Hi Duncan. Thanks for sharing a great video. I followed commands at git and instruction in this video. Somehow for me configure step of container bash configure ent1.sh fails when it tries to setGateway

• bash /root/ConfiguringSiebel/Containerization/Docker/ol7/manage/scripts/automate-architecture/smc/setGateway -u sadmin -p sadmin -g cgw-ENT2.company.com -h 4430 -a localhost -b 443
  I get error during REST Call.
  {"CGHostURI":"cgw-ENT2.company.com:4430"}

• About to connect() to localhost port 443 (#0)
• Trying 127.0.0.1...
• Connected to localhost (127.0.0.1) port 443 (#0)
• Initializing NSS with certpath: sql:/etc/pki/nssdb
• skipping SSL peer certificate verification
• SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
• Server certificate:

•   subject: CN=*.company.com
  

•   start date: Aug 26 07:07:04 2019 GMT
  

•   expire date: Aug 23 07:07:04 2029 GMT
  

•   common name: *.company.com
  

•   issuer: CN=my-custom-ca
  

POST /siebel/v1.0/cginfo HTTP/1.1
User-Agent: curl/7.29.0
Host: localhost
Accept: /
Content-Length: 41
Authorization: Basic c2FkbWluOnNhZG1pbg==
Content-Type: application/json

• upload completely sent off: 41 out of 41 bytes
  < HTTP/1.1 500
  < Access-Control-Allow-Origin: *
  < Content-Type: text/html;charset=utf-8
  < Content-Language: en
  < Content-Length: 1081
  < Date: Tue, 24 Sep 2019 07:32:51 GMT
  < Connection: close
  <
  <!doctype html><title>HTTP Status 500 – Internal Server Error</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style>

  HTTP Status 500 – Internal Server Error

  ---

  Type Status Report

  Message Internal Server Error

  Description The server encountered an unexpected condition that prevented it from fulfilling the request.

  <hr c* Closing connection 0
  lass="line" />

  Apache Tomcat/8.5.12

  + exit

Error from CommonTrace.log of SAI tomcat is this. Why am I missing this siebsrvr properties files. When I google it says, I should have javacontainer folder, but my container does not have it. Any glue what I am missing. In case you need any config , script file please ask.

regards Dilip
2019-09-24 08:49:44,173 [ERROR] - com.siebel.swsm.config.CloudSourcedConfigReader:getCGHeartBeatWithResponse Error occured while parsing siebsrvr property file or config data is missing in that fileA JSONObject text must begin with '{' at character 1 of <!doctype html><title>HTTP Status 404 – Not Found</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style>

HTTP Status 404 – Not Found

Type Status Report

Message /siebel/v1.0/cloudgateway/heartbeat

Description The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.

Apache Tomcat/8.5.12

Hi.

Thanks for adding so much detail. Sadly there's nothing obvious sticking out. You're coming to a halt on step 1 of SMC configuration, and the most likely reason for failure at this stage is related to certificates or machine naming.

Can you clean down and restart, and during the execution of startAll, please provide all output. This will allow me to see the network-aliases being assigned during docker run.

You could also try to get into the SAI container and ping the CGW container at the address configured, which is cgw-ENT2.company.com.

docker exec -it sai-ENT2 bash
ping cgw-ENT2.company.com

You may need to connect as root to the container to achieve the ability to run ping.

For completeness, please also past your configuration script (i.e. ent1.sh).

You are right, it is related to either network or permission.
One quick question on this, should cgw and ses containers export any port?

Ping seems to work
[root@sai-ENT2 /]# ping cgw-ENT2.company.com
PING cgw-ENT2.company.com (172.20.0.3) 56(84) bytes of data.
64 bytes from cgw-ENT2.siebelnet (172.20.0.3): icmp_seq=1 ttl=64 time=0.477 ms
64 bytes from cgw-ENT2.siebelnet (172.20.0.3): icmp_seq=2 ttl=64 time=0.118 ms
64 bytes from cgw-ENT2.siebelnet (172.20.0.3): icmp_seq=3 ttl=64 time=0.093 ms
64 bytes from cgw-ENT2.siebelnet (172.20.0.3): icmp_seq=4 ttl=64 time=0.109 ms
64 bytes from cgw-ENT2.siebelnet (172.20.0.3): icmp_seq=5 ttl=64 time=0.131 ms
64 bytes from cgw-ENT2.siebelnet (172.20.0.3): icmp_seq=6 ttl=64 time=0.132 ms
64 bytes from cgw-ENT2.siebelnet (172.20.0.3): icmp_seq=7 ttl=64 time=0.107 ms
^C
--- cgw-ENT2.company.com ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6002ms
rtt min/avg/max/mdev = 0.093/0.166/0.477/0.128 ms

ent2.sh
[root@siebelvm1 launch-siebel]# cat ent2.sh
ROOT=/root/ConfiguringSiebel/Containerization/Docker/ol7/manage/scripts/automate-architecture
PV=/var/lib/docker/volumes
CONTAINERBASE=localhost:5000/siebel
DOMAIN=company.com
ENTERPRISE1=ENT2
DBHOST=oracle12c
DBPORT=32829
DBINST=ORCLCDB.localdomain
TNSCONN=ORCLCDB
DOCKERNET=siebelnet
TBLO=SIEBEL
PORT=443
USER=SADMIN
PASSWD=Welcome1
GWUSER=SADMIN
GWPASSWD=Welcome1
ANONUSER=SADMIN
ANONPASS=Welcome1
RUNASUSER=9999
ENTPROFILE=ENT
HWSERVER=localhost
COMPGRPS=callcenter,siebelwebtools,eai
SES1SERVERNAME=localhost

readonly compsToManual=(
'BusIntBatchMgr'
'CustomAppObjMgr_enu'
'SServiceObjMgr_enu'
'eServiceObjMgr_enu'
'JMSReceiver'
'InfraEAIOutbound'
'SMQReceiver'
'MSMQRcvr'
'MqSeriesSrvRcvr'
'MqSeriesAMIRcvr'
'JMSReceiver'
'EIM'
'CustomAppObjMgr_enu'
'BusIntMgr'
'BusIntBatchMgr'
)

CGW and SES don't need to expose any ports in the basic setup. For more complex setups you can do this, but here it's not required. As the containers are all in the same docker network, they have unlimited access to each other's ports.

You might want to check now that the error really is identical to the one you would get via SMC.

Connect to https:///siebel/smc

Login with sadmin/sadmin

Try to setup the cgw host there as cgw-ENT2.company.com:4430 and it should also fail, effectively duplicating the results from the direct REST call.

Yes you are right. It happens from UI too. I did try that and for cgw-ENT2.company.com:4430 server I get error that siebsrv property file is missing. Should I have javacontainer folder under /siebel/sai folder ? I have only applicationcontainer and applicationinterface. I am unable to find this above property file which LOG file says is missing.

applicationcontainer is the javacontainer folder

I wouldn't worry about the error.

If you've followed the process, you have an identical container to me and it should work the same.

Are you doing this on OEL?

Can you do a complete clean down and retry?

• Stop containers
• Empty persistent volume folders under ENT2
• Start containers (capture startAll output and post here please)
• Double check the persistent folders under ENT2 are populated after startup. Look specifically for SAI/applicationcontainer/siebelcerts
• Try to get by step 1 from SMC (once this works you'll be able to clear down again and run through configure)

I am doing on Red Hat. I will try cleaning again.
In which scripts are we using these variables COMPGRPS=callcenter,siebelwebtools,eai
and readonly compsToManual.

COMPGRPS is used to create the server profile

https://github.com/OracleSiebel/ConfiguringSiebel/blob/master/Containerization/Docker/ol7/manage/scripts/automate-architecture/launch-siebel/configure#L55

readonly compsToManual is more complicated to explain, and won't be present in the final version, so please don't be concerned with it. I used it as a workaround to a separate issue that will ultimately be resolved within a few more releases.

https://github.com/OracleSiebel/ConfiguringSiebel/blob/master/Containerization/Docker/ol7/manage/scripts/automate-architecture/launch-siebel/configure#L59

hmm, So problem is really with how come that file siebsrrv is missing. Any clue on how to debug this?
One more point. In your video I see /siebel/DB_JARS being created , but in my case, this statement did not come, so I had to change dockerfile and create this directory.
Since CGW and SES are extending from
ARG DBCONTAINER=registry.local.com:5000/oracle/database-instantclient/32bit:12.2.0.1
FROM ${DBCONTAINER}
Where is your DB Server, I believe this above container is only sqlplus client. Right? Please confirm.
I am putting oracle server content from https://hub.docker.com and then extending from that container. But still I do not see why this property file siebsrvr is missing.

==>
2019-09-24 08:49:44,173 [ERROR] - com.siebel.swsm.config.CloudSourcedConfigReader:getCGHeartBeatWithResponse Error occured while parsing siebsrvr property file or config data is missing in that fileA JSONObject text must begin with '{' at character 1 of <!doctype html><title>HTTP Status 404 – Not Found</title>
==>

Perhaps it's not missing and the log file is reporting incorrectly.

I have no scope to re-test the build at present on Redhat. If you can, you might try exactly duplicating what you see in the video, on OEL. If you still have issues, we can look into it. If not, I have no tools to debug what may be different on Redhat, though I do have reports of others having success with that, so they clearly had the facility to complete diagnoses themselves.

CGW and SES extend from the instantclient install as the servers need to be able to talk to the database and my testing is with the Oracle DB. I have tested against the Oracle DB container from Docker Hub.

I don't see why you're extending from the oracle server. The tools supplied give you the means to install the instantclient. I didn't test with the method you're using and cannot supply the time to debug that method.

hmm, I did check the file inside applicationcontainer. I will use instant client and extend from that. Let me try that, Thanks a lot for clarifying my doubts.

We may be inadvertently creating support by adding in libraries at this layer:

https://github.com/OracleSiebel/ConfiguringSiebel/blob/master/Containerization/Docker/ol7/build/32-bit_instantclient_12c/dockerfile#L13

It would definitely be best if you followed along exactly, at least initially, and built the instant client yourself with the installation media from the links supplied.

As always with these things, there can be so many variables that can stand in the way of success.

hmm, but those libraries failed to install for me as I have x64 architecture.
One more clarification, Do I need to use update package? Or is that only to bring Siebel to 19 version. If yes, Can you please update package media URL of https://support.oracle.com. I tried everything to search for update package but could not find it there.

That's only to bring it to which ever update you need. In theory you could just leave it at 17 and run with that. I'm not sure what you mean about updating the URL. You have to start by logging in to support at that address, then navigate to Patches and Updates and query for the latest update in the same way you normally would to obtain an update. In any case, as mentioned, this is not required and you could run on base IP17. You will still need to apply the persistence layer to that.

Persistence I have completed. That normal way is not working for me. Let me try again once I get 17 IP working.

I checked the message again, and looks like /siebel/v1.0/cloudgateway/heartbeat is not there. Which component install this part.

I've never needed to find out before. Have you started from scratch with an OEL install and followed the instructions precisely to create a baseline yet? Once you've done that you will more easily be able to understand the differences between that method and the method you are attempting.

on RHEL is this needed
yum install kernel-uek-devel-$(uname -r)?

I never used RHEL so I don't know.

Hi Duncan,

ok. When I try to install oracle instantclient container I get below error because of which I commented line #libstdc++.i686 \ of docker file during installation of oracle-instantclient
How will this impact the container?
regards Dilip
--> Finished Dependency Resolution
^[[91mError: Multilib version problems found. This often means that the root
cause is something else and multilib version checking is just
pointing out that there is a problem. Eg.:

     1. You have an upgrade for libstdc++ which is missing some
        dependency that another package requires. Yum is trying to
        solve this by installing an older version of libstdc++ of the
        different architecture. If you exclude the bad architecture
        yum will tell you what the root cause is (which package
        requires what). You can try redoing the upgrade with
        --exclude libstdc++.otherarch ... this should give you an error
        message showing the root cause of the problem.

     2. You have multiple architectures of libstdc++ installed, but
        yum can only see an upgrade for one of those architectures.
        If you don't want/need both architectures anymore then you
        can remove the one with the missing update and everything
        will work.

     3. You have duplicate versions of libstdc++ installed already.
        You can use "yum check" to get yum show these errors.

   ...you can also use --setopt=protected_multilib=false to remove
   this checking, however this is almost never the correct thing to
   do as something else is very likely to go wrong (often causing
   much more problems).

   Protected multilib versions: libstdc++-4.8.5-39.0.1.el7.i686 != libstdc++-4.8.5-36.0.1.el7_6.2.x86_64

^[[0mThe command '/bin/sh -c yum -y install ksh tcsh libstdc++.i686 glibc.i686 libaio.i686 && yum -y localinstall oracle-instantclient12.2-.i386.rpm && yum clean all && rm -rf /var/cache/yum/x86_64 && rm -rf /var/cache/yum/i686 && rm oracle-instantclient12.2.rpm && ln -s /usr/lib/oracle/12.2/client/lib/libclntsh.so.12.1 /usr/lib/oracle/12.2/client/lib/libclntsh.so && chmod 777 /config/tnsnames.ora' returned a non-zero code: 1

It will probably not work without it. Are you doing this on OEL or RHEL. I really recommend you get baseline success on OEL before trying to get it working with something I've never tried. I don't have the time to investigate an RHEL install right now. The errors you're seeing are ones that's I've come across and you can find solutions to them by Googling, but I can't, in all honestly, claim to be an expert with multilib installs. I do know that you should not encounter this problem if you follow the instructions to the letter.

ok. Thanks for putting this doubt to rest.

Sorry to disturb you a lot. Do I also need to install Virtual Box on OEL?

No. OEL would be installed in VirtualBox, which you install on whatever your preferred host OS is.

Hi Duncan,
Does your oracle DB server has all siebel things already installed. Can you please share details on how to install siebel DB server.

regards Dilip

We're unable to share a simplified database setup here in the public domain. You'll need to go through the standard model to install the DB, which is detailed in Siebel Bookshelf. You can opt to install a standard DB, or you can use the containerised Oracle DB from DockerHub.

https://docs.oracle.com/cd/E63029_01/books/SiebInstWIN/SiebInstCOM_ConfigDB11.html

I can offer no guidance on this here. Create an SR if you run into issues. Simplified database setup will be available via MOS at a later date where a pluggable Oracle DB will be provided to accelerate startup.

Hi Duncan,

Looks like I did not ask my question clearly. In the video After we are done with creating 32bit oracle client container we are assuming that we have a oracle DB already available ( https://www.youtube.com/watch?v=MvETSsryqok&t=2145s). This oracle DB is an empty oracle DB or it has any Siebel related DB objects already created? I can see that SADMIN user is already there and SIEBEL.S_CONTACT table already exists. So looks like Siebel DB stuff is already configured in Base Database. Configuration of Siebel CRM with DB I see is done once installation is complete.

regards Dilip

Fully created Siebel DB as per bookshelf.

To be clear, the database was created separately from the containers with an existing Siebel installation.

Hi Duncan,

I tried on OEL 7.4 and unfortunately there I also I get the same error as mentioned in #66 (comment). Can you please share what was version of oraclelinux:latest image on 8th February when you created oracle db client container

regards Dilip

What made you choose 7.4 ? The video shows OEL 7.6 being used. Currently we're at 7.7. If you get the same issue on 7.7, I will re-test and re-create the video as required. Suggest you re-install OEL and bring it right up to date before you begin.

Sorry but I have no way to know what the version of oraclelinux was on 8th Feb. We always pull oraclelinux:latest prior to each build.

Hi Duncan,

I am able to resolve above multiple lib issue.
Can you please share What is meaning of following parameters.
TNSCONN=SIEBELDB
TBLO=SIEBEL

regards Dilip

Hi Duncan,
I used command to generate key
bash keygen -r .. -s siebel -d *.com -c my-custom-ca 2>&1 | tee keygen.log
and gave DOMAIN=com in ent1.sh file, still I get
2019-09-30 18:40:29,977 [ERROR] - com.siebel.swsm.config.CloudSourcedConfigReader:getCGHeartBeatWithResponse Error occured while parsing siebsrvr property file or config data is missing in that filejava.security.cert.CertificateException: No subject alternative DNS name matching cgw-ENT3.com found
in SAI Server while configuring Gateway.
any idea where I am wrong.

regards Dilip

TNSCONN is the name of the database connection that you will subsequently use within SMC to define connectivity for the SES.

TBLO is the Table Owner

*.com sounds like it should match cgw-ENT3.com. Are you sure you rebuilt all containers with the new jks?

I'm still wondering why you don't try EXACTLY the example given to get a baseline before you try something else though.

I used company.com , but it was picking as ibm.com. So I wanted to verify if it is picking the correct file. Anyway let me try again

Below Issue can be fixed if we add yum -y update in dockerfile before yum -y install >
Hi Duncan,

I tried on OEL 7.4 and unfortunately there I also I get the same error as mentioned in #66 (comment). Can you please share what was version of oraclelinux:latest image on 8th February when you created oracle db client container

regards Dilip

Hi Duncan,
How to fix this issue?
2019-10-01 11:41:03,283 [ERROR] - com.siebel.swsm.config.CloudSourcedConfigReader:getGatewaySecurityProfile Error occured while parsing siebsrvr property file or config data is missing in that fileA JSONObject text must begin with '{' at character 1 of Error on Security Profiles Retrieval^M

I keep getting 400 as bad request

• bash /root/ConfiguringSiebel/Containerization/Docker/ol7/manage/scripts/automate-architecture/smc/setGatewaySecProfile -u sadmin -p sadmin -d 9.204.168.247 -e 32829 -f ORCLCDB.localdomain -t SIEBEL -v SADMIN -w Welcome1 -a localhost -b 444

{"Profile":{"ProfileName":"secprof"}, "SecurityConfigParams": {"DataSources": [ {"Name":"secprof", "Type":"DB", "Host":"9.204.168.247", "Port":"32829", "SqlStyle":"Oracle", "Endpoint":"ORCLCDB.localdomain", "TableOwner":"SIEBEL", "CRC":"", "HashUserPwd":"false"} ], "SecAdptMode":"DB", "SecAdptName":"DBSecAdpt", "DBSecurityAdapterDataSource":"secprof", "DBSecurityAdapterPropagateChange":"false", "NSAdminRole":["Siebel Administrator"], "TestUserName":"SADMIN", "TestUserPwd":"Welcome1" }}

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
^M 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* About to connect() to localhost port 444 (#0)

• Trying 127.0.0.1...
• Connected to localhost (127.0.0.1) port 444 (#0)
• Initializing NSS with certpath: sql:/etc/pki/nssdb
• skipping SSL peer certificate verification
• SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
• Server certificate:

•   subject: CN=*.company.com
  

•   start date: Oct 01 05:06:57 2019 GMT
  

•   expire date: Sep 28 05:06:57 2029 GMT
  

•   common name: *.company.com
  

•   issuer: CN=my-custom-ca
  

POST /siebel/v1.0/cloudgateway/GatewaySecurityProfile HTTP/1.1^M
User-Agent: curl/7.29.0^M
Host: localhost:444^M
Accept: /^M
Content-Length: 490^M
Authorization: Basic c2FkbWluOnNhZG1pbg==^M
Content-Type: application/json^M
^M
} [data not shown]

• upload completely sent off: 490 out of 490 bytes
  < HTTP/1.1 400 ^M
  < Content-Length: 25^M
  < Date: Wed, 02 Oct 2019 07:47:14 GMT^M
  < Connection: close^M
  < ^M
  { [data not shown]
  ^M100 515 100 25 100 490 48 949 --:--:-- --:--:-- --:--:-- 951
• Closing connection 0
  Profile Validation Failed+ exit

regards Dilip

Profile Validation Failed - this means that CGW was unable to connect to the database using the supplied location and credentials. You can verify this by connecting into the CGW:

docker exec -it bash

Then attempt to connect as you have above

sqlplus SADMIN/Welcome1@9.204.168.247:32829/ORCLCDB.localdomain

Most likely ORCLCDB is not the service name for your database.

Hi ,

It works. I had verified that earlier too from oracleinstant client container. Using both external IP and Container ip/port.
regards Dilip

Hi Duncan,

this is other detail
ROOT=/root/ConfiguringSiebel/Containerization/Docker/ol7/manage/scripts/automate-architecture
PV=/var/lib/docker/volumes
#CONTAINERBASE=registry.local.com:5000/siebel
CONTAINERBASE=localhost:5000/siebel
DOMAIN=company.com
ENTERPRISE1=ENT1
DBHOST=9.204.168.247
#DBPORT=1521
DBPORT=32829
DBINST=ORCLCDB.localdomain
TNSCONN=ORCLCDB.localdomain
#DBINST=SAMPLE.localdomain
#TNSCONN=SIEBELDB
DOCKERNET=siebelnet
TBLO=SIEBEL
PORT=444
USER=SADMIN
PASSWD=Welcome1
GWUSER=SADMIN
GWPASSWD=Welcome1
ANONUSER=SIEBEL
ANONPASS=SIEBEL
RUNASUSER=9999
ENTPROFILE=ENT
HWSERVER=localhost
COMPGRPS=callcenter,siebelwebtools,eai
SES1SERVERNAME=SES

readonly compsToManual=(
'BusIntBatchMgr'
'CustomAppObjMgr_enu'
'SServiceObjMgr_enu'
'eServiceObjMgr_enu'
'JMSReceiver'
'InfraEAIOutbound'
'SMQReceiver'
'MSMQRcvr'
'MqSeriesSrvRcvr'
'MqSeriesAMIRcvr'
'JMSReceiver'
'EIM'
'CustomAppObjMgr_enu'
'BusIntMgr'
'BusIntBatchMgr'
)

Please share if you see issue with anything,
regards Dilip

Hi Duncan,

Also the API call is saying 400 that is bad request. So request call is somehow not correct. Although I do not understand why?
==>
upload completely sent off: 490 out of 490 bytes
### < HTTP/1.1 400 ^M
< Content-Length: 25^M
< Date: Wed, 02 Oct 2019 07:47:14 GMT^M
< Connection: close^M
< ^M
==>

regards Dilip

Hi Duncan,

Looks like bad request 400 is not from client side and set by Server API, because text mesage "Profile Validation failed" is also coming. How to enable trace on server side ?

I think this is the actual error on gateway side
2019-10-01 11:38:06,625 [ERROR] - SpecReaderAndAssimilator:preparePathNode Invalid method name for path :/deployments/cg-cluster/deploy::get:com.siebel.opcgw.cloudgateway.config.CGClusterResource
2019-10-01 11:38:06,626 [ERROR] - SpecReaderAndAssimilator:preparePathNode Invalid method name for path :/profiles/servers::delete:com.siebel.opcgw.cloudgateway.config.ProfileResource

Why is it going to Cluster?
regards Dilip

Hi Duncan,

You are right. it is databse failure but why?? i saw this in
webapps/siebel/WEB-INF/siebelsecurity.log file.

2019-10-03 07:21:49 FATAL SecurityManager - Database connection failed
2019-10-03 07:21:49 FATAL SecurityManager - Test Authentication failed
2019-10-03 07:25:51 FATAL SecurityManager - Database connection failed
2019-10-03 07:25:51 FATAL SecurityManager - Test Authentication failed
regards Dilip

Hi Duncan,
Security Manager must be using Java Client to connect to DB. I do not see db jars anywhere.
During which steps did you put jars using oracleinstant client in path?

regards Dilip

Hi Duncan,

Do we need to septup .odbc.ini files. And ODBC setup ?

regards Dilip

No. This is automated via SMC, which can be automated as exemplified by the configure script.

I see you verified connection to the DB. Once connected, can you run this?

select count(*) from SIEBEL.S_CONTACT;

If not, you are not connected to the actual Siebel database, but to the Oracle parent container database.

hmm, so you mean I need to have Siebel database installation done 1st before trying to configure?
Only step I have done is
Siebel Table spaces, roles creation and grant user in Database:

Following queries and commands need to be run to verify the installation and to create table spaces, roles and grant users:

SQL> select file_name from dba_data_files;

FILE_NAME

/home/oracle/oracle/oradata/SIEBDB/undotbs01.dbf
/home/oracle/oracle/oradata/SIEBDB/sysaux01.dbf
/home/oracle/oracle/oradata/SIEBDB/system01.dbf
/home/oracle/oracle/oradata/SIEBDB/users01.dbf
/home/oracle/oracle/oradata/SIEBDB/example01.dbf

create tablespace example datafile '/u02/app/oracle/oradata/ORCL/example01.dbf' size 4000m autoextend on;
create tablespace example datafile '/u02/app/oracle/oradata/ORCL/example01.dbf' size 4000m autoextend on;

select file_name from dba_data_files;
create tablespace SIEB_DATA datafile '/u02/app/oracle/oradata/ORCL/sieb_data01.dbf' size 4000m autoextend on;
create tablespace SIEB_INDEX datafile '/u02/app/oracle/oradata/ORCL/sieb_index01.dbf' size 4000m autoextend on;

create tablespace SIEB_DATA datafile '/home/oracle/oracle/oradata/SIEBDB/sieb_data01.dbf' size 4000m autoextend on;

create tablespace SIEB_INDEX datafile '/home/oracle/oracle/oradata/SIEBDB/sieb_index01.dbf' size 4000m autoextend on;

alter session set "_ORACLE_SCRIPT"=true;

create role sse_role;

Role created.

grant create session to sse_role;

create role tblo_role;
create role tblo_role;
grant create session to tblo_role;

grant ALTER SESSION, CREATE CLUSTER, CREATE DATABASE LINK, CREATE INDEXTYPE,
CREATE OPERATOR, CREATE PROCEDURE, CREATE SEQUENCE, CREATE SESSION,
CREATE SYNONYM, CREATE TABLE, CREATE TRIGGER, CREATE TYPE, CREATE VIEW,
CREATE DIMENSION, CREATE MATERIALIZED VIEW, QUERY REWRITE, ON COMMIT REFRESH
to tblo_role;
create user SIEBEL identified by SIEBEL;

grant tblo_role to SIEBEL;

grant sse_role to SIEBEL;

alter user SIEBEL quota 0 on SYSTEM quota 0 on SYSAUX;

alter user SIEBEL default tablespace SIEB_DATA;

alter user SIEBEL temporary tablespace TEMP;

alter user SIEBEL quota unlimited on SIEB_DATA;

alter user SIEBEL quota unlimited on SIEB_INDEX;

create user SADMIN identified by SADMIN;

grant sse_role to SADMIN;

alter user SADMIN default tablespace SIEB_DATA;

alter user SADMIN temporary tablespace TEMP;

I thought DB configuration or add Siebel schema etc is part of DB Env setup and is taken care by configure step.

hmm, so you mean I need to have Siebel database installation done 1st before trying to configure?

Correct

Hi Duncan,

GM.
If I am getting following error in SES container
[siebel@ses-ENT1 bin]$ ./odbcsql
./odbcsql: error while loading shared libraries: libsslcosa.so: cannot open shared object file: No such file or directory
[siebel@ses-ENT1 bin]$

any idea what step I could have missing from videos. I have followed each step.

regards Dilip

Try using ldd on the named library to discover any missing links.

Hi Duncan,

thanks a lot. I modified dockerfile of ses and created ENV for LD_LIBRARY_PATH and PATH adding /siebel/ses/siebsrvr/lib and /siebel/ses/siebsrvr/bin .
regards Dilip

Hi Duncan,

In case you hav any idea on this. What is prerequisite for success of this command. is odbcsql must?

• bash /home/demoadmin/ConfiguringSiebel/Containerization/Docker/ol7/manage/scripts/automate-architecture/smc/setGatewaySecProfile -u sadmin -p sadmin -d 9.204.168.247 -e 32829 -f ORCLCDB.localdomain -t SIEBEL -v SADMIN -w Welcome1 -a localhost -b 443

{"Profile":{"ProfileName":"secprof"}, "SecurityConfigParams": {"DataSources": [ {"Name":"secprof", "Type":"DB", "Host":"9.204.168.247", "Port":"32829", "SqlStyle":"Oracle", "Endpoint":"ORCLCDB.localdomain", "TableOwner":"SIEBEL", "CRC":"", "HashUserPwd":"false"} ], "SecAdptMode":"DB", "SecAdptName":"DBSecAdpt", "DBSecurityAdapterDataSource":"secprof", "DBSecurityAdapterPropagateChange":"false", "NSAdminRole":["Siebel Administrator"], "TestUserName":"SADMIN", "TestUserPwd":"Welcome1" }}

• About to connect() to localhost port 443 (#0)
• Trying ::1...
• Connected to localhost (::1) port 443 (#0)
• Initializing NSS with certpath: sql:/etc/pki/nssdb
• skipping SSL peer certificate verification
• SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
• Server certificate:

•   subject: CN=*.company.com
  

•   start date: Oct 11 09:37:21 2019 GMT
  

•   expire date: Oct 08 09:37:21 2029 GMT
  

•   common name: *.company.com
  

•   issuer: CN=my-custom-ca
  

POST /siebel/v1.0/cloudgateway/GatewaySecurityProfile HTTP/1.1
User-Agent: curl/7.29.0
Host: localhost
Accept: /
Content-Length: 490
Authorization: Basic c2FkbWluOnNhZG1pbg==
Content-Type: application/json

• upload completely sent off: 490 out of 490 bytes
  < HTTP/1.1 400
  < Content-Length: 25
  < Date: Tue, 15 Oct 2019 09:51:52 GMT
  < Connection: close
  <
• Closing connection 0
  Profile Validation Failed+ sleep 3

regards Dilip

why are these files missing for me
lrwxrwxrwx 1 siebel siebel 32 Oct 15 09:45 siebenv.csh -> /persistent/siebsrvr/siebenv.csh
lrwxrwxrwx 1 siebel siebel 31 Oct 15 09:45 siebenv.sh -> /persistent/siebsrvr/siebenv.sh
drwxr-xr-x 1 siebel siebel 101 Oct 15 09:45 admin
drwxr-xr-x 1 siebel siebel 138 Oct 15 09:45 bin
drwxr-xr-x 1 siebel siebel 4096 Oct 15 11:44 .
[siebel@ses-ENT1 siebsrvr]$ cat /persistent/siebsrvr/siebenv.sh
cat: /persistent/siebsrvr/siebenv.sh: No such file or directory

These files will not be present until the system is configured.

by configuration you mean bash configure 19.0 ? But this call iteself fails. Should not these files be installed or created once container is started or initialized.

During Siebel Enterprise Server and Siebel Server configuration, the script files siebenv.csh (for C shell) and siebenv.sh (for Bourne or Korn shell) are automatically created in the $SIEBEL_ROOT directory.
Please confirm configuration here means "bash configure 19.0" command in video?

Also we are not seting SIEBEL_ROOT variable anywhere in dockerfile so will this be defined during container initialization?

by configuration you mean bash configure 19.0 ? But this call iteself fails. Should not these files be installed or created once container is started or initialized.

I mean when you configure the Siebel Enterprise. This could be via SMC, or it could be via the automated 'configure' script.

Closing this. Please re-open if you're still encountering issues.