6 Quick Start to Oracle Net Services

Help novice users set up and test a simple but common network configuration, such as one between a client application and a database over a TCP/IP network.

6.1 Prerequisites for Establishing Connectivity

The tasks in this chapter show a TCP/IP connection between a database server and a client computer.

The following conditions are assumed about the database server and client computer:

  • Database server

    • The server is running on a network that can access the client

    • An Oracle database is installed

    • A listener is configured

    • TCP/IP protocol support is installed

  • Client computer

    • The client computer is running on a network that can access the database server

    • Oracle Client is installed

    • TCP/IP protocol support is installed

In a TCP/IP network, each computer has a unique IP address. A name resolution service, such as Domain Name System (DNS), can be used to map the IP address of a computer with its host name. If a name resolution service is not used, then the mapping is typically stored in a centrally maintained file called hosts. This file is located in the /etc directory on Linux and the \windows\system32\drivers\etc directory on Microsoft Windows. For example, an entry for a database server computer named sales-server may look like the following:

#IP address of server     host name       alias
192.0.2.203             sales-server    sales.us.example.com

6.2 Confirming Network Availability

Before using Oracle Net to connect a client computer to a database server, confirm that the client computer can successfully communicate with the database server computer. Evaluating network connectivity can eliminate network-based errors.

The following procedure describes how to confirm network connectivity:

  1. Confirm that the database server computer can communicate with itself with a loopback test as follows:

    1. To confirm hardware connectivity, enter the following command at the command line:

      ping ip_address

      In the preceding command, ip_address is the IP address of the database server computer, such as the following:

      ping 192.0.2.203
    2. To confirm the DNS or host name is configured properly, enter the following command at the command line:

      ping host_name

      In the preceding command, host_name is the host name of the server.

    3. To test the TCP/IP setup for the server, enter the following command:

      ping 127.0.0.1
      
      ping6 ::1

      The IP address 127.0.0.1 is the standard IPv4 address for a loopback test. The IP address ::1 (0: 0: 0: 0: 0: 0: 0: 1) is the standard IPv6 address for a loopback test.

  2. Verify the client computer can successfully communicate with the database server computer.

    The method for verification varies according to the network protocol. For TCP/IP, you can use PING, FTP or TELNET utilities.

    If the client computer cannot reach the server, then verify that the network cabling and network interface cards are correctly connected. Contact your network administrator to correct these problems.

6.3 Starting Oracle Net Listener and the Oracle Database Server

Oracle Net Listener and the Oracle Database server must be running in order for the database server to receive connections.

The following procedure describes how to start Oracle Net Listener:

  1. Start the listener with the Listener Control utility. From the command line, enter the following:

    lsnrctl
    LSNRCTL> START [listener_name]

    In the preceding command, listener_name is the name of the listener defined in the listener.ora file. It is not necessary to identify the listener if you are using the default name LISTENER.

    A status message indicating that the listener has successfully started appears.

  2. Start the database as follows:

    1. Start SQL*Plus without connecting to the database using the following command:

      SQLPLUS /nolog
    2. Connect to the database as SYSDBA using the following command:

      SQL> CONNECT username as sysdba

      You will be prompted to enter a password.

      Note:

      For simplicity, this example does not perform the password management techniques that a deployed system normally uses. In a production environment, follow the Oracle Database password management guidelines, and disable any sample accounts. See Oracle Database Security Guide for password management guidelines and other security recommendations.

    3. Start the database using the following command:

      SQL> STARTUP database_name

      In the preceding command, database_name is the name of the database.

      For additional information about starting the database, see Oracle Database Administrator’s Guide.

  3. Confirm that database service registration with the listener has completed using the Listener Control utility and the following command:

    LSNRCTL> SERVICES [listener_name]

    The SERVICES command lists the services supported by the database, along with at least one available service handler. If the database service registration is not listed, then enter the following SQL command:

    SQL> ALTER SYSTEM REGISTER;

6.4 Starting Oracle Connection Manager

If Oracle Connection Manager is installed, then follow these steps to start Oracle Connection Manager.

  1. Start the Oracle Connection Manager Control utility (CMCTL) using the following commands:

    
    cmctl
    CMCTL> ADMINISTER [instance_name]
    

    In the preceding command, instance_name is the name of Oracle Connection Manager to administer. You can determine the name by viewing the cman.ora file. The file is located on the Oracle Connection Manager computer in the ORACLE_BASE_HOME/network/admin directory by default.

    Oracle Connection Manager displays a status message indicating the name of the instance, and informs you that the instance has not yet been started.

    Note:

    If you do not provide an instance name as an argument, then provide Oracle Connection Manager with a fully qualified host name. This is the default. After you issue the ADMINISTER command, CMCTL displays the instance name as follows:

    CMAN_fully_qualified_host_name
  2. Start Oracle Connection Manager that you have chosen to administer using the following command:

    cmctl> STARTUP
    

    Oracle Connection Manager confirms that the instance has been started, and provides status for the instance.

  3. Exit from the Oracle Connection Manager Control utility using the following command:

    cmctl> EXIT

On Microsoft Windows, you can start Oracle Connection Manager through the Control Panel, as follows:

  1. Select Services in the Control Panel.

  2. Select the OracleHOME_NAMECMan service, and then click Start.

  3. In the Services window, click Close.

6.5 Connecting to the Database

There are several methods to connect to an Oracle database. Table 6-1 lists syntax to connect to a database.

Table 6-1 Connecting to a Database

Type of Connection Connection Syntax Description

From the command line

The general form of connecting an application to a database server from the command line is:

tool username@connect_identifier

You will be prompted to enter your password which will be encrypted.

For example:

SQLPLUS system@sales
Enter password: password

Most Oracle tools can use the operating system command line to connect, and some provide alternatives.

From a login screen

username@connect_identifier

Some tools provide a login screen as an alternative form to log in. A user can log in to a database server by identifying both the user name and connect identifier in the user name field of the tool login screen, and entering the password in the password field.

From a 3GL application

exec sql connect :username identified by :password 

In the preceding connection request, :username and :password are 3GL variables that can be set within the program either statically or by prompting the user. When connecting to a database server, the value of the :username variable is in the form:

username@net_service_name 

The :password variable contains the password for the database account to which you are connecting.

Applications written in 3GL, such as OCI and pre-compilers, are used by middle-tier and database application developers for direct database access from a client program.

From within SQL*Plus

SQLPLUS /nolog
SQL> CONNECT username@net_service_name

For example:

SQLPLUS /nolog
SQL> CONNECT scott@serverx
Enter password: password

In the preceding commands, username and password are the database user and password, and net_service_name is the network service name.

Some Oracle tools have commands for database connections to allow an alternative user name to be specified without leaving the tool.

Other Oracle tools use slightly different methods specific to their function or interface. For example, Oracle CDE tools use login buttons with fields for the user name, password, and remote database ID.

Using

KERBEROS5_CC_NAME parameter


(DESCRIPTION=
      (ADDRESS=(PROTOCOL=tcp)(HOST=sales-svr)(PORT=1521))
      (CONNECT_DATA=(SERVICE_NAME=sales.example.com)) 
      (SECURITY=(SQLNET.KERBEROS5_CC_NAME=/usr/tmp/krbcache))
)

Use this parameter to specify the complete path to the Kerberos credentials cache file for the Kerberos Principal (user), when more than one Kerberos Principal needs to log in through the Database Client.

If you are using Kerberos authentication to connect to a database, then specifying the complete path to the credential cache using the KERBEROS5_CC_NAME parameter is mandatory. For a single Kerberos Principal, you can specify the credential cache path in the sqlnet.ora file using the SQLNET.KERBEROS5_CC_NAME parameter. When a client needs to use more than one Kerberos Principal for making multiple database connections, specify KERBEROS5_CC_NAME parameter in either the CONNECT string for individual connections or in the tnsnames.ora file.

Note:

The parameter value specified in the CONNECT string takes precedence over the value specified in the sqlnet.ora file. You can also specify this parameter in the aliases defined in the tnsnames.ora file.
Using

KERBEROS5_PRINCIPAL parameter

(DESCRIPTION=
      (ADDRESS=(PROTOCOL=tcp)(HOST=sales-svr)(PORT=1521))
      (CONNECT_DATA=(SERVICE_NAME=sales.example.com)) 
      (SECURITY=
          (KERBEROS5_CC_NAME=/tmp/krbuser1/krb.cc)
          (KERBEROS5_PRINCIPAL=krbprinc1@example.com)))

This parameter is used to specify Kerberos Principals for a database client.

This is an optional parameter. However, if you use this parameter, then ensure that the KERBEROS5_PRINCIPAL matches the Principal retrieved from the Kerberos credential cache, which is specified in the KERBEROS5_CC_NAME parameter. The authentication fails if the Principal name does not match.

6.6 Using Easy Connect to Connect to a Database

Easy Connect extends the functionality of the host naming method by enabling clients to connect to a database server with an optional port and service name in addition to the host name of the database.

After network connectivity has been verified, you can use the Easy Connect naming method to connect to the database. This naming method provides out-of-the-box TCP/IP connectivity to databases.

The following is the syntax to connect using Easy Connect:

CONNECT username/password@host[:port][/service_name][:server_type][/instance_name]

Note:

In Oracle Call Interface documentation, server is referred to as connect_type.

If Oracle Database server installation was performed in Typical mode, then the default service name used by the Oracle instance is the database name, and the following Easy Connect syntax can be used to connect to that instance:

SQLPLUS /nolog
SQL> CONNECT username@"host/db_name"
SQL> Enter password: password