Friday, August 21, 2020

Weblogic - Oracle BI Publisher -- AD authentication - Configuring LDAPs

Recently, we needed change the authentication protocol that was used by a BI Publisher enviroment.. The environment was authenticating the users from Active Directory and it was using LDAP. Well, we needed to make it more secure.. That is, we needed to convert it to LDAPs. (Lightweight Directory Access Protocol (Over SSL))

It seems there are 2 ways to do that.. Actually there are 2 ways to configure BI Publisher to use LDAP or LDAPS.

One way is to use BI Publisher's administration page..

We just click Security Configuration under Security Center which is accessible through the Administration page. Then we create a local superuser and  we use authorization region to select our security model. ( LDAP in this case)
We can configure both LDAP and LDAPs configuration using this page and we restart the BI Publisher when we are done. (It is needless to say that , we must also add the relevant server certificate to the relevant java keystore)

Example of the Authorization region:


This method is already documented in "Oracle Fusion Middleware Administrator's Guide for Oracle Business Intelligence Publisher"- Section :  "Configuring the BI Publisher Server to Recognize the LDAP Server"

Anyways, there is another way and it is through the Weblogic Admin Console.
Actually, this method is the one that we used for making this environment use LDAPs.

Actually, we used this method because, when we checked the BI Publisher's admin console, we saw that the configuration under the authorization region that I mentioned above was just empty.. On the other hand; the environment was using LDAP to authenticate its users.. So, the current LDAP configuration (which was done by someone else earlier) was directly done through the weblogic admin console and that's why we decided to change LDAP to LDAPs directly using the Weblogic console.. 

Here is the action list;

Home >Summary of Security Realms >myrealm >Providers >DefaultAuthenticator


Change host  (if required) 
Change port(636)  --default LDAPS port
select “SSLEnabled” check box -- we are enabling LDAP over SSL, right..

Go to Summary of Servers-bi_server1-Configuration-Keystore. (bi_server1 is the name of the BI Publisher 's managed server .. Yours might be different)

Check the "Java Standard Trust Keystore" and note the value of it.. (We will use that in your keytool import command later.)

Set the proper environment in the shell; 

Example:

JAVA_PATH=/obi/wls/Oracle_BI1/jdk/bin/
KEYTOOL_PATH=/obi/wls/Oracle_BI1/jdk/bin/keytool
KEYSTORE_PATH=/obi/wls/Oracle_BI1/jdk/jre/lib/security/cacerts

Import the required certificate for the LDAPS communication.. (The certificate of the LDAP server -- Active Directory usually .. Note that, Customer or AD admin will give that certificate to you..)

/obi/wls/Oracle_BI1/jdk/bin/keytool -import -alias ermanad_2020 -file /tmp/ermanad.cer -trustcacerts -v -keystore /obi/wls/Oracle_BI1/jdk/jre/lib/security/cacerts

Display the imported certificate just in case..

obi/wls/Oracle_BI1/jdk/bin/keytool -list -v -keystore /obi/wls/Oracle_BI1/jdk/jre/lib/security/cacerts -alias ermanad_2020

Restart Weblogic Services and that's it ! :)

GTECH -- Summer School 2020 -- Oracle Database & Cloud & Big Data & EBS - Training For Newly Graduates!

Once in a year, we as GTech provide training for newly graduated engineers.

In this training, we teach Sql, PL/SQL, Oracle Database & Cloud, EBS, OBIEE, BigData, ETL and more.

This year was the third time, that I was the lecturer for "Database and Cloud".

See the following blog posts for 2019 and 2018 Summer Schools ->

https://ermanarslan.blogspot.com/2019/07/gtech-summer-school-2019-oracle.html
https://ermanarslan.blogspot.com/2018/07/summer-school-introduction-to-oracle.html

This year, I explained the Cloud in more detail. I also extended the lessons a little bit by adding an intro for Big Data&No Sql.. 

The students of the class were so curios about databases and actually Oracle in general..

I tried to shed a light on the important topics like Oracle Database Server Architecture, Oracle Database Process Architecture, background processes, High availability configurations, Cloud Computing, Big Data, NoSQL databases and so on..

The list of topics covered in the training was as follows;
  • Introduction to RDBMS
  • Introduction to Oracle
  • Architecture (Oracle)
  • Installation (Oracle) & workshop
  • DBA role & DBA tools
  • Cloud Computing
  • Big Data & NoSQL
  • APPS DBA role & EBS System Administration (EBS 12.2)
In order to make the newly graduates understand Oracle consultancy better, I have also explained how to complete a critical migration project successfully by going through a real life case.

While explaing these topics, I tried to share real life stories all the time.. Tried to teach them the basics of Oracle, but I also dived deep when required.

This year, the training was online. (due to Pandemic), but still the participants asked lots of good technical questions and these made our lessons more entertaining :)

This year's training lasted 3 days.

Like every year, we had an exam this year. I changed our exam a little more with the newly added topics. That is ; at the end of the training, I also gave this written examination to the participiants. (this time 45 questions )

It was a pleasure for me to teach Oracle in GTech Academy ( GTech -- Oracle Platinum)
This has also been a useful activity for the "ACE program".

I hope, It was useful for these guys..
I also hope I will see them (at least some of them) as successful DBAs, Apps DBAs or Cloud Architects one day :)

Following is the picture of this year's class.. A good memory :)

Tuesday, August 4, 2020

Oracle Autonomous Database Certification -- "Oracle Autonomous Database Cloud Certified Specialist" added to my certificate inventory.

I'm happy to announce that I added Oracle Autonomous Database Cloud Certified Specialist to my certificate inventory. This certificate means that the owner of this certificate is able to provision, manage, and migrate to Autonomous Transaction Database (ATP) and Autonomous Data Warehouse (ADW). It also means that the owner of this certificate is able to understand the features and workflows of Autonomous Database; provisioning and connecting, migration using SQL Developer, Data Pump and Golden Gate, manage and monitor, and understands tools, reporting and analytics using Autonomous Data Warehouse.
Of course, it theoretically guarantees what I wrote above. So, it should still be supported by field experience. These days, when cloud and autonomous business seem to determine the future,  this is an important certificate.
If you have time, I recommend getting these types of certificates. These days, when cloud and autonomous business seem to determine the future,  this is an important certificate. It is not only for being labeled as an Oracle Certified Professional. These types of certificates, actually the things you review while preparing for the exams, make you ready for the cloud and new autonomous business processes,