How to be any OPRID, if

Here is the scenario…

• You do not have access to PeopleSoft Security Administration pages to reset the password.
• You want to log on to PeopleSoft using your id and you have forgotten your password or you want to log on as some other operator id (without being detected).

Hmmm…

This is possible “IF” (the BIG IF)

• You are the DBA
• You are not the DBA but your generous DBA has provided you SELECT and UPDATE access to PS tools tables

Here is an example.

1.  I want to logon to F89XXXX but I do not remember my password. I sent an email to my security admin who is busy working on other priority issues.

SYSADM@f89xxxx > select oprid, operpswd from psoprdefn where oprid = ‘NPAI’;

OPRID OPERPSWD

—————————— ——————————–

NPAI 2bc+5cdNDqN4to33X9hP98N97+k=

2.  I remember my password in F89NNNN. So I query my operator password in that db.

SYSADM@f89xxxx > select oprid, operpswd from psoprdefn@f89nnnn where oprid = ‘NPAI’;

OPRID OPERPSWD

—————————— ——————————–

NPAI VLmLlgq9QsvCkDvRoqLnvhn8SkM=

3.  Execute the below Update SQL

SYSADM@f89xxxx > update psoprdefn set operpswd = ‘VLmLlgq9QsvCkDvRoqLnvhn8SkM=’ where oprid = ‘NPAI’;

1 row updated.

SYSADM@f89xxxx > commit;

Commit complete.

4.Voilà!! I am now able to log on to F89XXXX using my password that I remember from F89NNNN.

You can follow similar steps to log on using any other operator id. You can update it back to the original value and go undetected unless it’s being audited.

Conclusion

For the DBA:

• Do not provide ANY level of access to PS tools tables to ANY user in ANY environment
• PROTECTPSOPRDEFN and other security tools tables
• Consider HIDING OPERPSWD column using a view or restrict access to PSOPRDEFN using FGAC
• AUDIT all security related tools tables.

For others:

• Do not attempt this in your environment!

Read More About OPRID

How to determine what is being processed?

As a DBA you might be receiving a lot of calls from users asking some of the questions listed below.

- What their process is currently executing?

- How long will it take?

- Should I cancel my process?

In this post, I will cover some steps that will help you quickly respond to the above questions.

I have executed the below SQR Report in my environment and want to know what is happening.

What their process is currently executing?

1.Use the below SQL to correctly identify the Oracle session

SELECT CLIENT_INFO, PROGRAM, SID, SERIAL#, SQL_ADDRESS FROM V$SESSION WHERE CLIENT_INFO LIKE ‘NPAI%’ AND STATUS =‘ACTIVE’;

2.The above results identify the session executing the report; in this case it is SID 32.

3.Use this SID to identify the SQL being executed.

SELECT SQL_TEXT FROM V$SQLTEXT WHERE ADDRESS = (SELECT SQL_ADDRESS FROM V$SESSION WHERE SID= 32) ORDER BY PIECE;

SQL_TEXT

—————————————————————-

SELECT A.RECNAME, A.FIELDNAME FROM PSRECFIELD A WHERE A.SUBRECO

RD <> ‘Y’ AND NOT EXISTS (SELECT ‘X’ FROM PSDBFIELD B WHERE B.FI

ELDNAME = A.FIELDNAME)

4.The above results will provide you the SQL that is currently being executed. Equipped with this information you SHOULD be able to dig deeper if the session continues to execute the same SQL for more than expected time. Some of the scenarios could be:

a.Locked rows

b.Bad SQL

c.Statistics not updated

d.Bad DB configuration – SQL waiting on some event

e.Missing index, etc

Note 1
Also, there are scenarios where the session might not be executing any SQL because it is busy executing the code logic within the program. If the program is written using good coding standards then you should be able to look at the log file to decipher the progress.

Note 2
It is possible that there are no Oracle sessions created by the process. Some of the scenarios are:
- Process is Queued
- Process has completed and is Posting, etc
How long will it take?In most scenarios the functional support personnel along with the developer should be able to respond to this question based on the SQL or results in log file that you have identified. If you have knowledge about this process based on its history and/or your ability to interpret the program then you can estimate the completion time.
Should I cancel my process?This decision will require approval from the business + functional support personnel unless you have knowledge about the impact of the process.

Read More About  what is being processed?

Calling Oracle DB Function from PS Query Manager

A few weeks back a developer posed a question“Can I use an Oracle Function in PS Query Manager?”
Yes, you can and here are the steps.

1.Create your function in Oracle DB

CREATE OR REPLACE FUNCTION TEMP_FUNC(VAR1 IN NUMBER)

RETURN VARCHAR2

IS VAR2 VARCHAR2(48);

BEGIN

SELECT NVL(PROGRAM,’NULL’)

INTO VAR2

FROM V$SESSION

WHERE AUDSID=USERENV(‘SESSIONID’);

RETURN(VAR2);

END;

2.Create a view in PeopleSoft

CREATE VIEW PS_TEMP_VW AS SELECT TEMP_FUNC(10) VARIABLE_NAME FROM DUAL;

3.That’s it! Use your view in Query Manager as shown below.

 

Read More About  PS Query Manager

Tuning Data Conversion AE during PeopleSoft Upgrade – I

In this post I will share a tuning tip that I used to improve the performance of the PeopleSoft Upgrade data conversion AE.

Data Conversion AE was truncating the temporary table -> Inserting 35 million rows into temporary table from transaction table -> Updating stats

The above steps combined took around 6hrs to complete. It ran in 30mins after the below changes to AE.

e dropped the index on temporary table

NSERT was modified to use APPEND hint

Recreated the index using NOLOGGING

Summary: PeopleSoft does not necessarily ship optimal code. We have to keep our eyes open to identify and modify the problem code to improve conversion performance

Read More About  Tuning Data Conversion

How to build an efficient interface using AE or SQR?

While building an Inbound/Outbound interface, most of the time we may be in dilemma whether to use Application Engine (AE) or SQR. Here are the tips to build an efficient interface using either AE or SQR.

If we use Application Engine, below points are to be taken into account

• If the interface is INBOUND, its better to go for Application Engine
• If the program fails, we can make use of Restart Control to restart the program from the position where it abends
• PeopleSoft – Business Process related Validation will be taken care automatically when we go for AE/CI.
• Parallel Processing can be easily achieved using AE. This can be done by using Temporary Tables and State Records.
• Reusability of SQLs is very much easy when we go for AE.
• Bulk Insertion of data and Set Processing of data can be easily done in an AE
• COMMIT levels can be maintained either at SECTION or STEP levels
• Generation of Reports using File Layout, Workflow related batch interface can be easily developed using an AE
• XML related processing is quiet easy when we go for AE
• When we go for Upgrade of the Current PS System, Retrofitting of AE is done by easily identifying the impacted objects.

If we are going to use SQR, below points can be taken into account to build an interface

• Formatting of Reports is very much easy in SQR using Begin-Header, Begin-Footer and Begin-Setup commands.
• If we are going to consider the Performance of the Interface Program, its better to go for SQR.
• Better Performance can be achieved by using Load-Lookup Arrays and Dynamic SQL
• Reusability of SQLs can be achieved by creating either generic Procedures or SQCs