EnterpriseOne Javascript Error Causing Errors In Internet Explorer
Filed under: EnterpriseOne - JAS (Java Application Server), Firefox, Internet Explorer, Javascript, Tools Release, enterpriseone, typeahead, websphere
We recently went live with Employee Self-Service. In doing so, we no longer send employees their direct deposit pay stub. Over the last few days we were notified that some employees were unable to view the paycheck details.
We began troubleshooting the issue with looking at the usually culprits:
- Browser used (Firefox doesn’t work with EnterpriseOne Tools Release 8.97)
- Browser security settings (EnterpriseOne & IE7)
- Browser add-ons/plug-ins/extensions
However, nothing seemed suspect.
So, I put on the Web Developer Hat (don’t tell Charlie) and started troubleshooting. I found that there was a Javascript error in Internet Explorer. I tracked down the offending file an commented out the code.
The Javascript file that I changed was /js/JDEDTA.js.
The specific line that was causing the problem was line 344. I commented out the whole thing because who needs “typeahead” functionality in Employee Self-Service?
340: this.saveAutoCompleteData = function(){
341: //Hack to make typeahead work in IE
342: /*if(document.all){
343: var formToPost = document.forms[this.formName];
344: window.external.AutoCompleteSaveForm(formToPost);
345: }else if (!this.isSafari){
346: var formToPost = document.forms[this.formName];
347: if (formToPost)
348: {
349: var action = formToPost.action;
350: formToPost.action = "javascript:void(0)";
351: formToPost.submit();
352: formToPost.action = action;
353: }
354: }*/
355: }
20 Products Affected By Oracle’s Lastest Critical Patch Update
Filed under: EnterpriseOne - General, EnterpriseOne - Security, oracle
Oracle released the October 2008 Critical Patch Update. This update contains 36 new security fixes across 20 different products.
A piece of EnterpirseOne, the Business Services Server, is included in this update.
Oracle CPU – October 2008
Oracle CPU FAQ
Quick EnterpriseOne Version Security Solution
Filed under: EnterpriseOne - SQLs, EnterpriseOne - Security
Whether you are trying to change the processing options of an interactive version or a batch version. Sometimes you can run into issues where the application indicates that you do not have authority to change the version like the example to the left.
To quickly get around this error, we can use SQL to change the security setting in the F983051.
UPDATE CODV811/F983051 SET VREXCL = 0 WHERE vRPID = 'P03B2002' AND VRVERS = 'TEST0001'Tags: batch version, e1, enterpriseone, EnterpriseOne - Security, EnterpriseOne - SQLs, security, sql, version
JD Edwards EnterpriseOne: The Complete Reference
This is a new JD Edwards EnterpriseOne book that will be out Dec. 15th, 2008. Below are the details that are found on Amazon.com:
JD Edwards EnterpriseOne: The Complete Reference
A comprehensive guide to J.D. Edwards EnterpriseOne
Written by practicing J.D. Edwards EnterpriseOne experts and professionals, this book is unbeatable in terms of coverage and authoritative information. You will get all the in-depth knowledge you need–from implementation and administration to troubleshooting and security. J. D. Edwards EnterpriseOne: The Complete Reference expertly combines insightful information with real-world examples. It is ideal for both novice and veteran users.
About the Author
Allen Jacot has more than a decade of J.D. Edwards EnterpriseOne implementation experience and has worked with the product since its original beta release in 1996.
Joseph E. Miller has worked on more than 60 implementations of the EnterpriseOne/OneWorld product over the last 10 years.
Michael Jacot is a senior principal consultant for Oracle J.D. Edwards Consulting Services and has managed many different types of EnterpriseOne implementations.
John A. Stern has participated in more than 30 EnterpriseOne implementations.
Tags: e1, enterpriseone, EnterpriseOne - General, jd edwards, oneworld, oracle, security, worldGood News And Bad News With Oracle’s Latest Patches
Forty-five new Oracle patches will be released Tuesday, July 15, 2008.
Bad News: 25 products are affected.
Good News: "There are no new security fixes affecting JD Edwards products."
Yippee! I hate trying to explain the needs for upgrades to users when they can’t really see the issue.
Tags: e1, EnterpriseOne - General, jd edwards, oracle, security, xeProblems Deploying A Package
Filed under: EnterpriseOne - General, EnterpriseOne - Install/Upgrade, EnterpriseOne - Security
We had an issue over the weekend…
We built an update package successfully. However, we were unable to deploy it. The R98825D just kept running and running. It wouldn’t end. We did all the normal stuff:
- Stop services
- Delete SQLPKGs
- Start services
- Reboot Deployment server
- Deploy to a different port (we are using multi-foundations)
Nothing worked.
I then started looking through the server kernel logs. When I got to the security kernel, I noticed that the PSFT userid was disabled. Now, we normally don’t login with that ID and hadn’t for quite some time. Although, I do remember changing the password a few months ago.
Anyway, I re-enabled the profile and reset the password to PSFT and everything worked great.
Now, I guess we need to go and change the PSFT password everywhere so that when users come back from E1 training they don’t have access to the whole system.
Tags: e1, EnterpriseOne - General, EnterpriseOne - Install/Upgrade, EnterpriseOne - Security, psft, security, sqlEnterpriseOne (E1) Security Management Software – ALLOut
One of our installations of EnterpriseOne utilizes a piece of software from AllOut Security. ALLOut Security is an Oracle Partner and produces software that helps those that are responsible for World & EnterpriseOne security.
During the application configuration phase of our implementation project we didn’t have users dedicated to the project. They not only had to do the setup and testing of all the E1 modules, but also had to do their regular day-to-day jobs. So, that left the security piece of things in kind of a lurch.
Our business data owner that was to be setting up our security matrix was not only new to the security side of things but was also responsible in overseeing all of the accounting setup and configuration. Needless to say, “she had a lot on her plate.” Anyway, to help her they brought in ALLOut Security.
I wasn’t really happy with the idea, at first. The way the software works is a little confusing, especially if you already understand the way that E! does things (once you start to “Think JDE” it’s hard to do anything else). However, after getting a better understanding of how the software works and why it makes the decisions that is does, I am very pleased.
It was a great tool to use during the security setup phase of our project, satisfy SOX compliance and provide reports to auditors to prove it.
Thanks, ALLOut!
You made me a believer.
Tags: e1, enterpriseone, EnterpriseOne - Security, jde, oracle, security, worldWho’s In That EnterpriseOne (E1) Role?
Filed under: EnterpriseOne - SQLs, EnterpriseOne - Security
One of the biggest things that the E1 security screens lack is the ability to see what users are in a particular group.
So, here is the SQL that you can use:
select * from sy811/f95921 where RLFRROLE = '<E1Role>'
Pretty simple… but, helpful!
Tags: e1, enterpriseone, EnterpriseOne - Security, EnterpriseOne - SQLs, security, sqlEnterpriseOne (E1) ERP Employee Self-Service
Filed under: EnterpriseOne - Install/Upgrade, EnterpriseOne - JAS (Java Application Server), EnterpriseOne - Security
We are starting a Employee Self-Service project in the next month or so. The overall goal of which is to provide a place where employees can view/change their personal information: address, phone number, W-4, dependants, etc. There are many application setup things that need to happen in order for this to be possible. Luckily for me, I don’t have to worry about the function setup, but am concerned about the technical stuff.
From a CNC perspective, this could be a nightmare. We’ve done a fairly decent job restricting the sprawl of our system to being very basic: 1 Enterprise Server, 1 Deployment Server, 1 JAS Server. Ok, maybe only having 1 JAS server isn’t really recommended but there are plans to add to that.
Anyway, there seems to be 4 basic hurdles to clear:
- What about the additional users that do not currently use E1?
Additional users, which have never seen E1 before, will be added to E1. To create the user profiles, we will either import from the Address Book (R0092) or enter them by hand. There will also be some security work to setup additional roles to access the Employee Self-Service stuff. Application support for these users will need to be coordinated with the PC Helpdesk, Human Resources and Payroll departments.
- How will the users be presented the application?
There seem to be 3 choices on this issue: 1) Use the portal. 2) Use the normal UI with a scaled down menu. 3) Setup our own web page that links to the applications using parameterized URLs.
Here is a quick rundown of why we decided on option 3:
- Option 1: adds system complexity; may cause a degradation in performance; lacking current in-house JAVA expertise for UI modifications
- Option 2: may confused users by presenting them with an unfriendly menu; no control over the UI
- Option 3: greatest control over the UI using current staff expertise; maintains system simplicity
- Can the users access it from home?
Now, this one worried me a little. However, I know that it can be done using SSL. I don’t exactly know how to do this, but shouldn’t be too difficult.
- What happens to the server during the last week of the Open Enrollment Period when everyone is making their selections?
There will be about a month out of the year that the system will be very heavily utilized, which may require additional JAS servers. That means setting up a cluster of Websphere servers, both horizontal and vertical. I’m not real excited about this either, but I know it can be done.
These three things really shouldn’t be too difficult to tackle, but could definitely cause some issues.
My main concern is numbers 3 & 4. I really don’t want to add anymore complexity that is required.
Then, I got wind of a project that was going on with our internet servers and MS SharePoint (I am a secondary administrator for the web servers and like to make sure I know what is going on in that arena). Anyway, they are testing Microsoft’s Internet Security and Acceleration (ISA) Server.
What is it? The following is from the ISA web site:
ISA Server 2006 is an integrated edge security gateway that helps protect IT environments from Internet-based threats while providing users fast and secure remote access to applications and data.
We’ve done some preliminary tests and have found that both issues 3 & 4 could be resolved using an ISA server without installing SSL or clustering Websphere.
Not too bad for Micro$oft!
Tags: cnc, e1, enterpriseone, EnterpriseOne - Install/Upgrade, EnterpriseOne - JAS (Java Application Server), EnterpriseOne - Security, jas, security, websphereYou’re Fired! …But You’re Still Here? – Cleaning EnterpriseOne (E1) Orphaned Records After Deleting a User Profile
Filed under: EnterpriseOne - SQLs, EnterpriseOne - Security
Have you ever had the need to delete a user’s profile, then find that there were tables where the deleted profile is still hanging around?
Well, to tell you the truth, I had never really thought of it before. Then, while trying to catch up on my reading, I ran across an article written by Mike Wright for JDETips. It was in the July/August 2007 issue and is titled: "Deleting EnterpriseOne® User Profiles".
In the article Mike explains that when deleting the user profile using the P0092 (Work With User/Role Profiles) records are deleting from a number of tables that tie back to the User/Role profile, including:
- F0092 – User/Role Profiles
- F00921 – User Display Preferences
- F00925 – User Access Definitions
- F00924 – User Install Packages
However, he also explains that there are some tables that require a more manual cleaning method:
- F986167 – Default Printers
- F98950 – User Overrides
- F00950 – Security Workbench
- F400951 – Default Branch Plant (I’m not sure what version of E1 Mike is working with but I was unable to find this file in 8.11 SP1)
He provides a method of keeping these tables clean by modifying the P0092 application.
That got me thinking about how to clean up those files because modifying the application would only maintain them. We have been "Live" on E1 for almost a year in both of our instances. So, I’m sure that we already have "orphaned" records that should be cleaned up. I put together the following SQL to check:
select * from sy811/f00950 where fsuser not in (select uluser from sy811/f0092) and fsuser <> '*PUBLIC' --exclude the *PUBLIC records and fsuser <> 'EXCLUSIVE' --exclude the exclusive security record
As you can see, I started with the Security Workbench table. You might as well check the most important one first. I also didn’t really care to see all of the *PUBLIC records so I got rid of those and the "Exclusive Security" record.
For the other tables, all you have to do is replace the table and field names:
- F986167 – dpuser
- F98950 – uouser
Also, please take note where the tables are located. The F00950 & F986167 are in the System library, so there will usually be only one of those tables. Where as, the F98950 table is located in Central Objects which will usually be located in at least 3 different libraries, one for each pathcode: COPD811, COPY811 & CODV811.
Now, where else would we maybe have orphaned records? How about the F0024 (Batch Approval / Post Security Table) or the F07209 (PayCycle Workbench – Execution Control Parameters)?
The F0024 looks like this:
select * from proddta/f0024 where ugusr1 not in (select uluser from sy811/f0092)
There are only 2 fields in this table and they are both full of user profile names. However, we only use the ugusr1 field because those are the people that have authority to post batches on behalf of the user listed in ugusr2. Field ugusr2 will probably be full of users that do not exist because someone has to have authority to post things entered by people who no longer work for us.
Now, F07209 is a little more complicated. This is the file that controls who can run the PayCycle Workbench processes. The problem with this SQL is that you have to search through 40 fields of user profile names to determine if there are any that are not valid. Hopefully, you don’t have too many payroll batches in your F07209 or this could take a while. If you have a better way of doing this, please let me know.
select * from proddta/f07209 where y@pui1 not in (select uluser from sy811/f0092) and y@pui1 <>'' or y@pui2 not in (select uluser from sy811/f0092) and y@pui2 <>'' or y@pui3 not in (select uluser from sy811/f0092) and y@pui3 <>'' or y@pui4 not in (select uluser from sy811/f0092) and y@pui4 <>'' or y@pui5 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@cui1 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@cui2 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@cui3 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@cui4 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@cui5 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@jui1 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@jui2 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@jui3 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@jui4 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@jui5 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@rui1 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@rui2 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@rui3 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@rui4 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@rui5 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@uui1 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@uui2 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@uui3 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@uui4 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@uui5 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@eui1 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@eui2 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@eui3 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@eui4 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@eui5 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@vui1 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@vui2 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@vui3 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@vui4 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@vui5 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@nui1 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@nui2 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@nui3 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@nui4 not in (select uluser from sy811/f0092) and y@pui5 <>'' or y@nui5 not in (select uluser from sy811/f0092) and y@pui5 <>''
Do you have other tables that you clean up after deleting a user profile that should be included?
Technorati Tags: e1,enterpriseone,erp,peoplesoft,oracle,jde,jd edwards
Tags: central objects, e1, enterpriseone, EnterpriseOne - Security, EnterpriseOne - SQLs, jd edwards, jde, oracle, peoplesoft, security, sql, version, xe
