Hi,
Wishing you all a very happy deepavali!!!!!
There are many ways in which Oracle Service Name Resolution can be implemented in an enterprise. Some of the naming methods supported by Oracle Net Services are Local Naming, Directory Naming, Host Naming, Oracle Names (I think this will be deprecated) etc. In almost every environment I have worked in the past, Local Naming Method was in use. This would invariably involve name resolution happening using the local "tnsnames.ora" file and multiple local copies of tnsnames.ora file is often inevitable.
In my current working environment, we have a large number of oracle databases. Interestingly but not surprisingly, Directory Naming method has been implemented in our environment. This post is about the steps that are necessary to setup directory naming method in an Oracle environment.
Prerequisite:
You need to have a working LDAP server configured for use by Oracle. Now, although Oracle supports Microsoft LDAP, I think this has some limitations. One of the biggest hinderances of implementing Directory naming method on Microsoft LDAP server is that the Oracle database needs to be running on Windows. While this may not be feasible at many enterprises, Oracle integrates tightly with Oracle Internet Directory (OID), which is also a LDAP compliant server from Oracle. OID can be installed as part of the "Infrastructure" install of Oracle 10gAS.
You need what is known as "Oracle Context" to be able to register Oracle database service and Net Service Names or Aliases. OID creates a default Oracle Context for usage called as "OracleContext" in the OID. If you need alternate Oracle context, you can create one with Oracle Net Configuration Assistant. Net configuration Assistant is also the one which creates your ldap.ora file which contains the information about the OID to which the oracle home must connect. The ldap.ora file contains information like the directory server name, port and the directory server type.
Apart from the above, the directory server must allow anonymous authentication.
I think that planning, set up and maintenance of an LDAP server is a specialist job function in itself and dont think would come under the purview of an Oracle DBA.
Steps to Configure Directory Naming Method:
There are three different types of configuration that can happen:
1. Oracle Service Registration with OID. (Mandatory)
This is nothing but database service name entry that contains the actual name of the database. This entry in the OID will contain the "attributes" which constitute the "Connect Descriptor" that is used to locate the database. Connect Descriptor is nothing but the entries that are found in normal tnsnames.ora file which help Oracle Net locate the database service. Once the service registration is done, remote users who are configured to use directory naming can start connecting to the database with no additional configuration. You need to have your ldap.ora before you attempt this. The user credentials that you use to register the database service in OID, needs to be part of either OracleDBCreators or OracleContextADmins (Super user privs) OID groups to be able to register the service.
2. Setting up directory server usage on database server* and client. (Mandatory)
This step enables the clients to use directory server for name resolution.
3. Oracle Net Service Names / Alias registration with OID. (Optional)
This is about registering Net Service Names (additional names to refer a database) for a given database. Use Oracle Net Manager for this.
In either of the above cases 1 and 2, two more options fork out:
1a. Oracle Service Registration with OID during installation of the database.
>> When you use custom database installation method, you can use the Oracle Net Configuration assistant to configure the ldap server for usage. The Oracle Net Configuration asssistant is launched as part of the installation itself. If this is the first time you are setting up directory naming method, you can choose the option to create the context and repository in OID. Else you can just select the OID and the context and continue. Eventually, during the process of installation, When the DBCA is invoked, you have the option to register the database. DBCA then goes on to create the service entry and updates the RDBMS_SERVER_DN initialization parameter.
1b. Oracle Service Registration with OID after installation of the database. (This can happen for eg. if you were originally using local naming method and then decided to move on to directory naming method.)
>> You need to have the ldap.ora in place. To get one, you need to run Net Configuration Assistant. In this case you may invoke the dbca and then register the database service with the OID. This time, choose "configure database" option. In the subsequent screens you should see an option "Yes, Register the database". You will be prompted for the OID credentials. Enter the credentials of the user who has authority to register the service.
2a. Setting up directory server usage on database server and clients during installation
>> If you chose to register your database with OID in step 1a or 1b, then you dont have to do anything as far as database server oracle home is concerned. For your client installations, use Net Configuration Assistant to set up OID usage by choosing the Directory type, directory's hostname, port and OracleContext. That is all you need to do.
2b. Setting up directory server usage on database Server and Clients after installation
>> If you chose to register your database with OID in step 1a or step 1b, then you dont need any further configuration on database server. On the client side, just invoke Net Configuration Assistant to setup directory usage. Choose the Directory type, directory's hostname, port and OracleContext under Configure Directory Usage option. That is all you need to do. Verify that your sqlnet.ora file has been correctly updated to lookup ldap before any other methods listed.
For eg.
NAMES.DIRECTORY_PATH = (LDAP,TNSNAMES)
3. Oracle Net Service Names / Alias registration with OID (Optional)
>> You need an OID user credential that is part of OracleNetAdmins group. This is the privilege that is required to make net service names/alias entries. You also need the ldap.ora. In the left side pane, you need to choose "Directory" and then underneath directory, you can define service names. You can also create service name alias here.
I think this pretty much sums up the Directory usage configuration exercise.
*Setting up directory server usage on database server Oracle home may be required if you use db links in the database and need to look up for other databases and make connections.
- Aravind Kamath
Tuesday, October 28, 2008
Friday, October 24, 2008
Return to Unix World
Hi,
I have been through a transition in the last few months both in my personal and professional life. On the professional front, there has been a significant change in the environment in which I will continue to work with Oracle Apps. Yes, I am back to working on Unix platforms. I will continue to update this space with technical posts as and when I come up with something.
-Aravind Kamath Posral
I have been through a transition in the last few months both in my personal and professional life. On the professional front, there has been a significant change in the environment in which I will continue to work with Oracle Apps. Yes, I am back to working on Unix platforms. I will continue to update this space with technical posts as and when I come up with something.
-Aravind Kamath Posral
Subscribe to:
Posts (Atom)
Posts
