Oracle Database Application Security Book

Finally …

The Book is alive

For the first time the book which is dicussed critcal security issues such as database threats, and how to void them, the book also include advance topics about Oracle internet directory, Oracle access manager and how to implement full cycle single sign on,

Focus on the security aspects of designing, building, and maintaining a secure Oracle Database application. Starting with data encryption, you will learn to work with transparent data, back-up, and networks. You will then go through the key principles of audits, where you will get to know more about identity preservation, policies and fine-grained audits. Moving on to virtual private databases, you’ll set up and configure a VPD to work in concert with other security features in Oracle, followed by tips on managing configuration drift, profiles, and default users.

What You Will Learn:- 

  • Work with Oracle Internet Directory using the command-line and the console.
  • Integrate Oracle Access Manager with different applications.
  • Work with the Oracle Identity Manager console and connectors, while creating your own custom one.
  • Troubleshooting issues with OID, OAM, and OID.
  • Dive deep into file system and network security concepts.
  • First time chapter that include most of the critical database threats in real life.


You can buy the book now from amazon here




Check RMAN Backup Status

The Below Scripts To Check Backup Status Via Sqlplus , Maybe you will find Same Or Another Scripts In the Same way : 

Sqlplus / as sysdba

This script will report on all backups – full, incremental and archivelog backups –

col STATUS format a9
col hrs format 999.99
to_char(START_TIME,'mm/dd/yy hh24:mi') start_time,
to_char(END_TIME,'mm/dd/yy hh24:mi') end_time,
elapsed_seconds/3600 hrs
order by session_key;

This script will report all on full and incremental backups, not archivelog backups –

col STATUS format a9
col hrs format 999.99
to_char(START_TIME,'mm/dd/yy hh24:mi') start_time,
to_char(END_TIME,'mm/dd/yy hh24:mi') end_time,
elapsed_seconds/3600 hrs
where input_type='DB INCR'
order by session_key;

I would Love to Thank gavin soorma – OCM For His Amazing Effort . Share it For Knowledge .

Thank you
Osama Mustafa

All About Oracle WorkFlow Mailer

In this Topic We will discuss the Workflow mailer In Oracle Apps ad how to check it Let Start :

Workflow: version


check workflow status.

set linesize 120
set pagesize 50
column COMPONENT_NAME format a45
column STARTUP_MODE format a15
column COMPONENT_STATUS format a15

select fsc.COMPONENT_NAME,fsc.STARTUP_MODE,fsc.COMPONENT_STATUS,fcq.last_update_date
from APPS.FND_CONCURRENT_QUEUES_VL fcq, fnd_svc_components fsc
where fsc.concurrent_queue_id = fcq.concurrent_queue_id(+)

check if workflow is used by only one instance
col value format a20
select p.parameter_id,
v.parameter_value value
from apps.fnd_svc_comp_param_vals_v v,
apps.fnd_svc_comp_params_b p,
apps.fnd_svc_components c
where c.component_type = ‘WF_MAILER’
and v.component_id = c.component_id
and v.parameter_id = p.parameter_id
and p.parameter_name in ( ‘INBOUND_SERVER’,’ACCOUNT’, ‘REPLYTO’)

order by p.parameter_name;

check for bad e-mail address

set linesize 170
col name format a40
col email_address format a80
select name, email_address from apps.wf_local_roles where email_address like ‘% %’;

select name, email_address from apps.wf_local_roles where email_address like ‘%%’;

 “If this retuning Row The there’s bad Email”

How to know mail sent to a user with details:

select name, display_name, notification_preference, email_address
 from wf_local_roles where name = ”;

To see failed, open notifications

SELECT message_type, COUNT(1)
FROM apps.wf_notifications
WHERE 1 = 1 AND mail_status = ‘FAILED’ AND status = ‘OPEN’
GROUP BY message_type;

To check if email address, notification preference, display_name

select distinct(count(*)) from wf_users where NOTIFICATION_PREFERENCE=’MAILTEXT’ and STATUS = ‘ACTIVE’ and EMAIL_ADDRESS = ‘‘;

Thank you
Osama mustafa

UNKNOWN State Of RAC Resources

Sometimes when you check Oracle Cluster Status Via “crs_stat -t” :

ora.orcl.db application ONLINE ONLINE rac1
ora....11.inst application ONLINE ONLINE rac1
ora....SM1.asm application ONLINE ONLINE rac1
ora....DC.lsnr application ONLINE ONLINE rac1
ora....idc.gsd application ONLINE ONLINE rac1
ora....idc.ons application ONLINE ONLINE rac1 application ONLINE ONLINE rac1
ora....SM2.asm application ONLINE UNKNOWN rac2
ora....C2.lsnr application ONLINE ONLINE rac2
ora....dc2.gsd application ONLINE ONLINE rac2
ora....dc2.ons application ONLINE ONLINE rac2 application ONLINE ONLINE rac2

If You try to restart Oracle Cluster via

./crs_stop -all
./crs_start -all

It will not working so you have to do the following simple steps :

 First :

crs_stop -f Service_name
Example :
crs_stop -f ora.rac2.ASM2.asm 

 Second :

crs_start -f services_name

Example :

crs_start -f ora.rac2.ASM2.asm 

Thank you

Check Rac Status

hi All Again ,

As Oracle Database administrator its your job to check rac status on your server, i know its little creepy when we heard about RAC,DG but its all about the command and how , when to use it ? !!!

Sure you need to be careful when you are using commands such as “crs , Srvtl” and stuff like that .

I will make it easy for you save this command in the notepad (you can find in the end of this article)
so everytime you need to check RAC status and you need to do is choose your command :

Let start

*To check RAC STATUS ON OS :
Use :
crs_stat -t

*Check Node Availability :
Status nodeapps -n

*Check your ASM :
srvctl status asm -n

ok but i need to check database status how ?
*for Database status :
srvctl status database -d esxrac

And what about service for this database is it work fineeeeee :
* Database Services :
srvctl status service -d esxrac

And Finally
* Cluster Status :
crsctl check crs

As we see its all about command if you how to use it RAC will be easy otherwise don’t use it if you don’t know anything about it because it maybe destroy everything . BE CAREFUL

Where you Go its not the end , i need to check RAC inside the Database (SQL) :
lets Begin 🙂

I need to check Rac Instance if it works fine in normal database we use v$instance
here in rac just add gv$instance .
** select instance_name, host_name, archiver, thread#, status
from gv$instance ;

What About datafiles :
**select file_name, bytes/1024/1024 from dba_data_files ;

Getting the status of all the groups, type, membership :
**select group#, type, member, is_recovery_dest_file from v$logfile order by group#

But , Wait what about ASM we need to check it too :
To check ASM Disk :
**select group_number, name,allocation_unit_size alloc_unit_size,state,type,total_mb,usable_file_mb
from v$asm_diskgroup;

Information About ASM instance :
select group_number, file_number, bytes/1024/1024/1024 GB, type, striped, modification_date from v$asm_file

Thank You very Much , just Bookmark my blog all i keep post everything useful for DBA’s

And you can Download notepad from HERE