Windows :: Detecting Full DOMAINNAME USERNAME For Connected User?
Oct 20, 2010
If I'm looking on v$session - values in osuser column for some machines displayed with DOMAINNAME, and for other - without.Even same user (MYDOMAINADMINISTRATOR) from 2 different machines displayed in 2 different ways:
MYDOMAINAdministrator from machine A, and administrator from machine B.Both machines are belongs to same windows domain.
What make the difference?And can I somehow to affect this behaviour? I mean, can I define that all users will be displayed as DOMAINNAMEUSERNAME or MACHINENAMEUSERNAME(in case of no domain exists)?
If I'm looking on v$session - values in osuser column for some machines displayed with DOMAINNAME, and for other - without. Even same user (MYDOMAIN\ADMINISTRATOR) from 2 different machines displayed in 2 different ways on the same db:
MYDOMAIN\Administrator from machine A, and administrator from machine B.
Both machines are belongs to same windows domain. DB (oracle 10g) have no "DOMAIN" defined.
What make the difference? And can I somehow to affect this behaviour? I mean, can I define that all users will be displayed as DOMAINNAME\USERNAME or MACHINENAME\USERNAME(in case of no domain exists)?
I know how to use database links in various forms, but I've been trying to think through how the authentication works for a connected user link in 11g. If I create the link like this,
create public database link using 'orcl';
then any user can use the link, provided they have an identical username/password in the two databases. With pre-11g passwords, it was understandable: the password was salted with the username, so the hash of the password would be the same in both databases, and I assumed that the logon through the link used some sort of IDENTIFIED BY VALUES mechanism. But in 11g, the salt will different in the two databases. So the hash will be different. And of course Oracle never stores the actual password. So I don't see how the authentication works.
I know how to use database links in various forms, but I've been trying to think through how the authentication works for a connected user link in 11g. If I create the link like this,create public database link using 'orcl';then any user can use the link, provided they have an identical username/password in the two databases. With pre-11g passwords, it was understandable: the password was salted with the username, so the hash of the password would be the same in both databases, and I assumed that the logon through the link used some sort of IDENTIFIED BY VALUES mechanism. But in 11g, the salt will different in the two databases. So the hash will be different. And of course Oracle never stores the actual password. So I don't see how the authentication works.
We are trying to implement the following security to our database.
As of now, the access rights are same for all the windows users logging into the Oracle application with the same Oracle user Id.
But now, we want to improve our security by granting different levels of rights to the users based on their Network Id even though they use the same Oracle User Id to log into the application.
We are not looking for the users to be identified externally.
(CREATE USER "OPS$ORACLE-BASE.COMTIM_HALL" IDENTIFIED EXTERNALLY; GRANT CONNECT TO "OPS$ORACLE-BASE.COMTIM_HALL"; )
i have been trying to create a user with full access on default Tablespace so that i can access all the objects without any restrictions for the new user.
I am not sure if the problem is related to hidden characters but its my best guess so far. I am trying to enhance a part of the ERD by creating a lookup for a column one of the table that uses text (finite set of values).
CREATE TABLE N_AGREEMENT_STATUS ( STATUS_ID NUMBER(2) PRIMARY KEY, STATUS_NAME VARCHAR2(10 BYTE) ); INSERT ALL INTO N_AGREEMENT_STATUS VALUES (1, 'INACTIVE') INTO N_AGREEMENT_STATUS VALUES (2, 'ACTIVE') INTO N_AGREEMENT_STATUS VALUES (3, 'CLOSED') INTO N_AGREEMENT_STATUS VALUES (4, 'CANCELLED') SELECT * FROM DUAL;
when I try to update the source table no update takes place (0 records updated) if I used the following statement:
ALTER TABLE N_AGREEMENT ADD STATUS_ID NUMBER(2); UPDATE N_AGREEMENT SET STATUS_ID = ( SELECT STATUS_ID FROM N_AGREEMENT_STATUS WHERE N_AGREEMENT.STATUS = STATUS_NAME );
but it works fine only if I used:
UPDATE N_AGREEMENT SET STATUS_ID = ( SELECT STATUS_ID FROM N_AGREEMENT_STATUS WHERE N_AGREEMENT.STATUS LIKE STATUS_NAME || '%' );
The strange thing is that when I use:
SELECT N_AGREEMENT.STATUS, N_AGREEMENT.STATUS_ID FROM N_AGREEMENT WHERE N_AGREEMENT.STATUS = 'ACTIVE';
it returns correct results and all status = 'ACTIVE' appear correctly!
I have a form that i need to be able to detect when a field is has been updated. I will then do the appropriate update to the table.
I can't use the standard oracle forms data block for handling updates because my data selection is controlled by me via the when-new-block-instance.
The problem is when i select a value from an LOV and place the new data in the field. I don't know how to detect if the field is updated or not. I am currently using a loop to cycle through all the records, I have an if/else in the key_commit trigger that basically determines if there is an update or insert to be done to the table. The problem is that it seems if i select a value for one record that record goes through the INSERT procedure, (which is correct), but all the other records(not touched/changed) are going through the UPDATE procedure.
Is there a way in forms to check the status of a field? I know of system.form_status but that does not work for me.
which of the following views on the physical standby will us correct information on synchronization with Primary database?
For example, when I checked v$archived_gap it did not return any rows but the max(applied_seq#) on v$archive_dest_status was lagging far behind from the max(sequence#) on Primary database
select max(applied_seq#) from v$archive_dest_status where dest_id=2; select max(sequence#) from v$archived_log where applied='YES'; select * from v$archive_gap;
Is there a way to have separate wallets for each windows user? Well, I have found a way, but does not seem to work always properly and that is with %USERNAME% environment variable.
This is how our customer want's to have - so separate wallet for each windows user, how to accomplish this without using %USERNAME%?
We have almost 400 production two-node RAC clusters in the environment I manage - all these sites have databases where the database name is exactly the same, so using Grid Control right now isn't in the cards (and yes - I am working on assigning them all a unique name ). We want to use IBM's BIGFIX to deploy patch 32 on top of 10.2.0.3 for Windows Itanium. BigFix runs as a user different from that used to install the Oracle software originally. There is nothing in the patch notes to suggest that you must use a certain Windows user to install the patch - so the question is, does it matter what Windows User I use as long as they are an 'Administrator' equivalent?
how do you perform mass updates/patches in your Windows server environments? I am looking for examples outside of Grid Control - which I know would work if only my predecessor didn't name these databases the same .
From Windows, I can successfully create and connect with a system data source using an user Oracle account.But when doing then same configuration process I can not create or connect using the 'SYS' account.
i get the error 'ORA-2009: connection as SYS should be as SYSDBA or SYSOPER'.
What is the solution to creating an ODBC DSN for the user 'SYS'?
When a user is renamed in Active Directory, they can no longer connect to the Oracle DB thru OS authentication. There is no OID/DIP integration.
sqlnet.ora SQLNET.AUTHENTICATION_SERVICES = (NTS) NAMES.DIRECTORY_PATH= (TNSNAMES, HOSTNAME) NAMES.DEFAULT_DOMAIN = cal.com.br create user "CALRENATOH" IDENTIFIED EXTERNALLY GRANT CREATE SESSION TO "CALRENATOH" AD User CALRENATOH can connect to DB as 'sqlplus /'
But after renaming AD User CALRENATOH to CALRENATOH1 and dropping DB user CALRENATOH and creating DB user CALRENATOH1 drop user "CALRENATOH"; create user "CALRENATOH1" IDENTIFIED EXTERNALLY;
Now OS authentication 'sqlplus /' fails 'ORA-01017: invalid username/password; logon denied'..Once I recreate the DB user with old AD user name 'CALRENATOH', OS authentication succeeds. create user "CALRENATOH" IDENTIFIED EXTERNALLY;
C:Windowssystem32>set username USERNAME=RENATOH1 C:Windowssystem32>sqlplus /@rmlab001 SQL*Plus: Release 11.1.0.6.0 - Production on Tue Jul 3 15:16:46 2012 Copyright (c) 1982, 2007, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - 64bit Production With the Partitioning and OLAP options
Why the Database is still looking for old AD user name? Does Oracle cache information about OS authenticated users?
I am using Oracle 10g on Fedora Linux and trying to learn a bit of pl/sql. Here is the piece of code that I today tried to run in the SQL Plus window but it back with an error message saying SP2-0640 Not connected.
set serveroutput on declare x number; begin x :=7777; dbms_output.put_line('x= '); dbms_output.put_line(x); end;
We have 11.2.0.3 RAC on Oracle Virtual Box,OEL 5.8. Storage is ASM on EMC SAN.Even when the database is not connected to application and thus open but idle and none is working on it, and all other virtual machines are powered off, we are still getting a continuous i/o in SAN.Since I am new to RAC setup I need to know the few things...
1.Is it normal behaviour? 2.If yes, what is the reason of this i/o? Is it due to continuous ping on voting disk?..write in OCR? automatic backup of OCR?
Attached File(s) SAN_I0_Issue.png ( 65.33K ) Number of downloads: 2
Through RMAN i have to connect to two databases having same name but the databases are at two different nodes.Can RMAN recognise the 2 databases.If yes how? I want to know the command.
Is there any way to tell what processes/sessions were connected to a DB after I get an ORA 20error. As you can see from the query results below, I did hit the max value of processes but I would like to know when it happen and who was connected.
I realize I can up the value, but before I do that I want to see what caused this to happen.
SQL> select * from v$resource_limit where resource_name in ('sessions', 'processes'); RESOURCE_NAME CURRENT_UTILIZATION MAX_UTILIZATION INITIAL_AL LIMIT_VALU ---------- processes 221 1000 1000 1000 sessions 223 1020 1105 1105
My Oracle DB is working properly till yesterday. When i tried connecting to it today using scott/tiger@orcl its not accepting.So i entered as system/system..it connected
when i tried to select instance_name from v$instance; it is giving me error
I want to drop some users in Oracle DB using sqlplus but I am getting error:
SQL> DROP USER test CASCADE; DROP USER test CASCADE * ERROR at line 1: ORA-01940: cannot drop a user that is currently connected.But when I ran below command to know sessions connected I am not getting any results:
SQL> select sid,serial# from v$session where username = 'test';
1.In 2 node rac while adding datafile to tablespace if you forget to mention '+'then what will happen whether it is going to be create or it throws an error if it creates where exactly located and other node users how to work on that tablespace .what all steps to perform that datafile is useful for all node users.
2. In Rac environment how to check how many sessions connected to particular node.
3)In Rac any node is evicted due to network failure then after we rebuild the network .Is there any steps to do manually to access the failure node after rebuilding the network or it will automatically available in cluster group which service is perform this activity.
4.While configuring cluster ware you choose voting disk and ocr disk location and which redundancy you will choose suppose if you go for normal redundancy how many disks you can select for each file either one or two?
I first started database, then gone to option Run SQL command line. After that while creating table it is showing error like "SP2-0640: Not connected."
I have a data base for the bank application development. So there might be more than one sessions of the application running on the data base as well as there might be more than one data base sessions being connected from the dbas.
There is refresh procedure to refresh the data base from the baseload scripts ,So for that first we need to disconnect the users (Kill the sessions) and then drop the users then recreate the users and populate the users with the base load data.
I have prepared the killing and dropping user script in the following manner, Most of the times it is working fine and killing the users but some times it is not able to kill the drop the users it is erroring out with the error that can not dorp the users as there are active sessions running ,
set termout on set echo on spool Kill_sessions_drop_users.log DECLARE v_alt_stmt VARCHAR2(1000) := 'ALTER SYSTEM DISCONNECT SESSION '''; v_kill_stmt VARCHAR2(1000); [code].......
--This will kill all the sessions except the current session
CURSOR cur_usr_dtls IS SELECT username FROM all_users WHERE username IN ('ACTIVITI','TP','TPCORR','TPTUX','TPVIEW'); v_dr_stmt VARCHAR2(1000); BEGIN EXECUTE IMMEDIATE 'ALTER SYSTEM ENABLE RESTRICTED SESSION'; DBMS_OUTPUT.PUT_LINE('The database has been put in the restricted mode'); FOR v_cur_ssn IN cur_session [code]........
--Here we are making the processor to wait for 60 mins so that that the killing will happen at the OS label
DBMS_LOCK.SLEEP(60); FOR v_cur_usr_dtls IN cur_usr_dtls LOOP v_dr_stmt :='DROP USER '||v_cur_usr_dtls.username ||' CASCADE'; BEGIN EXECUTE IMMEDIATE v_dr_stmt; [code]........
I am facing difficulty in connecting Oracle 10g client to Oracle 10g database. Both the machines are in windows xp with service pack-2. The following observations are made in server machine
1. The loopback test of the server is successful. 2. One net service name created in the server end. 3. Database connection is successful with above service name. 4. tnsping <server ip address> is successful
# This file is actually generated by netca. But if customers choose to # install "Software Only", this file wont exist and without the native # authentication, they will not be able to connect to the database on NT.
# This file is actually generated by netca. But if customers choose to # install "Software Only", this file wont exist and without the native # authentication, they will not be able to connect to the database on NT.
I'm a beginner in the PRO*C and I have this issue/I have to maintain a multithreaded C++ PRO*C application and has the following structure
1) Application runs waiting for requirements 2) When detects a requirement it creates a Thread to work 3) The thread connects to Oracle with a EXEC SQL CONNECT :uid IDENTIFIED BY :pwd; instruction 4) Calls some anonymous calls to execute a stored procedure
EXEC SQL EXECUTE BEGIN commit; :Status:=stored_procedure(:param1, :param2); commit; END; END-EXEC;
5) If anything went wrong then issues a EXEC SQL ROLLBACK WORK RELEASE; then reconnects and the thread die 6) If everything was OK then the thread dies, but never called a EXEC SQL COMMIT WORK RELEASE; to disconnect from Oracle
I don't know why never the application disconnects from Oracle, maybe is for performance. Sometimes the application crashes and I believe that maybe the error is for never freeing the connections, the PROC compile line is this
Which is the way to implement the connections?, connect and disconnect when done? or just keep the connection alive? Which way has better performance, connect and disconnect or just keep the opened connection?
I need to get a way to find, The client fired the SQL Query is still connected to the database or not. For e.g.
I fire an SQL query using SQL Developer, Query approximately takes 5 mins to complete. As soon as I fire the query SQL devloper hangs and I close it using task manager.
Is there any way I can identify such session where SQL developer fired the query is terminated but the query fired is still running.
I have to identify such Orphan session and terminate it.
