Oracle® Application Server Release Notes
10g (9.0.4) for Solaris Operating System (SPARC) Part No. B10629-15 |
|
![]() Previous |
![]() Next |
This chapter describes management and security issues associated with Oracle Application Server. It includes the following topics:
Table 4-1 shows the networking features that are supported for the Solaris Operating System:
Table 4-1 Supported Networking Procedures
Feature | Supported? |
---|---|
Installing Oracle Application Server on a host using DHCP. |
NoFoot 1 |
Installing Oracle Application Server on a host off of the network. |
|
Changing the hostname of a host containing an Oracle Application Server middle-tier instance. |
Yes Refer to the Oracle Application Server 10g Administrator's Guide. |
Changing the IP address of a host containing an Oracle Application Server middle-tier instance. |
Yes Refer to the Oracle Application Server 10g Administrator's Guide. |
Changing the hostname of a host containing an Oracle Application Server Infrastructure. |
No |
Changing the IP address of a host containing an Oracle Application Server Infrastructure. |
Yes Refer to the Oracle Application Server 10g Administrator's Guide. |
This section describes OPMN issues. It includes the following topic:
Section 4.2.1, "Error Message When Executing opmnctl Commands"
Section 4.2.2, "Problem with Application Server Control Ports Page"
When you execute either an opmnctl stopall
or opmnctl startall
command, the oidctl log file contains the following error message:
*** Instance Number already in use. *** *** Please try a different Instance number. ***
This error message is benign and can be ignored.
This error message typically appears for OracleAS Infrastructure 10g installations with Oracle Internet Directory.
When you go to the Application Server Control ports page, the Oracle HTTP Server Diagnostic Port is displayed for Oracle HTTP Server Listener. After you restart OPMN, the diagnostic port will no longer be displayed.
The following are documentation errata in the Oracle Process Manager and Notification Server Administrator's Guide:
In Chapter 4, "opmn.xml Common Configuration" of the Oracle Process Manager and Notification Server Administrator's Guide, the attribute of <local>
is indicated for the description for <ipaddr>
. The <local>
attribute is not available for <ipaddr>
.
On page 4-7, the last sentence:
"The process-manager contains the configuration definitions for the PM portion of OPMN.The"
should be:
"The process-manager contains the configuration definitions for the PM portion of OPMN."
On page 9-1, the sentence:
"This chapter describes Oracle Application Server (OracleAS Port Tunnel) configuration ... "
should be:
"This chapter describes Oracle Application Server Port Tunnel (OracleAS Port Tunnel) configuration ..."
On Page.11-1:
The sentence:
"This chapter describes Oracle Application Server OracleAS ProcessConnect configuration ... "should be:"This chapter describes Oracle Application Server ProcessConnect (OracleAS ProcessConnect) configuration ... "
On Page.Index-2:
integration-manager|, 11-7
should be:
integration-manager, 11-7
On Page.Index-2:
The index listing:
log page, 17-3 should be:log page, 17-3
On Page.Index-4:
The index listing:
process-set id, 11-8 should be:
im_instance id, 11-8
On Page.Index-5:
The index listings:
ui, 2-17 uid, 2-16 should be:
uid, 2-16,2-17
This section describes DCM issues. It includes the following topic:
Section 4.3.1, "Tune the DCM Auto-archiving Feature to Improve System Performance"
Section 4.3.3, "File Based Repository Does Not Work Outside Firewall"
When you install Oracle Application Server, the DCM auto-archiving feature is configured to maintain fifteen backup archives. You can improve system performance by reducing the number of archives, or turning off auto-archiving.
To reduce the number of archives, for example, to 5:
ORACLE_HOME
/dcm/bin/dcmctl set -arch 5
To turn off auto-archiving:
ORACLE_HOME
/dcm/bin/dcmctl set -arch 0
Refer to Distributed Configuration Management Reference Guide for more information about DCM auto-archiving.
Note: Limiting or disabling DCM auto-archiving may affect your ability to recover from system failures. |
By default, dcmctl
commands run in troubleshooting mode. Detailed stack traces and trace messages are output for every dcmctl
command that results in an error or warning.
If you do not want these error messages recorded, run your dcmctl
command within the dcmctl shell with the set -d off
option. More information about the dcmctl set
command is available in the Distributed Configuration Management Reference Guide.
If you have a Farm using a File-Based Repository (FBR) you cannot include an Oracle Application Server instance outside the firewall in the Farm.
If you want to create an Oracle Application Server cluster across the firewall, you can use either a Database-Based Repository (DBR) or configure a non-managed cluster.
This section describes other management issues. It includes the following topics:
Section 4.4.2, "Online Help for Oracle Wallet Manager is Not Available"
Section 4.4.4, "Alter Database Open Resetlogs Fails With ORA-01194"
Section 4.4.5, "Ignore Warnings in warn.log File When Running chgiphost.sh Script"
Section 4.4.7, "Error Message Using OracleAS Backup and Recovery Tool"
Section 4.4.9, "Identity Management, High Availability Configuration"
Section 4.4.10, "Remove Instances from a File-based Cluster and Farm before Changing the Hostname"
If you have more than one Oracle Application Server installation running on your system you may see the following errors when you perform a stopall
from the Oracle Enterprise Manager home page:
OC4J:OC4J_Portal- time out while waiting for a managed process to stop OC4J:OC4J_BI_Forms- time out while waiting for a managed process to stop
These error messages are benign. The Oracle Application Server components are actually stopping.
The online help for Oracle Wallet Manager is not available. If you try to use the online help, an error code will be displayed.
Refer to Oracle Application Server 10g Security Guide for Oracle Wallet Manager information.
When registering OracleAS Metadata Repository with Oracle Internet Directory the DBCA output will feature a message "OPEN WALLET FAILED". This error message can be seen from in the DBCA output to Oracle Universal Installer screen or in the ORACLE_HOME
/oraInventory/logs/installActions<time.stamp>.log
file.
This message is benign and has no affect on the registration process.
The Backup and Recovery section in the Oracle Application Server 10g Administrator's Guide contains instructions for using the OracleAS Backup and Recovery Tool to perform point-in-time recovery when restoring the OracleAS Metadata Repository to a new host. The instructions advise you to use "alter database open resetlogs" if you get an error while performing the recovery.
In rare cases, the "alter database open resetlogs" command may fail with error ORA-01194. If this happens, check the restore log generated by the OracleAS Backup and Recovery Tool. You should find that one or more data files were not restored. If this is the case, rerun the OracleAS Backup and Recovery Tool using the same options as the first time you ran it. Then use the "alter database open resetlogs" and it should work without error.
When running the chgiphost.s
h script following installation of any Oracle Application Server install type, warning messages are generated in the warn.log
file. The warning messages are benign and can be ignored.
When you run the chgiphost.sh
script on a J2EE and Web Cache installation that does not use OracleAS Infrastructure 10g services, the following types of error messages may be logged in the actions.log
and error.log
files:
actions.log
file:
main::ias_instance_oid::372** Error while executing main::update_modosso::372** Error while executing
error.log
file:
Exception: Unable to establish connection to the Oracle Internet Directory Server ldap://:/. Base Exception : javax.naming.CommunicationException: localhost:389 [Root exception is java.net.ConnectException: Connection refused] oracle.ias.repository.schema.SchemaException: Unable to establish connection to the Oracle Internet Directory Server ldap://:/. Base Exception : javax.naming.CommunicationException: localhost:389 [Root exception is java.net.ConnectException: Connection refused] main::ias_instance_oid::371** Error while executing .... main::update_modosso::371** Error while executing ....
These error messages are benign and can be ignored.
If you perform a backup of the OracleAS Metadata Repository using the OracleAS Backup and Recovery Tool, RMAN returns error message RMAN-06089, which indicates that an archived log is out of sync with the catalog. This occurs if any of the archived logs are lost.
Before you retry the OracleAS Backup and Recovery Tool, execute the following command in RMAN:
change archivelog all validate;
Then rerun the OracleAS Backup and Recovery Tool to perform the OracleAS Metadata Repository backup.
You must to set the ORACLE_HOME
environment variable before start-up or shutdown of the OracleAS Infrastructure 10g database listener. If you do not, a core dump occurs.
Documentation regarding the concepts and implementation of a rack-mounted/multi-computer, Identity Management High Availability configuration is available in the Oracle Internet Directory Administrator's Guide and the Oracle Application Server Single Sign-On Administrator's Guide.
Consolidated and single source of installation and configuration of rack-mounted Identity Management is available in the white paper titled "Highly Available Identity Management Deployment Example - Rack-Mounted Identity Management" available at:
http://otn.oracle.com/products/ias/hi_av/904_rack_mounted_im.pdf
The white paper contains the updated and detailed information on the necessary steps to implement a rack-mounted/multi-computer configuration.
In future releases the rack-mounted/multi-computer configuration will be supported and available as an installation option.
Before changing the hostname or IP address of a middle-tier instance that is part of a file-based cluster, you must remove the instance from the cluster and the farm using the following commands:
dcmctl leaveCluster dcmctl leaveFarm
After changing the hostname or IP address, add the instance back to the cluster and farm.
To add the instance back to the cluster use the following command:
dcmctl joinCluster -cl <clustername>
To add the instance back to the farm:
Run the following command in an instance that is already in the farm:
dcmctl getRepositoryID
Run the following command in the instance you would like add back to the farm:
dcmctl joinFarm -r <repositoryID>
This section describes known errors in management and security documentation. It contains the following topic:
Section 4.5.1, "Changing OPMN Ports (ONS Local, Request, and Remote)"
Section 4.5.3, "Restart Infrastructure Processes After Restoring a Metadata Repository"
Section 4.5.4, "Guidance for Password for OracleAS Portal Users"
Section 4.5.5, "Missing Step in Configuring DAS After Installation"
Section 4.5.6, "Misspelling in Stop the Metadata Repository Listener Step"
Section 4.5.7, "Incorrect Commands in Changing Infrastructure Services Section"
The procedure for changing the ONS local, request, and remote ports in Oracle Application Server 10g Administrator's Guide is incorrect as follows:
It states that you can use Application Server Control to change the ONS local, request, and remote port numbers. This is not correct—do not use Application Server Control to change these ports.
The procedure for changing the ports manually is incorrect. Use the following procedure:
Shut down all processes:
emctl stop iasconsole emctl stop agent opmnctl stopall
Under the <notification-server>
element, modify the local
, remote
, and request
parameters, as desired, in the <port>
element. For example:
<port local="6101" remote="6201" request="6004"/>
Save and close the file.
Reload OPMN:
opmnctl reload
Start OPMN:
opmnctl start
If this is an Infrastructure with Oracle Internet Directory, start Oracle Internet Directory:
opmnctl startproc ias-component=OID
Start the rest of your processes:
opmnctl startall
Update DCM:
dcmctl updateConfig -ct opmn
The procedure for querying the runtime JServ port in Oracle Application Server 10g Administrator's Guide is incorrect.
You can query the runtime JServ port numbers as follows:
If you use mod_oprocmgr
to manage JServ, make sure the oprocmgr-status
handler is activated in ORACLE_HOME
/Apache/Apache/conf/httpd.conf
with the following directive:
<ifModule mod_oprocmgr.c> <Location /oprocmgr-service> SetHandler oprocmgr-service </Location> </ifModule>
Enter the following URL in your browser, and you will see the status of all processes currently managed by your process manager, including JServ:
http://hostname
:http_port
/oprocmgr-status
If you are not using mod_oprocmgr
, but instead use a traditional JServ configuration, you can query the runtime ports with the following URL:
http://hostname
:http_port
/jserv
Note that the "jserv
" portion of the preceding URL is protected to only be viewed from localhost
. This is configured in ORACLE_HOME
/Apache/Jserv/etc/jserv.conf
. You can expand permissions to view from other hosts, or provide the following URL from the same host:
http://localhost:port
/jserv
The procedures in Oracle Application Server 10g Administrator's Guide for restoring a Metadata Repository are incomplete. You should restart all Infrastructure processes after restoring a Metadata Repository.
In Section 7.2.3 "Configuring Portal after Installation" of the Oracle Application Server 10g Administrator's Guide the guidance on the password for the OracleAS Portal user is incorrect. It states the following:
"You can log in to Portal as portal. Use the ias_admin password you supplied during middle-tier installation. If you have changed the ias_admin password, @ you must still supply the original ias_admin password."
Instead, it should state:
"You can log in to OracleAS Portal as portal. If this is the first instance of OracleAS Portal to use OracleAS Infrastructure 10g, then the OracleAS Portal user password would be portal10g
. However, if you already have OracleAS Portal instances associated with the Infrastructure then the OracleAS Portal user password is the ias_admin
password of the first OracleAS Portal instance associated to this OracleAS Metadata Repository."
In Section 7.2.9 "Configuring Delegated Administration Service (DAS) After Installation" of the Oracle Application Server 10g Administrator's Guide, there is a step missing. Before you configure DAS, you must first configure mod_osso
. The steps to configure mod_osso are located in Section 12.7.1, "Configuring mod_osso (Required for Oracle Delegated Administration Services)" of the Oracle Application Server 10g Installation Guide.
In section 5.6.1 "Changing the Metadata Repository Net Listener Port" of the Oracle Application Server 10g Administrator's Guide, Step 2: Stop the Metadata Repository Listener, the following command:
lscnrctl stop
should be
lsnrctl stop
In Chapter 8, "Changing Infrastructure Services" of the Oracle Application Server 10g Administrator's Guide, Section 8.6.4, "Procedure" contains the following documentation errata:
Task 2, Step 6, the command line:
ORACLE_HOME/bin/rman target cmdfile=BACKUP_DIR/cold_backup.rcv > BACKUP_DIR/log_files/backup.log
should be:
ORACLE_HOME/bin/rman target / cmdfile=BACKUP_DIR/cold_backup.rcv >BACKUP_DIR/log_files/backup.log
Task 3, Step 5, the command line:
prompt> ORACLE_HOME/bin/rman cmdfile=BACKUP_DIR/restore.rcv > BACKUP_DIR/log_files/restore.log
should be:
prompt> ORACLE_HOME/bin/rman / cmdfile=BACKUP_DIR/restore.rcv >BACKUP_DIR/log_files/restore.log
Task 5, Step 6, the following instructions must also be included at the end of the step:
Update all other instances of the old db_name
(except for the instance_name
) to the new db_name
. Specifically, you may have to update directory paths which contain the old db_name
.
In the Oracle Application Server 10g Administrator's Guide, Section F.2, "Installing and Setting up an LDAP-based Replica" Task 6, Step 19, Validation Step, Verify that DIP was configured successfully. Step 19 instructs you to navigate to the Directory Integration Page on the Application Server Control Console.Instead, it should say to navigate to the Oracle Internet Directory Home Page and click Directory Integration.