2) Start the SSO Environment
3) Check you can login into SSO
http://
• Log in using the orcladmin userid
• Navigate to Directory > Create.
• Create a test userid (test/welcome123), supplying a password and other user information. Click Submit.
• Log out.
• Log into Oracle Internet Directory Delegated Administration Services using the newly created test userid.
• Ensure the Directory Integration and Provisioning Platform Server is running. The command ps -ef
grep odi should show a process called $ORACLE_HOME/bin/odisrv running.
4) Check you can login into the EBS database and R12 Environment
a. Log into the database - sqlplus
b. Log into the Env - http://
5) Create a parameter checklist: -
Parameter Checklist:
Sr. No Parameter Description Example Comments
1 Hostname of Oracle Application Server Infrastructure database {mandatory} Ibmaix30.server.com Fully qualified name recommended, e.g. alpha.company.com rather than just alpha
2 LDAP port of Oracle Internet Directory{mandatory} 13061 Check for LDAP port number in $ORACLE_HOME/install/portlist.ini
3 LDAP SSL port of Oracle Internet Directory {mandatory} 636 Check for LDAP port number in $ORACLE_HOME/install/portlist.ini
4 Password of Oracle E-Business Suite database user, "APPS" {mandatory} APPS APPS user password.
5 Password of Oracle Internet Directory admin user, "orcladmin {mandatory} Welcome123 No comment needed.
6 Password to register E-Business Suite instance with Oracle Internet Directory {mandatory} Welcome123 No comment needed.
7 Oracle Internet Directory administration user name. orcladmin OID superuser name. Default value is "cn=orcladmin".
8 apps name s_contextname This instance will be registered with OID Server with this appname. Default value of appname s_contextname.
9 svcname s_contextname This instance will be registered with OID Server with this svcname. Default value of appname s_contextname.
11 Provisiontype 2 It specifies provisioning type between instance and OID Server. Allowed values are 1,2,3,4. This are for 1. Bidirectional, 2.Instance to OID Server, 3.OID Server to Instance, 4.Bidirectional no creation. Default value is 1.
12 ldaphost beta.company.com For Non-Colocated Infrastructure, i.e. if ldaphost is different from infradbhost, pass value of ldaphost for this parameter in command line. Default value of ldaphost is infradbhost.
12 dbldapauthlevel 0 authentication level between E-Business database and OID Server for provisioning purpose. Values are, 0 - Non-SSL Communication, 1 - SSL with no authentication, 2 - SSL with server authentication, 3 - SSL with Client and Server authentication.
13 dbwalletdir FND_DB_WALLET_DIR E-Business database wallet directory. This is must if dbldapauthlevel > 1. Default dbwalletdir is the value of site level profile FND_DB_WALLET_DIR
14 dbwalletpass
15 rdbmsdn RDBMS DN of this E-Business database instance that is registered with OID Server e.g. cn=OracleContext
5) As the owner of the application-tier file system, source the file $APPL_TOP/APPS
a. cd $FND_TOP/bin/
b. txkrun.pl -script=SetSSOReg -provisiontype=2
Parameter Prompts:
The registration script will prompt for several parameters. Use the parameter values from the parameter checklist. The script will prompt for the parameters in the following order:
• Enter the host name where Oracle iAS Infrastructure database is installed? Ibmaix30.server.com
• Enter the LDAP Port on Oracle Internet Directory server ? 389
• Enter SSL LDAP Port on Oracle Internet Directory server ? 636
• Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome123
• Enter the instance password that you would like to register this application instance with ? welcome123
• Enter Oracle E-Business apps database user password ? APPS
6) When the registration script completes successfully, it will print the following line:-
End of
If you do not see this confirmation, examine the following file to investigate the problem: $APPLRGF/TXK/txkSetSSOReg_[timestamp].xml
7) If the registration is successful then bounce the EBS application tier.
8) Validate that Single Sign-On is Working Correctly by following these steps: -
i) Run the Diagnostic Utility: -
• Login as sysadmin locally (http[s]://
• Select the responsibility "CRM HTML Administration" from the Navigator's left pane
• Select the function "Diagnostics" from the Navigator's right pane. This will launch a new window. If you do not see a new window, make sure any browser pop-up blockers are disabled.
Run SSO Diagnostics
• Click on the "Basic" tab
• Choose "Application Object Library" from the Applications drop down
• Click on "SSO Setup Tests" - Click on "Run Without Pre-Requisite"
• All the tests should complete successfully
• Click on the "Report" icon for each test and verify the results
Run OID Diagnostics
• Click on "OID Setup" - Click on "Run Without Pre-Requisite"
• All the tests should complete successfully
• Click on the "Report" icon for each test and verify the results
ii) Verify SSO Integration with Oracle E-Business Suite
• Create a user in the EBS environment locally. (Local URL = (http://
• Check that user can login to the EBS environment through the SSO login
o Enter EBS login URL = http://[EBS_server]:[port]/OA_HTML/AppsLogin
o This should redirect to the SSO login screen.
o Enter user and password created above, which log you into the EBS env.
• Check you can login to SSO OIM with the same user/password through URL: - http://
How to Deregister SSO with EBS
1) SSO-OID Deregistration can be done using a single command, which does the following: -
• OID Deregistration
• SSO Deregistration
• Instance Deregistration
To deregister run the following command, which starts the interactive mode deregistration: -
$FND_TOP/bin/txkrun.pl -script=SetSSOReg -deregister=yes
The above command will prompt for the following: -
• Enter Oracle E-Business apps database user password ? APPS
• Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? welcome123
2) SSO-OID Registration stores a set of preferences on E-Business Database. If E-Business Instance is cloned from SSO/OID Registered E-Business Instance, cloned environment has same preferences as the source environment and throws errors while SSO/OID Registration. So following command should be called in post cloning phase or before proceeding for SSO/OID Registration to remove all the preferences or settings from cloned environments.
NOTE – ONLY NEEDS TO BE DONE IF EBS HAS BEEN SSO REGISTERED PREVIOUSLY
To remove the references in EBS run the following command:-
$FND_TOP/bin/txkrun.pl -script=SetSSOReg -removereferences=Yes
The above command will prompt for the following: -
• Enter Oracle E-Business apps database user password? ******
3) Bounce the EBS environment and test login: -
http://[EBS_server]:[port]/OA_HTML/AppsLogin
