Monday, December 7, 2015
Using Autosys to Run DRM Batch Jobs
In order for autosys to ru ndrm batch jobs, make sure the service account used by the autosys agent has 'Interactive Logon' privilege. without this you will get an error and autosys jobs fail. in other words if you get invalid username/password when autosys job fail then it could be because of the missing interactive logon or the password is invalid.
Tuesday, November 17, 2015
DRM Credentials Utility
DRM provides a batch credential utility. This utility enables us to run batch jobs without hard-coding username and passwords.
To setup credentials
1. navigate to drm's batch_client folder.
2. Locate drm-batch-credentials.exe file.
3. Hold Shift Key and right click on the executable.
4.Select Run as different user.
5. Enter username and password.
6. Click OK
7. in the options, select 2 to update/add
8. enter drm username that will be responsible to run the batch jobs
9. Enter DRM user's password.
10. Confirm the password.
Note: For the above to work, make sure Secondary Logon Service is available. You can check this in Start->Administrative Tools->Services->Secondary Logon.
To setup credentials
1. navigate to drm's batch_client folder.
2. Locate drm-batch-credentials.exe file.
3. Hold Shift Key and right click on the executable.
4.Select Run as different user.
5. Enter username and password.
6. Click OK
7. in the options, select 2 to update/add
8. enter drm username that will be responsible to run the batch jobs
9. Enter DRM user's password.
10. Confirm the password.
Note: For the above to work, make sure Secondary Logon Service is available. You can check this in Start->Administrative Tools->Services->Secondary Logon.
Wednesday, October 21, 2015
EPMCSS-00502: Failed to get group with identity
We know most of the time when we get an error, the message in the error has nothing to do with what caused it. this is one such example.
In my case, DRM failed to authenticate against LDAP with the following error.
Fix: The following fix worked in my case and i hope it works for you.
1. Goto Services
2. Select Foundation Services
3. Right Click and Select Properties
4. Click on Logon Tab
5. Change Log on as: to service account that has right privileges. In my case Local System should have worked but it did not.
6. Apply changes.
7. Restart Foundation Services.
8. Test DRM Application.
Good Luck. You'll need this.
In my case, DRM failed to authenticate against LDAP with the following error.
Fix: The following fix worked in my case and i hope it works for you.
1. Goto Services
2. Select Foundation Services
3. Right Click and Select Properties
4. Click on Logon Tab
5. Change Log on as: to service account that has right privileges. In my case Local System should have worked but it did not.
6. Apply changes.
7. Restart Foundation Services.
8. Test DRM Application.
Good Luck. You'll need this.
Monday, September 28, 2015
Calling DRM Batch
We all know DRM out of the box does not have a lot of options when it comes to batch client. We depend on other tools for calling batch, error checking and email functionality.
SO if you are one of the lucky DRM guys who happens to be in-charge then here is a good tool for you. Its called Powershell. latest windows now ships with powershell which is pretty powerfull and easy to learn and implement.
here is a sample powershell script that should get you started. the script does the following.
1. Accepts Configuration File and Log File as parameters.
2. Checks if the config and log file actually exists.
3. If log file exists, it renames it with a datatime value.
4. Call the drm batch client and passes the config and log files.
5. Checks the status of the batch client.
6. Checks the log file for any errors or failures.
7. Exits with 0 for success and 1 for failure.
8. It also creates its own log showing everything it did so far.
The best part, since it depends on config file, you can use it for practically any drm batch activity (export, import, blend, action script etc).
here is the code. enjoy
----- Code starts below ----
<#
.SYNOPSIS
Runs DRM Batch Client for Exports and Action Script.
.DESCRIPTION
Generic script that calls drm batch client and passes parameters to specify export or action to be executed.
This will also check for any errors returned by the batch client.
It also searches for errors captured in the log file and returns exit status accordingly.
Note: The script can be used for all other drm batch client funcationalities like Blend,Import,queries etc. Just make sure corresponding configuration file exists.
.PARAMETER configFile LogFile
First parameter is the name of the config file that stores the configuration information of the export/action script.
Second parameter is the name of the log file where process log is stored. script uses this log to search for any errors encountered.
Process logs actions in a log file. Check the log file to find the status of each action performed.
Process return 0 for successful completion and 1 for any failures.
.EXAMPLE
Powershell .\RunDRMBatch.ps1 DRM_Hierarchy_Info.cfg DRM_Hierarchy_Info_cfg.log
#>
param( [Parameter(Mandatory=$true)]
[string] $configFile,
[Parameter(Mandatory=$true)]
[string] $LogFile)
$PSLog="D:\DRM\LOG\PSLog.log"
$ConfigPath="D:\DRM\Config"
$LogPath="D:\DRM\Log"
$drmbatchclient="C:\Oracle\Middleware\EPMSystem11R1\products\DataRelationshipManagement\client\batch-client\drm-batch-client.exe"
$DateTimeString= Get-Date -uformat %Y%m%d%H%M%S
$rtn=0
function WriteLog{
Param([string] $logstring)
$DateTimeStamp=Get-Date
if($logstring){
Add-content $PSLog -value "$DateTimeStamp - $logstring"
}
else{
Add-content $PSLog -value "$logstring"
}
}
WriteLog ""
WriteLog "**** Powershell Process Started. ****"
WriteLog "Checking for parameters passed."
if(!$ConfigFile){
WriteLog "Missing Config File Parameter. Exiting with exception."
Write-Host "Missing Config File Parameter."
throw "Missing Export Batch File Name. Please use RunDRMBatch.ps1 <config Filename> <Log FileName>."
}
if(!$LogFile){
WriteLog "Missing Log File Parameter. Exiting with exception."
Write-Host "Missing Log File Parameter."
throw "Missing Log File Name. Please use RunDRMBatch.ps1 <config Filename> <Log FileName>."
}
WriteLog "Checking if config $ConfigPath\$ConfigFile exists."
if(!(Test-Path $ConfigPath\$ConfigFile)){
WriteLog "Config File $ConfigPath\$ConfigFile does not exist. Exiting with exception."
throw "Config File $ConfigPath\$ConfigFile not found."
}
WriteLog "Checking if Log File $LogPath\$LogFile exists."
if(!(Test-Path $LogPath\$LogFile)){
WriteLog "Config File $ConfigPath\$ConfigFile does not exist.May be this is first run."
Write-Host "Log File Not found."
}
else{
WriteLog "Log File $LogPath\$LogFile exists. Attempting to rename"
write-Host "Rename the log file $LogPath\$logFile for archival purpose".
$rtn=Rename-Item $LogPath\$LogFile -NewName $LogPath\$DateTimeString"_"$LogFile -PassThru
if($rtn){
WriteLog "Renamed Log File to $rtn"
Write-Host "Renamed Successfully to $rtn"
}
else{
WriteLog "Unable to rename Log File $LogPath\$LogFile."
write-host "Rename Failed"
}
}
#call the batch client and pass parameters
WriteLog "Calling $DRMBatchClient /cfgfile=$ConfigPath\$ConfigFile /log=$LogPath\$LogFile /objectaccess=system"
Write-Host Calling "$DRMBatchClient /cfgfile=$ConfigPath\$ConfigFile /log=$LogPath\$LogFile /objectaccess=system"
&$DRMBatchClient /cfgfile=$ConfigPath\$ConfigFile /log=$LogPath\$LogFile /objectaccess=system
WriteLog "Batch Completed. Checking log file $LogPath\$LogFile for any errors."
WriteLog "Checking if log file $LogPath\$LogFile exists."
if(!(Test-Path $LogPath\$LogFile)){
WriteLog "Log File $LogPath\$LogFile does not exists.May be batch process failed."
throw "Log File $LogPath\$LogFile does not exists.May be batch process failed."
}
#check the error log to see if any errors were encountered.
Write-Host "Reading $LogPath\$LogFile to check for Error or Failure string"
if(Select-String $LogPath\$LogFile -Pattern "Error|Failure"){
WriteLog "Erros found in log file $LogPath\$LogFile. returning with exit code 1"
WriteLog "**** Process Completed. ****"
Write-Host "Erros Found $ErrorCode"
exit 1
}
else{
WriteLog "No Erros found in log file $LogPath\$LogFile. Returning successfully with exit code 0"
WriteLog "**** Process Completed. ****"
exit 0
}
--- code ends above.----
SO if you are one of the lucky DRM guys who happens to be in-charge then here is a good tool for you. Its called Powershell. latest windows now ships with powershell which is pretty powerfull and easy to learn and implement.
here is a sample powershell script that should get you started. the script does the following.
1. Accepts Configuration File and Log File as parameters.
2. Checks if the config and log file actually exists.
3. If log file exists, it renames it with a datatime value.
4. Call the drm batch client and passes the config and log files.
5. Checks the status of the batch client.
6. Checks the log file for any errors or failures.
7. Exits with 0 for success and 1 for failure.
8. It also creates its own log showing everything it did so far.
The best part, since it depends on config file, you can use it for practically any drm batch activity (export, import, blend, action script etc).
here is the code. enjoy
----- Code starts below ----
<#
.SYNOPSIS
Runs DRM Batch Client for Exports and Action Script.
.DESCRIPTION
Generic script that calls drm batch client and passes parameters to specify export or action to be executed.
This will also check for any errors returned by the batch client.
It also searches for errors captured in the log file and returns exit status accordingly.
Note: The script can be used for all other drm batch client funcationalities like Blend,Import,queries etc. Just make sure corresponding configuration file exists.
.PARAMETER configFile LogFile
First parameter is the name of the config file that stores the configuration information of the export/action script.
Second parameter is the name of the log file where process log is stored. script uses this log to search for any errors encountered.
Process logs actions in a log file. Check the log file to find the status of each action performed.
Process return 0 for successful completion and 1 for any failures.
.EXAMPLE
Powershell .\RunDRMBatch.ps1 DRM_Hierarchy_Info.cfg DRM_Hierarchy_Info_cfg.log
#>
param( [Parameter(Mandatory=$true)]
[string] $configFile,
[Parameter(Mandatory=$true)]
[string] $LogFile)
$PSLog="D:\DRM\LOG\PSLog.log"
$ConfigPath="D:\DRM\Config"
$LogPath="D:\DRM\Log"
$drmbatchclient="C:\Oracle\Middleware\EPMSystem11R1\products\DataRelationshipManagement\client\batch-client\drm-batch-client.exe"
$DateTimeString= Get-Date -uformat %Y%m%d%H%M%S
$rtn=0
function WriteLog{
Param([string] $logstring)
$DateTimeStamp=Get-Date
if($logstring){
Add-content $PSLog -value "$DateTimeStamp - $logstring"
}
else{
Add-content $PSLog -value "$logstring"
}
}
WriteLog ""
WriteLog "**** Powershell Process Started. ****"
WriteLog "Checking for parameters passed."
if(!$ConfigFile){
WriteLog "Missing Config File Parameter. Exiting with exception."
Write-Host "Missing Config File Parameter."
throw "Missing Export Batch File Name. Please use RunDRMBatch.ps1 <config Filename> <Log FileName>."
}
if(!$LogFile){
WriteLog "Missing Log File Parameter. Exiting with exception."
Write-Host "Missing Log File Parameter."
throw "Missing Log File Name. Please use RunDRMBatch.ps1 <config Filename> <Log FileName>."
}
WriteLog "Checking if config $ConfigPath\$ConfigFile exists."
if(!(Test-Path $ConfigPath\$ConfigFile)){
WriteLog "Config File $ConfigPath\$ConfigFile does not exist. Exiting with exception."
throw "Config File $ConfigPath\$ConfigFile not found."
}
WriteLog "Checking if Log File $LogPath\$LogFile exists."
if(!(Test-Path $LogPath\$LogFile)){
WriteLog "Config File $ConfigPath\$ConfigFile does not exist.May be this is first run."
Write-Host "Log File Not found."
}
else{
WriteLog "Log File $LogPath\$LogFile exists. Attempting to rename"
write-Host "Rename the log file $LogPath\$logFile for archival purpose".
$rtn=Rename-Item $LogPath\$LogFile -NewName $LogPath\$DateTimeString"_"$LogFile -PassThru
if($rtn){
WriteLog "Renamed Log File to $rtn"
Write-Host "Renamed Successfully to $rtn"
}
else{
WriteLog "Unable to rename Log File $LogPath\$LogFile."
write-host "Rename Failed"
}
}
#call the batch client and pass parameters
WriteLog "Calling $DRMBatchClient /cfgfile=$ConfigPath\$ConfigFile /log=$LogPath\$LogFile /objectaccess=system"
Write-Host Calling "$DRMBatchClient /cfgfile=$ConfigPath\$ConfigFile /log=$LogPath\$LogFile /objectaccess=system"
&$DRMBatchClient /cfgfile=$ConfigPath\$ConfigFile /log=$LogPath\$LogFile /objectaccess=system
WriteLog "Batch Completed. Checking log file $LogPath\$LogFile for any errors."
WriteLog "Checking if log file $LogPath\$LogFile exists."
if(!(Test-Path $LogPath\$LogFile)){
WriteLog "Log File $LogPath\$LogFile does not exists.May be batch process failed."
throw "Log File $LogPath\$LogFile does not exists.May be batch process failed."
}
#check the error log to see if any errors were encountered.
Write-Host "Reading $LogPath\$LogFile to check for Error or Failure string"
if(Select-String $LogPath\$LogFile -Pattern "Error|Failure"){
WriteLog "Erros found in log file $LogPath\$LogFile. returning with exit code 1"
WriteLog "**** Process Completed. ****"
Write-Host "Erros Found $ErrorCode"
exit 1
}
else{
WriteLog "No Erros found in log file $LogPath\$LogFile. Returning successfully with exit code 0"
WriteLog "**** Process Completed. ****"
exit 0
}
--- code ends above.----
Monday, August 31, 2015
DRM External Authentication timeout after upgrade
After upgrading DRM, Users are able to login using internal id and password but external authentication times out then check the following.
If everything looks fine but you don't see drm-netjnibridge-host.exe then chances are DRM version on the DRM server and Foundation Server are on different versions. Upgrade DRM instance on the Foundation Server and restart the services on both the systems. Foundation Server first then DRM Server.
- On the DRM Server make sure you have setup CSS.
- Make sure the you can see the name of the foundation server in the configuration consol.
- Make sure you can see a process called drm-netjnibridge-host.exe
If everything looks fine but you don't see drm-netjnibridge-host.exe then chances are DRM version on the DRM server and Foundation Server are on different versions. Upgrade DRM instance on the Foundation Server and restart the services on both the systems. Foundation Server first then DRM Server.
Tuesday, August 4, 2015
Using two seperate schemas for DRM to enhance security.
We know DRM uses a schema for its repository and schema owner has more privileges (table,procedure,trigger etc ). so a hacker can take advantage of this situation to gain access to the information stored in DRM.
One way to resolve this would be to create another schema (drm_user) and grant this user select,insert,update,delete,create index privileges on drm_owner schema and use this drm_user schema in the configuration.
Issue: one issue in this approach is to tell drm to use drm_owner.<object name> name format to access the database objects and there is no way to do it in DRM.
Solution:
Luckily oracle has a on-logon trigger where we can set the current_Session to DRM_OWNER.
How to do?
1. Create a schema (DRM_USER).
2. Grant Select,Insert,Update,Delete,Create Index for DRM_USER on DRM_OWNER.
3. Login to DRM_USER Schema
4. Create a trigger. check the trigger code below
create or replace trigger drm_user.after_logon_trig
AFTER LOGON ON drm_user.SCHEMA
BEGIN
DBMS_APPLICATION_INFO.set_module(USER,'Initialized');
EXECUTE IMMEDIATE 'ALTER SESSION SET current_schema=DRM';
END;
5.Open DRM Configuration Console
6. Change the repository database to DRM_USER schema.
7. Restart the application.
8. Test
One way to resolve this would be to create another schema (drm_user) and grant this user select,insert,update,delete,create index privileges on drm_owner schema and use this drm_user schema in the configuration.
Issue: one issue in this approach is to tell drm to use drm_owner.<object name> name format to access the database objects and there is no way to do it in DRM.
Solution:
Luckily oracle has a on-logon trigger where we can set the current_Session to DRM_OWNER.
How to do?
1. Create a schema (DRM_USER).
2. Grant Select,Insert,Update,Delete,Create Index for DRM_USER on DRM_OWNER.
3. Login to DRM_USER Schema
4. Create a trigger. check the trigger code below
create or replace trigger drm_user.after_logon_trig
AFTER LOGON ON drm_user.SCHEMA
BEGIN
DBMS_APPLICATION_INFO.set_module(USER,'Initialized');
EXECUTE IMMEDIATE 'ALTER SESSION SET current_schema=DRM';
END;
5.Open DRM Configuration Console
6. Change the repository database to DRM_USER schema.
7. Restart the application.
8. Test
Thursday, July 30, 2015
DRM-28042: An object access group with this name already exists.
I encountered the above error while trying to add new user in DRM. There were no object access groups by the name but still received the error.
Here is a simple solution to fix it.
Error:
Fix:
Friday, July 10, 2015
RCU Anyone looking for me?
After a long time spending looking for RCU a.k.a. Repository Creation Utility i found it at below links.
http://download.oracle.com/otn/nt/middleware/11g/111160/ofm_rcu_win_11.1.1.6.0_disk1_1of1.zip
Direct Link : http://download.oracle.com/otn/nt/middleware/11g/111160/ofm_rcu_win_11.1.1.6.0_disk1_1of1.zip
Here are some more info that might help.
You
will see on the next screen a download zip file for the RCU. The RCU
version that corresponds with 11.1.2.3 is RCU 11.1.1.7.
another direct link
https://edelivery.oracle.com/EPD/Download/get_form?egroup_aru_number=18549675
http://download.oracle.com/otn/nt/middleware/11g/111160/ofm_rcu_win_11.1.1.6.0_disk1_1of1.zip
Direct Link : http://download.oracle.com/otn/nt/middleware/11g/111160/ofm_rcu_win_11.1.1.6.0_disk1_1of1.zip
Here are some more info that might help.
Edelivery.oracle.com
Select the product pack for Enterprise Performance
Management System, 64-bit Windows x64. Pick either 11.1.2.3 or 11.1.2.4
as appropriate.
another direct link
https://edelivery.oracle.com/EPD/Download/get_form?egroup_aru_number=18549675
Subscribe to:
Posts (Atom)