10g Grid - OS Login question

From: Newman, Christopher <cjnewman_at_uillinois.edu>
Date: Thu, 22 May 2008 08:26:11 -0500
Message-ID: <565F609E6D736D439837F1A1A797F3410198183C@ADMINMAIL1.ui.uillinois.edu>


We're in discussions with our OS (primarily Solaris 9/10, some SE Linux) folks about requiring secondary authentication to our UNIX boxes which, of course, will prevent 'oracle' from logging in directly and thereby break parts of grid control.

Question: Does anyone have a list of operations which require an OS login while using grid control (10gR2)? I've compiled a few, mostly though physically going in and trying them out. I'm hopeful that a) someone will be able to add a few, and b) someone can give me some ammo for justifying the need to login to the hosts as 'oracle'.

I've heard of PAM modules that can work for this, but I've never actually seen anything that works.

Here's what I have so far in terms of requiring OS authentication:

Schedule Backup
Perform Recovery
Manage current backups
Dataguard Setup and Management

Load Data
Backup Settings
Recovery Catalog Settings
Clone Database
Transportable Tablespaces

OS Jobs and Corrective Actions
Listener operations

Thanks- Chris

Received on Thu May 22 2008 - 08:26:11 CDT

Original text of this message