A group of computers on your network that you manage as a common unit to perform backup and restore operations. An administrative domain must include one and only one administrative server. It can include the following:
One or more clients
One or more media servers
The host that stores configuration information and catalog files for hosts in the administrative domain. There must be one and only one administrative server for each administrative domain. One administrative server can service every client on your network. The administrative server runs the scheduler, which starts and monitors backups within the administrative domain.
Apache Web server
A public-domain Web server used by the Oracle Secure Backup Web tool.
backup catalog data
This is the metadata that is stored on tape and the disk pool in the
/osbmeta directory, following the backup image instance, as a part of the backup. Backup catalog data provides information that rebuilds that backup image instance within the Oracle Secure Backup catalog file during the import catalog process.
backup image file
backup image instance
backup image label
A process by which data is copied from primary media to secondary media. You can use Oracle Secure Backup to make a file-system backup, which can back up any file on the file system. You can also use the Oracle Secure Backup SBT library with Recovery Manager (RMAN) to back up the database to tape or disk pool.
A backup file generated by Recovery Manager (RMAN). Backup pieces are stored in a logical container called a backup set.
A description of when and how often Oracle Secure Backup should back up the files specified by a dataset. The backup schedule contains the names of each dataset file and the name of the media family to use. The part of the schedule called the trigger defines the days and times when the backups should occur. In obtool, you create a backup schedule with the
A time frame in which a backup operation can be run.
A symbol code, also called a tag, that is physically applied to a volume for identification purposes. Oracle Secure Backup supports the use of tape libraries that have an automated means to read barcodes.
A digitally signed statement from a Certification Authority (CA) stating that the public key (and possibly other information) of another entity has a value. The X.509 standard specifies the format of a certificate and the type of information contained in it: certificate version, serial number, algorithm ID, issuer, validity, subject, subject public key information, and extensions such as key usage (signing, encrypting, and so on). A variety of methods are used to encode, identify, and store the certificate.
Certification Authority (CA)
An authority in a network that performs the function of binding a public key pair to an identity. The CA certifies the binding by digitally signing a certificate that contains a representation of the identity and a corresponding public key. The administrative server is the CA for an Oracle Secure Backup administrative domain.
Common Internet File System (CIFS)
An Internet file-system protocol that runs on top of TCP/IP (Transmission Control Protocol/Internet Protocol).
content-managed expiration policy
cumulative incremental backup
Background processes that are assigned a task by Oracle Secure Backup during the execution of backup and restore operations. Some daemons run continually and others are started and stopped as required.
The amount of data written to a volume in each write operation.
data management application (DMA)
An application that controls a backup or restore operation over the Network Data Management Protocol (NDMP) through connections to a data service and tape service. The DMA is the session master, whereas the NDMP services are the slaves. In an Oracle Secure Backup administrative domain, obtar is an example of a DMA.
database backup storage selector
An Oracle Secure Backup configuration object that specifies characteristics of Recovery Manager (RMAN) SBT backups. The storage selector act as a layer between RMAN, which accesses the database, and the Oracle Secure Backup software, which manages the backup media.
A directory that contains at least one dataset file. The directory groups dataset files as a set for common reference.
A text file that describes a dataset. The Oracle Secure Backup dataset language provides a text-based means to define file-system data to back up.
An internal, uniquely generated number that differentiates databases. Oracle creates this number automatically when you create the database.
defaults and policies
A set of configuration data that specifies how Oracle Secure Backup runs in an administrative domain.
device special file
A file name in the
/dev file system on UNIX or Linux that represents a hardware tape device. A device special file does not specify data on disk, but identifies a hardware unit and the device driver that handles it. The inode of the file contains the device number, permissions data, and ownership data. An attachment consists of a host name and the device special file name by which that tape device is accessed by Oracle Secure Backup.
differential incremental backup
A type of incremental backup in which Oracle Secure Backup copies only data that has changed at the same or lower backup level. This backup is also called a level 10 backup. Oracle Secure Backup does not support the level 10 backup on some platforms, including NAS devices such as a Network Appliance filer.
A file-system directory that stores backups. Disk pools can be accessed concurrently by multiple backup or restore jobs.
A group of computers and tape devices on a network that are administered as a unit with common rules and procedures. Within the internet, domains are defined by the IP address. Every host or device sharing a common part of the IP address is said to be in the same domain.
The initialization phase of a connection between two hosts in the administrative domain. After the hosts authenticate themselves to each other with identity certificates, communications between the hosts are encrypted by SSL. Almost all connections are two-way authenticated; exceptions include initial host invitation to join an administrative domain and interaction with hosts that use NDMP access mode.
The process through which an Oracle Secure Backup user imports and catalogs a volume set from tape to the Oracle Secure Backup domain. The function reads the backup catalog data from the tape and inserts necessary information into the Oracle Secure Backup catalog file.
An operation that backs up only the files on a client that changed after a previous backup. Oracle Secure Backup supports 9 different incremental backup levels for a file-system backup. A cumulative incremental backup copies only data that changed since the most recent backup at a lower level. A differential incremental backup, which is equivalent to a level 10 backup, copies data that changed since an incremental backup at the same or lower level.
An incremental backup contrasts with a full backup, which always backs up all files regardless of when they last changed. A full backup is equivalent to an incremental backup at level 0.
A catalog created and maintained by Oracle Secure Backup that describes each past, current, and pending backup job.
A text file report produced by Oracle Secure Backup that describes the status of selected backup and restore jobs. Oracle Secure Backup generates the report according to a user-specified job summary schedule.
job summary schedule
A user-defined schedule for generating job summaries. You create job summary schedules with the
mksum command in obtool.
NDMP access mode
The mode of access for a filer or other host that uses Network Data Management Protocol (NDMP) for communications within the administrative domain. NDMP access mode contrasts with primary access mode, which uses the Oracle Secure Backup network protocol. Note that Oracle Secure Backup uses NDMP for data transfer among hosts regardless of whether a host is accessed through the primary or NDMP access modes.
Network Attached Storage (NAS)
A NAS server is a computer on a network that hosts file systems. The server exposes the file systems to its clients through one or more standard protocols, most commonly NFS and CIFS.
Network Data Management Protocol (NDMP)
An open standard protocol that defines a common architecture for backups of heterogeneous file servers on a network. This protocol allows the creation of a common agent used by the central backup application, called a data management application (DMA), to back up servers running different operating systems. With NDMP, network congestion is minimized because the data path and control path are separated. Backup can occur locally—from a file server direct to a tape drive—while management can occur centrally.
Network File System (NFS)
A client/server application that gives all network users access to shared files stored on computers of different types. NFS provides access to shared files through an interface called the Virtual File System (VFS) that runs on top of TCP/IP (Transmission Control Protocol/Internet Protocol). Users can manipulate shared files as if they were stored on local disk. With NFS, computers connected to a network operate as clients while accessing remote files, and as servers while providing remote users access to local shared files. The NFS standards are publicly available and widely used.
A wallet whose data is scrambled into a form that is extremely difficult to read if the scrambling algorithm is unknown. The wallet is read-only and is not protected by a password. An obfuscated wallet supports single sign-on (SSO).
The underlying engine of Oracle Secure Backup that moves data to and from tape or disk. obtar is a descendent of the original Berkeley UNIX
Although obtar is typically not accessed directly, you can use it to back up and restore files or directories specified on the command line. Obtar enables the use of features not exposed through obtool or the Oracle Secure Backup Web tool.
The principal command-line interface to Oracle Secure Backup. You can use this tool to perform all Oracle Secure Backup configuration, backup and restore, maintenance, and monitoring operations. The
obtool utility is an alternative to the Oracle Secure Backup Web tool.
Oracle Secure Backup catalog file
This is the
indices.cur file. This file contains complete information about all backed up files, including the name, path, and statistical information. There is one catalog file per host.
Oracle Secure Backup home
The directory in which the Oracle Secure Backup software is installed. The Oracle Secure Backup home is typically
/usr/local/oracle/backup on UNIX/Linux and
C:\Program Files\Oracle\Backup on Windows. This directory contains binaries and configuration files. The contents of the directory differ depending on which role is assigned to the host within the administrative domain.
Oracle Secure Backup logical unit number
A number between 0 and 31 used to generate unique device special file names during device configuration (for example:
/dev/obt1, and so on). Although it is not a requirement, unit numbers typically start at 0 and increment for each additional tape device of a given type, whether tape library or tape drive.
The Oracle Secure Backup logical unit number should not be confused with the SCSI LUN. The SCSI LUN is part of the hardware address of the tape device, whereas the Oracle Secure Backup logical unit number is part of the name of the device special file.
Oracle Secure Backup user
A defined account within an Oracle Secure Backup administrative domain. Oracle Secure Backup users exist in a separate namespace from operating system users.
Oracle Secure Backup wildcard pattern matching
A technique used on UNIX-based and Linux-based operating systems to filter output using a set of wildcard character patterns, while browsing the backup catalog through the Oracle Secure Backup obtool.
The volume from which a duplicate is made.
The process of replacing a file on your system by restoring a file that has the same file name.
password grace time
The length of time, after an Oracle Secure Backup user password has expired, during which the user is allowed to log in without changing the password.
The length of time, measured in number of days, for which an Oracle Secure Backup user password is valid.
password reuse time
The length of time which must elapse before a previously-used Oracle Secure Backup user password may be reused.
An optional attribute of an Oracle Secure Backup user. A preauthorization gives an operating system user access to specified Oracle Secure Backup resources.
primary access mode
The mode of access for a host that uses the Oracle Secure Backup network protocol for communications within the administrative domain. Oracle Secure Backup must be installed on hosts that use primary access mode. In contrast, hosts that use NDMP access mode do not require Oracle Secure Backup to be installed. Note that Oracle Secure Backup uses NDMP for data transfer among hosts regardless of whether a host is accessed through the primary or NDMP access modes.
A number that corresponds to a specific public key and is known only to the owner. Private and public keys exist in pairs in all public key cryptography systems. In a typical public key cryptosystem, such as RSA, a private key corresponds to exactly one public key. You can use private keys to compute signatures and decrypt data.
File-system backup operations initiated with the
--privileged option of the
backup command. On UNIX and Linux systems, a privileged backup runs under the
root user identity. On Windows systems, the backup runs under the same account (usually
Local System) as the Oracle Secure Backup service on the Windows client.
A number associated with a particular entity intended to be known by everyone who must have trusted interactions with this entity. A public key, which is used with a corresponding private key, can encrypt communication and verify signatures.
The length of time that data in a volume set is not eligible to be overwritten. The retention period is an attribute of a time-managed media family. The retention period begins at the write window close time. For example, if the write window for a media family is 7 days, then a retention period of 14 days indicates that the data is eligible to be overwritten 21 days from the first write to the first volume in the volume set.
Recovery Manager (RMAN)
A utility supplied with Oracle Database used for database backup, restore, and recovery. RMAN is a separate application from Oracle Secure Backup. Unlike RMAN, you can use Oracle Secure Backup to back up any file on the file system—not just database files. Oracle Secure Backup includes an SBT interface that RMAN can use to back up database files directly to tape or disk pool.
The Recovery Manager (RMAN) client program, which is installed automatically with Oracle Database software, initiates database backup and recovery. The RMAN client can back up and recover any Oracle Database files accessible locally or through Oracle Net so long as it meets compatibility requirements.
RMAN recovery catalog
The recovery catalog is an optional database schema that serves as a secondary repository of Recovery Manager (RMAN) metadata. You can create a centralized recovery catalog in a database to store the metadata for multiple target databases. The recovery catalog is managed by RMAN and is independent of the Oracle Secure Backup catalog.
RMAN target database
The target is the database that Recovery Manager (RMAN) backs up or restores. The RMAN repository, which is the metadata that RMAN uses to manage backup and recovery, is stored in the control file of the target database.
The functions that hosts in your network can have during backup and restore operations. There are three roles in Oracle Secure Backup: administrative server, media server, and client. A host in your network can serve in any of these roles or any combination of them. For example, the administrative server can also be a client and media server.
A media management software library that Recovery Manager (RMAN) can use to back up to tertiary storage. An SBT interface conforms to a published API and is supplied by a media management vendor. Oracle Secure Backup includes an SBT interface for use with RMAN.
Secure Sockets Layer (SSL)
Small Computer System Interface (SCSI)
A parallel I/O bus and protocol that permits the connection of a variety of peripherals to host computers. Connection to the SCSI bus is achieved through a host adapter and a peripheral controller.
Storage Area Network (SAN)
A high-speed storage device subnetwork. A SAN is designed to assign data backup and restore functions to a secondary network where so that they do not interfere with the functions and capabilities of the server.
A fictitious directory displayed when browsing a file-system backup that contains all files and directories saved from the top-most file-system level.
A tape device that reads and writes data stored on a tape. Tape drives are sequential-access, which means that they must read all preceding data to read any particular piece of data. Tape drives are accessible through various protocols, including Small Computer System Interface (SCSI) and Fibre Channel. A tape drive can exist standalone or in a tape library.
TCP/IP (Transmission Control Protocol/Internet Protocol)
The suite of protocols used to connect hosts for transmitting data over networks.
time-managed expiration policy
A media family expiration policy in which all volumes in a volume set can be overwritten when they reach their volume expiration time. Oracle Secure Backup computes the volume expiration time by adding the volume creation time for the first volume in the set, the write window time, and the retention period.
For example, you set the write window for a media family to 7 days and the retention period to 14 days. Assume that Oracle Secure Backup first wrote to the first volume in the set on January 1 at noon and subsequently wrote data on 20 more volumes in the set. In this scenario, all 21 volumes in the set expire on January 22 at noon.
The part of a backup schedule that specifies the days and times at which the backups should occur.
A file-system backup created with the
--unprivileged option of the
backup command. When you create or modify an Oracle Secure Backup user, you associate operating system accounts with this user. Unprivileged backups of a host run under the operating system account associate with Oracle Secure Backup user who initiates the backup.
Universal Unique Identifier. An identifier used for tagging objects across an Oracle Secure Backup administrative domain.
virtual tape library
One or more large-capacity disk drives partitioned into virtual physical tape volumes. To Oracle Secure Backup the virtual tape library appears to be a physical library with tape volumes and at least one tape drive. The volumes and drives in the virtual tape library can be configured to match common physical tapes and drives.
A volume is a unit of media, such as the LTO5 tape drive. A volume can contain multiple backup images.
volume creation time
volume expiration time
The date and time on which a volume in a volume set expires. Oracle Secure Backup computes this time by adding the write window duration, if any, to the volume creation time for the first volume in the set, then adding the volume retention period.
For example, assume that a volume set belongs to a media family with a retention period of 14 days and a write window of 7 days. Assume that the volume creation time for the first volume in the set was January 1 at noon and that Oracle Secure Backup subsequently wrote data on 20 more volumes in the set. In this scenario, the volume expiration time for all 21 volumes in the set is January 22 at noon.
volume sequence number
A number recorded in the volume label that indicates the order of the volume in a volume set. The first volume in a set has sequence number 1. The volume ID for a volume usually includes the media family name of the volume, a dash, and a unique volume sequence number. For example, a volume ID for a volume in the
RMAN-DEFAULT media family could be
A password-protected encrypted file. An Oracle wallet is primarily designed to store X.509 certificates and their associated public key/private key pair. The contents of the wallet are only available after the wallet password has been supplied, although with an obfuscated wallet no password is required.
The period for which a volume set remains open for updates, usually by appending additional backup images. The write window opens at the volume creation time for the first volume in the set and closes after the write window period has elapsed. After the write window close time, Oracle Secure Backup does not allow further updates to the volume set until it expires (as determined by its expiration policy), or until it is relabeled, reused, unlabeled, or forcibly overwritten.
A write window is associated with a media family. All volume sets that are members of the media family remain open for updates for the same time period.
write window close time
write window time
The length of time during which writing to a volume set is permitted.