Wednesday, October 11, 2017

Automate download of patches from Oracle Support

If you need to download the patches or software from My Oracle Support, you can use the below utility available at Github


The Github site has instructions on how to use this utility.

I have found some additional challenges when using this utility if you are behind a proxy.

  • The way patch download process works is that you connect to MOS ( using HTTPS for authentication and use http for actual file download. This requires you use the below command line argument to support for both http and https. The Github site readme only specifies using https, which works for authentication but fails to download the file.

java -Dhttp.proxyPort=80 -Dhttps.proxyPort=80 -jar getMOSPatch.jar MOSPass=aaa platform=226P download=all patch=26557153

  • I have also found that the code uses (Line 144) conn.setReadTimeout(60000); which is 1 minute. I have found that this may not be sufficient for the busy sites and it fails with the following message.  To avoid this issue, I simply changed it to conn.setReadTimeout(6000000); – 100 minutes and used the below to recompile the jar file.

Unzip the current jar to extract META-INF\MANIFEST.MF file to the folder where you store the java file. Also change the path to java. The below path are for Windows 8 and JDK 8.

"C:\Program Files\Java\jdk8\bin\javac.exe" -bootclasspath "C:\Program Files\Java\jdk8\jre\lib\rt.jar" -source 1.6 -target 1.6

"C:\Program Files\Java\jdk8\bin\jar.exe" cvmf META-INF/MANIFEST.MF getMOSPatch.jar getMOSPatch*.class

del *.class

Error Message if we do not change the setReadTimeout

Processing patch 26557153 for Linux x86-64 and applying regexp .* to the filenames:
  1 -
  Enter Comma separated files to download: all
  All files will be downloadad because download=all was specified.

Downloading all selected files: Read timed out
        at Method)
        at Source)
        at Source)
        at Source)
        at Source)
        at Source)
        at Source)
        at Source)
        at Source)
        at Source)
        at Source)
        at Source)
        at getMOSPatch.getHttpInputStream(
        at getMOSPatch.DownloadFile(
        at getMOSPatch.DownloadAllFIles(
        at getMOSPatch.main(

Tuesday, May 10, 2016

Applying latest Oracle Patch 22502456 Database Patch Set Update : for Oracle Run Time Client errors out

When trying to apply patch 22502456 to Oracle Runtime client using latest OPatch version
it fails with the following error. This patch is also included in combo patch : 22738777 - COMBO OF OJVM COMPONENT DB PSU + DB PSU (APR2016)

Verifying environment and performing prerequisite checks...
Skip patch 20760982 from list of patches to apply: This patch is not needed.
UtilSession failed: null
Log file location:
OPatch failed with error code 73
Log file error shows this.
[May 9, 2016 3:46:33 PM]     OUI-67073:UtilSession failed: null
[May 9, 2016 3:46:33 PM]     Finishing UtilSession at Mon May 09 15:46:33 EDT 2016
[May 9, 2016 3:46:33 PM]     Log file location: /opt/oracle/product/
[May 9, 2016 3:46:33 PM]     Stack Description: java.lang.NullPointerException
[May 9, 2016 3:46:33 PM]     StackTrace: java.lang.StringBuffer.<init>(
[May 9, 2016 3:46:33 PM]     StackTrace: oracle.opatch.UtilSession.process(
[May 9, 2016 3:46:33 PM]     StackTrace: oracle.opatch.OPatchSession.main(
[May 9, 2016 3:46:33 PM]     StackTrace: oracle.opatch.OPatch.main(

Oracle support is able to reproduce this issue however currently no workaround is provided.
They have internally 2 bugs opened to address this issue.


Monday, January 18, 2016

Portal Home Page Displays Error : Error getting content for remote pagelet.

When you are logging on to a Portal Home Page which displays Remote pagelets, You get this error randomly.

Error Message: Error getting content

When you click on "Detailed Error Description", You will get this

Unable to get document
Error occurred while accessing target page.

To see the further details, Please log in to your webserver and open the following log files. If you have more than 1 web server you may have to go to each web server to see the content.

Log File Location : $PS_CFG_HOME/webserv/peoplesoft/servers/PIA/logs (This is for PeopleTools 8.53 and higher).
Log File Names are below

If you open any one of these log file, You will see the following

2000-01-07T11:47:21.185         9259 163517125      unknown SEVERE psft.pt8.psp logError Error for User: abc Error Message: Unable to get document:  Requested URL: Target URL:  Error reading from server

If you do not have security issue or single signon issue, Please check the default HTTP Header size allowed by your Load balancer that you use for multiple webservers.  In Case of Cisco ACE Loadbalancer default is : 4096 bytes. Increasing it to 32768 helps in resolving this issue.

For Cisco Ace this parameter is :
set header-maxparse-length 32768

If you use a different Load balancer for e.g. F5 LTM then I believe the default is already 32768.  You can contact your Load balancer vendor to determine the default HTTP Header size.

Tuesday, January 05, 2016

Upload image to Image Catalog

In PeopleTools 8.53 PeopleSoft has provided an online PIA page to upload the images or modify an existing images without using App designer. This is really helpful if you want to change an image, but do not want to migrate application project just for updating the image.
Page name : Layout Image Upload

Navigation : Main Menu>PeopleTools>Mobile Application Platform>MAP Utilities>Layout Image Upload

For some reason, Mobile Application Platform is hidden in Portal structure and contents, but you can still access the Layout Image Upload page by searching.

Tuesday, December 08, 2015

PeopleSoft Support of TLS 1.2 when connecting to LDAP/HTTP servers using LDAPS/HTTPS URLs

Currently all PeopleSoft PeopleTools releases including 8.55 only supports Java 1.7 for the Appserver. Java 1.7 by default only enables support for SSL 3.0 and TLS 1, though it supports both TLS 1.1. and TLS 1.2. They are not enabled by default. This is easy to fix for HTTPS connections by modifying JavaVM options the following parameter to Appserver (psappsrv.cfg) and Batch server (psprcs.cfg) config files

JavaVM Options=-Dxdo.ConfigFile=%PS_HOME%/appserv/xdo.cfg -Xms32m -Xmx128m -Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2

Once you modify the Parameter, simply restart the Appserver or batch server and it will take effect. There is no need to reconfigure the appserver or batch server.

Please note this only work for HTTPS connections for e.g. when connecting to Integration Gateway Web server which only accepts TLS 1.1 or TLS 1.2 connections.

To make this also work for LDAP or Directory server that is configured to accept only TLS 1.2 connections for compliance with PCI DSS v3.1 (mandatory after June 30 2016), a code change to $PS_HOME/appserv/classes/psft/pt8/pshttp/PSLdapSSLSocketFactory.class is required so that it uses TLSv1.2 instead of SSL for the below code line.

SSLContext sslcontext = SSLContext.getInstance("SSL");

needs to be changed to

SSLContext sslcontext = SSLContext.getInstance("TLSv1.2");

Currently there are no configuration parameters to fix this issue. Please open a support case with Oracle and reference the below bug number if you need the fix for this issue.

There is an open PeopleSoft bug to address this issue.

22323376 - LDAP FAILS TO CONNECT TO LDAP SERVER USING TLS 1.2 to address this issue.

This will impact any PeopleSoft applications that are considered as PCI In scope applications and uses TLS 1.2 for Autnetication with LDAP Directory server using LDAPS protocol.

You will see the following error in the Appserver when connecting to LDAP server using delivered Page.

[Root exception is Remote host closed connection during handshake]

Please note PeopleSoft uses JNDI to connect to LDAP Directory server via delivered Directory Interface Business interlink.

Thursday, September 17, 2015

Global Database Link feature in Oracle 11G can result in Peoplesoft Signon Failure

If you use Oracle Internet Directory (OID) to resolve database names, then you have this feature enabled by default. With Global database link feature, users can access tables/view in other database using @dbname syntax even when there is no explicit database link is created. For e.g User A logged in to Database A using his personal id : XXXX can run the below query to access table in database b. Only thing that is needed to make this work is that password for the user A must be same in both database A and B.

select * from ps_job@databaseb

This may create a potential locking situation,if password in database are not synced up and there is an account lock policy implemented to lock account after x invalid attempts. As soon as user runs more than x sql statements using global database link feature, it will lock the account in database b. When you look at dba audit trail, you will see the connection attempt was made by oracle user and machine name will be of database server machine name. This makes it confusing to determine how this account got locked up.

This is even more dangerous, if some one runs a SQR or Application engine program using peoplesoft process scheduler with a remotedbname sysntax for sql for e.g. ps_job@databaseb

This is because, PeopleSoft process scheduler runs the sql using database access id in database A, which inurn access the database b using the access id password in Database A. Most likely you would keep the database access id password (default : SYSADM) different for different databases and this can potentially lock the sysadm password in database B due to account lock out policy. If this happens, users will see when trying to access the application

“Bea.jolt.serviceexception: TPENOENT – No entry”


You can find more information on this at My Oracle Support

What are Global Database Link and How do you Disable them? (Doc ID 1632329.1)

If this happens in your environment, Please check if database access id is locked out. If yes, unlock the database access id and restart all your app and batch servers.

ios9 Safari PeopleSoft Pages appear zoomed

After the recent upgrade to iOS9 from iOS 8.4.1 on iPAd Air and iPhone 6, PeopleSoft pages appears zoomed and entire UI looks messed up using safari. Our PeopleTools environment is 8.53.12 and this is reproducible in multiple demo environments including HR and Portal 9.1.

Stpes to reproduce the issue

1. Login to HRMS 9.1/Portal 9.1 Demo instance using iPad or iPhone running iOS9 using Safari

2. Open System Profile page

Screenshot of the zoomed page.


Update from Oracle Support

This is a known issue tracked by


Apple Development is currently working on the issue

Updates : Issue is not resolved even with release of 9.1 and according to apple support they are still investigating the issue and it will be fixed in some unknown future release. Meanwhile Oracle has provided the workaround. Please test carefully before applying the workaround.

Please refer to following E-PIA Peoplesoft Classic Pages Are Not Rendering Correctly In IOS 9 (Doc ID 2057957.1)

for the workaround. It is different for 8.53 and below and 8.54 and above.