Oracle® Database Net Services Administrator's Guide 11g Release 2 (11.2) E41945-02 |
|
|
PDF · Mobi · ePub |
This chapter introduces the various administration tools of Oracle Net Services. It discusses the main administration applications, Oracle Enterprise Manager and Oracle Net Manager. It also introduces the command-line control utilities.
This chapter contains the following topics:
Oracle Net Services provides tools to help you perform configuration and administrative tasks. This section contains the following topics:
Using Oracle Enterprise Manager to Configure Oracle Net Services
Deciding When to Use Oracle Enterprise Manager and Oracle Net Manager
Using Oracle Net Configuration Assistant to Configure Network Components
Oracle Enterprise Manager enables you to configure Oracle Net Services for any Oracle home across multiple file systems. It also provides common administration functions for listeners. Oracle Enterprise Manager provides an integrated environment for configuring and managing Oracle Net Services.
You can use Oracle Enterprise Manager to configure and administer the following from multiple Oracle homes:
Listeners: Configure listeners to receive client connections.
Naming: Define connect identifiers and map them to connect descriptors to identify the network location of a service. Oracle Net Manager supports configuration of connect descriptors in local tnsnames.ora
files or a centralized directory service.
File Location: Specify the file location of the Oracle Net configuration files.
See Also:
Oracle Enterprise Manager documentation set and online Help for information about using Oracle Enterprise ManagerTo access the Net Services Administration page using Oracle Enterprise Manager:
From the Login to Database page, enter the database credentials, and then click Login.
The Database page appears.
In the General section, click the listener.
The Listener Home page appears.
In the Related Links section, click Net Services Administration.
The Net Services Administration page appears.
From the Net Services Administration page, you can administer the listeners, naming methods, preferences, and so on. The administration procedures are described in other chapters of this book.
Oracle Net Manager enables you to configure Oracle Net Services for an Oracle home on a local client or server host.
You can use Oracle Net Manager to configure the following network components:
Listeners: Create and configure listeners to receive client connections.
Naming: Define connect identifiers and map them to connect descriptors to identify the network location and identification of a service. Oracle Net Manager supports configuration of connect descriptors in local tnsnames.ora
files or a centralized directory service.
Naming Methods: Configure the ways connect identifiers are resolved to connect descriptors.
Profiles: Configure preferences for enabling and configuring Oracle Net features on the client or server.
This section introduces the features of Oracle Net Manager. However, the primary documentation for using Oracle Net Manager is online Help. It contains the following topics:
You can start Oracle Net Manager using the Oracle Enterprise Manager Console or as an independent application as follows:
To start Oracle Net Manager from the Oracle Enterprise Manager console, select Service Management from the Tools menu, and then select Oracle Net Manager.
To start Oracle Net Manager as standalone application, do the following:
On Linux, run netmgr
from the ORACLE_HOME/bin
directory.
On Microsoft Windows, select Programs from the Start menu, and then select Oracle - HOME_NAME. Next, select Configuration and Migration Tools, and then Net Manager.
The Oracle Net Manager interface includes a toolbar and various menu options, as well as property sheets for configuring network components.
The navigator pane provides a tree view of network objects and the objects they contain, organized in folder hierarchy. You can expand and contract the folders to monitor or manage objects such as connect identifiers, listeners, and profiles. Click an object to make changes to it.
Table 7-1 lists the main folders in the navigator pane.
Table 7-1 Oracle Net Manager Navigator Pane Folders
Folder | Description |
---|---|
Local |
Displays networking elements configured in local configuration files:
|
Directory |
Displays connect identifiers configured in a directory server |
The Oracle Net Manager wizards provide step-by-step guidance for tasks. The wizards simplify complex tasks by guiding you through the tasks in manageable steps. The wizards are not intended to provide all configuration options. After you have completed a task with a wizard, use other components of Oracle Net Manager to modify the configuration.
The following topics describe the Oracle Net Manager wizards:
The Net Service Name wizard guides you through creating a basic net service name in a directory server or a tnsnames.ora
file.
The following procedure describes how to start the Net Service Name wizard to create net service names:
In the navigator pane, select Directory or Local, and then select Service Naming.
Click the plus sign (+) on the toolbar, or select Create from the Edit menu.
See Also:
Oracle Net Manager online help for detailed information about using the Net Service Name wizard to create a net service nameIf a tnsnames.ora
file already exists, then its net service names can be exported to a directory server with the Directory Server Migration wizard.
The following procedure describes how to use the Directory Server Migration wizard:
Select Directory from the Command menu.
Select Export Net Service Names from the Oracle Net Manager menu.
In Oracle Database 11g, much of the functionality previously available only in Oracle Net Manager has been integrated with Oracle Enterprise Manager. Oracle Enterprise Manager provides the ability to manage configuration for multiple Oracle homes across multiple file systems. Oracle Net Manager only enables you to manage configuration for one Oracle home on a local host computer. Table 7-2 describes the key differences between the tools.
Table 7-2 Comparing Oracle Enterprise Manager and Oracle Net Manager
User Interface Tool | Features |
---|---|
Oracle Enterprise Manager |
|
Oracle Net Manager |
|
Note:
When Automatic Diagnostic Repository (ADR) is enabled, any changes to the tracing and logging settings using Oracle Enterprise Manager are ignored by the system.Oracle Net Configuration Assistant is provided to configure basic network components during installation, including:
Listener names and protocol addresses
Naming methods the client uses to resolve connect identifiers to connect descriptors
Net service names in a tnsnames.ora
file
Directory server usage
Oracle Net Configuration Assistant runs automatically during software installation, as described in your Oracle installation guide. It can also be run after installation in standalone mode to configure naming methods, the listener, net service names in the tnsnames.ora
file, and directory server usage.
To start Oracle Net Configuration Assistant do the following:
On Linux and UNIX, run netca
from the ORACLE_HOME/bin
directory.
On Microsoft Windows, select Programs from the Start menu, and then select Oracle - HOME_NAME. Next, select Configuration and Migration Tools, and then Oracle Net Configuration Assistant.
See Also:
Oracle Net Configuration Assistant online help
Oracle Grid Infrastructure Installation Guide for information on running Oracle Net Configuration Assistant in silent mode
Table 7-3 describes the configuration options on the Oracle Net Configuration Assistant Welcome page:
Table 7-3 Oracle Net Configuration Assistant
Option | Description |
---|---|
Create, modify, delete, or rename a listener. |
|
Configure this computer to resolve connect identifiers to connect descriptor through one or more of following naming methods:
|
|
Create, modify, delete, rename, or test connectivity of a connect descriptor stored in a local |
|
Configure a directory server for directory-enabled features. |
To use Oracle Net Manager, you must be a member of the OracleNetAdmins
group or the OracleContextAdmins
group. Oracle Net Configuration Assistant establishes these access rights for these groups during Oracle Context creation.
The OracleNetAdmins
group is owned by itself. Members of the OracleNetAdmins
group have create, modify, and read access to Oracle Net objects and attributes. They can also add or delete members in the group, and add or delete groups to be owners of the OracleNetAdmins
group.
The OracleContextAdmins
group is a super-user group for Oracle Context. Members of the OracleContextAdmins group can add all supported types of entries to Oracle Context.
This section contains the following topics:
Note:
Members of theOracleContextAdmins
groups can also add and delete members of the OracleNetAdmins
group.To add a user to the OracleNetAdmins
group with ldapmodify
, do the following:
Create an LDIF (Lightweight Directory Interchange Format) file that specifies that you want to add a user to the OracleNetAdmins
group.
You can use the following sample LDIF file. Use the appropriate DN for cn=OracleNetAdmins
and the user that you want to add.
dn: cn=OracleNetAdmins,cn=OracleContext,...
changetype: modify
add: uniquemember
uniquemember: DN of user being added to group
Enter the following syntax at the command line to refresh the file:
$ ldapmodify -h directory_host -p port -D binddn -q -f ldif_file
In the preceding command, directory_host is the directory server host, port is the listening TCP/IP port for the directory server, binddn is the directory administrator or user DN, and ldif_file is the input file name. If the port is not specified, then the default port of 389 is used. The -q
option prompts for a single bind password to be entered.
To remove a user from the OracleNetAdmins
group with ldapmodify
, do the following:
Create an LDIF file that specifies that you want to delete a user to the OracleNetAdmins
group.
You can use the following sample LDIF file. Enter the appropriate DN for cn=OracleNetAdmins
and the user that you want to delete.
dn: cn=OracleNetAdmins,cn=OracleContext,...
changetype: modify
delete: uniquemember
uniquemember: DN of user being deleted from group
Enter the following ldapmodify
syntax at the command line to delete the user:
$ ldapmodify -h directory_host -p port -D binddn -q -f ldif_file
In the preceding command, directory_host is the directory server host, port is the listening TCP/IP port for the directory server, binddn is the directory administrator or user DN, and ldif_file is the input file name. If the port is not specified, then the default port of 389 is used. The -q
option prompts for a single bind password to be entered.
By default, the owner of the OracleNetAdmins
group is the OracleNetAdmins
group itself. Any member of the OracleNetAdmins
group can add or delete other members from the OracleNetAdmins
group. If you prefer another group to add or delete OracleNetAdmins
members, then you can change the owner attribute of the OracleNetAdmins
group to another group.
The owner cannot be an individual user entry but must be a group entry, and the group entry is one comprised of the LDAP schema object classes GroupOfUniqueNames
and orclPriviledgeGroup
.
To add a group as an owner of an OracleNetAdmins
group, do the following:
Create an LDIF file, as follows:
Specify the group you want to add as an owner.
You can use the following sample LDIF file. Enter the appropriate DN for cn=OracleNetAdmins
and the DN of the group that you want to add.
dn: cn=OracleNetAdmins,cn=OracleContext,...
changetype: modify
add: owner
owner: DN of group to add
For example, the following LDIF syntax changes the ownership from the OracleNetAdmins
group to another group named cn=ExampleSecurityAdmins
. The group can be either inside or outside Oracle Context.
dn: cn=OracleNetAdmins,cn=OracleContext,... changetype: modify add: owner owner: cn=ExampleSecurityAdmins
Optionally, specify the group to delete as an owner.
dn: cn=OracleNetAdmins,cn=OracleContext,...
changetype: modify
delete: owner
owner: DN of group to delete
Enter the following syntax at the command line to refresh the file:
$ ldapmodify -h directory_host -p port -D binddn -q -f ldif_file
In the preceding command, directory_host is the directory server host, port is the listening TCP/IP port for the directory server, binddn is the directory administrator or user DN, and ldif_file is the input file name. If the port is not specified, then the default port of 389 is used. The -q
option prompts for a single bind password to be entered.
Oracle Net Services provides tools to help you start, stop, configure, and control each network component. The Listener Control utility enables you to administer the listener. The utility is started by the user that owns the Oracle installation, or a member of the designated group, and on the same machine where the listener is running. The basic syntax for this utility is as follows:
lsnrctl command [listener_name]
For example, the following command starts a listener named lsnr
:
lsnrctl START lsnr
You can also issue Listener Control utility commands at the LSNRCTL>
program prompt. To obtain the prompt, enter lsnrctl
with no arguments at the operating system command line. When you run lsnrctl
, the utility is started, and you can enter the necessary commands from the program prompt.
For example:
lsnrctl LSNRCTL> START lsnr
See Also:
"Customizing Oracle Net Listener Configuration" for additional information about the listener
Oracle Database Net Services Reference for additional information about the Listener Control utility
Network configuration and administration tasks are described throughout this guide. The following tables list the common tasks, the tools associated with them, and points you to the topic in the guide that describes the task:
Table 7-4 shows the tasks for configuring directory server for Oracle Net.
Table 7-4 Configuring Directory Server for Oracle Net Usage
Task | Tools to Perform Task | See Also |
---|---|---|
Configure directory server usage. |
Oracle Internet Directory Configuration Assistant |
|
Add users to the |
ldapmodify |
|
Authenticate with the directory. |
Oracle Enterprise Manager Oracle Net Manager |
Online Help in Oracle Enterprise Manager Choose Directory > Service Naming > How To > Change the Oracle Context in the online Help for Oracle Net Manager Oracle Database Enterprise User Security Administrator's Guide |
Change Oracle Context. |
Oracle Net Manager |
Online Help in Oracle Enterprise Manager Choose Directory > Service Naming > How To > Set Authentication Credentials in the online Help for Oracle Net Manager |
Table 7-5 shows the tasks for configuring naming methods.
Table 7-5 Configuring Naming Methods
Task | Tools to Perform Task | See Also |
---|---|---|
Configure the local naming method. |
Oracle Enterprise Manager Oracle Net Manager Oracle Net Configuration Assistant |
|
Configure the directory naming method. |
Oracle Enterprise Manager Oracle Net Manager |
|
Configure the Easy Connect naming method. |
Oracle Net Manager |
|
Configure external naming methods. |
Oracle Net Manager |
Table 7-6 shows the tasks for migrating to directory naming.
Table 7-6 Migrating to Directory Naming
Task | Tools to Perform Task | See Also |
---|---|---|
Export from |
Oracle Enterprise Manager Oracle Net Manager |
Table 7-7 shows the tasks for configuring profiles.
Table 7-7 Configuring Profiles
Task | Tools to Perform Task | See Also |
---|---|---|
Prioritize naming methods. |
Oracle Net Manager Oracle Net Configuration Assistant |
|
Configure a default domain that is automatically appended to any unqualified net service name. |
Oracle Net Manager Oracle Net Configuration Assistant |
|
Route connection requests. |
Oracle Net Manager Oracle Net Configuration Assistant |
|
Configure access control. |
Oracle Net Manager |
|
Configure an authentication method available with Oracle Advanced Security. |
Oracle Net Manager |
"Configuring Oracle Advanced Security" Choose Oracle Advanced Security > How To in the online help |
Configure connect request timeouts. |
Manual Configuration |
Table 7-8 shows the tasks for configuring listeners.
Table 7-8 Configuring Listeners
Task | Tools to Perform Task | See Also |
---|---|---|
Configure listening protocol addresses. |
Oracle Enterprise Manager Oracle Net Manager Oracle Net Configuration Assistant |
|
Configure dynamic service registration. |
Automatic |
|
Configure static service registration. |
Oracle Enterprise Manager Oracle Net Manager |
|
Configure password authentication. |
Oracle Enterprise Manager Oracle Net Manager |
|
Configure connect request timeouts. |
Manual Configuration |
Table 7-9 shows the tasks for administering listeners.
Table 7-9 Administering Listeners
Task | Tools to Perform Task | See Also |
---|---|---|
Start and stop listeners. |
Listener Control Utility |
|
View registered information. |
Listener Control Utility |
Table 7-10 shows the tasks for configuring Oracle Connection Manager.