Download - Ebso Standards v1.3 4.1.11 Final
1
Oracle E-Business Suite Standards
Schedule to the On Demand Services Ordering Document
Version 1.3, 4/1/2011
This is the Oracle E-Business Suite Standards Schedule to the On Demand Services Ordering Document. This Schedule describes Oracle‟s On Demand standards for the Oracle E-Business Suite Programs listed in the Ordering Document and that reside in Customer‟s Environment.
The standards described herein are part of the On Demand Services provided under the terms of the Ordering Document. Capitalized terms not otherwise defined herein shall have the meaning ascribed to them in the Definitions Schedule.
This Schedule addresses the following topics:
Section 1: Standards Scope .............................................................................................................. 2
Section 2: Oracle On Demand Infrastructure .................................................................................... 2
2.1 Certified Configurations ............................................................................................................... 2 2.2 Oracle E-Business Suite Certified Configuration ........................................................................... 2 2.3 Environments .............................................................................................................................. 3 2.4 Vision Database .......................................................................................................................... 4 2.5 Wireless Networks ....................................................................................................................... 4 2.6 Multi-Phase Implementations ....................................................................................................... 4 2.7 Setup and Maintenance Releases ................................................................................................ 4 2.8 Language Support ....................................................................................................................... 4 2.9 Localizations ............................................................................................................................... 4 2.10 Third Party Software .................................................................................................................... 4 2.11 Hardware .................................................................................................................................... 6 2.12 Operating System........................................................................................................................ 6 2.13 Oracle On Demand Automation Platform ...................................................................................... 6 2.14 Server Load Balancing (BIG-IP) ................................................................................................... 6 2.15 Oracle On Demand Network Architecture and Internet Connectivity .............................................. 6 2.16 Using Database Links for the @Oracle Model .............................................................................. 7 2.17 Storage Architecture .................................................................................................................... 8
Section 3: Oracle On Demand Standards and Requirements ........................................................... 8
3.1 Software, Operating System, and Third Party Software Standards and Requirements ................... 8 3.2 Oracle On Demand Development CEMLI Standards and Requirements ........................................ 9 3.3 File Transfers ............................................................................................................................ 14
Section 4: Oracle On Demand Environment Naming Conventions and Access Controls ............. 14
4.1 Oracle On Demand Naming Conventions ................................................................................... 14 4.2 Access Controls ........................................................................................................................ 15
Section 5: Printing ........................................................................................................................... 19
5.1 Oracle On Demand and Print Servers ........................................................................................ 19 5.2 Oracle On Demand and Operating System Printer Standards ..................................................... 19 5.3 Operating System Printer Queue Setup...................................................................................... 19
2
Section 1: Standards Scope
This Schedule describes standards (the “Standards”) specified by Oracle for the development, implementation and management of Customer‟s Environment for the Oracle E-Business Suite Programs listed in the Ordering Document and that reside in Customer‟s Environment (“Oracle Programs” or “Oracle E-Business Suite Programs”).
Section 2: Oracle On Demand Infrastructure
This Section 2 describes the Infrastructure Standards for Oracle E-Business Suite Programs, including the Certified Configuration and Oracle On Demand Automation (OAP).
2.1 Certified Configurations
Certified Configurations (CCs) combine the integration, configuration, and validation of hardware systems, operating systems, and the Oracle Program software stack.
Oracle provides Certified Configurations, which contain the software used to set up and initialize On Demand systems to be compliant with the Standards. Oracle requires that all implementations of Oracle E-Business Suite Programs begin with the Certified Configuration software.
For @Customer deployments, Customer is solely responsible for system hardware, storage and any types of load balancing required for the On Demand Services.
2.2 Oracle E-Business Suite Certified Configuration
Oracle E-Business Suite is a consolidated suite of Enterprise Resource Planning (ERP) applications.
The Oracle E-Business Suite Certified Configuration is designed to provide a “ready-to-implement” Environment for Oracle On Demand. It is installed with the required Oracle E-Business Suite software configured in accordance with the Standards.
The Figure below illustrates the Oracle E-Business Suite R11i Certified Configuration core architecture.
Three separate Oracle E-Business Suite environments are provided on the Oracle E-Business Suite Certified Configuration:
The Production Environment (PROD) is designed to run Customer‟s production application system.
The Production Support Environment (TEST) is used for problem diagnostics and resolution.
3
The Non-Production Environment (DEV) provides an isolated environment for development of configurations, extensions, modifications, localization, and integrations (CEMLI) and multi-phase development when more than one phase is in progress. In general, the Non-Production Environment serves as a test-bed for any development activities.
The Oracle E-Business Suite Certified Configuration consists of the following components for each Major Release:
Release 11i
Oracle E-Business Suite Release 11i (11.5.10 and above), including the following:
Oracle Database 10g
Oracle9i Applications Server or Oracle Applications Server 10g (for example, Oracle Discoverer, Oracle Developer, and Oracle Application Server Portal)
Oracle Forms 6.0.8.27.0
Oracle Applications Manager 11i
JInitiator 1.3.1.26
Web ADI 11i
UTF8 database character set
Oracle Express Server 6.3.2
Oracle Express Server can only be licensed for Release 11 implementations
Oracle Financial Analyzer (OFA) and Oracle Sales Analyzer (OSA) 11i Server
Customer must purchase On Demand Services for the following in order to use the financial and sales analyzer functionality:
Oracle Financials Analyzer
Oracle Sales Analyzer
Oracle Advanced Supply Chain Planning (ASCP)
Apache/1.3.19(iAS 1.0.2.2.2 rollup 5)
Release 12
E-Business Suite Release 12, including:
JInitiator 1.3.1.26
Oracle Database10gR2 10.2.0 Single Instance
Oracle Applications Server 10gR3 J2EE 10.1.3
Oracle Applications Server 10gR2 Forms 10.1.2
Oracle Discoverer 10g Release 10.1.2
Java Development Kit (JDK) 1.5
CC Utility Pack Version 4.0.2
Applications Release 12.0.2
Since the Oracle E-Business Suite Certified Configuration can change over time, Customer should refer to the Oracle E-Business Suite Certified Configuration Release Notes to identify the currently supported components.
2.3 Environments
Customer-Controlled Environments are those environments in which Customer or its designees have authority to make changes (for example, the Non-Production (DEV) environment). Oracle-Controlled Environments are those environments in which Oracle has sole access to make Changes. Typical Oracle-Controlled Environments are the Production Environment and the Production Support Environment following Production Go-Live.
4
During the implementation phase of On Demand Services, Customer or its designee typically control all environments.
Configuration changes made to the Production Environment, Production Support Environment, or any Non-Production Environments (collectively, the “Environment”) must be documented. Customer is responsible for maintaining and updating the documentation for Customer-Controlled Non-Production Environments. Oracle On Demand may make changes to the documentation for the Production Support Environment and Production Environment.
2.4 Vision Database
The Vision instance is a Demonstration Environment (DEMO) of the Oracle E-Business Suite installation. If Customer has purchased Computer and Administration Services, Customer will receive a Vision instance upon request. Access is granted for two to three months until Customer‟s first environment, typically the DEV Environment, is created.
The Vision instance is intended only for demonstration purposes. Accordingly, Oracle does not provide backup or recovery services for Vision instances.
There are two types of Vision Databases:
Shared Vision Databases can be accessed by all Oracle On Demand customers (“Shared Vision Database”
A Vision instance dedicated solely to Customer (“Dedicated Vision Instance”)
A Dedicated Vision Instance is counted as a Non-Production Environment against Customer‟s Entitled environments as indicated in the Applicable Entitlement Schedule. A shared Vision database is not counted towards Customer‟s Entitlement.
2.5 Wireless Networks
Oracle On Demand does not provide services to support wireless or mobile access. If Customer allows their employees to access the Oracle Programs via wireless and mobile networks (for example, WiFi), Customer is solely responsible for all aspects of such access, including the provision and management of the network and carrier and ensuring the privacy and security of such access.
2.6 Multi-Phase Implementations
The implementation of an Oracle E-Business Suite Environment is sometimes comprised of multiple phases due to the number and complexity of modules. Oracle On Demand recommends that Customer order additional Non-Production Environments to enable multi-phase implementations. Additional fees will apply for the additional Non-Production Environments.
2.7 Setup and Maintenance Releases
Customer is solely responsible for setup of the Oracle Programs and applying Maintenance Releases prior to Production Go-Live.
2.8 Language Support
Oracle E-Business Suite Certified Configurations use U.S. English. Other languages required and purchased by Customer are installed during initialization or thereafter, based upon Customer‟s requirements.
2.9 Localizations
Any country-specific customizations, also known as localizations, developed by Oracle to support local requirements for On Demand Services are not installed or activated during On Demand initialization.
2.10 Third Party Software
On Demand has a strict policy about Third Party Software that may be installed on the Environment. The applications listed in this Section 2.10 may be installed and maintained in the
5
Environment in accordance with Oracle practices. Customer may not use any Third Party Software in connection with Computer and Administration Services without Oracle's prior written approval.
Customer is solely responsible for the following:
Configuring and managing all Third Party Software (excluding the @Oracle operating system and the VPN provided by Oracle) in accordance with Oracle specifications
Testing and resolving issues related to Customer or Third Party Software (including working with Third Party Software Vendors)
Sizing related to Third Party Software,
The supportability and certification over Certified Configuration platforms and operating systems of Third Party Software
The Environment is designed to allow Third Party Software approved by Oracle (“Approved Third Party Software”) to integrate with the Environment if such software adheres to the integrations standards outlined herein.
Approved Third Party Software is listed in the following table. The list of approved Third Party Software is subject to change.
Approved Third Party Software
PRINTING SOFTWARE1
Optio Print Manager
Evergreen Data Systems FormScape
Loftware Connector
Adobe Output Pack for Oracle E-Business Suite
TAX SOFTWARE
CertiTAX
Vertex
Taxware
ONLINE PAYMENT SOFTWARE
Verisign Pay Flo Pro
Payment Tech
BUSINESS INTELLIGENCE SOFTWARE
Kbace KBX
Noetix Views
Content Services
Based on Customer‟s requirements, Oracle will load monthly content updates for Vertex that consist of payroll tax data, sales tax data, and North American address validation data.
Additionally, at year-end, Oracle installs year-end legislative updates, IRS 1099 rules, and the Payroll Tax Law updates that are necessary for the Oracle E-Business Suite Programs.
Oracle does not provide content services for any of the other listed applications.
1 For @Oracle, all print servers are located on Customer‟s side of the network. Ongoing
management of print servers is Customer‟s responsibility.
6
Patching and Upgrades
Customer is responsible for providing to Oracle detailed instructions for installation, patching and Upgrades for Third Party Software, and for assisting Oracle with such patching or Upgrades. Oracle will assist Customer or Implementer as necessary during the installation when specific installations tasks require special privileges not granted to Customer or its Implementer.
2.11 Hardware
Oracle E-Business Suite Certified Configurations for Computer and Administration Services are built on Intel or AMD 64-based architecture containing at least two processors and 8 GB of memory. This system is referred to as the minimum standard architecture.
@Customer hardware configurations are only available on x86-64 hardware (containing at least 2 processors and 16GB RAM), Sun, HP, and IBM platforms. This hardware is validated against Oracle requirements and Customer‟s application workload.
2.12 Operating System
For a @Oracle deployment, Oracle E-Business Suite is standardized on the Enterprise Linux distribution from Oracle--the Oracle Enterprise Linux Release 5.0. The Certified Configuration contains the necessary patches for running the Oracle application software stack. Oracle reserves the right to change the operating system at its discretion.
Oracle E-Business Suite On Demand @Customer deployments are supported on Oracle Enterprise Linux.
Customer preferred platforms must be able to support the On Demand-supported operating system and Oracle software certifications.
2.13 Oracle On Demand Automation Platform
The Oracle On Demand Automation (OAP) is a comprehensive set of software Tools and processes that enable Oracle On Demand to deliver operational tasks in a repetitive and automated fashion. The tasks include initialization, administration and management of the Oracle Programs. OAP resides in a data center that provides telecommunications, electrical, mechanical, and room specifications.
Oracle On Demand Automation Platform Toolset
The On Demand Automation Platform (OAP) Toolset is a subset of OAP that Oracle will install on Customer‟s Environment during initialization. The OAP Toolset is subject to change without notice. Changes to the OAP Toolset are applied following the Change Management process.
User and Installation Guides
During initialization, Oracle provides Customer with appropriate user and installation guides (if applicable), based on Customer‟s deployment configuration.
Oracle On Demand Automation Platform Repositories and Processes
In addition to the OAP Toolset, OAP also contains information repositories and defined processes. The OAP repositories are proprietary in nature and are not available to Customer.
2.14 Server Load Balancing (BIG-IP)
Oracle On Demand uses BIG-IP, a server load-balancing appliance, deployed in a redundant configuration to cluster application servers for scalability and fault tolerance. It provides port translation services (e.g., BIG-IP virtual server port 80 mapped to Apache service on mid-tier server port 10015) and offloads SSL processing from Apache mid-tiers to BIG-IP hardware SSL accelerator cards.
2.15 Oracle On Demand Network Architecture and Internet Connectivity
Oracle On Demand specifies network architectures from which Customer must choose for network connectivity with Oracle. For more information about networking, see the Network and Connectivity Standards Schedule.
7
Internet-Facing Deployment of Oracle E-Business Suite Applications
Oracle On Demand Environments are deployed in an Internet-facing environment only if specifically requested by Customer as indicated in the Ordering Document and provided that Customer first pays additional fees associated with a DMZ server.
Oracle assumes Customer is aware of the risks of data loss and compromise inherent in Internet-facing deployments, and expects Customer to seriously consider these risks before requesting such a deployment. Customer acknowledges and agrees that Oracle is not responsible for any loss or compromise of data arising from or related to the use of Internet-facing deployments.
If Customer purchases a DMZ server, Oracle will design Customer's Environment to be available through the Internet through Secure Sockets Layer (SSL) connections. No other Internet-facing deployment is available.
Internet-facing Environments must have the latest patch level Release and Critical Patch Updates must be applied immediately after their release.
Oracle approval is required to implement an internet-facing environment. Such an approval should be documented in the Customer Functional and Business Requirement Document, commonly known as the “OSA-10”.
2.16 Using Database Links for the @Oracle Model
An Oracle database link enables connections and transfer of data from one database to another. If Customer chooses to use database links, architecture standards require database links to be used within the Oracle On Demand Infrastructure. For example, Oracle Warehouse Builder, Oracle Portal, and Oracle9iAS or Oracle Applications Server 10g InterConnect database connectors can be used, provided they are located within Oracle‟s Data Center. Database links providing data exchange and integration over the Internet, the WAN, and any other deployments are not allowed for security reasons.
Implementation
Customer may need to migrate data to the Environment. To accommodate this, database links are allowed during implementation to perform bulk data moves from a source database to the target database within Customer‟s Environment.
Stabilization
During stabilization, Oracle examines database links intended for deployment in the Production Environment as part of the Production Assessment to determine whether or not usage conforms to Oracle‟s guidelines. The Implementer must remove any database links that do not comply with these guidelines. Oracle reserves the right to remove database links that do not conform to Oracle‟s guidelines.
8
Production
Database links with end-points that are located within Oracle‟s Data Center are allowed. Database links defined into or out of Oracle‟s Data Center are not allowed. Any requested exceptions will be examined by Oracle On Demand Global Information Security (GIS) and are subject to GIS approval and a documented risk assessment may be required. Where defined database links are not allowed based on Oracle‟s guidelines, the following options are available:
Re-implement the integration to use the integration methodology described in this Schedule, or
Re-implement the integration to use bulk extract methods, for example SFTP, to move large volumes of data.
Either of these methods should provide better performance and scalability than database links, particularly where VPN and WAN are used. Any security changes required to perform these operations must be documented and approved in writing by Oracle. Timelines for temporary modifications must likewise be documented and approved in writing by Oracle.
2.17 Storage Architecture
The @Oracle base configuration includes the Entitled storage indicated in the Oracle E-Business Suite for @Oracle Entitlement Schedule. Additional Storage can be purchased for additional fees. All disk storage supports a variety of applications and applications or business development lifecycle requirements (for example, database files, archive files, concurrent manager output, applications code, database code, and support for enhanced backup and restoration processes).
Section 3: Oracle On Demand Standards and Requirements
This section describes the Oracle On Demand standards and requirements.
3.1 Software, Operating System, and Third Party Software Standards and Requirements
This section describes the standards and requirements for the Oracle E-Business Suite Programs, operating system, and Third Party Software.
Oracle E-Business Suite Certified Configuration
Oracle requires that implementations of @Oracle and @Customer deployments for Oracle E-Business Suite Programs begin with the Certified Configuration.
Oracle E-Business Suite Release and Oracle Operating System Requirements
As of the publication date of this document, Certified Configurations support Oracle E-Business Suite Releases on the following platform and operating system combinations:
Platform Operating System Version
Linux x86 (32-bit and
64-bit) Oracle Enterprise Linux 5, or later (some components might be available only on 32-bit platforms)
All platforms in the preceding table are supported for an @Customer deployment. Oracle Enterprise Linux is the only operating system available for @Oracle deployments.
Information about the configuration and Release requirements for the operating system software is available in the corresponding Oracle E-Business Suite Certified Configuration installation guide. Contact Oracle On Demand for the most recent list of supported operating systems.
Oracle Web-Based Application Deployment
If Web-based Releases of the Oracle E-Business Suite client software applications are available, the Web-based version is deployed with the Oracle Programs.
Oracle E-Business Suite and HTML DB Support
Oracle On Demand supports HTML-DB only if Customer purchases On Demand for Oracle Technology Programs.
9
@Oracle Minimum Deployment Architecture
The minimum @Oracle deployment architecture for Oracle E-Business Suite Programs is a two-tier Production Environment physically or logically isolated from a two-tier Non-Production Environment.
3.2 Oracle On Demand Development CEMLI Standards and Requirements
Oracle publishes several documents that describe Oracle requirements, recommendations, and practices for the implementation of Oracle E-Business Suite programs, including the Oracle Application Developers Guide. Oracle On Demand requires that all CEMLIs deployed into the Environment comply with the requirements listed within the Oracle Developer’s Guide, unless otherwise specifically stated within this Schedule.
This Section 3.2 identifies standards that are either unique to On Demand or require special emphasis. This section does not supply all content required to effectively perform an On Demand implementation.
Oracle may agree to provide services for certain CEMLIs via written agreement with Customer. Although Oracle On Demand may host such CEMLIs, Oracle‟s support is limited to configurations and localizations. Customer is responsible for supporting, or separately contracting for support of, extensions, modifications, and integrations.
Configurations
Configurations are defined as changes that are made to functionality of the Oracle Programs to meet customer-specific business requirements and are completed using the user interface provided with Oracle Programs. Configurations do not change the existing code or add new code.
Extensions
Extensions are new components developed by Customer using the development features provided within the Oracle Programs. Provided that Oracle‟s guidelines and standards for creating these extensions are followed (including keeping these objects separate from standard Oracle E-Business Suite Program components), extensions are generally relatively straightforward to identify and maintain. New Releases of Oracle Programs have minimal, or no, impact on extensions.
Modifications
Modifications, also known as "customizations in place", are changes made to standard Oracle Program objects or code. Because it is very difficult to identify such changes to standard objects, there is significant risk that modifications may not be preserved when a new Release is applied. Thus, modifications are not allowed within the Environment.
Localizations
Localizations are developments designed to address country-specific requirements, such as statutory reporting and other business practices, which are not part of the standard functionality of the Oracle Programs. Localizations for a country are typically provided and supported by Oracle Consulting or other Oracle subsidiaries in that country through a separate written agreement with Customer.
Integrations
Integrations enable Customer to transfer data between Oracle E-Business Suite Programs and other Oracle programs or Third Party Software. Integrations must be developed by Customer, and all integrations must follow the guidelines and standards required for creating extensions. Integrations should take advantage of several standard interface programs and APIs provided with the Oracle E-Business Suite Programs to facilitate data transfer.
Oracle On Demand CEMLI Goal
Oracle On Demand's CEMLI goal is to minimize complexity, cost and risk to Customer through Customer's implementation of correct controls, the use of Oracle development standards, and the use of Change Management processes.
10
Risks of Using CEMLIs
Customizations to the Oracle E-Business Suite Programs present three types of risk to Customer and Customer‟s Environment:
Support Risk: CEMLIs may result in more complex or less effective support to Customer
Operations Risk: CEMLIs create the risk of adversely impacting performance and/or system operability at the on-line, batch process, or database levels. Upstream modifications may break downstream delivery and impact service. CEMLIs may also affect or compromise system availability, system level integrity, and the security of data.
Upgrade and Maintenance Release Risk
CEMLIs may impact the application of new Releases or Upgrades. New Releases and Upgrades may break existing CEMLIs.
CEMLI Standards
To minimize the risk associated with CEMLI customizations, Customer must:
Follow a structured process, including a detailed customization review and risk assessment, for the life of the CEMLI.
Comply with Oracle‟s CEMLI standards and guidelines.
Adhere to Oracle‟s Change Management procedures to control and manage the ongoing addition of customizations throughout the On Demand lifecycle.
Oracle strongly recommends that Customer utilize the following guidelines in an effort to minimize performance risk and stability risk presented by CEMLIs:
Minimize the use of CEMLIs by using functional alternatives and workarounds
Minimize risks by using pre-packaged customizations
Minimize risks by employing Oracle On Demand development and testing standards and best practices
Update documentation detailing the CEMLIs when changes are applied to customized code
CEMLI Documentation and Version Control
Customer or Customer‟s Implementer must maintain clear, concise, and accurate documentation regarding the implementation of the Oracle Programs and CEMLIs.
The documentation should include the functional and technical design, and functionality, of any CEMLIs, and include the following types of documentation:
Business requirements and functional specifications
System design and technical specifications
Technical documentation
User documentation
The documentation must:
Provide enough information to assist Customer or Implementer with the comparison process that must be performed when new Releases or Upgrades are reviewed
Be submitted before Production Go-Live.
Version Control
Implementer or Customer must execute version control of CEMLI code.
Roles and Responsibilities
The parties‟ roles and responsibilities regarding CEMLIs are as follows:
Customer and Implementer
Establish, communicate, and document customization requirements prior to beginning development. This exercise helps to assess the impact of the CEMLI on operations and to compare the risks versus costs of the CEMLI.
11
Maintain a copy of the customization documents identified above and provide updated copies to Oracle throughout the CEMLI‟s lifecycle.
Perform any additional work on the customized objects such as Upgrades, patches, and fixes.
Identify the impact on customizations of implementing new Releases, including Upgrades.
Retrofit customized objects.
Retain responsible for any impact that the implementation of new Releases has on any CEMLI.
Oracle, Customer and Implementer
Discuss customizations and their operational and support impact to understand the requirements, risks and costs, and to discuss alternatives. The discussion should focus on minimizing the use of customizations and related risks
Review and test customized code before it is deployed into the Production Environment
On Demand Development Standards for File System and File System Objects
Customer and its Implementer must follow the guidelines listed in this section when creating custom file systems or file system objects.
Do not change the standard Oracle file system architecture.
Store all custom files under the SID/applmgr/CUSTOM directory, where SID is the system identifier.
Store all custom files under the $XBOL_TOP directory or any custom directory starting with the XX-prefix. (Oracle allows multiple custom file system directories).
All CEMLIs that run as concurrent programs such as concurrent executables, reports, concurrent programs, request sets, responsibilities, menus, and functions should be registered under XBOL or similar custom applications beginning with the XX-prefix as defined by Customer.
All custom applications should be registered under the XBOL or custom directory beginning with the XX-prefix.
CEMLI Directory Structure
The following figure illustrates the directory structure for CEMLIs in the $XBOL_TOP or $XX-prefix custom directory.
Directory Structure for CEMLIs
Note the following:
The bin directory contains UNIX shell scripts and SQL loader scripts.
The sql directory contains SQL scripts and SQL*Plus reports.
The forms directory contains forms.
The reports directory contains reports.
The wf directory contains Oracle Workflow definitions.
12
The cstmsdx directories contain Customer code.
Customers may add additional sub-directories as required for their application.
Development Standards for Database Schemas and Database Objects
Customer and its Implementer must follow the standards listed in this Section 3.2 when creating custom database objects. Customer is solely responsible for testing and resolving issues related to, and any impact patching may have on, such custom database objects.
Custom schemas should be named BOLINF or should start with the „XX‟ prefix.
Register all custom objects, including PL/SQL objects, such as packages, located in the database under the custom schema. Custom objects, including packages, may not be registered under APPS.
Customer may have multiple custom schemas.
Customer may not modify standard Oracle E-Business Suite Program objects or tables unless there is no alternative to such modification.
If Customer proceeds with modifications to the standard objects or tables, Customer acknowledges that support of modifications is very difficult and is provided by Oracle on an “as-is” basis, and that certain Change Management activities may overwrite modifications.
Customer must use APIs when Customer requires access to base application tables.
Customer may not add to or change the database triggers for standard Oracle E-Business Suite Program tables.
Customer may not use custom triggers to modify data in Oracle E-Business Suite Program tables.
Customer should use custom triggers only when other methods of completing the required task do not meet Customer‟s business requirements.
If Customer uses custom triggers, Customer acknowledges the following:
Identifying and debugging errors caused by triggers is difficult and is provided by Oracle on an “as-is” basis.
Support personnel may overlook problems associated with triggers that are not documented.
Adding new database triggers or changing existing database triggers on standard application tables can cause a complete change in the functionality of the Oracle Programs and can lead to serious data integrity problems.
Oracle E-Business Suite database
The Oracle E-Business Suite database contains the following:
Universal schema (APPS)
Oracle application module schema (for example AR)
Customization schema (BOLINF or XX-prefix)
Read-only schema (RAC_ACCNT)
Standards for Oracle E-Business Suite Integration
Oracle On Demand provides a variety of standard mechanisms to enable integration with Customer‟s Environment. The following subsections describe those integration mechanisms.
On Demand Oracle Application Server 10g Integration Framework
The Oracle Application Server 10g integration framework provides a framework and mechanisms designed to enable effective integration between the Oracle Programs and other applications. Customer is responsible for purchasing all necessary Oracle licenses, technical support, and On Demand Services for Oracle Technology Programs, to support the On Demand Oracle Application Server 10g integration solution. Customer should contact its Oracle sales representative to learn more about Oracle Application Server 10g.
13
Oracle E-Business Suite and Integration with Oracle Single Sign-On and Common Identity Management Solution
Oracle provides Identity Management solutions that are designed to enable Customer to create Single-Sign On (SSO)/Common Identity Management (CIM) solutions for Oracle applications and Third Party Software. Oracle supports the integration of disparate directories to enable a CIM solution.
If Customer requires SSO/CIM solutions, Customer is responsible for purchasing all necessary Oracle licenses, technical support, and On Demand Services for Oracle Technology Programs.
The minimum requirements for an @Oracle deployment of the Oracle Programs and SSO/CIM follow. The minimum architectures do not take into account Customer‟s capacity or availability requirements.
Service/ Requirements Production Non-Production
SSO / OID Single sign on through VPN
1 (two-tier) x2 CPU each tier
1 Server x2 CPU Database 1 Server x2 CPU Oracle AS
1 (two-tier) x2 CPU each tier
1 Server x2CPU Database 1 Server x2CPU Oracle Application Server (AS)
SSO / OID through Internet
1 (two-tier) x2 CPU each tier
1 Server x2 CPU Database 1 Server x2 CPU Oracle AS (DMZ Server)
1 (two-tier) x2 CPU each tier
1 Server x2 CPU Database 1 Server x2 CPU Oracle AS
2 (DMZ
Server)
SSO / CIM through VPN
2 (two-tier) x2 CPU each tier 1 Server x2 CPU Database
SSO/OID/CIM/Portal 1 Server x2 CPU Oracle AS SSO/OID/CIM/Portal
2 (two-tier) x2 CPU each tier 1 Server x2 CPU Database
SSO/OID/CIM/Portal 1 Server x2 CPU Oracle AS SSO/OID/CIM/Portal
SSO / CIM through Internet
2 (two-tier) x2 CPU each tier
1 Server x2 CPU Database
SSO/OID/CIM/Portal 1 Server x2 CPU Oracle AS SSO/OID/CIM/Portal (DMZ Server)
2 (two-tier) x2 CPU each tier
1 Server x2 CPU Database
SSO/OID/CIM/Portal 1 Server x2 CPU Oracle AS SSO/OID/CIM/Portal (DMZ Server)
SSO / CIM with
Collaboration Suite On Demand
3 (CSO)
2 (two-tier) x2 cpu Oracle Application Server
2 (two-tier) x2 cpu Oracle Application Server
Oracle E-Business Suite and Integration with Portal
Customer may choose to create a custom portal for the Oracle Programs. Customer is responsible for purchasing all necessary Oracle licenses, technical support, and On Demand Services for Oracle Technology Programs for such a solution.
The minimum requirements for an @Oracle deployment with a custom Oracle Application Server 10g Portal for the Oracle E-Business Suite Programs follows. This minimum architecture does not take into account Customer‟s capacity or availability requirements.
Service/ Requirements Production Non-Production
Oracle Application Server 10g Portal
2 (two-tier)x2 cpu Oracle Application Server
4
2 (two-tier)x2 cpu Oracle Application Server
2 Depending on Customer‟s requirements, Customer may be required to purchase full-use database
licenses for the database tier. 3 The SSO server must be dedicated to SSO/CIM functionality and may not be multi-purposed for other
Oracle Application Server 10g functionality such as Discoverer or Portal. 4 Customer may be required to purchase full-use licenses based on their application environment.
14
Customer is solely responsible for the implementation of portal services.
Oracle E-Business Suite Integration with Oracle Beehive
There are certain Oracle E-Business Suite modules that may be integrated with Oracle Beehive. To leverage this integration, Customer must purchase Oracle the applicable licenses, support, and On Demand Services for Beehive Programs. Customer is solely responsible for the implementation of these integrations.
Oracle E-Business Suite Integration with Printers
For information about configuring the Oracle Programs for printing, refer to Section 5.
3.3 File Transfers
Oracle will provide SSH File Transfer Protocol (Secure FTP or SFTP) access to a dedicated SFTP server that will facilitate Customer customization or patching of Non-Production Environments. Customer will receive its own file transfer account. All inbound files, such as program files and scripts, can be moved to the appropriate location on Customer's SFTP server using SSH File Transfer Protocol. All outbound files, such as Customer data file movement, should be automated using a standard process set up by Oracle On Demand to transfer the data files from the Non-Production Environment to the SFTP server. If Customer has purchased Computer and Administration Services, the SFTP server is the only server directly accessible from the Production Environment server.
Oracle will provide operational support for the SFTP infrastructure only. Oracle will not provide SFTP clients or other software or any support for such software. Customer is solely responsible for providing, maintaining and supporting any SFTP client and other software.
Transfer Process
With the exception of the Production Environment and the Production Support Environment, the FTP process automatically moves CEMLIs such as custom forms, reports, and SQL scripts to the appropriate environment after Customer or Customer‟s Implementer uploads them to the SFTP server. The On Demand Change Management process must be followed for Production Environments.
Customer may send a checksum file along with a data file. The name of the checksum file
must match the name of the data file, except it has a *.sum extension. The file contains the checksum value performed on the data file. Customer has the option of verifying the checksum before using the data file.
Section 4: Oracle On Demand Environment Naming Conventions and Access Controls
This section describes Oracle On Demand naming conventions and access controls.
4.1 Oracle On Demand Naming Conventions
The naming conventions for Oracle E-Business Suite are as follows:
Customer short code. This four-character code uniquely identifies Customer‟s Environment. It is combined with the first letter of the environment type to form the database system identifier (SID), mount points, and user names.
Database SID. This is usually made by concatenating the first letter of the environment type, Customer‟s short code, and the letter i. However, when Customer has Additional Non-Production Environments, the SID is created with the first three digits of the short code plus the environment number.
Environment type. This can be the Production Support Environment (TEST), the Non-Production Environment (DEV), or Additional Non-Production Environments. Each environment uses different port numbers.
Mount point. The mount point for the environment is the same as the database SID. The mount point is always entered in lowercase.
User names. The names are defined as follows:
The Oracle user name is made by concatenating or with the database SID.
The applmgr user name is made by concatenating ap with the database SID.
15
There will be two standard SFTP accounts: one for the Production Environment, and one for the Non-Production Environment. For multi-tenant, there will be separate accounts for each Customer using the $CID in the account name.
The BOL-SETUP user name is assigned the Applications Administrator responsibility for use in implementing the Oracle Programs.
Prior to Production Go-Live, the Applications Administrator responsibility should be assigned to a named application user. The user BOL-SETUP will be end dated at Production Go-Live.
The following table shows examples of user names (where xxxx is the four character Customer code):
Environment Database
SID User Names
Production
Support (TEST)
txxxxi oracle user: ortxxxxi
applmgr user: aptxxxxi
interface user: one for the Production Environment and one for the Non-Production Environment
Development dxxxxi oracle user: ordxxxxi
applmgr user: apdxxxxi
interface user: one for the Production Environment and one for the Non-Production Environment
Oracle On Demand Standard File Systems
Oracle E-Business Suite is installed under and uses a standard file system structure. The following table illustrates a Production Support Environment (TEST) example for both Release 11i and Release 12 where xxxx is the four character Customer code.
E-Business Suite Release Database Tier Middle Tier RAC
R11i /txxxxi/oracle
/txxxxi/oradata
/txxxxi/backup
/txxxxi/oracle
/txxxxi/arch
/txxxxi/applcsf
/txxxxi/applcsf
/txxxxi/applmgr
/txxxxi/product
/txxxxi/disco
/oracm/oracle
/oracm/oradata
R12 /txxxxi/oracle
/txxxxi/oradata
/txxxxi/backup
/txxxxi/oracle
/txxxxi/oratmp
/txxxxi/log
/txxxxi/arch
/txxxxi/applcsf
/txxxxi/applcsf
/txxxxi/applmgr
/txxxxi/product
/txxxxi/mtlog
/txxxxi/disco
/txxxxi/inst
/oracrs/oracle
/oracrs/oradata
4.2 Access Controls
Oracle On Demand implements an access control method that incorporates layers of access, named accounts mapped to individual users, and mandatory password maintenance. An overview of the layers involved and the key characteristics of each layer are presented in this Section 4.2. During initialization, Oracle provides Customer with the latest account specifications, initialization, training, and usage materials.
The implementation team is granted required and necessary access to Non-Production Environments to perform required application-related configuration, development, and verification
16
tasks. Named Linux or UNIX accounts, PowerBroker policies, and the Password Manager utility provide interrelated layers of security. These security measures are not used independently.
If Customer has purchased Administration Services, Customer is responsible for implementing an access control method for the operating system.
Operating System Users
Oracle E-Business Suite Programs are typically installed under two operating system users: oracle and applmgr. The oracle user owns the Oracle Technology Stack and database, and is a member of the dba group. The applmgr owns the Oracle E-Business Suite Technology Stack, and is a member of the oaa group. For @Oracle deployments, an account is created for the Implementer and the interface account is created for file transfers.
Named Linux or UNIX Accounts
Named Linux or UNIX accounts are used to associate individuals to unique operating system user accounts. These named accounts are the lowest level of access with minimal privileges. Anonymous or shared logins to the operating system are not permitted.
PowerBroker Policies
Symark PowerBroker is Third Party Software used to permit access beyond that granted to named accounts. PowerBroker policies associate the named accounts to more privileged operating system accounts, and are necessary to use the Password Manager utility to gain access to the database, and if applicable, certain well-known Oracle E-Business Suite Program accounts.
For more information on Symark Powerbroker policies and password management, refer to the Oracle On Demand PowerBroker Access and Automated Password Management Manual.
Password Manager
The Oracle-proprietary Password Manager utility is used to display privileged database and Oracle E-Business Suite Program passwords to those who have named Linux accounts and associated PowerBroker policies.
Password Manager enables Oracle On Demand to manage passwords and provide controlled-access to passwords for End Users with named operating system accounts and associated PowerBroker policies.
Database or Oracle E-Business Suite Accounts
After an individual has gone through the first three layers, they have final access to the set of database accounts or Oracle E-Business Suite Program accounts, or both, for which they have been authorized. Using these accounts and passwords, the individual is able to use the various accounts described in the following subsections.
Operating System and Database Access
For @Oracle deployments, only access to the operating system and database is available.
For information about access to the operating system and database, see the Oracle On Demand PowerBroker Access and Automated Password Management Manual.
Application and Database Access
The following table provides information about the accounts in an environment for Oracle E-Business Suite programs and the applications-related responsibilities associated with them.
Account or Responsibility Responsibility
Application Administrator
Application Responsibility: Custom responsibility provided to Customer’s technical lead
Oracle On Demand provides this access to Customer‟s technical lead administrator. The responsibility is given in lieu of the System Administrator responsibility and should be assigned to the named application Users that will handle application administration at
17
Account or Responsibility Responsibility
Customer‟s site.
Administer document sequences and categories, administer folders, administer responsibilities, administer Users, define application menus, define application messages, define concurrent programs, define currencies, define executables, define flex fields, define printers, printer types, print styles, and drivers; define request security group, define request sets, define value sets, and value set values, manage workflow processes and notifications, perform network latency and bandwidth tests, query concurrent executables, query Concurrent Managers, query concurrent programs, query concurrent requests, query functions, and set profile options to administer Customer‟s application End Users.
System Administrator
Application Responsibility: Application setup responsibility
This account is not granted to Implementers or Customer
Application Developer
Application Responsibility: Used by Oracle for advanced application functions such as updating the Production
Environment with custom forms
This account is not granted to Implementers or Customer
BOL-SETUP
Application User: Granted Application Administrator responsibility
For a limited time, System Administrator responsibility may be granted to this User to complete setup. This responsibility enables use of Examine Privileges on Non-Production Environments. This account is not available in Production Environments.
BOLINF
Database User
This responsibility grants read-only access to standard applications schema and objects and provides access to create, update, insert, and delete access to the standard interface or customized objects.
RAC_ACCNT
Database User
This responsibility grants Read-only database schema for the Production Support Environment, Production Environment, and Non-Production Environments.
APPS
Database User
This access is granted for the sole purpose of testing steps and procedures that On Demand will perform in the Production Environment and Production Support Environment. It is granted to Customer‟s Implementer only for Non-Production Environments.
SFTP
There will be 2 accounts for SFTP: one for the Production Environment and one for the Non-Production Environment. For multi-tenant customers, there will be a separate account for each customer which will include the $CID in the account name.
Oracle On Demand maintains a list of authorized system Users so requests for assistance can be verified against the list. On Demand does not provide access or troubleshoot Problems for individuals not on the authorized list. This is for the protection of Customer‟s data and systems within Oracle‟s Data Center.
18
The implementation team project manager should communicate changes to the list of authorized Users to On Demand as soon as changes occur.
At Production Go-Live, all system access for Customer‟s Implementer is removed from the list of Authorized Users.
The following table describes the general guidelines for each type of environment.
Environment Guidelines
Non-Production
(DEV) Used by Customer‟s Implementer developers for the development
and unit testing of CEMLIs
Production Used after setups have been tested and approved by Customer through User Acceptance Testing
Becomes Customer‟s live Production Environment
Production Support (TEST)
Prior to Production Go-Live, used by Customer‟s Implementer to perform application setup and any CEMLI testing
Following Production Go-Live, used exclusively by Oracle for Change Management activities following
Not built to scale to match performance of the Production Environment
Primarily used for Change Management tasks and to test functionality
The following table describes the general applications, system access types, and user identification required to perform various functions. Oracle On Demand does not allow Customer to modify base application tables.
Access Type Environment Accessible? Comments
Concurrent
Manager monitoring and
management
DEV= Yes
PRODUCTION SUPPORT= No
PROD= No
Function performed by Oracle On Demand for the Production Environment only
Forms Registration
DEV=Yes
PRODUCTION SUPPORT= No
PROD= No
Developed by Customer in the Development Environment
FNDLOAD script provided for the Production Support Environment and the Production Environment
Reports Registration
DEV=Yes
PRODUCTION SUPPORT=No
PROD=No
Developed by Customer in the Development Environment
FNDLOAD script provided for the Production Support Environment and the Production Environment
Printer Configuration
DEV=Yes
PRODUCTION SUPPORT=Yes
PROD=Yes
Function performed by Oracle On Demand for all environments.
Application Administrator
DEV=Yes
PRODUCTION SUPPORT=Yes
PROD=Yes
This responsibility is available in all environments
Oracle On Demand Server Access
For information about Oracle On Demand server access, see the Oracle On Demand PowerBroker Access and Automated Password Management Manual.
19
Section 5: Printing
There are several key configuration tasks that are required to enable effective printing. The first task is to establish network connectivity between the appropriate environment, print server (if used), and end-printer. The second task is to set up the operating system printer queues. The third task is to configure and manage the application itself and the appropriate print server.
Customer-selected printers are set up before Oracle E-Business Suite is available for implementation. Customer may require additional printers to be set up at the system level at a later time.
If Customer purchased Computer and Administration Services, Oracle requires that all printers, print-servers, and any other non-host based print software be installed on Customer‟s premises. Oracle enables Customer to set up the operating system print queues with a self-service product called Print-Pro. Customer manages Oracle print jobs through the self-service application.
If Customer purchased Administration Services, Customer is responsible for all printer configuration and maintenance at the network, operating system, and application level.
Printing from Oracle E-Business Suite programs requires a variety of configuration and setup activities across several layers of the stack. Refer to the Application Management Services for Oracle E-Business Suite Schedule for details of the key tasks involved.
5.1 Oracle On Demand and Print Servers
If Customer has several printers or complicated print activities, Oracle On Demand recommends a print server that is located on Customer‟s site. Print servers give Customer greater control of individual print jobs and enable a more centralized print management process. Most On Demand customers with more than five printers use a print server.
If using a Windows 2000 printer server (such as Optio or Evergreen), Customer must verify that TCP/IP print services are installed and started on the printer server. TCP/IP print services are not part of the default installation for Windows 2000 and must be added.
5.2 Oracle On Demand and Operating System Printer Standards
For @Oracle deployments, Oracle supports print drivers that are supported by the Oracle E-Business Suite programs. At the time of publication of this document, Oracle E-Business Suite was certified and supported Hewlett Packard model PCL4 and higher postscript-based print drivers. Although Oracle Programs and Oracle On Demand enable the installation of third party drivers and fonts, Customer is responsible for supporting this software.
5.3 Operating System Printer Queue Setup
For @Customer deployments, Customer is responsible for setting up print queues.
For @Oracle deployments, Oracle provides a web-based interface that enables Customer to set up necessary printer queues.
If Customer requires Oracle to install, configure, and maintain printer queues on the managed system that are not supported by the web-based management interface, Customer may purchase such services.