2 Replies Latest reply on May 20, 2016 10:51 AM by user4012061

    SSO   - Ebus registered with OAM. What to do with the DMZ node?

    user4012061

      I have 2 apps tiers, an internal node and an external dmz node.

       

      I setup OAM/OID with AD and registered with Ebus on the internal apps node following notes

      Oracle E-Business Suite Release 12.2 with Oracle Access Manager 11gR2 (11.1.2) using Oracle E-Business Suite AccessGate (Doc ID 1576425.1

      Integrating Oracle E-Business Suite Release 12.2 with Oracle Internet Directory 11gR1 (Doc ID 1371932.1)

       

      I have not done anything to the dmz node yet.  What do i do with it or do I have to do anything? I would prefer to do nothing, but is that the right thing to do?

       

      When I login into the dmz node, I get this message after entering sysadmin username and password.

       

      Error Page

      You have encountered an unexpected error. Please contact the System Administrator for assistance. 

       

      I was able to login before i setup SSO on the primary apps tier.

        • 1. Re: SSO   - Ebus registered with OAM. What to do with the DMZ node?
          handat

          You would need to configure an AccessGate for your DMZ node. You can share the same OAM but you will need to use split DNS.

          • 2. Re: SSO   - Ebus registered with OAM. What to do with the DMZ node?
            user4012061

            Thank you for the reply.

            What is split DNS? 

             

            Do i need to configure OID also?

            You are saying, on the DMZ node i need to do the following. 

             

            1. Register OID with Ebus (or is this only for the first node)

                 $FND_TOP/bin/txkrun.pl -script=SetSSOReg -registeroid=yes

            2. Register OAM with Ebus

                 a. Install the access manager webgate and patch it

                 txkrun.pl -script=SetOAMReg -installWebgate=yes -webgatestagedir=/mnt/software/webgate

                 b. Deploy E-Bus AccessGate

                    perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-oaea_resources -contextfile=$CONTEXT_FILE

                 -deployApps=accessgate -SSOServerURL=xxxxx ...

                 c.  Register Ebus with OAM

                 $ txkrun.pl -script=SetOAMReg -registeroam=yes


            This is required? There is no other way? What if I don't want to use SSO with the dmz node only the internal node?