In the recent months, a lot of our customers have migrated from MS Exchange on Premise to Exchange online. A main challenge that causes is, that with Exchange Online it is no longer possible to sign in to send and receive Emails using Username and Password. Instead, an OAuth-Sign-In Flow is required.
Configuration for E-Business Suite
The following Oracle Support note describes the basic procedure: Configuring Oracle Workflow for OAuth 2.0 in Oracle E-Business Suite Release 12.2 and Release 12.1.3 (Doc ID 2884072.1) describes the steps in very much detail. From a high level perspective, you have to:
- Apply some Patches for E-Business Suite
- Have your Exchange / Azure Administrator setup a new Azure Application and grant it access to the post boxes
- Use those details in the Workflow Mailer
- Adjust the Autoconfig configuration, so that further autoconfig/cloning does not destroy the configuration again.
I'll refrain from replicating everything here but instead focus on troubleshooting and common pitfalls.
Testing and Troubleshooting
When implementing this with multiple customers we repeatedly ran into the issue that the Exchange Online / Azure team did not follow the Oracle documentation by the letter. Especially keep note of the sentences written in BOLD. Oracle has done a great job in writing this document, however still in more than 50% of the customers I've been working with errors have been made.
There is a quite good way to troubleshoot though. Basically, you have to download OAuthIMAPTest.class from 2860542.1 and can then run something like:
source /u01/install/APPS/EBSapps.env run; $AFJVAPRG -classpath .:$AF_CLASSPATH OAuthIMAPTest wf-ebs-entw@customer.de d0b7d37d-9b04-4b05-aadf-a9fc74614d18 https://login.microsoftonline.com/f9a4fdf3-3ad9-4855-b1b1-b96763b022c1/oauth2/v2.0/token https://outlook.office365.com/.default 31065893 31065894 secret $FND_SECURE/$TWO_TASK.dbc MicrosoftOffice365ExchangeOnline
The magic numbers are the .p12 and the .cer file (in that order) file_ids that you can find as follows:
select file_name,file_id from fnd_lobs where file_name like '%p12' or file_name like '%cer';
If all goes well that should end with:
Successful connection
If something goes wrong with that tool you get at least some better errors than through the "Test" in the UI.
Summary
Migrating the IMAP (and also the SMTP) postbox behind E-Business Suite Workflow Mailer from MS Exchange to Office 365 / Exchange Online is straightforward. If your security considerations allow it, you can even use a common Azure App that is allowed both the PROD and the TEST mailboxes and thus can fully automate the cloning by just changing the s_javamailer_outbound_user and s_javamailer_imap_user of the Context file.
Keep in mind that there may be more places you need to adjust, e.g. an Oracle SOA Suite Environment or BI Publisher Bursting or custom utl_smtp functionality.
Due to upcoming changes regarding outbound (mass) E-Mails of MS Exchange Online you may be better off not sending them through Exchange Online anyways though. I'll write another blog post on both SOA Suite and alternative SMTP Server (e.g. within Oracle OCI) shortly.