Tag: Database

LEARN HOW OPEN RESETLOGS WITHOUT RECOVERY

Posted on by Osama Mustafa in Database
Amazing Oracle Trick I found today while i am Browsing OTN , I see to post it here .

What is Open resetlog mode 
 
Online redo logs are re-created . The log sequence is reset to 1.
If the databaseis running in archive log mode, the archived redo logs should then be deleted. Otherwise, chances are, that Oracle will eventually try to create an archived redo log whose filename already exists. 

First i will show its Normal Database this mean not in recovery mode :

sqlplus / as sysdba
Connected to an idle instance.

SQL> ORACLE instance started.

Total System Global Area  838860800 bytes
Fixed Size                  2087672 bytes
Variable Size             213910792 bytes
Database Buffers          616562688 bytes
Redo Buffers                6299648 bytes
Database mounted.
Database opened.
SQL> shutdown
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> exit  

Now Lets Open it :

sqlplus / as sysdba

Connected to an idle instance.

SQL> startup mount
ORACLE instance started.

Total System Global Area  838860800 bytes
Fixed Size                  2087672 bytes
Variable Size             213910792 bytes
Database Buffers          616562688 bytes
Redo Buffers                6299648 bytes
Database mounted.
SQL> alter database open resetlogs;
alter database open resetlogs
*
ERROR at line 1:
ORA-01139: RESETLOGS option only valid after an incomplete database recovery
 
SQL> recover database;
ORA-00283: recovery session canceled due to errors
ORA-00264: no recovery required


SQL> alter database open resetlogs;
alter database open resetlogs
*
ERROR at line 1:
ORA-01139: RESETLOGS option only valid after an incomplete database recovery


SQL> recover database until cancel;
Media recovery complete.
SQL> alter database open resetlogs;

Database altered.

SQL> 
 
 
 

 
 
 

How To Check Oracle Physical Standby is in Sync with the Primary or Not?

Posted on by Osama Mustafa in Database
On Primary

set pages 1000
set lines 120
column DEST_NAME format a20
column DESTINATION format a35
column ARCHIVER format a10
column TARGET format a15
column status format a10
column error format a15
select DEST_ID,DEST_NAME,DESTINATION,TARGET,STATUS,ERROR from v$archive_dest
where DESTINATION is NOT NULL

At Physical Standby


SELECT ARCH.THREAD# "Thread", ARCH.SEQUENCE# "Last Sequence Received", APPL.SEQUENCE# "Last Sequence Applied", (ARCH.SEQUENCE# - APPL.SEQUENCE#) "Difference"
FROM
(SELECT THREAD# ,SEQUENCE# FROM V$ARCHIVED_LOG WHERE (THREAD#,FIRST_TIME ) IN (SELECT THREAD#,MAX(FIRST_TIME) FROM V$ARCHIVED_LOG GROUP BY THREAD#)) ARCH,
(SELECT THREAD# ,SEQUENCE# FROM V$LOG_HISTORY WHERE (THREAD#,FIRST_TIME ) IN (SELECT THREAD#,MAX(FIRST_TIME) FROM V$LOG_HISTORY GROUP BY THREAD#)) APPL
WHERE
ARCH.THREAD# = APPL.THREAD#
ORDER BY 1



SELECT THREAD#, LOW_SEQUENCE#, HIGH_SEQUENCE# FROM V$ARCHIVE_GAP



select process,status,sequence# from v$managed_standby

Compare the output of the query its should be equal .

Prevent developers from using TOAD,other tools on production databases

Posted on by Osama Mustafa in Database
When I was Browsing On internet Today i saw Amazing Article Talking about how to prevent Developers From using Toad and other tools on production Database its Small script (After Logon Trigger ) On database level :

    CONNECT / AS SYSDBA;
    
    CREATE OR REPLACE TRIGGER block_tools_from_prod
      AFTER LOGON ON DATABASE
    DECLARE
      v_prog sys.v_$session.program%TYPE;
    BEGIN
      SELECT program INTO v_prog
        FROM sys.v_$session
      WHERE  audsid = USERENV(‘SESSIONID’)
        AND  audsid != 0  — Don’t Check SYS Connections
        AND  ROWNUM = 1;  — Parallel processes will have the same AUDSID’s
    
      IF UPPER(v_prog) LIKE ‘%TOAD%’ OR UPPER(v_prog) LIKE ‘%T.O.A.D%’ OR — Toad
         UPPER(v_prog) LIKE ‘%SQLNAV%’ OR     — SQL Navigator
         UPPER(v_prog) LIKE ‘%PLSQLDEV%’ OR — PLSQL Developer
         UPPER(v_prog) LIKE ‘%BUSOBJ%’ OR   — Business Objects
         UPPER(v_prog) LIKE ‘%EXCEL%’       — MS-Excel plug-in
      THEN
         RAISE_APPLICATION_ERROR(-20000, ‘Development tools are not allowed here.’);
      END IF;
    END;
    /
    SHOW ERRORS

 Where I saw it :

http://www.psoug.org/snippet/Block_TOAD_and_other_tools_516.htm

waiting for dictionary redo first scn

Posted on by Osama Mustafa in Database
Capture status : Streams Waiting for dictionary first scn

Example :

Capture is waiting on redo log file with SCN 5611274208824
Capture

The First SCN 5611441137818
Start SCN 5611441137818

Applied Scn 5611441373264
Required SCN 5611441137818

You can get the above information from enterprise manager
Maintenance -> Stream -> management -> capture (choose capture name and edit).

Note : 
1-Applied Scn +  Required SCN : you can’t change them (read only).

2-Set First SCN + Start SCN same as Required SCN .

 [Document 313279.1] Master Note for Troubleshooting Streams capture ‘WAITING For REDO’ or INITIALIZING

ACTION Plan #1 :

A) Restore archived redo logs starting with sequence   
B) If you can not restore logs, then capture must be droppend and recreated.
Note 471695.1 – Required Steps to Recreate a Capture Process

You should be running dbms_capture_adm.build on a regular basis to allow you to rebuild capture without having to resync.

ACTION Plan #2 :

look at the output from below sql and ensure that ALL logs (by time) are online and available.

++ Registered Log Files for Capture ++
COLUMN CONSUMER_NAME HEADING ‘Capture|Process|Name’ FORMAT A15
COLUMN SOURCE_DATABASE HEADING ‘Source|Database’ FORMAT A10
COLUMN SEQUENCE# HEADING ‘Sequence|Number’ FORMAT 999999
COLUMN NAME HEADING ‘Archived Redo Log|File Name’ format a35
column first_scn HEADING ‘Archived Log|First SCN’
COLUMN FIRST_TIME HEADING ‘Archived Log Begin|Timestamp’
column next_scn HEADING ‘Archived Log|Last SCN’
COLUMN NEXT_TIME HEADING ‘Archived Log Last|Timestamp’
COLUMN MODIFIED_TIME HEADING ‘Archived Log|Registered Time’
COLUMN DICTIONARY_BEGIN HEADING ‘Dictionary|Build|Begin’ format A6
COLUMN DICTIONARY_END HEADING ‘Dictionary|Build|End’ format A6
COLUMN PURGEABLE HEADING ‘Purgeable|Archive|Log’ format a9

SELECT r.CONSUMER_NAME,
r.SOURCE_DATABASE,
r.SEQUENCE#,
r.NAME,
r.first_scn,
r.FIRST_TIME,
r.next_scn,
r.next_time,
r.MODIFIED_TIME,
r.DICTIONARY_BEGIN,
r.DICTIONARY_END,
r.purgeable
FROM DBA_REGISTERED_ARCHIVED_LOG r, DBA_CAPTURE c
WHERE r.CONSUMER_NAME = c.CAPTURE_NAME
AND r.SEQUENCE# > 48056
ORDER BY source_database, consumer_name, r.first_scn;

After verifying that all those logs are available, then for capture , advance first/start snc
login to strmadmin

exec dbms_capture_adm.alter_capture(‘capture-name’,first_scn=>same as the above);
exec dbms_capture_adm.alter_capture(‘capture-name’,start_scn=>same as the above);

Verify

SELECT CAPTURE_NAME, FIRST_SCN, START_SCN, APPLIED_SCN, REQUIRED_CHECKPOINT_SCN FROM ALL_CAPTURE;

Restart capture.

 ##To check if SCN changed :

SELECT SUBSTR(s.PROGRAM,INSTR(S.PROGRAM,'(‘)+1,4) PROCESS_NAME,
c.CAPTURE_NAME,
C.STARTUP_TIME,
c.SID,
c.SERIAL#,
c.STATE,
c.state_changed_time,
FROM gV$STREAMS_CAPTURE c, gV$SESSION s
WHERE c.SID = s.SID AND
c.SERIAL# = s.SERIAL#;

ACTION PLAN #3 : 

If the Missing Archivelog found on ASM but Capture can’t see them you have to do the following :

ALTER DATABASE REGISTER LOGICAL LOGFILE ” FOR ”; 

OR

ALTER DATABASE REGISTER OR REPLACE LOGICAL LOGFILE ‘PATH’ FOR ‘Capture-name’;

Then Check By :

select name, sequence# from v$archived_log — use gv$archived_log in RAC
where between FIRST_CHANGE# and NEXT_CHANGE#
order by name;

Hope this will be Useful for you
Finally Don’t forget after you resolve the problem ro run this command once everyday to rebuild capture without having to resync

SQL> exec DBMS_CAPTURE_ADM.BUILD;

Check This Link : Stream Capture

 Thank you
Osama Mustafa
Oracle Database Consultant

 

Change Listener Port For Oracle RAC

Posted on by Osama Mustafa in Database
I think its useful to document this since maybe i will need it too 🙂

Environment

2 Node , Linux  …..

RAC database name: ORCL
Node 1 vip: myhost1-vip
Node 2 vip: myhost2-vip
Instance 1: ORCL1
Instance 2: ORCL2
Version: 11.1.0.7
New port: 1522

STEPS :

1) First, use netca to adjust the the listener port from 1521 to 1522. It’s a good idea to use netca to do this cluster-wide and keep the OCR in check.  
NOTE: This will shutdown the listeners across both nodes.

2)

2) In the tnsnames.ora for ASM and RDBMS, ensure the following entry exists (they’ll probably be there but with the 1521 port, so adjust accordingly):

LISTENERS_ORCL=
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = myhost1-vip)(PORT = 1522))
(ADDRESS = (PROTOCOL = TCP)(HOST = myhost2-vip)(PORT = 1522))
)

LISTENER_ORCL2=
(ADDRESS = (PROTOCOL = TCP)(HOST = myhost2-vip)(PORT = 1522))

LISTENER_ORCL1=
(ADDRESS = (PROTOCOL = TCP)(HOST = myhost1-vip)(PORT = 1522))

3)
Connect to each instance and set the local_listener to parameter to either LISTENER_MYRACDB1 or 2 depending on the instance you connect to. Ensure you do this so it applies to the instance you are connected to only, and does not apply globally.

e.g. if connected to ORCL1

alter system set local_listener=’LISTENER_ORCL1′ sid=’ORCL1′;

4) Set the remote_listener parameter to LISTENERS_MYRACDB across all instances

e.g. alter system set remote_listener=’LISTENERS_ORCL’;

5) Repeat the above for both ASM instances

6) You should be able to start the listener on each node now.

e.g. srvctl start listener -n myhost1 

Thank you

Note :

On Single node instance all you need to do is
1-stop the listener
lsnrctl stop

2-Go to $ORACLE_HOME/network/admin/listener.ora
modified the port for new one .

3-start the listener
lsnrctl start

DONE

Osama mustafa
Oracle Database consultant

Threats to Database Security Part 1

Posted on by Osama Mustafa in Database

Today, all company needs to save data and information, these kinds of data different from company to other such as (pictures, employee and Customer data); it’s so rarely to find companies used papers to save important data.We don’t disagree on database type, Sure Oracle is the best but there’s another product in the market today such as Oracle, Microsoft and k2 but all these products have common thing Called Threats .

Before this, we need to know what we mean with database Security since it’s my article subject
Database Security: can be defined as a system or process by which the “Confidentiality, Integrity, and Availability (CIA) of the database can be protectedUnauthorized entry or access to a database server signifies a loss of confidentiality; unauthorized alteration to the available data signifies loss of integrity; and lack of access to database services signifies loss of availability. Loss of one or more of these basic facets will have a significant impact on the security of the database.
This is the common defined for database security.For an illustration of this concept, imagine that the website of a company contains information like who they are, what they do, and what prospective customers have to do to contact them for their queries. In this case, the availability of the database services is more important when compared with other factors like the confidentiality or integrity of the database security.
Threats and risks to databases have increased and therefore, the need for securing databases has also increased. When it comes to securing a database, lots of things have to take care of , if you was focused On pervious talking you will know that I am talking about:
1- Confidentiality
2- Integrity
3- Availability

Confidentiality

What I mean in this word is so simple by encrypting the data stored in the database,two type of encryption in database :
1-Data-in-transit:
This refers to data that is moving within the network. Sensitive data, for example, that is sent through network layers or through the Internet. A hacker can gain access to this sensitive data by eavesdropping. When this happens, the confidentiality of the data is compromised. Encrypting datain-transit avoids such compromises.

2- Data-at-rest:
It is possible for a hacker to hack the data that is stored in the database. Encrypting data-at-rest prevents such data leakages.

Integrity
 
I am not going to say it’s too simple to, because I don’t want from Listeners to kick me; but guys for me It’s simple sorry, Integrity talking about which users have to be given what permissions in the database For example, data related to employee information is stored in a database. An employee may have permission for viewing the records and altering only part of information like his contact details, whereas a person in the human resources department will have more privileges.

To make sure everything is going to be ok just following these steps:

  • Change the password, once the database is installed.
  • Policies to set strong passwords have to be enforced. A good idea is to have a policy of changing the passwords once per a month.
  • Does your company have multiple database administrators? If yes, segregate the duties
    among these database administrators. 

Simple steps (again simple) save you and your company. 

Now last but I am not finished yet



Availability

Databases must not have unplanned downtime, to ensure this, following steps have to be taken:

  • To ensure high availability, usage of database clusters is recommended. 
  • Databases should be secured against security vulnerabilities.
  • Backup the data at periodic intervals to ensure data recovery in case of application issues.

As we all know there’s nothing perfect so when we talk about Security, that mean we talk about Threats and attackers. With the increase in usage of databases, the frequency of attacks against those databases has also increased; Database attacks are an increasing trend these days. What is the reason behind database attacks? One reason is the increase in access to data stored in databases. When the data is been accessed by many people, the chances of data theft increases. In the past, database attacks were prevalent, but were less in number as hackers hacked the network more to show it was possible to hack and not to sell proprietary information. Another reason for database attacks is to gain money selling sensitive information, which includes credit card numbers, Social Security Numbers, etc. We previously defined database security and talked about common database security concepts. Now let’s look at the various types of threats that affect database security.



Thank You 
Written By : Osama Mustafa 
Consider this as part one since i will post another one related to this .
Twitter

How to check default temporary tablespace

Posted on by Osama Mustafa in Scripts
COLUMN property_name FORMAT A30
COLUMN property_value FORMAT A30
COLUMN description FORMAT A50
SET LINESIZE 200

SELECT *
FROM database_properties
WHERE property_name like ‘%TABLESPACE’;

short topic but hope it will be useful
Thank you
Osama Mustafa