ORA-01031 Insufficient privilege while creating Oracle user
login as "SYS" user
SQL> create user test identified by test;
ORA-01031: insufficient privilege
If you have "Enabled" Oracle Database Vault in your Database this could cause a problem
Solution is Disable Oracle Database Vault
SQL>exec dbms_macadam.disable_dv;
Restart the Database
SQL>create user test identified by test;
User created
SQL>
SQL> create user test identified by test;
ORA-01031: insufficient privilege
If you have "Enabled" Oracle Database Vault in your Database this could cause a problem
Solution is Disable Oracle Database Vault
SQL>exec dbms_macadam.disable_dv;
Restart the Database
SQL>create user test identified by test;
User created
SQL>
Oracle Database Vault
Introduction
Oracle Database Vault is part of Oracle Database Security feature that provides powerful security controls to protect application data from unauthorized access
It can restrict access to areas in Oracle Database for any user and also who have administrative access such as DBA or SYSDBA
With Oracle Database Vault, one can address the most difficult security problems prevailing today: protecting against insider threats, meeting regulatory compliance requirements and enforcing separation of duty
It enables data users to apply fine-grained access control to their sensitive data in a variety of ways.
It hardens ones Oracle Database instance and enforces industry standard best practices in terms of separating duties from traditionally powerful users
For example, one can restrict administrative access to salaries, financial data of employees, medical records of employees or customer or other such sensitive information
DBA's can configure Oracle Database Vault to manage security of an individual Oracle Database instance
Installation of Oracle Database Vault can be done on standalone Database, multiple Oracle Homes and also in Oracle RAC environments
Privileges
Oracle Database Vault (ODV) provides set of database roles which enable Oracle Users to perform specific tasks
Most commonly roles are "DV_ADMIN" and "DV_OWNER" which enables one to create and manage policies of ODV
"DV_ACCTMGR" enables one to manage Oracle User accounts
Oracle Database Vault Access Control Components
Oracle Database Vault enables you to create a set of components to manage security for your database instance.
These components are as follows:
Realms
A realm is a protection zone inside the database where database schemas, objects and roles can be secured
For example: One can secure a set of schemas, objects and roles that are related to accounting, sales or human resources.
After one have secured these into a realm, one can use the realm to control the use of system and object privileges to specific accounts or roles.
This enables one to provide fine-grained access controls for anyone who wants to use these schemas, objects and roles.
Command rules
A command rule is a special security policy that you can create to control how users can execute almost any SQL statement, including SELECT, ALTER SYSTEM, Database Definition Language (DDL) and Data Manipulation Language (DML) statements.
Command rules must work with rule sets to determine whether the statement is allowed.
Factors
A factor is a named variable or attribute, such as a user location, database IP address or session user which Oracle Database Vault can recognize and use.
One can use factors in rules to control activities such as authorizing database accounts to connect to the database or execution of a specific database command to restrict the visibility and manageability of data.
Each factor can have one or more identities.
An identity is the actual value of a factor. A factor can have several identities depending on the factor retrieval method or its identity mapping logic
Rule sets
A rule set is a collection of one or more rules that one can associate with a realm authorization, command rule, factor assignment or secure application role.
The rule set evaluates to true or false based on the evaluation of each rule it contains and the evaluation type (All True or Any True)
The rule within a rule set is a PL/SQL expression that evaluates to true or false. One can have the same rule in multiple rule sets
Secure application roles
A secure application role is a special Oracle Database role that can be enabled based on the evaluation of an Oracle Database Vault rule set.
Oracle Database Vault is part of Oracle Database Security feature that provides powerful security controls to protect application data from unauthorized access
It can restrict access to areas in Oracle Database for any user and also who have administrative access such as DBA or SYSDBA
With Oracle Database Vault, one can address the most difficult security problems prevailing today: protecting against insider threats, meeting regulatory compliance requirements and enforcing separation of duty
It enables data users to apply fine-grained access control to their sensitive data in a variety of ways.
It hardens ones Oracle Database instance and enforces industry standard best practices in terms of separating duties from traditionally powerful users
For example, one can restrict administrative access to salaries, financial data of employees, medical records of employees or customer or other such sensitive information
DBA's can configure Oracle Database Vault to manage security of an individual Oracle Database instance
Installation of Oracle Database Vault can be done on standalone Database, multiple Oracle Homes and also in Oracle RAC environments
Privileges
Oracle Database Vault (ODV) provides set of database roles which enable Oracle Users to perform specific tasks
Most commonly roles are "DV_ADMIN" and "DV_OWNER" which enables one to create and manage policies of ODV
"DV_ACCTMGR" enables one to manage Oracle User accounts
Oracle Database Vault Access Control Components
Oracle Database Vault enables you to create a set of components to manage security for your database instance.
These components are as follows:
Realms
A realm is a protection zone inside the database where database schemas, objects and roles can be secured
For example: One can secure a set of schemas, objects and roles that are related to accounting, sales or human resources.
After one have secured these into a realm, one can use the realm to control the use of system and object privileges to specific accounts or roles.
This enables one to provide fine-grained access controls for anyone who wants to use these schemas, objects and roles.
Command rules
A command rule is a special security policy that you can create to control how users can execute almost any SQL statement, including SELECT, ALTER SYSTEM, Database Definition Language (DDL) and Data Manipulation Language (DML) statements.
Command rules must work with rule sets to determine whether the statement is allowed.
Factors
A factor is a named variable or attribute, such as a user location, database IP address or session user which Oracle Database Vault can recognize and use.
One can use factors in rules to control activities such as authorizing database accounts to connect to the database or execution of a specific database command to restrict the visibility and manageability of data.
Each factor can have one or more identities.
An identity is the actual value of a factor. A factor can have several identities depending on the factor retrieval method or its identity mapping logic
Rule sets
A rule set is a collection of one or more rules that one can associate with a realm authorization, command rule, factor assignment or secure application role.
The rule set evaluates to true or false based on the evaluation of each rule it contains and the evaluation type (All True or Any True)
The rule within a rule set is a PL/SQL expression that evaluates to true or false. One can have the same rule in multiple rule sets
Secure application roles
A secure application role is a special Oracle Database role that can be enabled based on the evaluation of an Oracle Database Vault rule set.
Error: Views\Synonyms required for XA transaction support are missing in this Database 12c
To resolve the above issue, follow below steps:-
As SYS user, enable Oracle database for XA by performing the following steps:
sqlplus / as sysdba
sqlplus / as sysdba
SQL>@$ORACLE_HOME/javavm/install/initxa.sql
PL/SQL procedure successfully completed.
Execute $ORACLE_HOME/rdbms/admin/xaview.sql
SQL> @xaview.sql DROP VIEW v$xatrans$ * ERROR at line 1: ORA-00942: table or view does not exist DROP VIEW v$pending_xatrans$ * ERROR at line 1: ORA-00942: table or view does not exist View created. View created.
SQL>
RCU-6083:Failed - Check prerequisites requirement for selected component:OIM
Error: XDB is installed on the database with some errors. Objects in XDB schema are in unusable \ invalid state
1) Check for Invalid objects of XDB Schema
Login to Oracle Database as sysdba
SQL> select * from dba_objects where status='INVALID' and owner='XDB';
It will return Invalid Objects
Then we need to compile those invalid objects
SQL> exec dbms_utility.compile_schema(schema=>'XDB');
Again check for Invalid Objects
SQL> select * from dba_objects where status='INVALID' and owner='XDB';
If there is no Data return by this Select Statement then all Invalid objects are compiled
Error: Oracle TEXT is installed on the database with some errors. Objects in CTXSYS schema are in unusable\invalid state.
1) Check for Invalid objects of CTXSYS Schema
Login to Oracle Database as sysdba
SQL> select * from dba_objects where status='INVALID' and owner='CTXSYS';
It will return Invalid Objects
Then we need to compile those invalid objects
SQL> exec dbms_utility.compile_schema(schema=>'CTXSYS');
Again check for Invalid Objects
SQL> select * from dba_objects where status='INVALID' and owner='CTXSYS';
If there is no Data return by this Select Statement then all Invalid objects are compiled
1) Check for Invalid objects of XDB Schema
Login to Oracle Database as sysdba
SQL> select * from dba_objects where status='INVALID' and owner='XDB';
It will return Invalid Objects
Then we need to compile those invalid objects
SQL> exec dbms_utility.compile_schema(schema=>'XDB');
Again check for Invalid Objects
SQL> select * from dba_objects where status='INVALID' and owner='XDB';
If there is no Data return by this Select Statement then all Invalid objects are compiled
Error: Oracle TEXT is installed on the database with some errors. Objects in CTXSYS schema are in unusable\invalid state.
Login to Oracle Database as sysdba
SQL> select * from dba_objects where status='INVALID' and owner='CTXSYS';
It will return Invalid Objects
Then we need to compile those invalid objects
SQL> exec dbms_utility.compile_schema(schema=>'CTXSYS');
Again check for Invalid Objects
SQL> select * from dba_objects where status='INVALID' and owner='CTXSYS';
If there is no Data return by this Select Statement then all Invalid objects are compiled
Uninstall JAVA / JDK in Linux
Login as "root" user
Check the JAVA version
java -version
Query JDK / Java
rpm -qa | grep jdk
or
rpm -qa | grep java
Uninstall / remove JDK / JAVA
yum -y remove jdk*
or
yum -y remove java<version name>
ORA-00119: invalid specification for system parameter LOCAL_LISTENER
I’ve recently installed an Oracle 12c Release 2 database on Linux and when I bounce the database (using the Shutdown and Startup commands), the database is unable to start
SQL> startup
ORA-00119: invalid specification for system parameter LOCAL_LISTENER
ORA-00132: syntax error or unresolved network name 'LISTENER_LAB11'
This is due to the lack of a LOCAL_LISTENER, that must be defined in the TNSNAMES.ORA, according to the Oracle Database Reference 12cR2:
LOCAL_LISTENER specifies a network name that resolves to an address or address list of Oracle Net local listeners
(that is, listeners that are running on the same machine as this instance)
The address or address list is specified in the TNSNAMES.ORA file or other address repository as configured for your system.
So, in your TNSNAMES.ORA (not in LISTENER.ORA) you must define this entry for the local listener:
LISTENER_LAB11.WORLD =
(ADDRESS = (PROTOCOL = TCP)(HOST = toralin1)(PORT = 1521))
And now you can startup the database. Be sure to set the .WORLD if you have the parameter NAMES.DEFAULT_DOMAIN set at SQLNET.ORA
You can learn more about the LOCAL_LISTENER in this excellent post of Ed Stevens: Exploring the LOCAL_LISTENER parameter
SQL> startup
ORA-00119: invalid specification for system parameter LOCAL_LISTENER
ORA-00132: syntax error or unresolved network name 'LISTENER_LAB11'
This is due to the lack of a LOCAL_LISTENER, that must be defined in the TNSNAMES.ORA, according to the Oracle Database Reference 12cR2:
LOCAL_LISTENER specifies a network name that resolves to an address or address list of Oracle Net local listeners
(that is, listeners that are running on the same machine as this instance)
The address or address list is specified in the TNSNAMES.ORA file or other address repository as configured for your system.
So, in your TNSNAMES.ORA (not in LISTENER.ORA) you must define this entry for the local listener:
LISTENER_LAB11.WORLD =
(ADDRESS = (PROTOCOL = TCP)(HOST = toralin1)(PORT = 1521))
And now you can startup the database. Be sure to set the .WORLD if you have the parameter NAMES.DEFAULT_DOMAIN set at SQLNET.ORA
You can learn more about the LOCAL_LISTENER in this excellent post of Ed Stevens: Exploring the LOCAL_LISTENER parameter
Subscribe to:
Posts (Atom)
How to fix: ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)
Open your terminal and type mysql -u root -p Enter your password. Hopefully your MySQL is logged in now.
-
My Oracle application have stopped transferring data to another table. After doing a bit of troubleshooting,I have narrowed the issue down...
-
You can run 'ANALYZE INDEX VALIDATE STRUCTURE' command on the affected indexes; each invocation of this command creates a single r...
-
This error occurs when installing Oracle Client_32 bit on Windows 64 bit Server To resolve this error, delete Registry Entry " in...