Netbackup Oracle intelligent policy - Oracle user ...

MauroG · ‎02-03-2015

Hi all,

I am doing some tests on Oracle smart policies.

I did not catch perfectly what should be the minimum set of privileges which configured oracle user must have to complete successfully the backup/restore operation.

Do you have an idea about?

Thank You

Regards

Mauro

RiaanBadenhorst · ‎02-03-2015

SYSDBA

MauroG · ‎02-03-2015

Just to know...

What about Oracle RMAN recovery catalog credentials?

Thanks

Mauro

RiaanBadenhorst · ‎02-04-2015

From http://docs.oracle.com/cd/B28359_01/backup.111/b28270/rcmcatdb.htm#BRADV89651

Creating the Recovery Catalog Schema Owner

After choosing the recovery catalog database and creating necessary space, you are ready to create the owner of the recovery catalog and grant this user necessary privileges. Assume the following background information for the instructions in the following sections:

User SYS has SYSDBA privileges on the recovery catalog database catdb.
A tablespace called tools in the recovery catalog database catdb stores the recovery catalog. Note that to use an RMAN reserved word as a tablespace name, you must enclose it in quotes and put it in uppercase. (Refer to Oracle Database Backup and Recovery Reference for a list of RMAN reserved words.)
A tablespace called temp exists in the recovery catalog database.

To create the recovery catalog schema in the recovery catalog database:

Start SQL*Plus and connect with administrator privileges to the database containing the recovery catalog. In this example, the database is catdb.

Create a user and schema for the recovery catalog. For example, you could enter the following SQL statement (replacing password with a user-defined password):

CREATE USER rman IDENTIFIED BY password
  TEMPORARY TABLESPACE temp 
  DEFAULT TABLESPACE tools 
  QUOTA UNLIMITED ON tools;

Note:

Create a password that is secure. See Oracle Database Security Guide for more information.

Grant the RECOVERY_CATALOG_OWNER role to the schema owner. This role provides the user with all privileges required to maintain and query the recovery catalog.

GRANT RECOVERY_CATALOG_OWNER TO rman;

lselinger · ‎03-18-2015

I understand it says SYSDBA privileges: "If your current logon does not have Oracle SYSDBA privileges, the system prompts you to enter your Oracle database logon user name and password with SYSDBA privileges to continue. Optionally, also enter your Net service name (TNS alias)"

Our Oracle DBA's have execute permissions to nboraadm as well: "Oracle DBAs can use the ‘nboraadm’ command on the NetBackup client to manage instances, instance groups, and their credentials. This command is very useful in environments where the Oracle credentials are known only by the DBAs and not by the NetBackup administrators."

However no matter what account they try to use: sys, system etc (all of which have SYSDBA privileges) we still get an insufficient permissions error when trying to register scanned instances. We have to be missing something but we can't seem to think of what. Is it possible that authentication is Either/Or when it comes to DB or Operating system? In other words, Either use only DB login OR OS not both?

Does anyone have a very simplified and detailed step by step on registering a database and accounts used etc? We have to be overlooking something simple

RiaanBadenhorst · ‎03-18-2015

I use OS authentication only and it works fine. As I just have a test Oracle DB (and I'm not a DB) I've just setup the basic. My user (oracle) that I install and connect to Oracle with is used in the NetBackup registration.

Can't comment on using a combo of both.

lselinger · ‎03-19-2015

Thank you Riaan, I'll see if just using the OS Oracel account works on its' own.

VOX

Netbackup Oracle intelligent policy - Oracle user privileges

Creating the Recovery Catalog Schema Owner