Skip Headers
Oracle® Database Vault Administrator's Guide
11g Release 1 (11.1)
Part Number B31222-01
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Master Index
Master Index		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to next page
Next
View PDF

C Post-Installation Oracle Database Vault Procedures

This appendix describes the following topics:

C.1 Configuring Oracle Database Vault on RAC Nodes

After you install Oracle Database Vault for an Oracle Real Application Clusters (RAC) instance, you need to run Oracle Database Vault Configuration Assistant (DVCA) with the -action optionrac option on all other RAC nodes. This sets instance parameters and disables SYSDBA operating system authentication.

You need to run this command on all Oracle RAC nodes other than the node on which the Database Vault installation is performed. This step is required to enable the enhanced security features provided by Oracle Database Vault.

This section includes the following topics:

C.1.1 Syntax for Using DVCA -action optionrac

The syntax for using dvca -action optionrac is as follows:

dvca -action optionrac 
  -oh Oracle_home
  -instance Oracle_instance_name 
  -dbname database_name 
  -jdbc_str jdbc_connection_string
  -sys_passwd SYS_password 
  [-silent] 
  [-logfile ./dvca.log] 
  [-nodecrypt]   
  [-lockout]

In this specification:

  • -action is the action to perform. optionrac performs the action of updating the instance parameters for the Oracle RAC instance. This flag also provides the option of disabling SYSDBA operating system access for the instance.

  • -racnode is the host name of the Oracle RAC node on which the action is being performed. Do not include the domain name with the host name.

  • -oh is the Oracle home for the Oracle RAC instance. Provide the ORACLE_HOME path.

  • -instance is the name of the Database instance.

  • -dbname is the database name.

  • -jdbc_str is the JDBC connection string used to connect to the database. For example:

    jdbc:oracle:oci:@orcl1

  • -sys_password is the password for the SYS user. If you use a cleartext password on the command line, you must include the nodecrypt option. If you omit the password, DVCA prompts you for it.

  • -logfile is an optional flag to specify a log file name and location. You can enter an absolute path, or enter a path that is relative to the location of the $ORACLE_HOME/bin directory.

  • -silent is the option to run in command line mode. This option is required if you are not running DVCA in an xterm window.

  • -nodecrypt is the option to read plaintext passwords.

  • -lockout is the flag to use to disable SYSDBA operating system authentication.

C.1.2 Procedure for Configuring Oracle Database Vault on RAC Nodes

To configure Oracle Database Vault on RAC nodes:

  1. Ensure that the listener and database instance are running on the nodes on which you run DVCA.

  2. At a command prompt, enter the DVCA command. For example:

    dvca -action optionrac 
-oh /path/to/oracle_home 
-jdbc_str jdbc:oracle:oci:@orcl1 
-racnode mynode 
-silent 
-logfile ./dvcalog.txt

Enter SYS password: sys_password

C.2 Adding Languages to Oracle Database Vault

By default, Oracle Database Vault loads only the English language tables. You can use DVCA to add more languages to Oracle Database Vault by specifying the addlanguages flag to the dvca -action option.

This section includes the following topics:

C.2.1 Syntax for Using DVCA -action addlanguages

The syntax for using dvca -action addlanguages is as follows:

dvca -action addlanguages 
  -oh Oracle_home
  -instance Oracle_instance_name 
  -dbname database_name 
  -jdbc_str jdbc_connection_string
  -sys_passwd SYS_password 
  -dvsys_passwd DVSYS_password  
  -languages language_list
  [-owner_account DV_owner_account_name] 
  [-owner_passwd DV_owner_account_password>] 
  [-acctmgr_account DV_account_manager_account_name>] 
  [-acctmgr_passwd DV_account_manager_password] 
  [-silent] 
  [-logfile ./dvca.log] 
  [-nodecrypt] 
  [-lockout] 
  [-racnode node]

In this specification:

  • -action is the action to perform. In this case the action is addlanguages.

  • -oh is the Oracle home for the Oracle RAC instance. Provide the ORACLE_HOME path.

  • -instance is the name of the Database instance.

  • -dbname is the database name.

  • -sys_password is the password for the SYS user. If you use a cleartext password on the command line, you must include the nodecrypt option. If you omit the password, DVCA prompts you for it.

  • -dvsys_password is the password for the DVSYS user. If you use a cleartext password on the command line, you must include the nodecrypt option. If you omit the password, DVCA prompts you for it.

  • -jdbc_str is the JDBC connection string used to connect to the database. For example:

    jdbc:oracle:oci:@orcl1

  • -languages is the list of languages to be loaded. Provide the list of languages as a string in the following format.

    {"[en],[de],[es],[fr],[it],[ja],[ko],[pt_BR],[zh_CN],[zh_TW]"}

    Oracle Database Vault supports the following languages:


    		 en: English ja: Japanese

    		de: German ko: Korean

    		es: Spanish pt_BR: Brazilian Portuguese

    		fr: French zh_CN: Simplified Chinese

    		it: Italian zh_TW: Traditional Chinese

    For example, to load German and Spanish, you would enter the following:

    -languages {"de,es"}

  • -owner_account is the Oracle Database Vault Owner account name.

  • -owner_passwd is the Oracle Database Vault Owner account password. If you use a cleartext password on the command line, you must include the nodecrypt option. If you omit the password, DVCA prompts you for it.

  • -acctmgr_account is the Oracle Database Vault Account Manager user name.

  • -acctmgr_passwd is the Oracle Database Vault Account Manager password. If you use a cleartext password on the command line, you must include the nodecrypt option. If you omit the password, DVCA prompts you for it.

  • -logfile is an optional flag to specify a log file name and location. You can enter an absolute path, or enter a path that is relative to the location of the $ORACLE_HOME/bin directory.

  • -silent is the option to run in command line mode. This option is required if you are not running DVCA in an xterm window.

  • -nodecrypt is the option to read plaintext passwords.

  • -lockout is the flag to use to disable SYSDBA operating system authentication.

C.2.2 Procedure for Adding Languages to Oracle Database Vault

To add languages to Oracle Database Vault:

  1. Disable Oracle Database Vault by completing the following steps under "Step 1: Disable Oracle Database Vault":

    • Linux: Steps 1, 2, and 3 (but not 4).

    • Windows: Steps 1, 2, 3, and 4 (but not 5).

  2. Use DVCA to add the languages you want.

    For example:

    dvca -action addlanguages 
  -oh /path/to/oracle_home
  -instance myinstance -dbname mydbname 
  -jdbc_str jdbc:oracle:oci:@orcl1 
  -languages {"es, ja"}
  -silent 
  -logfile dvcalog.txt 

Enter SYS password: sys_password
Enter DVSYS password: dvsys_password
Enter owner password: owner_password
Enter DV account manager password: dv_acct_password

  3. Enable Oracle Database Vault by completing the following steps "Step 3: Enable Oracle Database Vault":

    • Linux: Steps 2, 3, 4, and 5 (but not 1).

    • Windows: Steps 2, 3, 4, and 5 (but not 1).

Go to previous page
Previous		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Master Index
Master Index		 Go to Feedback page
Contact Us