WebLogic 12 Unattended Install And Patch Scripts Up

I am back finally with something to contribute to the PeopleSoft community.  The WebLogic unattended installation and patch scripts for WebLogic 12 are up at my GitHub.  You can get the install script here and the patching script here.  Patch automation has been switched to opatch in line with the change to the Fusion Middleware model.  Be warned both scripts are still kind of hot off the press and could use better error handling.  I will get there soon I hope.  I forgot that I didn’t include the response file so I will have to add that later but you can find Oracle’s guide on creating one here, which is pretty helpful.  There’s not too many options.

I’ve also committed a script that does the Windows service installation of the MicroFocus COBOL runtime license service for PeopleSoft.  You can download that script from GitHub here.  Should save some time when setting up new machines since I can never remember the steps to install the service.

Now that we are finally starting to look at an upgrade to Tools 8.54 I’ve kind of been trying to get everything lined up and ready to go so we can have as much of an automated install as possible.  To that end, I’ve been experimenting with shared PS_HOMEs, which is not really a new feature but has supposedly been ironed out quite a bit in 8.54.

The advantage to doing the PS_HOME this way is that instead of having 11(or however many application server) PS_HOMEs to patch each time you apply a bundle or patchset, you patch one and every server in that environment is upgraded automatically at the same time, since they all use the same PS_HOME.  This will be a huge time saver and reduce the amount of places where something can go wrong.

I built a demo environment over the past week or so to test things out and despite Oracle’s claims that a lot of the bugs have been worked out I didn’t really see it that way.  You can read more about the shared PS_HOME process for Windows on Oracle’s site, but the important things to take away are:

  • Make sure your Tuxedo and PeopleSoft services are set to start as a domain service account.  Otherwise, they won’t have access to the network share.
  • You must use a mapped drive to get Tuxedo to work with a shared home, but your actual PS_HOME variable seems to require a UNC path.  I don’t know why this discrepancy exists.
  • Make sure you set your TM_TUXIPC_MAPDRIVER environment variable as a systemwide environment variable.  If you want Tuxedo and your domains to start with no user logged on there is no other way.
  • This might be an error in the way I have things set up (even though the app server and process scheduler domains start correctly), but using the shared homes I cannot get psadmin to work.  It will always show the domain status as not started.  I don’t know if this is because I am not logged on to the service account when running psadmin, but it is going to change the way a lot of our other scripts work if we can’t use psadmin.
  • Be prepared for your domains to take a long time to start.  In my demo environment it takes about 7 minutes to bring a single app server domain and process scheduler domain up.  Your Windows service will say it timed out but it is really still loading in the background.
  • You will want to seriously consider using Server 2012R2 file servers with SMB 3 in a cluster for your file server so you get a highly available file share.  I shut the file server down once just to see what would happen and it crashes the PeopleSoft environment.
  • Make sure your PS_CFG_HOME is on a local drive.  You don’t want to be writing logs back to the network location.  Also, make sure your service account running Tuxedo and PeopleSoft has write access to PS_CFG_HOME or your domains won’t start.

I am still ironing out the kinks in the shared PS_HOME, but the ease of patching and the disk space savings are well worth the time it takes to figure it out.

One last thing – to readers who asked how the license key was specified in the unattended installation of PeopleTools.  I told you it was only needed to determine which database type was used, but that information might be wrong.  There appears to be a step during the database configuration where the key is required in order to be added to a particular table. I’m guessing this may be why unattended installation of Tools is not supported.  So close, yet so far away.  It may be possible to fix this, but I am not willing to push it because it may violate a license agreement and I don’t want Oracle after me – I can’t afford that.  Sorry to have misled people, but together we can make Oracle support unattended installs if we push them hard enough.

VM Auto-Provisioning With SCVMM and Orchestrator

This post is mostly background and a very high-level overview of process.  I will try to post the related code and runbooks with a future entry.

We recently decided to start reworking our VM request forms.  Previously, these were actual paper forms with a lot of unneeded information on them.

I got to thinking about it and after a discussion with one of my co-workers, I started working on a quick-and-dirty web page system done in ASP.NET and C#.  I’m not really a web developer so it probably doesn’t look too great but it works enough to get VM information and write the info to a database.

Once I had the page up and running, I started to wonder – could we take this one step further?  Why not link this database up with Orchestrator so the VMs provision themselves?

So, I started writing some runbooks to handle provisioning of machines that the user specified should be in SCVMM.  I soon realized that Orchestrator is kind of limited when it comes to provisioning VMs if there is no cloud created in SCVMM.

The next step was to create a private cloud in SCVMM.  You can follow the previous link for instructions on how to do that – it’s pretty straightforward.

I got the private cloud up and running, then turned back to the runbooks.  Orchestrator is also limited in what kind of data it can return from a database.  It will only give you semicolon-delimited strings which need to be parsed with PowerShell in order to get the values needed to build the VM.

Once you get the data out, you can use the SCVMM Integration Pack to start building the VMs.  There’s a few gotchas in this process that I will discuss in more detail in future posts.

Two days later the runbooks were complete and the VMs provision themselves automagically when the user clicks the “Add VM” button on the webpage.

As I stated at the beginning of this post, I’d like to add the web page code and the runbooks to my GitHub, but I don’t have them at home right now as I just finished the project and got home from work.

Stay tuned for more information!

PS: I am off to try my hand on the 70-410 exam tomorrow as my first step to MCSE certification.  Wish me luck!  I hope I can pass.

Tab Clearing And Office 365 ProPlus Provisioning

Well, I am back again.  Seems like every time I re-enable my login page after it disables itself due to brute force attacks I just lose the desire to post for a while.  So, today I installed BruteProtect which should help out a bit with that.  Hopefully, it will be less management overhead for me.

If you work with Office 365 for Education at all, you probably heard the news today that Microsoft is making Office 365 ProPlus available for students free.  You’ll notice the subtitle of that article being “New self-serve process skips IT, makes it easier to get free Office 365”, which I don’t understand why Microsoft would do.

We already have been automatically provisioning ProPlus licenses to enrolled students via PowerShell using a script I wrote, so who knows what would happen if those students went and enrolled themselves.

This behavior can be disabled, of course, using the following PowerShell commands after you connect to your tenant using Connect-MsolService:

Set-MsolCompanySettings -AllowAdHocSubscriptions $false
Set-MsolCompanySettings -AllowEmailVerifiedUsers $false

The problem with this is that it requires the latest version of the Azure Active Directory module.  Now, unlike the previous versions, these cmdlets can only run in versions of PowerShell higher than version 2.0.  So, if your DirSync server runs 2008 R2 like ours, you need to upgrade your PowerShell.  No big deal to upgrade, right?  I thought I’d even go to PowerShell 4, because why not?

Unfortunately, there is a very particular order that v4 needs to be installed in for a 2008 R2 machine.  Basically, you need to install the standalone .NET 4.5.1 software BEFORE you install the .msu for PowerShell v4 or it doesn’t work properly.  If you screw up and just do the v4 install first, you need to remove it and start over.  There’s no indication while it is applying the update that you’re missing the required .NET pieces, it just installs successfully and then fails to work.  You’d think Microsoft could throw a prerequisite check in there just to be nice but I guess not.  Anyway, there’s a nice writeup about the proper process you can read here.

That’s about all for this installment of Other Duties As Required though.  Stay tuned for the next episode!

C# Folder Size, Or Maybe I Am Ignorant

I apologize for the lack of posting recently – since it is Fall registration we are in a freeze which means no changes to anything until it’s over.  Always a good time to research something that I might need later.  I’ve been paging through Advanced Windows Debugging but I’m not enough of a programmer to understand everything.

Additionally, my site was under some sort of attack which ended up with my host disabling the log-in page for WordPress.  Good for them, I was glad they did.  Not sure what caused that, but you can be assured none of your personal information was stolen, since I don’t keep any, and the system wasn’t compromised anyway.

In any case, I was looking at a question on Reddit concerning PowerShell and getting folder size, create, and modify times from a script.  Problem being, the pathing could be more than 260 characters.  If you’ve never run in to the problem, here is the background.  While the poster did finally manage to get the file size using robocopy, I suggested he use .Net to get creation and modified dates.  This is fairly straightforward:

$CreateTime = [System.IO.File]::GetCreationTime($i)
$LastModified = [System.IO.File]::GetLastWriteTime($i)

where $i is the file or folder name.

But then I got to thinking – surely there must be a better way than robocopy to get file sizes for long paths?  Let’s take a look at .Net for this too…

Since GetCreationTime and GetLastWriteTime seem to work on folders as well despite the library being named “File”, I thought the following code would work too:

$files = [System.IO.Directory]::GetFiles($i)
foreach ($file in $files)
$size += $file.Length;

But, for some reason, this will only get the size of the files inside the directory, which doesn’t include any folders that might be under it.  You actually need to iterate through the whole source directory to get everything that might be there in order to get the total size.  It appears that this is a limitation of the Windows API.

Now, that being said, I am not a C# developer by any means, so there might be an easy way to do this that I don’t know.  It’s just that it seems inconsistent to me given the naming conventions between the two libraries.  I can get folder modified times and creation times using a File call, but not the sizes of a root folder.  Why?

If Get-ChildItem could lose its 260 character limitation that would probably help out a lot.  I suppose you could use PSDrives to shrink the path, but sometimes that wouldn’t be an option given the structure of a file system.

PeopleTools 8.54 Initial Impressions

I had a chance to play with PeopleTools 8.54 the other day in my virtual environment.  Just trying to see what the upgrade process will look like for us when we go forward.  A few initial thoughts:

  • The installer.properties format for 8.54 hasn’t changed from 8.53, so you can still use the installer file I posted a while back.  Good news for automated installs!
  • Bad news for automated installs – I can’t seem to get the installer to run silently from a network location.  Seems like some sort of signed executable issue on Windows Server 2012 R2.  I will need to look at this to figure out a way around it.  The wrapper scripts might need work.
  • WebLogic 12 has moved to the Fusion Middleware model and as such, all the WebLogic install wrappers and PSU update wrappers I wrote for 10.3.6 don’t work at all anymore and will need a rewrite.  Patching is now done using opatch instead of bsu.
  • Tuxedo 12 works just like before, so good news there.  Saves some work.
  • I have been reading through the install documentation and can’t figure out if they have moved search to Secure Enterprise Search finally or if you still need Verity.  Verity isn’t listed in the documentation, but it’s part of the Campus Solutions package download from Oracle’s E-Delivery site.  Any readers know the situation here?

I’m glad I took some time to try this out as the start of the upgrade process would have been a bad time to find out the automated installers didn’t work anymore.

If and when I end up rewriting the wrappers I’ll put them up on GitHub and let everyone know.

System Center Orchestrator And VM Creation Rant

I’ve recently got the chance to begin working with System Center Orchestrator 2012 R2, which is looking like it is going to be awesome for really getting our environment to the automated level.  That is, if I ever figure out how to use the thing.

I have been looking through the book System Center 2012 Orchestrator Unleashed on Safari Books which has given me a decent basic introduction to functionality and features, but there’s a lot that can be done with this product, especially when you start adding Integration Packs to interface with other System Center products and anything else in your environment with a provided IP.

Right now, I am trying to automate the VM creation process through Orchestrator.  The goal is to make the creation of one or many VMs a single-click operation from a webpage.  This has been much more of a challenge than I anticipated.

When you aren’t using PowerShell or a scripting editor such as PowerCLI, it is hard to keep track of all the operations that need to happen before the next step can take place.  For example, the next step in your procedure might require a VM ID instead of a VM Name, which might not be published data from the activity that just finished.  So you get lost trying to figure out why the operation just failed, when you are passing information the next step can’t use.

I’ve taken to saving the VM specifications in a database and using Orchestrator to query the information.  Sadly, Orchestrator cannot return information from a database query except as a semicolon-delimited string, which means you need a script to parse that output and then build arrays for your activities.

Looping is another complaint I have.  It doesn’t seem as flexible as what is available in PowerShell.  I was attempting to allow a runbook to create multiple hard disks, but it took a long time for me to figure out how to get the loop to pick out a different bus for each disk.  Actually, that one was kind of embarrassing because you can count the number of times a loop has executed, but it’s not obvious.

Maybe I should just be chalking all this up to the learning phase, but it seems like there is a real lack of documentation for Orchestrator itself.  Don’t get me wrong though, I think it is going to be a great thing once we get some runbooks built and working the way we want.

I hope to have some runbooks that I’ll be able to post to GitHub once I get something of use done, so maybe someone can learn from my mistakes.

Automated PeopleTools Installation – And More!

Ever got the go-ahead for an upgrade or installation of PeopleTools, looked at all your application and web servers, and thought “Man, if only there was some way to automate all these installs”?  Me too.

Sadly, Oracle does not make this easy to do.  The “installer.properties” files written by the install processes are usually incomplete and can’t actually be used to reproduce an installation.  Fortunately, through the magic of Java decompilers, InstallShield 2013, and hard work, I’m here to share working installer.properties files for not only things that come with Oracle-generated examples, but PeopleTools itself.

I think the most obscure automated installation is PeopleTools, so I’ll start there.  You can find the PeopleTools installer.properties file you can use to structure your own installation on my GitHub. Just look at some of those names – USER_INPUT_RESULT_14?  Way to make it easy.  Edit that file to reflect your environment and database type, then just use “setup.exe -f installer.properties” to silently and automatically install PeopleTools.  Of course, why stop there?  I’ve also written PowerShell wrappers for both installing a new Tools environment and upgrading an existing install to a point release.  These scripts handle your error checking during the process and the upgrade script will automatically update your PIA installer files on a file share while preserving your custom installer.properties for your PIA automatic installs.

Speaking of PIA automatic installs, some people know that Oracle provides a skeleton installer.properties for PIA in the \scripts directory of PsMpInstall.  For those that didn’t, you can find a usable installer.properties for PIA here.  I have a PowerShell wrapper for the PIA install, but it’s a fairly simple process to call the PIA executable with the file.  Nicholas Gasparotto did a nice write-up  – although he is on Linux the basic steps are the same.

We’ve now got our PeopleTools and PIA silent installs covered, but how can we do the prerequisites too?  We need to install Tuxedo on the application servers and WebLogic on the PIA servers.  Never fear though…

Oracle has a write-up on unattended Tuxedo installs on their site.  Maybe I’m slow but I didn’t find it too easy to follow right off the bat.  So, grab your Tuxedo installer.properties file here and make it easy on yourself by just having to customize for your environment.  Then, just follow Oracle’s instructions to call the installer with your file.

But what about Tuxedo Rolling Patches?  We don’t want to move on without those, right? I have a nice PowerShell wrapper for the process of installing an RP that takes care of all the steps in that procedure, including uninstall, cleanup, error handling, etc.  Easy, and better, automated.

WebLogic is another product Oracle wrote a guide for silent installation for.  But if you don’t want to read all that and write your silent.xml, get yours here! Oh, and there’s also another PowerShell wrapper for the install process.  It’s not as involved as the others though.

Again, what about WebLogic Patch Set Updates? Grab your PSU PowerShell wrapper and automate those installs away.

I left out JDK automated installs because that process is fairly well documented in my opinion.  I do have a PowerShell wrapper for that as well that takes care of uninstalls, error handling, and other minor stuff – if anyone wants it leave a comment and it can be another post.

Want to take all that to the next level?  Set up a file share, get all your properties and XML files in line, then convert those scripts to SCCM packages.  Now, you can deploy installs or upgrades to site collections and never even have to log in to a machine.

If something gets confusing let me know and I’ll try to help if I can.  Converting all these steps to SCCM packages has really changed the way I handle upgrades and installs for our PeopleTools environments.

PowerShell Remoting HTTPS Group Policy Configuration

Edited to add – This document apparently only works with Windows Server 2008 R2.  When tested with Server 2012 R2 the steps fail, so keep this in mind.

…and the first restoration is the PDF I wrote about PowerShell Remoting configuration with HTTPS and Group Policy, including ACLs.  The reason I started the old blog; you didn’t think I’d lose this file did you?

For your viewing pleasure, download here.