In Restricted Mode, only valid database users are allowed to login into OAM via a special URL and
are allowed to access a limited set of features. The database role AD_MONITOR_ROLE has access
to all the required database objects for Restricted Mode features. However if a valid database user
who does not have the AD_MONITOR_ROLE may have further limited access to OAM functionality
based on the database objects to which this user has access. In 11.5.10, monitoring in-progress AD
utilities is the only feature that is accessible.
How to Implement Restricted Mode
1) Record the name of the PC you want to give access to the restricted mode
login to OAM.
a. Right click the "My Computer ICON" on the Desktop
b. Arrow down to Properties
c. Select "Computer Name" or "Network Identification" Tab
d. Record the computer name -- ie: onlineappsdba.blogspot.com
2) Use OAM Autoconfig editor to edit the variable "s_trusted_admin_client_nodes"
to include the list of client machines that can access OAM in restricted mode.
Run autoconfig on the APPL_TOP to ensure that the new settings take effect.
a. In OAM > SiteMap > System Configuration > AutoConfig > Edit Parameters >
Choose "System" parameters > Drill down on the "oa_web_server" title
search down for s_trusted_admin_client_nodes
Enter comma separated values consisting of fully qualified node names
(use IP address only if the address the address is static IP for a client)
of client machines which will be allowed to administer E-business instance.
Make sure the server can resolve the machine names.
Note: to verify that the trusted client has been added, check the
$iAS_TOP/Apache/Apache/conf/apps.conf for the entries that have been added
for the "RESTRICT to the trusted.conf"
ie: include "/u00/oracle/prodora/iAS/Apache/Apache/conf/trusted.conf"
<IfDefine RESTRICT>
<Location /servlets/weboamLocal>
Order deny,allow
Deny from all
Allow from system1-sun
Allow from onlineappsdba.blogspot.com
Allow from system3.oracle.com
</Location>
</IfDefine>
3) Ensure that you have enabled the the monitoring user account by unlocking
the "ad_monitor" user account and setting the password by using the following
commands
$ sqlplus system/manager
SQL> alter user ad_monitor account unlock;
SQL> commit;
By default this ad_monitor password is set to "lizard"
the first time the password is unlocked - change the password
4) Shutdown the application Services
5) Restart the apache server in Restricted Mode using the 'adaprstctl' script
$ adaprstctl start
6) Launch OAM Restricted Mode using the OAM Restricted Mode URL:
http://servername.domain:[port]/servlets/weboamLocal/oam/oamLogin
If an error occurs when accessing the URL
ex: You are not authorized to view this page
HTTP - error 403 - Forbidden
Check the Internet Explorer Tools > Internet Options > Connections > LAN Settings
- Uncheck Automatically detect settings
- Check Use Automatic configuration script
- Uncheck Proxy Server
- Delete Cookies
- Delete files and all files content
7) Login using the ad_monitor account and new password
8) You are now in the OAM Restricted Mode. You can now access utilities on the Maintenance
tab of the Site Map.
You can monitor progress of your patching utilities here.
9) After patch completion, bring down the Apache Server in Restricted Mode using the script 'adaprstctl'.
10) If the patch requires AutoConfig be run, run AutoConfig.
11) Start the system using the script $COMMON_TOP/admin/scripts/<context name>/adstrtal.sh.
Apache and items such as concurrent managers, forms will be started.
1 comment:
customer (A TECHNOLOGY INC) is looking for a way to have a
> message for customers so that when they do their weekly backup of
> Applications and they backup the file system that users will be
> redirected to
> a different web page which displays something such as ;
> "System under maintenance.. from xx hrs to xx hrs..".
>
> Is this possible to set up this in oracle applications?
> If so, how is this achieved.
Post a Comment