Oracle DBA
Uploaded by
api-3702030Oracle DBA
Uploaded by
api-3702030Oracle Database Administration I
Lesson 1
Oracle Server Architecture
Overview
u Set of data to store and access information
u Based on a relational model of rows and columns stored in tables
u Also Object-oriented (OO) structures
n Abstract datatypes and methods
u Contains these components:
n Physical
n Memory
n Process
Oracle’s Overall Role
u Retrieve data
u File I/O
u Space Management
u Change Management
u Access Management
Oracle Database Administration I
1
Database Structure
u Data file(s)
u Control file(s)
u Redo logs
u Init.ora (spfile.ora – 9i)
u Trace
u Alert log
u Password
Instance Structure
u Memory structures are allocated
n Collectively known as System Global Area.
n 95% defined by data block buffer cache, Shared SQL Pool, Large Pool
and Java Pool.
u Oracle background processes are started.
u Single database accessible by multiple instances – RAC (Real
Application Cluster) a.k.a. parallel server
Instance Defined
u Defined by initialization parameter(s) that determine the size
and composition
u Can be dynamically altered
u initSID.ora (ascii file)
u spfileSID.ora (binary file)
u configSID.ora (usually only used to create a database – not
widely used)
Oracle Database Administration I
2
Oracle Instance
u Composed of:
n SGA (System Global Area)
n PGA (Program Global Area)
n Oracle BACKGROUND processes
System Global Area (SGA)
u Shared memory region allocated by Oracle for an
Oracle database
u Allocated when the Oracle database is started
u The SGA should be in non-paged, non-swapped
memory
SGA Composition
u Buffer cache
u Shared SQL Pool
u Large pool (optional)
u Java pool
u Redo log buffer
u Dictionary cache
u Other miscellaneous items
Oracle Database Administration I
3
PGA Composition
u Non-shared memory area to which a process
(server or background) can write
u Allocated by Oracle when a user connects to an
Oracle database and a session is created
10
Oracle Instance
u Required Background Processes:
n DBWn
n LGWR
n SMON
n PMON
n CKPT (9i)
11
Oracle Instance
u Optional Background Processes:
(not all inclusive)
n ARCn
n CKPT (prior to 9i)
n RECO
n Lock (LCK0)
n Job Queue (SNPn)
n Queue Monitor (QMNn)
n Dispatcher (Dnnn)
n Server (Snnn – for dedicated MTS servers)
12
Oracle Database Administration I
4
Oracle Instance
More Details
SGA
u Buffer Cache
u Redo Log BUFFER
u Shared SQL Pool
u Dynamic (as of Oracle 9i)
14
Dynamic SGA
u Defined in Granules
n SGA < 128mb 4mb size
n SGA > 128mb 16mb size
u Can be modified on the fly (9i)
u Establish an overall maximum
u Initially allocated – 4 for small, 3 for large
(fixed SGA, buffer cache, Shared pool)
15
Oracle Database Administration I
5
Data Buffer Cache Structure
u Can be defined in two ways:
n By block db_block_buffers
n By byte db_cache_size
u Was divided into blocks the same size as the blocks in the
datafiles
u As of 9i, multiple buffer cache introduced (depends on
block size of each tablespace)
u Size and number defined in the initialization Parameter File
u Holds copies of data blocks read from disk
16
Data Buffer Cache Contents
u Stores the most recently accessed BLOCKS OF DATA
u Contains PINNED buffers
n Data being accessed
u Contains DIRTY buffers
n Data that has been MODIFIED, but not written to disk
u FREE buffers
u Two lists, write and LRU
17
REDO Log Buffers
u Stores the REDO ENTRIES (changes to the database)
u Default is four times the OS block size
u Larger reduces log I/O and uncommented redo to online
redo logs
u Changed data is moved from the database buffer cache to
the redo log buffer then to the redo log files
18
Oracle Database Administration I
6
Shared Pool
u Can be dynamically modified (9i)
u Must be an integer multiple of the granule size
u Oracle will round up if not
u Managed by LRU algorithm
u Contains:
n Library Cache
n Data Dictionary Cache
n Control structures
n Reusable Runtime Memory
19
Shared Pool
20
Shared Pool
u Library Cache
n SHARED by all users for commonly used SQL
statements
n Shared and Private SQL areas for executed
statements
n PL/SQL Procedures and Packages
n Allocation and Reuse of Memory
21
Oracle Database Administration I
7
Library Cache
u Shared SQL
n PARSE TREES for SQL statements
n EXECUTION plans for SQL statements
n Size dependent on complexity
u Private SQL
n Each session has one
n Persistent and Runtime areas
n Cursors
22
Library Cache
u PL/SQL Program Units
n Procedures, functions, Packages, anonymous blocks and
database triggers
u Allocation and Reuse of Memory
n Every SQL statement submitted, Oracle automatically allocates
memory
u Checks for existence
u Allocate private SQL area
u May flush the shared pool
23
PGA
24
Oracle Database Administration I
8
PGA
u Varies depending if dedicated or Shared servers (MTS) are
used
u Stack space
u Session information (PGA verses Shared Pool)
u Memory allocated to hold a session’s variables and arrays
u Automatically managed in 9i with the SQL memory
management
25
Questions
u What is the name of Oracle’s memory structure?
u What are its contents?
u How is it divided?
u If I have 150 mb SGA, why does Oracle change the size?
u Can you vary sizes of Oracle blocks?
n If so, how?
26
Oracle Database
u Composed of two structures:
n Physical (Operating System view)
n Logical (Oracle’s view)
27
Oracle Database Administration I
9
Physical View
Files
Physical Structure
u Made up of:
n Data files
n Redo Log Files – two or more with members
n One or more Control Files
n One Parameter File
n Trace and alert log files
n One Password file
29
Datafile
u Disk space for a tablespace
u One or more per tablespace
u Associated with only one tablespace
u Consists of segments:
n UNDO, Temporary, Data, index, undo, LOB and cache (for the most
part)
30
Oracle Database Administration I
10
Redo Log Files
u Characteristics
n Record changes made to the data by various transactions
n Help RECOVER the data in case of a failure
n Streamline the process of how data is written to disk
31
Control Files
u Record of the overall architecture and status of the
database
u Easily moved and recovered
u Contain the following:
n Database NAME
n Datafiles NAMES and LOCATIONS
n Redo log file NAMES, Log sequence number and LOCATIONS
32
Parameter File
u Attributes of an instance are defined through an Oracle
Parameter File
u Determines the size and characteristics of the instance
u Stored in an ASCII file or housed with the database in a
binary file
33
Oracle Database Administration I
11
Parameter File
u The only Oracle file that is ASCII
u All other files are binary and not directly
changeable by the DBA
u Read-only when the instance starts
n Most changes require a stop and restart of the
instance
34
Trace and Alert Logs
u Trace files contain information about significant
events
u Alert log records the commands and results of
major events in the life of the database
n Monitor daily
n Rename for historical purposes
35
Logical View
Structures
Oracle Database Administration I
12
Logical View Structures
u Tablespace(s)
u Schema objects
u Segments
u Extents
u Data blocks
37
Tablespace(s)
u Logically divides a database
u One or more datafiles are explicity created for each one
u Logically divided into segments that are further divided into
extents and blocks
u Can be defined as read-only
u A unit of space to store a schema’s objects
38
Object(s)
u Schema(s)
n A collection of objects owned by one Oracle user
u Object(s)
n Tables, indexes, views, sequences, stored
procedures, functions, packages, UNDO segments
39
Oracle Database Administration I
13
Extents and Blocks
u A collection of the smallest object in a database
u An extent can be of a varying size
u Extents MUST be contiguous
u Blocks are the finest collection of space in an
Oracle database
40
Questions
u What are the physical files of a database system?
u What are the logical entities of a database?
u What is the smallest structure?
u Which structure MUST be contiguous?
u Which structure will tell you event information?
41
Background Processes
Review
Oracle Database Administration I
14
Background Processes
n Every instance has BACKGROUND PROCESSES
n BACKGROUND PROCESSES perform I/O, handle
process cleanup and monitor the ORACLE database
n Provide support, increase performance, assist in
recovery and make the database more reliable
43
Background Processes
u DBW0 (DBWn)
u LGWR
u PMON
u SMON
u CKPT
u ARCn
44
Database Buffer
u After the changed data (redo entries) are written to the
online redo log files, the changed data will be written to disk
u These changed data are called ‘dirty’
u Dirty data are moved to the ‘write’ list
u Dirty data can be on the ‘write’ list and on the LRU list
45
Oracle Database Administration I
15
DBWn
u At some time after the redo entries have been
written into the online redo logs, the database
writer (DBWn) writes the dirty buffer back to the
database
u This is called ‘delayed write’ and is based on
initialization parameters
46
DBWn (Database Writer)
u Can have one or more running
n Only available on systems with
Asynch I/O
n Can use I/O slaves to duplicate the above on
systems without it
u Performs all WRITES to the database
n Keeps the BUFFER CACHE clean and free
47
When does the DBWR write?
u The dirty list reaches a threshold length
u A DBWR timeout
u LGWR issues a checkpoint
48
Oracle Database Administration I
16
LGWR (Log Writer)
u Writes the REDO log entries (located in the REDO
LOG BUFFER) to the REDO LOG files
u Only the changed data, not the entire Oracle
block(s) is written to the redo logs
u Issues checkpoints
49
Online Redo Log Files
u The online redo log files hold the
‘redo entries’
u Only the changed bytes are written to the online
redo log file
u The entire data block is not written to these logs
50
Online Redo Log Files
u There is a fixed number of online redo log file
groups
u Defined at database creation time
u Can add or drop groups or members (discussed
later)
51
Oracle Database Administration I
17
Online Redo Log Files
u Redo log file groups cycle
u If there are three redo log file groups:
n When the first group is full, LGWR starts writing to
the second group
n When the second group is full, LGWR writes to the
third group
n When the third group is full, LGWR writes to the first
group
52
LGWR (Log Writer)
u What causes the LGWR to clear the REDO LOG BUFFER
and transfer the transactions to disk?
n When a user process COMMITS a TRANSACTION
n TIME-OUT (caused every three seconds)
n When the redo log buffer becomes 1/3 FULL
n When the DBWR writes the dirty buffers to disk
53
LGWR (Log Writer)
u LGWR can be bypassed
n Use the UNRECOVERABLE ‘key word’
n This is to be used very carefully. No redo entries will
ever exist after this point
n Best used for temporary object creation
54
Oracle Database Administration I
18
PMON
u Cleans up after failed server processes by releasing system
resources
u FREEs resource locks
u Rolls back aborted processes
u Restarts dispatchers and shared-server processes
55
SMON
u INSTANCE RECOVERY performed at startup
u CLEANS up temp segment(s) no longer in use
u Can coalesce fragmented tablespaces
56
CKPT
u Updates the header record of the data files with a SCN
(System Change Number)
u This SCN is used for synchronization of all files
u Does this on behalf of the LGWR
u Can be a source of I/O contention with the LGWR
57
Oracle Database Administration I
19
Archive Mode
u Saves the online redo log files as archived redo
log files
u A database in archive log mode can be restored to
the last committed transaction
u Production databases are run in archive log mode
58
ARCn
u Copies the REDO logs to the ARCHIVE storage
when the REDO logs become filled
n Process was optional before 9i, but now is
automatically started when archivelog mode is set.
n Must be turned on
59
ARCn
u ARCn copies a filled online redo log file to an
archived redo log file
u ARCn gives each archived redo log file a unique
name
u ARCn must be finished copying the online redo
log before it is overwritten
60
Oracle Database Administration I
20
Process Questions
u Which process can cause the DBWR to write to
disk?
u Which process can coalesce the free space in a
tablespace?
u Which process ‘wakes up’ to take care of shared
servers?
61
How does this all fit together?
Instance and Database
u The instance is started
u The instance mounts the database
u The database opens
n Users may now use the database
63
Oracle Database Administration I
21
User Process
u In network access mode (web or client/server), a user
process utilizes the Transparent Network Substrate (TNS)
that allow the client applications (i.e., ORACLE tools) to
communicate with the server processes
u Initiates a session on the PC that connects to a dedicated
server process
64
Session
u The activity of a user from the time the user
connects to the database to the time the user
disconnects from the database
u Can execute multiple transactions
65
User Starts Transaction
u A user application on the PC talks to SQL*Net
u SQL*Net talks to the user server process
u The server process ‘parses’ the SQL statement
and validates it
66
Oracle Database Administration I
22
A Transaction is Started
u A logical unit of work
n One or more SQL statements that must all be saved
(committed) or discarded (rolled back) as a group
u Begins with the first executable SQL statement
67
A Transaction is Started
u Ends with a COMMIT or ROLLBACK SQL
statement
n Explicitly with a COMMIT or ROLLBACK
n Implicitly when a DDL statement is issued
u The EXIT statement will do a commit by default
68
Dedicated Server
• Assume for now that we have a Dedicated Server
Architecture
(Multi Threaded Server, MTS will be discussed later)
n Each user has one server process
n Each server process works for only one user
n Session information is stored in the PGA
69
Oracle Database Administration I
23
Dedicated Server
u The user process on the PC communicates to the
server through Oracle’s SQL*NET
u A network listener process is created
u A dedicated server process is created
70
Server Process
u An OS process that works on behalf of the user
u Reads the data from disk into the buffer cache
u Communicates with the database for the user
n User processes do not connect directly to the database
71
What does the server process do?
Oracle Database Administration I
24
SGA Activity
u The server process reads data from the database
datafiles and stores it into the data buffer cache
u The user SQL statement changes the data in the
data buffer cache
73
PGA (Program Global Area)
u An area in memory that contains data and controls
information for a single user
n Memory is ALLOCATED when a user process connects to the
database
n Extra memory is allocated for session management if in
dedicated server mode
74
PGA (Program Global Area)
u What does the PGA hold?
n Variables
n Arrays
n Other User information for a particular user
75
Oracle Database Administration I
25
Physical and Logical reads
u Physical reads get data from the datafiles
u Logical reads get data from memory (The SGA
data buffer cache)
u All managed by the server process(es)
76
The SQL Statement
u The server process receives the SQL statement. Processed
either by:
n If an identical SQL statement is found in the shared pool, it uses it
n If not found in the shared pool, a new shared SQL area is allocated
u There are three phases to a SQL statement:
n PARSE, EXECUTE and FETCH
77
PARSE
u CHECKS the statement for syntactic and semantic validity
n Data Dictionary
u Ensures the processes issuing the command has the
RIGHTS to execute the command
u ALLOCATES a private SQL area for the statement ( PGA )
u SCANS existing SQL area for matching statement
78
Oracle Database Administration I
26
PARSE TREE
u Method Oracle uses to find the specific data in the
database
n Two Types
u Cost Optimization
u Rule Optimization
n Banner uses rule
79
EXECUTE
u Will only execute if the PARSE is successful
u APPLIES the PARSE TREE to the data
u PERFORM physical and logical reads
80
EXECUTE
u CHANGES data where necessary
u Performs constraint CHECKING
u FETCH RETURNS rows of data for a SELECT
statement
81
Oracle Database Administration I
27
UNDO Segments
u The data before it was changed is written to the
UNDO segments
n These segments are in a tablespace
u If the user rolls back the data, the UNDO segments
are used to restore the old data
82
Redo Log Buffer
u The changed data is placed in the redo log buffer
u If the data is committed, the LGWR writes the
changed data to the online redo log files
u The commit is completed after the data is written
to the redo log
83
SGA Review
Buffer Cache
Shared Pool
Redo Log Buffer
Oracle Database Administration I
28
Buffer Cache
u Consists of buffers the size of the data blocks (only option
prior to 9i) or in bytes
u Two purposes:
n To improve performance for repeated statements usage
n To allow users to make changes quickly in memory
u Contains two lists:
n LRU
n WRITE
85
LRU (Least Recently Used)
u Data retained in SGA is by time order
n Newest to oldest information
n Longer it sits, older it becomes
n When new space is needed or a CKPT (checkpoint) has
occurred:
u DIRTY buffers are written to disk and removed from memory
u Oldest data in the SGA can be written over
86
Parts of the Buffer lists
u FREE
n Empty section of memory ready for data
u DIRTY
n Section of memory that CONTAINS data that has been modified,
but not yet written to disk
u PINNED
n Data that is currently in use and has been locked
87
Oracle Database Administration I
29
Redo Log Buffer
u Written to when a user modifies data
u The server process moves the changed data from user
memory to this buffer
u Contains only the redo entries
u LGWR writes the redo entries to the online redo log file
88
Shared Pool
u Has two mandatory structures:
n Library Cache
n Dictionary Cache
u One optional structure
n Large Pool
89
Mandatory Contents
u Data Dictionary cache (also called
row cache)
n Dictionary row information recently accessed
u Library cache
n Parsed statements
n Execution plans
90
Oracle Database Administration I
30
Read Consistency
How Oracle maintains a ‘Consistent’ view of the
data for each transaction
UNDO Segments
u Main purpose
n Read consistency
n Transaction rollback
u User initiated ROLLBACK
u Abnormal termination
u Abnormal database termination
92
UNDO Segments
u Contains
n Block Information
n File names and block ID
n Data as it existed before a transaction
n Transaction numbers
93
Oracle Database Administration I
31
UNDO (Rollback) Segments
u Stores the data before it was changed by a
transaction
u If the user cancels a transaction (rolls back the
data), the UNDO segments are used to restore the
old data
u Discussed in a later section
94
UNDO Segments
u Record the transaction that occurred on the data
n Should an error occur during a modification of data,
the record retained by the UNDO SEGMENT will
restore the data prior to the modification attempt
95
Read Consistency
u Ensures data seen by a statement is consistent
with respect to a point-in-time
u Even data changed by another transaction is not
seen during the transaction
96
Oracle Database Administration I
32
Read Consistency
u Basic principles
n Readers can not lock data blocks
n Readers can not block other readers
n Readers can not block writers
n Writers can not block readers
n Writers can block writers
97
COMMIT
u When a statement is executed and saved
u Can be explicitly or implicitly commited
u Ends the current transaction
u Generates a System Change Number (SCN)
98
COMMIT
u What happens when a COMMIT is made?
n Modification becomes PERMANENT
n A copy of the transaction is placed in the REDO
BUFFER
n Redo buffer is FLUSHED to the REDO LOGS
99
Oracle Database Administration I
33
COMMIT
u When a COMMIT is made:
n User is NOTIFIED
n Resource locks are RELEASED
n DBW0 may WRITE the data back to the database file
u Note: Issuing a COMMIT does not guarantee that a
transaction has been written back to the DATAFILE
100
Redo Log Files
u When a REDO BUFFER is flushed, its information
is stored in the REDO LOG FILES
n Hold records of all transactions that have been
applied to the database
n With these entries, a database can be reconstructed
during a database crash
101
Redo Log Files
u REDO LOG FILES
n REDO LOG FILES are circular
n When a transaction is COMMITTED (data modified), the LGWR
transfers the statement from the REDO LOG BUFFER to the
REDO LOG FILES
n A SCN (System Change Number) is also associated to each
COMMITTED transaction that is written to a REDO LOG FILE
102
Oracle Database Administration I
34
Redo Log Files
u When a REDO LOG FILE becomes full, the LGWR
moves to the next file
n If there are no new REDO LOG FILES, the old files
are reused
n If these other files were not archived, all data before
this point can no longer be recovered
103
Archiving Redo Logs
u If ARCHIVELOG is ENABLED, redo log files can be
stored
u Archiving can be duplexed
u Standby databases can use these same archives
104
Checkpoint Variables in Parameter
File
u LOG_CHECKPOINT_INTERVAL (will be obsoleted in 10i)
n Number of filled REDO LOG FILE blocks written between
consecutive CHECKPOINTS (OS-dependent)
u NOTE: Do not make this value larger than the REDO LOG
FILE. If it is larger, the CKPT only occurs when switching
logs
u LOG_CHECKPOINT_TIMEOUT
n Maximum amount of time before another CHECKPOINT occurs
(default 900 sec)
u LOG_CHECKPOINT_TO_ALERT
n Puts the checkpoint information in the alert_SID.ora file.
105
Oracle Database Administration I
35
SWITCHING LOG FILES
u Occur in Two ways
n Filled REDO LOG
n Forced by DBA with the ALTER SYSTEM SWITCH
LOGFILE command
106
Multiplexing Redo Log Files
u Increase the security of the Oracle database
n Groups must contain identical sets of logfiles (names should
be different)
n Place on different disks to help increase the REDO LOG files
chances of survival should there be a computer failure
n When the REDO buffers are flushed to the REDO LOG files, the
information to be stored is mirrored to a log file in both groups
107
Multiplexing Redo Log Files
1,3,5,..
A_LOG1 B_LOG1 Group 1
LGWR
A_LOG2 B_LOG2
Group 2
2,4,6,..
108
Oracle Database Administration I
36
CONTROL FILE
u A binary file that is necessary for the database to
run
n Should remain read/write to the database
n File is constantly updated
u NOTE: It is an excellent idea to have backup copies of
this file, in case something should happen to it
109
CONTROL FILE
u Contains
n DATABASE NAME
n TIMESTAMP of database creation
n TIMESTAMP of last access
n NAMES and LOCATIONS of databases and redo log files
n Current LOG SEQUENCE number
110
TRANSACTION
u Logical unit of work
n One or more SQL statements executed by a single
user
111
Oracle Database Administration I
37
TRANSACTION
u A TRANSACTION starts when a user executes a
SQL statement
u The TRANSACTION ends when:
n SQL statement is COMMITTED
n A user ends the session unexpectedly
n A user EXITS the database
112
TRANSACTION
u The TRANSACTION is aborted when:
n A ROLLBACK occurs
n User TERMINATES
n ABNORMAL user exit
n Processor FAILURE
n Media FAILURE
113
Parameter File
u initSID.ora
u configSID.ora
114
Oracle Database Administration I
38
Data Buffer Cache
Parameters
u DB_CACHE_SIZE (9i)
u Number of blocks in the data block buffer cache (3000 to
10,000)
u Can have five different block sizes
u DB_#K_CACHE_SIZE
u Cannot exceed the MAX_SGA_SIZE
u DB_BLOCK_SIZE (bytes)
u Specifies the size of a Oracle block
u Cannot be changed except by rebuilding the
database/tablespace (2k, 4k or 8k)
115
Log Buffer Parameters
u log_buffer (bytes)
n Default value is:
u 256k
116
Shared Pool Parameter
u Shared_pool_size (bytes)
n 75,000,000 is minimum for Banner
n 250,000,000 or more for production is suggested
117
Oracle Database Administration I
39
Archiving Parameters
u log_archive_start (true / false)
n Starts automatic archiving
u log_archive_dest (directory path)
n The disk location of the archived redo log files
u log_archive_format (format of the name of the
archive redo log files)
118
Archiving Parameters
u Standby_archive_dest
u Log_archive_dest_n
n As of 9i can be up to 10 locations
n (SERVICE=tns_service | LOCATION= local location)
n MANDATORY | OPTIONAL
u Log_archive_dest_state_n
n Used for managing the 1-10 archive destinations
119
Archiving Parameters
u Log_archive_duplex_dest
u Log_archive_min_succeed_dest
n V$archive_dest
n V$archive
n V$logs
120
Oracle Database Administration I
40
Checkpoint Parameter
u Checkpoints should be avoided in an OLTP system like
Banner
u Larger redo log files will reduce checkpoints
u Longer checkpoint intervals, larger redo gaps
n ‘How much are you willing to lose?’
u Parameters
n log_checkpoint_interval (blocks)
n log_checkpoint_timeout (seconds)
u 0 value will turn it off
121
CKPT Background Process
u Background Process that helps LGWR at log switch
u This process updates the data file header files
u CKPT_PROCESS = TRUE
n Used only in Oracle systems prior to 9i
n In 9i, remove this parameter from any init.ora. It will cause an
error.
n Automatically started in 9i
122
Other Banner Parameters
u dml_locks (1500 to 2000)
u processes (number of user plus oracle
background processes)
u open_cursors = 1024 (2048 is better)
u optimizer_mode = rule (Banner requirement)
123
Oracle Database Administration I
41
More to life than a DEDICATED server
Server Configurations
u Three types
n DEDICATED server
n MULTITHREAD server
n COMBINED user/server process
125
DEDICATED server
u Two tasks
n USER process and SERVER process
n If the two processes are on the same machine, the program
interface is handled by the LOCAL MACHINE'S I/O
n If the two processes are on different machines, the program
interface is handled by a COMMUNICATION MECHANISM
(SQL*Net/Net80)
126
Oracle Database Administration I
42
DEDICATED server
127
MULTITHREADED server
u Allows many user processes to share a server
process
n This allows the system resources to be freed, but
can cause decreased response time for heavy users
128
MULTITHREADED Server
Application
Code
Client Workstation
Database Server
Dispatcher Processes
Oracle
Server Code
System Global Area
Request Response
queue Queues
129
Oracle Database Administration I
43
DISPATCHER
u The USER process connects to a DISPATCHER
n The DISPATCHER routes the USER request to the Request
Queue
n The SERVER process checks the queue for new requests
(FIFO)
n The SERVER process then places the response on the calling
dispatcher's response queue, and then back to the application
130
Parameter Settings - MTS
u Mts_servers = n
u Mts_max_servers = n
u Mts_dispatchers =
“(protocol=ipc/tcp) (dispatchers=N)”
u Mts_max_dispatchers = n
131
Summary
u Oracle database
n Data, redo log, control, trace, alert log and parameter files
u Oracle Instance
n The set of background processes which access data, log, and
control files.
n An Oracle Instance is defined by one or more Parameter Files
that is read at startup time
132
Oracle Database Administration I
44
Oracle INSTANCE
u Processes that control
n DATAFILES
n REDO LOG FILES
n CONTROL FILES
133
Physical structure
u One or more DATA files that contain data
u Two or more REDO files
u One or more CONTROL files
u One or more Parameter Files
134
DATAFILE
u How is a DATAFILE used?
n Data is read into stored memory cache
n Can manipulate, view, or change the data
n After you complete the transaction, the data is
written back to the DATAFILE
135
Oracle Database Administration I
45
REDO log files
u When do they help?
n When a system failure has prevented Oracle from
updating DATA
n Allows the transaction to be recalled
n Prevents existing data from becoming corrupted
through an incomplete transaction by restoring the
original information
136
CONTROL FILES
u Why does Oracle need them?
n When an Oracle database is started, the CONTROL
file that is listed first in the parameter file is read
n Identifies the database
n Opens the redo logs to allow the database to
function
137
SETTING BUFFERS
u Parameter File
u Data buffers
n DB_CACHE_SIZE
u Cannot be used with db_block_buffers
u Redo log
n LOG_BUFFER
138
Oracle Database Administration I
46
PGA (Program Global Area)
u MULTITHREADED PGA
n The SGA is responsible for allocating the memory to
the user sessions
u DEDICATED PGA
n PGA allocates the memory to the user sessions as
needed
139
BACKGROUND PROCESSES
u DBWn (Database Writer) u PMON (Process Monitor)
u LGWR (Log Writer) u ARCn (Archiver)
u CKPT (Check Point) u RECO (Recover)
u SMON (System Monitor) u Dnnn (Dispatcher)
u S### (Server) u LCKn (Lock)
140
RECO
u Resolves in-doubt transactions in distributed
database systems
141
Oracle Database Administration I
47
Dnnn
u Used for MULTITHREADED server
n An optional feature
n The Dispatcher is used to TRANSLATE
communications from one protocol to another
142
LCKn
u Used with the PARALLEL (RAC – 9i) server option
n It instantly LOCKS data to prevent data corruption
caused by simultaneous access of data by different
processes
143
CKPT
u Primary goal
n Make sure all modified data buffers get written to files
n FORCES DBWR to clean the BUFFER CACHE
n CAUSES the switching of REDO LOG FILES
n FLUSHES the REDO LOG BUFFER to disk
144
Oracle Database Administration I
48
CKPT
u PROBLEMS
n The CKPT processes will put more overhead on the
server
n May cause a considerable slowdown
u Parameter File
n In 9i, the CKPT process is predefined and started.
n In earlier version, to activate CKPT:
u CHECKPOINT_PROCESS=TRUE
145
Oracle Database Administration I
Lesson 2
Starting and Stopping
an Oracle Instance
Starting and Stopping
an Oracle Database
u Agenda
n Application(s) used in starting a database
n Required environment settings to startup a
database
n Various levels of a database startup and
shutdown
147
Oracle Database Administration I
49
Starting an Oracle Database
u After the installation of Oracle, the DBA
configures, creates and starts a database
for user access
u Before you can create a database, you must
start an application to begin
148
Packages to Use for Startup
u SQLPLUS
u Use a database management tool (Enterprise Manager,
TOAD)
u Scripts
u Oracle Universal Installer
u RMAN (Recovery Manager – not discussed in this course)
149
SQLPLUS
u The replacement for Server Manager (svrmgrl) starting
with release 8.1.5
u With Password file
n Sqlplus /nolog
n Then issue
connect <username>/<syspassword> as sysdba (9i)
n Connect internal as sysdba (8i – to be desupported after
9i)
u Without password file
n Sqlplus “/ as sysdba”
150
Oracle Database Administration I
50
Database Management tools
u Oracle Enterprise Manager (OEM)
n Has become more sophisticated
n Comes with the Enterprise Edition
n Use the Instance Manager as INTERNAL or AS SYSDBA
u TOAD
n Downloadable version - minimal
u Many other types
151
Starting an Oracle Database
u Scripts
n Unix: csh, sh, perl
n VMS: dcl, perl
n NT: perl
u All require several environment variables to be set
prior to running any Oracle application
152
Environment Variable - UNIX
u $ORACLE_HOME
u Set to the directory that Oracle is installed under
u $ORACLE_SID
u Set to the name of the database the DBA wants to
startup/shutdown
u $LD_LIBRARY_PATH
u Set to $ORACLE_HOME/lib
u (optional) $PATH
u Should include $ORACLE_HOME/bin
153
Oracle Database Administration I
51
Setting Environment - UNIX
u Executing the script oraenv, typically located in
/usr/local/bin, automatically sets all environment variables
u Or manually at the command prompt
n Examples
n ORACLE_HOME = /u01/app/oracle/9.0.1/bin
n ORACLE_SID=TEST
u NOTE: Oracle account should set variables in
$ORACLE_HOME/bin with no application-specific definitions
154
Environment Variable - VMS
u ORA_DB
u Directory location for database parameter,
configuration and dump files
u ORA_SID
u Set to the name of the database the DBA wants to
startup/shutdown
u ORA_ROOTDIR
u Oracle’s home directory
155
Setting Environment -VMS
u Running the command file ORAUSER_<SID>.COM,
located under ORA_ROOT:[db_<SID>],
automatically sets all logicals and symbols
correctly
u @orauser_<SID>.com
156
Oracle Database Administration I
52
Environment Variable - NT
u Registry values are defined and a service entry is created
when the database is created
u Registry values are automatically set when you use OEM or
during installation
n Run regedit
u HKEY_LOCAL_MACHINE/SOFTWARE/ORACLE
157
Setting Environment - NT
u ORADIM – can be used to create it
n Oradim –NEW –SID sid –SRVC service
u Please refer to the documentation for full syntax
u CMD – at the DOS prompt setting
n SET ORACLE_HOME=d:\oracle\ora91\bin
n SET ORACLE_SID=TEST
158
Local Database Startup
u Once the proper environment variables are set, the DBA
then needs to invoke the local database management utility
sqlplus /nolog
connect <username>/<password> as sysdba
Or
connect “/ as sysdba”
n NT has other options:
u MANUAL or AUTOMATIC service
u ORADIM
159
Oracle Database Administration I
53
Connection Example
C:\Documents and Settings\vdevore>sqlplus /nolog
SQL*Plus: Release 9.2.0.1.0 - Production on Fri Apr 4 21:07:52
2003
Copyright (c) 1982, 2002, Oracle Corporation. All rights
reserved.
SQL> connect sys/systest as sysdba
Connected to an idle instance.
SQL>
160
Startup by OS
u User must have OS PRIVILEGES:
n Unix: group DBA(defined in /etc/groups)
n VMS: Rights identifier ORA_<SID>_DBA (defined in
sys$system:authorize)
n NT: be in the group ORA_DBA
161
Startup using ORAPWD
u As of 8i, Oracle introduced the password file
u Grant sysdba, sysoper for remote or local
connection
u More in DBA II
162
Oracle Database Administration I
54
Why use AS SYSDBA/INTERNAL?
u When the database is shut down, there is no way
to verify username and password
u It is necessary to find a way for an individual to log
onto the database
u Once connected, the user has sys privileges
163
What Options are there?
u Once the DBA has connected to the database,
he/she can proceed to:
u Startup the database in several modes
u Shutdown the database in several modes
u Or create a database
164
Let’s ‘Start a database’
u There are several ways to start the database's ‘instance’
u We will look at:
n Nomount
n Mount
n Open
n Restrict
n Force
165
Oracle Database Administration I
55
Start the Instance
u Starting the instance involves:
n Reading a parameter file (text - init.ora, binary – spfile.ora)
n Allocating SGA (system global area) in memory
n Creating background processes
n Reading the control files for system information (for existing
databases only)
n Open files for read and/or read-write
166
NOMOUNT
u Typically used during database creation
u Starts the background processes and allocates
memory
u Also used in recovery
167
Nomount - example
C:\Documents and Settings\vdevore>sqlplus /nolog
SQL*Plus: Release 9.2.0.1.0 - Production on Fri Apr 4 21:07:52 2003
Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
SQL> connect sys/systest as sysdba
Connected to an idle instance.
SQL> startup nomount
ORACLE instance started.
Total System Global Area 135338868 bytes
Fixed Size 453492 bytes
Variable Size 109051904 bytes
Database Buffers 25165824 bytes
Redo Buffers 667648 bytes
SQL>
168
Oracle Database Administration I
56
MOUNT
u Mounting the database involves:
n Associating the database with the started instance
n Opening the control file, reading it, obtaining the names of the
redo log and data files
n Verify checksum value (if enabled) and/or
SCN synchronization
169
Mount - example
C:\Documents and Settings\vdevore>sqlplus /nolog
SQL*Plus: Release 9.2.0.1.0 - Production on Fri Apr 4 21:07:52 2003
Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
SQL> connect sys/systest as sysdba
Connected to an idle instance.
SQL> startup mount
ORACLE instance started.
Total System Global Area 135338868 bytes
Fixed Size 453492 bytes
Variable Size 109051904 bytes
Database Buffers 25165824 bytes
Redo Buffers 667648 bytes
Database mounted.
SQL>
170
OPEN
u Opening the database involves:
n Opening the data file(s) and online redo logs for read-write
n Allowing regular users to connect to the database
n Attempts to acquire one or more UNDO segments
n Performs automatic crash recovery if database was shutdown
abnormally
171
Oracle Database Administration I
57
OPEN -Example
SQL> startup open
ORACLE instance started.
Total System Global Area 135338868 bytes
Fixed Size 453492 bytes
Variable Size 109051904 bytes
Database Buffers 25165824 bytes
Redo Buffers 667648 bytes
Database mounted.
Database opened.
SQL>
172
STARTUP – No Arguments
u Oracle assumes that STARTUP with no arguments implies a
STARTUP OPEN
u It is also assumed that the current SID environment variable
is what will be used.
n DBAs must ALWAYS be sure that the proper environment is set
u PFILE or SPFILE must be defined and accessible or it will
fail
u DBA must have SYSDBA or OSDBA
173
Starting an instance
u NOMOUNT, MOUNT, and OPEN are different
stages of an Oracle database startup
n When a STARTUP OPEN is issued, the database first
startups in a NOMOUNT state, then proceeds to a
MOUNT state, and finally proceeds to an OPEN state
174
Oracle Database Administration I
58
RESTRICT
u STARTUP RESTRICT
u Opens the database, but only allows users with
RESTRICTED SESSION privilege to access the database
u Why start a database in a restricted mode?
u Maintenance (database upgrades)
u Exporting and importing data
175
RESTRICT - Example
SQL> startup restrict
ORACLE instance started.
Total System Global Area 4199600 bytes
Fixed Size 42028 bytes
Variable Size 4026500 bytes
Database Buffers 122880 bytes
Redo Buffers 8192 bytes
Database mounted.
Database opened.
SQL>
176
FORCE
u STARTUP FORCE is used for troubleshooting a failed or
failure to open database
u If the database is closed, forces the database open
u If the database is open, it will abort the database and then
open it
Example:
To shutdown the current instance, restart it without mounting or
opening and allow only DBA access:
STARTUP FORCE NOMOUNT RESTRICT
177
Oracle Database Administration I
59
Other Startup Options
u Parallel/Shared (RAC – 9i)
(Shared is a synonym for Parallel)
n Allows multiple instances to access the database
n Cannot be used with EXCLUSIVE or NOMOUNT
n Invalid if initialization parameter SINGLE_PROCESS is set to
TRUE
u Retry
n Automatically restarts every five seconds if the instance is
busy being recovered
n Will not retry for any other reason - parallel mode only
178
Other Startup Options
u STARTUP RECOVER
n Specifies that media recovery be performed
n Has same effect as issuing RECOVER DATABASE
n The recovery processes
u Enable log archiving for media recovery
u Perform complete database recovery
u Perform partial database recovery
179
Other Startup Commands
u Pfile = parameterfilename
n A site-specific parameter file to initialize an instance at startup.
n If not specified, Oracle searches for it in:
u UNIX -$ORACLE_HOME/dbs/init<SID>.ora
u VMS - ORA_ROOT:[db_<SID>]<NODE>_<SID>_init.ora
u NT - HOME#\admin\<SID>\init<SID>.ora
180
Oracle Database Administration I
60
Changing the startup state of a
database
u The DBA can change the current state of a
database using the ALTER DATABASE SQL
command
u The syntax is on the next slide
181
Changing the startup state of a
database
ALTER DATABASE [MOUNT | OPEN]
SQL> startup nomount
ORACLE instance started.
Total System Global Area 4199600 bytes
Fixed Size 42028 bytes
Variable Size 4026500 bytes
Database Buffers 122880 bytes
Redo Buffers 8192 bytes
SQL> alter database mount;
Statement processed.
SQL> alter database open;
Statement processed.
SQL>
182
Changing the startup state of a
database
u The ALTER DATABASE SQL command only moves the
startup state of the database to a higher level
n For example, the ALTER DATABASE SQL command cannot
change the startup state from OPEN to MOUNT
u In this case, the DBA must first shutdown the database and
then issue a STARTUP MOUNT command
183
Oracle Database Administration I
61
Database shutdown
u A database shutdown stops an instance and
makes the database unavailable to users
u Syntax
SHUTDOWN [ABORT|IMMEDIATE|NORMAL|TRANSACTIONAL]
184
Commonly Used Shutdown Options
u SHUTDOWN NORMAL
n Flushes all buffered writes to the disk, waits for all sessions to
disconnect and then terminates the instance
u SHUTDOWN IMMEDIATE
n Flushes all buffered writes to the disk, kills all user connections,
performs a rollback on all uncommitted transactions, then
terminates the instance
185
Shutdown Immediate - example
C:\Documents and Settings\vdevore>sqlplus /nolog
SQL*Plus: Release 9.2.0.1.0 - Production on Sun Apr 6 13:16:30 2003
Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
SQL> connect sys/systest as sysdba
Connected.
SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL>
186
Oracle Database Administration I
62
Database shutdown
u SHUTDOWN ABORT
n Should only be used in emergency situations, such
as when the DBA detects a media failure, power
failure, or security breach to the database
187
Shutdown Abort
u SHUTDOWN ABORT
n Immediately terminates the Oracle instance
n All buffered writes are NOT flushed to disk
n Does not perform a rollback on uncommitted transactions
n An instance recovery is required on the next database startup
(performed automatically)
188
Database shudown
u SHUTDOWN TRANSACTIONAL
(new with Oracle 8i)
n All current sessions in a transaction are allowed to complete
n No new sessions are allowed to start
n Any connected sessions are disconnected either by issuing a
new transaction or once all transactions are committed or
aborted
189
Oracle Database Administration I
63
Database shutdown
u SHUTDOWN NORMAL, SHUTDOWN
TRANSACTIONAL and SHUTDOWN IMMEDIATE
are either the usual or safest shutdown commands
n The following steps occur during a shutdown (See
next slide)
190
Database shutdown
u (SHUTDOWN IMMEDIATE) USER CONNECTIONS ARE
TERMINATED
u All database data in the SGA is written back to the database files
u All redo log buffer data is written back to the redo log files
u Database is dismounted
u The control files are closed
u The SGA is removed from memory and the background processes
are closed
191
Shutdown – States illustrated
192
Oracle Database Administration I
64
Views
u V$database
n Contains database information from the control file
u V$instance
n Gives the state of the current instance
193
Questions?
u Which OEM manager can use to start up a database?
u How must you connect to startup a database?
u Which shutdown command satisfies these conditions?
u The database shuts down when the last user logs off
u Force the database to close with users connected and disconnects
their transactions midstream
u Force the database to close with users connected, but let
transactions complete
194
Summary
u Start an Oracle DATABASE
n Log onto the host O/S, set up the proper environment and then run
sqlplus /nolog
u A database startup proceeds in three stages:
n Starting the instance (NOMOUNT)
n Opening the controlfile(s) (MOUNT)
n Opening the datafiles and redo logfiles (OPEN)
u Ways to shutdown a database:
n Abort, Immediate, Normal and transactional
195
Oracle Database Administration I
65
Oracle Database Administration I
Lesson 3
Creating and Managing Tablespaces
Creating and Managing Tablespaces
u Agenda
n Describe Oracle tablespaces
n Create and modify tablespaces
n Manage tablespaces by querying the appropriate
data dictionary views
197
Creating and Managing Tablespaces
u All schema objects within the database (tables, views,
packages, functions) are stored in segments and
collectively stored in tablespaces
n A tablespace is a logical unit of storage that is defined within
Oracle
n Each tablespace corresponds to one or more operating-system
level datafiles
n Each segment is contained in a single tablespace
198
Oracle Database Administration I
66
Creating and Managing
Tablespaces
199
Creating and Managing Tablespaces
u A tablespace can be in several states while the database is
open
n Online or Offline
n Read-only or read-write
u A tablespace can be altered back and forth between these
options as needed
n Conditions must be tested before each alter (no current
transactions may be active)
200
Creating and Managing Tablespaces
u Each database must be created with at least one tablespace
(SYSTEM).
n This holds all data dictionary objects and built-in PL/SQL
program units (procedures, functions, packages and triggers)
u Each tablespace can contain one or more schemas and
each schema can have one or more objects
n Each object can span more than one datafile per tablespace
201
Oracle Database Administration I
67
Creating and Managing Tablespaces
u When the Oracle Universal Installer (OUI) or OEM creates a
database, it creates several tablespaces by default. For
example:
n SYSTEM - contains system definitions (Required)
n TEMP - used for sorting
n RBS/UNDO - used for rollback/UNDO segments
n TOOLS - used for storing PL/SQL program units
n USERS - used as default tablespace for users
202
Creating and Managing Tablespaces
u Prior to creating a tablespace, the DBA will need to consider
(covered extensively in Lesson 5):
n Tablespace storage
u This includes the type of data file to create
n Segment storage
n Disk contention
n Free space and segment fragmentation
203
Tablespace Storage
u Tablespace Storage considerations
n System limitation on datafile size
n Database limitation when database is created (maxdatafiles)
n Data file management
u Autoextend feature on an existing datafile
u Manually adding a datafile
204
Oracle Database Administration I
68
Data File Types and Behavior
u Permanent
u Temporary
u Oracle Managed Files (OMF)
u Extent management
n Dictionary
n Locally
u Uniform extent
u autoallocated
205
Tablespace Storage
u Each tablespace contains object segment(s)
u Each segment is subdivided into logical units of storage
called EXTENTS
u When a user creates an object (such as tables, views,
sequences) within the database, Oracle allocates an extent(s)
within a tablespace in which to store the object’s segment(s)
206
Tablespace Storage
207
Oracle Database Administration I
69
Segment Storage
u Segments can span across datafiles, but extents cannot
u Each segment can be composed of one or more extents
u Each extent is further subdivided into units of storage
called DATABASE BLOCKS
u Extents must be made up of contiguous DATABASE
BLOCKS
208
Database Blocks
u Not identical to operating system-level file blocks
u A logical database block may span multiple
system level blocks
u Should be created to either fit into an OS-level file
block or be the same
209
Database Blocks
u The size of each database block is determined by the
parameter DB_BLOCK_SIZE in the initialization parameter
file
u This size is fixed during database creation time. Cannot be
changed unless the database is re-created
u The default DB_BLOCK_SIZE is 2048 bytes
210
Oracle Database Administration I
70
Tablespace Storage
u Logical storage hierarchy:
n Tablespace
u Object segment
u Extents
u Oracle Blocks
211
Dictionary vs. Local
u Starting with 8i, you can now create tablespaces that are
managed locally within the header file of the tablespace
u If you specify local in a create tablespace, you cannot
specify default storage, minextents, nor temporary clause
u Local allows two types of management: uniform extent or
autoallocate
212
Create Tablespace (dictionary)
u Create a tablespace using the CREATE TABLESPACE SQL
command.
u The syntax for dictionary managed is:
CREATE TABLESPACE <tablespace name>
datafile '<datafile location>‘size <datafile size> [M|K]
[autoextend_clause]
DEFAULT STORAGE (<storage_clause>)
[online|offline];
213
Oracle Database Administration I
71
Create Tablespace (local)
u Create locally managed tablespace syntax:
CREATE TABLESPACE <tablespace name>
datafile '<datafile location>' size <datafile size> [M|K]
EXTENT MANAGEMENT LOCAL UNIFORM SIZE <extent size> [M|K];
214
Create Tablespace (OMF)
u Create an Oracle Managed File in a default location for
datafile creation with defaults of 100M size and unlimited
autoextensible maximum size:
alter system set db_create_file_dest =
‘<datafile location>’
CREATE TABLESPACE <tablespace name>;
215
Datafile Naming
u The datafile name must contain the absolute path
n No UNIX/NT variable names nor VMS logicals should be
specified in the datafile name
u The directory that contains the datafile MUST have write
permissions for the Oracle software owner
216
Oracle Database Administration I
72
UNIX Naming
u Example
n Create a tablespace called DEVELOPMENT
n Specify a datafile '/u01/oradata/SEED/SEED_DEVELOPMENT_01.dbf'
with a size of 300 Megabytes
n Make this tablespace available to all users immediately
217
UNIX Naming Example
u The answer is:
SQL> create tablespace development
2> datafile '/u01/oradata/SEED/SEED_DEVELOPMENT_01.dbf'
3> size 300M;
Tablespace created.
218
VMS Naming
u Example:
n Create a tablespace called RBS
n Specify a datafile 'dka300:[oradata.seed]seed_rbs_01.dbf'
with a size of 300 Megabytes
n Make this tablespace available to all users immediately and
autoextensible at 500k increments to a maximum of 400
megabytes
219
Oracle Database Administration I
73
VMS Naming Example
u The answer is:
SQL> create tablespace rbs
2> datafile 'dka300:[oradata.seed]seed_rbs_01.dbf’
3> size 300M
4> autoextend on next 500k maxsize 400M;
Tablespace created.
220
NT Naming
u Example
n Create a tablespace called NEWDATA
n Specify a datafile ‘d:\oradata\seed\seed_newdata_01.dbf' with a
size of 900 Kilobytes
n Make this tablespace unavailable to users.
u Extra credit – what is missing with the final statement and
assumed?
221
NT Naming Example
u The answer is:
SQL> create tablespace newdata
2> datafile ‘d:\oradata\seed\seed_newdata_01.dbf’
3> size 900K offline;
Tablespace created.
222
Oracle Database Administration I
74
Creating and Managing Tablespaces
u When creating datafiles for tablespaces, adopt a
common file naming convention
u Most Oracle file types are named as follows (see
next slides)
223
Creating and Managing Tablespaces
u DATAFILES
<TABLESPACE NAME>_<SID NAME>_<FILE ID>.dbf
u Example
n The third datafile of the SYSTEM tablespace
belonging to the SEED database
system_SEED_03.dbf
224
Creating and Managing Tablespaces
u Use the ALTER DATABASE SQL command to modify the
characteristics of an existing tablespace
n Add/rename/change the state of a datafile
n Change a tablespace to read-only
n Take a tablespace offline/online
n Change the storage parameters
n To begin/end online hot backups
n Coalesce free space
225
Oracle Database Administration I
75
Alter Tablespace Syntax
226
Datafile Options
227
Creating and Managing Tablespaces
u Example:
n Add a second 100 MB datafile to the system
tablespace
n Place the datafile under
/u01/oradata/SEED/SYSTEM_SEED_02.dbf
n Make it readily available
228
Oracle Database Administration I
76
Example Alter Tablespace
SQL> alter tablespace system
2 add datafile '/u01/oradata/SEED/system_SEED_02.dbf’
3 size 100M;
Tablespace altered.
229
Creating and Managing Tablespaces
u Example
n Change the development tablespace to read-only
mode
n The syntax is:
SQL> alter tablespace development read only;
Tablespace altered.
230
Creating and Managing Tablespaces
u Adding a datafile to a tablespace
n Space from the new file is automatically allocated to
the tablespace
n The new datafile can reside on a separate disk
n Oracle treats this and all datafiles belonging to a
tablespace as a single logical entity
231
Oracle Database Administration I
77
Creating and Managing Tablespaces
Tablespace
Datafile #1 Datafile #2
n Once a datafile is added to a tablespace, you cannot
delete it unless the tablespace is first dropped
232
Creating and Managing Tablespaces
u To drop any tablespace (except SYSTEM) use the
DROP TABLESPACE SQL command
u The syntax is:
DROP TABLESPACE <tablespace name
> [INCLUDING CONTENTS [CASCADE CONSTRAINTS]]
233
Creating and Managing Tablespaces
u A tablespace that contains data cannot be dropped unless
the INCLUDING CONTENTS option is specified
n If constraints exist between objects in the tablespace to be
dropped and objects in another tablespace, the CASCADE
CONSTRAINTS option must be specified along with the
INCLUDING CONTENTS option
234
Oracle Database Administration I
78
Creating and Managing Tablespaces
u Once a tablespace is dropped, the datafile(s) associated
with the tablespace must be deleted on the operating
system level
n The DROP command only removes that tablespace from the
data dictionary
n Cannot drop the SYSTEM tablespace because it contains the
data dictionary
n Once a drop is executed, it cannot be undone
235
Creating and Managing Tablespaces
u Example
n Drop the DEVELOPMENT tablespace, including all
contents
n The syntax is:
SQL> drop tablespace development including contents;
Tablespace dropped.
236
OEM
237
Oracle Database Administration I
79
Summary
u Steps to creating and managing tablespaces
n Prepare the operating system
n Determine storage options
n Execute the CREATE TABLESPACE SQL and ALTER
TABLESPACE command
n Ways to manage the stored data
238
Oracle Database Administration I
Lesson 4
Creating an Oracle Database
Creating an Oracle Database
u Agenda
n Methods of creation
n Set up the proper operating system environment prior to
creating a database
n Execute the CREATE DATABASE SQL command
n Execute the proper scripts that build the data dictionary and
PL/SQL procedures
240
Oracle Database Administration I
80
Creation Methods
u OEM – Database configuration assistant
u When the Oracle software is installed
u Manually, either with scripts or by command line
241
Creating an Oracle Database
u Six general steps to creating a database
n Preparing the Operating System
n Creating a parameter file
n Starting the instance
n Creating the database
n Building the data dictionary
n Building the system PL/SQL procedures
242
Creating an Oracle Database
u Preparing the Operating System
n An Oracle database consists of datafiles, redo log files, and
control files
n Prior to creating a database, the location(s) of these files
should be thought out carefully
n Space will need to be allocated for the files
n The system administrator will need to create the appropriate
directories and set the proper permissions for these files
243
Oracle Database Administration I
81
Creating an Oracle database
u All systems
n The owner of the directories should be the Oracle software
owner (typically "oracle").
u On Unix systems, the dba group will also be the group
owner of the directory.
u On VMS, the user must have the ORA_DB rights identifier
u ON NT, the user must be in the group ORA_DBA
n The Oracle software owner should be the only user that has
write access to these directories
244
Create the Oracle User environment -
UNIX
u Unix
n (as root)
Bash# cd /u01
bash# mkdir oradata
bash# chown oracle:dba oradata
bash# chmod 755 oradata
245
Create the Oracle User Environment -
VMS
u VMS
n (as SYSTEM)
$ Set default dka300:[000000]
$ create/dir [.oradata]
$ set file/own=oracle oracle.dir
$ set prot=(S:RWED,O:RWED,G:RE,O:RE) oracle.dir
246
Oracle Database Administration I
82
Create the Oracle User Environment -
NT
u NT
n (As administrator)
n Use Administrative tools in 'Settings' or the Manage
option in 'My Computer'
u Create the partitions
u Define a user with administrative privileges.
247
Setting the Database Name
u Setting the name of the database:
n UNIX – Enter the new name in /var/opt/oracle/oratab
n VMS – Run ora_find_sid.com to register the database
n NT – Run oradim to create a new database service
n Labels each database with a unique identifier
u Known as the ORACLE SYSTEM IDENTIFIER
u Referred to as the ORACLE SID
248
Defining the Oracle SID
u Identifies which database a user will connect to
upon executing an Oracle application
u Unix/NT - ORACLE SID is designated by an
environment variable, $ORACLE_SID
u VMS – Oracle SID is a logical, ORA_SID
249
Oracle Database Administration I
83
Setting the Oracle SID
u Now that a SID is defined:
n Set the SID in the proper manner for the OS
u UNIX export ORACLE_SID=TRNG
u VMS define ora_sid trng
u NT set ORACLE_SID=TRNG
n Once the ORACLE SID is set, all subsequent Oracle I/O affects
the associated database
250
Creating the Parameter file
u Defines and configures the ‘parameters’ that configure the
database
u All parameters are customizable by the DBA
u Read at instance startup
u First created as an ASCII file (initSID.ora)
u As of 9i, a binary (spfileSID.ora) file can be created and be
managed once the instance is started
251
Parameter File
u Great care should be taken in the sizing of each
parameter
u If a parameter is not defined, Oracle will provide
defaults
n To view all defined and defaulted values, run sqlplus as sys or
system and issue:
Show parameters or view v$parameter
u See example in the workbook.
252
Oracle Database Administration I
84
Default Parameter File Location
u Unix
n Oracle looks for the associated parameter file under
$ORACLE_HOME/dbs/init<SID>.ora
u This is usually a link to the real init<SID>.ora
u VMS
n Oracle looks for the associated parameter file under
ORA_ROOT:[db_<SID>]<NODE>_<SID>_init.ora
u NT
n Oracle looks under
$ORACLE_HOME\database\init<SID>.ora
253
Creating an Oracle database
u Oracle provides a template init.ora located under:
n $ORACLE_HOME/dbs (Unix)
n ORA_RDBMS (VMS)
n $ORACLE_HOME\admin\sample\pfile (nt)
u For example,
n If you have a database with a SID of SEED, Oracle looks for the
associated parameter file under:
u $ORACLE_HOME/dbs/initSEED.ora (Unix)
u ORA_ROOT:[db_seed]PLUTO_SEED_init.ora (VMS)
254
Questions?
u Refer to the workbook for a sample init.ora file
n What is the default block size?
n Is the buffer cached defined in blocks or bytes?
n Can you have more than one value for the service_names
value?
n Which control file is read when the database is opened?
255
Oracle Database Administration I
85
Creating an Oracle database
u Most associated parameters take default values if they are
not explicitly defined
u The values that MUST be defined in each file are:
n db_name (set to the same value as the ORACLE SID)
n control_files (should point to the location of the control files)
256
Which type of Data File?
u Dictionary managed
n Default storage clause used
u Locally managed
n Uniform extent
n Autoallocate
u Oracle managed files (OMF)
n Oracle manages the allocation, growth and removal
n Default file location defined in the init.ora
257
Creating an Oracle database
u Invoke Oracle as: sqlplus /nolog
u Connect to the database as the sysdba user
u Start the Oracle instance (nomount)
n Only allowable startup level since control files, redo log files,
and datafiles do not exist at this point
258
Oracle Database Administration I
86
Creating an Oracle database
u The workbook illustrates how to start a database
in nomount mode
259
Creating an Oracle database
u Once the Oracle instance is started, execute a
CREATE DATABASE SQL command. Below is an
abridged syntax:
CREATE DATABASE <database name>
DATAFILE '<full path to datafile>' size <datafile size>M
LOGFILE GROUP <group number> '<full path to logfile>' size <logfile
size>M
260
Creating an Oracle database
u The datafile defined becomes the first datafile of the
SYSTEM TABLESPACE
u Each database MUST have at least two logfile groups
u For additional options of the CREATE DATABASE SQL
command, consult the ORACLE SERVER
ADMINISTRATOR'S GUIDE
261
Oracle Database Administration I
87
Creating an Oracle database
SQL> create database SEED
2> datafile '/oradata/SEED/system_SEED_01.dbf' size 200M
3> logfile group 1 '/oradata/SEED/log_SEED_01.rdo' size 3M,
4> group 2 '/oradata/SEED/log_SEED_02.rdo' size 3M
5> /
Statement processed.
262
Creating an Oracle database
u Once the CREATE DATABASE command is
executed, a new database is created
n The control files associated with this database are
also created in the location(s) designated in the
parameter file
263
Creating an Oracle database
u Now the data dictionary and PL/SQL packages
need to be built
u The scripts catalog.sql, catproc.sql need to run
against the database
n The former script MUST be run first
264
Oracle Database Administration I
88
Creating an Oracle database
u These scripts are located under:
n $ORACLE_HOME/rdbms/admin (unix/NT)
n ORA_ROOT:[rdbms] (VMS)
SQL> @?/rdbms/admin/catalog
SQL> @?/rdbms/admin/catproc
265
Creating an Oracle database
u Once these scripts have run, two default users are created
in the database
n SYS (initial password change_on_install)
n SYSTEM (initial password MANAGER)
u Both users have DBA authority over the database
n These users should NEVER be deleted from the database
266
Data dictionary
u Composed of a set of tables and views
u Read-only
u Provides information about the associated
database
u Created by SQL script catalog.sql
267
Oracle Database Administration I
89
Data dictionary
u Data dictionary contains the following:
n Usernames of the associated database
n Security
n Names and definitions of scheme objects
n Space allocation for database objects
n Auditing information
n Triggers, functions, packages, and stored procedures
268
Data dictionary
u Scripts that construct the data dictionary
n CATALOG.SQL
u Commonly used data dictionary views
n CATPROC.SQL
u Scripts for PL/SQL on server
n NOTE: The owner of the data dictionary is SYS
269
Data dictionary views
u Display basic information about Oracle accounts
n SQL> select * from all_users;
u Display DBA information
n SQL> select * from dba_users;
u Rollback segments and their status
n SQL> select segment_name, status
n 2> from dba_rollback_segs;
270
Oracle Database Administration I
90
Summary
u Steps to creating an Oracle database
n Preparing the O/S
n Determining the ORACLE SID
n Creating a parameter file
n Starting the instance
n Executing the CREATE DATABASE SQL command
n Building the data dictionary and PL/SQL packages
271
Oracle Database Administration I
Lesson 5
Space Management
Basics of Storage
u Tablespace - Logical storage area within an Oracle
Database that subdivides the database
n The placement and composition of a tablespace are
critical for optimization
u Data File - Physical files that make up a tablespace
n Size and structure should be well planned out
273
Oracle Database Administration I
91
Space Components
u Database block - smallest unit of storage within an
Oracle database
u Extent - Contiguous allocation of database blocks
u Segment - Logical collection of extents that make
up a table, cluster, index, temporary segment, or
UNDO segment
274
Segment Storage Attributes
u Each of these extent options should be reviewed
individually
n Initial - Allocates the first extent of space
n Next - Size of the extent allocated after the initial
n Minextents - Number of extents allocated during the initial
creation of the segment
n Maxextents - Limits the total number of extents the
segment can create
275
Additional Storage Options
u Pctincrease - controls the rate of growth of extents
beyond the second
n If UNDO segments are being configured, this is not an option
u PCTFREE - reserved portion of the data block that is
used for later updates to rows in that block
u PCTUSED- percentage of space in a data block used
before allocating another block
u A block is kept on the free list until it reaches
PCTFREE
u A block stays off the free list until PCTUSED is reached
276
Oracle Database Administration I
92
Segment Creation Options
u Tablespace - The tablespace to store the segments
u Partitioning - Feature of Oracle8 that allows a
segment to be separated into multiple segments,
each existing in a single or multiple tablespaces
u Optimal - sets the optimal size in bytes for a
rollback segment (not used with UNDO)
277
Example
Create table EMP (
EMPID NUMBER,
F_Name VARCHAR2(25),
L_Name VARCHAR2(25),
MI VARCHAR2(1),
SSN VARCHAR2(11)
) Pctfree 10 Pctused 40
storage (Initial 2K Next 2K Pctincrease 0 Maxextents
unlimited)
Tablespace USERS;
278
Storage Considerations
u Object creation parameters override tablespace default
storage parameters with the exception of locally managed
tablespaces as of Oracle8i
u Locally managed tablespaces enforce the use of uniform
extent size or the size that has been autoallocated by Oracle
n One exception -- import (discussed in DBAII)
279
Oracle Database Administration I
93
Local vs. Dictionary Managed
u Two DBA philosophies:
n Dictionary managed
u Grouping of tables are by schema, not table
u Can take schema offline (ie, bad blocks, recovery)
n Locally managed
u Never have tablespace fragmentation with uniform extents
u Never have to worry about extent growth with autoallocate
280
Physical Database Attributes
u Autoextend vs adding datafiles
n Both can be executed when the database is up
n Both can extend the tablespace and be ready for use
immediately
u Autoextending an existing datafile can alleviate DBA
worries, but adversely can waste space
u Adding a datafile is under your control
Alter tablespace add datafile ‘/u01/oradata/seed/newfile_seed_02.dbf’ size
500M;
281
RAID
u RAID
n Important to have for an Oracle system
n Jbod – Lowest data cost – low overhead
n 0 – low data cost – load balancing
n 1, 0+1 – high data cost – most expensive
n 5 – Highest data cost – safe
u It takes four I/Os for one write (read data, read parity,write
data, write parity)
u Minimum of three disks, plus 66-87% of space
u The more disks, the higher the gain
282
Oracle Database Administration I
94
Questions
u What are the two ways to use the autoextend
clause?
u Which segment type does not use the pctincrease
storage clause?
u What would you think would be less problematic in
regards to objects needing extents?
283
Storage issues
u Disk contention
n Background process content for data access
u Segment fragmentation
n Seek time is reduced
u Free space fragmentation
n Cannot allocate a contiguous extent
284
Disk Contention
u Too many heavily used segments on a single disk slows
down access time and causes degradation in database
performance
u System (Data Dictionary), TEMP and UNDO segment
tablespaces are used constantly
u Keeping these tablespaces on separate disks ensures the
best access time
285
Oracle Database Administration I
95
Fragmentation Issues
u Fragmentation
n Frequent writes to a tablespace lead to greater fragmentation
n Fragmented tablespaces run slower and require more disk
activity then non-fragmented tablespaces
n Thus, objects should be grouped into tablespaces based on
their activity and size
286
Levels of Fragmentation
u Levels of fragmentation
n Application Interim Segment
u Data changes are moderate, allowing for some fragmentation
n UNDO Segments
u Used regularly with constant changes to data. Fragmentation is
high
n Temporary Segments
u Data is swapped in and out constantly. Fragmentation is highest
287
Free Space vs. Segment
u Free space fragmentation is determined by the
number of contiguous free space chunks within a
tablespace
u Segment fragmentation is determined by the
number of extents relative to the number of
segments within a tablespace
288
Oracle Database Administration I
96
Free Space Fragmentation
u Caused by dropping or truncating segments
u Categorized as usable or unusable
n A usable free space chunk is large enough to be
used by the growth of an existing segment
n An unusable free space chunk is too small to be
used by an existing segment
289
Segment Fragmentation
u Caused by segments requiring multiple extents
u Using a uniform extent size (i.e. locally managed
tablespaces) will alleviate this
u Manage this by monitoring dba_segments and
dba_free_space
290
Common Methodologies
u Uniform Extent sizes
n Eliminates unusable free space fragmentation
n Does not eliminate segment fragmentation
n Minimizes maintenance efforts
n Extent sizes should be carefully chosen to achieve
best performance
291
Oracle Database Administration I
97
Common Methodologies
u Appropriate sizing of segments
n Often complicated and time-consuming
n Bound to a finite period of time for growing tables
u Rebuilds (imp/exp)
n Eliminate existing fragmentation by using imp/exp
(discussed further in DBAII)
292
Common Methodologies
u Using Pctincrease 100
n Minimizes segment fragmentation
n Minimizes maintenance efforts
n Extent sizes grow exponentially
n Requires large free space chunks to be available
293
Dictionary Views
u DBA_FREE_SPACE
n How much free space is available
u DBA_SEGMENTS
n Information about all segments
u DBA_EXTENTS
n Describes the extents of all objects
294
Oracle Database Administration I
98
Summary
u Basics of Space Storage
u Storage Parameters
u Default Storage Parameters
u Fragmentation
u Methodologies for maintaining
295
Oracle Database Administration I
Lesson 6
Creating and Managing UNDO Segments
Creating and Managing
Rollback/UNDO Segments
u Agenda
n Theory behind rollback/UNDO segments
n Rollback/UNDO segments within an Oracle Database
n Rollback/UNDO segments used in transactions
n Rollback/UNDO segments used in read-consistency
297
Oracle Database Administration I
99
UNDO Segments
u Database objects that record old values of data
before the data are modified by transactions
u Used to recover the database
u Provide read consistency
u Allow certain transactions to be undone (rolled
back)
298
UNDO Segments
u Undo management is new term for rollback
u Two options under 9i
n Manual undo management
u Oracle7/8i/9i rollback segments
n Automatic undo management
u AKA Automatic Undo Management (AUM) or System
Managed Undo (SMU)
299
What are UNDO segments for?
u Three purposes for undo
n Read consistency
n Transaction rollback
n Transaction recovery
u New purpose in 9i
300
Oracle Database Administration I
100
Types of Undo Segments
u SYSTEM
n Used for objects in SYSTEM tablespace
u Non-SYSTEM
n Used for objects in other tablespaces
u Automatic (UNDO)
u Manual (rollback segments)
u Deferred
n Used for offline tablespace
301
Why Use AUM?
u Easier to administer
n In a recent Oracle benchmark, 400 rollback segments were
replaced by one undo tablespace
u Reduced chance of common errors
n “snapshot too old”
u DBA selected retention period
n “unable to extend rollback segment”
u Dynamic extent transfer
302
Dynamic Extent Transfer
u Extents within undo tablespace may switch ownership from
one segment to another
u Prevents single large transaction from affecting other users
u Space reuse is more efficient, so errors are less likely
u Eliminates need for managing rollback space for online and
batch differently
303
Oracle Database Administration I
101
Automatic Undo Management
u New initialization parameters UNDO_MANAGEMENT
n AUTO
u Undo segments managed internally
u No CREATE, DROP, ALTER
u Automatic creation, shrinking, etc.
n MANUAL
u Default; DBA-managed rollback segments
304
UNDO values
u UNDO_TABLESPACE
n Defines the name of the tablespace used to hold the
undo segments
u UNDO_RETENTION
n Controls amount of undo data to retain
u Specify in seconds
u Read consistency and Oracle Flashback
305
UNDO Segments
u Discrete database objects
n Reside within a specific tablespace
u Each segment allocates extents within a
tablespace to store table data before the data are
modified
306
Oracle Database Administration I
102
UNDO Segments
u Can hold data for multiple transactions
u A single transaction must be contained in a single
segment
u Provided maximum number of extents has not
been reached
307
Creating UNDO Tablespace
u The tablespace is all that needs to be created with AUM.
u Usually created at database creation time as part of the
CREATE DATABASE statement:
UNDO TABLESPACE undotbs datafile
'/u02/oradata/SEED/undodbs_seed_01.dbf'
size 200m autoextend off
308
SYSTEM Rollback Segment
u Default rollback segment is automatically created during
database creation
u Cannot be deleted
u Segment resides in the SYSTEM tablespace
u Can only be used for SYSTEM objects
u Create a second one for creating the tablespaces during
creation of a database
309
Oracle Database Administration I
103
SYSTEM Rollback Segment
u Additional rollback/UNDO segments must be
created to hold rollback data for objects in non-
System tablespaces
u The size and number of segments must be
monitored:
n v$rollstat, dba_segments
310
Create a Rollback Segment
u CREATE ROLLBACK SEGMENT SQL command
syntax:
CREATE ROLLBACK SEGMENT <SEGMENT NAME>
TABLESPACE <TABLESPACE NAME>
[STORAGE <STORAGE_CLAUSE>|OPTIMAL]
NOTE: this is not required with 9i
311
Storage clause
u Allows the DBA to set the sizing of the rollback
segment(s)
u The DBA may allow Oracle to size the rollback
segment automatically
u MINEXTENTS for rollback segments must be ≥ 2
312
Oracle Database Administration I
104
Create a Rollback Segment
u Must reside in a rollback tablespace
n Example with Default storage parameters chosen:
SQL >create rollback segment rbs1
2 >tablespace rbs
/
Rollback segment created.
313
ALTER ROLLBACK SEGMENT
u Once the rollback segment is created, It must be brought
online before it can store transaction information
u An entry must be made in the initSID.ora file to be brought
online each time the instance is start
u Use the rule of four to estimate:
n # rollback = transactions/4
314
ALTER ROLLBACK SEGMENT
ALTER ROLLBACK SEGMENT <ROLLBACK SEGMENT NAME>
ONLINE|OFFLINE
u ONLINE
n Brings rollback segment online
n Available for subsequent transactions
u OFFLINE
n Takes rollback segment offline
n Unavailable for subsequent transactions
n Will not go offline until all transactions have completed
315
Oracle Database Administration I
105
When the database is shut
down and restarted
u Only the SYSTEM rollback segment is brought online
u Only the segment names in the ROLLBACK_SEGMENTS
parameter in the initialization parameter file are brought
online
ROLLBACK_SEGMENTS=(RBS1,RBS2)
u Query the data dictionary view to check the status of all
rollback segments:
sys.dba_rollback_segs
316
Rollback Information Stored
u Each time a transaction is executed against the
database, Oracle automatically allocates an
available UNDO segment
u Unchanged data is stored for transaction and
session rollback
u To ensure that each user has a consistent view of
the data they are working on.
317
Request a Rollback Segment
u Programmatically, you can specify the rollback segment to
use
n Prior to executing the SQL statement, execute: SET
TRANSACTION USE ROLLBACK SEGMENT <ROLLBACK SEGMENT NAME>
n Example:
SQL>SET TRANSACTION USE ROLLBACK SEGMENT RBS1;
Transaction set.
318
Oracle Database Administration I
106
Example
EMPNO | ENAME | DEPTNO | SAL
-----------------------------------------
00100 | John Doe | 001 | 15000
00200 | Sue Smith | 001 | 15000
00300 | Jane Goodall | 001 | 15000
00400 | Sam Tyson | 001 | 15000
00500 | Mike Jones | 001 | 15000
u The Emp table holds this information prior to the transaction
u Before the statement is applied, a free UNDO segment is obtained
319
Statement is Executed
SQL> update emp set sal=30000 where empno=0500;
1 row updated.
u The user executes this SQL statement
u If the user commits, the rollback/UNDO segment is released
320
Rollback Statement
u To undo changes
n Execute a ROLLBACK SQL statement
n This undoes the update statement and copies information back
into the table
SQL> rollback;
Statement processed.
321
Oracle Database Administration I
107
Oracle Flashback
u Consistent view of database at past point
n Read-only
n Export and query
n Protection against user error
u “Uh, I just deleted 1,000 rows from SPRIDEN. Can you
restore it for me?”
n Must be using AUM in order to use Flashback
u UNDO_RETENTION parameter
322
Using Flashback
u User needs execute on DBMS_FLASHBACK
u Retention time must be long enough to be useful
u Query as usual after enabling Flashback
CALL dbms_flashback.enable_AT_time
('25-MAR-02:08:00:00');
SELECT * FROM emp;
CALL dbms_flashback_disable();
323
Dictionary Views
u V$rollstat
n Number of times a rollback segment has wrapped
n Number of times it has extended
n Number of times it has shrunk
u V$rollname
n Maps the rollback segment to its name by USN
324
Oracle Database Administration I
108
Data Dictionary Language (DDL)
statements
u Change the internal structure of the database
u They do not use rollback/UNDO segments during
processing
u Once SQL statements are executed, they cannot
be rolled back!
325
Summary
u UNDO segments provide the user the ability to undo DML
statements within the database
u UNDO segments also provide read-consistency within the
database
u UNDO is a special type of segment
u Rollback segments are kept for backwards compatiblity
326
Oracle Database Administration I
Lesson 7
Creating and Managing Database Users
Oracle Database Administration I
109
Creating and Managing
Database Users
u Agenda
n Create new Database Users
n Modify existing Database Users
n Monitor information about Database Users
n Drop Database Users
n Terminate user sessions
328
Creating and Managing
Database Users
u Creating users under Oracle
n Created within the database or OEM
n Not defined in the underlying operating system
u Oracle stores internal user account information
within the data dictionary in an encrypted format
329
CREATE USER SQL
330
Oracle Database Administration I
110
Create User Considerations
u If you do not specify a default tablespace, the user is
assigned to SYSTEM
u If not explicitly specified, users have a
QUOTA of 0 on all tablespaces
u By default, the account is not locked and the password is
not pre-expired
331
Default Temporary Tablespace
u If you do not specify a temporary tablespace, temporary
segments default to the SYSTEM tablespace
u In 9i, if you create the default temporary tablespace for
everyone you do not need to worry about this
u To use this new feature, create it at database creation time
or later
u It must be of type temporary
332
Create a User
u Example:
n Create a user SAISUSR with a password of u_pick_it
n Assign a default tablespace of USERS and a quota of 100KB on
the DEVELOPMENT tablespace
n Specify the temporary tablespace to be TEMP
n (Syntax is on the next slide.)
333
Oracle Database Administration I
111
Example of Creating a User
SQL> create user saisusr identified by u_pick_it
2> default tablespace USERS
3> temporary tablespace TEMP
4> quota 100K on development
5> /
Statement Processed.
334
User Passwords
u During the CREATE USER command, the assigned
password echoes on the screen
u Note that the password is stored in encrypted form
u The encryption algorithm is DES-128 bit
u Oracle passwords are NOT case-sensitive
335
Password Aging
u You can use Password Management
n Run the script utlpwmg.sql to start
u You can set
u Password attempts
u Grace periods
u History
u Many more!
336
Oracle Database Administration I
112
Object Ownership
u As with an OS account, Oracle assigns an ownership to all
database objects that you create in the database
n This ownership is known as a user's SCHEMA
u When a user creates an object in the database, it is created
under that user's SCHEMA
337
Joe Creates a Table
u Example
n User joe creates a table dept within the database
n This table is created under joe's ownership or schema
SQL> create table dept
2> (deptno number(25),
3> dname varchar2(100))
/
Table created.
338
Creating and Managing
Database Users
u Now, connect to the database as chris.
SQL> connect chris/u_pick_it
Connected.
u chris cannot see joe's table unless he specifies the
appropriate schema.
u The syntax for specifying objects in another schema is
<SCHEMA>.<OBJECT>
339
Oracle Database Administration I
113
Creating and Managing
Database Users
u If a schema is omitted, Oracle assumes the object
is in your own schema. If not found there, it will
search for a synonym
SQL> desc joe.dept
Column Name Null? Type
---------------------- -------- ----
DEPTNO NUMBER(25)
DNAME VARCHAR2(100)
340
Creating and Managing
Database Users
u If the object is not yours, the only way you can see
the object(s) is for you to have been granted rights
to it.
u This includes the synonym short name.
n Grants will be discussed later
341
Creating and Managing
Database Users
u During an Oracle install, default user accounts are created.
The important ones are: SYS and SYSTEM (INTERNAL will
be desupported in 10i)
n All accounts are DBA accounts
n To connect to sys, you must have SYSDBA privileges
n However, all data dictionary objects will be created under the
SYS schema
342
Oracle Database Administration I
114
Creating and Managing
Database Users
u To prevent damage to the data dictionary, most DBA tasks
should be done as SYSTEM
n The default password assigned to SYS is change_on_install
n The default password for SYSTEM is manager
n Change both passwords immediately after database creation
n If you create a database in the Database Configuration Assistant, you
will be prompted to change the passwords
343
Creating and Managing
Database Users
u Unix
n Can connect as SYSDBA only if the user is in the DBA group
(defined under /etc/group)
u VMS
n Can connect as SYSDBA only if the user is granted the
ORA_<sid>_DBA identifier under SYS$SYSTEM:AUTHORIZE
u NT
n Can connect as SYSDBA only if the user is in the ORA_DBA
group
344
Altering Users
u Purpose: To change the authentication or
database resource characteristics of a database
user
u Several ways to make the change:
n ALTER USER SQL command
n OEM Management Console
n Other third-party tools
345
Oracle Database Administration I
115
Alter User SQL Example
u Example
n Change the password of the user saisusr to monitor4all
n Modify the quota this user has to UNLIMITED on the USERS
tablespace
SQL > alter user saisusr
2> identified by monitor4all quota unlimited on
users;
User altered.
346
OEM Security Section
347
Dropping a User
u Drop a database user with the DROP USER SQL
statement and to optionally to remove the users’s
objects:
u Again, this can be done with OEM and SQL
DROP USER <username>
[CASCADE]
348
Oracle Database Administration I
116
Creating and Managing
Database Users
u If the user has objects in his/her schema, Oracle
will not drop a user
n To override this, specify the CASCADE option
u Example
n Drop the user saisusr and include all objects in this
user's schema
349
Drop User Does Not Drop Everything
u Oracle will invalidate, not drop, any objects
referencing the dropped objects
n This includes packages, procedures, views, etc.
u All roles created by the dropped user will remain
350
Creating and Managing
Database Users
u Can view user information in the data dictionary,
which stores information on all users
n DBA_USERS
n ALL_USERS
n DBA_TS_QUOTAS
351
Oracle Database Administration I
117
Creating and Managing
Database Users
u View information about all users in the database with the
DBA_USERS data dictionary view
SQL> select * from dba_users
USERNAME USER_ID PASSWORD DEFAULT_TABLESPACE
------------------ ---------- ----------------------------- ------------------
TEMPORARY_TABLESPACE CREATED PROFILE
------------------------------------------------- ---------------------- ---------
SYS 0 D4C5016086B2DC6A SYSTEM
TEMP 26-APR-01 DEFAULT
SYSTEM 5 D4DF7931AB130E37 TOOLS
TEMP 26-APR-01 DEFAULT
2 rows selected.
SQL> exit
352
Creating and Managing
Database Users
u Display tablespace quotas for all users with the
DBA_TS_QUOTAS data dictionary view
n The user sam has a quota of 100KB on the SYSTEM
tablespace (see example on next slide)
353
Creating and Managing
Database Users
SQL> select * from dba_ts_quotas;
TABLESPACE_NAME USERNAME BYTES
------------------------------ ---------------------- --------
MAX_BYTES BLOCKS MAX_BLOCKS
------------------------------ -------------------- ----------
SYSTEM SAM 102
400 0 50
354
Oracle Database Administration I
118
Creating and Managing
Database Users
u When necessary, terminate a user's session while the user
is logged on to the database
n Use an ALTER SYSTEM KILL SESSION SQL statement
n Or use the OEM’s Oracle Enterprise Manager Console
355
OEM
356
Creating and Managing
Database Users
u Killing a user session
n Prevents the user from issuing further database
calls
n Frees locked resources
n Issues rollback on all uncommitted transactions
357
Oracle Database Administration I
119
Creating and Managing
Database Users
u To terminate a user session:
n DBA must first determine serial number and the
session ID for the session
n Both values can be determined from the the data
dictionary view v$session
358
Creating and Managing
Database Users
u Example:
n The DBA wants to kill the session owned by joe
n The DBA must first determine the serial number and
session ID
359
Creating and Managing
Database Users
SQL> select sid, serial#,username from v$session
2> where username='JOE'
3> /
SID SERIAL#USERNAME
--- ------------------------
13 9 JOE
360
Oracle Database Administration I
120
Creating and Managing
Database Users
u Use these values in the ALTER SYSTEM KILL
SESSION command
SQL> alter system
2> kill session '13,9';
System altered.
361
Creating and Managing
Database Users
u Note that ALL user sessions are killed when the
DBA issues a SHUTDOWN IMMEDIATE
362
Summary
n Create new Database Users
n Modify existing Database Users
n Monitor information about Database Users
n Drop Database Users
n Terminate user sessions
363
Oracle Database Administration I
121
Oracle Database Administration I
Lesson 8
Managing Resources
Managing Resources
u Agenda
n Control system and database resource usage
n Password management
365
Profiles
u Can be used to limit system and database
resources available to a user
u Define a set of resource limits
u Useful in large multi-user systems
u Simplifies resource management
366
Oracle Database Administration I
122
Profile Resource limits
u Resource Options:
SESSION_PER_USER CPU_PER_SESSION
CPU_PER_CALL CONNECT_TIME
IDLE_TIME PRIVATE_SGA(MTS only)
COMPOSITE_LIMIT FAILED_LOGINS_ATTEMPTS
LOGICAL_READS_PER_SESSION
LOGICAL_READS_PER_CALL
367
Profile Password Restrictions
u Password options:
n PASSWORD_LIFE_TIME
n PASSWORD_REUSE_TIME
n PASSWORD_REUSE_MAX
n PASSWORD_LOCK_TIME
n PASSWORD_GRACE_TIME
n PASSWORD_VERIFY_FUNCTION
368
Enable Resource Limits
u To enable profiles, set the initialization parameter
RESOURCE_LIMIT in the database parameter file,
init<SID>.ora
u A value of TRUE enables resource enforcement
u A value of FALSE(default) disables all profiles
u Once this value is modified, either restart the database or
use the ALTER SYSTEM command for the changes to take
effect
369
Oracle Database Administration I
123
Alter System Example
u Example
n Enforce resource limits for the database
SQL> alter system set resource_limit=true;
System altered.
370
Managing Resources
u When resource limits are enabled for a database, the
system creates a profile called DEFAULT
n Users who are not explicitly assigned a profile are assigned to
DEFAULT
n All unspecified limits in later profile definitions have the
corresponding value of DEFAULT
n Initially, all DEFAULT values are unlimited
n DEFAULT profile should not be modified. It will also affect SYS
and SYSTEM!
371
OEM Profile tool
372
Oracle Database Administration I
124
Managing Resources
u Using profiles, resources may be controlled at
both the session or call (statement) level
n Lists of resources controlled at the session level
and at the call (statement) level may be found in
the workbook
373
Managing Resources
u Example
n Create a profile called developer_profile
n Maximum of five concurrent sessions
n Unlimited CPU time for a call
n Maximum idle of 60 minutes
n (Syntax on next slide.)
374
Managing Resources
SQL> create profile developer_profile limit
2> sessions_per_call 5
3> cpu_per_call unlimited
4> idle_time 60
/
Profile created.
375
Oracle Database Administration I
125
Managing Resources
u Once you create a profile, assign users to it
u To assign a new user to a profile, specify the
profile name in the CREATE USER SQL statement
n (Syntax on next slide.)
376
Managing Resources
SQL> create user eddie identified by vanhalen
2> default tablespace users
3> temporary tablespace temp
4> profile developer_profile
/
User created.
377
Managing Resources
u Can change an existing user's profile in an ALTER
USER SQL statement
SQL> alter user sue profile developer_profile
/
User altered.
378
Oracle Database Administration I
126
Managing Resources
u Profile assignments only affect a user's
subsequent transactions
u Each user is assigned one (and only one) profile
379
Managing Resources
u When a session-level resource limit has been
exceeded:
n The user’s current statement stops executing, and
all changes are rolled back
n Only a COMMIT, ROLLBACK, or disconnect is
allowed
380
Managing Resources
u When a call-level resource limit has been
exceeded:
n Processing of the statement is halted
n Statement is rolled back
n Only a COMMIT, ROLLBACK, or disconnect is
allowed
381
Oracle Database Administration I
127
Managing Resources
u In both cases, the user is notified of the resource
he/she has exceeded
SQL> delete from saturn.spriden
/
ORA-02393 exceeded call limit on CPU usage
382
Alter Profile SQL
u To modify characteristics of an existing profile,
use the ALTER PROFILE SQL statement
n Refer to the workbook for the syntax.
u Changes to a profile affect subsequent sessions
ONLY
383
Alter Profile Limits
u Alter the values of existing limits in an existing profile
SQL> alter profile developer_profile limit
2> sessions_per_user 2
3> cpu_per_session 30000
4> idle_time 30
5> logical_reads_per_call 1000
/
Profile altered.
384
Oracle Database Administration I
128
Managing Resources
u Example
n Alter the profile developer_profile to specify a
maximum of two sessions, 30000 hundredths of a
second CPU time for a session, idle time of 30
minutes and 1000 logical reads per call.
n (Syntax is on the next slide.)
385
Managing Resources
u Alter the default profile
n Specify a maximum of 5 sessions, and 30 minutes of
idle time
SQL> alter profile default limit
2> sessions_per_user 5
3> idle_time 30
/
Profile altered.
386
Resource Composites
u Total resource usage may be limited through the use of
composite limits
n A composite weighted sum can only be used on these resource
limits:
n CPU_PER_SESSION
n CONNECT_TIME
n PRIVATE_SGA(MTS only)
n LOGICAL_READS_PER_SESSION
n Used to limit total resource usage for a session
387
Oracle Database Administration I
129
Managing Resources
u Using a composite limit
n The DBA must first define the weighting factors for
each resource that is used
n This is done using an ALTER RESOURCE COST SQL
statement
388
Managing Resources
u Example:
n The DBA wants to set a composite limit of 1000 for the above
quantities
n He/she wants to weight each quantity equally
u The DBA must first define the weights of the quantities
n (Syntax is on the next slide.)
389
Managing Resources
SQL> alter resource cost
2> cpu_per_session 1
3> connect_time 1
4> logical_reads_per_session 1
5> /
Statement processed.
SQL>
390
Oracle Database Administration I
130
Managing Resources
u A composite profile can now be defined using the
above weighting factors
SQL> create profile user_profile limit
2> composite_limit 2000
3> idle_time 60
4> /
Statement processed.
SQL>
391
Managing Resources
u In this example, if the total cpu_per_session,
connect_time and logical_reads_per_session
exceeds 2000, then a user exceeds his/her profile
limits
392
Managing Resources
u To remove a profile from the database, use the
DROP PROFILE SQL statement
DROP PROFILE <profile name> [CASCADE]
393
Oracle Database Administration I
131
Managing Resources
u Cannot drop profiles if they are still assigned to users
n To override this, specify the CASCADE option
n Any users assigned to a dropped profile will be reassigned to
the DEFAULT profile
u The DEFAULT profile cannot be dropped
394
Managing Resources
u Example
n Drop the profile developer_profile, and reassign all
users that had this profile to the DEFAULT profile.
SQL> drop profile developer_profile cascade
/
Profile dropped.
395
Managing Resources
u Query the data dictionary to view information about profiles
defined in the database
u Views that hold information about profiles defined in the
database include:
n DBA_USERS (What profiles)
n DBA_PROFILES (What values)
n RESOURCE_COST (Composite limits)
n USER_RESOURCE_LIMITS (User limits)
396
Oracle Database Administration I
132
Managing Resources
u Example
n Determine the profiles of all users in the database
SQL> select username, profile from dba_users;
USERNAME PROFILE
------------------------------ ------------------
SYS DEFAULT
SYSTEM DEFAULT
SAM DEFAULT
3 rows selected.
SQL>
397
Managing Resources
u Example
n Determine the resource limits of the default profile
n Refer to the workbook for an example of looking up
the values
398
Password Limits
u Use for login attempts
u Password history
u Account management
u May need to run utlpwdmg.sql to set up password
management
399
Oracle Database Administration I
133
Password History
u A mechanism must be in place for you to alter
their password
u PASSWORD_REUSE_MAX and
PASSWORD_REUSE_TIME are mutually exclusive
u One can be set, the other UNLIMITED
400
Other Options
u Resource Consumer Groups
n Can give one set of user 75% CPU usage, another 25%
(*more in DBAII)
u SQL*plus command restrictions
n Use product_user_profile
n Restrict access to items like HOST,
SET <set command>, etc.
401
Summary
n Control resource usage within the database
n Restrict and limit system and call level controls
n Manage user password and login attempts
402
Oracle Database Administration I
134
Oracle Database Administration I
Lesson 9
Control Database Privileges
Control Database Privileges
u Agenda
n Define database privileges
n Grant and control system privileges
n Grant and control object privileges
n Grant and control roles
404
Control Database Privileges
u Oracle allows the DBA and users to control access levels
for objects within the database
n Similar to OS file access controls
n Objects stored within the database
u Tables, views
u Packages, procedures
u Functions, sequences, synonyms
405
Oracle Database Administration I
135
Control Database Privileges
u PRIVILEGES can be grouped into two categories:
n OBJECT Level privileges
u Gives you the ability to perform some operation on various
objects
n SYSTEM Level privileges
u Lets you execute specific sets of commands
406
Object vs. System privileges
u Object privileges are the easiest to remember. There are
eight to remember:
Select insert update delete
alter index References execute
Other less common:
n debug (java)
n Read/write (on directories)
n query rewrite/on commit refresh (materialized views)
n Dequeue/enqueue (advanced queueing)
u All other privileges are for system privileges
407
Why Grant Privileges?
u Users will need system and object privileges to
access the database and to manipulate data
u When a user is created, no object nor system
privileges are available
u Privileges can be GRANTed to users, roles and to
PUBLIC
408
Oracle Database Administration I
136
Control System Privileges
GRANT {system priv | role | all [privilege]}
[, {system priv | role | all [privileges]}…]
to {user | role}[,{user | role}]…
[identified by password]
[with admin option];
u All grants the user or role all privileges (except SELECT ANY
DICTIONARY)
u WITH ADMIN OPTION permits the grantee to bestow the privilege
to other user(s) or role
n Roles discussed in Lesson 10
409
Control Database Privileges
u Example:
n Grant the user scott the privilege to select from any
table
SQL> grant select any table to scott;
Statement processed.
410
Viewing Granted Privileges
u DBA_SYS_PRIVS lists what privileges have been
granted to a grantee.
n A grantee can be a user or a role.
n Refer to the workbook for examples
411
Oracle Database Administration I
137
Control Database Privileges
u Revoking system privileges
n To remove a privilege from a user, use the REVOKE
SQL statement
REVOKE <system privilege> | <role> FROM <user> | <role> |
PUBLIC
412
Control Database Privileges
u Example:
n Remove SELECT ANY TABLE PRIVILEGE from the
user john
SQL> revoke select any table from john;
Statement processed.
413
Control Database Privileges
u Example:
n Remove SELECT ANY TABLE PRIVILEGE from all
users in the database
SQL> revoke select any table from public;
Statement processed.
414
Oracle Database Administration I
138
Control Database Privileges
u Effects of REVOKE on GRANT ... WITH ADMIN OPTION
n User A has system privilege Q with ADMIN OPTION. He/she
then grants privilege Q
to user B
n The DBA then revokes system privilege Q from user A
n The revocation of system privileges does NOT cascade down.
After the revoke of privilege Q for user A, user B STILL has
privilege Q
415
Control Database Privileges
u Disabling logons to the database
n Once a user is created in the database, he/she still needs
CREATE SESSION system privileges in order to logon to the
database
n To disable a user account without dropping the user, simply
revoke the user's CREATE SESSION system privilege
n Refer to the workbook for the syntax
416
Control Object Privileges
GRANT {object priv | all [privilege]}
[(column [, column]…)]
on object to {user | role}
[with grant option];
u All grants all object level privileges.
u WITH GRANT OPTION allows the grantee to grant this
privilege to other users in the database
417
Oracle Database Administration I
139
Control Database Privileges
u Example
n Allow sue to insert into the table emp
SQL> grant insert on emp to sue;
Statement processed.
418
Control Database Privileges
u The user executing the grant MUST have the object in
his/her SCHEMA unless the grant WITH GRANT OPTION has
been previously granted
u For example, john cannot grant select on table emp to sue
unless he owns the table or a grant WITH GRANT OPTION
has been granted to him
419
Control Database Privileges
u Example
n Grant the users sue and rich the privilege to query
the accounts table
SQL> grant select on accounts to sue, rich;
Statement processed.
420
Oracle Database Administration I
140
Control Database Privileges
u Example
n Grant the user jeff the privilege to insert on spriden_pidm
column of the SPRIDEN table
n (only options are insert, update and references)
SQL> grant insert(spriden_pidm) on spriden to jeff;
Statement processed.
421
Control Database Privileges
u Grant WITH GRANT OPTION
n An object privilege that is granted using WITH
GRANT OPTION can be passed on to other users
and roles by the GRANTEE
SQL> grant select on accounts to sue with grant option;
Statement processed.
422
Control Database Privileges
u Now sue will be able to grant this privilege to other
users
n Refer to the workbook for an illustration
423
Oracle Database Administration I
141
Control Database Privileges
u To remove a privilege from a user, use the
REVOKE SQL statement
REVOKE <privilege> ON <object> FROM <user> | <role> | PUBLIC
424
Control Database Privileges
u Example:
n Remove SELECT ON DEVEL PRIVILEGE from john
SQL> revoke select on devel from john;
Statement processed.
425
Control Database Privileges
u Example:
n Remove SELECT ON DEVEL PRIVILEGE from all
users in the database
SQL> revoke select on devel from public;
Statement processed.
426
Oracle Database Administration I
142
Control Database Privileges
u Unlike revoking system privileges, revoking object
privileges has a cascading effect. Investigate the effects
before doing so
n Suppose that the DBA revokes the SELECT ON ACCOUNTS
object privilege from sue...
n This revoke will remove the privilege from sue AND from all
users to whom sue granted that privilege
n Refer to the workbook for the syntax
427
Control Database Privileges
u View all object privileges granted to users by
querying the data dictionary
View Name Description
DBA_TAB_PRIVS All privileges on objects in the database
DBA_COL_PRIVS All privileges on columns in the database
428
Summary
u Define database privileges
u Grant and control system privileges
u Grant and control object privileges
429
Oracle Database Administration I
143
Oracle Database Administration I
Lesson 10
Role Management
Role Management
u Agenda
n Describe roles
n Creating and modifying roles
n Manage roles
431
Role Management
u Privilege management can be tedious
n For example, if you have 100 users that each require the
following privileges:
u CREATE SESSION
u CREATE TABLE
u DROP TABLE
u SELECT ANY TABLE
n To assign these privileges, the DBA must execute each grant
for all 100 users
432
Oracle Database Administration I
144
Grant with no Roles
SQL> grant create session to user1;
Statement processed.
SQL> grant create table to user1;
Statement processed.
SQL> grant drop table to user1;
Statement processed.
SQL> grant select any table to user1;
Statement processed.
(Same for user 2, etc.)
433
Users Need Object Privileges
u Object permissions must be executed for each user.
n For example, the DBA also wants each user to have update
privileges on the SPRIDEN table
n The DBA must now execute the appropriate grant for EACH
user
434
Grant the Object Privilege
SQL> grant update on spriden to user1;
Statement processed.
SQL> grant update on spriden to user2;
Statement processed.
SQL> grant update on spriden to user3;
Statement processed.
.
.
.
(etc.)
435
Oracle Database Administration I
145
What are Roles?
u A collection of system and/or object level privileges
u Allows predefined collections of privileges to be modified
and assigned
u Simplifies privilege management
u Once defined, may be granted to other users, roles and/or
PUBLIC
u Granting a role to a user grants ALL associated privileges
to that user
436
Role management
Privilege Role
CREATE SESSION Normal User
SELECT ANY TABLE
UPDATE ANY TABLE
User
Joeuser
437
Role management
u Create roles using the CREATE ROLE SQL
statement
CREATE ROLE <role name> [not identified | identified
{by password | using [schema.]package | externally |
globally}]
438
Oracle Database Administration I
146
Create Role - example
u Example
n Create a role called standard_user
SQL> create role standard_user;
Statement processed.
439
Create Role Protected - example
u Example
n Create a role called power_user
n Protect this role with the password xxx2q
SQL> create role power_user identified by xxx2q;
Statement processed.
440
Role management
u After a role is created:
n Privileges may be assigned to roles in the same
manner they are assigned to users
n The assignments are done through GRANT SQL
statements
n (See next slide for syntax.)
441
Oracle Database Administration I
147
Role management
SQL> grant create session to standard_user;
Statement processed.
SQL> grant create table to standard_user;
Statement processed.
SQL> grant drop table to standard_user;
Statement processed.
SQL> grant select any table to standard_user;
Statement processed.
442
Role management
u Once defined, a role can then be granted to users
n A role grant to a user grants all associated privileges
to the user
n (See next slide for syntax.)
443
Role management
SQL> grant standard_user to user1;
Statement processed.
SQL> grant standard_user to user2;
Statement processed.
SQL> grant standard_user to user3;
Statement processed.
.
.
.
(etc)
444
Oracle Database Administration I
148
Role management
u A role may be modified to have more or fewer
privileges
n Make these changes through GRANT or REVOKE
SQL statements
n Any changes to roles immediately cascade down to
all grantees of the role
n (See next slide for syntax.)
445
Role management
SQL> grant update on spriden to standard_user;
Statement processed.
u The above statement gives all grantees of
standard_user the ability to update on the
SPRIDEN table
446
Role management
u Roles may also be granted to other roles
SQL> grant standard_user to power_user;
Statement processed.
u The above statement causes all associated privileges of
standard_user to be granted to power_user
447
Oracle Database Administration I
149
Role management
u Subsequent privileges may then be granted to
power_user
SQL> grant alter any table to power_user;
Statement processed.
u What will happen if you grant subsequent
privileges to standard_user?
448
Role management
u The exception to this is that no role can be granted
to itself, even indirectly
n If Role A is granted to Role B, and Role B is granted
to Role C, then Role C cannot be granted back to
Role A
449
Default Roles
u Users can have none or many default roles
u If no default role is assigned, all roles granted to
the user will be in effect throughout their session
u If a user has a default role and wants to set
another role, the user must issue the set role
command
450
Oracle Database Administration I
150
Set Default Roles
u Default roles are set for a user using the ALTER
USER SQL statement
SQL> alter user joe default role standard_user;
User altered.
u View dba_role_privs to see what roles are default
roles.
451
Setting Roles
u A user may activate another role that he/she has previously
been granted using a SET ROLE SQL statement
u User Joe can set any role that he was granted during his
session.
u Refer to the workbook for the syntax
452
Role management
u If joe has a default role set for his user account,
then that role will be active for his entire session.
u If joe does not have a default role set for his
account, then the more powerful role will always
be active.
n So long as he was granted default roles...
453
Oracle Database Administration I
151
Role management
u When a user logs into a database, the default role
is what is available.
u If more than one role is granted as default, the
more powerful will take precidence.
454
Role management - question
u If joe has standard_user set as a default role, then he has to
issue a SET ROLE SQL statement to activate any other role.
u If Joe wants to delete all the roles from table SPRIDEN, can
he simply log in and do this?
u If not, what must Joe do to give him the privilege?
n Hint: refer to your workbook.
455
Effects of Conflicting Roles
u Suppose that the user joe has been granted two
roles with conflicting privileges...
SQL> grant all on spiden to power_user;
Statement processed.
SQL> grant select on spriden to standard_user;
Statement processed.
SQL> grant power_user, standard_user to joe;
Statement processed.
456
Oracle Database Administration I
152
Role Authorization
u The DBA can change the authorization of a role using the
ALTER ROLE SQL statement
n NOT IDENTIFIED - removes the password
associated to a role
n IDENTIFIED BY - assigns a password to a role
n EXTERNALLY – Tied to the operating system (not discussed
here)
ALTER ROLE NOT IDENTIFIED | IDENTIFIED BY <password> |
EXTERNALLY
457
Role Password Management
u View dba_roles to see what roles are passworded
u To remove/alter a password option, use the alter
role command:
SQL> alter role power_user not identified;
Role altered.
458
Password Protected Roles
u A password-protected role may be invoked using a SET
ROLE ... IDENTIFIED BY SQL statement
SQL> set role power_user identified by xxx2q;
Statement processed.
u To set a non-defaulted password role, the user must have
the password and explicitly set it.
459
Oracle Database Administration I
153
Role management
u If a password-protected role is granted to a user as the
default role, Oracle skips the password checking and
invokes the role as the user logs on
u If no default role is defined for a user, Oracle assumes that
ALL granted roles for a user are the default and skips
password checking for ALL granted roles
u Thus, ALL USERS NEED TO BE ASSIGNED DEFAULT
ROLES
460
Role management
u Banner Security
n Password-protected roles are the key to security in Banner
n In Banner, three roles are created :
u BAN_DEFAULT_CONNECT
u BAN_DEFAULT_Q <with password protection>
u BAN_DEFAULT_M <with password protection>
461
Role management
u BAN_DEFAULT_CONNECT
n Role consisting of the CREATE SESSION privilege
u Allows users to only connect to the database, but not
to have access to ANY objects
462
Oracle Database Administration I
154
Role management
u BAN_DEFAULT_Q
n Allows select / executes on all objects
u BAN_DEFAULT_M
n Allows select / execute / insert / delete / update on all
objects
463
Role management
u All three roles are granted to EACH Banner user with
BAN_DEFAULT_CONNECT set as the default role
n See the next slide for the syntax.
464
Role management
SQL> grant ban_default_connect to saisusr;
Statement processed.
SQL> grant ban_default_q to saisusr;
Statement processed.
SQL> grant ban_default_m to saisusr;
Statement processed.
SQL> alter user saisusr default role ban_default_connect;
Statement processed.
465
Oracle Database Administration I
155
Role management
u Users with BAN_DEFAULT_M or BAN_DEFAULT_Q roles
are not able to invoke the associated privileges, since they
will not know the underlying passwords
u The passwords for invoking these roles are stored in
encrypted format in each Banner form
466
Role management
u These roles are invoked ONLY when the user executes the
appropriate form
n Thus, users can only change information within the database
through a Banner form
n Consult the Banner Security Manual (Chapter 2 of the technical
reference) for additional information
467
Cautions
u As described earlier, be aware of default roles
u Another one is if you grant a role with a system privilege
with admin option:
n A user with the role grants the system privilege to another user
n The role was dropped
n The new user with the system privilege will still have that
privilege!
468
Oracle Database Administration I
156
Other DBA Views
u Role_role_privs
n Roles granted other roles and admin
u Role_sys_privs
n Roles granted system privileges
u Role_tab_privs
n Roles granted object privileges
469
Summary
n Describe roles
n Creating and modifying roles
n How Banner utilizes roles
n Methods of combining privileges for user group
activies
470
Oracle Database Administration I
Lesson 11
Oracle Net
Oracle Database Administration I
157
Oracle Net
u Agenda
n Describe the purpose and goal of Oracle Net
n Setup Oracle Net listeners on the database host
n Setup Oracle Net clients that connect
to other Oracle servers
472
Purpose of Oracle Net
u Networks
n We all need to use them, internet and intranets
u Traditionally, database connections have been local
connections
u Server-based applications force support of both the
application and database
n CPU and IO loads
u Client/server technology helped to separate this load
473
Local Connections
u Local connections are useful in some circumstances, such
as DBA tasks
u Local connections in many other cases are less useful.
They require that:
n An account is set up on the operating system level for all Oracle users.
This is a serious security problem, especially under UNIX where
numerous security holes exist with shell (/bin/sh, /bin/ksh) level
n The client resides on the same machine as the database server. This
reduces performance of the database server
474
Oracle Database Administration I
158
Tier Architecture
u Two-task processing introduced the beginning of
separating clients from applications and servers
u Two-tier architecture required a fat client with lots of RAM
and disk space
u Configuration management was a nightmare!
475
N-tier Applications
u Distributes the workload associated to database
applications
u Introduced the N-tier Architecture
u Thin clients were now able to run applications
u Oracle Net allowed for distribution of the workload across
the network
476
Thin clients
u The client has now been transferred to a middle
tier
u The application load can now be spread over the
network
u Browser-based connections have now eliminated
fat PC requirements
477
Oracle Database Administration I
159
Oracle Net
u Heterogeneous database connections are now common
u Transparent Network Substrate (TNS)
n Client and server can use different communications protocols
n Multi-vendor applications can now communicate
n Can transfer data to an asynchronous receiver
478
Oracle Net
u An IP networking protocol
u Must be installed on both client and server machines before
remote connections can take place
u Defined as a session-level protocol that runs on top of
network and transport layers
u Under the OSI(Open Systems Interconnect) theoretical
network model
479
OSI Theoretical Network Model
480
Oracle Database Administration I
160
TCP/IP
u TCP/IP (Transmission Control Protocol / Internet Protocol)
n Developed by the US Defense Department for high speed data
transfer between WANs
n Protocol used on the Internet
n Routable between subnets
n Supports a uniform network numbering scheme throughout the
world
481
Oracle Net
u Installed to run under TCP/IP, since it is present on
virtually all machine types
u Easily configured
n Manually with any text editor
n Using a configuration assistant
482
Connection configuration
u Oracle Net Configuration Assistant
483
Oracle Database Administration I
161
Listener.ora
u An Oracle LISTENER must first be set up on the database
server prior to remote connections to any database
u The Listener.ora file configures
u A unique listener name
u Protocol addresses that it is accepting connection requests
on
u Services it is listening for
484
Oracle Net
u Either located in $ORACLE_HOME/network/admin or in the
location that is defined by the system
n $ORACLE_HOME/network/admin (Unix)
n TNS_ADMIN (VMS/NT)
u Does not require identification of the database service
485
Service Name(s)
u Registered by PMON which provides:
n Service name(s) for each running database
n Instance names of the databases
n Service Handlers, dedicated or dispatcher
u PMON also checks on dispatcher and server processes, and
restarts them if necessary
486
Oracle Database Administration I
162
Oracle Net
u A sample listener.ora file is shown in the workbook.
n Defines a TCP listener named MYLISTENER that runs on port
1526. (Note that on Unix systems ports under 1024 are reserved
for root access only.)
n Hostname of the database server is my.test.edu
n MYLISTENER attaches to the databases SEED, TEST, and
PROD, which run from the directory /u01/oracle/product/8.1.6.#
487
Oracle Net
u The executable that controls the listener is called
lsnrctl
n When you invoke this application you should see something
similar to:
LSNRCTL for Unix: Version 2.3.3.0.0 - Production on 18-MAY-98 23:51:31
Copyright (c) Oracle Corporation 1994. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL>
488
Oracle Net
u To start or stop a particular listener, you can
either enter the command at the prompt:
lsnrctl start <LISTENER_NAME>
u Or you can invoke the program and type:
lsnrctl > start <LISTENER_NAME>
489
Oracle Database Administration I
163
Oracle Net
u The program lsnrctl calls another executable,
tnslsnr, which actually starts the daemon
u At this point, the databases SEED, TEST, and
PROD are ready to accept remote connections
from the network
490
Oracle Net
u To stop a listener, invoke lsnrctl and enter the
following:
LSNRCTL> stop <LISTENER_NAME>
u In the case of MYLISTENER:
LSNRCTL> stop MYLISTENER
The command completed successfully
LSNRCTL> exit
$
491
Oracle Net
u Typically, the Oracle software owner starts/stop
the listener, although anyone in the dba group can
do so
u If someone other than ORACLE starts it, the log
file will be produced where the user is logged in at
492
Oracle Database Administration I
164
Oracle Net
u Multiple listeners
n The previous syntax defined a single listener that attaches to
the SEED, TEST, and PROD databases
n Under this setup, users can remotely log into any of the three
databases attached to the daemon while MYLISTENER is
running
493
Oracle Net
u Multiple listeners (cont.)
n If the DBA needs to restrict users from remotely logging into
specific databases while the databases are open, the databases
should be attached to separate listeners
n Databases remain remotely inaccessible as long as the
listeners that attach to it are not running
n The DBA can configure as many as needed so long as each
one is defined on a separate port
494
Oracle Net
u The listener.ora file shown in the workbook defines:
n Three listeners: FIRSTLISTENER, SECONDLISTENER, and
THIRDLISTENER
n Run from ports 1526, 1527 and 1528, respectively
n Attach to the databases SEED, TEST, and PROD
495
Oracle Database Administration I
165
Oracle Net
u With multiple listeners, each must be started
individually under lsnrctl
n This allows the DBA greater control over database
access
496
Oracle Net
u To prevent users from remotely logging to the
TEST, for example, the DBA can shut down
SECONDLISTENER
u However, keep in mind that more listeners take up
more system resources
497
Client Oracle Net
u In addtion to setting up Oracle Net on the database server,
Oracle Net must also be properly configured on each Oracle
client
u Several ASCII configuration files exist for setting up Oracle
Net on the Oracle client
n sqlnet.ora
n names.ora
n tnsnames.ora
498
Oracle Database Administration I
166
Client Configuration
u Each file defines a different component of Oracle Net clients
n However, tnsnames.ora is critical for remote database
connections
u As with listener.ora, Oracle recommends you generate
these files with Oracle Net Manager, but you can edit them
directly
499
Connection Management
u Oracle Net Manager
500
Oracle Net
u The tnsnames.ora file consists of a series of
database connect/host string definitions. Each
string defines a specific database which the client
can connect to.
u The basic syntax of these strings is shown in the
workbook.
501
Oracle Database Administration I
167
Oracle Net
u Each host string entry defines:
n Hostname of the database server
n Port that the listener is running on
n Oracle SID of the desired database
502
Oracle Net
u While the DBA is free to choose any name she/he
wants as the host string, each value in the string
MUST match those defined in the corresponding
Oracle listener
u Port
u Host
u SID or Service Name
503
Oracle Net
u For an example of using the latter listener.ora file,
the workbook ilustrates the configuration
association of these.
504
Oracle Database Administration I
168
Oracle Net
u Once these files are properly set up, you are ready to
connect to a remote database
u On Windows2000/NT you can pre-define the connect string
with the LOCAL registry value. This assumes only one
database on the server.
u You can pre-set connect_strings in any environment by
creating an individual tnsnames.ora for each database.
u Each of these assist the user in entering as little as possible
505
Oracle Net
u Oracle clients require three parameters for remote
connects:
n Username and password for the Oracle logon
n Connect string that defines the database
506
Oracle Net
u From the command line, setting up a remote
connection is very similar to that of a local
connection
n Start the desired Oracle client as before
n During the database logon specify a username
followed by an "@<connect string>" during the
username prompt
507
Oracle Database Administration I
169
Oracle Net
u For example, to remotely connect as SYSTEM into the SEED
database using SQL*PLUS
n Sqlplus system/manager@seed
u You can also connect another database in the sqlplus
program without disconnecting
n Connect general/u_pick_it@prod
508
Oracle Net
u For example, to connect to SQL*PLUS from a GUI-based
session, you would enter the following:
509
Oracle Net
u The Oracle client first takes the host string specified in the
login and attempts to find a matching string in
tnsnames.ora
n If it finds a match, it attempts to find a listener running at the
specified host and port
n If an Oracle listener is found, the client application attempts to
locate a database with the SID as specified in the host string
n If the client finds this database, it takes the username and
password and attempts to login
510
Oracle Database Administration I
170
Oracle Net
u Troubleshooting Oracle Net
n Setting up remote database connections is a complicated
process, that requires numerous components to be properly
functioning
n The workbook lists common errors that can arise, along with
their likely resolutions
511
Oracle Net
u Any Oracle system account can test the connect string with
TNSPING. This will test to see if the host machine is
listening and recognizes the connect string
u Sometimes DNS resolution gets in the way, you can specify
an IP for the HOST= parameter. It is faster
512
Log and trace files
u Sqlnet.log will be very beneficial in trouble shooting
connections
u To identify the relevant part of the problem, you will need to
turn on tracing
u There are three main areas to trace:
n 1. The SQL*NET client
n 2. The ‘listener’ process
n 3. The SQL*NET ‘server’
513
Oracle Database Administration I
171
Trace file levels
u Establishing a connection
Client----à Listener ---à Server
1 2 3
u An established connection
Client ---à Server
1 3
514
Client Level Tracing
Add in the file sqlnet.ora
n Trace_level_client=##
n Trace_file_client=filename
n Trace_directory_client=/tmp
n Trace_unique_client=true
u This will turn on FULL tracing for your user account.
u Output in /tmp/filename_<PID>.trc
515
Listener Level Tracing
u Add in the file Listener.ora
n Trace_level_listener=##
n Trace_file_listener=filename
n Trace_directory_listener=/tmp
u This defines FULL tracing in /tmp/filename.trc
516
Oracle Database Administration I
172
Server Level Tracing
u Add in the file sqlnet.ora.
u Output sent to /tmp/filename_<PID>.
n Trace_level_server=##
n Trace_file_server =filename
n Trace_directory_server =/tmp
517
Tuning
u Packet transferring
n SDU
n TDU
u Server and dispatchers
u Connect time
u queuesize
518
Summary
n Describe the purpose and goal of Oracle Net
n Setup Oracle Net servers on the database host
n Setup Oracle Net clients that connect
to Oracle Net servers
519
Oracle Database Administration I
173
You might also like
- Oracle Database Workshop 1: by Hari Krishna MakkiniNo ratings yetOracle Database Workshop 1: by Hari Krishna Makkini73 pages
- Oracle Database 12c Administration WorkshopNo ratings yetOracle Database 12c Administration Workshop127 pages
- OCA Oracle Database 11g Database Administration I: A Real-World Certification GuideFrom EverandOCA Oracle Database 11g Database Administration I: A Real-World Certification Guide4/5 (1)
- Oracle Database Administration I Oracle Server ArchitectureNo ratings yetOracle Database Administration I Oracle Server Architecture54 pages
- College of Computer and Information Sciences Information Systems Department IS337 - Database LabNo ratings yetCollege of Computer and Information Sciences Information Systems Department IS337 - Database Lab35 pages
- Introduction To The Oracle Server: It Includes The FollowingNo ratings yetIntroduction To The Oracle Server: It Includes The Following11 pages
- Database Systems: Overview of Oracle Database ArchitectureNo ratings yetDatabase Systems: Overview of Oracle Database Architecture24 pages
- Session 8 - Oracle Architecture & Enterprise ManagerNo ratings yetSession 8 - Oracle Architecture & Enterprise Manager15 pages
- Oracle Database Security: Presented by Wilson CriderNo ratings yetOracle Database Security: Presented by Wilson Crider94 pages
- Unit-1 Oracle Introduction & Fundametal CommandsNo ratings yetUnit-1 Oracle Introduction & Fundametal Commands50 pages
- Oracle Server - An Oracle Server Includes An Oracle Instance and An Oracle Database.No ratings yetOracle Server - An Oracle Server Includes An Oracle Instance and An Oracle Database.9 pages
- Process Architecture: Open, Comprehensive, and Integrated Approach To Information Management. An OracleNo ratings yetProcess Architecture: Open, Comprehensive, and Integrated Approach To Information Management. An Oracle13 pages
- Chapter - 1: Oracle Architecture - Module 1100% (1)Chapter - 1: Oracle Architecture - Module 139 pages
- Racle G Rchitecture With Iagram: U N: 3 N Oracle 11g New FeaturesNo ratings yetRacle G Rchitecture With Iagram: U N: 3 N Oracle 11g New Features14 pages
- Oracle Database Mastery: Comprehensive Techniques for Advanced ApplicationFrom EverandOracle Database Mastery: Comprehensive Techniques for Advanced ApplicationNo ratings yet
- 11 - COM Automation Feature Developers GuideNo ratings yet11 - COM Automation Feature Developers Guide114 pages
- 80real Application Clusters Deployment and PerformanceNo ratings yet80real Application Clusters Deployment and Performance138 pages
- Data Base Management Systems - CSE & IT - B.Tech - II - II - R18 - OCT - 2020No ratings yetData Base Management Systems - CSE & IT - B.Tech - II - II - R18 - OCT - 20202 pages
- Parental Involvement in Education in Ghana: The Case of A Private Elementary SchoolNo ratings yetParental Involvement in Education in Ghana: The Case of A Private Elementary School16 pages
- DBMS Project-Bus Reservation System: 1. AbstractNo ratings yetDBMS Project-Bus Reservation System: 1. Abstract7 pages
- Extending The Database Relational Model To Capture More Meaning PDFNo ratings yetExtending The Database Relational Model To Capture More Meaning PDF2 pages
- Inventory Management System With Berkeley DBNo ratings yetInventory Management System With Berkeley DB16 pages
- DATA BASE MANAGEMENT SYSTEMS Oct-Nov 2019No ratings yetDATA BASE MANAGEMENT SYSTEMS Oct-Nov 20194 pages
- Influence of Teachers' Professional Development Practices On Job Performance in Public Secondary Schools: A Case of Nyamagana District, Mwanza - TanzaniaNo ratings yetInfluence of Teachers' Professional Development Practices On Job Performance in Public Secondary Schools: A Case of Nyamagana District, Mwanza - Tanzania16 pages
- Optimizing Inventory Management for Enhanced Retail and Warehouse Performance a Case Study on the InNo ratings yetOptimizing Inventory Management for Enhanced Retail and Warehouse Performance a Case Study on the In26 pages
