Sunday, 20 March 2016

blogger

Error while bringing up the server after changing the repository schema password in 12c 
Hello Viewer,

 In my case business requires the Metadata Repository schema passwords to be changed on a regular basis.
I changed the password for all the repository schema but after changing the password as soon as i started the managed and Admin server , it was failing to restart.

 Below was the error in logs:
Error Code: 28000
Mar 20, 2016 2:48:19 AM oracle.security.jps.internal.common.config.AbstractSecurityStore getSecurityStoreVersion
WARNING: Unable to get the Version from Store returning the default
oracle.security.jps.service.policystore.PolicyStoreException: javax.persistence.PersistenceException: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-28000: the account is locked

After checking with the database team MFT_OPSS account was getting locked.
Although I checked that except datasource we are not using the MFT_OPSS user anywhere else. But still again and again it was getting locked. From SQL developer also we were able to connect successfully and the same password was updated in datasource as well.

Cause:

A 12c Infrastructure uses a Java Platform Security (JPS) credential store. If the credentials in the JPS store do not match with OPSS schema credentials in the Metadata Repository, AdminServer and Managed server will fail to start.

Note: Above error applies to Oracle Fusion Middleware - Version 12.1.2.0.0 and later

Solution:

It was resolved after following the below steps:

1) I asked the database team to unlock the account and change the password for this user,

2)  Encrypted the password using below steps and updated the opss-datasource-jdbc.xml
         a) cd $DOMAIN_HOME/bin
             . ./setDomainEnv.sh

         b) java weblogic.security.Encrypt newpassword

3) $ORACLE_HOME/oracle_common/common/bin/wlst.sh

wls:/offline>modifyBootStrapCredential(jpsConfigFile='$DOMAIN_HOME/config/fmwconfig/jps-config.xml',username='MFT_OPSS',password='newpassword')

4) Try to bring up the Admin server and Managed server. Hopefully it will start without any error this time.

Thanks a lot for your patience!!!

Regards
-Ashish
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)