Oracle 19c TDE syskm - tde

db version is 19.3.
While deploying TDE in PDB, we are unable to connect to the PDB as syskm. We are able to connect to the PDB as sys user without errors.
SQL> connect syskm#USA_DEV as syskm
ERROR:
ORA-01017: invalid username/password; logon denied
Warning: You are no longer connected to ORACLE.
SQL> connect sys#usa_dev as sysdba
Connected.
SQL> connect c##abc#usa_dev
Connected.
There is no issues reported in Metalink for syskm.
Any know issues with syskm for 19c PDB? OR any ideas?

Used the SYS user to perform the TDE key and keystore setup in PDBs instead of SYSKM user. This falls into workaround for us but it works.

Related

MariaDB as destination permission required in AWS SCT

We are using AWS SCT tool to migrate Oracle database to MariaDB.
We have given the required permission on Oracle database after reading from below
https://docs.aws.amazon.com/SchemaConversionTool/latest/userguide/CHAP_Source.Oracle.html
Haven't find the what are permission required in MariaDB as target. Found MariaDB as source https://docs.aws.amazon.com/SchemaConversionTool/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.Connecting
We are able to add Oracle as source in AWS SCT but while adding MariaDB as target we are getting below error :
The specified account (testPermission) does not have sufficient privileges for working with the following object(s):
MariaDB Server : [SELECT, SHOW VIEW]
Permission on MariaDB (output of SHOW GRANTS FOR CURRENT_USER();)
GRANT USAGE ON *.* TO `<username>`#`%` IDENTIFIED BY PASSWORD '<password>'
GRANT ALL PRIVILEGES ON `<databasename>`.* TO `<username>`#`%`
Can you help me here what extra permission required in MariaDB?
Thanks in advance.

Mariadb driver Aurora IAM credentialType Access denied for user (using password: YES)

We use MariaDB driver 2.7.3 & Hikari Datasource in the Java 11 application to connect to the AWS Aurora database. Intermittently we are getting "Access denied to user"
(using password: YES) error in the error log files. The following is the JDBC URL used in the application.
jdbc:mariadb:aurora://<DB writer cluster endpoint>:port,<DB reader cluster endpoint>:port/<DB name>?credentialType=AWS-IAM&useSSL=true&verifyServerCertificate=true&serverSslCert=rds-combined-ca-bundle.pem&autoReconnect=true&fastConnect=true&tcpNoDelay=true&socketTimeout=0
credentialType=AWS-IAM will use the RDS token as the password. From the error message, it looks like the expired token is used to get a database connection by the MariaDB driver. Is this a bug in the MariaDB driver? Let us know if there is anything else we need to do from an application end? These are the properties set from the application.
spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
spring.datasource.hikari.minimum-idle=5
spring.datasource.hikari.maximum-pool-size=60
spring.datasource.hikari.idle-timeout=600000
spring.datasource.hikari.connection-timeout=3000
spring.datasource.hikari.validation-timeout=1000
spring.datasource.hikari.login-timeout=2000
spring.datasource.hikari.max-lifetime=180000
spring.datasource.hikari.data-source-properties.cachePrepStmts=true
spring.datasource.hikari.data-source-properties.prepStmtCacheSize=1000
spring.datasource.hikari.data-source-properties.prepStmtCacheSqlLimit=2048
spring.datasource.hikari.data-source-properties.useServerPrepStmts=true

Issues gaining access to sqlplus

I recently installed oracle 11g enterprise manager version
first of all, the orcl would not work when I lunched it on internet explorer
<error:cannot find page>
I checked the status of dbconsole from SERVICE folder..(Started)
was able to gain access to sqlplus with my log in details
after a few weeks I couldn't gain access anymore with the same login details
I tried the following codes but still could not gain access
sqlplus/nolog
sql>connect / as sysdba
sql>desc dba_users
sql>select username,password from dba_users;
sql>desc dba_users(error: object dba_users does not exist)
sql>select username,password from dba_users;(error: database not open)
ALTER DATABASE OPEN READ ONLY;( error: database not mounted)
You need to startup the database.
e.g.
. oraenv
SID
sqlplus / as sysdba
startup

MSDTC between Windows 7 (32bit) and Windows Server 2003

I am currently attempting to create a test environment for a website which is using a mixture of classic ASP and ASP.NET. (The original machines are running old versions of Windows Server, so the configuration is not to easy to mimic)
Unfortunately, I am having problems interacting from Windows 7 to the Server 2003.
The error I am getting from my test application (which simply fires a stored procedure) is as follows:
New transaction cannot enlist in the specified transaction coordinator.
After reading various articles online, I believe I have set-up the COM+ side of things on the Windows 7 machine correctly. If I change my connection string to target the old server, it succeeds.
I then ran MSDTC Simulation V1.9 and the error I recieved was as follows:
DTCping log file: C:\Users\whelans\Desktop\dtping\[servername].log
RPC server is ready
Please Start Partner DTCping before pinging
++++++++++++Validating Remote Computer Name++++++++++++
Please refer to following log file for details:
C:\Users\whelans\Desktop\dtping\[servername].log
Invoking RPC method on [servername]
Problem:fail to invoke remote RPC method
Error(0x6D9) at dtcping.cpp #303
-->RPC pinging exception
-->1753(There are no more endpoints available from the endpoint mapper.)
RPC test failed
I then tried changing my connection string password and it fails due to invalid login, so I believe the COM is reaching the server's database. The user also has full permissions on the database.
I notice in the COM+ Window, that the component in use is spinning as if communicating with the server, however, it seems the server is rejection the connection.
Any ideas?
EDIT: I have now also ran DTCTester, as i read that DTCPing will always fail on Windows 7, here was the result:
C:\Users\whelans\Desktop\dtping>dtctester.exe TestDatabase username password
Executed: dtctester.exe
DSN: TestDatabase
User Name: username
Password: password
tablename= #dtc9033
Creating Temp Table for Testing: #dtc9033
Warning: No Columns in Result Set From Executing: 'create table #dtc9033 (ival i
nt)'
Initializing DTC
Beginning DTC Transaction
Enlisting Connection in Transaction
Executing SQL Statement in DTC Transaction
Inserting into Temp...insert into #dtc9033 values (1)
Warning: No Columns in Result Set From Executing: 'insert into #dtc9033 values (
1) '
Verifying Insert into Temp...select * from #dtc9033 (should be 1): 1
Press enter to commit transaction.
Commiting DTC Transaction
Releasing DTC Interface Pointers
Successfully Released pTransaction Pointer.
Disconnecting from Database and Cleaning up Handles

What Is the Issue Suddently the Database Stopped Sending Emails Out After It is Upgraded from Oracle 10g to 11g R1?

Hi Oracle Database Gurus,
What is the issue suddently the Database stopped sending Emails out after it is upgraded from Oracle 10g to 11g R1? I double check the email demon on the server it is working fine when I send an email from the linux command line (not through an database procedue). And the smtp_out_server parameter value is the same before and after the upgrade...
Thanks!
Do you get any errors? The first thing that jumps to mind is that 11g introduces more fine-grained permissions for packages like UTL_MAIL and UTL_SMTP that interact with other servers. Your DBA would need to create an appropriate network ACL in order to allow you to access external servers from within your PL/SQL code.
If you don't have sufficient permission, your code should be getting an "ORA-24247: network access denied by access control list (ACL)" error. Are you getting such an error? Or is it possible that you have a WHEN OTHERS exception handler that is hiding that error from you?
Do you see any rows in USER_NETWORK_ACL_PRIVILEGES (or DBA_NETWORK_ACL_PRIVILEGES or ALL_NETWORK_ACL_PRIVILEGES depending on what user you're logging in as, what user is sending mail, and your privilege level)? If so, is there a row for your mail server with whatever port range your SMTP server is listening on?

Resources