Home -> Mailing Lists -> Oracle-L -> SV: Accidental Use of Oracle Active Data Guard "_query_on_physical"=false

SV: Accidental Use of Oracle Active Data Guard "_query_on_physical"=false

From: Lars Dohn <LDO_at_dst.dk>
Date: Wed, 10 Feb 2016 06:30:40 +0000
Message-ID: <16C81F9A2D1FD54CADFDE04942D601D8A511BE33_at_SRVEXC5.dst.local> 





alter system set "_query_on_physical"=false scope=spfile;
:) Thank you - thank you - thank you :)



Now mplemented on 36 standbys.



Late last year our standby server accidently booted (windows regedit autostart=true (default)) and thereby triggered active data guard on 14 production databases running on a 40 core machine.
When everyone else was enjoying Christmas, I did expdp/drop db/create db/impdp.




Regards




Lars Dohn


Oracle specialist



Statistics Denmark


Sejrøgade 11


2100 København Ø



Fra: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] På vegne af Iggy Fernandez
Sendt: 9. februar 2016 18:21


Til: napacunningham_at_gmail.com; John Hallas
Cc: dimensional.dba_at_comcast.net; Andrew Kerber; oracle-l_at_freelists org
Emne: RE: Accidental Use of Oracle Active Data Guard



I found this article: https://jhdba.wordpress.com/2014/08/06/preventing-standby-databases-opening-in-active-dataguard-mode-chopt/



The summary is that you did not make the change intentionally. Oracle did it without your asking, without your knowledge, and without warning you that it had made a change that would cause you to incur additional licensing charges.



Iggy





Date: Tue, 9 Feb 2016 08:26:29 -0800


Subject: Re: Accidental Use of Oracle Active Data Guard
From: napacunningham_at_gmail.com<mailto:napacunningham_at_gmail.com>
To: John.Hallas_at_morrisonsplc.co.uk<mailto:John.Hallas_at_morrisonsplc.co.uk>
CC: dimensional.dba_at_comcast.net<mailto:dimensional.dba_at_comcast.net>; andrew.kerber_at_gmail.com<mailto:andrew.kerber_at_gmail.com>; oracle-l_at_freelists.org<mailto:oracle-l_at_freelists.org>
Just wanted to reply with a Thank You to all. I appreciate all the great advice.



I know I shouldn't take it personal, but it really does irritate me that Oracle seems to take the position of criminalizing their customer first. I really do try my best to stay within compliance as it is the responsible and respectable thing to do, but the respect sure does feel one sided when dealing with licensing. I'm just hoping that working with Oracle we can resolve this.



Thanks again,


Michael



On Mon, Feb 8, 2016 at 11:00 PM, John Hallas <John.Hallas_at_morrisonsplc.co.uk<mailto:John.Hallas_at_morrisonsplc.co.uk>> wrote:
What an excellent response Matthew. This is really helpful information for anyone responsible for ensuring that license compliance is adhered to.
Thanks for taking the time to write it up and post to the list.



John



www.jhdba.wordpress.com<http://www.jhdba.wordpress.com>



From: oracle-l-bounce_at_freelists.org<mailto:oracle-l-bounce_at_freelists.org> [mailto:oracle-l-bounce_at_freelists.org<mailto:oracle-l-bounce_at_freelists.org>] On Behalf Of Dimensional DBA
Sent: 09 February 2016 02:04


To: napacunningham_at_gmail.com<mailto:napacunningham_at_gmail.com>; 'Andrew Kerber'
Cc: 'oracle-l_at_freelists org'


Subject: RE: Accidental Use of Oracle Active Data Guard



Don't answer this  question to the list, but you need to think about why is a licenses audit being performed? Normally a license audit is only performed when it is believed you are in violation your licenses, such as turning on the OEM push back of data to Oracle Support for your databases, uploading files you provided during a recent SR, Talking to Oracle sales folks about what you are doing in your company including using products that they know are unlicensed, your company is in negotiation to reduce licensing cost or there is some other negotiation going on.



For you, it would have been helpful to ask for the list's support the moment your company was given notice that Oracle was demanding a license audit. We could have helped you in advance and eliminated the foreboding you are feeling .



For now, you need to take a moment and breathe.
Once a license audit has started things are out of your hands and normally in the hands of Chief Legal Counsel and the CFO (sometimes the CIO) of your company.



Having done licenses audits when I worked for Oracle Consulting, companies I have worked for (second thing I do normally starting with a company) and now in my own consultancy, what is being looked for normally relates back to that question up above. It really depends on the skill of the Oracle consulting person sent as to what breadth your audit will take as there is no training course in Oracle Consulting on how to do a license audit and there is nothing in the contract that determines how a license audit will be performed from a technical basis.



Some pointers during the license audit

1.       Your technical personnel should not be talking to the auditor, including not going to lunch with them. Only a management level person normally part of the Legal or Finance team if not the Chief Legal Counsel or the CFO themselves, who will relate to the technical team what is needed from them for the audit to be performed.
2.       Your team should only provide Oracle what is required. You do not have to fulfill all requests from Oracle as they normally overreach in their requests. Your upper management will help with that decision.
3.       They should not have to have direct access to your servers if you provide a person to run the commands. Normally technical person is accompanied by lower management level person to ensure the conversation is only run this command and put output here, instead of the broader questions Oracle Consulting will want to ask.





You can send me a private email and I can provide you with a list of things to check for in unconventional places to verify license compliance.



As to your question of defense, having worked for a variety of Chief Legal Counsels, some of who were previous prosecutors,  you again need to breathe.
The defense can be impeded by the answer to the first question, but if your license snafu is a single database server and a human has made a mistake, the defense is simple and your Chief Legal Counsel will deal with it.
If this is one of a variety of license violations then the defense gets more complicated, versus it is single error committed on a single server or across the whole fleet. Single error type versus multiple error types.



I have worked with Oracle Sales on a variety of license issues, but normally I am telling them when an issue occurred instead of them finding something in a licenses audit. There are a variety of things that you can do to help your Chief Legal Counsel which includes gathering up your logging information listener.logs and alert.logs on your databases before they roll off and interpreting the data for them.



Some examples of license violations I have encountered.

1.       Those new server replacements had twice the cores as the previous servers and the DBA team and management was oblivious to that when the upgrades were done. This basically was a 32 core addition that including EE Edition, RAC, Partitioning, ASO, Management packs etc. It took a couple of weeks to get back into license compliance.
2.       A standby or primary server crashed and another server was pressed into service to maintain HA and the other server actually had a higher core count than the previous server.
3.       Databases were flipped off of servers to new servers and the previous servers were never deprecated or used again, but the Oracle SW was still installed.
4.       A set of test servers utilized production licensing for testing, then when the production servers were built, someone forgot to turn off the servers with still running databases in test.
5.       A UNIX/Linux admin mistakenly put the deployment line in Chef/Puppet code and deployed Oracle SW to the fleet left there until I did a license audit.
6.       A UNIX/Linux admin moved multiple physical servers to a VM Ware servers and spread the databases across the entire physical server fleet, which took 2 months to shuffle things around and condense the Oracle part of the fleet onto a smaller number of physical VM Ware hosts.







Matthew Parker


Chief Technologist


Dimensional DBA


425-891-7934 (cell)


D&B 047931344


CAGE 7J5S7



Dimensional.dba_at_comcast.net<mailto:Dimensional.dba_at_comcast.net>
View Matthew Parker's profile on LinkedIn<http://www.linkedin.com/pub/matthew-parker/6/51b/944/>



From: oracle-l-bounce_at_freelists.org<mailto:oracle-l-bounce_at_freelists.org> [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Michael Cunningham
Sent: Monday, February 08, 2016 5:01 PM


To: Andrew Kerber


Cc: oracle-l_at_freelists org


Subject: Re: Accidental Use of Oracle Active Data Guard



Thanks Andrew.


On Feb 8, 2016 4:42 PM, "Andrew Kerber" <andrew.kerber_at_gmail.com<mailto:andrew.kerber_at_gmail.com>> wrote:
Contact house of brick technologies. They have done quite a bit of work with oracle audit defense.



Sent from my iPad



On Feb 8, 2016, at 5:37 PM, Michael Cunningham <napacunningham_at_gmail.com<mailto:napacunningham_at_gmail.com>> wrote:
Hello all, we have an Oracle audit going on and we are being told we are going to get charged for using Active Data Guard.



Has anyone been successful in working with Oracle to have them realize these were unintentional and not deliberate?



Technically the feature was enabled, but it was by accident and incorrect configuration of srvctl. As it happens, we had one standby database configured with db_startoption=open, and the other standby database with db_startoption=read only.



The first was as a result of requiring a "failover" to physical standby and we missed setting the db_startoption=mount when we rebuilt the standby on the server that used to be primary.



Each of the problems have been corrected, but Oracle is working on a bill and I'm looking for some advice from the group.



--



Michael Cunningham





Wm Morrison Supermarkets Plc is registered in England with number 358949. The registered office of the company is situated at Gain Lane, Bradford, West Yorkshire BD3 7DL. This email and any attachments are intended for the addressee(s) only and may be confidential.



If you are not the intended recipient, please inform the sender by replying to the email that you have received in error and then destroy the email.
If you are not the intended recipient, you must not use, disclose, copy or rely on the email or its attachments in any way.



This email does not constitute a contract in writing for the purposes of the Law of Property (Miscellaneous Provisions) Act 1989.



Our Standard Terms and Conditions of Purchase, as may be amended from time to time, apply to any contract that we enter into. The current version of our Standard Terms and Conditions of Purchase is available at: http://www.morrisons.co.uk/gscop



Although we have taken steps to ensure the email and its attachments are virus-free, we cannot guarantee this or accept any responsibility,
and it is the responsibility of recipients to carry out their own virus checks.







--



Michael Cunningham




--



http://www.freelists.org/webpage/oracle-l
Received on Wed Feb 10 2016 - 07:30:40 CET












Original text of this message