Topics:
· Patch OFSAA Infrastructure Installation
· Stop the Infrastructure Services
· Create and Deploy the EAR/WAR Files
· EAR/WAR File - Build Once and Deploy Across Multiple OFSAA Instances
· Start the Infrastructure Services
· Access the OFSAA Application
· Configure the excludeURLList.cfg File
· Change the ICC Batch Ownership
· Configure Hive for Reconciliation Framework
· Excel Upload Mapping and Template
· Add TNS entries in the TNSNAMES.ORA File
· Create and Deploy the Application Pack Web Archive
· Configure Transparent Data Encryption (TDE) and Data Redaction in OFSAA
· Implement Data Protection in OFSAA
Sl. No. |
Post-installation Activity |
|---|---|
1 |
Verify that all patches are successfully installed. |
2 |
Backup the OFS_DM_SCHEMA_IN.xml, OFS_DM_SCHEMA_OUTPUT.xml, and Silent.props Files. |
3 |
Stop the OFSAA Infrastructure services. |
4 |
Create and deploy EAR/WAR files. |
5 |
Deploy EAR/WAR files across multiple OFSAA instances |
6 |
Assign grants for schemas |
7 |
Start the OFSAA Infrastructure services. |
8 |
Access the OFSAA Application. |
9 |
Configure the excludeURLList.cfg file . |
10 |
Configure Tomcat |
11 |
Change the ICC Batch Ownership |
12 |
Configure Hive for Reconciliation Framework |
13 |
Excel upload mapping and template. |
14 |
Add TNS entries in the TNSNAMES.ORA File |
15 |
Configure Data Source |
16 |
Create and Deploy the Application Pack Web Archive |
17 |
Configure Transparent Data Encryption (TDE) and Data Redaction in OFSAA |
18 |
Implement Data Protection in OFSAA |
Oracle strongly recommends installing the latest available patch set so that you are up-to-date with the various releases of OFSAA products.
Apply the following mandatory patch:
ยท 33663417
ATTENTION:
On the 10th of December 2021, Oracle released Security Alert CVE-2021-44228 in response to the disclosure of a new vulnerability affecting Apache Log4J prior to version 2.15. The application of the 33663417 Mandatory Patch fixes the issue.
For details, see the My Oracle Support Doc ID 2827801.1.
For patch download information, see the Download the OFSAAAI Applications Pack Installer and Patches section in Pre-installation for a new installation and in Upgrade for an upgrade installation.
See Oracle Support for more information on the latest releases.
Backup the OFS_DM_SCHEMA_IN.xml, OFS_DM_SCHEMA_OUTPUT.xml, and the Silent.props files so you can reuse them in the future to upgrade existing apps or install new apps.
File Name |
Directory |
|---|---|
OFS_DM_SCHEMA_IN.xml |
/OFS_DM_PACK/schema_creator/conf |
OFS_DM_SCHEMA_OUTPUT.xml |
/OFS_DM_PACK/schema_creator |
Silent.props |
/OFS_DM_PACK/appsLibConfig/conf |
See Stop the Infrastructure Services in the OFS AAI Release 8.1.0.0.0 Installation and Configuration Guide for details.
See Create and Deploy the EAR/WAR Files in the OFS AAI Release 8.1.0.0.0 Installation and Configuration Guide for details.
See EAR/WAR File - Build Once and Deploy Across Multiple OFSAA Instances in the OFS AAI Release 8.1.0.0.0 Installation and Configuration Guide for details.
Topics:
· Grants on Config Schema Entities for Atomic Users
Atomic Schema creation requires certain grants for object creation. This can be located in the $FIC_HOME/privileges_atomic_user.sql file
grant create SESSION to &database_username
/
grant create PROCEDURE to &database_username
/
grant create SEQUENCE to &database_username
/
grant create TABLE to &database_username
/
grant create TRIGGER to &database_username
/
grant create VIEW to &database_username
/
grant create MATERIALIZED VIEW to &database_username
/
grant olap_user to &database_username
/
grant select on SYS.V_$PARAMETER to &database_username
/
grant create SYNONYM to &database_username
/
NOTE:
If you intend to use Oracle OLAP feature, execute the following grant on all ATOMIC schema(s):
grant olap_user to &database_username
Config Schema creation requires certain grants for object creation. This can be located in the $FIC_HOME/privileges_config_user.sql file
The following are the grants for the Config schema:
grant create SESSION to &database_username
/
grant create PROCEDURE to &database_username
/
grant create SEQUENCE to &database_username
/
grant create TABLE to &database_username
/
grant create TRIGGER to &database_username
/
grant create VIEW to &database_username
/
grant create MATERIALIZED VIEW to &database_username
/
grant olap_user to &database_username
/
grant select on SYS.V_$PARAMETER to &database_username
/
grant create SYNONYM to &database_username
/
Atomic Schema creation requires certain grants for Config schema object access. This can be located in the $FIC_HOME/config_table_privileges_for_atomic_user.sql file.
See Start the Infrastructure Services in the OFS AAI Installation and Configuration Guide for details.
To access the OFSAA application, follow these steps:
1. In the web browsers Address field and enter the URL in the following format:
<scheme>://<IP address/ hostname>:<port>/<context-name>/login.jsp
For example, https://192.0.2.2:8090/ofsaa/login.jsp
The OFSAA Login window is displayed.
You can also log in with the hostname instead of the IP address. To do this, it is necessary to have the hostname mapped to the IP address in the hosts file the client Windows machine. The hosts file is in %systemroot%\system32\ drivers\etc\ directory.
Figure 7: OFSAA Login Window
With the installation of every OFSAA application pack, a couple of seeded user profiles are configured in the system:
§ SYSADMN System Administrator
§ SYSAUTH System Authorizer
The SYSADMN and SYSAUTH users are configured with a default password, which you will require to log in for the first time. See the MOS Doc ID: 2691681.1 for the password.
2. Log in to the application using the "SYSADMN" User ID and the default password. After the first login, you must change the password.
ATTENTION:
The password change is required only for a new installation scenario and not in case of an upgrade.
On successful login, the OFSAA Landing screen is displayed. This is a common landing page for all users until a preferred application landing page is set by the user.
Figure 8: OFSAA Landing screen
The OFSAA landing screen shows the available applications, for which the logged in user has access. Click the required application icon to launch that application. You can change the landing page based on your preference.
Topics:
· Header
Figure 9: User Interface Components
· Navigation Menu: This icon is used to trigger the Application Navigation Drawer.
· Application Icon: This icon is used to show the available applications installed in your environment at any time.
· Administration Icon: This icon is used to go to the Administration window. The Administration window displays modules like System Configuration, Identity Management, Database Details, manage OFSAA Product Licenses, Create New Application, Information Domain, Translation Tools, and process Modelling Framework as Tiles.
· Reports Icon: This icon is used to launch various User Reports such as user Status Report, User Attribute Report, User Admin Activity Report, User Access Report, and Audit Trial Report.
· Language Menu: It displays the language you selected in the OFSAA Login screen. The language options displayed in the Language Menu are based on the language packs installed in your OFSAA instance. Using this menu, you can change the language at any point in time.
· User Menu: Clicking this icon displays the following menu:
Figure 10: User Menu
§ Preferences: To set the OFSAA Landing page.
§ Change Password: To change your password. For more information, see the Change Password section in the OFS AAI User Guide. This option is available only if SMS Authorization is configured.
§ Log Out: To log out of OFSAA applications.
§ Last Login Details: This displays the last login details as shown:
1. Click the
Navigation menu 
to launch the Navigation
Drawer as shown:
Figure 11: Navigation Drawer
Here the navigation items appear as a list. The First Level menu shows the installed applications. Clicking an application displays the second-level menu with the Common Tasks and Application Name menus. The arrangement of the menu depends on your installed application.
2. Clicking an item in the menu displays the next level sub-menu and so on. For example, to display Data Sources, click Common tasks, then select Unified Analytical Metadata, then select Data Management Tools, and then select Data Sources.
Figure 12: Navigation Drawer Menus and Submenus
3. Click 
Hierarchical
Menu to display the navigation path of the current submenu as shown:
Figure 13: Navigation Submenu
4. The RHS content
area shows the Summary page of Data Sources. Click anywhere in the content
area to hide the Navigation Drawer. To launch it back, click the Navigation
menu .
5. Click Home to display the OFSAA Landing screen.
The Administration and Configuration section allows System Administrators to configure Server details, Database details, OLAP details, and Information Domain along with the other Configuration processes such as segment and metadata mapping, and mapping segment to security. System Configuration is mostly an onetime activity which helps the System Administrator make the infrastructure system operational for usage.
Click the Administration Icon
from the header to display
the Administration tools in the Tiles menu. Click System
Configuration from the Tiles menu to view a submenu list.
NOTE:
After you have accessed a tool from the submenu, the
options are also available in the Navigation List to the left. Click the
Navigation menu 
to
access the Navigation List.
Figure 14: System Configuration Submenu
You (System Administrator) must have full access rights to ftpshare directory with appropriate User ID and password to add and modify the server details.
System Configuration consists of the following sections.
· Database Server
· Application Server
· Web Server
· Database Details
· OLAP Details
· Information Domain
· Configuration
· Create Application
See Configure the excludeURLList.cfg File in the OFS AAI Installation and Configuration Guide for details.
To stop generating static content with one print statement per input line, you must configure the web.xml file.
To configure the web.xml file, perform the following steps:
1. Navigate to the tomcat/conf directory.
2. Edit the web.xml file as follows:
3. Set the mapped file parameter to False in the servlet tag mentioned with:
<servlet-name>jsp</servlet-name>.
<init-param>
<param-name>mappedfile</param-name>
<param-value>false</param-value>
</init-param>
By default, all seeded batches are created with SYSADMN as the owner. Update this with the username of the user who is responsible for maintaining the batches.
To do this, execute the following procedure in the config schema:
--------------------------------------------------------------------------------------------------------------
begin
AAI_OBJECT_ADMIN.TRANSFER_BATCH_OWNERSHIP('fromUser','toUser','infodom;
end;
OR
begin
AAI_OBJECT_ADMIN.TRANSFER_BATCH_OWNERSHIP('fromuser','touser');
end;
--------------------------------------------------------------------------------------------------------------
Where:
· fromUser indicates the user who currently owns the batch
· toUser indicates the user to whom the ownership must be transferred
· infodom is an optional parameter. If specified, the ownership of the batches of that infodom will be changed.
Topics:
Populate the AAI_DMT_DB_CLUSTER_PROPERTY table in the config schema to point to the Livy URL against all the infodoms being used. Duplicate the entries for each infodom.
V_DB_CLUSTER_ID |
V_PROPERTY_NAME |
V_PROPERTY_VALUE |
|---|---|---|
<INFODOMNAME> |
LIVY_AUTH_TYPE |
DEFAULT |
<INFODOMNAME> |
LIVY_SERVICE_URL |
In the case of Hybrid deployment, the following are the Hive configurations:
· Copy the hive-site.xml from the hive conf directory to the SPARK2 conf directory.
For example.
cp /etc/hive/conf.cloudera.hive/hive-site.xm /etc/spark2/conf.cloudera.spark2_on_yarn
· Edit the file to have the following entry in SPARK2 conf.
In Hive conf |
In spark conf |
|---|---|
<property> <name>hive.metastore.warehouse.dir</name> <value>/user/hive/warehouse</value> </property> |
<property> <name>spark.sql.warehouse.dir</name> <value>/user/hive/warehouse</value> </property> |
NOTE:
For additional information see the OFS AAI Installation and Configuration guide from the OHC Documentation Library.
To perform Excel upload mapping, follow these steps:
1. Copy the ExcelUpload directory present in the $FICHOME/CIRCA/ExcelUpload directory.
2. Change the name of the directory named as the infodom in ExcelUpload to the respective infodom name.
3. Copy the ExcelUpload directory to the ftpshare/STAGE directory.
4. Create the STAGE directory in <TOMCAT_HOME>.
5. Copy the ExcelUpload directory to the STAGE directory in <TOMCAT_HOME>.
Add TNS entries in the tnsnames.ora file for every schema created for the application pack.
To find the tnsname for the entries, follow these steps:
1. Log in to the application using System Administrator privileges.
2. Navigate to the System Configuration & Identity Management tab.
3. Click Administration and Configuration, select System Configuration, and click Database Details.
4. Expand Name to get the list of TNS entry names.
Alternatively, you can connect to the CONFIG schema and execute the following query:
select dbname from db_master where dbname !='CONFIG'
· Create a connection pool in the Information Domain. For more information, see the OFS AAI Release 8.1.0.0.0 Installation and Configuration Guide.
· JNDI name of the connection pool must be <res-ref-name> as mentioned in the web.xml file. Example: jdbc/OFSINFDOM
· Create and deploy the web components into the webserver. For more information on deploying the web components, see the OFS AAI Release 8.1.0.0.0 Installation and Configuration Guide.
· The following tag must be added manually in web.xml if not already present in the web.xml file.
-----------------------------------------------------------------------
<resource-ref>
<!-- description>DB Connection INFODOM</description -->
<res-ref-name>jdbc/ INFODOM</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
-------------------------------------------------------------------------------------------------------
On successful installation of the OFSAA application pack, the web archive file is automatically generated. However, you need to deploy the generated web archive file on the Web Application Server.
To identify the location of the generated web archive file and to generate and deploy the web archive file any time later, refer to the Create and Deploy EAR/WAR File section in the OFS AAI Installation and Configuration Guide.
NOTE:
See the Oracle Financial Services Forms Manager User Guide for instructions on Creating and Deploying the Forms Manager Web Archive.
Oracle Advanced Security comprises Transparent Data Encryption and Oracle Data Redaction. For more information, see the Configure Transparent Data Encryption (TDE) and Data Redaction in OFSAA section.
See the Oracle Financial Services Data Foundation Application Pack Data Protection Implementation Guide Release 8.1.x.0.0 for details.
In an integrated environment, where you have multiple applications installed on the same domain or infrastructure, OFSAAI allows you to see the other licensed applications through the UI. For more information, see the View OFSAA Product Licenses after Installation of Application Pack in the OFS Analytical Applications Infrastructure User Guide Release 8.1.0.0.0.