Direct Oracle Database Access restriction

Hello All,
How do I find out whether direct Oracle database access has been restricted to defined nodes?
Thank you.

You can try some of these:
1. check if any non-SAP ids are created in the database, in oracle for example in dba_users
2. check if any dummy default ids that come with database are unlocked and being used
3. if you are setup to use external identification such as ops$sidadm in oracle (in places they are), check who can su or sudo to sidadm
4. obviously anyone with password for system and sap ids can login using number of tools; you can investigate options to tighten using SQL*Net listener
Hope this gives some preliminary pointers...

Similar Messages

  • Move pictures in Jpg from a server to SAP (Oracle database) in BLOB

    Hi SAP Friends,
    We would like to know if this is possible.
    We have pics in jpg/jpeg format in one server. We want to move these pics automatically once every hour to SAP Oracle database in BLOB format. The server has the capability to push these jpg files into BLOB format of Oracle database. We need to know if it is possible to send to SAP's Oracle database and store in BLOB format. If so, pl let us know how.
    Pl let us know.
    Niranjan

    You are facing two things here:
    a) Licensing issue
    Check Note 581312 - Oracle database: licensing restrictions:
    As of point 3, it follows that direct access to the Oracle database is only allowed for tools from the areas of system administration and monitoring. If other software is used, the following actions, among other things, are therefore forbidden at database level:
    Creating database users
    Create database objects
    Querying/changing/creating data in the database
    Using ODBC or other SAP external access methods
    This depends on the contract and where you bought which licenses for Oracle.
    b) Technical issues
    It´s not a good idea to insert data into a SAP database without using SAP tools. Even if it´s a separate table(space) or "isolated" in a SAP understanding. You never know, how upgrades behave with that table, you may see the table in sense of SAP-DDIC consistency (Table without DDIC reference) etc.
    If you want to insert JPEGs easily,  you can use transaction CSADMIN, create a repository and write a small program, that uploads the data to the database using SAP standard interfaces. This will insure DATA integrity and will make sure, the data is accessible even after database/SAP system upgrades.
    Markus

  • Oracle Database Vault vs Audit Vault and database firewall

    Hi All,
    I would like to know the main difference between Oracle Database Vault and Oracle Audit Vault and Database firewall.
    I have read all the white papers and documents on them both and find them very similar in work process.
    Only difference I see in the pricing.
    I feel Oracle audit Vault can do all the work of Database Vault with added feature of proactive session monitoring.
    If someone can help me based on their knowledge and experience it would be appreciated.
    Thank you.

    I have read the white papers of both Database Vault and Audit Vault
    According to database Vault sessions can be managed using various roles created as per business requirements.
    Audit vault offers same thing in terms of a firewall which manages and restrictions based on roles created .
    From the white papers:
    DATABAES VAULT:
    Oracle Database Vault restricts access to specific areas in an Oracle database from any user, including users who have administrative access.
    This enables you to apply fine_grained access control to your sensitive data in a variety of ways.
    Oracle Database Vault enables you to create the following components to manage security for your database:
    Realms
    Command Rules
    Factors
    Rule Sets.
    DATABAE AUDIT AND FIREWALL:
    Oracle Audit Vault and database Firewall consolidates database activity monitoring events and audit logs. Policies enforce expected application behaviour, helping preventing SQL injection, application bypass, and other malicious activities from reaching the database while also monitoring and auditing privileged users and other activities inside the database.
    To me these sound very similar of doing same work.
    My apologies as I am unable to paste the whole text here and I cannot type full documents here 

  • Which version of Oracle database is certified on  Windows 2008 R2 ( 64-bit)

    We have a Microsoft Windows 2008 R2 (64-bit) server.
    I wanted to know which Oracle database version is 100% certified on the above OS.

    Hi Sirini;
    10.2.0.5 is supported - see MOS Doc 1061272.1 (Statement of Direction: Oracle Database 10g Release 2 Client (10.2.0.5) with Microsoft Windows 7 and Windows Server 2008 R2)Correct;
    11gR2 is also supported - see MOS Doc 867040.1 (Statement of Direction: Oracle Database 11g Release 2 – Microsoft Windows 7 and Windows Server 2008 R2)There is a setup on this link:
    Oracle Database 11g Release 2
    (11.2.0.1.0)
    Microsoft Windows (x64) File 1, File 2 (2GB) See All
    I am little bit confused for this, as you mention note and also certification matrix says 11gr2 certfied with Win2008-64 bit. But there is no specific setup like win2008-64 bit, there is only Microsoft Windows (x64) setup
    By the way for 10gR2 on win 2008 64 bit platform there are 2 setups. Those are:
    Oracle Database 10g Release 2
    Oracle Database 10g Release 2 (10.2.0.4) for Microsoft Windows Vista x64 and Microsoft Windows Server 2008 x64
    Oracle Database 10g Release 2 (10.2.0.1.0) for Microsoft Windows (x64)
    So i had issue for my client and oracle worker support me to use 10.2.0.4 for my issue, not second setup. So for 11gR2 could be work for Microsoft Windows (x64) but i am not sure %100 coz never tried before.
    i appreciate, If someone share their experience to make installation 11gR2 on win2008-64 bit wiht Microsoft Windows (x64) setup
    All those upper setups can be found at:
    http://www.oracle.com/technetwork/database/enterprise-edition/downloads/index.html
    I do not believe 11gR1 is currently certified with Win 2008 R2.Please check below link:
    http://www.oracle.com/technetwork/database/enterprise-edition/downloads/index.html
    Oracle Database 11g Release 1 Standard Edition, Standard Edition One, and Enterprise Edition
    (11.1.0.7.0)
    Microsoft Windows Server 2008 (32-bit) (1.9 GB) | See All
    Microsoft Windows Server 2008 x64 (1.9 GB) | See All
    Regard
    Helios

  • JSP example with database access

    Is there a good example of a JSP portlet doing Oracle database access? Thanks

    David,
    Thanks for the suggestion. We'll schedule that on our list of new sample portlets.
    But as a sidenote, the Database access would really be no different from any standard JDBC calls to connect to and query the database.

  • Does Oracle database supports Windows server 2012?

    Does Oracle database supports Windows server 2012? If not, when it will be supported?

    Hi;
    Oracle not certified wiht win8 or win2012. Please check below note:
    Oracle - Compatibility Matrices and Release Information [ID 139580.1]
    11.2.0.x Oracle Database and Networking Patches for Microsoft Platforms [ID 1114533.1]
    Statement of Direction: Oracle Database 11g Release 2 - Microsoft Windows 7 and Windows Server 2008 R2 [ID 867040.1]
    Certification Information for Oracle Database on Microsoft Windows (64-bit) [ID 1307195.1]
    Certification Information for Oracle Database on Microsoft Windows x86 (32-bit) [ID 1307189.1]
    PS:Please dont forget to change thread status to answered if it possible when u belive your thread has been answered, it pretend to lose time of other forums user while they are searching open question which is not answered,thanks for understanding
    Regard
    Helios

  • "Error while accessing porting layer for ORACLE database via getSessionId()

    Hi,
    My ejb3.0 Entity is created from Emp table in scott/tiger schema of an Oracle 10g database. I am guessing I made some mistake creating the datasource or uploading the driver, because when I run my application, I get a long exception stack trace. The bottom-most entry in the stack trace is:
    Caused by: com.sap.sql.log.OpenSQLException: Error while accessing porting layer for ORACLE database via getSessionId().
         at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:148)
         at com.sap.sql.jdbc.direct.DirectConnectionFactory.createPooledConnection(DirectConnectionFactory.java:527)
         at com.sap.sql.jdbc.direct.DirectConnectionFactory.createDirectPooledConnection(DirectConnectionFactory.java:158)
         at com.sap.sql.jdbc.direct.DirectConnectionFactory.createDirectPooledConnection(DirectConnectionFactory.java:118)
         at com.sap.sql.connect.factory.PooledConnectionFactory.createPooledConnection(PooledConnectionFactory.java:119)
         at com.sap.sql.connect.factory.DriverPooledConnectionFactory.getPooledConnection(DriverPooledConnectionFactory.java:38)
         at com.sap.sql.connect.datasource.DBDataSourceImpl.createPooledConnection(DBDataSourceImpl.java:685)
         at com.sap.sql.connect.datasource.DBDataSourcePoolImpl.matchPool(DBDataSourcePoolImpl.java:1081)
         at com.sap.sql.connect.datasource.DBDataSourcePoolImpl.matchPooledConnection(DBDataSourcePoolImpl.java:919)
         at com.sap.sql.connect.datasource.DBDataSourcePoolImpl.getConnection(DBDataSourcePoolImpl.java:67)
         at com.sap.engine.core.database.impl.DatabaseDataSourceImpl.getConnection(DatabaseDataSourceImpl.java:36)
         at com.sap.engine.services.dbpool.spi.ManagedConnectionFactoryImpl.createManagedConnection(ManagedConnectionFactoryImpl.java:123)
         ... 90 more

    Actually, now (after the GRANT described in my reply before) the Exception has changed to:
    Caused by: com.sap.sql.log.OpenSQLException: Error while
    accessing porting layer for ORACLE database via
    <b>getDatabaseHost</b>().
         at com.sap.sql.log.Syslog.createAndLogOpenSQLException
    (Syslog.java:148)
         at com.sap.sql.jdbc.direct.DirectConnectionFactory.
    createPooledConnection(DirectConnectionFactory.java:527)
         at com.sap.sql.jdbc.direct.DirectConnectionFactory.
    createDirectPooledConnection(DirectConnectionFactory.java:158)
         at com.sap.sql.jdbc.direct.DirectConnectionFactory.
    createDirectPooledConnection(DirectConnectionFactory.java:118)
         at com.sap.sql.connect.factory.PooledConnectionFactory.
    createPooledConnection(PooledConnectionFactory.java:119)
         at com.sap.sql.connect.factory.DriverPooledConnectionFactory.
    getPooledConnection(DriverPooledConnectionFactory.java:38)
         at com.sap.sql.connect.datasource.DBDataSourceImpl.
    createPooledConnection(DBDataSourceImpl.java:685)
         at com.sap.sql.connect.datasource.DBDataSourcePoolImpl.
    matchPool(DBDataSourcePoolImpl.java:1081)
         at com.sap.sql.connect.datasource.DBDataSourcePoolImpl.
    matchPooledConnection(DBDataSourcePoolImpl.java:919)
         at com.sap.sql.connect.datasource.DBDataSourcePoolImpl.
    getConnection(DBDataSourcePoolImpl.java:67)
         at com.sap.engine.core.database.impl.DatabaseDataSourceImpl.
    getConnection(DatabaseDataSourceImpl.java:36)
         at com.sap.engine.services.dbpool.spi.
    ManagedConnectionFactoryImpl.createManagedConnection(ManagedConnectionFactoryImpl.java:123)
         ... 90 more

  • Can't access tables in other Oracle database schemas

    Hi. We got our Oracle database admin to install APEX in our Oracle database. She created a login and schema for my Oracle database user so that I could work with APEX a little. Here's the information on the version of APEX we have installed:
    Database Version Information
    Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production
    PL/SQL Release 11.2.0.2.0 - Production
    CORE 11.2.0.2.0 Production
    TNS for IBM/AIX RISC System/6000: Version 11.2.0.2.0 - Production
    NLSRTL Version 11.2.0.2.0 - Production
    I've found that my user is only able to access Oracle tables within my own Oracle database schema. Most of our main tables are in 3 other schemas and I'd need access to all tables in all these schemas. Right now whenever I encounter a drop list of values for Schema, only by own schema is available in the list of values.
    Is there something our Admin can do to make these tables in other schemas available to my user account?

    Sharpe,
    This documentation should point you in the right direction. It will show you how to add multiple schemas to a workspace.
    http://docs.oracle.com/cd/E23903_01/doc/doc.41/e21678/adm_mg_wrkspc.htm#CHDBDCCJ
    Cheers,
    Tyson Jouglet

  • Access of oracle database through sys user

    Hi All,
    Can any one suggest me what are the possibility to access database through SYS user...I install oracle database 10.2.0.4 on Win-2003 SE.
    Now I want to make restrict that no one can be able to logged in database as a sys user so I do one thing that in sqlnet.ora file at server side make none in sql authentication line. What are the other possible way that user can access through sys user?
    Please suggest me...
    Thanks...

    user505 wrote:
    Hi All,
    Can any one suggest me what are the possibility to access database through SYS user...I install oracle database 10.2.0.4 on Win-2003 SE.
    Now I want to make restrict that no one can be able to logged in database as a sys user so I do one thing that in sqlnet.ora file at server side make none in sql authentication line. What are the other possible way that user can access through sys user?One other possibility can be to come from the remote system as the Sys user. So you can set remote_loginpasswordfile to shared. This will ensure that without knowing the password, person won't be able to connect.
    That said, there is no stopping for the person who would be knowing the credentials of your o/s or sys user.
    HTH
    Aman....

  • Access to reach Oracle database with ODBC

    Hello oracle community,
    Oracle 11.1.0.7.0, Access 2007:
    We have an ODBC driver to connect to the oracle database over access. it is working fine, just when we open two instance of access on the same machine, two connections (over same ODBC) to different schema/users and starting a query, he is not able to find the tables of the second connection. it seems like he is using the wrong user. is there any solution or anything we are doing wrong ?
    Ikrischer

    I tried all three options: "use US setttings", "use Microsoft regional settings" and "use Oracle NLS settings", none worked (hope I dont need to reboot for that). When I am working with Toad and make an insert, I can perform an insert statement with '1,5' for a numeric column, everything is fine. When I am trying the same in the access programm (I can enter values there directly into the linked table) I get an error message ora-01722 for the value '1,5'. But if I try to insert 1.5 into access, he is converting it to 15.
    PS: just made another test, not inserting values, just reading records from the table. I opened the table in Excel over the same ODBC driver, everything is fine, the value '1,5' for one record. When I use the same ODBC driver in Access, the vlaue is 15, that is funny. is there a problem in access ?
    Ikrischer
    Edited by: Ikrischer on Mar 23, 2010 2:56 PM

  • XGEN accessing Oracle Database

    I'm an Oracle Account Manager and I have a customer with a XGEN application accessing Informix Database. They want to keep this application and move from Informix to Oracle, and this application must access Oracle. Does any one have an experience like this?

    Hi Bharathwaj,
      Thanks for the reply. it has really helped me a lot.
    i wanted to ask one more thing...
    In our webdynpro application (deployed on WAS) we are  required to fetch and update data in oracle database. The restriction here is we are required to use DSN (provided by Primavera Inc..for connection). We are using connection pool, where we have configured data source with DSN(system DSN) with appropriate parameters.
    We have tested the dSN for extensive data transfer from our local jvm's...but when used with J2EE on WAS..its not that stable, when used to transfer data say for more than 2-3 times, gives SQL Exception with general error. Then after, when J2EE engine is stopped...it starts working fine...then again after when J2EE started, same problem occurs...
    Is it some problem with memory??
    Because our server has 1 GB RAM + 4 GB VM there fore total 5GB available memory. Previous performance of server was very slow due to wrong VM setting...
    Now also the performance is not that good...jalunch.exe consumes upto 1.4 gB of memory..is it ok..or something wrong???
    Is there alternative best way to talk to external oracle database from WAS J2EE...or connection pool is the best possible method..
    If there are any settings to be done on server also..
    fine..we have complete access of it...
    Please help..

  • Auditing direct database access

    I'm a database security engineer and quite unfamiliar with SAP.
    From the viewpoint of SOX/IT control, I just wonder if there is any necessity to audit Oracle database using Oracle's auditing features (audit_trail=db/os).
    Privileged Oracle users can login to the database bypassing SAP application. In addition, they may be able to change any financial data by executing DML commands directly.
    Is such scenario realistic?
    I'd like your opinions.
    Thanks in advance,
    ebi

    Hi Ebi,
    in my opinion all that Auditing is only interesting to watch your Administrators hands...
    What do you need to access the oracle database?
    - client-software ... at least a jdbc driver
      (May be available on many computers)
    - the hostname, the listener port, a network connection that works and the DB SID
      (that should not be so easy... DB Server should be in a seperate network zone... at best only reachable via the Application Servers)
    - OR: physical access to the database
      (if that is possible... don't think of auditing anymore... there is no security then)
    - a valid user account that has access to the SAP<sid> schema
    (Ok, that should only be the SYSDBA/SYSTEM account, nothing else. Access to these accounts has to be highly secured. Not so much technically but much more on the "human side". It just has to be a real secret. Period.)
    - you've to know at least a bit about the datamodel of SAP databases. Not that easy in a system with more than 40000 tables...
    Really problematic (in my opinion) are the approaches to "connect" the SAP database to the other systems in the company. People make up export and import interfaces (sometimes also direct table access) on database level.
    Let's face it: businesswise security is gone in these cases.
    SAP systems rely on the access "from above", that is through the interfaces and APIs.
    Direct database access is like taking money out of the banks safe instead of withdraw it.
    To come back to your question: if you want to check the dba actions, yes auditing is a nice thing. But it is just a way to proof later on who did something wrong. It's a finger pointing tool.
    I would put more effort in trying to avoid such things from happening - limit the access to the database. Double check changes to the database - via procedures (e.g. no interactive sqlplus access to the productive database) and 4 eyes checks.
    Best regards,
    Lars

  • Access - Oracle databases synchronization

    I want to synchronize my Access database with its Oracle copy. I want the synchronization to occur on a scheduled basis. Is there any oracle tool for this? I want to test this with Oracle database 10g Express Edition.

    First, architecturally, this seems a bit suspect. Access should be able to manipulate data in Oracle directly over ODBC, so it isn't normally necessary to synchronize from Access to Oracle. You'd normally have the Access application directly modifying Oracle. If you need to operate in some sort of disconnected mode (i.e. no connectivity between the application and Oracle for large stretches of time), Oracle Lite, TimesTen, or one of Oracle's other embedded databases would generally be easier to use because they've designed synronization capabilities into those products.
    If you are going to use this sort of architecture, you could use Heterogeneous Connectivity to create database links from Oracle to the Access database using ODBC. You would then be able to query the Access database from Oracle and extract the changes (assuming, of course, that Access maintains a timestamp that indicates that a row has changed or that you're willing to have Oracle pull over all the records every time and then implement logic in Oracle to compare those records against yesterday's data to look for changes).
    Justin

  • How to extract data from oracle database directly in to bi7.0 (net weaver)

    how to extract data from oracle database directly in to bi7.0 (net weaver)? is it something do with EDI? can anybody explain me in detail?
    Thanks
    York

    You can use UDConnect to get from Oracle database in to BW
    <b>Data Transfer with UD Connect -</b>
    http://help.sap.com/saphelp_nw04/helpdata/en/78/ef1441a509064abee6ffd6f38278fd/content.htm
    <b>Prerequisites</b>
    You have installed the SAP WAS J2EE Engine with BI Java components.  You can find more information on this in the SAP BW installation guide on the SAP Service Marketplace at service.sap.com/instguides.
    Hope it Helps
    Chetan
    @CP..

  • How to access a PDF file from Oracle DATABASE SERVER

    Hi
    I have some pdf files in "\home2\docs" directory in Oracle database server 10g. (OS is Linux) I want to access those pdf files from my client system through Oracle Forms. How is it possible?
    Please Help!!!! It is very urgent !!!
    Expecting fast response!!!!!
    Bye

    hi
    Thank u for ur response.
    Initially i tried to access pdf file from database server. I didn't get any solution for that. So I copied all my pdf files to Application server which is in Linux environment at "/home2/docs" directory.
    I gave the following command for accessing the pdf files kept in Lnux Application Server from Oracle 10g forms in a button press trigger.
    web.show_document('http://192.168.1.53:7779/home2/docs/test.pdf');
    It says "page cannot be found"
    So I copied one of the pdf file named "test.pdf" to "/oracle/oas10g/IasHome/forms90/java" in Linux Application Server . Then the following command
    web.show_document('http://192.168.1.53:7779/forms90/java/test.pdf');
    has opened the the pdf file in browser.
    192.168.1.53 is my Linux Application Server IP. and 7779 is the port.
    Actually we have lacs of pdf files. So i cannot keep all the pdf files in "/oracle/oas10g/IasHome/forms90/java" directory in Linux Application Server. And also all the pdf files not in the same directory , "/home2/docs" some of the pdf files r in the subdirectories of "/home2/docs/" like /home2/docs/sub1, /home2/docs/sub2, /home2/docs/sub3 etc.
    Then how to configure my "/oracle/oas10g/IasHome/forms90/server/forms90.conf" file for retrieving pdf files from "/home2/docs/" and its subdirectories. Is Anything other than this, required for solving my problems.
    Now My PDF files r in LINUX APPLICATION SERVER not in database server.
    Please help!! It is VERY URGENT!!!

Maybe you are looking for

  • Getting the below error when running the Baseline.grf for the first time

    I am getting the below error when running the Baseline.grf for the first time. Appreciate your support in resolving it. Error below: INFO [main] - *** CloverETL framework/transformation graph, (c) 2002-2012 Javlin a.s, released under GNU Lesser Gener

  • Need help with arrays in a survey

    I am making a survey using arrays to store the answers to 2 questions and output the frequencies of each answer, as well as the average rating for each question. When I do it in a structured manner, it works properly: import java.text.DecimalFormat; 

  • Import sites to a Mac that already has created its own iWeb sites

    Working different places I have been using iWeb on 3 different Macs. On these Macs I have created different iWeb sites, and now I would like to merge them all onto one computer, so that I can work with all of my iWeb sites from the same location. I h

  • E-mailing packing list to the customer

    Hi, Our business process needs emailing of packing list to the customer. The packing list output form has been developed using SMARTFORM to print bar codes on it. We would like to utilize contact person functionality, which is available in the custom

  • FaceTime will not run after update to 10.6.7

    Updated the OS to 10.6.7 earlier today. Tried to run FaceTime this evening, and found that it will not start. First indication of a problem was that the FaceTime icon was missing, instead a generic icon was present. Tried to start FT, and found that