A.1 Frequently Asked Questions

You can refer to the Frequently Asked Questions, which are developed with interest to help you resolve some of the Investigation Toolkit Installation and configuration issues.

1. What happens when a case is opened by two different users who have different roles and mappings?
   • If two users have different roles mapped to two different notebook IDs, a case is opened with a different notebook for the two users.
   • If two users have different roles mapped to same notebook IDs, a case is opened with a same notebook for the two users.
   • User with multiple roles where each role is mapped with a different notebook, then the case is opened for the role with the highest precedence.
   • Two users open a case with different roles and different mapped notebooks at different point of time, then both users will see different notebooks for the same case.
2. How do I update mapping while an upgrade or customization is made in the case?
   In case of an upgrade, update notebook ID mappings in the FCC_CM_CTYPE_NB_MAPPING table.

   Note:

   When the user opens a case which is already opened by another user, then it clones the new notebook ID mapped to the role and opens the cloned notebook for the case.
3. What should I do if ORA_OLDS_SESSION cookie is missing when user login in Compliance Studio?

   To resolve the issue:

   1. Take copy of deployed folder for backup.
   2. Generate private and public key outside deployed folder and place it in the following directories.

      <COMPLIANCE_STUDIO_INSTALLATION_PATH>/mmg-home/mmg-studio/conf
      <COMPLIANCE_STUDIO_INSTALLATION_PATH>/batchservice/conf
      <COMPLIANCE_STUDIO_INSTALLATION_PATH>/mmg-home/mmg-load-to-graph/graphservice/conf
      <COMPLIANCE_STUDIO_INSTALLATION_PATH>/mmg-home/mmg-ui/conf

   3. Generate SSO token and update in config.sh file. The config.sh file directory is <COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin.
   4. Update cookie_domain value in config.sh file to snlhrprshared2.gbucdsint02lhr.oraclevcn.com.
   5. Reinstall compliance studio

      (./compliance-studio.sh --reinstall from <COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin)

   6. Complete post installation steps as per OFS Compliance Studio Installation Guide.
   7. Verify token in Nextgenemf_config table (if mismatch, then update manually and restart services).
4. What should I do if Compliance Studio - 8127* - ORA_OLDS_SESSION cookie is missing when user login in CS if DNS Alias (Domain) is used instead of the server domain?

   For example: Server name - test.server.oracle.com, DNS Alias name - test.server.dns.alias.oracle.com

   To resolve the issue:

   1. Take copy of deployed folder for backup.
   2. Update cookie_domain value in config.sh file to oracle.com. Since "oracle.com" is common between the server name and dns alias name, this will solve the problem of cookie creation.
   3. Since DNS Alias name will be used to hit the UI, make sure to change the value of HOSTNAME parameter from 'hostname -f' to "<DNS ALIAS NAME>" in the install.sh file inside path <COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin.

      Forexample: export HOSTNAME="test.server.dns.alias.oracle.com"

   4. Stop the Compliance studio instance.
   5. Reinstall compliance studio (./compliance-studio.sh --reinstall from <COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin.
   6. Make sure to check the cookie domain after the reinstall in the following directories.

      <COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin/deployed/mmg-home/bin/config.sh 
      <COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin/deployed/mmg-home/mmg-studio/bin/config.sh
      <COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin/deployed/mmg-home/mmg-studio/conf/application.yml
      <COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin/deployed/mmg-home/mmg-ui/conf/application.properties
      <COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin/deployed/mmg-home/mmg-ui/bin/config.sh

   7. Verify SSO_TOKEN in Nextgenemf_config table. The Compliance Studio schema if the SSO_TOKEN value is not present, please copy it from config.sh file from <COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin path.
   8. Start Compliance Studio.
5. How can we change color of the table cell?

   For html table, you can add template as follows.

   html template

   <td class="val-##BODY COLUMN##"> ##BODY
             COLUMN##</td>CSS:<div><style>.val-False
         {color: red;} .val-True {color:
         green;}</style></div>

   css template must be added in cs_ih_ext_srvc_summary_css_template table

   and add css_template_id it in cs_ih_ext_srvc_summary_html_template table.

6. What should I do if Compliance Studio - 8127* - ECM Investigation Toolkit Integration certificate Issue occurs?

   Issue - Certificate issue while accessing the Investigation Toolkit tab after opening a case from ECM.

   There could be a scenario where there is a difference in Java version between the Compliance Studio and the ECM (Application and Web Layer) server. For Ex - In compliance studio server it's JDK11.0.18 and in ECM sever (Both Application and Web Server) its Java 8.

   Solution: In order to resolve this the studio_server.p12 which is created in Compliance studio server has be created which supports Java8 as well. In order to do this below command has to be used during the creation of studio_server.p12 file. "-J-Dkeystore.pkcs12.legacy" parameter should be used in the key tool command.

   keytool -genkey -alias studio_server
             -keyalg RSA -keystore studio_server.jkskeytool -J-Dkeystore.pkcs12.legacy
             -importkeystore -srckeystore studio_server.jks -destkeystore studio_server.p12 -srcalias
             studio_server -srcstoretype jks -deststoretype pkcs12keytool -exportcert -keystore <Path of
             .p12 file >/<filename>.p12 -storetype PKCS12 -alias <alias> -file <Path where studiop.cer file
             should be created>/studiop.cerFor example:keytool -exportcert
           -keystore /scratch/fccstudio/CS_8126_Cloned_Patches/compStudio_15050706/OFS_COMPLIANCE_STUDIO/mmg-home/mmg-studio/conf/studio_server.p12
             -storetype PKCS12 -alias studio_server -file
           /scratch/fccstudio/CS_8126_Cloned_Patches/compStudio_15050706/OFS_COMPLIANCE_STUDIO/mmg-home/mmg-studio/conf/studiop.cerkeytool -importcert -keystore
             <JAVA_HOME>/lib/security/cacerts -storepass changeit -alias studio_server -file <Path of
             studiop.cer file created from about command>/studiop.cerFor example:
       keytool -importcert -keystore /scratch/fccstudio/jdk-11.0.22/lib/security/cacerts
           -storepass changeit -alias studio_server -file /scratch/fccstudio/CS_8126_Cloned_Patches/compStudio_15050706/OFS_COMPLIANCE_STUDIO/mmg-home/mmg-studio/conf/studiop.cer

   If user wants to delete the certificate from JDK then below command can be used. This could be helpful if user wants to reimport a new certificate in JDK.

   keytool -delete -noprompt -alias studio_server  -keystore
             "/scratch/fccstudio/jdk-11.0.22/lib/security/cacerts" -storepass
             "changeit"Also, the certificate needs to be imported in the Java
           security in ECM server for both Application server and Web server as
           follows.openssl pkcs12 -in studio_server.p12
             -nokeys -out server_cert.pemopenssl pkcs12 -in studio_server.p12
             -nodes -nocerts -out server_key.pem keytool -certreq -keystore
             studio_server.jks -alias studio_server -keyalg RSA -file
           client.csropenssl x509 -req -CA server_cert.pem
             -CAkey server_key.pem -in client.csr -out client_certificate.pem -days 365
             -CAcreateserialkeytool -import -file
             "/scratch/ofsaauser/BDECM8125P/Studio_Certificates/studio_1780_cpu_certificates/client_certificate.pem"
             -alias studio_server -keystore "/scratch/ofsaauser/jdk-11.0.19/lib/security/cacerts"
             -storepass "changeit"

   If user wants to delete the certificate from JDK then below command can be used. This could be helpful if user wants to reimport a new certificate in JDK.

   keytool -delete -noprompt -alias
               studio_server  -keystore
             "/scratch/ofsaauser/jdk-11.0.19/lib/security/cacerts" -storepass
             "changeit"

7. What should I do if Compliance Studio - 8127* - PGX Interpreter issue occurs?
   This is issue comes up when there is a change from Server name to the DNS ALIAS name and then the reinstall is triggered.

   Figure A-1 PGX Interpreter issue

   
   

   
   Description of "Figure A-1 PGX Interpreter issue"

   
   
   To resolve this issue:

   1. Navigate to the <OFS_COMPLIANCE_STUDIO_INSTALLATION_PATH>/bin directory and open compliance-studio.sh file.
   2. Navigate to line number 196 and view the export parameter PGX_INTERPRETER_OPTS.
   3. Change server name as DNS alias name in the PGX_INTERPRETER_OPTS parameter.

      For example: export PGX_INTERPRETER_OPTS="$PGX_INTERPRETER_OPTS -DAPP_BASE_NAME='pgx-interpreter' - Dgraph-service.url=https://<DNS ALIAS NAME>:7059/graph-service

8. What should I do if ECM Investigation Toolkit Integration issue occurs when Case ID is not passed automatically in the Investigation Toolkit notebook whenever a user opens a case for the first time?

   Issue - This is happening because the user which is logged in Datastudio/Compliance Studio is in lowercase and the same user is logged in ECM in uppercase.

   Solution - The user login is case sensitive so the user which is used for login has to be in same case for Data Studio/Compliance Studio and ECM.