2 : Unlock Job Queue

 

   Login into Orchestrator Client then run the Lock or Unlock Job Queue Orchestration by passing the Enterprise Server Name and Port Number and Lock or Unlock condition

 

  •    Before running the Orchestration

  •    Run the Orchestration

  •    Job Queue Unlocked successfully!

       

This blog will help you to install the Data Access Driver. Here we are installing DAD on below system configuration

 

Application Release : 9.2

Tools Release            : 9.2.3.3

Database                   : Oracle 12.1.0.2.0

BIP Server Version   : BIP 12.2.1.0.0

          Operating System    : Windows 2016

 

Steps to install the Data Access Driver ( DAD )

 

  1. Install SM Agent
  2. Register the BIP WLS with SM Console
  3. Download latest DAD Tools Release from update center
  4. Upload and Distribute the DAD TR component 
  5. Create DAD Instance
  6. Copy the DAD Tools Release lib files to  to BI lib folder location
  7. Update the setDomainEnv.cmd
  8. Update jdbj.ini
  9. Create a JDBC Data Source in BIP Console
  10. Verify the configuration

 

   Step 1 :  Install SM Agent  

        

  Step 2 : Register the BIP WLS with SM Console

Step 3 : Download Latest DAD Tools Release from update center

      

Step 4 : Upload the Software and distribute the TR to the SM Agent where WebLogic BIP Server is registered

Step 5 : Create a DAD Instance using SM Console 

Step 6 : Extract the DAD Tools Release par file to temporary location and copy to BI Lib folder location

           From Location :

         

    To Location :

        

Step 7 : Update the setDomainEnv.cmd

                

         Update the classpath value with DAD SM Agent config location. Below section of SetDomainEnv.cmd needs to be updated.

 

if NOT "%EXT_PRE_CLASSPATH%"=="" (

if NOT "%PRE_CLASSPATH%"=="" (

set PRE_CLASSPATH=D:\jde_home_dad\SCFHA\targets\DAD\config;%EXT_PRE_CLASSPATH%;%PRE_CLASSPATH%

) else (

set PRE_CLASSPATH=%EXT_PRE_CLASSPATH%

)

)

 

if NOT "%POST_CLASSPATH%"=="" (

if NOT "%CLASSPATH%"=="" (

set CLASSPATH=D:\jde_home_dad\SCFHA\targets\DAD\config;%POST_CLASSPATH%;%CLASSPATH%

) else (

set CLASSPATH=%POST_CLASSPATH%

)

)

 

if NOT "%WEBLOGIC_CLASSPATH%"=="" (

if NOT "%CLASSPATH%"=="" (

set CLASSPATH=D:\jde_home_dad\SCFHA\targets\DAD\config;%WEBLOGIC_CLASSPATH%;%CLASSPATH%

) else (

set CLASSPATH=%WEBLOGIC_CLASSPATH%

)

)

 

if NOT "%PRE_CLASSPATH%"=="" (

set CLASSPATH=D:\jde_home_dad\SCFHA\targets\DAD\config;%PRE_CLASSPATH%;%CLASSPATH%

)

 

Step 8 : Make sure jdbj.ini is updated correctly with your database information

         

Step 9 : Create a JDBC Data Source in BIP Console

 

          Follow the below steps to create a JDBC Data Source

  1. Login into BIP Console
  2. Click on Administration
  3. Now click on JDBC Connection

               

                4. Enter the below information then click on Test Connection

          

              5.Enter the below information then click on Test Connection

 

       Data Source Name      : E1_DAD

       Driver Type                   : Oracle 12c

       Database Driver Class : com.jdedwards.jdbc.driver.JDBCDriver

       Connection String        : jdbc:oracle:enterpriseone://JDV920;

       Username                      : JDE

       Password                       : <JDE User Password>

 

  •      Connection established successfully

         

  •       Click on Apply Save to save this configuration

     

Step 10 : Verify the configuration

 

  •     Login into Server Manager Console and verify whether DAD Instance status is showing as running

         

  •      Login into BIP Console then click on New --> Data Model

         

  •      Click on Add under Diagram tab then click on SQL Query

         

  •      Enter the table name and select the Data Source as E1_DAD then click on Query Builder

         

  •      Select the column ( For example : AN8 ) then click on save button to save the SQL Query

            

  •      Now click on Data - View and see whether we are able to see the E1 data using DAD

         

After domain created successfully on WLS 12.2.1.3.0 , when we trying to start the nodemanager using service or startup script , we are getting the below error message

 

Log file Location : C:\Oracle\Middleware\Oracle_Home\user_projects\domains\base_domain\nodemanager

Log file name     : nodemanager.log

 

<Mar 11, 2019 9:13:56 AM UTC> <INFO> <Loading identity key store: FileName=C:\Oracle\Middleware\Oracle_Home\user_projects\domains\base_domain\security\DemoIdentity.jks, Type=jks, PassPhraseUsed=true>

<Mar 11, 2019 9:13:56 AM UTC> <SEVERE> <Fatal error in NodeManager server>

  1. weblogic.nodemanager.common.ConfigException: Identity key store file not found: C:\Oracle\Middleware\Oracle_Home\user_projects\domains\base_domain\security\DemoIdentity.jks

at weblogic.nodemanager.server.SSLConfig.loadKeyStoreConfig(SSLConfig.java:225)

at weblogic.nodemanager.server.SSLConfig.access$000(SSLConfig.java:33)

at weblogic.nodemanager.server.SSLConfig$1.run(SSLConfig.java:118)

at java.security.AccessController.doPrivileged(Native Method)

at weblogic.nodemanager.server.SSLConfig.<init>(SSLConfig.java:115)

at weblogic.nodemanager.server.NMServer.<init>(NMServer.java:169)

at weblogic.nodemanager.server.NMServer.getInstance(NMServer.java:134)

at weblogic.nodemanager.server.NMServer.main(NMServer.java:589)

at weblogic.NodeManager.main(NodeManager.java:31)

 

Cause : DomoIdentity.jks file is missing under below location

 

Solution : There are multiple solution for this issue , please refer the document for more information --> FMW/WLS New Configuration with Latest JDK Failing to Start - ConfigException: Identity key store file not found: DemoIdentity.jks (Doc ID 2357811.1)

 

Here we will follow the solution 2 (Re-generate DemoIdentity.jks, then start Web:Logic Server and Node Manager) to resolve our issue

 

Step 1 : Open the cmd prompt as administrator

Step 2 : Using cd command navigate to the location --> C:\Oracle\Middleware\Oracle_Home\wlserver\server\bin

Step 3 : Execute the setWLSEnv.cmd bat file

Step 4 : Now navigate to the directory C:\Oracle\Middleware\Oracle_Home\user_projects\domains\base_domain\security using cd command

Step 5 : run the command "java utils.CertGen -keyfilepass DemoIdentityPassPhrase -certfile democert -keyfile demokey -strength 2048 -noskid"

Step 6 : Now run the command "java utils.ImportPrivateKey -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -keyfile demokey.pem -keyfilepass DemoIdentityPassPhrase -certfile democert.pem -alias demoidentity"

Step 7 : verify whether Demoidentity.jks file is created

Step 8 : Now start the nodemanager and verify the nodemanager.log to verify whether nodemanager process started successfully or not

 

<Mar 12, 2019 3:46:20 AM UTC> <INFO> <Server Implementation Class: weblogic.nodemanager.server.NMServer$ClassicServer.>

<Mar 12, 2019 3:46:21 AM UTC> <INFO> <Secure socket listener started on port 5556, host localhost/127.0.0.1>

 

NodeManager Service started successfully!

This blog will help to download and apply the WLS Path for the issue mentioned in Unable To Access E1 Main Menu Screen After Clicking Login or Stuck on Login Page for JAS Instance Configured with WebLogic Server - 12.2.1.1.0 (Doc ID 2185160.1)

Note : This blog is created based on the below E1 Setup configuration, steps may vary depends upon your setup configuration ( OS and WLS version ..etc).

E1 Setup configuration:

Application Release           : 9.2

Tools Release                    : 9.2.2.2

Application Server version : 12.2.1.2.0

Application Server OS        : Windows 2016 R2

 

Steps Involved in this Installation

  • Download WLS Patch 26197278 from Patch and Updates
  • Pre-Installation Instructions
  • Installation Instructions

 

 

Download WLS Patch 26197278 from Patch and Updates We can download weblogic patches from support portal --> patches and updates. Enter the Patch number as 26197278 then hit search buttonSelect the Patch then click on Download

Save the file in local drive then extract the zip file

 

Pre-Installation Instructions

Before trying to apply the WLS patch , make sure to complete the below tasksSet Environment variable : Add the opatch location K:\Oracle\Middleware\Oracle_Home\OPatch to PATH variable

 

Stop Admin Server , Managed Servers and Node manager

 

Installation Instructions

Follow the below steps to apply the WLS Patch:

  1. Run CMD as administrator user
  2. Type opatch version --> This should display the version as shown in the screenshot
  3. Navigate to the Download location of the Patch  ( C:\Users\Administrator\Downloads\p26197278_122120_Generic\26197278)

 

Now type opatch apply (enter y to continue the installation)

WLS Patch installed successfully! ( Now start the HTML Server and test the issue)

Best Regards,

Karthickrajan K

From Release 9.2 Database Security has been changed. For an installation, all tables delivered by the Platform Pack installer are locked down ( Public Shutdown ) & For an upgrade, only NEW tables delivered by the installer are locked down.

 

Here I am using the Oracle Database , for explaining the concept.

 

Platform pack

 

When we run the 9.2 Platform pack for the installation/Upgrade , we will provide the Admin Role & End user Role as JDEADMIN & JDEUSER in the OUI.

Proxy user :  JDE

 

Platform Pack Installer assigned the Database Role JDE_ADMIN & JDE_ROLE to the Proxy User JDE.

 

For the Other Schema ( users )

 

Platform Pack  Installer assigned the JDEUSER and JDE_ROLE to the other DB schema/user ( DV920, SY920, OL920, SVM920, PS920,TESTDTA,TESTCTL …..etc)

JDE_ROLE  Permission in the Database

 

JDE_ROLE has the below permission in the Database, Because of that E1 Users are able to make the connection with Database and able create a Table & View in the Database.

 

Data Source DB Permission

The main change in the E1 system from  9.2  is below, For example :  Business Data – Test ( TESTDTA)

 

For an Install

 

JDEADMIN & JDEUSER has the Alter, Delete , Insert, Update, Select Permissions for the each table which was created by platform pack on TESTDTA. Because of this E1 users are able to fetch the data , add the data, update the data, delete the data in the Database.

 

All other E1 Data Sources (DV920, SY920, OL920, SVM920, PS920,TESTDTA,TESTCTl  …..etc) also having the same DB Permission.

 

For an Upgrade

 

For an upgrade, only NEW tables delivered by the installer are locked down. The installer does not lock down the logic artifacts during the Platform Pack execution - only the tables.

Note : This is called as Public shutdown. If other application is using your main Database other than E1 then that DB user will not be able to access the E1 Data.

 

What is benefit of the DB Security application ( P986117 ) ?

 

P986117 is simply used for record keeping and enables access to the database without having to ask the database administrator to create a database role and login credentials.

 

For Example : If we want to create a E1 User with read only access ,

 

Before 9.2

 

  • we  need  to create a DB user with Read only permission in DB with a help of DB admin
  • we need to create a System user in JDE .
  • Assign the system user to E1 user

 

From 9.2


Note : Above method also work for 9.2 but From E1 we can do this task with a help of DBA administrator

  • we need to open the application P986117 by login into JDEPLAN ( before workbench)
  • Create the Enter the DB user name ( For example : E1Read ) and assign the permission for all the Data Source

  •   Run the Workbench
  •   We need to create a System user in JDE .
  •   Assign the system user to E1 user

 

Installation Workbench  ( install/Upgrade) will take care the DB user creation and assigning the DB permission in the Database. No need of DB admin to do the task.

 

Record Keeping Purpose

 

For the default installation enter the below two records in P986117 for all the E1 Data Source in P986117 before running the workbench (As per the attached guide ) but I think its just for record keeping purpose so I entered the records using web client (once installation is completed )

For More information

 

Guide : https://docs.oracle.com/cd/E53430_01/EOTSC/datasource_security.htm#EOTSC987

 

Learn jde : https://apexapps.oracle.com/pls/apex/f?p=44785:141:15740944425770::::P141_PAGE_ID,P141_SECTION_ID:343,2574#DBSecurity

 

Impact of missing Enhanced Database Security

 

l have seen the below scenarios where customer faced the issue if this DB privilege were not set properly

 

Case 1 : During the Upgrade ( Install/Upgrade )

 

When customer upgrading the E1 from old release to new release using install/Upgrade method ( Opposite to supported same machine upgrade ) , customer have to refresh the TESTDTA & TESTCTL from old release DB to 9.2 DB .

 

In this activity, if customer drops the TESTCTL and TESTDTA in the 9.2 DB and created the schema from old release. DB Role JDEUSER & JDE_ROLE will not be assigned and missing this permission will leads to Table conversion failure.

 

E1: UPG : Table Conversion Fails While Running the Upgrade Workbench With Error - "OCI0000017 - Unable to execute statement for describe - SELECT * FROM SY920.F0093" (Doc ID 2182159.1)

 

Case 2 : Creating the custom environment ( Without using Environment master or E1 scripts )

 

If customer creating the custom environment by copying the Table, OCM ...etc and creating the custom environment. The Database privilege discussed above will not be applied for the custom environment. This will leads customer in a situation where they cant use the custom environment.

Filter Blog

By date: By tag:

Welcome to the My Oracle Support Community! We highly encourage you to personalize your community display name to make your activity more memorable. Please see https://community.oracle.com/docs/DOC-1022508 for instructions.