Home » RDBMS Server » Backup & Recovery » Logon to Target & Catalog DB. (Oracle 9i.0.2, Windows. )
Logon to Target & Catalog DB. [message #474081] Thu, 02 September 2010 10:17 Go to next message
muktha_22
Messages: 527
Registered: December 2009
Senior Member
Hi,

Have a small confusion about the logon.

1) As anyone can start the instance and logon to the DB with - CONN /AS SYSDBA.
Then how the DBA block the user or intruder using this method in PRODUCTION DB?

2) And as same above, any one can use RMAN as below.
RMAN TARGET SYS/SYSDBA@<db name>
How a DBA handle these issue.

3) My DB (Test) is APTECH, I want to create and connect to the Catalog Recovery DB as below, but I'm not able to, please point out where I'm wrong?

RMAN TARGET/catalog SYS/SYSDBA@Aptech

Thanks in advance....
Re: Logon to Target & Catalog DB. [message #474083 is a reply to message #474081] Thu, 02 September 2010 10:25 Go to previous messageGo to next message
Mahesh Rajendran
Messages: 10707
Registered: March 2002
Location: oracleDocoVille
Senior Member
Account Moderator
>>1) As anyone can start the instance

Not true.

The user has to be in a DBA Group and this behavior can be disabled.

>>2) And as same above, any one can use RMAN as below.
Would you give the SYS password to "any one"?
Same as above.


Something like this.

rman TARGET / CATALOG rman/cat@catdb


TARGET = the database to be backedup, identified by ORACLE_SID.
CATALOG = points to the recovery catalog database.
Re: Logon to Target & Catalog DB. [message #474107 is a reply to message #474083] Thu, 02 September 2010 12:02 Go to previous messageGo to next message
muktha_22
Messages: 527
Registered: December 2009
Senior Member
Hi Mahesh,

Thanks a lot, need little more confirmation.

1) Which means every DBA in production DB will get a separate username and password, am I right?.

2) Can you tell me how to block the SYS/SYSDBA logon?

Thanks in advance.

Re: Logon to Target & Catalog DB. [message #474109 is a reply to message #474107] Thu, 02 September 2010 12:14 Go to previous messageGo to next message
Michel Cadot
Messages: 68625
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
Quote:
1) Which means every DBA in production DB will get a separate username and password, am I right?.

Yes, every DBA should have its own account, SYSTEM should be locked and password invalidated, SYS should never be used, DBA in charge of backup and recovery should have SYSDBA.

Quote:
Can you tell me how to block the SYS/SYSDBA logon?

Give a very strong and random password to SYS.

Regards
Michel
Re: Logon to Target & Catalog DB. [message #474251 is a reply to message #474109] Sat, 04 September 2010 01:36 Go to previous messageGo to next message
muktha_22
Messages: 527
Registered: December 2009
Senior Member
Hi Mickel,

Thanks a lot for you are kind help.
Need some more clarifications in production environment for below.

1) what is the meaning of RMAN executable is running on the same host as the test database.

2) How it affects the O/S and NET Authenticate RMAN backup?

Thanks in advance.
Re: Logon to Target & Catalog DB. [message #474256 is a reply to message #474251] Sat, 04 September 2010 02:00 Go to previous messageGo to next message
Michel Cadot
Messages: 68625
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
Quote:
1) what is the meaning of RMAN executable is running on the same host as the test database.

Exactly what it is said, you run RMAN on the test database server; what don't you understand in this sentence?

Quote:
2) How it affects the O/S and NET Authenticate RMAN backup?

You have not to use @...
You can use OS authenticate connection (that is "TARGET /").

Regards
Michel
Re: Logon to Target & Catalog DB. [message #474330 is a reply to message #474256] Sun, 05 September 2010 14:00 Go to previous message
muktha_22
Messages: 527
Registered: December 2009
Senior Member
Thanks Mickel...
Previous Topic: Restore RMAN BACKUP
Next Topic: SCN on Read only Tablespace
Goto Forum:
  


Current Time: Thu Mar 28 14:43:35 CDT 2024