Depending on how your Oracle E-Business Suite Single Sign-On profile options have been configured, it may be necessary to manage subscriptions for some of your users manually.
The Oracle Directory Services provsubtool command-line utility is used to manage application-specific subscription lists in Oracle Directory Services. The tool can be used by the application administrator or the Identity Management Realm administrator (such as orcladmin).
In case you do not have execute permission to the tool shipped as $ORACLE_HOME/ldap/odi/bin/provsubtool.orc, the file should be copied to $ORACLE_HOME/bin or another suitable location for which you have both write and execute permissions.
Specific uses of this tool are to:
Add or remove users from application-specific subscription lists in bulk mode or batch mode.
Add users to the application-specific subscription lists when 'Applications SSO Enable OID Identity Add Event' profile value is 'Disabled'. This profile controls the automatic subscription for users created in Oracle Directory Services.
List the memberships of a particular subscription list for an application.
Read from a file of a list of simple user login names (nickname attribute values) or user DNs and add or remove them from the appropriate subscription list as specified.
| Parameter Name | Required or Optional | Default Value | Parameter Description |
|---|---|---|---|
| LDAP_HOST | Optional | Local host | LDAP server host |
| LDAP_PORT | Optional | 389 | LDAP Server port |
| APP_DN | Required | None | Application Identity DN, for example: orclapplicationcommonname=Financials,cn=EBusiness,cn=Products,cn=OracleContext,<Identity Realm> |
| APP_PWD | Required | None | Application DN password |
| REALM_DN | Required | None | DN of the identity Management Realm, for example: dc=ganseycorp,dc=com |
| LIST_NAME | Optional | ACCOUNTS | The Subscription List Name. By default, ACCOUNTS is created for Oracle E-Business Suite instances. |
| OPERATION | Required | None | ADD, REMOVE, LIST. The LIST option will list all the current members of the subscription list. |
| FILE_NAME | Optional | members.lst | File containing the user list either as simple names or DNs |
| FILE_TYPE | Optional | 0 | 0 = Simple Names 1 = DNs |
| LOG_FILE | Optional | report.log | Output log file. The output from the command is written to a file specified by the parameter "LOG_FILE". If no filename is specified, the default of report.log is used. |
| DEBUG | Optional | 0 | Debugging On/Off ( 0 or 1) |
| MAX_ERRORS | Optional | 1000 | Abort operation after this number of errors have occurred. If the numbers of errors exceed the value specified by the "MAX_ERRORS" parameter (during a bulk operation when trying to add many users together in a batch), the command will fail. |
For an Oracle Financials E-Business Suite instance registered in Oracle Directory Services as: orclapplicationcommonname=Financials,cn=EBusiness,cn=Products,cn=OracleContext,<Identity Realm> for the ID realm: dc=ganseycorp,dc=com
To add a user whose nickname is "john.smith" to the default subscription list "ACCOUNTS", you would add the line "john.smith" (without the quotes) to an input file, in this case with the default name of members.lst, and then execute the command:
provsubtool ldap_host=LDAP_HOST ldap_port=LDAP_PORT \ app_dn="orclapplicationcommonname=Financials,cn=EBusiness,\ cn=Products,cn=OracleContext,dc=ganseycorp,dc=com" \ realm_dn="dc=ganseycorp,dc=com" list_name=ACCOUNTS \ operation=ADD \ file_name=members.lst file_type=0 \ app_pwd=tea4two
To remove a user, you would follow the same procedure, simply substituting the operation REMOVE for the operation ADD:
provsubtool ldap_host=LDAP_HOST ldap_port=LDAP_PORT \ app_dn="orclapplicationcommonname=Financials,cn=EBusiness,cn=Products,cn=OracleContext,dc=ganseycorp,dc=com" \ realm_dn="dc=ganseycorp,dc=com" list_name=ACCOUNTS \ operation=REMOVE \ file_name=members.lst file_type=0 \ app_pwd=tea4two