Using Oracle 11gR1 OID to control access to 11gR2 RAC database ?
I have a two 11gR2 RAC Node database that I would like to implement Oracle 11gR1 OID to manage all access to the RAC database.
Should I install and configure Oracle 11gR1 OID into the same RAC database to control access to the RAC database? Is this the appropriate approach?
Please share your ideas... I couldn't make it to Openword to ask this type of question.
Hi,
I think there is some confusion here. OID doesnt protect your database. All OID is doing is taking the authentication of the user and authorization (privileges) of the user to OID and out of the database. This way you can centralize the management of all user accounts in one place and not worry about it in the database. This is helpful only if you have many databases. If you have a very small number of databases and small number of user accounts, then OID is not really buying you anything. The best practices is published in the oracle docs. Just that you have to read a lot to figure it all out. Here are some info from our installation.
1. weblogic and oid application is installed on a application server
2. Repository database is a independant database (not shared with other apps) in a shared RAC cluster.
3. Replication (OID application replication) setup between a primary oid server and a secondary oid server in the DR site
4. Load balancer configured to point to the primary server and if primary server is not available, point the connection to secondary server
5. DIP configured to pull all users and groups from active directory
6. Password filter installed on all DC's to capture passwords and ship it to oid.
7. Users creation, modification,deletion, expiry, etc., is all controlled on active directory.
8. Database registered with OID for user authentication and authorization
For protecting you data, you will need to use additional security methods/products like :
1. Database vault (to prevent privileged users from operating on the data)
2. Database auditing
3. Fine-grained access control
4. table level policies
5. Fine-grained auditing (column level)
6. Audit vault (to consolidate all audit records to a central place for auditors to classify and research each audit event)
7. operational/process to enforce security.
Good luck :-).
Regards,
Shaji.
Similar Messages
-
2 way replication using Oracle 10g OID
Hi Friends,
Is it possible to have 2 way replication between Oracle E-Biz R12.1.3 and Microsoft Active Directory(windows 2008 server) at the same time using Oracle 10g OID.
Regards,
DBHi Leoncio,
Thanks and the requirement is :
1) user will be cretaed in Oracle e-biz R12.1.3 HRMS application and it should be replicated to Microsoft Active Directory (windows 2008 server)
2)E-mail address will be cretaed in Microsoft Active Directory (windows 2008 server) against an existing user and it shoule be replicated/updated in Oracle e-biz application User
Regards,
DB -
Uninstall Oracle 11gr2 RAC database in grid infrastructure
Hi all,
After several attempt to install my Oracle database RAC with grid infrastructure, i want now to do a fresh installation as i have attempted 3 times and now i have all the procedure on installing the database and RAC.
Actually i have installed it correctly but now i want to cleanup my server and remove all oracle installation directory and do a fresh installation.
My question is what is the procedure to uninstall an Oracle RAC database and Clusterware with grid infrastucture and cleanup oracle base installation.
The architecture is:
GRID and clusterware: Oracle grid 11gR2
Database: Oracle database 11gR2
Database and grid storage: ASM
OS: linux centos 6
Thank you.
Raluce.The deinstallation of Oracle GI could be not so easy thing to do, because it contains many components one should be aware of. The proper deinstall is important because it will safe you from many issues with next install on these servers
In general we need to be sure that:
1. all sowftware stopped properly
2. removed from oraInventory
3. binaries removed
4. /etc/oracle cleared
5. ocr and votes cleared using dd
6. /etc/oratab updated
7. .profile updated
8. init.d files in /etc/ cleard
Usually its recommended to use deconfigure scripts, if they fails for some reason, the manual procedure should be followed.
How to Deconfigure/Reconfigure(Rebuild OCR) or Deinstall Grid Infrastructure [ID 1377349.1]
How to Deinstall Oracle Clusterware Home Manually [ID 1364419.1]
As general recommendation its good idea to save your crs configuration for future reference.
Regards
Ed Rudans
http://erudans.blogspot.com -
Error on Oracle 11gR2 RAC database Post upgrade step
[Upgrade the Oracle Clusterware Configuration|http://docs.oracle.com/cd/E11882_01/server.112/e23633/afterup.htm] Problem Description:
O.S Version: HP-UX B.11.31 U ia64
It is upgrading of Oracle RAC 2 node database from 11.1.0.7.0 to 11.2.0.3.0
I receive following error while perfoming the post upgrade step
indba1 racdb> srvctl upgrade database -d racdb -o /app/oracle/product/11.2.0.3/db
PRCD-1231 : Failed to upgrade configuration of database racdb to version 11.2.0.3.0 in new Oracle home /app/oracle/product/11.2.0.3/db
PRKC-1136 : Unable to find version for database with name racdb
Actually I am performing the step "Upgrade the Oracle Clusterware Configuration" whill getting the error.
When I tried on below;
indba1 racdbp> srvctl upgrade database -d racdb -o /app/oracle/product/11.2.0.3/db
PRCD-1231 : Failed to upgrade configuration of database racdb to version 11.2.0.3.0 in new Oracle home /app/oracle/product/11.2.0.3/db
PRKC-1136 : Unable to find version for database with name racdbOutput from Oracle 11.1.0.7 Home:
oracle@indba1:/app/oracle/product/11g/db_1 $ srvctl config database -d racdb
PRKR-1001 : cluster database racdb does not exist
PRKO-2005 : Application error: Failure in getting Cluster Database Configuration for: racdb
Output from Oracle 11.2.0.3 Home:
oracle@usfsdba1:/app/oracle/product/11.2.0.3/db $ srvctl config database -d racdb
PRKR-1001 : cluster database racdb does not exist
PRKO-2005 : Application error: Failure in getting Cluster Database Configuration for: racdb -
Using Oracle 8i client, can I access oracle server with version 10g ?
Hi ,
I am a developer working with C++ and Oracle. In Oracle particularly I am new.
I have some basic Question related to oracle.
1. With Oracle 8i client Can I connect to Oracle server with version 10g?
2. With Oracle 8i client Can I connect to Oracle server with version 9i?
3. With Oracle 9i client Can I connect to Oracle server with version 10g?
4. With Oracle 10g client Can I connect to Oracle server with version 8i?
5. With Oracle 10g client Can I connect to Oracle server with version 9i?
6. With Oracle 9i client Can I connect to Oracle server with version 8i?
These are basic yes/no type question.
Thanks & Reagards
Ravi BhushanAll answers on Metalink Note:207303.1 - Client / Server / Interoperability Support Between Different Oracle Versions
-
Using Oracle Developer Suite 10g with the 10g Express Edition Database
I'm new to Oracle and I'm taking an SQL college level course using a text book entitled "Guide to Oracle 10g". Our text book came with Oracle Developer Suite 10g (9.0.4.0.1) but no database. We adopted the 10g Express Edition (XE) as the database. I have both the database and the Developer Suite loaded on Windows XP Pro. I've been using the database for months now and it runs fine and the Developer Suite installed OK.
However, I would like to use some of the Developer Suite apps (for learning purposes) with the database but I can't seem to log on to the database through the Developer apps when I open them and use my 10g XE database user-name and password. For starters, I would like to see if I could use the edition of SQLPlus (release 9.0.1.4.0) that comes with the Developer Suite because it has configuration options that are not available in the SQLPlus command line version that 10g XE contains (which otherwise works fine).
When I open SQLPlus (Developer Suite Version) and try to log on with my database user name and password (and no host string), I get the error:
ORA-12560: TNS:protocol adapter error
I did search the discussion forum first and also reviewed some Oracle pdf's including the concepts pdf but came up empty. I would greatly appreciate any suggestions on how to succeed or a determination of the compatibility of 10g XE with the Developer Suite. Thanks kindly.I think your last idea might be helpful at this point and in case it matters, they are both installed on a sinlge machine (laptop). Thanks in advance:
Here is the Developer Suite tnsnames.ora:
# TNSNAMES.ORA Network Configuration File: C:\DevSuiteHome\network\admin\tnsnames.ora
# Generated by Oracle configuration tools.
EXTPROC_CONNECTION_DATA =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = HOSTNAME)(PORT = 1521))
(CONNECT_DATA =
(SID = PLSExtProc)
Here is the 10G XE tnsnames.ora:
XE =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = obw)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = XE)
EXTPROC_CONNECTION_DATA =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1))
(CONNECT_DATA =
(SID = PLSExtProc)
(PRESENTATION = RO)
ORACLR_CONNECTION_DATA =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1))
(CONNECT_DATA =
(SID = CLRExtProc)
(PRESENTATION = RO)
) -
Oracle 11gR2 rac database upgrade
Hi,
I need to upgrade Oracle 11.2.0.3 rac db (TB) to 11.2.0.4 in unix environment
database is 2 node rac with asm file structure. oracle home is shared by multiple databases.
Could anyone guide for best approach to proceed with this upgrade?
What changes are need to done in existing 11g cluster home and asm structure for this successful upgrade?
ThanksHi,
For Grid Upgrade you find complete details at - Things to Consider Before Upgrading to 11.2.0.3/11.2.0.4 Grid Infrastructure/ASM (Doc ID 1363369.1)
For DB Upgrade following note can help. You need to select the option 3 for RAC DB.
Troubleshooting Assistant: Oracle Database/Client Upgrade - Downgrade (Doc ID 1561791.2)
HTH,
Pradeep -
Oracle 10g excpress edition (control file)
Dear friends,
I am using oracle 10g excpress edition. control file curruption occued several time.
But i could recover those times. Because i keep reguler backup. can you explane me why this happen several time.
Regrds
upul Indika.
Message was edited by:
Upul IndikaHi,
>>can i create a nother control file.
Yes you can.
1 - alter system set control_files = 'path controlfile 1', 'path controlfile 2' SCOPE=SPFILE;
2 - shutdown immediate
3 - copy the controlfiles to desired locations
4 - startup the database.
Cheers -
Using Oracle Portal in a Laptop
I have a stand-alone portal installation in my laptop. I would like to take the laptop elsewhere to demonstrate a portal I've created, but when I turn off the connection to the Internet I can't connect to the portal. Does anyone know a work around this problem?
I am using Oracle 8i (8.1.7.1.1) Enterprise Edition Database, Oracle 9iAS Portal (1.0.2.2.0) and Oracle 8i (8.1.7.1.1) Patch with Microsoft Internet Explorer as the web interface and Microsoft Windows 2000 operating system.Don't crosspost!!
-
Can I use Oracle Clusterware 11 against 10.2.0.4 databases?
Implementing a 2 node RAC system on Linux RHEL 5, with version 10.2.0.4 databases. I read a fleeting post mentioning that you can use Oracle Clusterware version 11 against a 10R2 databases - is that the case? I've searched but can find no additional information regarding this, so if anyone can provide additional links or info, I would be most appreciative -
-kpwHi,
Implementing a 2 node RAC system on Linux RHEL 5, with version 10.2.0.4 databases. I read a fleeting post > mentioning that you can use Oracle Clusterware version 11 against a 10R2 databases - is that the case? Yes,
You can use the 11g clusteware to manage 10g and 11g RAC databases.
I've searched but can find no additional information regarding this, so if anyone can provide additional links or info, I would be most appreciative -
Take a look here [Understanding Compatibility in Oracle RAC Environments|http://download.oracle.com/docs/cd/E11882_01/rac.112/e10718/admin.htm#RACAD803], here [Oracle Clusterware Version Compatibility|http://download.oracle.com/docs/cd/E11882_01/rac.112/e10717/intro.htm#CWADD1118] and also in metalink note 337737.1 (Oracle Clusterware - ASM - Database Version Compatibility)
Hope it helps,
Cerreia
Edited by: Cerreia on 27/10/2009 20:38 -
How to make new database connection using Oracle BI Interactive Dashboards
Hi,
I install Oracle BI Intelligence on my system.
I am using Oracle BI Interactive Dashboard. Here we have default database connection.
but now i want to use it for my own database. Can any body give me guideline how to
make a new data base connection using this s/w or how to connect to my database so
that i can make my own reports.
I am using
http://www.oracle.com/technology/obe/obe_bi/bi_ee_1013/saw/saw.html
this link.
i make odbc connection which is fine.
but
Restoring the Business Intelligence Presentation Catalog and Updating Metadata
The third point blow above heading is not clear.
ThanksUmesh - in order to build Answers and Dashboard content you must first setup a Physical model, then a Business model, followed by a Presentation Catalog/Subject Area.
All these tasks are carried out using the Repository Administration Utility.
1) Import your physical tables using OCI/ODBC into the physical layer.
2) Build your model
3) Deploy
Then you're ready to start building answers/dashboards.
Good Luck. -
Why use oracle instead of Ms Access
can any body give me some summerised information what are main benfits of using oracle instead of Access.
Hi,
can go through this discussion:
http://expertanswercenter.techtarget.com/eac/knowledgebaseAnswer/0,295199,sid63_gci976666,00.html
Why sould I select Oracle over MS Access? QUESTION POSED ON: 05 JUL 2001
QUESTION ANSWERED BY: Brian Peasland
Oracle, MS Access, and any other vendor's database package all have their advantages and disadvantages. Selecting one over another is really a case of weighing the advantages and disadvantages for your specific case. I'll give a brief description of the strengths and weaknesses of each of these two packages and then you can decide!
MS Access - This package is very cheap (it is part of Office Professional) and very easy to use. Most of the work in Access is done through wizards and GUI tools. One can quickly develop a small, single user database with this one. MS Access is not very good for a multi-user application. It is not very robust and does not have good multi-user transactional control. In addition, Access cannot handle large amounts of data. All of the data in the database is stored in a single file and that has its limitations.
Oracle - This package is not cheap at all. It is very complex and it can be difficult to administer. But its complexity makes it very robust. There is almost nothing that you cannot do in Oracle (unlike Access). Oracle is specifically designed for multi-user applications. In fact, thousands of users can access the same data without any problems due to Oracle's very good transactional control. But applications are not developed nearly as quickly. Oracle can also handle large amounts of data. In fact, Oracle 8i can handle up to 512 petabytes of data!
In the end, Oracle is a true Database Management System (DBMS) and Access is not. This does not mean that Access does not have its place. If I'm designing a quick database that only I'll use, I would do it in Access over Oracle. If I'm designing a robust, scalable application used throughout my enterprise with many users, then Oracle is my choice!
Thanks
--Raman -
How can i use the ACL file to control the access from the other website?
Hello all~
My Sun one is 6.1 sp3 on Windows 2003 SE, and I am try to use the ACL file to control the access.
My ACL file is below:
version 3.0;
acl "path=my_path_on_HD";
deny absolute (all)
(user = "anyone") and
(dns = "*.my_site.com");
deny absolute (all)
(user = "anyone") and
(dns = "*.other_site.net");
Once I add the "deny", anyone include my site is decline for vist the path specify in the ACL file. But if remove the "deny", everyone include other one's website can access the file.
Can anybody tell me how to make it work?I think you've misunderstood what the dns attribute is for. The dns attribute returns the hostname of the client accessing your website, not the hostname of the website that linked to your website.
For example, when someone using the Comcast ISP goes to a malicious website at example.com that loads images from your website at www.amigoo.net, the dns attribute will be something like "c-1-2-3-4.ca.comcast.net", not "example.com". ACLs are used for authentication and authorization of clients (not the websites those clients chose to visit), and they don't provide the functionality you're looking for.
If I understand correctly, you want to prevent websites other than amigoo.net from linking to files in your d:/webserver/imat/pics_upload directory. You can achieve this adding the following lines to your obj.conf configuration file:
<Object ppath="d:/webserver/imat/pics_upload/*">
<Client referer="*~*amigoo.net">
PathCheck fn="deny-existence"
</Client>
</Object> -
How to use Oracle SQL Developer 4.0 to connect to Ms Access file with .accdb extension
Hi all,
I am using Oracle SQL Developer 4.0 and Ms Access 2013 under Windows 7 (64 bits)
After browsing and selecting MS Access file with accdb extention, I got an error message :[Microsoft] " Data source name not found and no default driver specified".
On Administravitve Tools=> ODBC Data Source Administrator=>Drivers I have File date
Name : Version
Microsoft Acess Driver (*.mdb, *accdb) 12.00.4518.1014 ACEODBC.DLL 26/10/2006
Would you please advise?
Thank you very much in advanceThat MS Access driver is 64-bit, I think. If SQL Developer, or JDK is 32-bit you need to use the 32-bit driver. You can see if you have a 32-bit driver installed using c:\windows\system32\odbcadm32.exe
-
Oracle BI Publisher - can not access Shared Folder , using Oracle BI Server
Hi there,
We have an installed OBIEE and BIP (BI Publisher) system which is the security setting of BIP using "Oracle BI Server".
Our OBIEE security is using the combination of LDAP (authentication) and Relational Table (for grouping user privillege)
The integration connection between OBIEE and BIP is successfull, and I can connect using Administrator to the BIP
But when I assign a general user using group : XMLP_Admin (define in rpd file and relational table), the user can log in to BIP, but can NOT access the Shared Folder.
the error desc : "Error 500: SRVE0199E: OutputStream already obtained"
Anyone can help ?
Thanks a lot
-toniDid you define Roles and Permissions to the shared folder from BIP Admin?
-Prakash
Maybe you are looking for
-
NAT migration on 8.2.4 to 9.1.2
Hi, I have new ASA 5545-X firewall with 9.1.2 software (default) and I want to replace old 5540 with current configuration on version 8.2.4 I copied the current asa 5540 config (old ver) to new asa 5545-x and start with the current configuration (cop
-
Keynote hyperlinks don't work after exporting to html
I'm working with Keynote in iWorks '08 on an iMac running OS 10.5.2. My hyperlinks (graphic and text) work perfectly running Keynote as a slide presentation, but not when I export it to an html format. What am I doing wrong here? Thanks for any help
-
How to create table from method
Hello - Could anyone please tell me how can I create af:table with more than one column from an AppsModule method. When I have a 1d array return eg: public String[] createTable(){ String[] str = new String[1]; return str; I can drop it as a table and
-
Itunes 11.1.2 not able to see my iPhone or iPad 4
I just plug my Iphone and my Ipad 4 generation and the dont show on itune 11.1.2 Thank
-
When i am trying to update my ipodi its says there was a error then right by it it says (-43) zo what should i do?