Sunday, August 31, 2014

Deregister SSO / OID from Oracle Applications

If Your Oracle Applications 11i/R12 instance is currently integrated with Oracle Single Sign-On (SSO) & Oracle Internet Directory (OID) and you would like to remove integration (so that apps 11i/R12 instead of redirection to SSO, authentication happens at FND_USER).

Following are the Broad level steps to deregister apps (11i/R12) from SSO,

1. Deregister Oracle Apps (11i/R12) from OID and SSO using
txkrun.pl -script=SetSSOReg -deregister=Yes

2. Remove any reference regarding SSO / OID from Oracle Apps (11i/R12)
txkrun.pl -script=SetSSOReg –removereferences=Yes

3. Change Profile Option at “Site level”
“Application SSO Type” (APPS_SSO) -> Change it to “SSWA”
“Application SSO Login Type” -> Change it to “Local”

4. Restart Services on Middle Tier
./adstpall.sh apps/apps_password
./adstrtal.sh apps/apps_password

5. Finally Reset password of all users whose ENCRYPTED_USER_PASSWORD is set to EXTERNAL

Identify users
SQL> select user_name , ENCRYPTED_USER_PASSWORD from fnd_user where ENCRYPTED_USER_PASSWORD=’EXTERNAL’;

FNDCPASS apps/apps 0 Y system/manager USER VISION WELCOME

If you want only few users to login locally(default login method still SSO) then

1. Change Profile Option at User level
“Application SSO Type” (APPS_SSO) -> Change it to “SSWA”
“Application SSO Login Type” -> Change it to “Local”

2. Reset password of specific users (If ENCRYPTED_USER_PASSWORD is set to EXTERNAL)

SQL> select user_name , ENCRYPTED_USER_PASSWORD from fnd_user where ENCRYPTED_USER_PASSWORD=’EXTERNAL’ and user_name like ‘&enter_User_Name’;

FNDCPASS apps/apps 0 Y system/manager USER VISION WELCOME

3.Finally login using AppsLocalLogin URL
http(s)://hostname.domainname:port/OA_HTML/AppsLocalLogin.jsp