Deny Root / Admin Access To DB?
Apr 25, 2012I am studying a way to block the access from the root(UNIX) or admin(WIN) users to the database.
Are there some way to block the access by the superusers?
I am studying a way to block the access from the root(UNIX) or admin(WIN) users to the database.
Are there some way to block the access by the superusers?
I have installed oracle 11g and configured Apex application on it. I am able to open the Admin window from my machine . URL.... and everything works fine. But when I try to open the link from other machine I get "Server not found" error.
I read the posts it says to enable Http for other servers . I dont find the way to do it .
i have an linux instance running oracle 11g as oracle OS user. i am able to connect the DB from clients.
i need to access this DB from OS root user. what should i do.
I installed and configures APEX in standalone mode about 2 weeks ago and played with it for short time. Now after 2 weeks I came back to start where I left off but APex_admin page would not come up.
I did following tasks as were found on Installed Apex on Oracle 11g. But cannot access admin screen
SQL> SELECT STATUS FROM DBA_REGISTRY
2 WHERE COMP_ID = 'APEX';
STATUS
-----------
VALID
SQL> conn sys as sysdba
Enter password:
[code]...
warning me that XDB requires username password to be sent through insecure manner (Basic authetication without a secure connection
When I invoke SOAP Web-Service using APEX_WEB_SERVICE.MAKE_REQUEST, then I'm able to get response from web-service. However all German character are replaced by JUNK data. However data is coming fine when I test web-services using SOAP UI.
I tried to invoke web-service using UTL_HTTP. However when I use UTL_HTTP, then I'm getting following error.
ORA-24247: network access denied by access control list
<li> Why German characters are replaced by Junk data while invoking web-service from APEX, while it's working fine from SOAP UI
<li> When I can access web-service successfully using APEX_WEB_SERVICE, then why it's throwing ORA-24247 error when I call using UTL_HTTP?
DB: Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
APEX: 4.0.2.00.07
Web-Server: EPG
SELECT * FROM NLS_DATABASE_PARAMETERS;
[code]...
I am having oracle database version 11.2.0.3.0 standard edition, where one of my users requirement is that he wanted to send mails from oracle database but he is getting below error
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "SYS.UTL_TCP", line 17
ORA-06512: at "SYS.UTL_TCP", line 267
ORA-06512: at "SYS.UTL_SMTP", line 161
ORA-06512: at "SYS.UTL_SMTP", line 197
ORA-06512: at "HF_REPORTING.SEND_MAIL", line 12
ORA-06512: at line 18
is it possible to send mails from oracle database in STANDARD Edition?
While Running the proc,it's raising the below error.
Error report:
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "SYS.UTL_TCP", line 17
ORA-06512: at "SYS.UTL_TCP", line 246
ORA-06512: at "SYS.UTL_SMTP", line 115
ORA-06512: at "SYS.UTL_SMTP", line 138
ORA-06512: at "LISTER_SHIFT.SOLN_GENERIC_SENDMAIL", line 33
ORA-06512: at line 1
[code]....
i want to log-in my local machine database as a system administrator , but it is giving an error:
C:Windowssystem32>sqlplus /@myprodb as sysdba
SQL*Plus: Release 11.2.0.1.0 Production on Wed Feb 6 19:18:15 2013
Copyright (c) 1982, 2010, Oracle. All rights reserved.
ERROR: ORA-01031: insufficient privileges
Enter user-name:
C:Windowssystem32>sqlplus /@myprodb as sysoper
SQL*Plus: Release 11.2.0.1.0 Production on Wed Feb 6 19:19:28 2013
Copyright (c) 1982, 2010, Oracle. All rights reserved.
ERROR: ORA-01031: insufficient privileges
Enter user-name:
but
C:Windowssystem32>sqlplus sys@myprodb as sysdba
SQL*Plus: Release 11.2.0.1.0 Production on Wed Feb 6 19:20:45 2013
Copyright (c) 1982, 2010, Oracle. All rights reserved.
Enter password:
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
and i have run cmd as administrator
Having an issue with logging into URL.... Just went through the install for APEX 4.2 for
Oracle 11.2.0.1 on Linux 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux.
Installed Apex with Embedded PL/SQL Gateway.Explicitly followed all the online instructions step-by-step, installation was success and config for EPG had no issues. Changed the ADMIN pw as instructed. Checked that EPG is running on port 8080. Ran this script to grant connect:
DECLARE ACL_PATH VARCHAR2(4000);BEGIN -- Look for the ACL currently assigned to '*' and give APEX_040200 -- the "connect" privilege if APEX_040200 does not have the privilege yet. SELECT ACL INTO ACL_PATH FROM DBA_NETWORK_ACLS WHERE HOST = '*' AND LOWER_PORT IS NULL AND UPPER_PORT IS NULL;[code]....
that lets power users to connect to everywhere',
'APEX_040200', TRUE, 'connect'); DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL('power_users.xml','*');END;/COMMIT;
When I go to log in it says "Invalid Login Credentials". I tried changing the admin pw several times but keep getting the same message.
I am trying to correct NMO NOT SETUID-ROOT (UNIX-ONLY) error. On production database (9..7). Googlng this error - it says to run root.sh as root. should this be run in /usr/local/bin. which is the default location.
I don't believe that there would be any problems - but would like some confirmation -to be safe.
I'm having issues with users logging into Oracle. I installed it on Ubuntu 12.04 running Oracle 11.2 XE. If i am root, i can run sqlplus just fine and log in. But when I use a regular user account and run sqlplus, it will just stay blank. No error messages or any feedback. I echo $ORACLE_HOME and echo $ORACLE_SID and they come back exactly as they do under the root account. My path is set up just like root has it.
It almost seems like a permission issue but even when i try sqlplus /nolog it stays blank.
[URL]
When i try to grant role to user , i get following error.
SQL>
SQL> GRANT MAINTAIN_TEO TO CEE_WIRELINE;
GRANT MAINTAIN_TEO TO CEE_WIRELINE
*
ERROR at line 1:
ORA-01932: ADMIN option not granted for role 'MAINTAIN_TEO'
SQL>
My configuration is GlassFish 4 (the same thing with Glass Fish 3.2) + win7 + Apex Listener 2.2 (the same thing with Apex Listener 2.1) + Apex 4.2.2 I get blank page when trying to connect to APEX. But after loggin into GlassFish admin page (exactly login with username+password; just open admin page is not enough) in another browser tab I get proper Apex page with all images.
View 1 Replies View RelatedI have installed oracle several times in the past. This time I installed 11gr2 first time. I created default database during install and provided an admin password. Only thing I forgot to do was did not unlock the accounts using Password management button.
When I tried to login as SYS the admin password works fine but as SYSTEM admin password does not work. Used to be able to login as SYS, SYTEM with same admin password.
Now in SQLPLUS I unlocked the account but still can not change the password.
We have 2 apex schemas
APEX_030000
APEX_040200
Before executing the apxchpwd.sql, found the "alter session command" sets schema to APEX_030000. So we changed that to APEX_040200. Then we executed the sql script. It executed fine.
But now when we try to login to apex, and pressing enter after providing the username/pwd, it raises the following exception
Error Error in PLSQL code raised during plug-in processing.
ORA-06508: PL/SQL: could not find program unit being called
We have a 2 node RAC runing on 11.2.0.2 and last night the database was totally un-responsive. when i checked the ADDM I noticed the following:
Waiting for event "cursor: pin S wait on X" in wait class "Concurrency" accounted for 98% of the database time spent in processing the SQL statement with SQL_ID "4b2epo0eaqol9".I am wondering what option do i have here? i am looking to do the following:
1) find the root cause why the database was un-responsive
2) ADDM is listing the query, what options do we have further?
I need know the impact in my oracle database 10g R2, if i change root/oracle passwords in my Oracle RAC environment, my database using ASM and the nodes is in Red Hat 4.7.
View 1 Replies View RelatedI am installing 11gr2 11.2.0.2 grid infrastructure software. while running root.sh on node1 it got failed.
Start of resource "ora.crsd" failed
CRS-2672: Attempting to start 'ora.crsd' on 'rac1'
CRS-5017: The resource action "ora.crsd start" encountered the following error:
Start action for daemon aborted
CRS-2674: Start of 'ora.crsd' on 'rac1' failed
CRS-2679: Attempting to clean 'ora.crsd' on 'rac1'
CRS-2681: Clean of 'ora.crsd' on 'rac1' succeeded
CRS-4000: Command Start failed, or completed with errors.
Clusterware exclusive mode start of Clusterware Ready Services failed at /u01/app/11.2.0/grid/crs/install/crsconfig_lib.pm line 6475.
/u01/app/11.2.0/grid/perl/bin/perl -I/u01/app/11.2.0/grid/perl/lib -I/u01/app/11.2.0/grid/crs/install /u01/app/11.2.0/grid/crs/install/rootcrs.pl execution failed
how can I suppress that su: (to orauser) root on none is filling my message.log up.
View -1 Replies View RelatedI created a script to make my admin server a windows service. I successfully made it a service but when it starts it then shuts itself down. i ran a debug and found a error. I dont get what to do. I have tried changing the variables in the script and try it over and over again .....here is my script code and here is the error i got from debug output:
script
SETLOCAL
set DOMAIN_NAME=FRClassicDomain
set USERDOMAIN_HOME=C:/Oracle/Middleware/user_projects/domains/FRClassicDomain
set SERVER_NAME=FRweblogic
[Code]....
I'm trying to connect to the Apex website using SYSTEM or SYS. What is the workspace for system?
I logged into SQL command line and created this user using this line then grant dba to it
CREATE USER USER_HP_FULL IDENTIFIED BY w ACCOUNT UNLOCK DEFAULT TABLESPACE "USERS" TEMPORARY TABLESPACE "TEMP" PROFILE "DEFAULT";
Now, I know the username and password but I don't know the workspace. I want to log into the oracle application express website.
I've installed XE and I want to know what accounts are active. If I log in to SQL*Plus as sys as SYSDBA how can I display a list of all user and admin accounts? I want to know who can log in.
View 3 Replies View Relatedduring installtion of Oracle RAC 11g r1 on Linux using VMware server, all the pre cluster installation was successful, and root.sh on node 1 was successful too, but whenever I run the root.sh script on the second node I get error message "Failure at final check of oracle CRS stack. 10"
View 5 Replies View Relateddb :oracle 9.2.0.5
os :solaris
how to find the root causes for temporary table space to grow unexpetedly and how to claim that grown space back automatically after the transaction over.
sh root.sh Running Oracle 11g root.sh script...The following environment variables are set as:
ORACLE_OWNER= oracle
ORACLE_HOME= /u01/app/11.2.0/grid
Enter the full pathname of the local bin directory: [usr/local/bin]: /usr/local/bin
The file "dbhome" already exists in /usr/local/bin. Overwrite it? (y/n)
[n]: y
Copying dbhome to /usr/local/bin ...
The file "oraenv" already exists in /usr/local/bin. Overwrite it? (y/n)
[n]: y
Copying oraenv to /usr/local/bin ...
The file "coraenv" already exists in /usr/local/bin. Overwrite it? (y/n)
[n]: y
Copying coraenv to /usr/local/bin ...
Entries will be added to the /etc/oratab file as needed by Database Configuration Assistant when a database is created Finished running generic part of root.sh script. Now product-specific root actions will be performed.
2012-12-11 17:31:03: Parsing the host name
2012-12-11 17:31:03: Checking for super user privileges
2012-12-11 17:31:03: User has super user privileges
Using configuration parameter file: /u01/app/11.2.0/grid/crs/install/crsconfig_params
Improper Oracle Clusterware configuration found on this host
Deconfigure the existing cluster configuration before starting
[code]....
CRS-4000: Command Start failed, or completed with errors.
We are unable to connect our admin account for some unknown reason. We keep receiving the following message "Invalid Login Credentials". We tried to change the admin credentials with sqlplus. We tried the usual procedure "apxchpwd" successfully, but we still cannot log in.We then tried to create a new admin2 account with the following pl/sql block.
SQL> connect APEX_030200 as sysdba
Enter password:
Connected.
[code]....
We cannot connect with either admin & admin2.
DB 10.2.0.4
After running shut abort it is giving below error while trying to connect sqlplus.
ORA-28547: connection to server failed, probable Oracle Net admin error
Im trying to install Weblogic/Forms on a Windows 7 x86 machine. Its for the developers to use.But when I run the config.bat and is creating the domain and installing Forms builder and the other stuff the installation hangs at: step restaring admin server started.
Log:
Stopping Derby Server...
Starting AdminServer
Starting the domain ...
DEBUG : Loading the 32 bit dll here
DEBUG : Loading DLL : D:/oracle/middleware/as_1/install/config/StartUtil.dll
DEBUG : Loaded DLL : D:/oracle/middleware/as_1/install/config/StartUtil.dll
I am trying to install ORACLE 11gR2 RAC on CentOS 5.5 .
when run root.sh on first node. I am gettign 2/3 failed command lines but the end went successful
=======================================================================
ohasd is starting
ADVM/ACFS is not supported on centos-release-5-5.el5.centos
...
add nodeapps -n perflabhp03 -A perflabhp03-vip/255.255.254.0/eth0 on node=perflabhp03 ... failed
...
PRCR-1001 : Resource ora.net1.network does not exist
add scan=perflab-cluster-scan ... failed,
Configure Oracle Grid Infrastructure for a Cluster ... failed
...
'UpdateNodeList' was successful.
=========================================================================
Because of this output, when see the ./crsctl stat res -t , it showing LISTENER offline for perflahp03, and I can not see any status line for "perflabhp03-vip " and "Scan-listener".
Do I need to reinstall the entire cluster setup because of VIP issue?
I am installaing oracle RAC 11.2.0.1. After I installed the grid infrastructure, when I ran root.sh, I got below errors;
ASM failed to start. Check /d1/app/grid/cfgtoollogs/asmca/asmca-1109068AM4612.log for details.
Configuration of ASM failed, see logs for details
Did not succssfully configure and start ASM
CRS-2500: Cannot stop resource 'ora.crsd' as it is not running
[Code]....