Académique Documents
Professionnel Documents
Culture Documents
The APPLSYSPUB account should have only these grants, AUTOCONFIG UNIX
COMPONENT PORT # + X PATH FILES
which are set in <FND_TOP>/admin/sql/afpub.sql – VARIABLE PERM
Database s_dbport 1521 $ORACLE_HOME All 0750
INSERT ON FND_UNSUCCESSFUL_LOGINS RPC/FNDFS s_rpcport 1626 $ORACLE_HOME/bin All 0751
INSERT ON FND_SESSIONS Reports Server s_repsport 7000 $ORACLE_HOME/network/admin/ listener.ora
EXECUTE ON FND_DISCONNECTED 0600
s_webport 8000 <sid> sqlnet.ora
EXECUTE ON FND_MESSAGE
Web Server (Apache) s_webssl_port 4443 $ORACLE_HOME/appsutil/install/ *.sql 0600
EXECUTE ON FND_PUB_MESSAGE
s_active_webport 8000 <sid> *.sh 0700
EXECUTE ON FND_SECURITY_PKG
EXECUTE ON FND_WEBFILEPUB Web Proxy s_proxyport 80 $IAS_TOP/Apache/modplsql/cfg
wdbsvr.app 0600
SELECT ON FND_APPLICATION JServ oprocmgr (11i) s_oprocmgr_port 8699 (11i)
SELECT ON FND_APPLICATION_TL s_forms_servlet_ $806_HOME/reports60/server
Forms Servlet (jserv) (11i) 8701-8710 CGIcmd.dat 0600
SELECT ON FND_APPLICATION_VL portrange (11i)
SELECT ON FND_LANGUAGES_TL Discoverer Servlet (jserv) s_disco_servlet defaults.txt
8711-8720 $APPL_TOP/admin/<sid> 0600
SELECT ON FND_LANGUAGES_VL (11i) _portrange adalldefaults.txt
SELECT ON FND_LOOKUPS s_xmlsvcs_servlet_
XML Serlvet (jserv) (11i) 8741-8750 $FND_TOP/secure All 0750
SELECT ON FND_PRODUCT_GROUPS portrange
SELECT ON FND_PRODUCT_INSTALLATIONS OA Core Servlet (jserv) s_oacore_servlet_
8721-8740
SELECT ON FND_NEW_MESSAGES (11i) portrange 11. MY ORACLE SUPPORT (MOS) SECURITY NOTES
Servlet (jserv) – old (11i) s_servletport 8800
To check permissions –
Web Server (moplsql) Secure Configuration Guide for Oracle 189367.1 (11i)
s_web_port_pls 8888
SELECT * FROM sys.dba_tab_privs (11i) E-Business Suite Release (11i/R12) 403537.1 (12.1)
where grantee = 'APPLSYSPUB' Forms Server s_formsport 9000
287176.1 (11i)
Metrics Server Data s_metdataport 9100 DMZ Configuration with Oracle
380490.1 (12.1)
Verify EXECUTE on FND_SIGNON and SELECT ON Metrics Server Requests s_metreqport 9200 E-Business Suite (11i/R12)
1375670.1 (12.2)
FND_USER_VIEW are not granted to APPLSYSPUB. VisiBroker Server Agent s_osagent_port 10000 123718.1 (11i)
MSCA Mobile Server s_mwaportno 10200-10299 Enabling SSL/TLS in Oracle E-Business Suite
376700.1 (12.1)
s_mwadispatcher_ 10300-10399 (11i/R12)
1367293.1 (12.2)
7. APPLICATIONS AUDITING (WHO COLUMNS) MSCA Mobile Dispatcher
port 10800-10899
MCSA Telnet Server (R12) s_mwatelnetportno 10200-10299 FAQ: Oracle E-Business Suite Security 2063486.1
Most Oracle EBS tables have information on the creation JTF Fulfilment Server s_jtfuf_port 9300 or 11000
and last update of a row in the following columns – Security Configuration and Auditing Scripts
TCF Server s_tcfport 15000 2069190.1
for Oracle E-Business Suite
ONS Local Port (R12) s_ons_localport 6100
▪ CREATION_DATE 403294.1 (11i)
ONS Remote Port (R12) s_ons_remoteport 6200 Using Transparent Data Encryption (TDE)
▪ CREATED_BY FND_USERS table 828229.1 (12.1)
ONS Request Port (R12) s_ons_requestport 6500 with the E-Business Suite
▪ LAST_UPDATE_LOGIN FND_LOGINS tables 1585296.1 (12.2)
Java Object Cache Port s_java_object_
▪ LAST_UPDATE_DATE 12345 Using Oracle Database Vault with Oracle E-
(R12) cache_port 950018.1
▪ LAST_UPDATED_BY FND_USERS table Business Suite Releases 11i and 12
OC4J JMS Ports Oacore s_oacore_jms
~23000-23099
(R12) _portrange Configuring Oracle Connection Manager
558959.1
8. END-USER APPLICATION ACCESS AUDITING OC4J JMS Ports for Forms s_forms_jms with Oracle E-Business Suite Release 12
~23500-23599
(R12) _portrange
Enable simple logging of user, responsibility, and forms OC4J JMS Ports for Home s_home_jms
~24000-24099
accesses by setting system profile option “Sign-On: Audit (R12) _portrange
OC4J JMS Ports for Oafm s_oafm_jms
Level” to “FORM” at the site level. ~24500-24599
(R12) _portrange
END-USER AUDIT TABLES Oracle Connection http://www.integrigy.com
s_cmanport 1532
Manager Port
applsys.fnd_logins applsys.fnd_login_responsibilities Version 5.2 – April 2018
fnd_concurrent_requests applsys.fnd_login_resp_forms Port numbers may be modified during installation or may be Oracle E-Business Suite 11.5.10 – 12.0.6 – 12.1.3 – 12.2
automatically incremented by x during installation where x is a Copyright © 2018 Integrigy Corporation. Information in this document is subject
icx.icx_failures applsys.fnd_unsuccessful_logins
number 1 to 100 (typical less than 10). Port number ranges are often to change without notice and does not represent a commitment on the part of
a grouping of 3, 4, 5, or 6 contiguous ports in the specified range. Integrigy Corporation. Integrigy does not guarantee or warrant the accuracy or
END-USER AUDIT REPORTS completeness of the information in this document. AppSentry, and AppDefend
Signon Audit Users Signon Audit Concurrent Requests are trademarks of Integrigy Corporation. Oracle is a registered trademark of
Oracle Corporation and/or its affiliates.
Signon Audit Responsibilities Signon Audit Unsuccessful Logins
Signon Audit Forms