ORACLE ADVANCE DBA

   Database Credentials in Oracle Wallet When managing Oracle Databases, storing user credentials in plain text inside scripts is a major security risk. Oracle provides a secure solution with Oracle Wallet , which allows you to store database credentials in an encrypted location. Once configured, applications and utilities like Data Pump or JDBC can connect without requiring a clear-text password. This blog walks through the step-by-step procedure to store database credentials in Oracle Wallet and use it securely. Overview The Oracle Wallet securely stores database credentials, eliminating the need to expose passwords in scripts. Multiple credentials can be stored in a single wallet. Supports auto-login , meaning applications don’t need a password to access it. OS file permissions ensure security. In this example, a non-Oracle binary owner OS user ( bidhan ) is used to create the wallet. Example usage: Data Pump with Wallet nohup expdp /@BSA1EP directory=...

  Oracle 19c Active Data Guard Switchover Procedure Oracle Active Data Guard provides high availability and disaster recovery by allowing seamless role transitions between the primary and standby databases. A switchover is a planned role reversal where the primary database becomes the standby, and the standby takes over as the new primary without data loss. This guide covers the step-by-step procedure for switchover in Oracle 19c Active Data Guard . 1. Pre-Checks Before initiating a switchover, ensure both databases are synchronized and healthy. On both primary and standby : SELECT DATABASE_ROLE, OPEN_MODE FROM V$DATABASE; Primary should show: PRIMARY , READ WRITE Standby should show: PHYSICAL STANDBY , READ ONLY WITH APPLY or MOUNTED Also, confirm there are no active sessions or long-running transactions on the primary. 2. Verify Log Transport and Apply Ensure redo logs are being shipped and applied correctly. On Primary : SELECT DEST_ID, STATUS, ERRO...

  Oracle 19c Active Data Guard Configuration on Linux – Step by Step Oracle Active Data Guard provides high availability, data protection, and disaster recovery by maintaining a synchronized copy of the primary database on a standby system. In this guide, we will configure Oracle 19c Active Data Guard between two Linux servers. 1. Environment Setup Primary Database : primary.localdomain (192.168.0.187) Standby Database : standby.localdomain (192.168.0.188) Update /etc/hosts on both servers: 192.168.0.187 primary.localdomain primary 192.168.0.188 standby.localdomain standby Disable firewall & SELinux (if required): systemctl stop firewalld setenforce 0 2. Enable FORCE LOGGING & ARCHIVELOG Mode on Primary On the Primary Database : ALTER DATABASE FORCE LOGGING; ARCHIVE LOG LIST; If not in ARCHIVELOG mode: SHUTDOWN IMMEDIATE; STARTUP MOUNT; ALTER DATABASE ARCHIVELOG; ALTER DATABASE OPEN ; 3. Configure Primary Initialization Parameters Update the paramete...

  Introduction to Oracle Fusion General Ledger (GL) Oracle Fusion General Ledger is the core financial component of the Oracle Fusion Cloud Financials suite. It delivers a modern, highly configurable, and scalable accounting system designed to meet global business needs. Whether you’re part of a multinational enterprise or a growing organization, Oracle Fusion GL provides the foundation for accurate, real-time financial reporting and decision-making. Key Features of Oracle Fusion General Ledger 1. Multi-Dimensional Accounting Oracle Fusion GL introduces a multi-dimensional chart of accounts using segments. Each transaction is recorded with rich context, such as: Company Cost Center Account Product Location This allows flexible and powerful financial analysis. 2. Ledgers and Ledger Sets Fusion GL supports: Primary Ledgers for actual accounting Secondary Ledgers for statutory or management reporting Ledger Sets for consolidating reporting acros...

Configure Oracle Database Vault Realms to Secure the HR Schema Oracle Database Vault (DV) is a powerful security feature that enables fine-grained access control by enforcing security policies that protect sensitive data. One of the most important components in Database Vault is the Realm , which creates a security boundary around database objects to prevent unauthorized access — even by highly privileged users. In this blog, we’ll walk through the step-by-step process of configuring a Realm to secure the HR schema in an Oracle Database 19c environment. You’ll learn how to: Create a Realm Add objects to it Restrict access Enable auditing for security tracking What is a Realm? A Realm in Oracle Database Vault defines a logical security boundary around one or more database objects. Once a Realm is in place, no one — not even privileged users like DBAs — can access the protected objects without being explicitly authorized. Realms are ideal for: Securing sensitive ap...

Configure Oracle Database Vault on Oracle CDB$ROOT Oracle Database Vault (DV) strengthens the security posture of the Oracle database by enforcing separation of duties and restricting access, even for highly privileged users. While DV is often configured at the PDB level , enterprise environments typically require securing the CDB$ROOT itself to protect the entire multitenant architecture. This blog walks through the complete process of enabling and verifying Oracle Database Vault on CDB$ROOT in an Oracle 19c environment. Step 1: Verify DV and OLS Status Before starting, check if Database Vault and Oracle Label Security (OLS) are installed and verify their status. sql COL DESCRIPTION FORMAT A40 SET LINES 900 SELECT * FROM SYS.DBA_DV_STATUS; SELECT * FROM DBA_OLS_STATUS; If the components are not installed, install them using DBCA or the Oracle-provided scripts. Step 2: Create DV Owner and Account Manager Users You must create common users to manage Database Vault. The...

  Configure Oracle Database Vault for a Pluggable Database (PDB1) Oracle Database Vault (DV) adds a critical layer of security to Oracle Databases by enabling strong access control and separation of duties. When working in a multitenant environment, it's essential to configure DV specifically for each Pluggable Database (PDB) where protection is required. This guide outlines the complete steps to enable and verify Database Vault in PDB1 , including the assignment of privileged users and schema verification. Step 1: Connect to the Target PDB Start by switching your session to the target pluggable database where DV needs to be enabled. sql ALTER SESSION SET CONTAINER = pdb1; Step 2: Verify DV and OLS Installation Ensure that Database Vault (DV) and Oracle Label Security (OLS) are installed and available in the PDB. sql SELECT * FROM SYS.DBA_DV_STATUS; SELECT * FROM DBA_OLS_STATUS; These views should return status information such as ENABLED , DISABLED , or NOT C...

  Creating a User in a Database Vault-Protected Oracle PDB Oracle Database Vault (DV) significantly tightens security by restricting privileged users—even DBA roles—from performing certain operations unless explicitly authorized. One such restriction is creating users in a DV-enabled Pluggable Database (PDB) . This article demonstrates how to properly create a new user ( SCOTT ) in such an environment using the DV Account Manager user .  Background In a standard Oracle environment, a user with DBA or SYSDBA privileges can easily create users. However, once Database Vault is configured and enabled, these privileges are no longer sufficient unless the user is explicitly granted DV-specific roles , like: DV_OWNER DV_ACCTMGR Let’s walk through a real-world scenario where an attempt to create a user fails due to DV restrictions , and how to fix it using the correct privileged user. Initial Attempt — Access Denied First, we switch to the target PDB ( pdb1 ) and...