| Oracle® Database Vault Release Notes 10g Release 2 (10.2.0.4) for hp OpenVMS Part Number E13805-01 |
|
| PDF · Mobi · ePub |
| Oracle® Database Vault Release Notes 10g Release 2 (10.2.0.4) for hp OpenVMS Part Number E13805-01 |
|
| PDF · Mobi · ePub |
Release Notes
10g Release 2 (10.2.0.4) for hp OpenVMS
E13805-01
February 2009
These Release Notes describe issues you may encounter with Oracle Database Vault 10g Release 2 (10.2.0.4). The Oracle Database Vault installation is covered in detail in the Oracle Database Vault Installation Guide for hp OpenVMS.
This document may be updated after it is released. To check for updates to this document and to view other Oracle documentation, see the Documentation section on the Oracle Technology Network (OTN) Web site:
http://www.oracle.com/technology/documentation/
This document contains the following sections:
This section describes the known issues pertaining to installation. It also provides the workarounds that you can use.
This section contains:
Bug 5577503
The Database Vault installer fails to install Database Vault in an existing physical standby database.
You can create a new physical standby database by using the following steps:
Install Database Vault on the primary database.
Set up communications between the primary and the physical standby database. Redo logs communicate changes from the primary database to the standby database.
See Also:
Oracle Data Guard Concepts and Administration for more information on creating a physical standby databaseBug 6630191
After you install Database Vault, the database instances and listeners on the remote nodes do not start automatically. You must start these manually.
This is expected behavior. The DVCA utility configures the local node, and starts the database instance and listener processes on the local node. You need to start these processes manually on each of the remote nodes.
Bug 6658315
If you have cloned the Database Vault Oracle home and database, after you run the Database Vault Configuration Assistant (DVCA), the database contains invalid objects.
The workaround is to recompile the invalid objects, as follows:
Log in to SQL*Plus using the SYSDBA privilege.
$ SQLPLUS / AS SYSDBA
Find the number of invalid objects in the database. For example:
SQL> SELECT COUNT(*) FROM ALL_OBJECTS WHERE STATUS = 'INVALID';
COUNT(*)
----------
45
Run the utlrp.sql to recompile the invalid objects:
SQL> @ORA_ROOT:[RDBMS.ADMIN]UTLRP.SQL
The following error message may appear during installation:
Executing task LOAD_NLS_FILES load(error):java.sql.SQLException: ORA-12541: TNS:no listener
You can safely ignore this error message.
This section discusses usage issues that you may encounter with Database Vault. It also provides the workarounds for these issues.
This section contains:
Accounts with DV_OWNER, DV_ADMIN, or DV_SECANALYST Role Cannot Use the ALTER USER Command
Enabling a Realm Fails When a Realm Secured Object Is Invalid
CREATE SESSION Privilege Is Controlled by the Data Dictionary Realm
Bug 5161953
Accounts with the DV_OWNER, DV_ADMIN, or DV_SECANALYST role cannot run the following command:
ALTER USER user QUOTA UNLIMITED ON tablespace
The workaround is to REVOKE the role from the account, run the ALTER USER command, and then GRANT back the role to the account. This works if the account is not the DV_OWNER account that was created during installation. If the account is the DV_OWNER account created during installation, then you would need to use the following steps:
Disable the Database Vault command rule for the ALTER USER command.
Run the ALTER USER command.
Re-enable the Database Vault command rule for the ALTER USER command.
Bug 5582720
Enabling a realm fails with the following error:
ORA-00942: Table or view does not exist
This might happen if you try to enable a realm on an invalid object. The workaround is to make sure that all objects protected by the realm are valid, before trying to enable the realm.
Use the following steps to grant the CREATE SESSION privilege:
Temporarily disable the data dictionary realm.
Log in as the SYSTEM user.
Grant the CREATE SESSION privilege.
Enable the data dictionary realm.
The instructions in Appendix B, "Enabling and Disabling Oracle Database Vault," in Oracle Database Vault Administrator's Guide for enabling and disabling Database Vault apply to the UNIX and Microsoft Windows platforms only. However, refer to that appendix for reasons why you may need to disable Database Vault and how to check if Database Vault has been enabled.
This section explains how to disable and then re-enable Database Vault for the hp OpenVMS platform. For Oracle Real Application Clusters, perform the tasks in this section on a single node in the cluster.
This section contains:
To disable Oracle Database Vault:
Run the following commands to define the logical names ORACLE_HOME, ORA_SID, ORACLE_SID, and so on:
$ @ORAUSER sid
$ INSORACLE
Shut down the Oracle Database processes.
For single-instance installations, shut down the database instance:
$ INSORACLE $ SQLPLUS / AS SYSDBA SQL> SHUTDOWN IMMEDIATE SQL> EXIT $ REMORACLE
For Oracle Real Application Clusters (RAC) installations, shut down the database instance on each node:
$ srvctl stop database "-d" db_name
$ REMORACLE
For both single-instance and Oracle Real Application Clusters environments, copy the non-Database Vault ORACLE image to oracle.exe as follows:
$ COPY ORA_COMMON:ORACLE.EXE_NON_DV ORA_COMMON:ORACLE.EXE
Restart the Oracle database.
For single-instance installations:
$ INSORACLE $ SQLPLUS / AS SYSDBA SQL> STARTUP
For Oracle Real Application Clusters (RAC) installation, run the following commands on each node:
$ INSORACLE $ srvctl start instance "-d" db_name "-i" instance_name
Connect as SYS using the SYSDBA privilege, and then run the following ALTER TRIGGER statements:
SQL> CONNECT SYS / AS SYSDBA SQL> ALTER TRIGGER DVSYS.DV_BEFORE_DDL_TRG DISABLE; SQL> ALTER TRIGGER DVSYS.DV_AFTER_DDL_TRG DISABLE; SQL> EXIT
At this stage, Oracle Database Vault is disabled. You can perform the following types of activities:
Use the Oracle Database Vault PL/SQL packages and functions. For example, to correct a login or CONNECT rule set error, use the DBMS_MACADM PL/SQL package or the Oracle Database Vault Administrator interface.
Use the SYSTEM or SYS accounts to perform tasks such as creating or changing passwords. When Oracle Database is enabled, you cannot use these accounts to change passwords or unlock user accounts. See Oracle Database Vault Administrator's Guide for a list of privileges that are changed when you install Database Vault.
Perform the installation, upgrade, or other tasks that require security protections to be disabled. If you must run Oracle Database Configuration Assistant (DVCA), ensure that the Oracle Database listener is running, as follows
$ LSNRCTL STATUS listener_name
To start the listener:
$ LSNRCTL START listener_name
To enable Oracle Database Vault:
Log into SQL*Plus as SYS using the SYSDBA privilege, and then run the following ALTER TRIGGER statements:
$ SQLPLUS / AS SYSDBA SQL> ALTER TRIGGER DVSYS.DV_BEFORE_DDL_TRG ENABLE; SQL> ALTER TRIGGER DVSYS.DV_AFTER_DDL_TRG ENABLE;
Shut down the database instance.
For single-instance installations:
$ SQLPLUS / AS SYSDBA SQL> SHUTDOWN IMMEDIATE SQL> EXIT $ REMORACLE
For Oracle Real Application Clusters (RAC) installations:
$ srvctl stop database "-d" db_name "-i" instance_name $ REMORACLE
Copy the Database Vault ORACLE image to oracle.exe as follows:
$ COPY ORA_COMMON:ORACLE.EXE_DV ORA_COMMON:ORACLE.EXE
In SQL*Plus, start the database.
For single-instance database installations:
$ INSORACLE $ SQLPLUS / AS SYSDBA SQL> STARTUP SQL> EXIT
For Oracle Real Application Clusters (RAC) installations:
$ INSORACLE
$ srvctl start database "-d" db_name"
This section covers some of the frequently asked questions related to Database Vault installation. Oracle Database Vault installation is covered in detail in the Oracle Database Vault Installation Guide for hp OpenVMS.
How can I use Database Vault Administrator on the hp OpenVMS platform?
Oracle Database Vault Administrator is a graphical user interface for administering Oracle Database Vault. However, Database Vault Administrator is not available on the hp OpenVMS platform. It is only available in Oracle Database Release 11g Release 1 (11.1) as an installation option. If you have access to this release, you can remotely connect Database Vault Administrator to an Oracle Database Release 10g Release 2 (10.2.0.4) installation on hp OpenVMS. See Oracle Database Vault Administrator's Guide for information about making this remote connection.
If you do not have access to Oracle Database 11g, then you can use the DVSYS PL/SQL packages and the PL/SQL interfaces described in Oracle Database Vault Administrator's Guide to manage Oracle Database Vault.
I have installed Oracle Database Vault into an Oracle home that has multiple databases. How do I secure the other databases in the Oracle home?
You must run Database Vault Configuration Assistant (DVCA) manually on the other databases. Refer to Oracle Database Vault Installation Guide for hp Open VMS for detailed instructions.
I have installed Oracle Database Vault on a Real Application Clusters (RAC) database instance. How do I secure the other nodes in the cluster?
You must run DVCA manually on the other RAC nodes. Refer to Oracle Database Vault Installation Guide for hp Open VMS for detailed instructions.
This section contains miscellaneous notes not covered in the Oracle Database Vault documentation.
This section contains:
The keyword SNAPSHOT is supported in place of MATERIALIZED VIEW for backward compatibility.
The JOB_QUEUE_PROCESSES initialization parameter specifies the maximum number of processes that can be created for the execution of jobs. It specifies the number of job queue processes per instance.
This parameter must have a non-zero value. The default value for JOB_QUEUE_PROCESSES is 10.
Database Vault supports the following languages:
de: German
en: American English
es: Spanish
fr: French
it: Italian
ja: Japanese
ko: Korean
pt_BR: Brazilian Portuguese
zh_CN: Simplified Chinese
zh_TW: Traditional Chinese
Make sure that the NLS_LANG parameter in your database corresponds to one of these languages before installing Database Vault. If the language setting in the NLS_LANG parameter is not compatible, then the Database Vault Administrator (DVA) application interface cannot display properly.
Our goal is to make Oracle products, services, and supporting documentation accessible to all users, including users that are disabled. To that end, our documentation includes features that make information available to users of assistive technology. This documentation is available in HTML format, and contains markup to facilitate access by the disabled community. Accessibility standards will continue to evolve over time, and Oracle is actively engaged with other market-leading technology vendors to address technical obstacles so that our documentation can be accessible to all of our customers. For more information, visit the Oracle Accessibility Program Web site at http://www.oracle.com/accessibility/.
Accessibility of Code Examples in Documentation
Screen readers may not always correctly read the code examples in this document. The conventions for writing code require that closing braces should appear on an otherwise empty line; however, some screen readers may not always read a line of text that consists solely of a bracket or brace.
Accessibility of Links to External Web Sites in Documentation
This documentation may contain links to Web sites of other companies or organizations that Oracle does not own or control. Oracle neither evaluates nor makes any representations regarding the accessibility of these Web sites.
TTY Access to Oracle Support Services
To reach AT&T Customer Assistants, dial 711 or 1.800.855.2880. An AT&T Customer Assistant will relay information between the customer and Oracle Support Services at 1.800.223.1711. Complete instructions for using the AT&T relay services are available at http://www.consumer.att.com/relay/tty/standard2.html. After the AT&T Customer Assistant contacts Oracle Support Services, an Oracle Support Services engineer will handle technical issues and provide customer support according to the Oracle service request process.
Oracle Database Vault Release Notes 10g Release 2 (10.2.0.4) for hp OpenVMS
E13805-01
Copyright © 2009, Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.
If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
This software is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications which may create a risk of personal injury. If you use this software in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure the safe use of this software. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software in dangerous applications.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.
This software and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.
 Copyright © 2009, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|