Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: LRM-00109 and ORA-01078 while starting up database remot

Re: LRM-00109 and ORA-01078 while starting up database remot

From: Sean M <smckeownNO_at_BACKSIESearthlink.net>
Date: Sun, 14 Apr 2002 16:02:02 GMT
Message-ID: <3CB9A800.F8334165@BACKSIESearthlink.net> 





Philip Chee wrote:


> 

> >Could be that the person wanting to start the database doesn't have

> >access to an OS account with these privs, but does have the right Oracle

> >account level privs.

> 

> If I can't trust somebody with an OS account on a server, I sure

> wouldn't give out an Oracle account with those privileges either.




That's your choice (and mine, usually, for what it's worth).  But others
may have different tolerences.  Consider an SA for a company that sells
classes teaching Oracle DBA tasks.  She has a server that is running a
dozen databases, one for each member of the class.  She wants to allow
the students to startup/shutdown their database for practice, but
doesn't want them to have host-level access (that's her company's
choice).  



> >Could be that Telnet is prohibited but secured SqlNet is admissible

> >for security reasons.

>

> So run ssh.  Security levels won't be compromised this way.




Everytime you open your server to another method/level of access, you
compromise security.  SSH, as nice a tool as it is, is not immune. 
Adding SSH access instead of adding telnet access is certainly the
better choice for security, but in either case you're *adding* access,
thereby compromising security.  
 


> >Could be that you want a single location from which to execute such

> >commands withouth the hassle of telnetting to different machines

> >first (scripted backup maybe, who knows).

> 

> With scripted stuff, it's trivial to script logins to remote servers

> via rsh (unsecure) or ssh (better security) so your claims of extra

> hassle are unwarranted.




You're saying it's possible to write an Expect script to startup
databases on multiple hosts that's simpler than:


SQL> connect scott/tiger_at_database1 as sysdba
SQL> startup pfile=initdatabase1.ora
SQL> connect scott/tiger_at_database2 as sysdba
SQL> startup pfile=initdatabase2.ora




etc.



?? 
 


> >But 9i and and spfile would probably help no matter what.

> 

> Ok.  Good point.  Also I just remembered that the original poster

> had the DBMS on a Windows server, so telnet/ssh won't work.

> I concede.




Why won't it work?  Try www.f-secure.com, they offer a nice ssh server
for NT/2000, amongst others. 



Regards,


Sean
Received on Sun Apr 14 2002 - 11:02:02 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US