Steps to Install Oracle 12c Database

Note: Install the database according to the vendor's instructions. Be sure to note the database installation user name and password for use later in the installation process.

 

The Oracle database must use a Unicode character set defined at database creation. Complete the following installation tasks:

Run SQL*Plus

Run SQL*Plus as a user with DBA privileges by running the following command:

sqlplus / as sysdba

Create Users

Create the Oracle users for the OIPA and IVS schemas by entering the following commands from an sqlplus session:

create user <OIPA Username> identified by <OIPA Password>;
grant connect, resource to <OIPA Username>;
grant UNLIMITED TABLESPACE to <OIPA Username>;
create user <IVS Username> identified by <IVS Password>;
grant connect, resource to <IVS Username>;
grant UNLIMITED TABLESPACE to <IVS Username>;

Setting up Transparent Data Encryption(TDE) in Oracle

  1. Check if the wallet exists and open

    2. SELECT * FROM V$ENCRYPTION_WALLET;

  2. If the wallet exists and not OPEN, issue the below command to open the wallet with the password which was provided while the wallet was created

    3. ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY <wallet password>;

  3. If wallet does not exist, follow the below STEPS(4 & 5) to create one, else go to STEP-6
  4. The wallet will be created at the location specified in the sqlnet.ora file in $ORACLE_HOME\network\admin directory. Add the below entry in sqlnet.ora file. Specify a directory name in place of <directory>

    5. ENCRYPTION_WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA = (DIRECTORY=<directory>)))

  5. Issue the below command to create the wallet

    6. ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY <wallet password>;

  6. Check if the USERS tablespace is encrypted, if not ENCRYPTED then follow the below steps else got the "Import the Databases" Section

    7. SELECT TABLESPACE_NAME, ENCRYPTED FROM DBA_TABLESPACES where TABLESPACE_NAME = 'USERS';

  7. Take the USERS tablespace offline

    8. ALTER TABLESPACE USERS OFFLINE;

  8. Issue the below command to make the TABLESPACE encrypted and bring it back online

    9. ALTER TABLESPACE USERS ENCRYPTION OFFLINE ENCRYPT;
    ALTER TABLESPACE USERS ONLINE;

  9. Issue the below command to verify the tablespace USERS is now encrypted. The Encrypted column value should be 'YES' for the USERS TABLESPACE

    10. SELECT TABLESPACE_NAME, ENCRYPTED FROM DBA_TABLESPACES where tablespace_name = 'USERS';

    Note: f there are any other tablespaces which contains the Application data, the STEPS 6-9 should be repeated for those tablespaces.

Import the Databases

  1. Create the Oracle directories for the fully qualified path to the export data pump dumpfile. Enter the following commands from a sqlplus session:

create directory oipa_dir as '<fully qualified path holding the dumpfiles>';
-- Example: /opt/oracle/backups/
grant read, write on directory oipa_dir to system;
exit;

  1. Create and load the oipa and IVS databases using import data pump (impdp):

Note: The impdp command can be run interactively. It will prompt you to provide any required arguments not on the command line, or you can enter them in one command. The system password is the same password entered when the database was configured, and the OIPA and IVS Usernames and passwords are those entered in the Create Users section above.

 

impdp system/<system password> directory=oipa_dir dumpfile=oipa_pas.dmp logfile=OIPA_PAS.log full=yes remap_schema=oipaqa:<OIPA Username>
impdp system/<system password> directory=oipa_dir dumpfile=oipa_ivs.dmp logfile=OIPA_IVS.log full=yes remap_schema=oipa_ivs:<IVS Username>

Create a Read-Only Database User

  1. Extract "create_readonly_user.sh" from OIPA distribution.
  2. Mention file will be available at "script\oracle\unix".
  3. Change the permissions so the script can be executed by the shell by entering the following command:

    4. chmod 770 Create_readonly_user.sh

  4. Execute the script by entering the following command:

    5. ./create_readonly_user.sh

  5. When prompted you will need to answer the following:
    • SYSTEM password – The password that was set during the configuration of Oracle 11g.
    • Table Owner Userid – Type the OIPA Username used above.
    • Read Only Userid – Type OIPA_RO. You may use this example or create your own user.
    • Read Only Password – Type OIPA_RO. You may use this example or create your own password

    The Script will run and display the results of the creating the read-only user.

    Note: A Windows version of this script is not available.