RE: Accidental Use of Oracle Active Data Guard
Date: Wed, 10 Feb 2016 02:28:53 -0800
Message-ID: <000601d163ed$d7bad640$873082c0$_at_comcast.net>
I think you are missing the fact that the Chief Legal Counsel of a company is a lawyer. For small companies, as the compliance violation is normally less than $1 million, they will normally deal directly with Oracle with varying outcomes. It is always a negotiation. For larger companies, they normally have both internal and external legal counsel to deal with the problem.
In large companies, there are normally armies of internal/external legal counsel to be thrown at the problem. Mostly at the legal level it is all about the contract and case law for your particular state.
You as a DBA, are really not involved in the process except to perform work if necessary in the audit and then explain to upper management how this will not happen in the future.
The outcomes normally relates back to my original question as to why is the audit being performed. Even though I have heard people talk about Oracle simply being capricious and auditing customers for the sole purpose of getting more revenue, I have never seen it happen. Every company of course has their bad eggs who would think of that as an acceptable practice and may even do it, but hopefully all companies in the end get rid of their bad eggs.
The only time an external consultancy gets involved is normally after the fact more for determining how to ensure they do not have this problem again than participating in the negotiation with Oracle. At the small company level most of the C-level are intensely protective of their company and in wanting to personally deal with the problem and you as a technical person are politely asked to step aside and let the business owners deal with the negotiation. Less likely of you as a technical person releasing more information than is necessary and causing other problems.
The companies that get into more trouble are normally those that the moment you hear Oracle mention license audit, do not involve their legal counsel immediately and terminate communication except through legal counsel. Most technical people fail in this area along with a lot of low level management who feel they know how to deal with vendors.
Matthew Parker
Chief Technologist
Dimensional DBA
425-891-7934 (cell)
D&B 047931344
CAGE 7J5S7
<mailto:Dimensional.dba_at_comcast.net> Dimensional.dba_at_comcast.net
<http://www.linkedin.com/pub/matthew-parker/6/51b/944/> View Matthew Parker's profile on LinkedIn
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Lothar Flatz
Sent: Tuesday, February 09, 2016 10:14 AM
To: oracle-l_at_freelists.org
Subject: Re: Accidental Use of Oracle Active Data Guard
True. People that would never dream of going to court without a lawyer will reject to consider an experienced partner when dealing with LMS.
On 09.02.2016 19:06, Seth Miller wrote:
Michael,
When dealing with police, the IRS or Oracle LMS, do not engage them directly. You need to have an advocate and a firewall. Urge your company to get a partner involved immediately (if they haven't already). Oracle LMS will tell you all kinds of stuff that isn't true or legally binding. Only an experienced partner will know what information should or should not be shared with them and will work with them to, at the very least, reduce the back fees Oracle will charge.
Seth Miller
On Tue, Feb 9, 2016 at 11:21 AM, Iggy Fernandez <iggy_fernandez_at_hotmail.com> wrote:
I found this article: https://jhdba.wordpress.com/2014/08/06/preventing-standby-databases-opening-in-active-dataguard-mode-chopt/
The summary is that you did not make the change intentionally. Oracle did it without your asking, without your knowledge, and without warning you that it had made a change that would cause you to incur additional licensing charges.
Iggy
Date: Tue, 9 Feb 2016 08:26:29 -0800
Subject: Re: Accidental Use of Oracle Active Data Guard
From: napacunningham_at_gmail.com
To: John.Hallas_at_morrisonsplc.co.uk
CC: dimensional.dba_at_comcast.net; andrew.kerber_at_gmail.com; oracle-l_at_freelists.org
Just wanted to reply with a Thank You to all. I appreciate all the great advice.
I know I shouldn't take it personal, but it really does irritate me that Oracle seems to take the position of criminalizing their customer first. I really do try my best to stay within compliance as it is the responsible and respectable thing to do, but the respect sure does feel one sided when dealing with licensing. I'm just hoping that working with Oracle we can resolve this.
Thanks again,
Michael
On Mon, Feb 8, 2016 at 11:00 PM, John Hallas <John.Hallas_at_morrisonsplc.co.uk> wrote:
What an excellent response Matthew. This is really helpful information for anyone responsible for ensuring that license compliance is adhered to.
Thanks for taking the time to write it up and post to the list.
John
<http://www.jhdba.wordpress.com> www.jhdba.wordpress.com
From: <mailto:oracle-l-bounce_at_freelists.org> oracle-l-bounce_at_freelists.org [mailto: <mailto:oracle-l-bounce_at_freelists.org> oracle-l-bounce_at_freelists.org] On Behalf Of Dimensional DBA
Sent: 09 February 2016 02:04
To: <mailto:napacunningham_at_gmail.com> napacunningham_at_gmail.com; 'Andrew Kerber'
Cc: 'oracle-l_at_freelists org'
Subject: RE: Accidental Use of Oracle Active Data Guard
Don’t answer this question to the list, but you need to think about why is a licenses audit being performed? Normally a license audit is only performed when it is believed you are in violation your licenses, such as turning on the OEM push back of data to Oracle Support for your databases, uploading files you provided during a recent SR, Talking to Oracle sales folks about what you are doing in your company including using products that they know are unlicensed, your company is in negotiation to reduce licensing cost or there is some other negotiation going on.
For you, it would have been helpful to ask for the list’s support the moment your company was given notice that Oracle was demanding a license audit. We could have helped you in advance and eliminated the foreboding you are feeling .
For now, you need to take a moment and breathe.
Once a license audit has started things are out of your hands and normally in the hands of Chief Legal Counsel and the CFO (sometimes the CIO) of your company.
Having done licenses audits when I worked for Oracle Consulting, companies I have worked for (second thing I do normally starting with a company) and now in my own consultancy, what is being looked for normally relates back to that question up above. It really depends on the skill of the Oracle consulting person sent as to what breadth your audit will take as there is no training course in Oracle Consulting on how to do a license audit and there is nothing in the contract that determines how a license audit will be performed from a technical basis.
Some pointers during the license audit
- Your technical personnel should not be talking to the auditor, including not going to lunch with them. Only a management level person normally part of the Legal or Finance team if not the Chief Legal Counsel or the CFO themselves, who will relate to the technical team what is needed from them for the audit to be performed.
- Your team should only provide Oracle what is required. You do not have to fulfill all requests from Oracle as they normally overreach in their requests. Your upper management will help with that decision.
- They should not have to have direct access to your servers if you provide a person to run the commands. Normally technical person is accompanied by lower management level person to ensure the conversation is only run this command and put output here, instead of the broader questions Oracle Consulting will want to ask.
You can send me a private email and I can provide you with a list of things to check for in unconventional places to verify license compliance.
As to your question of defense, having worked for a variety of Chief Legal Counsels, some of who were previous prosecutors, you again need to breathe.
The defense can be impeded by the answer to the first question, but if your license snafu is a single database server and a human has made a mistake, the defense is simple and your Chief Legal Counsel will deal with it.
If this is one of a variety of license violations then the defense gets more complicated, versus it is single error committed on a single server or across the whole fleet. Single error type versus multiple error types.
I have worked with Oracle Sales on a variety of license issues, but normally I am telling them when an issue occurred instead of them finding something in a licenses audit. There are a variety of things that you can do to help your Chief Legal Counsel which includes gathering up your logging information listener.logs and alert.logs on your databases before they roll off and interpreting the data for them.
Some examples of license violations I have encountered.
- Those new server replacements had twice the cores as the previous servers and the DBA team and management was oblivious to that when the upgrades were done. This basically was a 32 core addition that including EE Edition, RAC, Partitioning, ASO, Management packs etc. It took a couple of weeks to get back into license compliance.
- A standby or primary server crashed and another server was pressed into service to maintain HA and the other server actually had a higher core count than the previous server.
- Databases were flipped off of servers to new servers and the previous servers were never deprecated or used again, but the Oracle SW was still installed.
- A set of test servers utilized production licensing for testing, then when the production servers were built, someone forgot to turn off the servers with still running databases in test.
- A UNIX/Linux admin mistakenly put the deployment line in Chef/Puppet code and deployed Oracle SW to the fleet left there until I did a license audit.
- A UNIX/Linux admin moved multiple physical servers to a VM Ware servers and spread the databases across the entire physical server fleet, which took 2 months to shuffle things around and condense the Oracle part of the fleet onto a smaller number of physical VM Ware hosts.
Matthew Parker
Chief Technologist
Dimensional DBA
425-891-7934 (cell)
D&B 047931344
CAGE 7J5S7
<mailto:Dimensional.dba_at_comcast.net> Dimensional.dba_at_comcast.net
<http://www.linkedin.com/pub/matthew-parker/6/51b/944/> View Matthew Parker's profile on LinkedIn
From: <mailto:oracle-l-bounce_at_freelists.org> oracle-l-bounce_at_freelists.org [ <mailto:oracle-l-bounce_at_freelists.org> mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Michael Cunningham
Sent: Monday, February 08, 2016 5:01 PM
To: Andrew Kerber
Cc: oracle-l_at_freelists org
Subject: Re: Accidental Use of Oracle Active Data Guard
Thanks Andrew.
On Feb 8, 2016 4:42 PM, "Andrew Kerber" <andrew.kerber_at_gmail.com> wrote:
Contact house of brick technologies. They have done quite a bit of work with oracle audit defense.
Sent from my iPad
On Feb 8, 2016, at 5:37 PM, Michael Cunningham <napacunningham_at_gmail.com> wrote:
Hello all, we have an Oracle audit going on and we are being told we are going to get charged for using Active Data Guard.
Has anyone been successful in working with Oracle to have them realize these were unintentional and not deliberate?
Technically the feature was enabled, but it was by accident and incorrect configuration of srvctl. As it happens, we had one standby database configured with db_startoption=open, and the other standby database with db_startoption=read only.
The first was as a result of requiring a "failover" to physical standby and we missed setting the db_startoption=mount when we rebuilt the standby on the server that used to be primary.
Each of the problems have been corrected, but Oracle is working on a bill and I'm looking for some advice from the group.
-- Michael Cunningham ______________________________________________________________________ Wm Morrison Supermarkets Plc is registered in England with number 358949. The registered office of the company is situated at Gain Lane, Bradford, West Yorkshire BD3 7DL. This email and any attachments are intended for the addressee(s) only and may be confidential. If you are not the intended recipient, please inform the sender by replying to the email that you have received in error and then destroy the email. If you are not the intended recipient, you must not use, disclose, copy or rely on the email or its attachments in any way. This email does not constitute a contract in writing for the purposes of the Law of Property (Miscellaneous Provisions) Act 1989. Our Standard Terms and Conditions of Purchase, as may be amended from time to time, apply to any contract that we enter into. The current version of our Standard Terms and Conditions of Purchase is available at: <http://www.morrisons.co.uk/gscop> http://www.morrisons.co.uk/gscop Although we have taken steps to ensure the email and its attachments are virus-free, we cannot guarantee this or accept any responsibility, and it is the responsibility of recipients to carry out their own virus checks. ______________________________________________________________________ -- Michael Cunningham -- -- http://www.freelists.org/webpage/oracle-lReceived on Wed Feb 10 2016 - 11:28:53 CET