Feed aggregator

Happy New Year: The Zode In The Road

Floyd Teter - Wed, 2016-01-06 10:31
Happy New Year!  No predictions from me for 2016...we've all seen how poorly that works out.  No resolutions either (although I may open a fitness gym called "Resolutions"...the place converts into a bar at the end of January).   Instead, I simply leave you with the wisdom of Dr. Seuss; something to consider as you kick off the new year.

The Zode In The Road 

Did I ever tell you about the young Zode,
Who came to two signs at the fork in the road?
One said to Place One, and the other, Place Two.
So the Zode had to make up his mind what to do.
Well...the Zode scratched his chin, and his head, and his pants.
And he said to himself, "I'll be taking a chance
If I go to Place One.  Now that place may be hot!
And so how do I know if I'll like it or not?
On the other hand though, I'll be sort of a fool
If I go to Place Two and I find it too cool.
In that case I may catch a chill and turn blue!
So, maybe Place One is the best, not Place Two,
But then again, what if Place One is too high?
I may catch a terrible earache and die.
So Place Two may be best.  On the other hand though...
What might happen to me if Place Two is too low?
I might get some very strange pain in my toe!
So Place One may be best", and he started to go.
Then he stopped, and he said, "On the other hand though... .
On the other hand... On the other hand... On the other hand though...
And for 36 hours and one half that poor Zode
Made starts and stops at the fork in the road
Saying "Don't take a chance! No! You may not be right."
Then he got an idea that was wonderfully bright!
"Play safe!" cried the Zode. "I'll play safe, I'm no dunce!
I'll simply start out for both places at once!"
And that's how the Zode who would not take a chance
Got no place at all with a split in his pants.

So make this the year you take a few chances...

How an Oracle error can send you the wrong way…

Bar Solutions - Wed, 2016-01-06 08:53
.code, .code pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .code pre { margin: 0em; } .code .rem { color: #ff0000; } .code .kwrd { color: #008080; } .code .str { color: #0000ff; } .code .op { color: #0000c0; } .code .preproc { color: #cc6633; } .code .asp { background-color: #ffff00; } .code .html { color: #800000; } .code .attr { color: #ff0000; } .code .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .code .lnum { color: #606060; }

At my current assignment I needed to create an update statement to copy data from one table to another. Quite a simple task, I would say, but an error or actually a constraint violation sent me the wrong way in finding my solution.

Suppose I have two tables:

CREATE TABLE a
( mykey NUMBER
, thisvalue VARCHAR2(20) NOT NULL
)
/
CREATE TABLE b
( mykey NUMBER
, thatvalue VARCHAR2(20) NOT NULL
)
/

and some data in them:

INSERT INTO a (mykey,thisvalue) VALUES (1,'Larry');
INSERT INTO a (mykey,thisvalue) VALUES (2,'Bryn');
INSERT INTO a (mykey,thisvalue) VALUES (3,'Steven');
INSERT INTO a (mykey,thisvalue) VALUES (4,'Patrick');
INSERT INTO b (mykey,thatvalue) VALUES (1,'Larry Ellison');
INSERT INTO b (mykey,thatvalue) VALUES (2,'Bryn Llewellyn');
INSERT INTO b (mykey,thatvalue) VALUES (3,'Steven Feuerstein');
COMMIT
/ 

Now I want to update the values in table a with the values of table b. My first idea was to write a statement like this:

UPDATE a
   SET a.thisvalue = (select b.thatvalue
                        FROM b
                       WHERE b.mykey = a.mykey)
/

but this statement led to the following error:

ORA-01407: cannot update ("DEMO"."A"."THISVALUE") to NULL 


No problem, I thought, if the new value is somehow NULL, then just use the old value:

UPDATE a
   SET a.thisvalue = (select NVL(b.thatvalue, a.thisvalue)
                        FROM b
                       WHERE b.mykey = a.mykey)
/

but this still resulted in the same error:

ORA-01407: cannot update ("DEMO"."A"."THISVALUE") to NULL 

Then it dawned upon me. For mykey=4 there would be no match in table B, which resulted in no row returned, hence a NULL value.

The error given is absolutely correct, but it sent me the wrong way in finding a solution. If I would have gotten a NO DATA FOUND error, I would have known right away what was the problem.

The solution was pretty easy, just update the rows that have a matching row in table B:

UPDATE a
   SET a.thisvalue = (select b.thatvalue
                        FROM b
                       WHERE b.mykey = a.mykey)
 WHERE EXISTS (select b.thatvalue
                 FROM b
                WHERE b.mykey = a.mykey)
/

Another solution might be using the MERGE statement:

MERGE INTO a
USING (select b.mykey, b.thatvalue
         FROM b) b
ON (a.mykey = b.mykey)
WHEN MATCHED THEN
  UPDATE
     SET a.thisvalue = b.thatvalue
/

If the subselect results in more than one row you get an equivalent of the TOO_MANY_ROWS exception, but if the subselect results in no rows you don’t get the NO_DATA_FOUND (or equivalent) exception.

Automatic install of JDeveloper

Darwin IT - Wed, 2016-01-06 01:57
A few weeks ago I wrote a little script to do a silent install of SOA/BPM QuickStart.
Yesterday I enhanced the script to also do an automatic install of Java and adapt the environment settings to have the JDeveloper settings specific placed in C:\Data\JDeveloper\SOA.

To run the script you should have the following files placed in one folder (for instance c:\temp\soabpm):
Download the jdk-8u65-windows-x64.exe from here. If you use another version adapt the script below to change the JAVA_HOME as the place where it should be installed and the reference to the installer (jdk-8u65-windows-x64.exe) to the version. The script below ignores any other installation of Java (either an other update of jdk8 or earlier versions).

Using the 'setx' command  (see docs) the JAVA_HOME is explicitly set, and also later on the variables JDEV_USER_DIR_SOA and JDEV_USER_HOME_SOA pointing to C:\Data\JDeveloper\SOA. I picked the jdev.boot from an earlier install adapted the ide.user.dir.var variable as follows:

#
# The ide.user.dir.var specifies the name of the environment variable
# that points to the root directory for user files. The system and
# mywork directories will be created there. If not defined, the IDE
# product will use its base directory as the user directory.
#
ide.user.dir.var = JDEV_USER_HOME_SOA,JDEV_USER_DIR_SOA

A copy of this jdev.boot file I placed in the same folder as the script. The scripts sets the FMW_HOME as 'C:\oracle\JDeveloper\12210_BPMQS'. After the install of JDeveloper-SOA/BPM QuickStart, it copies this jdev.boot file to the right place in the FMW_HOME (%FMW_HOME%\jdeveloper\jdev\bin).
Make sure that you have the installer jar files (fmw_12.2.1.0.0_bpm_quickstart.jar and fmw_12.2.1.0.0_bpm_quickstart.jar) unzipped in the same folder. You could have downloaded them in zip files. You can use this script also to do a complete silent install of the JDeveloper Studio Edition, but then use the generic installer downloaded here (Oracle JDeveloper 12c 12.2.1.0.0 Generic/Others(2.1GB)).

The installBpmQS.bat script is as follows.
@echo off
set JAVA_HOME=c:\Program Files\Java\jdk1.8.0_65
echo setx -m JAVA_HOME "%JAVA_HOME%"
setx -m JAVA_HOME "%JAVA_HOME%"
echo JAVA_HOME=%JAVA_HOME%
rem Check Java
if exist "%JAVA_HOME%" goto :JAVA_HOME_EXISTS
echo Install %JAVA_HOME%
jdk-8u65-windows-x64.exe /s INSTALLDIR="%JAVA_HOME%"
:JAVA_HOME_EXISTS
echo %JAVA_HOME% exists
rem check BPM12.2 QS
set FMW_HOME=C:\oracle\JDeveloper\12210_BPMQS
if exist "%FMW_HOME%" goto :BPMQS_HOME_EXISTS
echo Install %FMW_HOME%
rem echo "Current dir2:" %~dp0
echo "Silent install BPM QuickStart, using response file:" %cd%\bpmqs1221_silentInstall.rsp
"%JAVA_HOME%\bin\java.exe" -jar fmw_12.2.1.0.0_bpm_quickstart.jar -silent -responseFile %cd%\bpmqs1221_silentInstall.rsp -nowait
:BPMQS_HOME_EXISTS
echo %FMW_HOME% exists
if not exist c:\Data mkdir c:\Data
if not exist c:\Data\JDeveloper mkdir c:\Data\JDeveloper
if not exist c:\Data\JDeveloper\SOA mkdir c:\Data\JDeveloper\SOA
rem set JDEV_USER_DIR_SOA and JDEV_USER_HOME_SOA as 'c:\Data\JDeveloper\SOA'
echo set JDEV_USER_DIR_SOA and JDEV_USER_HOME_SOA as c:\Data\JDeveloper\SOA
setx -m JDEV_USER_DIR_SOA c:\Data\JDeveloper\SOA
setx -m JDEV_USER_HOME_SOA c:\Data\JDeveloper\SOA
echo copy jdev.boot naar "%FMW_HOME%\jdeveloper\jdev\bin"
copy jdev.boot "%FMW_HOME%\jdeveloper\jdev\bin" /Y
echo done

For completeness, the content of the response file is:
[ENGINE]

#DO NOT CHANGE THIS.
Response File Version=1.0.0.0.0

[GENERIC]

#Set this to true if you wish to skip software updates
DECLINE_AUTO_UPDATES=true

#
MOS_USERNAME=

#
MOS_PASSWORD=<secure value="">

#If the Software updates are already downloaded and available on your local system, then specify the path to the directory where these patches are available and set SPECIFY_DOWNLOAD_LOCATION to true
AUTO_UPDATES_LOCATION=

#
SOFTWARE_UPDATES_PROXY_SERVER=

#
SOFTWARE_UPDATES_PROXY_PORT=

#
SOFTWARE_UPDATES_PROXY_USER=

#
SOFTWARE_UPDATES_PROXY_PASSWORD=<secure value="">

#The oracle home location. This can be an existing Oracle Home or a new Oracle Home
ORACLE_HOME=C:\oracle\JDeveloper\12210_BPMQS
Save this as bpmqs1221_silentInstall.rsp. If you use this for the installation of JDeveloper Studio Edition or any other version of JDeveloper, then adapt the name, also in installBpmQS.bat above, and adapt the FMW_HOME/ORACLE_HOME in both installBpmQS.bat and the response-file.

I could have enhanced this script to put the possible points to change in variables. But I think with my eloboration you should get the point... 

Exporting solutions from #GoldenGate Studio

DBASolved - Tue, 2016-01-05 23:21

In doing some testing with Oracle GoldenGate Studio, I decided to create a test solution that can be moved from studio-to-studio. In order to move the test solution from studio-to-studio, it has to be exported first. This post will be about how to export a solution so it can be archived or shipped to a co-worker.

To export a solution, you will start in the Projects window. After opening the project, you will see a little red puzzle piece under the “Solutions”.

By right-clicking on the solution name, you are presented with a context menu that provides a few options for dealing with solutions within Oracle GoldenGate Studio. The option you are interested in, is at the very bottom of the context menu. This is the export option.

After selecting the “export” option, studio will open a small wizard that allows you to provide information and options for the solution that is to be exported. Everything on the export screen can be edited; however, the only thing that should not be changed is the “Advanced Options”. Provide a directory where the export should reside and provide an encryption key (optional).

When everything is filled out as you want, click “ok” and the export will be done. At the end of the export, should be pretty quick, you will receive a message saying that the export completed.

Once the export is completed, you will find the XML file in the directory you specified in the export wizard. This XML file can be opened up with any text editor and reviewed. A sample of the XML content is provided below.

The beauty in this XML file is that everything created in studio is contained within it. This makes it every simple and easy to email to co-workers or others if they want to see the architecture being worked on. Making collaboration on GoldenGate architectures easier.

Enjoy!

about.me: http://about.me/dbasolved


Filed under: Golden Gate
Categories: DBA Blogs

安全なシアリス通販・中国で作られたシアリスの質は?

Marian Crkon - Tue, 2016-01-05 20:06

シアリスはED(勃起障害)治療薬として世界的に大きなシェアがあります。バイアグラと並んで人気があり、徐々にバイアグラよりも人気が高まっている薬です。 バイアグラに比べて効果がマイルドで副作用のリスクが低い、効果持続時間が […]

投稿安全なシアリス通販・中国で作られたシアリスの質は?シアリス通販情報の最初に登場しました。

安全なシアリス通販・中国で作られたシアリスの質は?

The Feature - Tue, 2016-01-05 20:06

シアリスはED(勃起障害)治療薬として世界的に大きなシェアがあります。バイアグラと並んで人気があり、徐々にバイアグラよりも人気が高まっている薬です。
バイアグラに比べて効果がマイルドで副作用のリスクが低い、効果持続時間が長い(バイアグラの約6倍の36時間)、食事の影響を受けない、という点で評価されています。
シアリス通販を行っているサイトはたくさんありますが、どこも同じ品質の薬を扱っているとは限りません。中には偽造品や違法なルートから入手している業者も存在します。
シアリス通販を利用するときには、業者と電話、メール、FAXなどで連絡が取れることをちゃんと事前に確認しておきましょう。
中国で作られているシアリスもありますが、中国の一部の工場では、覚せい剤(アンフェタミン)を密造していた工場でシアリスを一緒に作っていたという報告もあります。また、工場の衛生状態も極めて悪く、シアリスに覚せい剤の成分が混入してしまう恐れもあったと言われています。
もちろん、中国の工場すべてがこのようなレベルというわけではありません。ちゃんと衛生管理されて正規のラインで作られている薬も存在します。
しかし、頭から大丈夫だと信じ込んでしまうと、偽造品や粗悪品が手に入ってしまうという危険があります。
海外から個人輸入するときには、シアリス通販サイトは徹底的に比較しておきましょう。ちゃんとした業者ならば、正規品取扱書や成分保証などの書類を発行してくれます。また、副作用やユーザーの不利益になることもしっかりと記載されている所が多いです。
逆に、良い点ばかりを書いて広告を出している所は、品質が低い恐れがあります。業者の見極めには時間をかけましょう。

投稿安全なシアリス通販・中国で作られたシアリスの質は?シアリス通販情報の最初に登場しました。

Categories: APPS Blogs

Powerful Free Webinar Network for Oracle Developers

Gerger Consulting - Tue, 2016-01-05 07:15
In February 2016, we are launching ProHuddle, a community of curious, open minded people who love to learn about interesting people, ideas, technologies and products to help them improve their personal and professional lives.





Our community largely consists of Oracle Professionals. It is a great mix of developers, DBA’s, software designers, enterprise architects, consultants, managers and executives who in one way or the other are involved with Oracle Technologies.


We’ll host free webinars which will appeal to such an audience. We’ll start with Oracle related topics such as SQL, Java, the Oracle Database and other Oracle products.


If this sounds interesting to you, visit the ProHuddle web site and sign up for our email list to get notified about upcoming webinars. (Don’t worry, we will never spam you. We will never share your email with a third party and it takes only one click to unsubscribe.)


Looking forward to meeting you in our webinars!


Yalim K. Gerger
Founder

Categories: Development

Oracle Cloud – Using dbaascli

John Scott - Tue, 2016-01-05 06:37

One of the nice features of Oracle Cloud is that it comes with some additional command-line tooling in the form of the dbaascli command.

When you run this command (while logged into your  DBaaS instance) you’ll see

[oracle@DEMO ~]# dbaascli
DBAAS CLI version 1.0.0
DBAAS>

This dumps you into an interactive shell, typing ‘help’ gives us a bit more info.

DBAAS>help
Help for dbaascli
dbaascli is a command line interface for different tools to be used with Oracle Cloud DB.
This command line interface supports logging, command history and autocomplete.
Logging is done on a session level. Each time dbaascli is run the last log is overwritten.
To access command history use the up/down arrow keys as you would normally do in a terminal.
Autocomplete uses the Tab key. Autocomplete will complete to the longest common string in case there is not an exact match.
To obtain help on a command use the help keyword at the begining or end.
Autocomplete is supported if the first word is the "help" keyword.
Special commands are available.
The list of special commands is:

-H
 -HELP
 ? - Get dbaascli help
 CLEAR - Clear the screen
 HELP - Get dbaascli help
 HIST - Print command line history
 HISTORY - Print command line history
 LIST - List available commands
 Q - Exit Command Line Interface
 QUIT - Exit Command Line Interface

DBAAS>

Note – you can also run the command non-interactively by specifying the options on the command-line.

So, let’s list the commands available.

DBAAS>list

Very Long Text, press q to quit
Available commands:
 
database bounce
database changepassword
database start
database status
database stop
dataguard failover
dataguard reinstate
dataguard status
dataguard switchover
dbpatchm
dv off
dv off cdb
dv off pdb
dv on
dv on cdb
dv on pdb
gg setup
gg status
glassfish start
glassfish status
glassfish stop
listener bounce
listener start
listener status
listener stop
mrec

netsec config
netsec config encryption
netsec config integrity
netsec deconfig
netsec deconfig encryption
netsec deconfig integrity
netsec status
netsec status encryption
netsec status integrity
ore setup

orec
tde config
tde rotate
tde rotate masterkey
tde status
tfa install
tfa uninstall


DBAAS>

Most of these commands are wrappers around other commands but it does give you one “go-to” centralised command which is consistent across all your DBaaS instances rather than trying to remember each command (and perhaps having to deal with different configurations).

So let’s try a few commands, this time I’ll run them non-interactively (type ‘quit’ to exit the interactive version).

Database Commands

Let’s check the database status

[oracle@DEMO ~]$ dbaascli database status
DBAAS CLI version 1.0.0
Executing command database status
Database Status:
Database is open
Database name: ORCL

Oracle Database 12c EE Extreme Perf Release 12.1.0.2.0 - 64bit Production
PL/SQL Release 12.1.0.2.0 - Production
CORE 12.1.0.2.0 Production
TNS for Linux: Version 12.1.0.2.0 - Production
NLSRTL Version 12.1.0.2.0 - Production

You could leverage this script to perhaps grep for the phrase ‘Database is open’ to check for problems.

We could also do the commands

dbaascli database bounce
dbaascli database start
dbaascli database stop
Glassfish Commands

Lets check Glassfish

[oracle@DEMO ~]$ dbaascli glassfish status
DBAAS CLI version 1.0.0
Executing command glassfish status
Unable to run command. This command should be run as user: root. Currently: oracle

Hmmm ok, so depending on the command we need to run it as different users, lets switch to root and try it again

[root@DEMO ~]# dbaascli glassfish status
DBAAS CLI version 1.0.0
Executing command glassfish status
Calculating the status and metrics:
Authentication failed for user: admin
with password from password file: /root/statuspwd.txt
(Usually, this means invalid user name and/or password)
Authentication failed for user: admin
with password from password file: /root/statuspwd.txt
(Usually, this means invalid user name and/or password)
domain1 running
Command list-domains executed successfully.
Command list-http-listeners failed.
Command uptime failed.

 

Notice the error message stating it’s reading the /root/statuspwd.txt file to get the password. Once I entered the password there and re-ran the command worked (I’ll omit the output here as it’s quite lengthy).

Listener Commands

Let’s check the listener

[root@DEMO ~]# dbaascli listener status
DBAAS CLI version 1.0.0
Executing command listener status
Invalid parameter(s)
Command Error
Command: listener status
Listener Status

Ok, this is getting annoying, maybe I need to be the oracle user for this one?

[root@DEMO ~]# su - oracle
[oracle@DEMO ~]$ dbaascli listener status
DBAAS CLI version 1.0.0
Executing command listener status
Starting listener

LSNRCTL for Linux: Version 12.1.0.2.0 - Production on 13-MAY-2016 13:15:50

Copyright (c) 1991, 2014, Oracle. All rights reserved.

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=DEMO.compute-ae.oraclecloud.internal)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 12.1.0.2.0 - Production
Start Date 4-JAN-2015 23:52:34
Uptime 1 days 13 hr. 23 min. 15 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /u01/app/oracle/product/12.1.0/dbhome_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/diag/tnslsnr/DEMO/listener/alert/log.xml
Listening Endpoints Summary...
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=DEMO.compute-ae.oraclecloud.internal)(PORT=1521)))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1521)))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=DEMO.compute-ae.oraclecloud.internal)(PORT=5500))(Security=(my_wallet_directory=/u01/app/oracle/product/12.1.0/dbhome_1/admin/ORCL/xdb_wa
llet))(Presentation=HTTP)(Session=RAW))
Services Summary...
Service "ORCL.ae.oraclecloud.internal" has 1 instance(s).
 Instance "ORCL", status READY, has 1 handler(s) for this service...
Service "ORCLXDB.ae.oraclecloud.internal" has 1 instance(s).
 Instance "ORCL", status READY, has 1 handler(s) for this service...
Service "pdb1.ae.oraclecloud.internal" has 1 instance(s).
 Instance "ORCL", status READY, has 1 handler(s) for this service...
The command completed successfully

So that worked, obviously the output is quite lengthy, but again you could see how this simple command could be used in a monitoring script.

Command Specific Help

If you’re unsure what a particular command might do, rather than risking running it, you can get some help on each command. For example what does that mrec command do?

[oracle@DEMO ~]$ dbaascli mrec help
DBAAS CLI version 1.0.0
Executing command mrec help
Command: mrec
Help for MREC tool.
Parameters:
 --args Format: Not defined Required: NO

Usage:
 mrec --args -oss_cfgfile <cfgfile> -old_hostname <vm_name>
 mrec --args -oss_cfgfile <cfgfile> -old_hostname <vm_name> -sid <oracle_sid>
Where:
 -help = Print this help.
 -oss_cfgfile = full path to OSS config file.
 -old_hostname = Name of the host to recover.
 -sid = ORACLE SID of the DB instance to recover. Default is orcl
Examples:
 mrec --args -oss_cfgfile /var/opt/oracle/mrec/oss.cfg -old_hostname vmprod01
 mrec --args -oss_cfgfile /var/opt/oracle/mrec/oss.cfg -old_hostname vmprod01 -sid orcl

Ok, so it doesn’t tell me what it actually does (I had to search the documentation to figure out MREC = Media Recovery), but it does at least tell you what parameters it expects.

 


Security Link Roundup - January 4, 2016

Mark Wilcox - Mon, 2016-01-04 10:50
January 4, 2016 Oracle Consulting Security Link Roundup
I'm Mark Wilcox.The Chief Technology Officer for Oracle Consulting- Security in North America and this is my weekly roundup of security stories that interested me.###Database of 191 million U.S. voters exposed on Internet: researcherSo 2016 starts off with another headline of a database breach. In this case 191 million records of US voters. This is ridiculous. And could have been prevented.And a sobering reminder to contact your Oracle represenative and ask them for a database security assessment by Oracle consulting.###Secure Protocol for Mining in Horizontally Scattered Database Using Association RuleData mining is a hot topic - it's essential to marketing, sales and innovation. Because companies have lots of information on hand but until you start mining it, you can't really do anything with it.And often that data is scattered across multiple databases.In this academic paper from the "International Journal on Recent and Innovation Trends in Computing and Communication" the authors describe a new protocol that they claim respects privacy better than other options.On the other hand - Oracle already has lots of security products (for example database firewall, identity governance) that you can implement today to help make sure only the proper people have access to the data.So make sure to call your Oracle represenative and ask for a presentation by Oracle Consulting on how Oracle security can help protect your data mining databases. ###A Guide to Public Cloud Security ToolsCloud computing is happening.And most people are still new to the space.This is a good general article into the differences in security between public and private clouds.Plus has a list of tools to help you with cloud security.And if you are wanting to use cloud to host Oracle software - please call your Oracle represenative and ask them to arrange a meeting with Oracle Consulting Security to talk about how Oracle can help do that securely.###Survey: Cloud Security Still a Concern Heading into 2016Security continues to be the biggest concern when it comes to cloud.While there are challenges - I find securing cloud computing alot simpler than on-premise. Assuming your cloud hosting is with one of the major vendors such as Oracle or Amazon.And if you are wanting to use cloud to host Oracle software - please call your Oracle represenative and ask them to arrange a meeting with Oracle Consulting Security to talk about how Oracle can help do that securely.###40% BUSINESS DO NOT USE " SECURITY ENCRYPTION" FOR STORING DATA IN CLOUD"Holy crap, Marie." I watch a lot of reruns of "Everybody Loves Raymond" and I feel like this story is another rerun.Except unlike Raymond this is a rerun of a bad TV show.Encrypting a database is one of the best ways to secure your data from hackers.So before you start storing data in the cloud, in particular with an Oracle database make sure you have Oracle Consulting do a security assessment for you. That way you can know what potential problems you have before you start storing sensitive production data.###image credit unsplash.

Security Link Roundup - January 4, 2016

Mark Wilcox - Mon, 2016-01-04 10:50

January 4, 2016 Oracle Consulting Security Link Roundup

I'm Mark Wilcox.

The Chief Technology Officer for Oracle Consulting- Security in North America and this is my weekly roundup of security stories that interested me.

###

Database of 191 million U.S. voters exposed on Internet: researcher

So 2016 starts off with another headline of a database breach.

In this case 191 million records of US voters.

This is ridiculous.

And could have been prevented.

And a sobering reminder to contact your Oracle represenative and ask them for a database security assessment by Oracle consulting.

###
Secure Protocol for Mining in Horizontally Scattered Database Using Association Rule

Data mining is a hot topic - it's essential to marketing, sales and innovation. Because companies have lots of information on hand but until you start mining it, you can't really do anything with it.

And often that data is scattered across multiple databases.

In this academic paper from the "International Journal on Recent and Innovation Trends in Computing and Communication" the authors describe a new protocol that they claim respects privacy better than other options.

On the other hand - Oracle already has lots of security products (for example database firewall, identity governance) that you can implement today to help make sure only the proper people have access to the data.

So make sure to call your Oracle represenative and ask for a presentation by Oracle Consulting on how Oracle security can help protect your data mining databases.

###
A Guide to Public Cloud Security Tools

Cloud computing is happening.

And most people are still new to the space.

This is a good general article into the differences in security between public and private clouds.

Plus has a list of tools to help you with cloud security.

And if you are wanting to use cloud to host Oracle software - please call your Oracle represenative and ask them to arrange a meeting with Oracle Consulting Security to talk about how Oracle can help do that securely.

###
Survey: Cloud Security Still a Concern Heading into 2016

Security continues to be the biggest concern when it comes to cloud.

While there are challenges - I find securing cloud computing alot simpler than on-premise.

Assuming your cloud hosting is with one of the major vendors such as Oracle or Amazon.

And if you are wanting to use cloud to host Oracle software - please call your Oracle represenative and ask them to arrange a meeting with Oracle Consulting Security to talk about how Oracle can help do that securely.
###
">40% BUSINESS DO NOT USE " SECURITY ENCRYPTION" FOR STORING DATA IN CLOUD

"Holy crap, Marie."

I watch a lot of reruns of "Everybody Loves Raymond" and I feel like this story is another rerun.

Except unlike Raymond this is a rerun of a bad TV show.

Encrypting a database is one of the best ways to secure your data from hackers.

So before you start storing data in the cloud, in particular with an Oracle database make sure you have Oracle Consulting do a security assessment for you.

That way you can know what potential problems you have before you start storing sensitive production data.

###
image credit unsplash.

Video Tutorial: XPLAN_ASH Active Session History - Part 7

Randolf Geist - Mon, 2016-01-04 03:00
The next part of the video tutorial explaining the XPLAN_ASH Active Session History functionality continuing the actual walk-through of the script output.

More parts to follow.

Oracle Application Management Pack for Oracle Utilities 13.1.1.1.0 available

Anthony Shorten - Sun, 2016-01-03 21:27

We are pleased to announce that a new version of the Oracle Application Management Pack for Oracle Utilities has been released to support the new release of Oracle Enterprise Manager 13c. We are excited to offer this new pack which now supports the new features of Oracle Enterprise Manager including:

  • The user interface has been updated to reflect the new Alta look and feel implemented by Oracle Enterprise Manager
  • The Always On feature is now supported that is used by Oracle Enterprise Manager to drastically reduce downtime for Oracle Enterprise Manager or pack maintenance
  • The System Broadcast feature is now supported allowing broadcast across all Oracle Enterprise Manager users
  • Support for Brownouts is now included where non-scheduled outages are now calculated separately for Service Level Agreement checking
  • and many more...

The functionality of the pack is the same as the latest release of the pack for Oracle Enterprise 12c for backward compatibility reasons. This pack requires Oracle Enterprise Manager 13c. The new version of the pack is available from Self Update within Oracle Enterprise Manager 13c and Oracle Software Delivery Cloud.

A new release of the pack is also scheduled in the near future with additional functionality to fully exploit additional new and exciting features of Oracle Enterprise Manager 13c. For more information about Oracle Enterprise Manager 13c refer to the EM blog post.

Product vs Solution vs Infrastructure

Anthony Shorten - Sun, 2016-01-03 20:29

One of the most common questions I get from partners is support for features that are typically in the infrastructure. The main issue here is that some partners confuse what is in the product and what is in the infrastructure and the implementation solution. Let me explain.

The Oracle Utilities Application Framework based products are applications housed within J2EE infrastructure (such as Oracle WebLogic and in some cases IBM WebSphere) and for batch, housed in a runtime version of Oracle Coherence.

Now there is a degree of separation between the product and the infrastructure. Each has distinct roles and those roles are only duplicated across what we call touchpoints between the product and the infrastructure. Another complication comes into play is the role of the solution which the particular configuration of the product and the infrastructure to suit a particular need.

When I was considering writing this article to highlight the differences in product, infrastructure and solutions I bounced around a few ways of describing it but I found the nest way is in the form of a common example.

Lets use the example of security authentication (aka who are you?). This is essentially the feature of securing and identifying the user when connecting to the product. The most common example of this is known as challenge and response (or more commonly userid and password).

In terms of the roles security authentication is described as follows in terms of product, infrastructure and solution:

  • The product does not store userid and password itself. It does not make sense in the context of an enterprise application as typically security is enterprise wide, for efficiency reasons, not just for a particular product. This is delegated to the J2EE container (Oracle WebLogic/IBM WebSphere) to authenticate the user. The product relies on the container to pass or fail an authentication attempt.
  • The J2EE container, which is part of the infrastructure, supports various security repositories and standards via security connectors. For example, if you have a corporate security server that holds users and passwords then you can connect it via LDAP to the container to now implement a common identity store. The J2EE container supports a wide range of adapters and in the case of Oracle WebLogic you can implement multiples for different parts of your business. An example of this is where you can separate administration accounts from common users using different identity stores.
  • A solution for the product is a distinct configuration of the J2EE container with appropriately configured security connectors. This can also mean that you externalize this function even further by implementing an Identity Management solution such as Oracle Identity Management Suite.

As you see in the example, there are distinct differences between the product, solution and infrastructure. You can apply the same logic to a wide range of implementation aspects needed to be considered.

Now, lets focus on a particular issue using the example above. Where should the users be able to change their password?

  • The product does not have inbuilt password change functionality. This is because in a solution context, it makes no sense. This is why we do not supply one. It does not mean you cannot add this functionality to the menu as a common function.
  • The product is always connected to a security repository via the J2EE container (even the default one shipped with the J2EE container). The password change function is at the infrastructure level not the product level.
  • Typically you can change passwords from external sources which is much more logical. Lets take the common example of reusing the same security repository for LAN login and the product (via a common LDAP source with or without SSO). If you use this example, typically the LAN login allows you to change your password which would apply to all connected applications. It makes no sense in this example to also duplicate the functionality in the product. Also why would you let the product change a security repository.

The above example brings the discussion into sharp focus.

Now, how do I deal with these situations? I call it "What would product <blank> do in this situation?", where <blank> is your favorite desktop application. I usually use Office as an example (not a great example but something most people understand). You would not expect Word or its equivalent to have a password maintenance function. No, it does not make sense. Word in this example, uses the features of the operating system to do all sorts of functions like printing, scanning etc... The application does not have all these functions inbuilt (otherwise it would not be a word processor really).

Hope this clarifies the situation.

Review: Oracle RAC Performance Tuning

RDBMS Insight - Sat, 2016-01-02 15:52

Some time ago, I received a free review copy of Brian Peasland‘s recent book, Oracle RAC Performance Tuning.

First, a note on my RAC background: I spent 7 years on Oracle’s RAC Support team. When customers had an intractable RAC performance issue, I was on the other end of the “HELP!” line until it was resolved.

I made Brian’s acquaintance through the MOS RAC Support forum, where Brian stood out as a frequent poster who consistently gave well-thought-out, correct and informative responses. So I had high expectations when I sat down with his book. And I haven’t been disappointed. This book is a terrific resource for single-instance DBAs looking to come up to speed on RAC. It’ll also be useful to more experienced RAC DBAs who want to deepen their knowledge or who just have a thorny performance problem to solve.

Many RAC books start out with an overview of RAC-specific physical architecture: the interconnect and the shared storage. Not this one. Brian leaps straight into what I consider the “hard” stuff: chapter 2 covers Cache Fusion and understanding RAC-specific wait events. I’ve spoken with many RAC DBAs who’d have a hard time telling me the difference between “gc cr block 2-way” and “gc current grant 3-way”. You really need to understand Oracle’s implementation of Cache Fusion to understand many of the RAC wait events, and Chapter 2 does a good job of explaining, using session tracing to step you through the waits. It might seem odd to start out with detailed explanations of wait events that many RAC DBAs will never see in the Top 10. But, a good understanding of Cache Fusion and the related wait events is really necessary to understand RAC-specific slowdowns. Subsequent chapters depend implicitly on this understanding: you can’t really understand interconnect tuning, for instance, unless you understand how the interconnect is used by Cache Fusion.

The book covers a full toolkit of testing utilities and tools as needed: Orion is introduced in the chapter on storage, and then a full chapter is devoted to the RAC Support Tools, another to AWR/ADDM/ASH, and another to benchmark utilities. There are also dozens of SQL scripts.

Another chapter to highlight is Chapter 14, a two-page summary at the end of the book that lists what Brian considers the central points. This is a mix of broad principles and RAC-specific “gotchas” that every RAC DBA should be aware of. I’d say that if you can read through Chapter 14 and say “I knew that” to each point, then you’ve got a good grasp of the essentials of RAC tuning.

Like others I’ve read in Burleson’s Oracle In-Focus series, this book would’ve benefited from a stronger copy editor. I was chagrined to see typos right on the back cover. But that’s a small quibble that doesn’t detract from an excellent book. If you’re a RAC DBA, this book deserves a place on your bookshelf.

Categories: DBA Blogs

Happy New Year 2016 , best wishes to all

OracleApps Epicenter - Sat, 2016-01-02 01:49
This the season to be jolly! Time truly flies when you are doing the things you love and with another year behind us, we can't help but feel a little nostalgic and look back at what the past twelve months have brought us. It was a busy year at personal and professional side .In terms […]
Categories: APPS Blogs

Oracle Management Cloud : The Next Generation Real-Time Monitoring and Analytics IT Tool

OracleApps Epicenter - Sat, 2016-01-02 01:21
Oracle Management Cloud (OMC) is a suite of next-generation integrated monitoring, management, and analytics cloud services built on a scalable big data platform that provides real-time analysis and deep technical and business insights. With OMC you can eliminate disparate silos across end-user and infrastructure data, troubleshoot problems quickly,and run IT like a business OCM meets […]
Categories: APPS Blogs

A Few Resolutions for 2016

Joel Kallman - Fri, 2016-01-01 09:15


Jenny, from the Oracle Database Insider Newsletter, asked a number of us in the Database division at Oracle to share our New Year's resolutions for 2016.  And while I'm a bit reluctant to share this somewhat personal information, I like the fact that publicizing these resolutions may force me to remain a bit more focused on these goals.  So here goes...my resolutions for 2016:


  1. Attend an Oracle Real World Performance Training class.  I thought I knew a fair amount about the Oracle Database, SQL and tuning. But at a conference in 2015, I was able to spend some quality time around Vlado Barun from the Oracle Real World Performance team, and it quickly become clear I knew very little compared to these folks. I’m asked to diagnose “APEX issues” all the time, and the vast majority of cases are simply database configuration or SQL tuning exercises.  To become a better database developer, I need to become deeper in my understanding of the Oracle Database and performance.
  2. Broaden the message of APEX, Database and Oracle Cloud development to those we’re not reaching today.  And I specifically would like to share our message with higher education institutions and students attending university.  Developing Web and responsive applications is cool and I believe the combination of technologies (SQL, PL/SQL, APEX, Oracle Database, Cloud, REST) results in an incredibly rich application development platform.  University students probably think of “big, bad corporate” when they hear the word “Oracle”.  I want them to think “hip, cool, innovative, modern”.
  3. Be more patient and understanding of those who ask me questions.  I can actually credit a customer (Erik van Roon) who helped me to recalibrate my understanding on this topic.  Sometimes I’ll get questions where it’s clear someone hasn’t done the least bit of research into the topic.  And it was at those rare times when (to a fellow employee, never a customer), I’d reply with a lmgtfy.com link.  But as Erik correctly pointed out - I have 20 years experience, and they don’t.  Arrogance may not be the message I intend to send, but it may very well be the message that is received.  And that’s not how I wish to be perceived by anyone, ever.  Thus - time to drop my impatience and arrogance, for every occasion.
  4. Spend more time with my family.  2015 was a great year for Oracle Application Express, and I’ve never worked harder in my career than I did in 2015.  But that has a price, and I value the finite time with my family more than anything else.  While I love working for Oracle and I dearly love the team I’m blessed to work with, I value my family even more.  And I need to define a bit more rigid boundaries between work and family time.
  5. Read a novel.  When I read, it’s usually one of the following:  the Bible, a functional specification, a military history book, a computer programming/Web design book or the Wall Street Journal. My wife is an avid reader and gets such joy from well-written and captivating novels.  I’d like to expand my imagination (and vocabulary), and be able to set aside time for some reading at leisure.
  6. Learn a language.  I’ve dabbled back and forth with German over many years.  And I know enough German to order food in a restaurant.  But I’m not fluent enough for even the shortest of conversations in German. It’s time to either forge ahead with my self-study of German and practice it with the 3 native German speakers on the APEX team, or simply switch gears and direct my focus to Spanish which is probably much more practical, living in America.
  7. Exercise at least 3 times a week.  The older I get, the easier it is to gain weight and get out of shape, and the more difficult it is to lose it and get back in shape.  And by "exercise", I don't mean walk around the block.  Instead, I'm referring to something that causes you to sweat - running, biking, jumping rope, or resistance exercises (the Total Gym will work just fine!).  While I fantasize about training enough to run a 1/2 marathon in 2016, I'll be happy enough to just consistently exercise 3 times a week.
These are the goals.  Some are easy.  Some will span the entire year.  I probably won't meet them all, but they're a goal.

What are your goals for 2016?

Happy New Year 2016

Senthil Rajendran - Thu, 2015-12-31 20:28

Oracle as the new IBM — has a long decline started?

Curt Monash - Thu, 2015-12-31 03:15

When I find myself making the same observation fairly frequently, that’s a good impetus to write a post based on it. And so this post is based on the thought that there are many analogies between:

  • Oracle and the Oracle DBMS.
  • IBM and the IBM mainframe.

And when you look at things that way, Oracle seems to be swimming against the tide.

Drilling down, there are basically three things that can seriously threaten Oracle’s market position:

  • Growth in apps of the sort for which Oracle’s RDBMS is not well-suited. Much of “Big Data” fits that description.
  • Outright, widespread replacement of Oracle’s application suites. This is the least of Oracle’s concerns at the moment, but could of course be a disaster in the long term.
  • Transition to “the cloud”. This trend amplifies the other two.

Oracle’s decline, if any, will be slow — but I think it has begun.

 

Oracle/IBM analogies

There’s a clear market lead in the core product category. IBM was dominant in mainframe computing. While not as dominant, Oracle is definitely a strong leader in high-end OTLP/mixed-use (OnLine Transaction Processing) RDBMS.

That market lead is even greater than it looks, because some of the strongest competitors deserve asterisks. Many of IBM’s mainframe competitors were “national champions” — Fujitsu and Hitachi in Japan, Bull in France and so on. Those were probably stronger competitors to IBM than the classic BUNCH companies (Burroughs, Univac, NCR, Control Data, Honeywell).

Similarly, Oracle’s strongest direct competitors are IBM DB2 and Microsoft SQL Server, each of which is sold primarily to customers loyal to the respective vendors’ full stacks. SAP is now trying to play a similar game.

The core product is stable, secure, richly featured, and generally very mature. Duh.

The core product is complicated to administer — which provides great job security for administrators. IBM had JCL (Job Control Language). Oracle has a whole lot of manual work overseeing indexes. In each case, there are many further examples of the point. Edit: A Twitter discussion suggests the specific issue with indexes has been long fixed.

Niche products can actually be more reliable than the big, super-complicated leader. Tandem Nonstop computers were super-reliable. Simple, “embeddable” RDBMS — e.g. Progress or SQL Anywhere — in many cases just work. Still, if you want one system to run most of your workload 24×7, it’s natural to choose the category leader.

The category leader has a great “whole product” story. Here I’m using “whole product” in the sense popularized by Geoffrey Moore, to encompass ancillary products, professional services, training, and so on, from the vendor and third parties alike. There was a time when most serious packaged apps ran exclusively on IBM mainframes. Oracle doesn’t have quite the same dominance, but there are plenty of packaged apps for which it is the natural choice of engine.

Notwithstanding all the foregoing, there’s strong vulnerability to alternative product categories. IBM mainframes eventually were surpassed by UNIX boxes, which had grown up from the minicomputer and even workstation categories. Similarly, the Oracle DBMS has trouble against analytic RDBMS specialists, NoSQL, text search engines and more.

 

IBM’s fate, and Oracle’s

Given that background, what does it teach us about possible futures for Oracle? The golden age of the IBM mainframe lasted 25 or 30 years — 1965-1990 is a good way to think about it, although there’s a little wiggle room at both ends of the interval. Since then it’s been a fairly stagnant cash-cow business, in which a large minority or perhaps even small majority of IBM’s customers have remained intensely loyal, while others have aligned with other vendors.

Oracle’s DBMS business seems pretty stagnant now too. There’s no new on-premises challenger to Oracle now as strong as UNIX boxes were to IBM mainframes 20-25 years ago, but as noted above, traditional competitors are stronger in Oracle’s case than they were in IBM’s. Further, the transition to the cloud is a huge deal, currently in its early stages, and there’s no particular reason to think Oracle will hold any more share there than IBM did in the transition to UNIX.

Within its loyal customer base, IBM has been successful at selling a broad variety of new products (typically software) and services, often via acquired firms. Oracle, of course, has also extended its product lines immensely from RDBMS, to encompass “engineered systems” hardware, app server, apps, business intelligence and more. On the whole, this aspect of Oracle’s strategy is working well.

That said, in most respects Oracle is weaker at account control than peak IBM.

  • Oracle’s core competitors, IBM and Microsoft, are stronger than IBM’s were.
  • DB2 and SQL Server are much closer to Oracle compatibility than most mainframes were to IBM. (Amdahl is an obvious exception.) This is especially true as of the past 10-15 years, when it has become increasingly clear that reliance on stored procedures is a questionable programming practice. Edit: But please see the discussion below challenging this claim.
  • Oracle (the company) is widely hated, in a way that IBM generally wasn’t.
  • Oracle doesn’t dominate a data center the way hardware monopolist IBM did in a hardware-first era.

Above all, Oracle doesn’t have the “Trust us; we’ll make sure your IT works” story that IBM did. Appliances, aka “engineered systems”, are a step in that direction, but those are only — or at least mainly — to run Oracle software, which generally isn’t everything a customer has.

 

But think of the apps!

Oracle does have one area in which it has more account control power than IBM ever did — applications. If you run Oracle apps, you probably should be running the Oracle RDBMS and perhaps an Exadata rack as well. And perhaps you’ll use Oracle BI too, at least in use cases where you don’t prefer something that emphasizes a more modern UI.

As a practical matter, most enterprise app rip-and-replace happens in a few scenarios:

  • Merger/acquisition. An enterprise that winds up with different apps for the same functions may consolidate and throw the loser out. I’m sure Oracle loses a few customers this way to SAP every year, and vice-versa.
  • Drastic obsolescence. This can take a few forms, mainly:
    • Been there, done that.
    • Enterprise outgrows the capabilities of the current app suite. Oracle’s not going to lose much business that way.
    • Major platform shift. Going forward, that means SaaS/”cloud” (Software as a Service).

And so the main “opportunity” for Oracle to lose application market share is in the transition to the cloud.

 

Putting this all together …

A typical large-enterprise Oracle customer has 1000s of apps running on Oracle. The majority would be easy to port to some other system, but the exceptions to that rule are numerous enough to matter — a lot. Thus, Oracle has a secure place at that customer until such time as its applications are mainly swept away and replaced with something new.

But what about new apps? In many cases, they’ll arise in areas where Oracle’s position isn’t strong.

  • New third-party apps are likely to come from SaaS vendors. Oracle can reasonably claim to be a major SaaS vendor itself, and salesforce.com has a complex relationship with the Oracle RDBMS. But on the whole, SaaS vendors aren’t enthusiastic Oracle adopters.
  • New internet-oriented apps are likely to focus on customer/prospect interactions (here I’m drawing the (trans)action/interaction distinction) or even more purely machine-generated data (“Internet of Things”). The Oracle RDBMS has few advantages in those realms.
  • Further, new apps — especially those that focus on data external to the company — will in many cases be designed for the cloud. This is not a realm of traditional Oracle strength.

And that is why I think the answer to this post’s title question is probably “Yes”.

 

Related links

A significant fraction of my posts, in this blog and Software Memories alike, are probably at least somewhat relevant to this sweeping discussion. Particularly germane is my 2012 overview of Oracle’s evolution. Other posts to call out are my recent piece on transitioning to the cloud, and my series on enterprise application history.

Death and taxes - and Oracle 11gR2?

Andrew Clarke - Thu, 2015-12-31 02:48
Oracle Premier Support for 11gR2 Database expired this time last. However, Oracle announced they would waive the fees for Extended Support for 2015. This was supposed to provide 11gR2 customers an additional twelve months to migrate to 12c. So, twelve months on, how many of those laggards are still on 11gR2. My entirely unscientific guess is, most of them. Why else would Oracle announce the extension of the Extended Support fees waiver until May 2017?

But 11gR2's continued longevity should not be a surprise.

For a start, it is a really good product. It is fully-featured and extremely robust. It offers pretty much everything an organization might want from a database. Basically it's the Windows XP of RDBMS.

The marketing of 12c has compounded this. It has focused on the "big ticket" features of 12c: Cloud, Multi-tenancy and In-Memory Database. Which is fair enough, except that these are all chargeable extras. So to get any actual benefits from upgrading to 12c requires laying out additional license fees, which is not a popular message these days.

And then there's Big Data. The hype has swept up lots of organizations who are now convinced they should be replacing their databases with Hadoop. They have heard the siren singing of free software and vendor-independence. In reality, most enterprises' core business rests on structured data for which they need an RDBMS, and their use cases for Big Data are marginal. But right now, it seems easier to make a business case for the shiny new toys than spending more on the existing estate.

So how can Oracle shift organizations onto 12c? They need to offer compelling positive reasons, not just the fear of loss of Support. My suggestion would be to make a couple of the Options part of the core product. For instance, freeing Partitioning and In-Memory Database would make Oracle 12c database a much more interesting proposition for many organizations.

Pages

Subscribe to Oracle FAQ aggregator