Init nad password file
hi
i m creating a new database with the name "test"..when we issue the command of startup, by
default it checks the initifile with the name "inittest.ora" if "spfileinit.ora" at
$ORACLE_BAST/product/9.2.0.1.0/dbs....i want to ask that can we change this default
location??if yes then how will i tell oracle that check for inittest at that specific
location not on the default location...
same question is for the passowrd file....i mean how can we have a passowrd file with the
different then default name and how can we relocate it...
on windows its very simple...we just neet to edit registry variable but how on linux
Regards
Use ln command. Example:
ln -s $ORACLE_BASE/admin/test/pfile/inittest.ora $ORACLE_HOME/dbs/inittest.ora
1st parameter your real file
2nd symbolic link to it
The same way can be used for spfileSID.ora
Similar Messages
-
Hi, I'm traying to start up a database in sqlplus on SuSE 8.2 and Ora9.2, I have the next error:
SQL> conn / as sysdba
Connected to an idle instance.
SQL> startup pfile=/opt/ora9/admin/pavilion/pfile/initmydb.ora
ORACLE instance started.
Total System Global Area 101781824 bytes
Fixed Size 450880 bytes
Variable Size 83886080 bytes
Database Buffers 16777216 bytes
Redo Buffers 667648 bytes
ORA-01990: error opening password file '/opt/ora9/product/9.2/dbs/orapw'
ORA-27037: unable to obtain file status
Linux Error: 2: No such file or directory
Additional information: 3
My password file is /opt/ora9/product/9.2/dbs/orapwmydb
How can I use my orapwmydb file?Hi Marco,
as far as I know, you have to use the REMOTE_LOGIN_PASSWORDFILE = SHARED option in your init...ora file.
In this case you have one password file for one or more databases. It can only have the entries for SYS and INTERAL.
I'm sorry to cannot answer your question of having different password files for different databases %-)
Klaus -
Password file and sysdba grant in 10g on AIX ...
Hi,
I am very familiar with password file, orapwd ...
I installed oracle 10gR2 database on AIX, created a password file using orapwd (file name orapwdSID.ora under $ORACLE_HOME/dbs), set remote_login_passwordfile='EXCLUSIVE' in init.ora file.
1 - When I select * from v$pwfile_users; I get 0 rows !!!
2 - When I try to grant sysdba to an_user; I get ORA-01994: GRANT failed: password file missing or disabled
Cause: The operation failed either because the INIT.ORA parameter REMOTE_LOGIN_PASSWORDFILE was set to NONE or else because the password file was missing.
Action: Create the password file using the orapwd tool and set the INIT.ORA parameter REMOTE_LOGIN_PASSWORDFILE to EXCLUSIVE.
any idea.
thanks.Hi,
I do not think so that this is a solution. because setting "Shared" means that all databases uses the same password file and only one user "SYS" is in this file (sysdba privilege) ...
Not what I am looking for !
regards. -
Evening. I am totally new to security. after hours of reading about keys and de-enCryption I created this experiment class, that most is copy&paste from sun. All I need is a class that in a simple way decrypt an password file.
Am I even close to the best solution? Code below has two errors, both says "cant find symbol" when mouse over in NetBeans.
public class EnDeCrypt {
static byte[] encodedAlgParams;
public static KeyPair myKey()throws Exception{
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("PBE");
keyPairGenerator.initialize(1024);
KeyPair keyPair = keyPairGenerator.genKeyPair();
return keyPair;
public static void enCrypt() throws Exception{
try {
Cipher c = Cipher.getInstance("PBEWithMD5AndDES");
c.init(Cipher.ENCRYPT_MODE, myKey()); // *1* <---mouse over c.init says "cant find symbol"
byte[] cipherText = c.doFinal(text.getBytes());
AlgorithmParameters algParams = c.getParameters();
encodedAlgParams = algParams.getEncoded();
} catch (NoSuchAlgorithmException ex) {
Logger.getLogger(EnDeCrypt.class.getName()).log(Level.SEVERE, null, ex);
} catch (NoSuchPaddingException ex) {
Logger.getLogger(EnDeCrypt.class.getName()).log(Level.SEVERE, null, ex);
public static void deCrypt(String text) throws Exception {
AlgorithmParameters algParams;
algParams = AlgorithmParameters.getInstance("PBEWithMD5AndDES");
algParams.init(encodedAlgParams);
Cipher c = Cipher.getInstance("PBEWithMD5AndDES");
c.init(Cipher.DECRYPT_MODE, myKey, algParams);// *2*<-- mouse over myKey() says, "cant find this symbol"
{code}MagnusT76 wrote:
As i mention before this is new for me. Obviously.
I used the code below. Which simply hashes a password+salt, checks the hash against what is expected and then stores it. No 'decryption' involved.
And when I open the password file it shows alot of numbers and letters.And what makes you believe that these 'numbers and letters' in any way represent the 'decrypted' password?
>
public void storePassword(String password){
String hashed = BCrypt.hashpw(password, BCrypt.gensalt());
if (BCrypt.checkpw(password, hashed)){
FileHandler.setPasswd(hashed);
} else {
failLogin("Error saving you password");
}Stop guessing. Start reading. Expect to find that you can't 'decrypt' the hashed passwords.
Bye -
Hai,
Here i am facing one problem. I put remote_login_passwordfile = exclusive in init<sid>.ora.
It means it has to use password file.
But how come i could connect to internal with out using password.
$ svrmgrl
Oracle Server Manager Release 3.1.6.0.0 - Production
Copyright (c) 1997, 1999, Oracle Corporation. All Rights Reserved.
Oracle8i Release 8.1.6.0.0 - Production
JServer Release 8.1.6.0.0 - Production
SVRMGR> connect internal
Connected.
SVRMGR>
Even i put remote_login_passwordfile = none also i could connect internal with out using password.
What is the difference.
I read in oracle documentation that if we put remote_login_passwordfile = none it will use operating system authentication, if remote_login_passwordfile = exclusive then it will follow password file.
Please give me clear explanation please.
Waiting for reply,
Priya.
nullSetting REMOTE_LOGIN_PASSWORDFILE to NONE signifies that Oracle should ignore any password file. In such a scenario, the privileged users must be authenticated by the operating system. Setting the parameter to EXCLUSIVE signifies that the password file can be used by only one database. In your case it happens because the OS user has got the correct privileges. That is why you are able to connect as internal when this is set to None.
-
Password file locked??
Hi,
We have a reporting database on Oracle 10.2.0.4 (AIX 5.3) from which we want to create a DG physical standby.
The process fails because of a "possible" locked password file.
I have sorted things out, and it turns out that even on UNIX, when copying the file it says:
$ cp orapwREPPRD /tmp
cp: orapwREPPRD: A system call received a parameter that is not valid.Has anybody seen this behaviour. Can it be that the database holds an exclusive lock on the file, making it impossible for the OS to read/copy the file
The file's function looks OK. It gets updated if I grant 'sysdba' to a certain user.
However another database on the same server doesn't show this behaviour, so it could be the password file somehow got corrupted
The initfile says
SQL> show parameter remote_login_passwordfile
NAME TYPE VALUE
remote_login_passwordfile string EXCLUSIVE
SQL> Can I (simply) recreate the password file while the database is up and running?
Any hints are appreciated
ThanksPassword file is used when the first time connection is requested using it. So its not going to impact your current db if you are going to remove it. See here,
SQL> select * from V$version;
BANNER
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod
PL/SQL Release 10.2.0.1.0 - Production
CORE 10.2.0.1.0 Production
TNS for Linux: Version 10.2.0.1.0 - Production
NLSRTL Version 10.2.0.1.0 - Production
SQL> select status from V$instance;
STATUS
OPEN
SQL> exit
Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Production
With the Partitioning, OLAP and Data Mining options
-bash-3.00$ cd $ORACLE_HOME
-bash-3.00$ cd dbs/
-bash-3.00$ ls
hc_orcl.dat initdw.ora initorcl.ora lkPROD orapwprod spfileprod.ora
hc_prod.dat init.ora lkORCL orapworcl spfileorcl.ora
-bash-3.00$ rm orapworcl
-bash-3.00$ ls
hc_orcl.dat hc_prod.dat initdw.ora init.ora initorcl.ora lkORCL lkPROD orapwprod spfileorcl.ora spfileprod.ora
-bash-3.00$ sqlplus / as sysdba
SQL*Plus: Release 10.2.0.1.0 - Production on Thu Aug 13 15:53:11 2009
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Production
With the Partitioning, OLAP and Data Mining options
SQL> select status from V$instance;
STATUS
OPEN
SQL>
So if you are going to change the password file also, it won't impact the current db.
HTH
Aman.... -
Password file authentication confusion
Dear experts,
I am a beginner (I'll keep stating this till I gain some knowledge about Oracle). I have database on Linux server. Currently the sysdba is OS Authenticated, so I can just do
SQL> conn /as sysdba
connectedI wanted to try the password file authentication also, so I did the following:
a) changed parameter remote_login_passwordfile to EXCLUSIVE
b) created password file using: orapwd file=orapwPROD password=testDBA entries=5
c) created one user pwFileDBA
d) grant sysdba to pwFileDBA
e) checked v$pwfile_users and found entry for pwfileDBA user
USERNAME SYSDB SYSOP
SYS TRUE TRUE
PWFILEDBA TRUE TRUENow When I tried to login as:
SQL> conn pwfileDBA/testDBA as sysdba
connectedI am happy it worked :). Now I tried
SQL> conn pwfileDBA/<some junk password> as sysdba
connectedThis also worked :(
I have no clue now, if password file authentication is enabled or not. Can anyone share if I am doing something wrong? How to test this?
Thanks
oraNeel.Hi Maxim,
1. conn sys/testDBA@your_tns_alias as sysdba - this also says "insufficient privileges"
2.
-bash-3.2$ ps -ef|grep pmon
oracledb 9410 1 0 Dec13 ? 00:00:00 ora_pmon_PROD
oracledb 11415 11320 0 07:13 pts/1 00:00:00 grep pmon3. ls -la $ORACLE_HOME/dbs
-bash-3.2$ ls -la
total 14928
drwxr-x--- 2 oracledb dba 4096 Dec 13 22:27 .
drwxr-xr-x 66 oracledb dba 4096 Oct 22 11:32 ..
-rw-rw-r-- 1 oracledb dba 0 Oct 22 11:33 PROD_oradb_ifile.ora
-rw-rw---- 1 oracledb dba 1544 Oct 20 11:34 hc_PROD.dat
-rw-rw-r-- 1 oracledb dba 19028 Oct 21 14:57 initPROD_bak.ora
-rw-r--r-- 1 oracledb dba 23584 Oct 22 11:33 initPROD_noaq.ora
-rw-r--r-- 1 oracledb dba 23576 Oct 27 13:29 initPROD.ora
-rw-rw-r-- 1 oracledb dba 19028 Oct 21 14:55 initPROD.ora.21Oct
-rw-r--r-- 1 oracledb dba 12920 May 3 2001 initdw.ora
-rw-r----- 1 oracledb dba 8385 Sep 11 1998 init.ora
-rw-rw---- 1 oracledb dba 24 Oct 20 11:34 lkPROD
-rw-rw---- 1 oracledb dba 24 Oct 21 15:22 lkPROD
-rw-r----- 1 oracledb dba 2048 Dec 13 22:31 orapwPROD
-rw------- 1 oracledb dba 15122432 Dec 1 18:39 snapcf_PROD.fBest Regards,
Neel -
Password file users issue... RAC help please...
Hi guys,
i have a two node rac database installed on my laptop.. 11gr2.
in rac a database will be accessed by more than once instance correct....
here i have two instance myinst1 and myinst2.
here if we add a user in any one of the instances (say myinst1).. using that user account. the user can connect to either the myinst1 and myinst2.... correct....
say now i grant the user i just created with the SYSDBA and SYSOPER privileges.. (user created on myinst1).
now i can connect to both of the instance using the following syntax as a sysdba..
connect user/password@servicename as sysdba
now here comes the best part..
oracle states that once the user is given either the sysdba or sysoper it will be updated in the password file...
now as i have created the user in the myinst1 instance and granted the privileges there... the password file at the node myinst1 shows the details of the user in the V$PWFILE_USERS views. where as the other instance myinst2 V$PWFILE_USERS does nt have the user...
can any one tell me why is this happening... do i have to explictly grant the SYSDBA privilege on all the instances once if i want to grant a user with the sysdba or sysoper privilege...Surely there is more than this? I have always believed that the only valid configuration of a Password File in RAC is for a single file to be shared by all instances - by putting it on a shared file system or multipathed raw volume (like the database files), with a Unix symbolic link or init.ora SPFILE reference on each node. I have seen documentation that people have stored a database password file in ASM (SPFILE=+XYZ...) and even on NFS and CIFS.
SYSDBA and SYSOPER access uses the password file of course and it is effectively part of the database, and to me it seems reasonable to expect that an instance will only update the one Password File it knows aboutwhen SYSDBA/OPER access is added, removed or changed; so the consequences of having multiple copies for a single database may be expected to be bad. It was noted here that granting SYSDBA privilege on one node leads to inconsistency in that account's privileges across nodes. Maybe worse is that removing SYSDBA access from one node could leave SYSDBA access to other nodes/instances in place, in clusters where there are multiple local password files... this can be viewed as a very serious security defect, which one of our DBAs has demonstrated.
Now I have learned that Oracle's documentation does not actually give much advice about the configuration of Password Files for RAC; that while some people have done what I expected for years, some product guides suggest on the contrary that local copies should be created on each node; and even that Oracle may not support a single Password File on a shared device. Having Googled the web and scanned this forum quickly, I haven't found a resolution. I am stunned.
I am sure that, of all people, the RAC SIG will be able to advise on this authoritatively, so please do so. If it turns out that Oracle does not recommend or support the use of a single shared file (*),then I suggest there is a significant issue.
(*) Just to be clear, I am not refering to a SHARED password file, but to an EXCLUSIVE one that is on a shared storage volume accessed by every instance of the same RAC database. How Oracle behaves with a SHARED parameter setting may be another issue. -
While creating database i put remote_login_passwordfile = exclusive in init.ora.
i created the password file with user name and password.
Afer i could connect internal with out givng username and password which have been given in password file.
I don't have proper idea on this please give me idea about this.
Ganesh.G.
nullOmit the OS-User from ORA_SID_DBA group( in the User Manager) and try again to connect. it will solve your problem.
-
How to change the default password file's name and path when the database created?
how to change the default password file's name and path when the database created?
nullUsage: orapwd file=<fname> password=<password> entries=<users>
where
file - name of password file (mand),
password - password for SYS and INTERNAL (mand),
entries - maximum number of distinct DBA and OPERs (opt),
There are no spaces around the equal-to (=) character. -
How to change default location of password file ?
Hi all,
Can i change the location of my password file from default to any other user defined location ?
If yes then how ?
Thanx in advance.
DeepDad you moved here?
Can i change the location of my password file ? -
How do i find the location of Oracle password file in the HDD
we giv the location of the password file while we use the orapwd command to create one.
later if we forget the location of the password file (incase it is not at the default location) then is there a way to find it or do we just create a new password file?
secondly, for oracle to use the password file we giv the remote_login_passwordfile='EXCLUSIVE' in the parameter file. wat tells oracle the location of the exact password file??
Thanks
Arvind
Edited by: iinfi on Sep 29, 2008 12:15 AMThe default location are OS dependant.
On Unix/Linus it is under $ORACLE_HOME/dbs
On Windows, it is under %ORACLE_HOME%/database
To change the default location, nothing inside database, but :
On Unix/Linux, you have to create a symbolic link for that file to the target location
On Windows, you have to change env variable (regedit) ORA_PWFILE and ORA_SID_PWFILE
So, you have to check this setting for the real password file location.
Nicolas. -
Configuring password file in oracle 10g
Hi
Can anyone here guide me to the steps to be followed in configuring password file.
I am learning cloning using RMAN. For that purpose I need to configure password file at first.
I created the password file using orapwd utility.
and then made the required changes in tnsnames.ora and listener.ora files. Reloaded listener.
Set SQLNET.AUTHENTICATION_SERVICES = (NONE) in the sqlnet.ora file
Made the changes required in the initialization parameter file for the duplicate database instance.
Next, export ORACLE_SID= <DUPLICATE DATABASE NAME>
CREATE SPFILE FROM PFILE
STARTUP FORCE NOMOUNT;
rman TARGET sys/password@target-tnsname AUXILIARY sys/password@duplicate-tnsname
At this stage, I get the below error.
RMAN-00554 initialization of internal recovery manager package failed
RMAN- 04006 error from auxiliary database: ORA- 01031 : Insufficient privilegesuserark160 wrote:
rman TARGET sys/password@target-tnsname AUXILIARY sys/password@duplicate-tnsname
At this stage, I get the below error.
RMAN-00554 initialization of internal recovery manager package failed
RMAN- 04006 error from auxiliary database: ORA- 01031 : Insufficient privileges
Are the Auxiliary and Target databases on the same machine?
Can you also check the parameter Local_Listener for Auxiliary Database?
Regards,
Z.K. -
Hello,
1) I realized that when MBAM bitlocker encryption start both Recovery key and TPM owner password file are send to MBAM server. If we change the computername of the notebook, we can find out Recovery key from MBAM server with the KeyID as we can read it from
computer screen, but we can not find out TPM owner password file with the existing new computername information from MBAM server, so we have to know old names of all computers but it is impossible. So we have to do decryption and clearing TPM than we
can again encrypted it with its new name. is it right?
2) We will going to deploy mbam encryption to our notebooks. But sometimes when a person quit the job his notebook can given to another person or new employee and based to our procedure when a notebook will given to another user it should installed
OS again with PXE boot. I would to know will it be enough to installing with this method again with a diffrent computer name or should I firstly clear its TPM than install OS with PXE to keep TPM owner password file missing as item 1?
I hope i can explain what i mean :)
Regards,
SibelMI would suggest you to first decrypt the laptop and then follow the process:-
- Clear the TPM
- Encrypt the type.
- Check for the encryption behavior.
Cause I have found on some model that if the OS drive is encrypted, PXE boot fail on that machine even though I also did a direct PXE on an encrypted machine with clearing the TPM.
TPM ownership password is a hash file that gets generated with a set of algorithm. SO each time when you PXE boot, by clearing the TPM, the TPM hash password for the TPM will change. This has been done for security measures.
Gaurav Ranjan -
good day !
i am confused and still cannot digest the need to use a password file!
can anyone provide me with links or any explaination on why we need a password file!
i need the password file so that i can setup dataguard!
thnxYou can Oralce administration guide,
Database Administrator Authentication
http://download.oracle.com/docs/cd/B19306_01/server.102/b14231/dba.htm#i1006534
Maybe you are looking for
-
Why is my raw image became brighter on LR4..?
why is my raw image became brighter on LR4..? it was perfect on the camera lcd but after the importing the raw file to LR4 the image became overexpose... help anyone...?
-
How do I burn MP3 files to CD at a lower bitrate?
I'm a newbie to Mac and to iTunes, so pardon me if this is a frequently asked question. As a former user of Windows Media Player, I am used to being able to burn my MP3 files to CD at a lower bitrate (128) than what the MP3 files saved on my computer
-
Is there an easy way to get GPS coordinates from Maps.app in Mavericks?
My DSLR doesn't have a GPS built in, but I like to Geo-tag some of my photos. I usually just take a pic with my iPhone and then copy the geo data (GPS coordinates) and paste into the photos (in Adobe Lightroom). Unfortunately, I didn't have my phone
-
Hi I have been using PSE 5 for a long time on Windows XP with few problems. I have a new computer running Windows 7. I installed PSE 5 on the new system and it seemed to work OK. After a few months it suddenly stopped working tried the repair and re
-
LR EXTERNAL HD WORKFLOW ADVICE?
My hardware setup is pretty simple; Powerbook G4 with 2 external HDs (250G and 500G). LR application and Libraries are on laptop (so I assume all Metadata and XMP files are stored on the laptop). Due to storage space limitations on laptop, I'm planni