1. Deploying JD Edwards EnterpriseOne on Microsoft Windows with Oracle Database Learning Path
  2. Performing Common Setup for All Microsoft Windows Servers

Performing Common Setup for All Microsoft Windows Servers

This section describes the setup tasks that must be performed on each Microsoft Windows-based server.

This section describes these common setup tasks that must be performed on all Linux servers that are deployed by JD Edwards EnterpriseOne One-Click Provisioning:

  1. General
  2. Enable Remote Command Execution
  3. Enable Inbound Ports in the Firewall
  4. Enable Outbound Ports in the Firewall
  5. Change Security Option

Prerequisite

  • You must have a Microsoft Windows server for all servers that will be deployed by JD Edwards EnterpriseOne One-Click Provisioning. At a minimum, this includes the Provisioning Server, Database Server, Enterprise Server, WebLogic Server, and Deployment Server.

General

The following general prerequisites are required for each Microsoft Windows server:

  1. Ensure that hostname for the server contains only alphanumeric values. Special characters are not allowed.

  2. All servers in provisioning cycle must be configured with same Microsoft Windows user name and credentials, where the user name must be opc. This common user must have administrator rights.; that is, it must be part of the Administrator group.

    Note:

    JD Edwards EnterpriseOne One-Click Provisioning specifically supports only these special characters for Windows user passwords:

    _@~!#%*+(){}[].?

  3. If you change the password on any single machine in the provisioning cycle, you must likewise change the password on all other machines in with the new password and reboot the Provisioning Server to recognize those changes.

Enable Remote Command Execution

From PowerShell, use this command to enable remote command execution:

winrm quickconfig –q

Enable Inbound Ports in the Firewall

If you have the Microsoft Windows firewall enabled for any profile (public, private, default), which is recommended, in order for One-Click Provisioning to deploy to the Deployment Server in the Microsoft Windows instance in Oracle Cloud Infrastructure and for JD Edwards EnterpriseOne runtime to function properly, you will need to explicitly open Inbound and Outbound ports.

Use this procedure to open the Inbound ports for each Microsoft Windows instance.

  1. Go to Administrative Tools > Windows Firewall with Advanced Security.
  2. In the left pane, highlight Inbound Rules.
  3. In the right pane, Actions, Inbound Rules, click New Rule …
  4. On Rule Type, select the Port radio button as the type of rule to create.
  5. Click the Next button.

  6. On Protocol and Ports:

    • You can accept the default value of TCP for the protocol to which this rule applies.
    • Choose the radio button for Specific local ports and, for each Windows Server, enter each of the ports shown in the following table, separated by a comma.
    Windows Server Firewall Port List
    Component Inbound Ports to Open

    Provisioning Server

    445

    3000

    3389

    5150

    5985

    8998-8999

    7000-7001

    14501-14502

    Database Server

    445

    3389

    5150

    5985

    <DB_PORT>

    Note:

    For SQL Server database, this is the value the user provides using the Provisioning Console.

    14502-14510

    Enterprise Server

    445

    3389

    5150

    5985

    6017-6022

    14502-14510

    Web Server

    445

    3389

    5150

    5985

    <WLS_ADMIN_PORT> See Note 1

    <SSL_ACCESS_PORT> See Note 2

    <SSL_ACCESS_PORT-1> See Note 3

    14502-14520

    Deployment Server

    445

    3389

    5150

    5985

    6017-6022

    14502-14510
Note:

Note 1: This is the Admin Port on which the Admin Server is running. This value is set by the user while creating a WebLogic domain.

Note 2: This SSL port must be opened to enable the Server Manager Console to complete the tasks.

Note 3: This port number is equal to value of the SSL port minus one. This port must be opened to enable the Server Manager to complete the provisioning tasks. For example, if you have specified the port value as 8081 in the One-Click Provisioning Console, you must open 8080 port (8081-1). Also, you must open a port for each of the WebLogic Servers on Oracle Cloud Infrastructure. For example, if you have the following environments and server combinations, you should open eight ports: four ports for SSL for the port numbers specified by using the Provisioning Console, and four ports for non-SSL. The value of the ports for non-SSL should be the value of the SSL port minus one.
  • DV HTML
  • PD HTML
  • DV AIS
  • PD AIS

The following example shows the ports you should specify for the Provisioning Server, where the complete list is truncated by the visible input field. Windows Firewall - Inbound Ports

  1. Click the Next button.
  2. On Action, you can accept the default value which is Allow the connection.
  3. Click the Next button.
  4. On Profile, select all firewall profile options (Domain, Private, Public).
  5. Specify a name for the rule. For example, JDESMC_RDP
  6. Click the Finish button to save the rule and exit the wizard.

Enable Outbound Ports in the Firewall

If you have the Microsoft Windows firewall enabled for any profile (public, private, default), which is recommended, in order for One-Click Provisioning to deploy to the Deployment Server in the Microsoft Windows instance and for JD Edwards EnterpriseOne runtime to function properly, you will need to explicitly open Inbound and Outbound ports.

Use this procedure to open the Outbound ports in your Microsoft Windows instance.

  1. Go to Administrative Tools > Windows Firewall with Advanced Security.
  2. In the left pane, highlight Outbound Rules.
  3. In the right pane, Actions, click New Rule …
  4. On Rule Type, select the Port radio button as the type of rule to create.
  5. Click the Next button.

  6. On Protocol and Ports:

    1. You can accept the default value of TCP for the protocol to which this rule applies.
    2. Choose the radio button for All remote ports.
    Windows Firewall - Outbound Ports
  7. On Action, you can accept the default value which is Allow the connection.
  8. Click the Next button.
  9. On Profile, select all firewall profile options (Domain, Private, Public).
  10. Specify a name for the rule.
  11. Click the Finish button to save the rule and exit the wizard.

Change Security Option

If you chose a user other than opc for the One-Click Provisioning deployment of your Deployment Server, use this procedure to change the Microsoft Windows security option so that user is recognized by JD Edwards EnterpriseOne.

  1. Log in to the Deployment Server as the user you configured, which is other than the opc user.

  2. Open the Microsoft Windows Local Security Policy program by going to Start and selecting Run, or by using this Command Prompt:

    secpol.msc

  3. On the Local Security Policy window, navigate to Local Policies and select Security Options.

  4. Locate and edit this setting:

    Network Security: LAN Manager authentication level

  5. Use the drop-down listto select this setting:

    Send NTLM V2 response only

    Local Security Policy
  6. Click the Apply button to save the setting.