Caution - Do not perform the steps in this section for an Oracle Database physical standby database or far sync database instance. |
Perform the procedure in this section to set up database permissions for an Oracle primary database or an Oracle Database logical standby database.
# sqlplus "/ as sysdba" sql> create user user identified by passwd; sql> alter user user default tablespace system quota 1m on system; sql> grant select on v_$sysstat to user; sql> grant select on v_$archive_dest to user; sql> grant select on v_$database to user; sql> grant create session to user; sql> grant create table to user; sql> create profile profile limit PASSWORD_LIFE_TIME UNLIMITED; sql> alter user user identified by passwd profile profile; sql> exit; #
You can use this method for all supported Oracle Database releases.
To use the Oracle Database authentication method within a Container Database (CDB), grant this user authority, on the v_$sysstat view and the v_$archive_dest view. If a CDB is used then user needs to be prefixed with C## or c## as shown in the example below.
# sqlplus "/ as sysdba" sql> create user c##user identified by passwd; sql> alter user c##user default tablespace system quota 1m on system; sql> grant select on v_$sysstat to c##user; sql> grant select on v_$archive_dest to c##user; sql> grant select on v_$database to c##user; sql> grant create session to c##user; sql> grant create table to c##user; sql> create profile c##profile limit PASSWORD_LIFE_TIME UNLIMITED; sql> alter user c##user identified by passwd profile c##profile; sql> exit; #
# sqlplus "/ as sysdba" sql> show parameter remote_os_authent NAME TYPE VALUE ---------------------- ----------- --------------- remote_os_authent boolean TRUE
# sql> show parameter os_authent_prefix NAME TYPE VALUE ---------------------- ----------- --------------- os_authent_prefix string ops$
sql> create user prefix user identified by externally default tablespace system quota 1m on system; sql> grant connect, resource to prefix user; sql> grant select on v_$sysstat to prefix user; sql> grant select on v_$archive_dest to prefix user; sql> grant select on v_$database to prefix user; sql> grant create session to prefix user; sql> grant create table to prefix user; sql> exit; #
The replaceable items in these commands are as follows:
prefix is the setting of the os_authent_prefix parameter. The default setting of this parameter is ops$.
user is the user for whom you are enabling Oracle Solaris authentication. Ensure that this user owns the files under the $ORACLE_HOME directory.
The listener.ora file must be accessible from all the nodes that are in the cluster. Place these files either under the cluster file system or in the local file system of each cluster node that can potentially run the Oracle Database resources.
You must also run the clresource command to set the resource extension parameter User_env, which sources the user-environment file. See SUNW.oracle_listener Extension Properties or SUNW.oracle_server Extension Properties for format details.
HA for Oracle Database imposes no restrictions on the listener name; it can be any valid Oracle Database listener name.
The following code sample identifies the lines in listener.ora that are updated.
LISTENER = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = IPC) (KEY = EXTPROC)) (ADDRESS = (PROTOCOL = TCP) (HOST = logical-hostname) (PORT = port-used)) ) )
The following code sample identifies the lines in tnsnames.ora that are updated on client machines.
service_name = . . (ADDRESS = (PROTOCOL = TCP) (HOST = logicalhostname) <- logical hostname (PORT = 1527) <- must match port in LISTENER.ORA ) ) (CONNECT_DATA = (SID = <SID>)) <- database name, default is ORCL
# cluster status clustername
Next Steps
Go to Installing the HA for Oracle Database Package to install the HA for Oracle Database packages.