Host concurrent的建立方法

PURPOSE:
--------
To explain how to create a custom concurrent program with Host as the method
(shell script) and pass a number of user parameters from the concurrent program
to the shell script.

This example will implement a concurrent program that receives two parameters
at the runtime of the concurrent program:  the database username and the user's new
password to be changed.  The shell script. will connect to the database as system.
It will verify if the user's password can be changed. 
(Note:  Allowed users will be stored in a flat file on the CM-node.)


Assumptions:
-----------

1. Oracle Applications Release 11i is used.  We are changing the database user
   password, not Oracle Applications user's password.

2. We will not define a new application, responsibility, etc. within 11i.  We
   will use the existing Application Object Library application and System
   Administrator responsibility.

3. At runtime, the concurrent program will need two parameters:  database username
   and the new password.  If the database username is not listed in allowed_list.lst,
   the user's password can not be changed.

4. The DBA group will be notified by email once there is an attempt to change
   database user's password.

5. FNDCPASS could be used, but this is not the subject of this note.

6. If there is any user listed in the allowed_list.lst (one user per line, no
   extra spaces) and that user does not exist in the database, the concurrent
   request will complete ok, but the DBA group will get a notification that
   "database user doesn't exist".

7. Ensure the you test the procedure in a test environment several times to
   become familiar with the procedure.  Verify that the program does what you
   require prior to making the changes into production.

9. This procedure is not supported by Oracle Support Services.  This is just
   an example and will have to be adjusted for your own needs.


SCOPE & APPLICATION:
--------------------
Technical Consultants, Apps DBA, DBA.


Steps to create a custom concurrent program with Host method and pass parameters to the shell script.
----------------------------------------------------------------------------------------------------

1.  Copy/modify (if needed) chgdbpwd to your CM-tier under $FND_TOP/bin.
   
2.  Create file allowed_list.lst under <applmgr_home_directory>/scripts.

3. Logon to Oracle Application 11i ->  System Administrator responsibility

   Navigate Concurrent > Program > Executable and enter a new one:
   Executable: Change Database User Password
   Short Name: CHGDBPWD
   Application: Application Object Library
   Description: Change Database User Password
   Execution Method: Host
   Execution File Name: chgdbpwd
   Save your work.

4. Navigate Concurrent > Program > Define and enter a new one:
   Program: Change Database User Password
   Short Name: CHGDBPWD
   Application: Application Object Library
   Description: Change Database User Password
   Name: CHGDBPWD
   Method: Host
   Click on Parameters and add the following:
   - Seq: 10 , Parameter: Database User, Description: Enter Database User to change the password for, Value Set: 15 Characters, and click on the Required: checkfield.
   - Seq: 11 , Parameter: Database User Password, Description: Enter Database User's New Password, Value Set: 15 Characters, and click on the Required: checkfield.
   Save your work.

5.  Navigate Security > Responsibility > Request
    Query for Group: System Administrator Reports and add one request
    Type: Program, Name: Change Database User Password
    Save your work.

6. Restart the Concurrent Managers.

7. Submit the concurrent request "Change Database User Password" , pass the
   parameters, under System Administrator responsibility.

8. Connect using sqlplus to confirm the database user password has changed.

This procedure might help in case that HelpDesk will be allowed to reset
specific database password, without having access to database users SYSTEM/SYS.
Only the responsibility associated with the concurrent request "Change Database
User Password" defined above is needed.


-----script. chgdbpwd starts here -----------------------------------------------------------------------------------
#!/bin/ksh
# This script. is intended to change a database user password
# 23.mar.2004, by catalin ciontu
# Arguments: database username and password
# Setting of the environment ...
TERM=vt100
export TERM
. /d00/applvis/visdbappl/APPSORA.env
WORKDIR=~/scripts
export WORKDIR
cd $WORKDIR
SYSTEMPWD=<!put_your_system_pwd_here!>
export SYSTEMPWD
MAILTO="cciontu@yahoo.com"
export MAILTO
# Testing for passing the argument from CM ...
if [ -z "$1" ]
then
echo "Please pass the 1st argument ... make sure that CM program passes the parameters to this script. ...  "
exit 1
fi
# Please build the allowed_list.lst prior to executing this script. ...
test -f allowed_list.lst
if [ $? = 1 ]
then
echo "There is no list of allowed database users to have password changed ... Please create such a file under $WORKDIR/allowed_list.lst on the CM-tier : enter one database user account per line ... no extra spaces ... "
exit 1
fi
# Because OA 11i passes its internal params to any CM program (ie. 1 to 8 are occupied by prog_name, req_id, login_id, userid, username, printer, save, copies), starting with the 9th we can have our own customized parameters: ie: database username and its passwd .
USR=`echo $1|cut -f9 -d " "|cut -f2 -d '"'`
export USR
PWD=`echo $1|cut -f10 -d " "|cut -f2 -d '"'`
export PWD
/usr/bin/fgrep -i -x $USR $WORKDIR/allowed_list.lst
if [ $? = 0 ]
then
# Connect to the database and change user's password ...
sqlplus -silent system/$SYSTEMPWD > /dev/null 2>&1 <<EOF
set serveroutput on
set feedback on
set echo on
spool chgdbpwd.lst
alter user $USR identified by $PWD;
spool off
exit;
EOF
# Now, we'll notify the dba group for password change attempts ...
/usr/bin/mailx -s "Please be notified that an attempt to change a database user password - listed in the allowed_to_change_list: $USR/$PWD - was made in $TWO_TASK instance ... See body for results ... " $MAILTO < $WORKDIR/chgdbpwd.lst > /dev/null 2>&1
rm chgdbpwd.lst
fi
-----script. chgdbpwd ends here -------------------------------------------------------------------------------------


-----example of allowed_list.lst follows----------------------------------------------------------------------------
catalin
mihaela
ada
-----example of allowed_list.lst ends here--------------------------------------------------------------------------


Remarks:
--------
1. As of Oracle Applications 11.5.9, the order of DEFAULT parameters is like:
FCP_REQID=154870 FCP_LOGIN="APPS/..." FCP_USERID=1109 FCP_USERNAME="CATALIN"
FCP_PRINTER="noprint" FCP_SAVE_OUT=Y FCP_NUM_COPIES=0
If you want to specify your own parameters, you'll start with parameter number 9. See the script. chgdbpwd.