Quantcast
Channel: Raastech Blog
Viewing all 208 articles
Browse latest View live

Run OIDDIAG for Diagnostic Purposes for Oracle Support

April 1, 2017, 2:01 pm
$
0
0
1. Run the following commands:
cd /u01/app/oracle/middleware/Oracle_OID

$ORACLE_HOME/ldap/bin/oiddiag collect_all=true

2. Enter this information when prompted (use values for your environment):
Enter fully domain-qualified database host name: prod-cluster

Enter database listener port number: 1521

Enter database service name(SERVICE_NAME in tnsnames.ora file): iamdb.raastech.com

Enter ODS DB user password: *

Enter SYS DB user password: *

SSL (Encryption only, no authentication mode): {y/n} [n] : n
3. Here is how the output will look like:
Now connecting to the Database

It took 544 milliseconds to connect to the Database

Starting the collection of diagnotics...

OIDDIAG Executing: [Entries present in ct_dn but with no corresponding 'orclentrydn' value in ds_attrstore]

OIDDIAG Executing: [Catalog verification for attributes with more than 27 char name length]

OIDDIAG Executing: [Entries that have no row in ct_orclnormdn]

OIDDIAG Executing: [Verify whether ct_orclnormdn is cataloged]

OIDDIAG Executing: [All rows in ct_dn and ct_orclnormdn should have distinct entryid.]

OIDDIAG Executing: [Check 'referral' entries consistency between ct_objectclass and other catalog tables.]

OIDDIAG Executing: [Uniqueness check on orclguid]

OIDDIAG Executing: [Unique membership check on group entries]

OIDDIAG Executing: [Report RI Violating Entries--Duplicate Entries, Dangling DN's]

By Default this tool Verifies the RI violation for Member,UniqueMember and Existing RI enabled attributes. If you wish to verify the RI violation for other DN syntax attributes(which are still not RI enabled), please enter those attribute names one by one

Do you wish to Enter Attribute Name[Y/N]: N

OIDDIAG Executing: [Compare the maximum entryid value in ct_dn and the current sequence value of ds_attrstore_id]

OIDDIAG Executing: [Get the group details for implementing the large group related tuning]

OIDDIAG Executing: [Verify whether duplicate entries are present in the DIT]

OIDDIAG Executing: [Get the output of the current db jobs of ODS]

OIDDIAG Executing: [Find ODS tables with missing indexes]

OIDDIAG Executing: [The last time the 'ODS' user schema was analyzed]

OIDDIAG Executing: [The DIT size]

OIDDIAG Executing: [Details of some of the indexes owned by 'ODS' database user]

OIDDIAG Executing: [The attributes that are cataloged (cn=catalogs entry)]

OIDDIAG Executing: [Schema Information (cn=subschemasubentry)]

OIDDIAG Executing: [Root DSE information]

OIDDIAG Executing: [DSA Config Entry information]

OIDDIAG Executing: [Configset information]

OIDDIAG Executing: [Registry information]

OIDDIAG Executing: [Process control related information in OID tables]

OIDDIAG Executing: [The registry information for DIP]

OIDDIAG Executing: [The profile information for DIP under ODI container]

OIDDIAG Executing: [DIP profile information: changelog subscriber entries]

OIDDIAG Executing: [Report the Missing Index Names]

OIDDIAG Executing: [Replication Configuration information]

OIDDIAG Executing: [Verify if instance entries in cn=osdldapd,cn=subregistrysubentry are valid by connecting over LDAP.]

OIDDIAG Executing: [Verify if entries in table ods_process_status are valid.]

OIDDIAG Executing: [Getting OID event report 01 ]

OIDDIAG Executing: [Getting OID event report 02 ]

OIDDIAG Executing: [Getting OID event report 03 ]

OIDDIAG Executing: [Getting OID event report 04 ]

OIDDIAG Executing: [Getting OID event report 05 ]

OIDDIAG Executing: [Getting the Active Data base sessions of OID server]

OIDDIAG Executing: [Getting the number of completed LDAP operations]

OIDDIAG Executing: [Getting the number of user LDAP operations]

OIDDIAG Executing: [Getting the number of open, new and closed LDAP sessions]

OIDDIAG Executing: [Getting the Entry Cache Hit Ratio of OID server]

OIDDIAG Executing: [Getting the Running instances of LDAP server]

OIDDIAG Executing: [Getting the number of LDAP operations in progress]

OIDDIAG Executing: [Getting the OID server CPU/memory utilization]

OIDDIAG Executing: [Getting average latency (in milli sec) of LDAP operations]

OIDDIAG Executing: [Getting the Open Data base sessions of OID server]

OIDDIAG Executing: [Getting the Ports currently used by LDAP server]

OIDDIAG Executing: [Getting the OID Replication server CPU/memory utilization]

OIDDIAG Executing: [Replication DB Jobs information]

OIDDIAG Executing: [Getting the average response time of an LDAP operation]

OIDDIAG Executing: [Getting OID server security events]

OIDDIAG Executing: [Getting OID server system resource events]

OIDDIAG Executing: [Getting the number of connections held by users]

OIDDIAG Executing: [System/Process information]

OIDDIAG Executing: [Binary version of 'oidldapd' executable]

OIDDIAG Executing: [Are multiple OIDs configured against the same database?]

OIDDIAG Executing: [The session wait time and SQL for 'ODS' user orderred by wait_time]

OIDDIAG Executing: [List all the SQLs that are active for 'ODS' sessions and their execution plan]

OIDDIAG Executing: [Server instance's diagnostic information]
4. Send this file to Oracle Support:
cd /u01/app/oracle/middleware/asinst_1/diagnostics/logs/OID

gtar -czvf tools.tgz tools
 
Applicable Versions
  • Oracle Internet Directory (OID) 11g

 
Search

WebLogic Routing Configuration in mod_wl_ohs.conf for OBIEE 11g

July 4, 2017, 2:29 pm
$
0
0
1. Edit this file:
/u01/app/oracle/middleware/Oracle_WT1/instances/obiee/config/OHS/ohs1/mod_wl_ohs.conf
2. Add these entries (modify hostnames accordingly):
<Location /analytics>
  SetHandler weblogic-handler
  WebLogicCluster obieehost1:9701,obieehost2:9701
  WLProxySSL ON
  WLProxySSLPassThrough ON
</Location>

<Location /xmlpserver>
  SetHandler weblogic-handler
  WebLogicCluster obieehost1:9701,obieehost2:9701
  WLProxySSL ON
  WLProxySSLPassThrough ON
</Location>
 
Applicable Versions
  • Oracle HTTP Server (OHS) 11g (11.1.1.9.0)
  • OBIEE 11g (11.1.1.9.0)

 

OID/LDAP command usage and examples

July 4, 2017, 3:13 pm
$
0
0
Set Environment
export ORACLE_INSTANCE=/u01/app/oracle/middleware/asinst_1 
export ORACLE_HOME=/u01/app/oracle/middleware/Oracle_OID
Bind Admin
$ORACLE_HOME/bin/ldapbind -h oidhost -p 3060 -D cn=orcladmin -w welcome1

$ORACLE_HOME/bin/ldapbind -h oidhost -p 3060 -D "cn=orcladmin,cn=users,dc=raastech" -w welcome1
Bind User
$ORACLE_HOME/bin/ldapbind -h oidhost -p 3060 -D "cn=ahmed,cn=users,dc=raastech" -w welcome1
Bind on SSL Port
$ORACLE_HOME/bin/ldapbind -h oidhost -p 3131 -U 1 -D cn=orcladmin -w welcome1
Search
$ORACLE_HOME/bin/ldapsearch -h oidhost -p 3131 -U 1 -D cn=orcladmin -s sub "(objectclass=*)" -w welcome1
Add User
Create file: oid_add_user.ldif

dn: cn=ahmed,cn=users,dc=raastech
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: ahmed
givenName: ahmed
sn: ahmed
cn: ahmed
mail: ahmed@ahmed.ahmed
userPassword: welcome1

$ORACLE_HOME/bin/ldapmodify -h oidhost -p 3060 -D cn=orcladmin -w welcome1 -f oid_add_user.ldif
Change Password
Create file: oid_update_password.ldif

dn: cn=ahmed,cn=users,dc=raastech
changetype: modify
replace: userPassword
userPassword: welcome1

$ORACLE_HOME/bin/ldapmodify -h oidhost -p 3060 -D cn=orcladmin -w welcome1 -f oid_update_password.ldif
Delete User
Create file: oid_delete_user.ldif

dn: cn=ahmed,cn=users,dc=raastech
changetype: delete

$ORACLE_HOME/bin/ldapmodify -h oidhost -p 3060 -D cn=orcladmin -w welcome1 -f oid_delete_user.ldif

 
Applicable Versions
  • Oracle Internet Directory (OID) 11g

 

Enabling "Execution Tracing" and "Message Tracing" in OSB does not work

July 13, 2017, 4:42 am
$
0
0
Problem

I enabled Execution Tracing and Message Tracing on an OSB proxy service, but nothing is appearing in the logs.


Solution

1. Navigate to Servers> osb_server1> Logging.

2. Click on Advanced.

3. Set Minimum severity to Log to "DEBUG".

4. Set Log file : Severity Level to "DEBUG".

5. Save and Activate changes.



Applicable Versions
  • Oracle Service Bus (OSB) 11g (11.1.1.9.0)

 

[Quick Tip] Jenkins: Skip the Wizard

July 13, 2017, 5:35 am
$
0
0
If you are trying to setup Jenkins in an automated way you may setup the config files, but still get the setup screen despite not needing it.

You can simply add jenkins.install.runSetupWizard=false to the start up script and you're home free.

[Quick Tip] Git: Intermediate versioning with the index.

June 30, 2017, 5:39 am
$
0
0
If you use git on a daily basis then you're probably familiar with the typical:
git add somefile.txt
git commit
<Write your commit message>

One of the nice things has always been that you can do your commits locally before pushing it out to your remote repository (if you ever do that).  If you prefer expedience many people will skip the add step when they can by just using git commit -am "Commit Message". However sometimes when dealing with a non-trivial issue you may have many iterations that you can work with before what every you're doing is done. My typical method for this is to just commit and say WIP or work in progress. That way I can see where I know that the build might fail.

If I feel really motivated I may even go back to squash. However, let's say that you're not the type to commit until you have something fully working. Then I say you have a way. One of the nice features that I think many people overlook is the index. It sits in limbo between your working copy and the commit history. And it allows you to track your progress as you go along.


Source Control: Why Commit Messages Matter.

May 24, 2017, 5:41 am
$
0
0
This was post was first inspired by the Erlang Repo.

While I may not always be the best at following this wisdom. I have significantly increased my ratio of "good" commit messages to "bad" commit messages.

Past Tense vs Present
Since I know this can turn into a bit of a holy war I will just cover it and move on.
Most people are trying answer the question: What did this commit do?
Added files
Deleted files
 but for my commit messages I tend towards the question: What does this commit do? OR What will this commit do?
Add files
Delete files
I believe that a lot of this comes from the fact that when a developer is working on code. That are thinking about what they just did. That's valid, and so I understand why so many trend towards past tense. However, if you are thinking about it from a merging and patching perspective it takes on a lot of different meaning.

Ok, so now that we are beyond that why should we have good messages? If I look back through the commit log and all I see is, "Minor Fix", "Changed Names", "Did some refactoring". When I come back next week or later, those changes aren't going to mean anything to me. Then you have to take the time to delve through all the commits and figure out what has happened.

Instead making commit messages that look like "Update MyTrigger to only accept parameters with a minimum length of 5" or if you're grouping larger efforts you can say things like:
Change Collection Module logging from OkLogger to SuperLogger 

- Refactor log statements to abide with the different signature of SuperLogger
- Change dependency from OkLogger to SuperLogger

This may not sound like it would take too much effort, but you would not be live the amount of time that I've saved by having good commit messages. Just like any advice you can take it or leave it, but a little extra time on commit messages can save a lot more later when you're trying to track down why all of a sudden you're getting references to frameworks you thought you removed ages ago.



Error while starting cluster: (Wrapped) java.io.IOException: Keystore was tampered with, or password was incorrect

July 16, 2017, 3:30 pm
$
0
0
Problem

Seeing the following in the log during startup of oam_server1:
[oam_server1] [ERROR] [] [Coherence] [tid: Logger@1725259747 3.7.1.1] [userId: ] [ecid: 0000Kcfv^DM7ECK6yVuXMG1KXY0q000002,0] [APP: oam_server#11.1.2.0.0] 2015-10-12 03:08:58.358/302741.698 Oracle Coherence GE 3.7.1.1 (thread=Configuration Store Observer, member=n/a): Error while starting cluster: (Wrapped) java.io.IOException: Keystore was tampered with, or password was incorrect.
Solution

The .cohstore.jks keystore file is corrupt and must be restored from backup.

If the password in the .cohstore.jks keystore file is corrupt, even though you may be able to get the password using a WLST command, it needs to be restored from backup.

1. Start the AdminServer.

2. Connect to Enterprise Manager (/em).

3. Locate the Domain in the left navigation panel.

4. Right click and select Security> Credentials.

5. Delete the credential Map key pair (OAM_STORE, coh).

6. Restart the AdminServer. This will re-create the Coherence Bootstrap artifact and reset the required password.

 
References
 
Applicable Versions
  • Oracle Access Manager 11g R2 PS2 (11.1.2.2.0)

 
Search

Keytool usage and examples

July 18, 2017, 2:59 pm
$
0
0
List

keytool -list    -keystore cacerts

keytool -list -v -keystore cacerts

keytool -list -v -keystore raastech.jks -storepass changeit


Change Keystore Password

keytool -storepasswd -new changeit -keystore raastech.jks -storepass changeit


Import

keytool -import -trustcacerts -file CA.cer -alias ca -keystore cacerts

keytool -import -v -noprompt -trustcacerts -alias ca -file CA.cer -keystore trust.jks -storepass changeit


Import Keystore

keytool -importkeystore -srckeystore raastech.p12 -srcstoretype PKCS12 -destkeystore raastech.jks


Delete Alias from Keystore

keytool -delete -alias ca -keystore cacerts -storepass changeit



 

Getting "NZ Library Error: Unknown error" when starting up OHS

July 21, 2017, 9:30 am
$
0
0
Problem

You may have received the following obscure error when trying to start up OHS. This error would repeat indefinitely in the ohs1.log file:
[2017-04-16T14:19:35.0074+00:00] [OHS] [ERROR:32] [] [core.c] [host_id: soahost1.raastech.com] [host_addr: 192.168.1.13] [pid: 10627] [tid: 139289152765702] [user: oracle] [VirtualHost: SOAHOST1:8898]  NZ Library Error: Unknown error 
Solution

1. Edit httpd.conf.

2. Add the following line at the bottom of the file. It must be the loopback address, and any available port:
Listen 127.0.0.1:9999

3. Restart OHS.

 
 
References
 
Applicable Versions
  • Oracle WebTier 11g (11.1.1.9.0)

 

BAM-00404 Authentication failed

July 21, 2017, 6:39 pm
$
0
0
Problem

Getting the following error in the BAM logs:
[2017-04-12T21:27:03.699+00:00] [bam_server1] [WARNING] [] [oracle.bam.adc.security] [tid: [ACTIVE].ExecuteThread: '87' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: weblogic] [ecid: 5e3db6b798b0c5d6:-6f4d0d44:15b6408a2e3:-8000-00000000000019b7,0] [APP: oracle-bam#11.1.1]  [100] Exception occurred in method Authenticator.setUserContext([[
BamSubject:
    BAM USER ID:      0
    User:            
        Name:        weblogic
        Class:       weblogic.security.principal.WLSUserImpl
    Anonymous User:   null
    Application Role:
        Name:        Administrator
        Class:       oracle.security.jps.service.policystore.ApplicationRole
        GUID:        9630B38048C811E3BFF9A38AAABA83CB
        Application: oracle-bam#11.1.1
   Application Role:
        Name:        authenticated-role
        Class:       oracle.security.jps.internal.core.principals.JpsAuthenticatedRoleImpl
        GUID:        null
        Application: null
    Group:           
        Name:        Operators
        Class:       weblogic.security.principal.WLSGroupImpl
    Group:           
        Name:        Administrators
        Class:       weblogic.security.principal.WLSGroupImpl
    Group:           
        Name:        OracleSystemGroup
        Class:       weblogic.security.principal.WLSGroupImpl
    Group:           
        Name:        CrossDomainConnectors
        Class:       weblogic.security.principal.WLSGroupImpl
    Group:           
        Name:        AdminChannelUsers
        Class:       weblogic.security.principal.WLSGroupImpl
    Group:           
        Name:        AppTesters
        Class:       weblogic.security.principal.WLSGroupImpl
    Group:           
        Name:        Monitors
        Class:       weblogic.security.principal.WLSGroupImpl
    Group:           
        Name:        Deployers
        Class:       weblogic.security.principal.WLSGroupImpl)
Exception: oracle.bam.common.security.authentication.AuthenticationException: . User is marked inactive.
  at oracle.bam.adc.security.authentication.Authenticator.synchronizeUser(Authenticator.java:1194)
  at oracle.bam.adc.security.authentication.Authenticator.setUserContext(Authenticator.java:804)
  at oracle.bam.adc.kernel.server.DataStoreServer.setUserContext(DataStoreServer.java:475)
  at oracle.bam.adc.ejb.BamAdcServerBean.interceptor(BamAdcServerBean.java:261)
  at sun.reflect.GeneratedMethodAccessor995.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  at java.lang.reflect.Method.invoke(Method.java:606)
  at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
  at com.oracle.pitchfork.intercept.JeeInterceptorInterceptor.invoke(JeeInterceptorInterceptor.java:68)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.oracle.pitchfork.intercept.MethodInvocationInvocationContext.proceed(MethodInvocationInvocationContext.java:103)
  at oracle.security.jps.ee.ejb.JpsAbsInterceptor$1.run(JpsAbsInterceptor.java:135)
  at java.security.AccessController.doPrivileged(Native Method)
  at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)
  at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:464)
  at oracle.security.jps.ee.ejb.JpsAbsInterceptor.runJaasMode(JpsAbsInterceptor.java:122)
  at oracle.security.jps.ee.ejb.JpsAbsInterceptor.intercept(JpsAbsInterceptor.java:193)
  at oracle.security.jps.ee.ejb.JpsInterceptor.intercept(JpsInterceptor.java:113)
  at sun.reflect.GeneratedMethodAccessor992.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  at java.lang.reflect.Method.invoke(Method.java:606)
  at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
  at com.oracle.pitchfork.intercept.JeeInterceptorInterceptor.invoke(JeeInterceptorInterceptor.java:68)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34)
  at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
  at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
  at com.sun.proxy.$Proxy249.ping(Unknown Source)
  at oracle.bam.adc.ejb.BamAdcServerBean_wf34ei_BamAdcServerRemoteImpl.__WL_invoke(Unknown Source)
  at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
  at oracle.bam.adc.ejb.BamAdcServerBean_wf34ei_BamAdcServerRemoteImpl.ping(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  at java.lang.reflect.Method.invoke(Method.java:606)
  at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:89)
  at com.sun.proxy.$Proxy150.ping(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  at java.lang.reflect.Method.invoke(Method.java:606)
  at oracle.bam.common.remoting.BamEjbClient.invoke(BamEjbClient.java:1546)
  at com.sun.proxy.$Proxy248.ping(Unknown Source)
  at oracle.bam.adc.api.client.BamAdcClient.ping(BamAdcClient.java:269)
  at oracle.bam.common.remoting.BamEjbClient.isADCServerAvailableForWebAppInit(BamEjbClient.java:1830)
  at oracle.bam.web.shared.WebPage.processRequest(WebPage.java:384)
  at oracle.bam.web.shared.WebPage.processRequest(WebPage.java:350)
  at jsp_servlet._19427.__startpage._jspService(__startpage.java:71)
  at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
  at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
  at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
  at oracle.bam.web.cache.ClientSideCache.doFilter(ClientSideCache.java:93)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
  at oracle.bam.web.filters.GZIPFilter.doFilter(GZIPFilter.java:97)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
  at oracle.bam.web.filters.ValidateBrowserSession.doFilter(ValidateBrowserSession.java:211)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
  at oracle.bam.web.redirect.Redirect.doFilter(Redirect.java:80)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
  at oracle.bam.web.filters.ValidateBrowserSupport.doFilter(ValidateBrowserSupport.java:138)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
  at oracle.bam.web.filters.CharsetFixupFilter.doFilter(CharsetFixupFilter.java:65)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
  at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:138)
  at java.security.AccessController.doPrivileged(Native Method)
  at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)
  at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:464)
  at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:121)
  at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:211)
  at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
  at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:138)
  at java.security.AccessController.doPrivileged(Native Method)
  at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)
  at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:464)
  at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:121)
  at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:211)
  at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
  at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:163)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
  at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3748)
  at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3714)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2283)
  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2182)
  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1499)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:263)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
]] 
Solution

1. Log in to the database as DEV_ORABAM.


2. Run the following query:
UPDATE dev_orabam.sysiteruser SET inactive = 0 WHERE username = 'weblogic'; 
COMMIT;
Applicable Versions
  • Oracle Business Activity Monitoring (BAM) 11g (11.1.1.9.0)

 

WebGate 10g for Windows 2012 R2: "Could not read file" netlibmsg.xml

July 29, 2017, 3:47 pm
$
0
0
Problem

In this log file C:\NetPoint\Webgate\access\oblix\logs\oblog.log, you see the following:
2017/05/16@22:31:48.570000 1876 1521 INIT ERROR 0x000003B6 base\oblistrwutil.cpp:192 "Could not read file" filename^E:\NetPoint\Webgate\access//oblix/lang/en-us/netlibmsg.xml
Solution

1. No action needed. There is no adverse impact on WebGate functionality.

Applicable Versions
  • Oracle WebGate 10g (Windows 32-bit)

 

Failed executing BamAdcServer.ping due to ServiceUnavailableException

August 1, 2017, 6:40 pm
$
0
0
Problem

Log in to the BAM Console at:
http://soahost1:9002/OracleBAM
Tried to log in to the BAM Console, and browser shows:
The BAM Server is unavailable.
These log entries show up in the bam_server1-diagnostic.log file during login:
[2017-03-10T13:10:13.846+00:00] [bam_server1] [TRACE:32] [] [oracle.bam.common.security] [tid: [ACTIVE].ExecuteThread: '47' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: weblogic] [ecid: 2913acc884e13d35:1da4e73c:15ab855a0ff:-8000-000000000000002b,0] [APP: oracle-bam#11.1.1] [SRC_CLASS: oracle.bam.common.security.authentication.WebAuthentication] [SRC_METHOD: authenticate] [60] Request: Scheme[http] AuthType[CLIENT_CERT,FORM] RemoteUser[weblogic] UserPrincipal[weblogic]
[2017-03-10T13:10:13.846+00:00] [bam_server1] [TRACE:32] [] [oracle.bam.common.security] [tid: [ACTIVE].ExecuteThread: '47' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: weblogic] [ecid: 2913acc884e13d35:1da4e73c:15ab855a0ff:-8000-000000000000002b,0] [APP: oracle-bam#11.1.1] [SRC_CLASS: oracle.bam.common.security.authentication.WebAuthentication] [SRC_METHOD: authenticate] [60] UserPrincipal: weblogic  
[2017-03-10T13:10:28.957+00:00] [bam_server1] [WARNING] [] [oracle.bam.common.remoting.BamEjbClient] [tid: [ACTIVE].ExecuteThread: '47' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: weblogic] [ecid: 2913acc884e13d35:1da4e73c:15ab855a0ff:-8000-000000000000002b,0] [APP: oracle-bam#11.1.1] [60] Failed executing BamAdcServer.ping due to ServiceUnavailableException. Configured retry count (3) has been exceeded. 
Solution

1. Wait for 15 minutes and try logging in again. It will work.
 
 
Applicable Versions
  • Oracle Business Activity Monitoring (BAM) 11g (11.1.1.9.0)

 

WebGate 10g for Windows 2012 R2: "Could not read file" oblog config.xml

August 7, 2017, 3:50 pm
$
0
0
Problem

In the log file C:\NetPoint\Webgate\access\oblix\logs\oblog.log, you see this error:
2017/05/16@21:33:59.042000 2136 3108 INIT ERROR 0x000003B6 base\oblistrwutil.cpp:192 "Could not read file" filename^E:\NetPoint\Webgate\access//oblix/config/oblog_config.xml
Solution

1. Run these commands:
cd C:\NetPoint\Webgate\access\oblix\config\ 
cp oblog_config_wg.xml oblog_config.xml

Applicable Versions
  • Oracle WebGate 10g (Windows 32-bit)

 

Linux (process, search, size) command usage and examples

August 17, 2017, 3:14 pm
$
0
0

Process


View All Processes Hierarchically

ps -efaux

Shows Running Processes in Tree Format

pstree -p

Find the 20 Largest Processes (5th column)

ps -aux | sort -nk5 | grep -v USER | tail -20


Search



Search Recursively for Contents in a File

find . -type f | xargs grep "mytext"

Search Recursively for Contents in .java Files

find . -type f -name "*.java" | xargs grep "mytext"

Find All World Writable Files

find . -perm -2 ! -type l -ls

Search/Replace



Recursively Replace a String in .xml Files *dangerous*

find . -type f -name "*.xml" -exec sed -i "s%orabpel%orabpel2%" {} \;

Recursively Replace a String, but Exclude .class .jar. .zip Files *dangerous*

find . -type f \( ! -name "*.class" ! -name "*.jar" ! -name "*.zip" \) -exec sed -i "s%orabpel%orabpel2%" {} \;


Size



Directory Sizes

du -sm *

Find the 20 Largest Directories

du -S | sort -n | tail -20

Find Files > 100 MB

find . -size +100000k -exec du -h {} \;




 
Search

Find out what process is listening on what port

August 23, 2017, 7:36 am
$
0
0
Do you want to know what process is listening on a particular port in Linux?

Using the lsof command you can confirm that a java process with a pid of 14202 is listening on port 7001:
oracle@soahost1:/home/oracle> lsof -i :7001 | grep LISTEN 
java  14202 oracle 1013u  IPv6 3652361843  0t0  TCP soahost1:afs3-callback (LISTEN)

Similarly, using the netstat command, you can confirm that the java process with a pid of 14202 is listening on port 7001:
oracle@soahost1:/home/oracle> netstat -anp | grep LISTEN | grep 7001
tcp   0  0 ::ffff:10.31.160.230:7001   :::*   LISTEN   14202/java



Getting "httpd.worker': double free or corruption" when starting up OHS

September 6, 2017, 3:52 pm
$
0
0
Problem

Starting up OHS fails.

This error appears in ${OHS_LOGS}/ohs1.log:
--------
17/06/17 02:37:46 Start process
--------
/u01/app/oracle/middleware/Oracle_WT1/ohs/bin/apachectl startssl: execing httpd
[Sat Jun 17 02:37:46 2017] [warn] Errors will be logged into /u01/app/oracle/middleware/Oracle_WT1/instances/obiee/diagnostics/logs/OHS/ohs1/ohs1.log
[Sat Jun 17 02:37:47 2017] [warn] Errors will be logged into /u01/app/oracle/middleware/Oracle_WT1/instances/obiee/diagnostics/logs/OHS/ohs1/ohs1.log
*** Error in `/u01/app/oracle/middleware/Oracle_WT1/ohs/bin/httpd.worker': double free or corruption (out): 0x0000000001821300 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x7c503)[0x7f3a1f9ab503]
/u01/app/oracle/middleware/Oracle_WT1/lib/libnnz11.so(nzumfree+0x64)[0x7f3a1f03aefa]
/u01/app/oracle/middleware/Oracle_WT1/lib/libnnz11.so(nztiFIC_Free_Identity_Contents+0x45)[0x7f3a1f06f2d3]
/u01/app/oracle/middleware/Oracle_WT1/lib/libnnz11.so(nztiDI_Destroy_Identity+0x3a)[0x7f3a1f06f268]
/u01/app/oracle/middleware/Oracle_WT1/lib/libnnz11.so(nztiFIL_Free_Identity_List+0x5a)[0x7f3a1f06f21a]
/u01/app/oracle/middleware/Oracle_WT1/lib/libnnz11.so(nztnFPC_Free_Persona_Contents+0x45)[0x7f3a1f072ec1]
If you comment out the ssl.conf line in httpd.conf, it starts up fine.


Solution

1. This was because the certificate chain was not complete in trust.jks.

For example, the identity cert was signed by a CA4, so the trust was missing the intermediate and root certs for that CA.

To import those certificates into the trust keystore:
keytool -import -alias PRODCA4 -file PRODCA4.crt -keystore /u01/app/oracle/middleware/keystore/trust.jks

keytool -import -alias PRODTreasury -file PRODTreasury.crt -keystore /u01/app/oracle/middleware/keystore/trust.jks 
Applicable Versions
  • Oracle HTTP Server (OHS) 11g (11.1.1.9.0)

 

"The user account is locked or disabled" when logging in with Oracle Access Manager SSO

September 11, 2017, 3:40 pm
$
0
0
Problem

When trying to log in with SSO against Oracle Access Manager 11g, you see the error on the screen:

The user account is locked or disabled. Please contact the System Administrator.

Solution

Check all the following.

1. OID is down or the password for cn=orcladmin password in OAM needs updating.

2. Confirm that OID is running:
oracle@oamhost1:/home/oracle> ${MW_HOME}/asinst_1/bin/opmnctl status -l
3. Confirm that OAM can connect to OID.

a. Log in to the OAM Console.

b. Navigate to Configuration> User Identity Stores.

c. Edit OIDStore.

d. Click on "Test Connection".


Applicable Versions
  • Oracle Access Manager 11g

 

Getting "An unexpected error occurred" when deploying an OSB project

September 12, 2017, 11:13 am
$
0
0
Problem:

When deploying an OSB project, you may get the following undescriptive error on the OSB Console:
An unexpected error occurred.
The following error would appear in the AdminServer.out file:
####<Mar 3, 2017 5:03:21 PM GMT> <Error> <netuix> <osbhost1> <AdminServer> <[ACTIVE] ExecuteThread: '39' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <685ea1de428af539:-5fcff8e9:82f2515a61f:-8000-0000000000003938> <1488560601009> <BEA-423137> <There was an error loading the requested URI null.>

####<Mar 3, 2017 5:03:21 PM GMT> <Error> <netuix> <osbhost1> <AdminServer> <[ACTIVE] ExecuteThread: '39' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <de428af5685ea139:-5fcff8e9:15a61f82f25:-8000-0000000000003938> <1488560601009> <BEA-423223> <There was an error while running a lifecycle stage :: Lifecycle: UIControl.render :: for the control :: null ::.
com.bea.netuix.nf.UIControlException: com.bea.portlet.adapter.scopedcontent.ActionLookupFailedException: java.lang.NoSuchMethodError: org.apache.commons.io.IOUtils.readFully(Ljava/io/InputStream;[B)V
        at com.bea.netuix.servlets.controls.content.NetuiContent.checkPreRenderExceptions(NetuiContent.java:404)
        at com.bea.netuix.servlets.controls.content.NetuiContent.beginRender(NetuiContent.java:343)
        at com.bea.netuix.nf.ControlLifecycle$7.visit(ControlLifecycle.java:485)
        at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:518)

Solution:

1. OSB JAR is missing the ExportInfo file.


Applicable Version:

  • Oracle Service Bus (OSB) 11g (11.1.1.9)


IAU-5047: Problem in transferring audit record

September 14, 2017, 3:36 pm
$
0
0
Problem

You may receive these errors in the logs when starting up the OAM AdminServer:
####<Jun 28, 2017 7:35:08 PM GMT> <Error> <oracle.jps.common> <oamhost1.raastech.com> <AdminServer> <AuditLoaderRunner> <<WLS Kernel>> <> <0000LngIa0d3V805zzc9yW1PKkHg00000T> <1498678508558> <BEA-000000> <IAU:IAU-5047: Problem in transferring audit record from file:/u01/app/oracle/middleware/user_projects/domains/oamdomain/servers/AdminServer/logs/auditlogs/OAM/audit.log position:12,485 will retry in next cycle. caught exception oracle.security.audit.AuditException: javax.naming.NameNotFoundException: Unable to resolve 'jdbc.AuditDB'. Resolved 'jdbc'; remaining name 'AuditDB'
        at oracle.security.audit.ajl.loader.OracleRepository.createConnection(OracleRepository.java:131)
        at oracle.security.audit.ajl.loader.OracleRepository.<init>(OracleRepository.java:75)
        at oracle.security.audit.ajl.loader.JDBCLogWriter.reinit(JDBCLogWriter.java:68)
        at oracle.security.audit.ajl.loader.JDBCLogWriter.write(JDBCLogWriter.java:115)
        at oracle.security.audit.ajl.loader.AuditLoader.readMessages(AuditLoader.java:516)
        at oracle.security.audit.service.AuditLoaderManager.readMessages(AuditLoaderManager.java:324)
        at oracle.security.audit.service.AuditLoaderManager$Runner.run(AuditLoaderManager.java:410)
Caused by: javax.naming.NameNotFoundException: Unable to resolve 'jdbc.AuditDB'. Resolved 'jdbc'; remaining name 'AuditDB'
        at weblogic.jndi.internal.BasicNamingNode.newNameNotFoundException(BasicNamingNode.java:1148)
        at weblogic.jndi.internal.BasicNamingNode.lookupHere(BasicNamingNode.java:258)
        at weblogic.jndi.internal.ServerNamingNode.lookupHere(ServerNamingNode.java:182)
        at weblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:206)
        at weblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:220)
        at weblogic.jndi.internal.WLEventContextImpl.lookup(WLEventContextImpl.java:254)
        at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:412)
        at javax.naming.InitialContext.lookup(InitialContext.java:411)
        at oracle.security.audit.ajl.loader.OracleRepository.createConnection(OracleRepository.java:110)
        ... 6 more
>
####<Jun 28, 2017 7:35:08 PM GMT> <Error> <oracle.jps.common> <oamhost1.raastech.com> <AdminServer> <AuditLoaderRunner> <<WLS Kernel>> <> <0000LngIa0d3V805zzc9yW1PKkHg00000T> <1498678508558> <BEA-000000> <IAU:IAU-5048: Problem in transferring audit record to Audit Store null null. Please verify your Audit Store configuration>
Solution

1. Target the AuditDB datasource to the AdminServer.

Applicable Versions
  • Oracle Access Manager 11g

 
Viewing all 208 articles
Browse latest View live
Search