E9.2 Has anyone installed 9.2 Standalone on Windows 10 Home? Getting 'The command failed with error -1' on E1local

[tiradoj]

I don't think you wou;d pass the health check with a bad site key / bad F98OWSEC record , it basically logs in and runs that stuff.

I was able to sign into FULL client with SITE KEY in JDE.ini with the JDE account so by my definition the site key is not a hard requirement although it
could be a major factor why JTIRADO cannot sign in...maybe JDE is just hard coded to login assuming the password is correct

The ActivConsole won't accept any old password so there is some checking/validation with what is going on in JDE login process--at least for the JDE account

One important TELL is on the HTML client side, E1 quickly comes back and says invalid JDE user or password--which it is not, I tested several times--which hints to me something is not correct in the creation of the F98OWSEC record

JT

 

[TFZ]

I can't keep up with you, I thought you said you logged in and got a blank screen and had clean logs. Invalid password is not clean. That said, when you put the DB pass thrus in P980001 on the dep server, did you have the site key in the INI? Are you noting any invalid attempts on the oracle side maybe?

 

[tiradoj]

Hello TFZ

It's not an invalid password

I said my client and server package build was clean and my porttest was successful

I also said there is nothing in the logs saying ANYTHING regarding what the issue might be-it is like a non event

I also said on the HTML client NOT the FULL Windows client, an "invalid user id or password" box comes back... SOMETIMES

it is not consistent

The JDE user ID is correct and the password are correct (user id and password are simple) - there are other technical reasons why you would get that message - if the id or password could not be "read" in how it expects the values to be encrypted the system might interpret it as "incorrect" for example.

Who knows?! Developer(s) who wrote the code don't always give CLEAR reasons within the log what is going on

Now to answer your question I would like to say I DID have the site key created and at the bottom of the JDE.INI file when I created the system account on both dep svr and ent server but mistakes are possible

So for grins...I redid.

On the Dep Server in DEP920 environment you can DELETE the System user id with Security Server ON in the Dep Svr JDE.INI (it is ok if SecurityServer is on for Ent Server) but you CANNOT RE-ADD the SYSTEM id and password BACK with SecurityServer ON in DEP Svr jde.ini (as you know)-it has to be commented OUT-which makes sense if you think about it: if there is no SYSTEM account with SS on, SS cannot validate the user adding the system account because it is one and the same. (of course I am guessing here as this is proprietary code)

FYI with DEBUG off or on in DEP svr JDE.INI, nothing writes to the log that the task is even being recognized as hitting F98OWPU during delete or re-add. (probably by design)

I did all this with site key in dep server JDE.INI and in ent server JDE.INI configured.

I have tried several times to delete and re add my JTIRADO JDE user account from Windows full client using the JDE user id with SecurityServer on (as it should be) and it doesn't work: I CANNOT sign into JDE as JTIRADO and my password using the JDE system account--and I should be able to.

I set up new users all the time the same way in 8.12 (which of course doesn't have the supposed hard site key requirement.)

So clearly there is an issue creating the initial F98OWSEC record for JTIRADO account as I stated weeks ago (meaning whatever site key/encryption is supposed to happen is not happening--even though the record ends up in F98OWSEC table.

Also, fyi on my system, having a site key in the JDE.INI on full client or Dep Svr is not a HARD requirement. I can still login to the JDE full client and DEP server DEP920 env with the site key commented out or removed altogether.

In my book, if the site key HAD to be in the JDE.INI I wouldn't be able to login at all and there should be a BOX popping up saying "You cannot login to JDE - The Site Key is not present and/or enabled in your JDE.INI file" . (My ideal world)

 

[tiradoj]

Another tidbit:

The login process on FULL CLIENT (and possibly HTML client) is definitely reading my JDE password correctly--at least initially, because the FULL client comes back and says password is wrong right away on FULL client -- so when I enter the correct password for my JTIRADO id, it goes whir whir, the ORCL sid pops up and it APPEARS as if you will be logged in but doesn't -- the jde debug log always stops in the same place at the F9000 table - nothing else happens, the login process stops mid stream - it doesn't hang, just disappears.

My case is finally getting a developer's eyeballs on it.

 

[tiradoj]

Another tidbit:

The login process on FULL CLIENT (and possibly HTML client) is definitely reading my JDE password correctly--at least initially, because the FULL client comes back and says password is wrong right away on FULL client -- so when I enter the correct password for my JTIRADO id, it goes whir whir, the ORCL sid pops up and it APPEARS as if you will be logged in but doesn't -- the jde debug log always stops in the same place at the F9000 table - nothing else happens, the login process stops mid stream - it doesn't hang, just disappears.

My case is finally getting a developer's eyeballs on it.

More delight trying to follow Oracle's instruction on creating site keys

(What I submitted to Oracle support today)

Test Results

You CANNOT create JDE user accounts STRICTLY following process described in Oracle doc id 2261733.1

which says in the following order ( I added STEP 1 STEP 2 STEP 3 to try to make it clearer but I did NOT rearrange Oracle's directions)

STEP 1: "Take a backup and delete the records in F98OWPU (System users) and F98OWSEC for JDE user."
STEP 2 After configuring the site keys properly (TIRADO : 'properly'? whatever that means, it is simply running a short command sitekey -c and entering a password that meets criteria--even that was frustrating trying to decipher what symbols I could and could not use) , create the system users using P980001.
STEP 3 Also create the mappings (TIRADO: mappings? this isn't the OCM - how about 'create the F98OWSEC record' for clarity) for JDE user in P98OWSEC. Restart the E1 services and try to login with security server enabled (TIRADO: does that mean SS should be DISABLED while creating the site key? where is the direction on that?) from fat client or web client.

(TIRADO---this is all me from here on out)

with SecurityServer enabled and JDE Service running you cannot even login to DEP920 environment because there are no records in F98OWPU and F98OWSEC

You have to disable SecurityServer in Dep Server JDE.ini file to log in and create/define system id and password FIRST

in typical case JDE

Also, you must create the related F98OWSEC record for JDE (after creating the system user in P980001) while you
are in E1 with SecurityServer still disabled because you will still not be able to login without a F98OWSEC record.

You will get a "Unable to locate securityserver" message

After you create/define system user JDE and then add JDE to F98OWSEC in User Security application THEN you
can enable SecurityServer in DEP Svr jde.ini file and login

Mind you the jde logs are full of complaints about the JDE user profile at this point after starting up JDE net service since there are NO RECORDS in F98OWPU and F98OWSEC since SecurityServer is enabled and no Oracle instructions advise that it shouldn't be.

From this point on THEORETICALLY, I should be able to create as many JDE users as I want using the JDE system account but my
suspicion is that I should probably RESTART JDE net service BEFORE creating JDE users but I am going to continue with
implied Oracle directions to see what happens.

By the way I copied the new site key from ent server JDE.INI file to the DEP SVR jde.ini file BEFORE I logged in to add JDE system entry in P980001 and create the F98OWSEC record

I also copied the new/latest site key to the DEV full client before trying to login as JTIRADO

When I do try to login with JTIRADO, I get the error message (unsurprisingly) "Make sure your user id is correct and retype your password.

So the implied process by the Oracle documentation I have found so far does not work.

As far as I am concerned, I have not found or seen a FULLY CORRECT way to 'setup site key configuration" for E1.

Which leaves trial and error. I am going to restart the JDE net service and try again.

Result: even after restarting JDE net service and it comes up clean with no complaints in logs since now there IS a JDE system user in F98OWPU and F98OWSEC BEFORE JDE net service startup, I CANNOT login as JTIRADO to FULL client even though I defined JTIRADO F98OWSEC record from DEP920 env signed in as JDE.

My suspicion is that SecurityServer must be disabled on both ent server and dep server ini before adding JDE system user and the F98OWSEC records

Next TEST result: After I login as JDE and RECREATE my JTIRADO JDE user account and password in F98OWSEC I am back to where I started: I initially appear to be logging in with JTIRADO to E1 but then the login screen disappears and nothing happens.

For grins I am going to see if I can install the ESU to fix the changing the system user password issue (Oracle Doc ID 2220811.1) which I discovered is still an issue in 9.2 and maybe get some joy from that but clearly the site key creation process should not be this complicated.

 

[tiradoj]

FYI: Another related test folks should know about: the ESU 14000 for the issue of changing system user password for JDE is in ESU 20036
which I applied to DV920 and APPEARS to work from DEV full client but doesn't really because it can't

You cannot change the JDE system password for JDE in E1-(and expect to login) without first changing it in Oracle because
Oracle will prompt you with ORCL sid asking you for the real still existing password in the database

so you will not be able to login to client unless maybe you want to enter the JDE system password in prompt box a 100 times? (joke)

I am not sure everyone is aware of this and it is not mentioned in the Oracle doc id 2220811.1

I was getting this same error from DEP920 env which does not have ESU 20036 applied

'After installing JM15674 ESU which comes with the fix for Bug 17359983 - P980001 ISSUE for EnterpriseOne Application Release - 9.1, can not update system/proxy user password in P980001 Work With System Users.

Steps:
1. Run P98OWSEC
2. Take form exit to Add system user, click Find
3. Select user JDE
5. Enter new Password
6. Press OK.
7. “Duplicate keys not allowed” Error message is displayed in the application.
-----------------------
The same symptoms have been noted in 9.2 Applications Release, the steps remain the same.

 

[TFZ]

You can stop services and disable your security server in the INI. Log in to JDE with your changed JDE password and the Site Key in your INI from either the DEP server on your fat client, either works. Update P980001 by deleting the entry and adding it back, restart services. Thing is, I would expect your security kernel to be a train wreck on the Enterprise server, but hey....

Actually, did you register your SMC with the Security Server? I.E. are your passwords encrypting from console?

 

[tiradoj]

Hello All. Great huge success on one front! I know there has been a big gap of me posting updates but I've been deep in the weeds working in my la! While waiting for Oracle to get back to me on my login issue with my WinSvr 2022/Oracle instance 9271/64 bit dlls on VMWare, I installed a SECOND E1 instance on Windows Server 2022/MS SQL Server 2019 on 9256 release (32 bit) on Oracle's VIrtualBox and I just got that working yesterday! I think I solved my own login issue on my Oracle 19 instance by work I did on the SQL Server instance but before I update I'm going to test it out today before I advise.

In the mean time, check out these beautiful screenshots! Woo hoo!

 

[tiradoj]

You can stop services and disable your security server in the INI. Log in to JDE with your changed JDE password and the Site Key in your INI from either the DEP server on your fat client, either works. Update P980001 by deleting the entry and adding it back, restart services. Thing is, I would expect your security kernel to be a train wreck on the Enterprise server, but hey....

Actually, did you register your SMC with the Security Server? I.E. are your passwords encrypting from console?

My login issue on 9256 SQL Svr instance was that I had to open more Security Server ports on the Enterprise Server in Windows firewall. I didn't open up enough of them to accommodate the assignment of ports by E1 via enablePredefinedports parm. :-O! Security Server is enabled on Dep Server now and I can login (can't get into Software Update however - errors out with SS enabled. That's another issue to work on). Nothing to do with site keys or encryption of passwords I believe which I have mixed emotions about at the moment LOL but I know how to do those tasks in case and as requested by clients. Messing with TLS and trust stores keys etc seems like an even more tedious bit of CNC work - the value of which I am not sure of either at the moment if you have a properly configured and secured E1 macro environment. Is there an epidemic of hackers hacking JDE instances across the globe I am unaware of? Maybe there is and apparently the market keeps demand more and more security features and options so there you go!

 

[tiradoj]

My login issue on 9256 SQL Svr instance was that I had to open more Security Server ports on the Enterprise Server in Windows firewall. I didn't open up enough of them to accommodate the assignment of ports by E1 via enablePredefinedports parm. :-O! Security Server is enabled on Dep Server now and I can login (can't get into Software Update however - errors out with SS enabled. That's another issue to work on). Nothing to do with site keys or encryption of passwords I believe which I have mixed emotions about at the moment LOL but I know how to do those tasks in case and as requested by clients. Messing with TLS and trust stores keys etc seems like an even more tedious bit of CNC work - the value of which I am not sure of either at the moment if you have a properly configured and secured E1 macro environment. Is there an epidemic of hackers hacking JDE instances across the globe I am unaware of? Maybe there is and apparently the market keeps demand more and more security features and options so there you go!

Ok sadly, my login issue on my SQL Server instance (9256) was not / is not the same login issue I am having with Oracle db instance (9271)

I don't think I have convinced Oracle yet (they have been kicking around ideas for going on 3 weeks now) that this is a Task Views/JDBC driver issue

Oracle documentation says Oracle jdbc drivers come with Weblogic but in Server Manager they don't seem to be loaded and when I try to upload JDBC drivers for Oracle 19 SM says it isn't supported (I realize this could be a Weblogic version issue so to eliminate this as a potential problem I guess I am going to have to suck it up and install WLS 14.1.1.0.0 even tho I don't think it's the issue. meh)

Server Manager shows me as logged into the JDV920 web instance but clearly I am not.

Whether I try to login on the full development client or on HMTL result is similar--I cannot login with either JDE or JTIRADO on HTML client

I can only login to the full development client with JDE user account.

The jde log stops at exact same place every time on the F9000 Task View table acting as if it found a Task Favorite but I am not adding any faves nor have I and the task id never is found in the F9000 table.

Any ideas? It's a wild one.

 

[tiradoj]

Cannot upload an Oracle driver (ucp.jar for example) using Upload feature of Weblogic 14.1.1 -- have to find out what this whitelist and how to configure

 

[TFZ]

If you're sql, you shouldn't be using ucp.jar for anything but the dep server. There should be a doc out there, but you're going to need mssql jdbc 7.4.,1. and you should make sure the oracle connection pool is disabled.

 

[tiradoj]

Hello All. SUCCESS! I can sign into my HTML web client now on my Win Svr 2022 / Oracle 19 instance - 9271 release 64 bit. The problem was that I was using 12.2.1.2.0 WITH patch applied instead of 14.1.1.0.0 on HTML Server. I wasn't being obtuse or inflexible, I just wanted to prove out other issues first and having to uninstall and reinstall/reconfigure Weblogic and the managed instances.

The only problem I have left with Oracle instance is I cannot sign into the Windows Dev client with JTIRADO because the initial Task View record (the @JTIRADO entry for example in F9000) for new JDE users isn't being created correctly. I have a workaround solution to create a record with a few sql queries for it but need to find out if there is a bug with Task Views for 9271 or if I missed a configuration step.

Otherwise I am pretty happy I have the latest E1 release configured on Windows and Oracle 19. Awesome.

 

[tiradoj]

If you're sql, you shouldn't be using ucp.jar for anything but the dep server. There should be a doc out there, but you're going to need mssql jdbc 7.4.,1. and you should make sure the oracle connection pool is disabled.

Yes TFZ I understand that. I have two completely separate E1 instances: one with Sql Server 2019 and one on Oracle 19 ( 6 virtual servers on 1 physical machine)

 

[tiradoj]

Here is a snapshot from Oracle's Certification page for 9270 (9271 is not even listed yet) and since the version I had previously downloaded 12.2.1.2.0 was only 0.0.0.2.0 releases behind the supported release of 12.2.1.4.0 I thought I could get away with using 12.2.1.2.0 since it is working as the WLS for SM console 9271 (so far)...I will see if it is hampering my DEV Windows client as well but it doesn't matter. I'm rocking and rolling now.

 

[MFreitag]

The only problem I have left with Oracle instance is I cannot sign into the Windows Dev client with JTIRADO because the initial Task View record (the @JTIRADO entry for example in F9000) for new JDE users isn't being created correctly. I have a workaround solution to create a record with a few sql queries for it but need to find out if there is a bug with Task Views for 9271 or if I missed a configuration step.

Bug 34932255 : ACTIVCONSOLE / FAT CLIENT CRASHES WHEN A NEW USER LOGS IN
E1: SOLEXP: INST: ActivConsole / FAT Client Crashes When a Freshly Created User Logs in (Doc ID 2918951.1)

 

[tiradoj]

Bug 34932255 : ACTIVCONSOLE / FAT CLIENT CRASHES WHEN A NEW USER LOGS IN
E1: SOLEXP: INST: ActivConsole / FAT Client Crashes When a Freshly Created User Logs in (Doc ID 2918951.1)

Thanks Freitag I will check it out!

 

[tiradoj]

Bug 34932255 : ACTIVCONSOLE / FAT CLIENT CRASHES WHEN A NEW USER LOGS IN
E1: SOLEXP: INST: ActivConsole / FAT Client Crashes When a Freshly Created User Logs in (Doc ID 2918951.1)

That was it MFreitag! You saved me some time! Thanks again ! I sensed (knew) it was a bug--but I couldn't convince Oracle of it until I found the right article-I found an article that sounded very similar to problem I was having but that doc talked about an error message in e1root and I wasn't getting anything. I was searching on the word "disappear" instead of "crash" because in my mind that's what it was doing but the no error messages in logs and no pop up messages were spot on so awesome thanks! Now I can focus on learning Orchestrator!

 

[jppareek]

Yes, I installed JDE E1 DEMO (Standalone) on laptop Windows 10-Home.

 

[Nitin Thorat]

I will Greg. The main thing is to ignore the 64 bit client talk in Oracle instructions (install 32 bit Oracle client BEFORE E1 Standalone files) install using JDE as Windows account with Admin privilege (I am superstitious) and use 12.1.3 WebLogic and do steps in proper order. I will put together notes and post here

@tiradoj ,
Could you please post the notes here for 9.2 demo installation. I am running into the following issue. Any thoughts/inputs on how to resolve this issue. Thanks!

Issue: Local Oracle database - version 12c is not connecting to local JDE 9.2 Demo software.



Only one service "CLRExtProc" is shown when "lsnrctl status" command is executed.
It should also show "E1LOCALXDB" and "E1LOCAL" service connected as shown in the other screen shot.