Oracle Traffic Director (OTD) is software load balancer from Oracle that receive requests from client and forward it to back-end application like WebLogic , WebCenter, Portal etc. In this first post on OTD, I’ll be covering basic concepts related to OTD (More on installation & configuration of OTD later in future posts) 1. Oracle […]
The post Oracle Traffic Director (OTD) 12c : Basics & Overview appeared first on Oracle Trainings for Apps & Fusion DBA.
Web-based content in Oracle E-Business Suite 12 runs on the Oracle Application Framework (OAF or "OA Framework") user interface libraries and infrastructure. Since the release of Oracle E-Business Suite 12.2 in 2013, we have released several cumulative updates to Oracle Application Framework to fix performance, security, and stability issues.
These updates are provided in cumulative Release Update Packs, and
cumulative Bundle Patches that can be applied on top of the Release
"Cumulative" means that the latest RUP or Bundle Patch contains
everything released earlier.
The latest OAF update for EBS 12.2.5 is now available:
- Oracle Application Framework (FWK) Release 12.2.5+ Bundle 7 (Patch 24561446:R12.FWK.C)
Where is the documentation for this update?
Instructions for installing this OAF Release Update Pack are here:
- Oracle E-Business Suite Release 12.2 Upgrade Considerations for OA Framework-based Applications (Note 1927975.1)
Who should apply this patch?
All EBS 12.2.5 users should apply this patch. Future OAF patches for EBS 12.2.5 will require this patch as a prerequisite.
What's new in this update?
This bundle patch is cumulative: it includes all fixes released in previous EBS 12.2.5 bundle patches.
This latest bundle patch includes new fixes for the following critical issues:
- The number values in Total column in the Budget table are partially hidden after applying some set of ATG and Mobile Application patches.
- Failed to return to the base page after submitting the popup due to client side validation.
- The rawtext with style class set to OraInstrcutionText under HideShowHeader with style class OraHeaderSub does not word-wrap.
- Tables are not get rendered properly when scrolling when there are more than 300 records in the table.
- Page/form image icons are not aligned on home page with the function name links in Navigator and Favorites regions in Chrome and Firefox browsers.
- The document catalog column was displayed on inline attachment popup windows even if document catalog option was disabled.
- In HTTPS-enabled environments, navigating to 3-Frame JSP page shows a blank page since the request to load mixed active content has been blocked.
In one of our project, we were using CS 7.2 P02 (upgraded later with P05) in correlation with xPlore 1.5 P02. With these versions, we wanted to setup the IndexAgents in HTTPS to have a completely secured environment. We choose to follow the xPlore documentation and use the Groovy script that EMC is now providing to facilitate the setup in HTTPS of the IndexAgents & Primary DSearch.
The first thing to note is that the documentation is describing some parts of how to setup the SSL in xPlore but it is not the complete setup and some other parts are missing! You can use one of my previous blog to know how to setup an IndexAgent in HTTPS using the Groovy Script: click here. The second thing to note is that after setting our IndexAgents in HTTPS, we faced an issue where the status of the IndexAgents weren’t available anymore (it was working in HTTP)! After following the steps described in the other blogs, please take a look at the explications below in case you are having the same issue.
So after doing what is described in the link above, the status of the IndexAgents in Documentum Administrator was “Not responding” and we weren’t able to start/stop them. Same behavior via iapi, the status command returned a 200 code. Unlike the HTTP response codes, the IndexAgents codes are:
- 0 => Everything is running & working
- 100 => The JBoss instance hosting the IndexAgent is running BUT the IndexAgent isn’t started (E.g.: not in the status “Start in Normal Mode”)
- 200 => The JBoss instance hosting the IndexAgent isn’t running OR not responding
Now to check the status of the IndexAgent, you can do the following using iapi:
API> ?,c,select object_name, index_name from dm_ftindex_agent_config; object_name index_name ----------------------------------------------- ------------------------------------------------ xplore_server_01_9200_IndexAgent DOCBASE_ftindex_01 (1 row affected) API> apply,c,,FTINDEX_AGENT_ADMIN,NAME,S,DOCBASE_ftindex_01,AGENT_INSTANCE_NAME,S,xplore_server_01_9200_IndexAgent,ACTION,S,status ... q0 API> next,c,q0 ... OK API> dump,c,q0 ... USER ATTRIBUTES name : xplore_server_01_9200_IndexAgent status : 200 SYSTEM ATTRIBUTES APPLICATION ATTRIBUTES INTERNAL ATTRIBUTES API> exit Bye
You can see above a status 200… I can assure you that the JBoss instance and IndexAgent are up, running & working properly (we had to start it using the GUI since it was the only way to check the status)! Then why is a status code 200 returned? Well that’s the purpose of this blog!
Like I said before, we choose to setup the SSL for the IndexAgents using the Groovy script and that’s the reason why we faced this issue in the first place… The Groovy script is setup to automatically update the file “standalone.xml” to add some configuration for the SSL. This is what the script will add:
[xplore@xplore_server_01 ~]$ grep -A4 "connector name=\"https\"" /app/xPlore/jboss7.1.1/server/DctmServer_Indexagent_DOCBASE/configuration/standalone.xml <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true"> <ssl name="https" password="***********" certificate-key-file="/app/xPlore/dsearch/admin/./../../jboss7.1.1/server/DctmServer_Indexagent_DOCBASE/configuration/my.keystore" cipher-suite="TLS_RSA_WITH_AES_128_CBC_SHA"/> </connector>
Now what is wrong with this configuration? It actually looks quite good… We were working on this specific issue for a few months with EMC without any special findings (no errors in logs, nothing in the DFC/RPC/HTTP_POST traces, aso…) when we noted that the Groovy script only added a “normal” Cipher to the standalone.xml file but our Content Servers were setup at that time using the default SSL mode of Documentum which is commonly named “Anonymous SSL”. As shown above, the SSL Cipher that the Groovy script added is “TLS_RSA_WITH_AES_128_CBC_SHA”. The problem is that the JBoss instance hosting the IndexAgent is restricting the Ciphers available but the docbase on the other side isn’t able to use this Cipher because it is using the “Anonymous SSL”. Therefore there is mismatch in the Ciphers available and the communication can’t be completed.
So what is the solution to that? Well we simply need to extend the Cipher list to find a Cipher that is available for both the docbase and the IndexAgent. To solve this issue, you just have to replace the “cipher-suite” as follow:
[xplore@xplore_server_01 ~]$ grep -A4 "connector name=\"https\"" /app/xPlore/jboss7.1.1/server/DctmServer_Indexagent_DOCBASE/configuration/standalone.xml <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true"> <ssl name="https" password="***********" certificate-key-file="/app/xPlore/dsearch/admin/./../../jboss7.1.1/server/DctmServer_Indexagent_DOCBASE/configuration/my.keystore" cipher-suite="TLS_DH_anon_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA"/> </connector>
With this setup, you just have to restart the JBoss instance hosting the IndexAgent, reinitialize the Content Server and after doing that, the status will be available again:
API> apply,c,,FTINDEX_AGENT_ADMIN,NAME,S,DOCBASE_ftindex_01,AGENT_INSTANCE_NAME,S,xplore_server_01_9200_IndexAgent,ACTION,S,status ... q0 API> next,c,q0 ... OK API> dump,c,q0 ... USER ATTRIBUTES name : xplore_server_01_9200_IndexAgent status : 100 SYSTEM ATTRIBUTES APPLICATION ATTRIBUTES INTERNAL ATTRIBUTES API> apply,c,,FTINDEX_AGENT_ADMIN,NAME,S,DOCBASE_ftindex_01,AGENT_INSTANCE_NAME,S,xplore_server_01_9200_IndexAgent,ACTION,S,start ... q1 API> next,c,q1 ... OK API> dump,c,q1 ... USER ATTRIBUTES name : xplore_server_01_9200_IndexAgent status : 0 SYSTEM ATTRIBUTES APPLICATION ATTRIBUTES INTERNAL ATTRIBUTES API> exit Bye
As you might know, the Cipher that we added contains “_anon_”. This means Anonymous (no authentication) and this also means that it is not the most secure of all Ciphers but this is necessary if you are using the default SSL mode in Documentum (without specifically setting up your own SSL Certificates). That’s why EMC recommends you to setup a non-Anonymous SSL mode but that’s a little bit more difficult to setup than just using the default one. Might be the subject of another blog
Cet article Documentum story – Status of IndexAgent not visible in HTTPS (xPlore) est apparu en premier sur Blog dbi services.
- ORA-01036 Error in Node.js app with Oracle Database Node.js Add-on (OPN Innovation and Modernisation Center (EMEA))
via OPN Innovation and Modernisation Center (EMEA) http://ift.tt/1AAiVSD
- Sponsored: 64% off Code Black Drone with HD Camera
Our #1 Best-Selling Drone--Meet the Dark Night of the Sky!
Redwood Shores, Calif.—Oct 26, 2016
Oracle today introduced a series of new data management platform innovations within the Oracle Marketing Cloud that enable customers to seamlessly define, select, count, and deliver audience IDs based on the users’ environment. This allows customers to create audience segments tied to the customer journey across devices, channels, media environments, and ID spaces. Powered by the Oracle ID Graph, this release helps marketing and media professionals deliver on their marketing strategies by delivering relevant experiences to customers on whichever device they choose.
As consumers increasingly interact with brands across a range of different devices and environments, marketers and publishers face the challenge of unifying consumer IDs from different platforms and devices in order to gain a holistic view of individual buyers. To empower marketers and publishers to quickly and efficiently manage these multiple environments, Oracle has released major enhancements to the Audience Builder user interface within the Oracle Data Management Platform to help marketers visualize and manage ID source, with planned functionality to link these audiences via a self-service UI through the Oracle ID Graph. The new user interface released today makes it easier for customers to manage and select ID types in order to identify, build, plan and analyze audiences based on the device or platform within which the ID was originally created. This lays the foundation for the next iteration of the platform, which will further enable cross-device marketing by bridging IDs and scoring linkages between those IDs. This set of enhancements accelerates the convergence of adtech and martech within and outside of the Oracle technology stack.
“The explosive growth in connected devices has created immense opportunities for marketers to engage with consumers at the moments that truly matter,” said Steve Krause, group vice president, product management, Oracle Marketing Cloud. “To capitalize on this opportunity, marketers need to be able to manage audiences based on the engaged environment. This is critical to intelligent linking for use cases like cross-device targeting and that is why we have revamped the Audience Builder user interface within the Oracle Data Management Platform to help address device agnostic identity management.”
Audience Builder enables marketers to plan audiences for their campaigns using a combination of their own data and third-party data sources. Through the new Audience Builder users are able to:
- Enhance Audience Segmentation and Engagement: Understand audience composition by device and environment to increase the effectiveness of engagements.
- Optimize Media Buys: By identifying the devices driving conversions, marketers can modify campaign strategies to focus the conversion points and eliminate wasted impressions.
- Increase Campaign Effectiveness: By managing advertising dollars based on targeting environment, customers can personalize campaigns against the source ID for relevant retargeting and prospecting.
- Improve Mobile App Targeting at Scale: Enables marketers to activate 1st and 3rd-party audiences on channels against their mobile ad IDs based on behaviors like mobile app installs.
The new Audience Builder user interface is the latest in a series of innovative enhancements to the Oracle Data Management Platform. In the last year, Oracle has:
- Integrated Native Tools for Data Ingest and Custom Audience Creation: Self-serve tools available in the platform for custom audience creation powered by Oracle Data Cloud’s Audience Discovery Platform, as well as embedded offline onboarding functionality via Oracle OnRamp, are now native functionalities of the platform.
- Enhanced Personalization: Maxymiser integration enables marketers to tap into 1st, 2nd and 3rd party data for testing and optimization initiatives. This makes it easier for marketers to deliver experiences that are relevant to customers even before the first page view.
- Enhanced Partner Integration: Enables partners to self-integrate into the Oracle Data Management Platform by setting up their endpoint for turnkey data campaign delivery. Since the new self-service portal was launched in November 2015, more than 20 new partners have been added.
The Oracle Marketing Cloud is part of the Oracle Customer Experience (CX) Cloud, one of the industry’s most complete CX solutions. Oracle CX Cloud empowers organizations to improve experiences, enhance loyalty, differentiate their brands, and drive measurable results by creating consistent, connected, and personalized brand experiences across all channels and devices.
PR for Oracle
Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services. For more information about Oracle (NYSE:ORCL), visit www.oracle.com.Trademarks
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.Safe Harbor
The preceding is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle Corporation.
A Guest Post by Oracle's Jack Berkowitz, VP of AI Apps Development (pictured left)
I'm thrilled to report that industry watchers liked what they heard at OpenWorld about our next-generation cloud strategy. One in particular, Ventana Research, named Oracle a winner of its 2016 Technology Innovation Awards for our Adaptive Intelligent Applications. How cool is that! These decision science and data-driven apps are part of the hottest trend in technology right now: AI and machine learning.
But our AI notoriety doesn’t stop at one award. Our OpenWorld announcement generated a lot of analyst and press interest (see list of published articles below). We even received favorable coverage from some of the most skeptical pundits. Here are a few that stand out:
“I see Salesforce as the first mover, but Oracle has significant long-term advantages.” – Doug Henschen, Constellation Research
"Oracle's new Adaptive Intelligent solutions take this value proposition a step further. They are set apart from others by allowing the intelligent applications to learn from billions of anonymized consumer and business profiles available from Oracle." – Dave Schubmehl, IDC, quoted in eWeek
“It is good to see a major vendor start to talk about specific use cases and put a bit more business context around the current buzz around machine learning.” - Vinnie Mirchandani, Enterprise Irregulars
Real products. Real benefits.
But this isn’t just us talking a good game. (In fact, there’s no shortage of hype as evidenced by articles such as this: Salesforce's "Einstein" receives mixed reviews.) Our Dev team is on track to meet the product rollout plan we shared with analysts and press at OpenWorld.
The first product we plan to release in 2017 is Adaptive Intelligent Offers. It enhances Oracle Commerce and Marketing Clouds with the ability to deliver offers and product recommendations to consumers at a specific moment. There are a number of competitive solutions out there, but they don’t have the same decision science/machine-learning algorithms that we do and require manual tuning of rules.
In addition, our apps don’t require huge data science departments to use them. Here’s why that’s an advantage. Some customers, such as the largest retailers, will want to build proprietary machine learning platforms, but most won’t have access to the talent, data, and infrastructure required. Gartner predicts that many organizations will opt for packaged applications because the data science needed to create these systems is so complex.
No one can match Oracle's winning combination
So what sets our apps apart? It's the combo of these four elements:
- The most data with five billion anonymous consumer and business profiles
- The broadest domain expertise and delivery platform with 12,500 SaaS customers across CX, HCM, ERP, EPM, and SCM
- Data science, machine learning, and AI expertise in consumer research, systems optimization, IOT predictive analytics, business analytics and prediction
- Scalable cloud infrastructure that is automated
We're also working on AI Actions for sales and service, AI Discounts for procurement and finance, AI Dynamic Planning and Bidding for logistics, and AI Candidate Experience for HR.
 “Top 10 Strategic Technology Trends for 2017”, Gartner, October 2016.
Analyst and Press Articles Covering Adaptive Intelligent Apps
CMSWire: “Oracle Ups its Cloud Strategy with Adaptive Intelligent Applications #OOW16,” Derek Walter, Sept. 20, 2016
CMSWire: “Oracle Wraps Up OpenWorld With Promises of a Smarter Cloud,” Derek Walter, Sept. 26, 2016
Constellation Research: “Oracle Vs Salesforce on AI: What to Expect When,” Doug Henschen, Sept. 20, 2016
CRN: “Oracle Delivers Artificial Intelligence Solutions To Partners,” Joseph Tsidulko, Sept. 19, 2016
Destination CRM: “At OpenWorld 2016, Oracle Unveils Adaptive Intelligent Cloud Applications,” Oren Smilansky, Sept. 20, 2016
Enterprise Apps Today: “Oracle Updates Apps for Next Gen Cloud,” Sean Michael Kerner, Sept. 20, 2016
Enterprise Irregulars: “Oracle AI: Adaptive Intelligence,” Vinnie Mirchandani, Sept. 21, 2016
eWeek: “Oracle Launches Major AI Initiative With ‘Intelligent cloud Apps',” David Needle, Sept. 19, 2016
FierceCMO: “AI brings great potential to B2B marketing,” Patrick Gorman, Sept. 30, 2016
Fortune: “Salesforce and Oracle Vie to Prove Whose Apps Will Be Smarter,” Heather Clancy, Sept. 19, 2016
IoT Evolution World: “OpenWorld: Oracle is Dropping All Sorts of IoT Cloud Knowledge,” Ken Briodagh, Sept. 19, 2016
ITWeb: “Oracle ups cloud game in a bid to outdo rivals,” Admire Moyo, Sept. 20, 2016
The Register: “Oracle: We're going to be the practical AI people, we swear it,” Shaun Nichols, Oct. 11, 2016
ZDNet: “Oracle and Salesforce and IBM? Oh My! Here comes AI sprawl,” Larry Dignan, Sept. 19, 2016
ZDNet: “Oracle vs. Salesforce on AI: What to expect when,” Doug Henschen, Sept. 21, 2016
There is a new technology available from PeopleSoft that makes it very easy to configure Fluid Appovals. It’s called Enterprise Common Components Page Composer or often referred to as just Page Composer. With Page Composer, administrators can modify the contents, layout and format of Fluid Approval Pages without having to customize the underlying PeopleTools managed objects (pages and records).
Fluid Approvals are often one of the first product areas that many of you distribute to users to use on mobile devices. They are also an area of the product that each organization likes to tweak to meet their needs. Previous versions of mobile-ready approvals were built with IScripts and Mobile Application Platform (MAP), so customizing the UI was difficult and required developers. Now with Page Composer, changes are made using a simple drag-drop UI that doesn’t require complex programming.
The beauty of the Page Composer architecture makes it so that no PeopleSoft page is modified or customized, and the changes take effect immediately. That means the change does not need to be managed when updating underlying PeopleSoft objects and code. In Fluid Approvals, each approval type and device size has its own composition (page layout) providing full flexibility to customers when deciding what data to display.
It’s important to point out that in order to use Page Composer, you must use the new Fluid Approvals that are built for use with Page Composer. Application teams will make the first set of approvals available in the following PeopleSoft Update Images, FSCM image 20, HCM image 20, CRM image 12 and ELM image 15. It’s also important to mention that Page Composer only supports Fluid Approvals and is not something that can be used with any Fluid page. We’ll let you know if that changes.You can read more about Page Composer in the Tech Update found on MOS Note 764222.1.
We share our skills to maximize your revenue!
If the organization is mandated by regulation, e.g. PCI, then it’s a no brainer.
What if the is no regulation and system is stable?
At this point, it depends on risk tolerance.
Review Oracle Critical Patch Update Advisory – October 2016 and search for Oracle Database Server Risk Matrix.
This example is for Oracle Database Server and please search accordingly for the required components.
Remote Exploit without Auth.? NO for all except Application Express
How much time is spent assessing risk and is it more efficient to spend the time patching?
It all boils down to time and tolerance.
On a customer site, one of the users complained about being kicked out each time he wanted to create new documents in D2. This issue is happening in a default deployment of D2 and D2Config in a WebLogic Domain.We found out that the user sessions for D2Config and D2 are conflicting together.
This issue occurs if D2Config and D2 applications are opened in the same browser using different TABs and if the user is navigating from D2 to D2Config and vice versa.
The error message is misleading as it shows a session time out and the user just signed in .
Using a HTTP Header tracing tool, we saw that the JSESSIONID cookie which is the cookie storing the HTTP Session for the Java applications is changing when switching from one application to the other. This showed us that both Java Application were using the same session cookie which conduct to session lost.
Workaround or Fix:
An easy fix for this is to update the D2 weblogic.xml file included in the D2.war file with a section defining a new session cookie name as shown below:
<session-descriptor> <cookie-name>JSESSIONID_D2</cookie-name> <cookie-http-only>false</cookie-http-only> </session-descriptor>
To proceed, follow the steps below:
- Extract the weblogic.xml file from the war file
mkdir mytemp cd mytemp -- Put the D2.war file here jar xvf D2.war WEB-INF/weblogic.xml
- Edit the file and add the session-descriptor bloc above just after the Description closing TAG.
- Update the D2.war file with the new weblogic.xml
jar uvf D2.war WEB-INF/weblogic.xml
- And finally redeploy the D2.war file to the WebLogic Server.
This fix has been submitted to and validated by EMC support.
Cet article Documentum story – User gets kicked out of D2 when navigating in D2Config est apparu en premier sur Blog dbi services.
In this blog, I will show you how to setup the Primary DSearch and IndexAgent in HTTPS for xPlore 1.5. The documentation about that is available on the EMC WebSite as always and the pdf name is: “xPlore 1.5 Installation Guide.pdf”. The reason why I wanted to wrote this blog is because the documentation is not too bad but there are still some missing parts and without these parts, your configuration will just not work properly. Moreover, I think it is better to have a concrete an complete example rather than just reading a PDF with some information spread on 40 different pages.
So let’s begin the configuration. The first thing to do is obviously to login to the Full Text Server where you xPlore 1.5 is installed. For this blog, I will use /app/xPlore as the installation folder of xPlore. I will also use a Self-Signed SSL Certificate with a Certificate Chain composed of a Root and Gold CA. So let’s import the Certificate Chain in xPlore (following commands assume all certificates are available under “/app/xPlore/jboss7.1.1/certs”):
[xplore@xplore_server_01 ~]$ /app/xPlore/java64/1.7.0_72/bin/keytool -import -trustcacerts -alias root_ca -keystore /app/xPlore/java64/1.7.0_72/jre/lib/security/cacerts -file /app/xPlore/jboss7.1.1/certs/Internal_Root_CA.cer Enter keystore password: [xplore@xplore_server_01 ~]$ /app/xPlore/java64/1.7.0_72/bin/keytool -import -trustcacerts -alias gold_ca -keystore /app/xPlore/java64/1.7.0_72/jre/lib/security/cacerts -file /app/xPlore/jboss7.1.1/certs/Internal_Gold_CA1.cer Enter keystore password:
All java processes using /app/xPlore/java64/1.7.0_72/bin/java will now trust the Self-Signed SSL Certificate because the Certificate Chain is trusted. When this is done, shutdown all xPlore processes (Primary DSearch and IndexAgent(s)) and let’s configure the Primary DSearch in HTTPS:
[xplore@xplore_server_01 ~]$ /app/xPlore/scripts/startstop stop ** Indexagent_DOCBASE1 has been stopped successfully ** PrimaryDsearch has been stopped successfully [xplore@xplore_server_01 ~]$ cd /app/xPlore/dsearch/admin [xplore@xplore_server_01 admin]$ ./xplore.sh -f scripts/ConfigSSL.groovy -enable -component IS \ -alias ft_alias -keystore "/app/xPlore/jboss7.1.1/certs/xplore_server_01.jks" \ -storepass K3ySt0r3P4ssw0rd -indexserverconfig "/app/xPlore/config/indexserverconfig.xml" \ -isname PrimaryDsearch -ianame Indexagent_DOCBASE1
- “-enable” means that HTTPS will be enabled and HTTP will be disabled. If you want both to be enabled, use the “-dual” option instead
- “-component” defines which component should be configured with this command. It can be “IS” (IndexServer), “IA” (IndexAgent) or “ALL” (IndexServer and IndexAgent)
- “-isname” defines the name of the IndexServer/Primary DSearch that you installed
- “-ianame” defines the name of the IndexAgent that you installed
Now what happen if you have more than one IndexAgent on the same server? Well the script isn’t smart enough for that and that’s the reason why I didn’t put “ALL” above but just “IS”. You might also noticed that I defined the “-ianame” parameter with “Indexagent_DOCBASE1”. This is because even if we are configuring the Primary DSearch in HTTPS, all IndexAgents have a reference in a configuration file that defines which port and protocol the IA should use to connect to the DSearch and if this isn’t setup properly, the IA will not be able to start.
Now the IndexServer is configured in HTTPS so let’s do the same thing for the IndexAgent:
[xplore@xplore_server_01 admin]$ ./xplore.sh -f scripts/ConfigSSL.groovy -enable -component IA \ -alias ft_alias -keystore "/app/xPlore/jboss7.1.1/certs/xplore_server_01.jks" \ -storepass K3ySt0r3P4ssw0rd -indexserverconfig "/app/xPlore/config/indexserverconfig.xml" \ -ianame Indexagent_DOCBASE1 -iaport 9200
As you can see above, this time no need to add the “-isname” parameter, it is not needed for the IndexAgent(s). Let’s say that you have a second IndexAgent for the docbase named DOCBASE2 , then you also have to execute the above command for this second indexAgent:
[xplore@xplore_server_01 admin]$ ./xplore.sh -f scripts/ConfigSSL.groovy -enable -component IA \ -alias ft_alias -keystore "/app/xPlore/jboss7.1.1/certs/xplore_server_01.jks" \ -storepass K3ySt0r3P4ssw0rd -indexserverconfig "/app/xPlore/config/indexserverconfig.xml" \ -ianame Indexagent_DOCBASE2 -iaport 9220
In case you didn’t know, yes each IndexAgent need at least 20 consecutive ports (so 9200 to 9219 for Indexagent_DOCBASE1 // 9220 to 9239 for Indexagent_DOCBASE2).
When configuring the IndexServer in HTTPS, I specified the “-ianame”. This is, like I said before, because there is a reference somewhere to the Protocol/Port used. This reference has been updated properly for Indexagent_DOCBASE1 normally but not for Indexagent_DOCBASE2. Therefore you need to do that manually:
[xplore@xplore_server_01 admin]$ grep -B1 -A10 dsearch_qrserver_protocol /app/xPlore/jboss7.1.1/server/DctmServer_Indexagent_DOCBASE2/deployments/IndexAgent.war/WEB-INF/classes/indexagent.xml <parameter> <parameter_name>dsearch_qrserver_protocol</parameter_name> <parameter_value>HTTP</parameter_value> </parameter> <parameter> <parameter_name>dsearch_config_host</parameter_name> <parameter_value>xplore_server_01</parameter_value> </parameter> <parameter> <parameter_name>dsearch_config_port</parameter_name> <parameter_value>9300</parameter_value> </parameter>
Just open this file and update the few lines that I printed above by replacing “HTTP” with “HTTPS” and “9300” with “9302” and that’s it. If you have several IndexAgents, then you need to do that for all of them.
The next step is to login to the Content Server (e.g.: ssh dmadmin@content_server_01) and update some properties in the docbase:
[dmadmin@content_server_01 ~]$ iapi DOCBASE1 -Udmadmin -Pxxx EMC Documentum iapi - Interactive API interface (c) Copyright EMC Corp., 1992 - 2015 All rights reserved. Client Library Release 7.2.0050.0084 Connecting to Server using docbase DOCBASE1 [DM_SESSION_I_SESSION_START]info: "Session 013f245a8014087a started for user dmadmin." Connected to Documentum Server running Release 7.2.0050.0214 Linux64.Oracle Session id is s0 API> ?,c,select r_object_id from dm_ftengine_config where any lower(param_value) = lower('xplore_server_01'); r_object_id ---------------- 083f245a800052ae (1 row affected) API> fetch,c,083f245a800052ae ... OK API> dump,c,l ... USER ATTRIBUTES object_name : DSearch Fulltext Engine Configuration ... param_name : dsearch_qrserver_protocol : dsearch_qrygen_mode : dsearch_qrserver_target : dsearch_qrserver_port : dsearch_config_port : dsearch_qrserver_host : dsearch_domain : dsearch_config_host : query_plugin_mapping_file : load_balancer_enabled : ft_wildcards_mode param_value : HTTP : both : /dsearch/IndexServerServlet : 9300 : 9300 : xplore_server_01 : DOCBASE1 : xplore_server_01 : /app/dctm/server/fulltext/dsearch/dm_AttributeMapping.xml : true : trailing_implicit ...
You might have noticed that I specified a WHERE clause on the select to find the r_object_id of the xPlore Server. That’s basically because in this case, there are two xPlore Servers in a HA setup (the parameter load_balancer_enabled is setup to true) but I just want to update the right object. So let’s update the parameters highlighted above (“dsearch_qrserver_protocol”, “dsearch_qrserver_port” and “dsearch_config_port”):
API> set,c,l,param_value SET> HTTPS ... OK API> set,c,l,param_value SET> 9302 ... OK API> set,c,l,param_value SET> 9302 ... OK API> save,c,l ... OK
With these steps, we updated the dm_ftengine_config object. The next step is to also update the URL of the IndexAgent:
API> ?,c,select r_object_id from dm_server_config r_object_id ---------------- 3d3f245a80000102 3d3f245a80003796 (2 rows affected) API> fetch,c,3d3f245a80000102 ... OK API> dump,c,l ... USER ATTRIBUTES object_name : DOCBASE1 ... app_server_name : do_method : do_mail : do_bpm : xplore_server_01_9200_IndexAgent : xplore_server_02_9200_IndexAgent app_server_uri : https://content_server_01:9082/DmMethods/servlet/DoMethod : https://content_server_01:9082/DmMail/servlet/DoMail : https://content_server_01:9082/bpm/servlet/DoMethod : http://xplore_server_01:9200/IndexAgent/servlet/IndexAgent : http://xplore_server_02:9200/IndexAgent/servlet/IndexAgent ...
So we setup the IndexAgent installed on xplore_server_01 in HTTPS and therefore we also need to update the URL referenced in the docbase. That’s actually one of the things that aren’t in the official documentation at the moment. This is done as before:
API> set,c,l,app_server_uri SET> https://xplore_server_01:9202/IndexAgent/servlet/IndexAgent ... OK API> save,c,l ... OK
As you saw above, this is an environment with two dm_server_config objects (two Content Servers) and two IndexAgents. Above, we setup the Primary DSearch and IndexAgent installed on xplore_server_01 in HTTPS. The dm_ftengine_config for this Primary DSearch has been updated and the URLs defined in one dm_server_config object have been updated too. But the same references are present in the second dm_server_config and therefore you also need to do that for the second one (3d3f245a80003796 in this case). Same steps so just repeat with the other r_object_id!
Ok so now all objects in the docbase have been updated successfully. Therefore return on the xPlore Server, clean the caches and start everything again:
[xplore@xplore_server_01 ~]$ rm -rf /app/xPlore/jboss7.1.1/server/DctmServer_*/tmp/work/* [xplore@xplore_server_01 ~]$ /app/xPlore/scripts/startstop start ** PrimaryDsearch has been started successfully ** Indexagent_DOCBASE1 has been started successfully
As said before, some of these steps aren’t described/explained in the official documentation and that will lead you to a non-working situation… In addition to that, there are some bugs impacting the proper behavior of the Primary DSearch and/or the Index Agents when configured in HTTPS. We reported these bugs to EMC which was able to provide a fix for some of them and include that in a later patch but as you know it is not always possible to upgrade or patch your environment. For example with the CS 7.2 P02 or P05, the searches will NOT work against a DSearch in HTTPS (corrected in the P08 or P09 if I remember correctly) but I will not describe that in this blog. If you are facing an issue with the IndexAgents not responding in HTTPS, please check this blog.
Cet article Documentum story – Setup the DSearch & IndexAgent in HTTPS (xPlore) est apparu en premier sur Blog dbi services.