Running Commands to Change Microsoft Windows Settings

Enable Remote Command Execution Through Microsoft PowerShell

From Microsoft PowerShell, use this command to enable remote command execution:

winrm quickconfig –q

Enable Inbound Ports in the Firewall

If you have the Microsoft Windows firewall enabled for any profile (public, private, default), which is recommended, in order for One-Click Provisioning to deploy to the Deployment Server and for JD Edwards EnterpriseOne runtime to function properly, you will need to explicitly open Inbound and Outbound ports.

Use this procedure to open the Inbound ports for each Microsoft Windows instance.

1. Go to Administrative Tools > Windows Firewall with Advanced Security.
2. In the left pane, highlight Inbound Rules.
3. In the right pane, Actions, Inbound Rules, click New Rule …
4. On Rule Type, select the Port radio button as the type of rule to create.
5. Click the Next button.
6. On Protocol and Ports:
   • You can accept the default value of TCP for the protocol to which this rule applies.
   • Choose the radio button for Specific local ports and, for each Windows Server, enter each of the ports shown in the following table, separated by a comma.
     

   Windows Server Firewall Port List
   Component	Inbound Ports to Open
   Deployment Server	445 3389 5150 5985 6017-6022 14502-14510

   
   The following example shows the ports you should specify for the Deployment Server.
   
   



7. Click the Next button.
8. On Action, you can accept the default value which is Allow the connection.
9. Click the Next button.
10. On Profile, select all firewall profile options (Domain, Private, Public).
11. Specify a name for the rule. For example, JDESMC_RDP
12. Click the Finish button to save the rule and exit the wizard.

Enable Outbound Ports in the Firewall

If you have the Microsoft Windows firewall enabled for any profile (public, private, default), which is recommended, in order for One-Click Provisioning to deploy to the Deployment Server and for JD Edwards EnterpriseOne run-time to function properly, you will need to explicitly open Inbound and Outbound ports.

Use this procedure to open the Outbound ports in your Microsoft Windows instance.

1. Go to Administrative Tools > Windows Firewall with Advanced Security.
2. In the left pane, highlight Outbound Rules.
3. In the right pane, Actions, click New Rule …
4. On Rule Type, select the Port option as the type of rule to create.
5. Click the Next button.
6. On Protocol and Ports:
   
   
   • You can accept the default value of TCP for the protocol to which this rule applies.
   • Choose the option for All remote ports.



7. On Action, you can accept the default value which is Allow the connection.
8. Click the Next button.
9. On Profile, select all firewall profile options (Domain, Private, Public).
10. Specify a name for the rule.
11. Click the Finish button to save the rule and exit the wizard.

Configure Settings for Ethernet Connections

You must configure settings for Ethernet connection to specify the domain name of the Domain Name System (DNS) for the Availability Domain to which all JD Edwards EnterpriseOne servers belong. 

For example, if your subnets look like that shown in the example below, you must configure your Network Settings using this procedure:

1. Open Network and Sharing Center.
2. On Ethernet settings, in Network > Connections, click Ethernet to open Ethernet Status.



3. On Ethernet Status, click the Properties button.
4. On Ethernet Properties, highlight this line: Internet Protocol Version 4 (TCP/IPv4) and click the Properties button.



5. On Internet Protocol Version 4 (TCP/IPv4) Properties, click the Advanced button.



6. On Advanced TCP/IP Settings, click to enable this option: Append these DNS suffixes (in order): and click the Add button.
7. On the TCP/IP Domain Suffix dialog, enter the value of the DNS Domain Name for your Availability Domain. For example, assuming your subnets were as shown in the preceding screen showing the subnets for each Availability Domain and all servers are created in sub0622506330.testdnsvcn.oraclevcn.com subnet, you would enter this value for the suffix:
   
   sub0622506330.testdnsvcn.oraclevcn.com
   
   
8. Click the Add button to add the DNS suffix.
9. Add this same subnet (in this example, sub0622506330.testdnsvcn.oraclevcn.com) in the field labelled DNS suffix for this connection.



10. Click the OK button to accept the values and exit the Network and Sharing Center.

Change Security Option

If you chose a user other than opc when for the One-Click Provisioning deployment of your Deployment Server, use this procedure to change the Microsoft Windows security option so that user will be recognized by JD Edwards EnterpriseOne.

1. Log in to the Deployment Server as the user you configured, which is other than the opc user.
2. Open the Microsoft Windows Local Security Policy program from Start > Run, or from a Command Prompt:
   
   secpol.msc
   
   
3. On Local Security Policy, navigate to Local Policies > Security Options.
4. Locate and edit this setting:
   
   Network Security: LAN Manager authentication level
   
   
5. Use the pulldown to select this setting:
   
   Send NTLM V2 response only
   
   

   

6. Click the Apply button to save the setting.
   

Change the Maximum Transmission Unit (MTU) Setting

The recommended MTU setting is 1500. Use this procedure to check, and if necessary change, the current MTU setting.

1. Open Windows PowerShell as Administrator and run this command (as a single contiguous line) to check current value of the MTU setting:
   
   Get-NetIPInterface | where {($_.InterfaceAlias -eq "Ethernet") -and ($_.AddressFamily -eq "IPv4") -and ($_.NlMtu -Gt 0)}
   
   
2. If the returned value is not set to 1500, run this command (as a single contiguous line) to set the MTU value to 1500:
   
   Get-NetIPInterface | where {($_.InterfaceAlias -eq "Ethernet") -and ($_.AddressFamily -eq "IPv4") -and ($_.NlMtu -Gt 0)} | Set-NetIPInterface -NlMtuBytes 1500