By Shyamal Shah, PDBA
The Single Backport patch in R12.1.3 will enable Secure Configuration Console to automate security configuration process which consolidates everything under one user interface.
Patch 26090737 can be applied in Hot mode (It will require Application restart to take effect)
After patch application, System will be into Lockdown Mode and End user will not be allowed to function until System Administrator Acknowledges or fixes all of the security risks Items.
Restart Application if Patch applied in Hotmode and try to login as End User
Login as User with responsibility that includes the Applications System (OAM_APP_SYSTEM) function privilege
Navigate to Functional Administrator Responsibility
Configuration Manager TAB
Message shown below:
Types of Fixes:
- Autofixable (This will be fixed if you chose to select Component and Press Fix)
The Secure Configuration Console bases its recommendations on recommended security guidelines.
The following actions are available:
- Check - Discover the status of a guideline before configuring
- Fix - Resolves the status of a failed guideline
- Suppress - Mute configurations that are not relevant to your system
- Unsuppress - Unmute previously suppressed configurations
If you don’t have access to responsibility that includes the Applications System (OAM_APP_SYSTEM) function privilege, you can use Command line utility explained below
Command Line Utility
If a user with local system administrator privileges is not available, you can access the Secure Configuration Console by using the following command line utility:
java oracle.apps.fnd.security.AdminSecurityCfg <APPS Username/APPS password[@<DB Host>] [-check|-fix|-status|-lock|-unlock] [DBC=<DBC File Path>] [CODES=<code1>,<code2>,<code3>...]
This utility is provided for the following tasks:
- To take the system out of locked down mode.
- To compute the status of a certain configuration or all configurations.
- To configure a certain configuration or all configurations of type 'Autofixable'.
- To view the status of a certain configuration or all configurations.
Acknowledge or Fix Security Configuration to Unlock System
Now Logged in as SYSADMIN and it brings to “Configuration Manager/Secure Configuration Console Page”
Selected “Ignore the security configuration warnings.”
Pressed Proceed to release App to End user
Logged in as End user and System is Back to Normal
Fix Security Configuration if you opted to acknowledge in last step
Reference : Secure Configuration Console in Oracle E-Business Suite Release 12.1.3 (Doc ID 2311308.1)