Step by Step Configure SSO Using Oracle Fusion Middle-ware

I would like to share this document , which is describe step by step dealing with :

  • WebLogic
  • Oracle Internet Directory
  • Oracle Content Server
  • Oracle Access manager 
Every thing mentioned with Installation &  Configuration Steps.
I tried To make it simple as i can, Included with Screen Shots ,Step By Step how to install The above Oracle Products and how to configure them to prepare your application for Single-Sing-On 
Please if you would like to share this document ask me before.

You can View and Download the Document from Here
Thank you 
Osama mustafa

Mount NFS Device Is Busy

This Error Appear On Solaris when you try to mount filesystem :

mount -F nfs IP:/export/home/oracle/test /export/home/oracle/test

Output :

nfs mount: mount: /export/home/oracle/test : Device busy

Check why it’s Busy using :

fuser -u /export/home/oracle/test

/export/home/oracle/test :     1432c(oracle)

Kill the process :

kill – 9 1432 

Thank you
Osama mustafa 

Pluggable Database Tutorial (12c) Part 2

In my Part 1 Tutorial for how to deal with Pluggable database 12c I mentioned how to use pluggable database , How to create pluggable database , how to create tablespace , and how to open/close pluggable database .

Please check the Part ( 1 ) before continue reading this article here.

Welcome to Pluggable database Part 2 

  • Rename Pluggable Database 
  • Manage Pluggable database
  • Drop Pluggable database
  • Security In Pluggable database


SQL> select name, con_id from v$active_services order by 1;

NAME     CON_ID
—————————– ———-
TEST  3

as you see in the above query, I already created pluggable database called test. and it’s in Read write Mode.
Rename Pluggable database 

SQL> alter pluggable database TEST close immediate ;Pluggable database altered.

SQL> alter pluggable database TEST open restricted ;Pluggable database altered.

SQL> select name, open_mode from v$pdbs;

NAME                OPEN_MODE
—————————— ———-
TEST       READ WRITE

SQL> alter pluggable database TEST rename global_name to new ;Pluggable database altered.

SQL> select name, con_id from v$active_services order by 1;

NAME      CON_ID
————————————— ———-
new   3

if you are not connected to pluggable database or set session container then you will recicve error message  

ORA-65046: operation not allowed from outside a pluggable 

SQL> alter pluggable database new close immediate ;Pluggable database altered.

SQL> alter pluggable database new open ;Pluggable database altered.

Manage Pluggable Database

Back to root container using / as sysdba like below :

SQL> conn / as sysdba
Connected.

SQL> select name, con_id from v$active_services order by 1;NAME     CON_ID
————————————————— ———-
SYS$BACKGROUND   1
SYS$USERS  1
db12c  1
db12cXDB  1
new           3

We Control which list for for tablespace & datafiles by using con_id.

  • List tablespace in root container 

SQL> select tablespace_name, con_id from cdb_tablespaces where con_id=1; 

TABLESPACE_NAME       CON_ID
—————————— ———-
SYSTEM 1
SYSAUX 1
UNDOTBS1 1
TEMP 1
USERS 1
CDATA 1

  • List Database In root Container 

 SQL> select file_name, con_id from cdb_data_files where con_id=1;

FILE_NAME CON_ID
————————————————————————— ———-
/u01/app/oracle/oradata/db12c/users01.dbf      1
/u01/app/oracle/oradata/db12c/undotbs01.dbf      1
/u01/app/oracle/oradata/db12c/sysaux01.dbf      1
/u01/app/oracle/oradata/db12c/system01.dbf      1
/u01/app/oracle/oradata/db12c/gls/test.dbf      1

  • Temp Tablespace  in root container 

SQL> select file_name, con_id from cdb_temp_files where con_id=1; 

FILE_NAME CON_ID
—————————————————————————– ———-
/u01/app/oracle/oradata/db12c/temp01.dbf      1

  • Create Tablespace  ( already mentioned in Part (1)) 

SQL> create tablespace test datafile ‘/u01/app/oracle/oradata/db12c/gls/test03.dbf’ size 20M; Tablespace created.

SQL> select tablespace_name, con_id from cdb_tablespaces order by con_id;

TABLESPACE_NAME   CON_ID
—————————— ———-
SYSTEM 1
TEST 1
CDATA 1
SYSAUX 1
TEMP 1
UNDOTBS1 1
USERS 1
SYSAUX 2
TEMP 2
SYSTEM 2
TEMP 3
SYSAUX 3
PDB_TEST 3
SYSTEM 3
14 rows selected.

  •  Create temp tablespace 

SQL> create temporary tablespace temp_test tempfile ‘/u01/app/oracle/oradata/db12c/gls/temp_test.dbf’ size 20M ;
Tablespace created.

SQL> select file_name, con_id from cdb_temp_files where con_id=1;

FILE_NAME CON_ID
————————————————————————— ———-
/u01/app/oracle/oradata/db12c/temp01.dbf      1
/u01/app/oracle/oradata/db12c/gls/temp_test.dbf      1

The Same Steps in root container for create tablespace and temp tablespace for pluggable database.
Security In Pluggable Database

In This Section we will discuss how to manage Users, roles and privileges.
before Demonstration you need to know what is the difference between two users  type :
  • Common  : when you create this kind of users in root it’s automatically replicated in all Pluggable database.
  • Local : this kind of users only created on pluggable database that you are connected to it now. and dose not effect on others pluggable database.
To Create Common Users you need to be connected to root container.

SQL> conn / as sysdba
Connected.

SQL> create user c##osama identified by osama ;User created.

SQL> select username, common, con_id from cdb_users where username like ‘C##%’;

USERNAME COM CON_ID
———————————— — ———-
C##TEST YES      1
C##OSAMA YES      1
C##TEST YES      3
C##OSAMA YES      3

SQL> grant create session to c##osama ;Grant succeeded.

SQL> conn c##osama/osama@test12c:1521/db12c ;
Connected.

Let’s connect to pluggable database :

The user i will created it here will not appear in root container.

SQL> conn sys/sys@test12c:1521/new as sysdba
Connected.

SQL> create user test identified by test ;User created.

SQL> grant create session to test ;Grant succeeded.

 SQL> select username, common, con_id  from cdb_users where username =’TEST’;

USERNAME      COM CON_ID
—————— ———-
TEST  NO      3

 SQL> conn test/test@test12c:1521/new ;
Connected.

 Same rules and conditions applied on Roles if you created in Root Container it will be replicated to pluggable database, on other hand if you created in Pluggable database it will be local without effecting Container.

Let’s connect to Root Container

SQL> conn / as sysdba
Connected.

SQL> create role c##root_role ;Role created.

SQL> select role, common, con_id from cdb_roles where role=’C##ROOT_ROLE’;

ROLE  COM CON_ID
——————— — ———-
C##ROOT_ROLE  YES      1
C##ROOT_ROLE  YES      3

SQL> conn sys/sys@test12c:1521/new as sysdba
Connected.

SQL> create role test2;Role created.

 SQL> select role, common, con_id from cdb_roles where role=’TEST2′;

ROLE COM CON_ID
—————- — ———-
TEST2 NO      3

SQL> create role hr container=all ;
create role hr container=all
*
ERROR at line 1:
ORA-65050: Common DDLs only allowed in CDB$ROOT

SQL> create user hr identified by hr container=all ;
create user hr identified by hr container=all
                             *
ERROR at line 1:
ORA-65050: Common DDLs only allowed in CDB$ROOT

—> you cannot create a common role inside a PDB.
Check user privileges :

SQL> select grantee, privilege, common, con_id from cdb_sys_privs
where privilege=’CREATE SESSION’ and grantee=’TEST’; 

GRANTEE PRIVILEGE  COM  CON_ID
————– —————————————
TEST CREATE SESSION  NO       3

Drop Pluggable Database

SQL > drop pluggable database new  including datafiles;
Pluugable database dropped.

This document also available on slidshare here

Thank you
Osama mustafa 

TEMP UNDO TABLESPACE : Another 12C Feature

Testing is not finished yet , Everyday working on database 12C  , Lot Of New Features , TEMP_UNDO_TABLESPACE one of these new features, In older Oracle Versions Temp Tables are stored in Undo Tablespace, But now with #DB12c you can enable Parameter TEMP_UNDO_TABLESPACE by Default this parameter set to FALSE But in Dataguard 12c  this parameter is set to TRUE by default.

The Benefit of Using Temp Undo Tablespace :

  • reduce the amount of using undo tablespace
  • in this case performance improved because less data will be written on redolog.
  • Temp Undo Tablespace support DML 

SQL> show parameter TEMP_UNDO_ENABLED;

NAME     TYPE VALUE
———————————— ———– ——-
temp_undo_enabled     boolean FALSE

You Don’t have to reset Database to Enable this Parameter because it’s working on Session level 

SQL> alter session set temp_undo_enabled=TRUE   ;
Session altered.

also you set this parameter on database level :

SQL> alter system set temp_undo_enabled=true;
System altered.

SQL> show parameter temp_undo_enabled ;

NAME     TYPE VALUE
———————————— ———– ——-
temp_undo_enabled     boolean TRUE
 

View Related to temp undo tablespace :

SQL> desc V$TEMPUNDOSTAT;
 Name   Null?    Type
 —————————————– ——– —————————-
 BEGIN_TIME    DATE
 END_TIME             DATE
 UNDOTSN             NUMBER
 TXNCOUNT             NUMBER
 MAXCONCURRENCY     NUMBER
 MAXQUERYLEN    NUMBER
 MAXQUERYID    VARCHAR2(13)
 UNDOBLKCNT    NUMBER
 EXTCNT             NUMBER
 USCOUNT             NUMBER
 SSOLDERRCNT    NUMBER
 NOSPACEERRCNT     NUMBER
 CON_ID             NUMBER

Security Features 12c

As Any Newer Version of database oracle Enhance Security This time Oracle create new users for administration purpose

Separate user duties : 

SQL> select username from dba_users where username like ‘%SYS%’;

USERNAME
———————————-
SYS  : Super user
SYSKM : Key magament tasks
SYSDG : Data Guard Managment
SYSBACKUP : backup management

DBMS_PRIVILEGE_CAPTURE

The Privilege Analysis feature allows you to: 
  • Define a privilege capture
  • Start a privilege analysis during a period of time
  • Delete capture analysis
The Capture can be Done on Three level :
  • User
  • Role
  • Context
to understand this new package check the below examples :
sqlplus / as sysdba
SQL> create user test identified  by test ;
SQL> grant create session to test ;
Grant succeeded.
SQL> grant select any table to test ;
Grant succeeded.
Create new Capture using this package :

exec SYS.DBMS_PRIVILEGE_CAPTURE.CREATE_CAPTURE ( –
        name           =>  ‘test_capture’, –
        description    =>  ‘Capture_all_thing’, –
        type           =>   dbms_privilege_capture.g_database)

Where 

Name : Package name
Description : What this package fo
type : depend on level users ( g_database ) , role (g_role )  , Context : (g_role_and_context)

we need to enable this package to start capture :

SQL> exec SYS.DBMS_PRIVILEGE_CAPTURE.ENABLE_CAPTURE (name => ‘test_capture’);
 PL/SQL procedure successfully completed.

until everything goes fine now to start capture you have to logout from sqlplus and start do what you need to do.
SQL> conn test/test ;
Connected.
SQL> select * from osama.test ;
no rows selected
SQL> select * from osama.test2 ;
   TEST_ID TEST_NAME
———- ——————–
1 JENNIFER
2 STEVE
3 USER
again reconnect as / as sysdba to disable capture then generate results like the following :
SQL> exec SYS.DBMS_PRIVILEGE_CAPTURE.DISABLE_CAPTURE (name => ‘test_capture’);
PL/SQL procedure successfully completed.
SQL> exec SYS.DBMS_PRIVILEGE_CAPTURE.GENERATE_RESULT (name => ‘test_capture’);
PL/SQL procedure successfully completed.

SQL> select username, object_owner, object_name, obj_priv
from   dba_used_objprivs
where  username in (‘OSAMA’, ‘TEST’) 

USERNAME   OBJECT_OWNER OBJECT_NAME       OBJ_PRIV
———- ———— —————————— ————————-
TEST   SYS ORA$BASE                                      USE
TEST   SYS DBMS_APPLICATION_INFO       EXECUTE
TEST   SYS DUAL                                              SELECT
TEST   SYS DUAL                                               SELECT
TEST   SYSTEM PRODUCT_PRIVS                     SELECT
Drop Capture :
exec SYS.DBMS_PRIVILEGE_CAPTURE.DROP_CAPTURE (name => ‘test_capture’)
Thank you 
Osama mustafa

tiny features : Truncate table in 12c

New Features with Database 12c , CASCADE Usually used with Drop or update command (10g,11g) But now with Database 12c , you can use this features with Truncate command

SQL> select * from test ;
no rows selected

SQL> desc test ;

 Name   Null?    Type
 —————————————– ——– —————————-
 TEST_ID   NOT NULL NUMBER
 TEST_NAME    VARCHAR2(20)

SQL> truncate table test cascade ;
Table truncated.

More Features coming up 🙂

Thank you 
Osama mustafa

Move Datafiles Online 12c

As you know Oracle database 12c released Yesterday and we all still test it and learn what are the new features !!

For the first time in Oracle Database you can move objects online without offline or shutdown database which is very useful and helpful for any DBA’s

Check the example below :

SQL> select file_name from dba_data_files ;

FILE_NAME
——————————————————————————–
/u01/app/oracle/oradata/db12c/system01.dbf
/u01/app/oracle/oradata/db12c/sysaux01.dbf
/u01/app/oracle/oradata/db12c/users01.dbf
/u01/app/oracle/oradata/db12c/undotbs01.dbf

Let’s move system01.dbf 
SQL> alter database move datafile ‘/u01/app/oracle/oradata/db12c/system01.dbf’ to ‘/u01/system.dbf’;

SQL> select File_name from dba_data_files ;
FILE_NAME
——————————————————————————–
/u01/system.dbf
/u01/app/oracle/oradata/db12c/sysaux01.dbf
/u01/app/oracle/oradata/db12c/users01.dbf
/u01/app/oracle/oradata/db12c/undotbs01.dbf

Thank you
Osama mustafa