1. Concepts
  2. Scenarios for Using DGMGRL with a DG PDB Configuration (23ai)
  3. Scenario 2: Prepare the Environment

Scenario 2: Prepare the Environment

Configure the network configuration files and wallet files required on each host to facilitate connections to the source and target databases.

Configure the tnsnames.ora files on each host.

Ensure the tnsnames.ora files on the source and target hosts contain aliases that resolve to connect identifiers for the source and target databases. For the examples, the following aliases are used: 
BOSTON = 
    (DESCRIPTION = 
      (ADDRESS = (PROTOCOL = TCP)(HOST = boshost.example.com)(PORT = 1521)) 
      (CONNECT_DATA = (SERVER = DEDICATED) 
      (SERVICE_NAME = boston.example.com) 
    ) 
) 

NEWYORK = 
    (DESCRIPTION = 
      (ADDRESS = (PROTOCOL = TCP)(HOST = nychost.example.com)(PORT = 1521)) 
      (CONNECT_DATA = (SERVER = DEDICATED) 
      (SERVICE_NAME = newyork.example.com) 
    ) 
)
On systems where connections to the various PDBs are required, also update the tnsnames.ora files to include additional aliases that resolve to connect identifiers that enable connections directly to the PDBs.

Create wallets that contain the credentials required to create and manage the DG PDB configuration.

Identify (and create if necessary) the SYSDBA-privileged user that will be used for DGMGRL connections. For the scenario examples, wallet credentials for the SYS user for the source database and target database will be configured. Unlike CDB-level Data Guard protection, which requires all databases in a configuration to share the same passwords, the passwords for the SYS user for each database configured with PDB-level Data Guard protection are assumed to be different.

On each host, create a directory to contain the wallet and secure the wallet by setting appropriate protections on the directory. 
$ mkdir -p $ORACLE_HOME/dbs/wallets 
$ chmod -R 700 $ORACLE_HOME/dbs/wallets
Create wallets in the source host and target host wallet locations.
The command below creates a dgpdb directory in the wallet location that contains files for a new wallet and should be executed on each host. The password prompts are for the wallet password required to make any future changes to the contents of the wallet and typically would be different for each wallet. 
$ mkstore -wrl $ORACLE_HOME/dbs/wallets/dgpdb -create 
Oracle Secret Store Tool Release 23.0.0.0.0 - Production 
Version 23.0.0.0.0 
Copyright (c) 2004, 2022, Oracle and/or its affiliates. All rights reserved. 

Enter password: 
Enter password again:
Add credentials to each wallet for the SYS user for the source database and target database that use the previously created boston and newyork aliases by issuing the following commands on each host. The first two password prompts for each command are for the password associated with the username (SYS) for the credential being created and the last password prompt is for the wallet password required to update the wallet contents: 
$ mkstore -wrl $ORACLE_HOME/dbs/wallets/dgpdb -createCredential boston 'sys' 
Oracle Secret Store Tool Release 23.0.0.0.0 - Production 
Version 23.0.0.0.0 
Copyright (c) 2004, 2022, Oracle and/or its affiliates. All rights reserved. 

Your secret/Password is missing in the command line 
Enter your secret/Password: 
Re-enter your secret/Password: Enter wallet password: 

$ mkstore -wrl $ORACLE_HOME/dbs/wallets/dgpdb -createCredential newyork 'sys' 
Oracle Secret Store Tool Release 23.0.0.0.0 - Production Version 23.0.0.0.0 Copyright (c) 2004, 2022, 
Oracle and/or its affiliates. All rights reserved. 
Your secret/Password is missing in the command line Enter your secret/Password: 
Re-enter your secret/Password: Enter wallet password:
Update the sqlnet.ora file on the source database and target database hosts to add a WALLET_LOCATION clause that identifies the wallet directory location and a line to override any existing OS authentication or password configuration to ensure that only wallet-based authentication will be used when authentication using the wallet credentials is attempted. The sqlnet.ora file used for the examples is as follows, where <ORACLE_HOME> is the path for the database ORACLE_HOME directory: 
NAMES.DIRECTORY_PATH= (TNSNAMES, ONAMES, HOSTNAME) 
WALLET_LOCATION = 
    (SOURCE = 
      (METHOD = FILE) 
      (METHOD_DATA = 
        (DIRECTORY = <ORACLE_HOME>/dbs/wallets/dgpdb) 
    ) 
) 
SQLNET.WALLET_OVERRIDE = TRUE
Stop and restart each database to configure redo transport to use the wallet. Because there are no static services configured, use OS authentication on each host to do this. Then validate that client connections to the source and target container databases are now possible using the wallets by issuing the following commands on each host: 
$ sqlplus /@boston as sysdba 
$ sqlplus /@newyork as sysdba