Вы находитесь на странице: 1из 6

DMZ setup on Oracle EBS R12

Creating an External Web Tier for E-Business Suite

Oracle E-Business Suite R12 Configuration in a DMZ (Doc ID 380490.1)


Clone the internal web tier to create a new external web tier
Pre-Clone Steps on Internal Server

- Run adpreclone.pl

As Database node :

cd $ORACLE_HOME/appsutil/scripts/DEV_Hostname

perl adpreclone.pl dbTier

As Application Node :

cd $ADMIN_SCRIPTS_HOME

perl adpreclone.pl appsTier

Take a backup of application mount point.

Restore the Backup into external server node.

Setup Host File:

Put the following entries in the Hosts File (/etc/hosts)

IP Addressh yourhostname

IP Addressh yourhostname

Change the owner Ship of /finerp/FINDEV folder and the file under it to apps

cd /dev

chown �R appdev:dba findev

Creating External Web Tier

Note: Your steps should be more

Create XML file for External Server:

su � appdev
cd �--/apps/apps_st/comn/clone/bin

perl adclonectx.pl
contextfile=---------------/inst/apps/dev_hostname/appl/admin/dev_hostname.xml

Enter the APPS password:

Target System Hostname (virtual or normal) [hostname]:

Do you want the inputs to be validated (y/n) [n]? :

Target System Database SID: dev

Target System Database Server Node [hostname]: extrenalhostname

Target System Base Directory: /dev/oradev/dev

Target System Forms ORACLE_HOME Directory [/dev/oradev/dev/apps/tech_st/10.1.2]:

Target System Web ORACLE_HOME Directory [/dev/oradev/dev/apps/tech_st/10.1.3]:

Target System APPL_TOP Mountpoint [/dev/oradev/dev/apps/apps_st/appl]:

Target System COMMON_TOP Directory [/dev/oradev/dev/apps/apps_st/comn]:

Target System Instance Home Directory [/dev/oradev/dev/inst]:

Username for the Applications File System Owner [appldev]:

Group for the Applications File System Owner [dba]:

Target System Root Service [enabled]:

Target System Web Entry Point Services [enabled]:

Target System Web Application Services [enabled]:

Target System Batch Processing Services [disabled]:

Target System Other Services [disabled]:

Do you want to preserve the Display [hostname:0.0] (y/n)? : n

Target System Display [extrenalhostname:0.0]:

Do you want the the target system to have the same port values as the source system
(y/n) [y]? : n

Target System Port Pool [0-99]: 1

Choose a value which will be set as APPLPTMP value on the target node [1]: 2

New context path and file name


[/dev/oradev/dev/inst/apps/dev_extrnalhost/appl/admin/dev_extrnalhost.xml]:

Cross Check if the Context File generated is correct or not, check with following
command if the respective components are enabled on extrenal hostname :
grep �i status $CONTEXT_FILE

Run adpreclone.pl to add the extrnal server as a node to dev:

su - appldev

cd /dev/appldev/dev/apps/apps_st/comn/clone/bin

perl adcfgclone.pl appsTier


/dev/appldev/dev/inst/apps/dev_extrnalhost/appl/admin/dev_extrnalhost.xml

Enter the APPS password:

Check the logfile for any error.

CONTEXT_FILE configuration:

Modify the following CONTEXT_FILE parameters:

Context File Variable

Existing Value

New Value

s_applcsf

/dev/appldev/dev/inst/apps/dev_extrnalhost/logs/appl/conc

/dev/appldev/dev/conc

s_appltmp

/dev/appldev/dev/inst/apps/dev_extrnalhost/temp

/dev_appltmp

s_applptmp

/dev/appldev/dev/inst/apps/dev_extrnalhost/ptemp

/dev_applptmp

s_formshost
extrnalhost

dev

s_chronosURL

http://extrnalhost.externalhost.com:8001/oracle_smp_chronos/oracle_smp_chronos_sdk.
gif

http://dev.externalhost.com:8001/oracle_smp_chronos/oracle_smp_chronos_sdk.gif

s_external_url

http://extrnalhost.externalhost.com:8001

http://dev.externalhost.com:8001

s_webentryhost

extrnalhost

dev

s_login_page

http://extrnalhost.externalhost.com:8001/OA_HTML/AppsLogin

http://dev.externalhost.com:8001/OA_HTML/AppsLogin

Run AutoConfig on all the Nodes.

Configuring extrnalhost for DMZ

Run the script txkChangeProfH.sql for the Profile option setup:

# Internal Node..

$ su � appldev

$ sqlplus apps/password
Update Hierarchy Type

@$FND_TOP/patch/115/sql/txkChangeProfH.sql SERVRESP

Run AutoConfig on all nodes.

Update Node Trust Level

To change the value of the Node Trust Level profile option value to External for a
particular node, perform the following steps:

1. Login to Oracle E-Bsonapness Suite as sysadmin user sonapng the internal URL

2. Select the System Administrator Responsibility

3. Select Profile / System

4. From the 'Find system profile option Values' window, select the server and get
the valie extrnalhost into it.

5. Query for %NODE%TRUST%. You will see a profile option named 'Node Trust Level'.
The value for this profile option at the site level will be Normal. Leave this
setting unchanged.

6. Set the value of this profile option to External at the server level. The site
level value should remain set to Normal

Update List of Responsibility

To change the value of the Responsibility Trust Level profile option at the
responsibility level for a particular responsibility, perform the following steps:

7. Login to Oracle E-Bsonapness Suite as sysadmin user sonapng the internal URL

8. Select System Administrator Responsibility

9. Select Profile / System

10. From the 'Find system profile option Values' window, select the responsibility
that you want to make available to users logging in via the external web tier

11. Query for %RESP%TRUST%. You will see a profile option named 'Responsibility
trust level'. The value for this profile option at site level will be Normal.
Leave this setting unchanged.

12. Set the value of this profile option for the chosen responsibility to External
at the responsibility level. The site-level value should remain Normal.

13. Repeat for all responsibilities that you want to make available from the
external web tier.

List of Responsibilities which can be enabled on External Server is as followed:


Product Name

Externally Accessible Responsibilites

Additional Profile Options

iSupplier

Do this as per your requirment

POS: External URL

POS: Internal URL

Oracle Sourcing

Sourcing Supplier

PON: External Applications Framework Agent

PON: External login URL

Oracle iProcurement

Self Registered Employee Default Responsibility

Self Registered New User Default Responsibility

q Enable Oracle E-Business Suite Application Server Security

1. Set the value of Application Server Security Authentication


(s_appserverid_authentication) to SECURE, in the CONTEXT_FILE on all the nodes.

2. Run AutoConfig on each Applications middle tier to complete the configuration.

3. After AutoConfig completes successfully, restart Oracle HTTP Server and OC4J
processe

Run Autoconfig

Run AutoConfig from ADMIN_SCRIPTS_HOME.

Internal Node and Extrenal node.

After start the service and check..