I tested and found if APPLSYSPUB's password has # or $ in it, EBS forms will hang and after 10 seconds get frozen. However it works with "_" in it, and it works with upper or lower cases in it.
So, the steps to change APPLSYSPUB's password in R12.1.3 are
1. Modify $CONTEXT_FILE (on each node) and put the new password in s_gwyuid_pass.
2. Stop EBS apps services.
3. $ FNDCPASS APPS/apps_PWD 0 Y SYSTEM/[system_pwd] ORACLE APPLSYSPUB New_PWD
If it works, the Lxxxxxx.log shall say (but not always)
Working...
Password is changed successfully for user APPLSYSPUB.
AFPASSWD completed successfully. (PROGNAME=FNDCPASS)
4. run autoconfig.sh on each apps node.
(without this step, login page will not work, with errors in $LOG_HOME/ora/10.1.3/j2ee/oacore/oacore_default_group_1/application.log)
After all done, APPLSYSPUB's new password is saved in text $FND_SECURE/xxx.dbc file. So, use different passwords in non-prod instances and prod instance. Note about steps will not update files $FND_TOP/resource/appsweb.cfg and $OA_HTML/bin/appsweb.cfg.
Similar steps to change all schemas' password and APPS password:
1. Verify SYSTEM password and current APPS password work.
2. Stop EBS apps services
3. Change all EBS schemas' password (optional and only if needed)
$ FNDCPASS apps/current_APPSpwd 0 Y system/'system_PWD' ALLORACLE new_schPWD
4. Change APPS password
$ FNDCPASS apps/current_APPSpwd 0 Y system/'system_PWD' SYSTEM APPLSYS new_appsPWD
5. verify the new password and make sure three key accounts are not locked
$ sqlplus apps/new_appsPWD
SQL> select username,user_id,password,account_status,lock_date,expiry_date
from dba_users where USERNAME in ('APPS', 'APPLSYSPUB', 'SYSTEM');
6. Run autoconfig on each node. (that will re-create two database links used by E-business suite)
7. Start EBS apps services.
To change one EBS schema (such as POA and CUSTOM top/schema docXX) password:
$ FNDCPASS apps/appsPWD 0 Y system/system_PWD ORACLE POA newPOA_PWD
$ FNDCPASS apps/appsPWD 0 Y system/system_PWD ORACLE docXX newDOCXX_PWD
Troubleshooting:
After APPS (and APPLSYSPUB) password was changed, EBS failed in re-directing to the login page. In Firefox, the login page https://ebssite.domain.com/OA_HTML/AppsLogin shows generic error
500 Internal Server Error
Servlet error: An exception occurred. The current application deployment descriptors do not allow for including it in this response. Please consult the application log for details.
Page https://https://ebssite.domain.com/OA_HTML/ServletPing also does not work.
I followed Doc ID 1926189.1 (Login Page Cannot Be Accessed After Changing The APPLSYSPUB Password) without seeing "lock" keyword in any application.log (by command locate application.log | egrep -i 'lock'). But I did find APPLSYSPUB account was locked. Seems some process kept trying the account with old password and made it "LOCKED(TIMED)". No any errors in logs by adstrtal.sh.
Here are lines from $LOG_HOME/ora/10.1.3/j2ee/oacore/oacore_default_group_1/server.log
17/06/23 08:40:26.286 Internal server error
java.lang.NoClassDefFoundError: Could not initialize class oracle.apps.fnd.common.WebAppsContext
at oracle.apps.jtf.cache.ArchitectureWrapper.createAppsContextWithDBCFile(ArchitectureWrapper.java:143)
Lines from $LOG_HOME/ora/10.1.3/j2ee/oacore/oacore_default_group_1/application.log
17/06/23 08:10:21.926 html: Error initializing servlet
java.lang.ExceptionInInitializerError
at oracle.apps.fnd.sso.Utils.getAppsContext(Utils.java:549)
at oracle.apps.fnd.sso.SessionMgr.loadInstalledLanguages(SessionMgr.java:4058)
at oracle.apps.fnd.sso.SessionMgr.getInstalledLanguages(SessionMgr.java:3852)
at oracle.apps.fnd.sso.Utils.getBaseInstalledLangCode(Utils.java:1490)
at oracle.apps.fnd.sso.Authenticator.<clinit>(Authenticator.java:45)
at oracle.apps.fnd.sso.Utils.<clinit>(Utils.java:674)
If APPLSYSPUB account was locked after EBS services were started, end-users will suddenly be unable to launch forms. The forms popup will stay frozen forever when uses try to open it.
Also see http://erpondb.blogspot.com/2016/11/fndcpass-and-app-fnd-02704.html about special character in password.
