02-03-2015 06:11 AM
Hi all,
I am doing some tests on Oracle smart policies.
I did not catch perfectly what should be the minimum set of privileges which configured oracle user must have to complete successfully the backup/restore operation.
Do you have an idea about?
Thank You
Regards
Mauro
02-03-2015 06:40 AM
SYSDBA
02-03-2015 11:43 PM
Just to know...
What about Oracle RMAN recovery catalog credentials?
Thanks
Mauro
02-04-2015 12:30 AM
From http://docs.oracle.com/cd/B28359_01/backup.111/b28270/rcmcatdb.htm#BRADV89651
After choosing the recovery catalog database and creating necessary space, you are ready to create the owner of the recovery catalog and grant this user necessary privileges. Assume the following background information for the instructions in the following sections:
User SYS
has SYSDBA
privileges on the recovery catalog database catdb
.
A tablespace called tools
in the recovery catalog database catdb
stores the recovery catalog. Note that to use an RMAN reserved word as a tablespace name, you must enclose it in quotes and put it in uppercase. (Refer to Oracle Database Backup and Recovery Reference for a list of RMAN reserved words.)
A tablespace called temp
exists in the recovery catalog database.
To create the recovery catalog schema in the recovery catalog database:
Start SQL*Plus and connect with administrator privileges to the database containing the recovery catalog. In this example, the database is catdb
.
Create a user and schema for the recovery catalog. For example, you could enter the following SQL statement (replacing password with a user-defined password):
CREATE USER rman IDENTIFIED BY password
TEMPORARY TABLESPACE temp
DEFAULT TABLESPACE tools
QUOTA UNLIMITED ON tools;
Note:
Create a password that is secure. See Oracle Database Security Guide for more information.Grant the RECOVERY_CATALOG_OWNER
role to the schema owner. This role provides the user with all privileges required to maintain and query the recovery catalog.
GRANT RECOVERY_CATALOG_OWNER TO rman;
03-18-2015 12:22 PM
I understand it says SYSDBA privileges: "If your current logon does not have Oracle SYSDBA privileges, the system prompts you to enter your Oracle database logon user name and password with SYSDBA privileges to continue. Optionally, also enter your Net service name (TNS alias)"
Our Oracle DBA's have execute permissions to nboraadm as well: "Oracle DBAs can use the ‘nboraadm’ command on the NetBackup client to manage instances, instance groups, and their credentials. This command is very useful in environments where the Oracle credentials are known only by the DBAs and not by the NetBackup administrators."
However no matter what account they try to use: sys, system etc (all of which have SYSDBA privileges) we still get an insufficient permissions error when trying to register scanned instances. We have to be missing something but we can't seem to think of what. Is it possible that authentication is Either/Or when it comes to DB or Operating system? In other words, Either use only DB login OR OS not both?
Does anyone have a very simplified and detailed step by step on registering a database and accounts used etc? We have to be overlooking something simple
03-18-2015 09:39 PM
I use OS authentication only and it works fine. As I just have a test Oracle DB (and I'm not a DB) I've just setup the basic. My user (oracle) that I install and connect to Oracle with is used in the NetBackup registration.
Can't comment on using a combo of both.
03-19-2015 06:03 AM
Thank you Riaan, I'll see if just using the OS Oracel account works on its' own.