Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Help with 10g AS and OID

RE: Help with 10g AS and OID

From: <>
Date: 2006-01-11 20:42:29

George! My Brother in pain!

I tried in vain to get OiD 3.0.1 (Oracle 9.0.1) to work. Since that post was back in the FatCity days, here's what I had to say to the list on April 8, 2002:


OiD! After several weeks of pain, here's what I've learned:

1) Create your database(s) manually. The GUI creates the traditional

"the least we need to get it going without a real DBA" database. Note
159031.1 on Metalink will guide you thru the basic create. 2) If you intend on using replication (a good idea), study up on Oracle ASR, but realize that OiD doesn't use ASR in the traditional way, at least according to Oracle Support. In other words, if OiD has problems replicating, it's an OiD problem and not an ASR problem, as far as Oracle Support is concerned. 3) According to Oracle Support, you cannot use hot backups as a reliable means of backup/recovery for OiD in a replicated environment. While I agree with their reasoning in theory, I believe that a good DBA (and me, too!) can still use it, but with care on the recovery. For more info, see the OiD Admin Guide. 4) Speaking of the OiD Admin Guide: Read it, learn it, study it, know it. All 688 pages of it. The concepts in there are KEY! The one that burned me is the concept of a Remote Definition Site (RDS). You're
"primary" server is the MDS (Master Definition Site). We tried to treat
our second "backup" OiD server as a read-only. Don't do it. Treat all other replication nodes as RDSs. It will save you tons of headaches. 5) Why isn't "RDS" mentioned specifically in the OiD Admin Guide? Because of a lack of coherent documentation. Lookup all the articles you can on Metalink regarding OiD. Some haven't been updated for v3, but they're still good. 6) Do not use any version below 3.0.1 of OiD, which requires (and comes with) Oracle 9i. We had too many bugs, especially in the OiD Administrator program with v2.x. 7) Use Linux. There are some nasty little gotchas in NT/2000 that I really despise (keep reading). 8) Only use an Oracle Certified platform and version of the OS. Oracle Support will have a cow udderwise. 9+) Use scripts to startup and shutdown OiD. If you try and do it manually and shut the oidmon down before the LDAP and replication daemons, the daemons won't shutdown. On Linux, you can restart the oidmon, and the daemons should shutdown, but on NT/2000 they will hang there forever until you re-freaking-boot. Who writes this crap? There's no rebooting on Linux/Unix! I haven't tried OiD on Unix (I think OiD v3's available on HP/Solaris), so I can't say what'll happen there. As an aside, many OiD tools are Unix/Linux shell script, which are not directly available on Windohs. Just another reason to avoid Windows for OiD. 10) I just started to test moving from ONames to OiD. Apparently there's no way to create the "OracleContext" LDAP tree manually, so you've got to use the Oracle Net Config Assist ("netca"). I'm trying to determine if the "update" it does to the OiD DBs schwanzes up the rest of OiD first before continuing. --- For more in-depth notes on these headaches, check out Oracle BUG 2369181 on MetaLink. I have no idea what to do here. Oracle Names doesn't work reliably even with clients (we have BUG 4910066 for that) and I have *ZERO* confidence in replicated OiD. Logistically, I can't keep 500+ TNSNAMES.ORAs worldwide synchronized. I would really like to know how
"Enterprises" deal with this. I have a feeling there are more George
Johnsons and Rich Jesses out there than satisfied customers confident of their Oracle Networking. Back to upgrading... Rich -----Original Message----- From: [] On Behalf Of Johnson, George Sent: Wednesday, January 11, 2006 1:51 AM To: Oracle-L Subject: RE: Help with 10g AS and OID We are currently in our implementation phase and it is the biggest PITA going. We are going for full 4 site, 8 server replication with DR fallbacks, complete with full Sign-On and Active Directory integration. Oracle support and consultancy in the UK have been absolutely useless, given next to support or guidance, sent us down dead-end routes and I have sneaking suspicion have been using us a test bed to see if this works. We have even had to write our own AD password syncing DLL to put password changes from AD to OID because 9i DB's can't support the Kerberos authentication that AD, OID and 10g DBs will support, although Oracle assured us it works fine! Oh and we have just upgraded a 9i to 10g, which screwed the OID repository up as you are supposed to un-register before you upgrade then re-register afterwards, otherwise you lose all the security settings for that DB! Once this SSO
"works" will be moving the TNS lookups into it, please spare me a
prayer! Other than that, it's fine! Thanks for letting me get that off my chest! Seriously, as with all things that can impact the business, before you start letting management/sec. officer types get sold on this central management/SSO stuff, take a serious long look at what you want and do some very thorough research, we have been seriously burned by Oracle over the OID stuff. Rgds --
Received on Wed Jan 11 2006 - 20:42:29 CST

Original text of this message