Sunday, February 24, 2013

Migrate Enterprise Manager Application Roles and Weblogic Users and Groups between environments

Managing users across environments, when using the built-in Weblogic LDAP was a tedious process. What I have found to work well is create the users once, and then have a script which caries them across to the rest of the environments. This has been very useful in our Development and Test environments when getting the users seeded.

The Enterprise Manager (EM) migration script utilizes a very cool java program that ArtofBI developed and posted to Github. I've tweaked the code a bit for my needs, so attached to this post also includes the modified javasource and complied JAR.

Continue after the break for links to the files, and example scripts for both Enterprise Manager and Weblogic.



OBIEE11g_Amelia.jar
XMLSecurityParserManager.java
HelperFunctions.java
XQuerySecurityManager.java
OBIEE11g_Amelia.java

At a high level, the migrateWeblogicUsers.sh script will
  • Create an import and export python script
  • Runs the python scripts with WLST to export and then import the Weblogic Users and Groups.

At a high level, the migrateAppRoles.sh script will
  • Copy (scp) over the system-jazn-data.xml from the destination to the source
  • Process the XML file with OBIEE11g_Amelia.jar, which produces a python script
  • Runs the python script with WLST to import the new Application Roles.
Click me to view migrateAppRoles.sh

Click me to view migrateWeblogicUsers.sh

1 comment:

  1. Hi Ben,

    I tried your scripts and exports went fine, but received this error during import. Can you please check

    Problem invoking WLST - Traceback (innermost last):
    File "/u01/oraclebi/user_migration/weblogicImport.py", line 6, in ?
    weblogic.management.utils.ErrorCollectionException: Import Errors:
    [Security:099057]Could not decrypt password: {AES}No2DFDIL0GFbVSG6HmxYOxShLFb/rbPhVx/J5SLPJwQ=.

    ReplyDelete