Smart PeopleSoft Administration

Oracle has removed the Kerberos class files from PT 8.57. However, I was able to make the Kerberos authentication work by copying the <PS_CFG_HOME>\class\com\peoplesoft\pt\desktopsso\kerberos folder and files to my PeopleTools 8.57 installation and follow the instructions on this site to get Kerberos SSO to work again.

Background I just completed a project where we consolidated our Weblogic web servers into fewer servers. In the past we have one server for each PIA. The new implementation has two Weblogic servers, each with three PIAs and a hardware load balancer to provide high availability. Each PIA is bound to a specific virtual IP and listens on port 443 for HTTPS access. This is a very resilient implementation that provides high up-time for end users. However, I quickly realized that was having strange single-signon issues. When I logged into the Interaction Hub, and clicked a link to access HCM …

Chrome v. 58 Reports: Your connection is not Private Google released Chrome 58 in late April 2017. This update suddenly caused our PeopleSoft and other internal HTTPS sites to report “Your connection is not Private” and ” NET:ERR_CERT_COMMON_NAME_INVALID”: This was a bit of a surprise for us, and after a little research we realized that our internal Enterprise CA (Certificate Authority) does not populate the Subject Alternative Name (SAN). With update 58, Chrome requires that the SAN field is populated. Certificates signed by commercial certificate authorities automatically add the SAN. However, we have dozens of internal SSL sites, so we setup …

I am in the middle of a PeopleTools 8.54 to 8.55 upgrade, and I was interested in knowing if Kerberos authentication still works with PT 8.55. As you may know, Oracle does not really support the implementation, but continue to deliver the class files. The good news is that it still works in PeopleTools 8.55 The only area that has changed slightly is the setting of the JavaVM Options= in the psappsrv.cfg file. This configuration parameter now exists 3 times in this file, so make sure to change the value in the [PSTOOLS] section. I have updated my initial post …

Another Production Issue Just as I was returning from lunch I recieved a bunch of alerts on my phone from our Microsoft SCOM log monitor that one of our FSCM production application server processes had crashed. The message in the log was: PSAPPSRV.8944    (5354)    [2016-11-08T13:01:45.030 user@smartpeoplesoftadmin.com (FIREFOX 49.0; WIN7) ICPanel](0)    PSAFFIRM(GlobalLock : invalid memory address from E:\pt85405c-retail\peopletools\src\pssys\qdmutil.cpp 4385) failed at E:\pt85405c-retail\peopletools\src\pscmnutils\globalmem.cpp, line 233.  Processing will abort. PSAPPSRV.8944    (5354)    [2016-11-08T13:01:45.031 user@smartpeoplesoftadmin (FIREFOX 49.0; WIN7) ICPanel](0)    PSAFFIRM(GlobalLock : invalid memory address from E:\pt85405c-retail\peopletools\src\pssys\qdmutil.cpp 4385) failed at E:\pt85405c-retail\peopletools\src\pscmnutils\globalmem.cpp, line 233.  Processing will abort. PSPAL: Abort: PSAFFIRM(GlobalLock : invalid memory address from E:\pt85405c-retail\peopletools\src\pssys\qdmutil.cpp 4385) …