Authenticate Oracle 12c database users against Active Directory

Following is tested with Oracle 12.1 on Linux 6 (on Exadata) and a Windows 10 client.

“Yet another blog on how to authenticate database users against Active Director using Kerberos…”

I have read and tried a view blogs on how to get this done, but somehow I have found them a bit limited because they talk about a simple configuration with one database on one host. When you have to deal with multiple hosts and multiple databases per host, you need to take some things into account.

Lets start with some explanations, a walk through is below that.
Continue reading

SQLNET.KERBEROS5_CONF_MIT : Unsupported Parameter in 12.1

https://docs.oracle.com/database/121/NETRF/changes_rf.htm#NETRF2100

  • Unsupported ParametersThe following parameters are no longer supported:
    • SQLNET.KERBEROS5_CONF_MIT

No it’s not!

If you leave it out, you will get:

Password for airell@[logging]:

In stead of:

Password for airell@DOMAIN.LOCAL:

If you leave it out, one must not use the MIT layout… but where is the non-MIT layout described? It looks like the domain must be present on the first line of the file… for now, I will still use the MIT layout.

Cheers!

 

Enabling Oracle 12c direct NFS client on Windows

Yes, enabling the Oracle 12c direct NFS client on Windows and it is documented, but I didn’t get changed on Oracle Support (I have send an improvement request for Doc ID 1468114.1)…

One needs to run ‘%ORACLE_HOME%\bin\enable_dnfs.bat’ now, which does NOT copy the ‘oranfsodm12.dll’ over the ‘oraodm12.dll’, but it copies the ‘oranfsodm12.dll’ to the ‘%ORACLE_HOME%\rdbms\lib\odm\’ directory!

After the file has been copied and Oracle is restarted, the [Oracle instance running with ODM: Oracle Direct NFS ODM Library Version 3.0] line in the alert.log is shown!

Enabling Direct NFS Client – documentation

Oracle Database Installation Guide for Microsoft Windows – Oracle Database Postinstallation Tasks – 7.5.1.5 Enabling Direct NFS Client: http://docs.oracle.com/database/121/NTDBI/postcfg.htm#CHDFGFDC

ps. on Windows the supported ‘nfs_version’ is still NFSv3 :(

*ALL* Oracle database patches… Linux and Windows… (on Metalink)

Linux and Windows…

Quick Reference To Patch Numbers For Database PSU, SPU(CPU) And Bundle Patches [ID 1454618.1]
https://support.oracle.com/epmos/faces/DocumentDisplay?id=1454618.1

This document is getting replaced by Note 2118136.2:
Download Reference for Oracle Database/GI PSU, SPU(CPU), Bundle Patches, Patchsets and Base Releases [ID 2118136.2]
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2118136.2

…more Windows

Oracle Database, Networking and Grid Agent Patches for Microsoft Platforms [ID 161549.1]
https://support.oracle.com/epmos/faces/DocumentDisplay?id=161549.1

THATS IT!

Happy patching!

Remove Oracle Database Options with chopt in 12c

In 10g and 11g Enterprise Edition, one could select which options to install or not to install during the installation process (excl. the 10g ‘custom database’ option, you would get partioning, OLAP and rat). In 12g, one is not able to choose during install anymore, you will get all the options and they must be removed afterwards. Remove / disable them after installing the database software (only), but before creating databases.

The best way to do this is using the ‘chopt’ tool, or when the option is not available, the Oracle Universal Installer must most likely be used. It’s available in Windows and Linux. When using Windows, one can also rename the .dll’s which ‘enable’ the options. It will NOT remove the objects from the database! Continue reading

Running VBoxManage.exe from Windows Task Scheduler

I have been trying to run VBoxManage.exe from the Windows Task Scheduler to periodically list vms. The problem I had was that it wouldn’t list the VM’s I had registered, even if the task was run as the user that created the VM’s and with the ‘Run with highest privileges’ selected.

When searching the Internet, I saw more people having difficulties running it this way, so I started experimenting. Using ‘psexec‘ and ‘runas’ (use the /savecred option and run it once manually from command line) did work when running the VBoxManage.exe as the VM’s creator user while being logged as someone else, but running it from the Task Scheduler still did not work. Continue reading

Internet Explorer 10 ‘Continue to this website’ option missing

I recently updated to Internet Explorer 10 (Windows 7 64bit) and when I browsed to a website with a security certificate problem: “There is a problem with this website’s security certificate.”, the “Continue to this website (not recommended).” option was missing!!!

The issue here is that Microsoft restricted access to pages which are using a key using less than 1024 bits for protection. Some Oracle product using websites (including Oracle VM Manager) are still using this!

Continue reading

VirtualBox VRDP authentication fails with mstsc.exe

I had this problem, when trying to connect with the External Authentication Method, using the Remote Display server in VirtualBox (4.1.8 and 4.2.0). When I want to connect with Microsoft’s Remote Desktop (mstsc.exe), it failed every time with “Your Remote Desktop session has ended. Your network administrator might have ended the connection (…)”.

Continue reading

Oracle SQL Developer and a SQL Server Instance

Sometimes… as Oracle DBA you need to connect to SQL Server (with Oracle SQL Developer and jTDS plug-in installed).

When using ‘SQL Server Management Studio’, the ‘Server name’ is in the format:

SERVERNAME\INSTANCE.

This won’t work in SQL Developer:

Status : Failure -Unknown server host name 'SERVERNAME\INSTANCE'.

This can be solved using the ‘hostname’ in the next format in SQL Developer:

SERVERNAME;instance=INSTANCE

For me it worked :)

Oracle Database version compatibility and support matrix

— Checked for relevance on Januari 21, 2017

The Oracle Database version compatibility matrix and version support status matrix are almost mandatory when installing or upgrading clients or servers.

For information about patches, go here: Oracle database patches for Linux and Windows (on Metalink).

For announcements of security fixes, go to Critical Patch Updates, Security Alerts and Third Party Bulletin.

Oracle Database client / server version compatibility matrix

Oracle calls this Client / Server Interoperability Support, Note ID 207303.1

Oracle Database version release support status matrix

Oracle calls this the Database Releases Support Status Summary, Note ID 161818.1

You will be redirected to Oracle Support and you must be registered to gain access to the pages. I did not include the matrices, because these change over time.

Oracle Information about Windows 32 / 64 bit database and client versions

Certification Information for Oracle Database on Microsoft Windows x64 (64-bit), Doc ID 1307195.1