how can one recover if, while the application and database was

h t t p : / / o r a c l e e b u s i n e s s s u i t e . w o r d p r e s s . c o m

How can one recover if, while the application and database was running, the apps password was changed through FNDCPASS Following Error Faced at the time of login

ISSUE CLARIFICATION: While the application and database was running, the apps password was changed through FNDCPASS. FNDCPASS apps/myproduction 0 Y system/manager system applsys my@#Apps Where myproduction is the current password and my@#Apps is the new password. Later it was not allowing users to login. Error was as follows:

Once clicked on Show Details – one would be able to classify the root cause of the error.


Solution To implement the solution, please execute the following steps: Restore FND_USER and FND_ORACLE_USERID tables. Since we don’t have the export backup, we can always take the export from the TEST instance. WARNING: It is not recommended to do the following: alter user apps identified by apps; alter user applsys identified by apps; OTHER POSSIBLE SOLUTIONs: DOC ID - Note:567554.1 Make sure that the Database was shutdown cleanly. If an "ORA-00600 [LibraryCacheNotEmptyOnClose]" is received during a Database shutdown, then once restarted you will need to shutdown the Database again cleanly and re-start again in order to solve this problem for E-Business Suite Java Cache DOC ID - Note:418130.1 To implement the solution, please execute the following steps: Run Concurrent manger job "Synchronize Workflow Local Tables" as sysadmin.


As you may be unable to login to applications to run the program you may also try this approach to run the request manually: If you are NOT running the Oracle Applications Table Space Model run sql> begin apps.wf_local_synch.BULKSYNCHRONIZATION(P_ORIG_SYSTEM=>'ALL', P_PARALLEL_PROCESSES=>2, P_LOGGING=>'LOGGING', P_RAISEERRORS=>TRUE, P_TEMPTABLESPACE=>'APPLSYSX'); END; / If you are ARE running Oracle Applications Table Space Model run sql> begin apps.wf_local_synch.BULKSYNCHRONIZATION(P_ORIG_SYSTEM=>'ALL', P_PARALLEL_PROCESSES=>2, P_LOGGING=>'LOGGING', P_RAISEERRORS=>TRUE, P_TEMPTABLESPACE=>'APPS_TS_TX_DATA'); END; / SOLUTION:

1. Connect to the Database: sqlplus "/as sysdba" SQL> alter profile AD_PATCH_MONITOR_PROFILE limit failed_login_attempts unlimited; SQL> alter profile default limit failed_login_attempts unlimited password_lock_time 1/1440; SQL> alter user apps account unlock;

2. Shutdown the Application, Clean up the nodes in the table FND_NODES: Sqlplus apps/apps SQL> EXEC FND_CONC_CLONE.SETUP_CLEAN; SQL> Commit; Stop the Database Listener and Database. Start the Database and Database Listener. Run AutoConfig on DB Node.

Run AutoConfig on Application Node. Execute cmclean in order to clear all the FNDLIBR processes:

sqlplus apps/apps SQL> @cmclean.sql SQL> Commit;

Start All the Application tier Services. ps -ef | grep FNDLIBR ... will be showing processes running, however when we try to login through the URL, we would get the error as per screenshot 1. Would not face the issue where one would need to unlock the apps account repeatedly. What exactly happens id every single time one tries to startup or shutdown services or connect to the apps user. One would receive an error that unlock required for apps user.


Even though the unlock is done, it would repeatedly ask for the same. 3. Try changing the password back to the default: FNDCPASS apps/apps 0 Y system/manager system applsys apps One would be able to login with sqlplus apps/apps and sqlplus applsys/apps, however one would not be able to connect to the URL. 4. Please run the following command as applmgr and upload the output:

grep -i s_guest_ $CONTEXT_FILE

This will show s_guest_user user name and password. Please note the value to be used for next step.

The output would be similar to the below: [applprod@myprod scripts]$ grep -i s_guest_ $CONTEXT_FILE <username oa_var="s_guest_user">GUEST</username> <password oa_var="s_guest_pass">ORACLE</password>

5. Login in to sqlplus as apps and check the following:

select fnd_web_sec.validate_login('username','password') from dual;

Does this return 'Y' or 'N' The output would be similar to the below: SQL> select fnd_web_sec.validate_login('GUEST','ORACLE') from dual; FND_WEB_SEC.VALIDATE_LOGIN('GUEST','ORACLE') -------------------------------------------------------------------------------- Y DISASTER: Due to the fact 'alter user...' statement was issued to change password and FNDCPASS was used whilst middle tier was up and running, its likely that some sort of corruption has occurred in fnd_oracle_userid table. The issue is similar to Bug 3227637. Though the bug is for version 11i, the errors and symptoms appear to be the same. FNDCPASS failures were occuring due to corrupted encrypted password in fnd_user or fnd_oracle_userid table. Please advise when was the last backup was taken of the instance. If there is an option of restoring the whole of applications without loosing any business data, then what are your thoughts of considering that?

Please upload results from the following query(In Spreadsheet format if possible). select a.oracle_username,b.account_status from


fnd_oracle_userid a, dba_users b where a.oracle_username = b.username; Shutdown everything (Including Database) Start database and listener If 'APPLSYS' is locked then please unlock the the user using 'Alter user applsys account unlock;' Start everything using adstrtal.sh and upload the adstrtal.log file. cd $INST_TOP/admin/scripts ./adopmnctl status --Please upload the output of this command. Rerun FNDCPASS for the specific failed {User Name} in the FNDCPASS log file. Examples: FNDCPASS apps/pwd 0 Y system/passwrd ORACLE FPA NEWPASSWORD FNDCPASS apps/pwd 0 Y system/passwrd ORACLE ZPB NEWPASSWORD Now change the APPS password back to original password using FNDCPASS (not by alter user command ). Check if you are able to change the APPS password successfully now. Please confirm if you are login to sqlplus as apps user now. Example : FNDCPASS apps/pwd 0 Y system/passwrd USER ANONYMOUS NEWPASSWORD FNDCPASS apps/pwd 0 Y system/passwrd USER AUTOINSTALL NEWPASSWORD To change all the passwords in one go: We can create a script: SQL> select count(*) from fnd_user, SQL> select count(*) from fnd_user;

COUNT(*) ----------

113 SQL> select count(*) from fnd_user where end_date is null;

COUNT(*) ----------

108 SQL> set heading off SQL> set feedback off SQL> spool change.sh select 'FNDCPASS apps/apps O Y system/manager USER ' || user_name || ' oracle123' from fnd_user where end_date is null; SQL> spool off. Edit the file and remove the unnecessary lines.


Also provide the results of following: a. select count(*) from FND_ORACLE_USERID

= 190 b. select count(*) from FND_PRODUCT_DEPENDENCIES

= 2375 c. select count(* )from FND_ORACLE_USERID where oracle_id in (select required_oracle_id from FND_PRODUCT_DEPENDENCIES)

= 108 d. select count(* )from FND_ORACLE_USERID where oracle_id not in (select required_oracle_id from FND_PRODUCT_DEPENDENCIES)

= 82 Test the URL in order to classify as to where exactly the problem lies: http://myprod.XXX.gov.uk:8000/OA_HTML/jsp/fnd/aoljtest.jsp EXAMPLES of errors: Making AOL/J Connection ERROR: aolj_verify_dbc_content.jsp failed. Making AOL/J Connection =>Testing validateLogin... ERROR: validateLogin(GUEST,ORACLE) returned: false Please make sure the GUEST_USER_PWD entry in the dbc file is correct. AOLJ_JAVA_EXCEPTION (MESSAGE=Exception creating new Poolable object. Cause:oracle.apps.fnd.common.AppsException: java.sql.SQLException: ORA-01017: invalid username/password; logon denied ) Queries that may help: SQL> SELECT PROFILE_VALUE FROM FND_PROFILE_OPTION_VALUES WHERE PROFILE_VALUE = 'APPLICATION_SSO_LOGIN_TYPES'; SQL> SELECT PROFILE_OPTION_VALUE FROM FND_PROFILE_OPTION_VALUES WHERE PROFILE_OPTION_VALUE = 'APPLICATION_SSO_LOGIN_TYPES' --- select profile_option_name, app_enable_flag, resp_enable_flag, user_enable_flag, application_id select * from fnd_profile_options_vl where profile_option_name like ('%SSO%')

how can one recover if, while the application and database was

Documents