| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: RMAN v Control Files
"Noons" <nsouto_at_optusnet.com.au.nospam> wrote in message
news:Xns9326EA3351EAETokenthis_at_210.49.20.254...
> Following up on Niall Litchfield, 18 Feb 2003:
>
> >
> > I don't use RMAN so I can't say whether RMAN uses the account or not,
> > but preferred credentials are set in OEM from the configuration menu.
>
> Yeah, but where are they used from? The agent? The mgt server?
> Any batch jobs? Who starts the batch jobs then? Friggin Windoze...
My understanding is that the credentials are stored in the mgmt server, but passed to the agent (which likely runs as local system). The agent will then spawn a new process running under the os credentials supplied to it from the mgmt server. so you have
process machine os credentialsother credentials
mgmtserver mgmt.com.au localsystem => agent target.com.au localsystem => sqlplus target.com.au <from mgmt server><db credentials from ms>
and if that doesn't wrap like hell I don't know what will.
>
>
> > Choose preferences, where you get administrator specific preferences and
> > then preferred credentials. this has a setting for each item, AND a
> > default for each type of managed object.
>
> Bugger. 9ir2 here and I don't see one for each type of object.
> Maybe wrong version, I had 8.1.7 prior to this. Let me re-verify
> all that...
>
>
> > that you should have one adminstrator that owns all of the jobs, events
> > etc and configure preferred credentials for this account, then create
> > other administrators if you need them as super administrators, I for one
> > can't see why preferred credentials shouldn't be an attribute of the
> > node/database/web server rather than of the administrator but there you
> > go.
>
>
> Heh! This is the secure net that carries the mil stuff
> for our pilots in Iraq. Do you seriously think these folks
> would let any1 use admin accounts? Cripes: if I do a "ping",
> 3 minutes later I get a security spook sniffing around,
> checking why I used it!...
sorry I mean't use one master OEM administrator - not an os administrator.
>
> >
> > I thought that was your default position on windows v unix <G>?
>
>
> Granted. But it ain't the air force one. They win! :D
one can but hope :).
>
>
> > message and is set up correctly in OEM make sure that it has full
> > control of the temp directory that it uses and at least read and execute
> > rights to the Oracle Home directory.
>
>
> Well spotted, forgot to check those. Thanks a lot!
>
>
> > You can usually troubleshoot the
> > 'Do I have a permissions problem or have I fat fingered the setup'
> > question by *temporarily* setting the userid in question as an
> > administrator of the server.
> >
>
> That's what I usually do, but in this kind of milnet
> there is simply no way those folks will let any1 be
> admin. Their approach to security breaks is very simple:
> do NOT do it.
> Works...
If all of this is unclear, or doesn't match with your experience drop a line to the work address and i'll mail you some details of what we have got going. oem 2.2 and 8i and 9i db's. Of course there might be an argument for just rolling your own backup scripts and passing them to the sysadmins to schedule using at .....
-- Niall Litchfield Oracle DBA Audit Commission UK ***************************************** Please include version and platform and SQL where applicable It makes life easier and increases the likelihood of a good answer ******************************************Received on Tue Feb 18 2003 - 16:10:09 CST
 |
 |