R12.1.3 Security Configuration Console

Start Here

Get in touch with a
TriCore Solutions specialist

Blog | Oct 19, 2017

R12.1.3 Security Configuration Console - New Feature Released Oct 2017

By Shyamal Shah, PDBA

The Single Backport patch in R12.1.3 will enable Secure Configuration Console to automate security configuration process which consolidates everything under one user interface. 

Patch 26090737 can be applied in Hot mode (It will require Application restart to take effect)

Apply Patch

After patch application, System will be into Lockdown Mode and End user will not be allowed to function until System Administrator Acknowledges or fixes all of the security risks Items.

Restart Application if Patch applied in Hotmode and try to login as End User

Login as User with responsibility that includes the Applications System (OAM_APP_SYSTEM) function privilege

Navigate to Functional Administrator Responsibility

Configuration Manager TAB

Message shown below:

Warning

Oracle E-Business Suite has been placed into lockdown mode. You can secure the environment by reviewing the security guidelines and applying them as needed.

R12.1.3 Security Configuration Console  2.1.png

R12.1.3 Security Configuration Console 2.png

 

Types of Fixes:

  1. Manual
  2. Autofixable (This will be fixed if you chose to select Component and Press Fix)

The Secure Configuration Console bases its recommendations on recommended security guidelines.

The following actions are available:

  • Check - Discover the status of a guideline before configuring
  • Fix - Resolves the status of a failed guideline
  • Suppress - Mute configurations that are not relevant to your system
  • Unsuppress - Unmute previously suppressed configurations

If you don’t have access to responsibility that includes the Applications System (OAM_APP_SYSTEM) function privilege, you can use Command line utility explained below

Command Line Utility

If a user with local system administrator privileges is not available, you can access the Secure Configuration Console by using the following command line utility:

java oracle.apps.fnd.security.AdminSecurityCfg <APPS Username/APPS password[@<DB Host>] [-check|-fix|-status|-lock|-unlock] [DBC=<DBC File Path>] [CODES=<code1>,<code2>,<code3>...]

This utility is provided for the following tasks:

  • To take the system out of locked down mode.
  • To compute the status of a certain configuration or all configurations.
  • To configure a certain configuration or all configurations of type 'Autofixable'.
  • To view the status of a certain configuration or all configurations.

Acknowledge or Fix Security Configuration to Unlock System

Now Logged in as SYSADMIN and it brings to “Configuration Manager/Secure Configuration Console Page”

R12.1.3 Security Configuration Console  3.png

R12.1.3 Security Configuration Console 4.png

R12.1.3 Security Configuration Console  5.png

Selected “Ignore the security configuration warnings.”

Pressed Proceed to release App to End user

Logged in as End user and System is Back to Normal

Fix Security Configuration if you opted to acknowledge in last step

Reference : Secure Configuration Console in Oracle E-Business Suite Release 12.1.3 (Doc ID 2311308.1)

Managed Services For Oracle EBS

Oracle EBS Tips eBook