When trying to perform "Manage Business Unit" setup tasks, I was getting "A
remote portlet error was received for the task: Manage Business Unit. Review
the portlet producer error and report it to the owning product Financials
Common Module"
We were getting same error for any setup tasks.
Solution:
First i checked "FunctionalSetupServer_1-diagnostic.log" and log file showed authentication error and it also pointed me out Credential key.
FunctionalSetupServer_1-diagnostic-1.log:"[2012-07-18T06:59:48.074-04:00] [FunctionalSetupServer_1] [ERROR] [WSM-06225] [oracle.wsm.resources.policyaccess] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [ecid: 0000JYPjaJYADSM_mLp2iZ1G1BTq001ZIC,0] [APP: TopologyManagerServices] Unable to retrieve credentials for the specified CSF key FUSION_APPS_WSM_APPID-KEY."
Login to http://commoninternal.mycompany.com:7001/em
Solution:
First i checked "FunctionalSetupServer_1-diagnostic.log" and log file showed authentication error and it also pointed me out Credential key.
FunctionalSetupServer_1-diagnostic-1.log:"[2012-07-18T06:59:48.074-04:00] [FunctionalSetupServer_1] [ERROR] [WSM-06225] [oracle.wsm.resources.policyaccess] [tid: [ACTIVE].ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'] [ecid: 0000JYPjaJYADSM_mLp2iZ1G1BTq001ZIC,0] [APP: TopologyManagerServices] Unable to retrieve credentials for the specified CSF key FUSION_APPS_WSM_APPID-KEY."
Login to http://commoninternal.mycompany.com:7001/em
Go to Weblogic_Domain => Right click on CommonDomain => Click Security => Credential
Search for "FUSION_APPS_WSM_APPID-KEY" and click on edit on FUSION_APPS_WSM_APPID-KEY and get username.
As AppId users are created during installation by provisioning tools so not aware about current password and i also didn't want to reset with new password because not sure what all other places application stored it.
To retrieve current password, I used listCred command. (Please find below steps to retrieve current password of Appid).
[oracle@famachine logs]$ cd /u01/oracle/fa/products/fusionapps/oracle_common/common/bin/
[oracle@famachine bin]$ ./wlst.sh
wls:/offline> connect('weblogic_fa','Welcome1','t3://commoninternal.mycompany.com:7001')
Connecting to t3://commoninternal.mycompany.com:7001 with userid weblogic_fa ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'CommonDomain'.
wls:/CommonDomain/serverConfig> listCred(map="oracle.wsm.security",key=" FUSION_APPS_WSM_APPID-KEY ")
Already in Domain Runtime Tree
PASSWORD:tzj|mgqv5cPi2w
so to fix issue, i have reset password for "FUSION_APPS_WSM_APPID".
Search for "FUSION_APPS_WSM_APPID-KEY" and click on edit on FUSION_APPS_WSM_APPID-KEY and get username.
As AppId users are created during installation by provisioning tools so not aware about current password and i also didn't want to reset with new password because not sure what all other places application stored it.
To retrieve current password, I used listCred command. (Please find below steps to retrieve current password of Appid).
[oracle@famachine logs]$ cd /u01/oracle/fa/products/fusionapps/oracle_common/common/bin/
[oracle@famachine bin]$ ./wlst.sh
wls:/offline> connect('weblogic_fa','Welcome1','t3://commoninternal.mycompany.com:7001')
Connecting to t3://commoninternal.mycompany.com:7001 with userid weblogic_fa ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'CommonDomain'.
wls:/CommonDomain/serverConfig> listCred(map="oracle.wsm.security",key=" FUSION_APPS_WSM_APPID-KEY ")
Already in Domain Runtime Tree
PASSWORD:tzj|mgqv5cPi2w
After i got password, i performed ldapsearch command using id/password and got password expiration error.
[oracle@idmmachine logs]$ ldapsearch -h idmmachine -p 389 -D "cn=FUSION_APPS_WSM_APPID,cn=AppIDUsers,cn=Users,dc=mycompany,dc=com" -w "tzj|mgqv5cPi2w" -b "dc=mycompany,dc=com" -s sub "objectclass=inetorgperson" dn
ldap_bind: Invalid credentials
ldap_bind: additional info: Password Policy Error :9000: GSL_PWDEXPIRED_EXCP :Your Password has expired. Please contact the Administrator to change your password.
[oracle@idmmachine logs]$
so to fix issue, i have reset password for "FUSION_APPS_WSM_APPID".
Login on ODSM Console ( http://idmserver.domainname.com:7006/odsm) as cn=orcladmin.
click on Data Browser
click on dc=com,dc=mycompany,cn=users,cn=appIdUsers,cn=FUSION_APPS_WSM_APPID
Click on attributes
reset password to your existing password.
To avoid similar issue in future, create new password policy and assign to all the service accounts.
1. Log in to ODSM
2. Click Security (tab) -> Password Policy
3. Create a new password policy for service accounts.
Under the Effective Subtree tab of the new password policy, enter the service accounts:
3. Create a new password policy for service accounts.
Under the Effective Subtree tab of the new password policy, enter the service accounts:
Click Apply.
