I successfully created a Oracle Wallet in AIX. The wallet is belong to user "oracle" and permission is 755. I can access it with non-oracle user. Note: the non-oracle user is under the same group as "oracle" id.
But when I try to change the Oracle Waller permission to less than 755, I am not able to access it anymore. The error is "ORA-12578: TNS:wallet open failed".
My question is how can I access the Oracle Wallet without using 755 permission?
I want to create a wallet on RAC setup.I have two node setup.I have created the wallet directory under shared folder /u01/oradata/$ORACLE_SID/wallet
I am Unable to open wallet.I tried this using the below command
SQL> alter system set encryption key identified by "aryabhat"; alter system set encryption key identified by "aryabhat" * ERROR at line 1: ORA-28353: failed to open wallet
My database is 11.1.0.7 and 11.2.0.3 with TDE tablespace encryption, ASM db storage. The wallet needs to be opened for MRP to work in physical standby database. I already have the solution for the primary instances to automate wallet open (e.g. using startup trigger for 11.1.0.7). However, I cannot find solution to automate wallet open operation in standby instances (to issue ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY ""').
Manual operation everytime standby instance is started is not feasible.
If i have Oracle Wallet installed for a Oracle 10.2 Client, i am able to connect to the database. But , while generations a report , when my oracle report server tries to connect to the DB using Oracle Wallet
(i.e. sqlplus /@<dbname> ) , I am not able to establish a connection.
I'm reviewing the method of setting up transparent data encryption (TDE) and the role Oracle Wallet plays in that process. One statement that caught my attention was this statement in the documentation:
Quote:You can also choose to create a local auto login wallet. Local auto login wallets cannot be moved to another computer. They must be used on the host on which they are created." URL....
Why an auto-login wallet can't be moved to another computer? For example, if my Oracle database server goes down and I'm in a recovery situation, would an autologin Oracle wallet file restored from tape not work?
I have TDE enable in system. Now i want to remove wallet from the server and keep another secure place so that it can't be put in wrong hand. Is there any way that i can remove the wallet folder from the server while encryption and decryption on?
Is there a way to have separate wallets for each windows user? Well, I have found a way, but does not seem to work always properly and that is with %USERNAME% environment variable.
This is how our customer want's to have - so separate wallet for each windows user, how to accomplish this without using %USERNAME%?
I need few clarifications regarding oracle wallet.
db version: 11.2.0.3.2 (Enterprise Edition)
We have a requirement to run shell scripts calling stored procedures for specific activities, which are run on database server. We do not want to store passwords in shell scripts and decided to use Secure External Password Store for hiding passwords instead of os authentication method. need few clarifications on the below.
1) Currently, we are creating oracle wallet entry on db server and making modifications in sqlnet.ora file accordingly. Is it good to use like this or we should do this only on a client machine? 2) Do we need any licensing to use this option? 3) Any knows issues with using oracle wallet? 4) Can we use orapki for creating oracle wallet instead of mkstore? 5) Any knows issues we face during startup and shutdown of db activities?
5) issued command as sysdba - ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "ASHISH123";
6) restarted the database.
7) since i want to made it autologin. so I open wallet through the below mentioned path program file >>oracle_home>> integrated management tool >> wallet But when it asked the password I typed the same password but it was not accepting. So i made new wallet with the same specified path. Also I clicked on auto login.
8) Now, i have restarted the database and tried to issue the command "ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "suresh123";
While issuing the command, getting error "ora-28374 typed master key not found in wallet". "
i tried with the recreation of new folder again on the same path as -"C:appAdministratoradmin estwallet" and same entry updated on sqlnet.ora. But facing the same error.
Is there any way to re-create or modify the encryption of tablespace?
C:Documents and SettingsAdministrator>sqlplus /@db10g SQL*Plus: Release 10.2.0.4.0 - Production on Wed Apr 13 22:53:06 2011 Copyright (c) 1982, 2007, Oracle. All Rights Reserved.
ERROR: ORA-12534: TNS:operation not supported
Enter user-name:
so I Google around for the solution to the ORA-12534 error, one of the site,
[URL].......
here's my lsnrctl services
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521)) Services Summary... Service "MIKEXDB" has 1 instance(s). Instance "mike", status READY, has 1 handler(s) for this service... Handler(s): [code].....
The command completed successfully
right now I think I will be a fool to think that the solution is to resolve the ERROR: ORA-12514: TNS:listener does not currently know of service requested in connect descriptor. so what is wrong with my setup, or is it some patch that I need to apply?
ORA-00313: open failed for members of log group 21 of thread 1 Deleted Oracle managed file +DGRECO_FSCM/xxx/onlinelog/group_21.1721.791875667 Tue Aug 21 14:37:34 2012 Clearing online redo logfile 21 complete Errors in file /data01/oracle/diag/rdbms/xxx_mrp0_22843.trcAnd this in trace file *** 2012-08-21 14:35:57.192 4265 krsh.c *** 2012-08-21 14:37:26.406 4265 krsh.c Clearing online redo logfile 21 +DGRECO_FSCM/xxxx/onlinelog/group_21.1721.791875667 DDE: Problem Key 'ORA 313' was flood controlled (0x5) (no incident) ORA-00313: open failed for members of log group 21 of thread 1
I'd like to have my 11g database authenticate users against an OpenLDAP service. We'd still create accounts in the database, and do authorization within the database, but I'd just want to the user's passwords authenticated externally, against the OpenLDAP service. Is this possible? My searching through these forums and Google seems to indicate that you can do it if you run an Oracle Internet Directory (OID) service. I do not want to have to install and maintain an Oracle Internet Directory service. I'd like to do it without it.
I have a working PL/SQL function (below) that can authenticate a passed in username & password against our OpenLDAP directory. Is there any way for me to have Oracle call this function for the database user authentication? Or is there any other way for me to get the Oracle database to directly authenticate against OpenLDAP without having to run OID?
create or replace function ldap_authenticate(username varchar2, password varchar2) return boolean is begin begin if dbms_ldap.success = dbms_ldap.simple_bind_s( [code]........
I have to find all the 'failed log ins' through audit report. then it has to be uploaded to a table. The script, either in windows or unix should be reusable and can read files one by one.
When reviewing failed login attempts with this query:
SELECT username, os_username, userhost, terminal, to_char(timestamp,'dd-mon-rrrr hh:mi:ss') FROM sys.dba_audit_session WHERE returncode != 0 and trunc(timestamp) >= trunc(sysdate-1) ORDER BY 5
I find some records for a username that does not exist. In any of my databases. I presume that if an attempt to a nonexistent user was made, it would be rejected before it gets to the db. But then again, a bad password would also be rejected.
In Sybase, my application was using system tables to perform application login security. Those tables obviously don't exist in Oracle. I am looking for ways to provide the following functionality in an Oracle world:
1. How to determine 'x' days of inactivity based on "last login date"?
2. How to determine when a new user logs in for the first time and force them to change their password?
3. If we need to reset a users password, how can we require the user to change their password?
4. Is there any other option other than storing a user-id/password in the application code for locking a user's account if their account needs to be locked due to inactivity?
5. In the USER_USERS view there is a status column. What the different status's can be?
i have installed oracle 10g. but not able to start the Enterprise Manager, i am getting the error when ever i enter the url in the browser (//home:5560/ isql plus) .
SQL*Plus: Release 11.2.0.1.0 Production on Tue Sep 28 17:07:53 2010 SQL> ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "DeciPher"; ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "DeciPher" * ERROR at line 1: ORA-28374: typed master key not found in wallet
I am trying to use oracle wallet with the new odp.net managed driver, but I am getting
"invalid username/password".
As the wallet itself is ok (it works with the unmanaged client), seems to me that this new provider is not fully compatible with Oracle Wallet. Is this true? I am trying this:
I have created a wallet (11g R2 OEL 5.5) using the OWM.Tried opening the wallet (encryption_wallet_location set in sqlnet.ora). then while creating a table it said the master encryption key is not present. Have created the master key using the following command.
alter system set encryption key identified by "Password";
Here the strange thing i observed is that when we create a wallet using the OWM, it asks for the password and when i open the same wallet the master key is not created and it allows the master key to be generated with the same password that i have created the wallet in the first place with the OWM, with any other passwords it says that the wallet is not open.
After creating the wallet and creating the master key... I have the following questions, and its becoming quite hard to find the solutions as well.
1. Can we have multiple encryption keys... say i want to encrypt a table or column with one key and other with an another key. 2. How many keys can we have for objects in the table? or can we have only one key and many certificates. 3. wallet created, and encrypted tables present, the wallet is not in auto open mode, but somehow the database open after it is shutdown, here no encrypted tablespaces are present. 4. while creating an encrypted tablespace the default storage (encrypt ) has to be added to the add tablespace clause.
While installing Oracle10gR2 on zlinux machine where the OS is SLES10 SP1 I got this error
In installActions2008-07-15_04-37-15PM.log
INFO: /usr/lib64/gcc/s390x-suse-linux/4.1.2/../../../../s390x-suse-linux/bin/ld: skipping incompatible /opt/oracle/10g/lib/stubs/libdl.so when searching for -ldl /usr/lib64/gcc/s390x-suse-linux/4.1.2/../../../../s390x-suse-linux/bin/ld: skipping incompatible /opt/oracle/10g/lib/stubs/libm.so when searching for -lm
I have installed executable only (database option only) when i have installed oracle11 that time it is not asking any option for password. So is there any option to login in this type of condition?
