Wednesday, August 29, 2012

.dbc file administration

Q> What is the backup scenario you can give in case of .dbc file got deleted ?

Ans:
======

1.     Administering .dbc Files
-----------------Applications 11i -----------------

The .dbc file is contained on the web/applications server and holds information used by the database for authentication. The web/application server passes the information from the .dbc file, as well as login information, to the database server to authenticate the user. The authentication process is handled by the standard applications security feature.

The .dbc files required by the application server security system are not part of the delivered product and must be created after installation.

The Java script AdminAppServer is used to create the .dbc files.

Prior to running AdminAppServer you must ensure that:

JDBC classes are in the CLASSPATH and LD_LIBRARY_PATH and $JAVA_TOP is in the classpath

The syntax for the script begins with the call to the script.

jre oracle.apps.fnd.security.AdminAppServer [parameters]

The first parameter must be the connection string followed by the command string.
apps/apps@dbname
ADD

Some commands require additional parameter(s). For example, the ADD command must be followed by the GWYUID and FNDNAM parameters,
which are followed by any optional parameters. Optional parameters are indicated in brackets.

jre oracle.apps.fnd.security.AdminAppServer apps/apps@dbname \
ADD \
GWYUID=pub/pub FNDNAM=apps \
[SERVER_ADDRESS=<tcp.ip address>] \
[SERVER_DESCRIPTION=<machine_name>] \
[<env_name>=<env_value>] \
SECURE_PATH=$FND_TOP/secure \
GUEST_USER_PWD=<username/password>

In the example above, the parameter env_name allows you to enter additional information you wish to store in the .dbc file. Programs that access the Applications using the .dbc file will use all of the environment variable settings in the file. Additionally, if you do not provide a value for the SERVER_ADDRESS it will default to the ip address of the machine on which the utility is run.


Creating .dbc Files
Use the AdminAppServer script to create a .dbc file for the application server to access the database server. In addition to creating the .dbc file this script registers the application server with the database for the Applications Server Security feature.
To access additional database servers from the same application server, you must rerun the AdminAppServer script for each additional database. You must run the AdminAppServer script each time you create a .dbc file, and each .dbc file only allows access to one database.


To create a .dbc file for an application server:

1. You must set the username/password value for the GUEST_USER_PWD parameter. Create a valid username ("visitor" for example) in Oracle Applications.

Then use the username/password combination as the value for GUEST_USER_PWD. The syntax is illustrated in the following example:
GUEST_USER_PWD=visitor/welcome

Oracle recommends that you do not assign any responsibilities for this user.

2. From the command line, enter:
jre oracle.apps.fnd.security.AdminAppServer apps/apps@dbname \
ADD \
GWYUID=pub/pub FNDNAM=apps \
[SERVER_ADDRESS=<tcp.ip address>] \
[SERVER_DESCRIPTION="Public web access server"] \
[<env_name>=<env_value>] \
SECURE_PATH=$FND_TOP/secure \
GUEST_USER_PWD=<username/password>

The SECURE_PATH parameter provides the location of the directory which contains .dbc files. The value of this parameter must be
set to $FND_TOP/secure.


Updating or Deleting a .dbc File

When updating the .dbc file you can change as many parameters as you want, including the server ID, but you must enter at least one.
Settings that you do not update retain their value.

To update a .dbc file:
From the command line, enter:

jre oracle.apps.fnd.security.AdminAppServer apps/apps@dbname \
UPDATE \
[SERVER_ID] \
[SERVER_ADDRESS=<tcp.ip address>] \
[SERVER_DESCRIPTION="Public web access server" \
[<env_name>=<env_value>] \
SECURE_PATH=$FND_TOP/secure \
GUEST_USER_PWD=<username/password>

Attention: If you have not already set the username/password value for the GUEST_USER_PWD parameter, you can do so here using the UPDATE command. For instructions, see the section on Creating DBC files in .Administering Oracle Applications Security in Release 11.

To delete a .dbc file:
From the command line, enter:
jre oracle.apps.fnd.security.AdminAppServer apps/apps@dbname \
DELETE \
SERVER_ADDRESS=<tcp.ip address> \
SECURE_PATH=$FND_TOP/secure
This deletes the .dbc file and disallows access to the indicated database if Server Security is active.


Administering Server Security

Because Release 11 is deployed in a multi-tier configuration, the security model has been enhanced to include authentication of application servers
to the database servers they access. When this layer of security is activated, it uses "server IDs" or passwords that the application server passes to the
database server. If the database server recognizes the server ID, it grants access to the database. The server IDs are created using a Java utility.
The application server security system is not initially activated. You must activate it after installation. The application servers are registered
with the database and assigned server IDs when you create .dbc files for Oracle Applications Security in Release 11.

The Java script AdminAppServer is used to set up, activate, and check the status of the application server security feature. For a detailed
description of the AdminAppServer utility see Administering Oracle Applications Security in Release 11.


Server ID Status
You can check the Server ID status for a particular database using the STATUS command in the AdminAppServer script. The STATUS command
displays all registered application servers and their server IDs. The command also indicates whether the server security feature is currently active.

Attention: Check the server ID status of your databases before you activate server security and ensure that all desired Application Servers have been registered.

To check the server ID status for a database:
From the command line, enter:
jre oracle.apps.fnd.security.AdminAppServer apps/apps@dbname \
STATUS

Activation of Server Security
You can turn the server security feature on or off using the same AdminAppServer utility. When you turn off server security, you will not change or
delete your server IDs. You can restart server security without recreating server IDs for all of your applications servers.

To activate server security:
From the command line, enter:
jre oracle.apps.fnd.security.AdminAppServer apps/apps@dbname \
AUTHENTICATION ON

To deactivate server security:
From the command line, enter:
jre oracle.apps.fnd.security.AdminAppServer apps/apps@dbname \
AUTHENTICATION OFF

Updating or Deleting Server IDs

You can update or delete a application server's server ID at any time. When updating the server ID you can change as many parameters as
you want, including the server ID, but you must enter at least one.

Note: Server ID values are generated by the AdminAppsServer utility, and therefore cannot be supplied on the command line.

To update a server ID:
From the command line, enter:
jre oracle.apps.fnd.security.AdminAppServer apps/apps@dbname \
UPDATE \
SERVER_ID \
[SERVER_ADDRESS=<tcp.ip address>] \
[SERVER_DESCRIPTION="Public web access server" \
[<env_name>=<env_value>] \
SECURE_PATH=$FND_TOP/secure \
GUEST_USER_PWD=<username/password>


------------------------------------------------------------For Application R12------------------------------------------------
use below

java oracle.apps.fnd.security.AdminAppServer apps/apps
ADD FNDNAM=apps
GWYUID=applsyspub/pub
TWO_TASK=VIS
SECURE_PATH=$FND_TOP/secure
GUEST_USER_PWD=guest/oracle
APPS_JDBC_DRIVER_TYPE=THIN
DB_HOST=appsdemo.test.com
DB_PORT=1531
               

No comments: