BPM workspace: Scripted security

When implementing BPM processes, for each deployed BPM process an application role is created in the policy store. To enable users to work with the processes, groups are assigned to these application roles. Users are ofcourse assigned to their respective groups. Management of the BPM process application roles is available in Enterpsie Manager Fusion Middleware Control or the BPM workspace.

Let’s first use Fusion Middleware Control. We need to go to the security section.


Choose (more...)

EM Cloud Control: Agent Patch fails: Current user not file owner

When I was patching all of our agents on our linux nodes with the latest PSU (, I encountered an error with one linux node.

PREREQ_NAME: Performer check
PREREQ_DESC: Check if current performer are the file owner of /apps/oracle/product/agent12c/core/
PREREQ_MESG: Current user tony from Normal Oracle Home Credentials is not the file owner of /apps/oracle/product/agent12c/core/

Somehow privilege delegation hasn’t been applied (more...)

EM Cloud Control: Using emcli to bulk modify host credentials

In our environment all machines are linked to an LDAP server for authentication (AD in this case). You need to logon to machines with your personal credentials and use sudo to logon to a system account.  This is a common practice and easily implemented in EM Cloud Control through ‘named credentials’. In my case I have several system accounts I need to be able to ‘sudo’ to, to perform actions like patching. So for (more...)