Oracle Database Application Security Book

Finally …

The Book is alive

For the first time the book which is dicussed critcal security issues such as database threats, and how to void them, the book also include advance topics about Oracle internet directory, Oracle access manager and how to implement full cycle single sign on,

Focus on the security aspects of designing, building, and maintaining a secure Oracle Database application. Starting with data encryption, you will learn to work with transparent data, back-up, and networks. You will then go through the key principles of audits, where you will get to know more about identity preservation, policies and fine-grained audits. Moving on to virtual private databases, you’ll set up and configure a VPD to work in concert with other security features in Oracle, followed by tips on managing configuration drift, profiles, and default users.

What You Will Learn:- 

  • Work with Oracle Internet Directory using the command-line and the console.
  • Integrate Oracle Access Manager with different applications.
  • Work with the Oracle Identity Manager console and connectors, while creating your own custom one.
  • Troubleshooting issues with OID, OAM, and OID.
  • Dive deep into file system and network security concepts.
  • First time chapter that include most of the critical database threats in real life.

 

You can buy the book now from amazon here

 

Cheers

Osama

Share Folder as File System From Windows to Linux

in this post i will show you how to share folder from windows to Linux , you can use smb but in this post i will use it in command line.

Option #1:
SMB

By Press ( ALT+F2 ) the new dialog will be opened just type in the box the below :

smb://windows-server-ip/shared folder 

Option #2: 
Using command line.
  • mkdir /windows-backup
  • as root user
  • mount -t cifs //windowsip/sharefolder -o username=administrator,password=administratorpassword /windows-backup.
  • run df -h to make sure the folder has been mounted.
Note :
If you are using RHEL 4 the above command will not work, check the below

mount -t smbfs -o username=administrator,password=administratorpassword //windowsip/backup /windwos-backup

Thank you
Osama mustafa

Reference :
1- cyberciti Here

ORA-12557: TNS:protocol adapter not loadable

this problem On windows Platforms .

and it must be related to Windows Environment or Oracle Home PATH because sqlplus command works smoothly when I execute it inside ORACLE_HOME\bin.

RUN: SYSDM.CPL to open Windows System Properties
Click on Advanced Tab > Environment Variables…

Click the Path variable under System Variable, then click  Edit…

change the order between Oracle Client Home and Oracle DB Home:

From: D:\oracle\product\10.2.0\client_1\bin;D:\oracle\product\10.2.0\db_1\bin;

To: D:\oracle\product\10.2.0\db_1\bin;D:\oracle\product\10.2.0\client_1\bin;

in other words, put the Oracle DB Home in front of the other path.

Or i Don’t love this way , Since its not actual solution but its solve problem sometimes :
1-Remove ORACLE_HOME From environment Variable .


2- Restart PC 
Done

Osama mustafa 

WFMLRSVCApp.ear not found

I installed Oracle 11g and the installation didn’t find WFMLRSVCApp.ear file. I extracted two files (win64_11gR2_database_1of2.zip and win64_11gR2_database_2of2.zip) in two different folder disk1 and disk2. 

I solved the file not found issue by coping all the folders under disk2databasestageComponents to disk1databasestageComponents.

After restarting the installation it went like a charm and without any issues.

Or Maybe the error will be appear like this :

The same : ou should extract each of them and place win32_11gR2_database_2of2 content into win32_11gR2_database_1of2 folder before running installer.

Enjoy
 

Thank You 
Osama Mustafa

SCHEDULER[0x51B5]:DEFAULT_MAINTENANCE_PLAN via scheduler window

Oracle Database Resource Manager (the Resource Manager) : 
enables you to optimize resource allocation among the many concurrent database sessions.

When database resource allocation decisions are left to the operating system, you may encounter the following problems:

  • Excessive overhead.

Excessive overhead results from operating system context switching between Oracle Database server processes when the number of server processes is high.

  • Inefficient scheduling

 The operating system deschedules database servers while they hold latches, which is inefficient.

  • Inappropriate allocation of resources

The operating system distributes resources equally among all active processes and is unable to prioritize one task over another.

  • Inability to manage database-specific resources, such as parallel execution servers and active sessions

Check The Resource Manager On your Database :

SQL> show parameter resource_manager_plan

NAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------------------
resource_manager_plan                string      SCHEDULER[0x3003]:DEFAULT_MAIN
                                                 TENANCE_PLAN

All this is Introduction about the Error that appear when you upgrade to 11g , you will getting the following messages in the alert.log.

Setting Resource Manager plan SCHEDULER[0x51B5]:DEFAULT_MAINTENANCE_PLAN via scheduler window
Setting Resource Manager plan DEFAULT_MAINTENANCE_PLAN via parameter
Thu Feb 05 22:00:03 2009
Begin automatic SQL Tuning Advisor run for special tuning task "SYS_AUTO_SQL_TUNING_TASK"
Thu Feb 05 22:00:39 2009
End automatic SQL Tuning Advisor run for special tuning task "SYS_AUTO_SQL_TUNING_TASK"

Solution to  Disable the resource manager , Steps to Do this :

1-set the current resource manager plan to null

alter system set resource_manager_plan='' scope=both 

2-change the active windows to use the null resource manager plan 

    execute dbms_scheduler.set_attribute('WEEKNIGHT_WINDOW','RESOURCE_PLAN','');
    execute dbms_scheduler.set_attribute('WEEKEND_WINDOW','RESOURCE_PLAN','');

3-run :

SQL> execute dbms_scheduler.set_attribute('','RESOURCE_PLAN','');

You Can Also Disable SQL tuning By :

BEGIN
DBMS_AUTO_TASK_ADMIN.DISABLE(
client_name => 'sql tuning advisor',
operation => NULL,
window_name => NULL);
END;
/


Thank you
Osama Mustafa

Change Enterprise manager password for 11g

For the DB Control Release 11.2 and higher, you need to set the environment variable ORACLE_UNQNAME to the value of the DB_UNIQUE_NAME database parameter.

Steps :

1.Stop the DB Control
On Unix
$ emctl stop dbconsole

On Windows
Open a Command Window and type
**> emctl stop dbconsole

2.Check that the DB Control is stopped
 On Unix
$ emctl status dbconsole
 

On Windows
Open a Command Window and type
 **>emctl status dbconsole

3.Connect to the database as a user with DBA privilege with SQL*Plus and execute:

SQL> alter user sysman identified by ;
 
4.Check the new password
SQL> connect sysman/[@database_alias]
 
5.From the database directory $ORACLE_HOME/bin, execute:
On Unix

$ emctl setpasswd dbconsole
Provide the new SYSMAN password
 
On Windows

**>: emctl setpasswd dbconsoleProvide the new SYSMAN password
 
6.Restart the DB Control
On Unix
$ emctl start dbconsole
 
On Windows
Open a DOS Command Window and type
**>: emctl start dbconsole
 

Thank you 

Osama Mustafa

Change Oracle Enterprise Manager 10g Password

How to change the password of the Database User SYSMAN when the database is hosting a DB Control Repository. 

1.Stop the DB Control
On Unix
$ emctl stop dbconsole

On Windows
Open a Command Window and type
**> emctl stop dbconsole

2.Check that the DB Control is stopped
On Unix

$ emctl status dbconsole

On Windows
Open a DOS Command Window and type
**> emctl status dbconsole


3.Connect to the database as a user with DBA privilege with SQL*Plus and execute:

SQL> alter user sysman identified by ;

4.Check the new password 

SQL> connect sysman/[@database_alias]
 

5.Go to $ORACLE_HOME/host_sid/sysman/config do the following :

    1. Save the file emoms.properties to emoms.properties.orig
    2. Edit the file emoms.properties
      1. Search for the line beginning with:
        oracle.sysman.eml.mntr.emdRepPwd=
        Replace the encrypted value by the new password value
        Example:
        oracle.sysman.eml.mntr.emdRepPwd=rainbow
      2. Search for the line:
        oracle.sysman.eml.mntr.emdRepPwdEncrypted=TRUE
        Replace TRUE by FALSE

6.Restart the DB Control
On Unix

$ emctl start dbconsole
 
Open a DOS Command Window and type
**> emctl start dbconsole
 
 
7.Check that the password has been encrypted
  1. Edit the file $ORACLE_HOME/host_sid/sysman/config/emoms.properties
    1. Search for the line beginning with:
      oracle.sysman.eml.mntr.emdRepPwd=
      Check that the password is encrypted
    2. Search for the line beginning with:
      oracle.sysman.eml.mntr.emdRepPwdEncrypted=
      Check that the value is TRUE

I Publish the same lesson but on 11g .

  Thank you 
Osama mustafa