Sunday 1 September 2024

Configuring and Enable Database Vault for CDB and PDB

 Dear All,

How to enable database vault in oracle 19C Multitenant database.

Configuring and Enable Database Vault for CDB?( On prime database servers ).

 

1.      How to Verify if Label Security and Database Vault are Configured and installed.

col DESCRIPTION format a40

set lines 500

SELECT * FROM SYS.DBA_DV_STATUS;  ( db vault status )

SELECT * FROM DBA_OLS_STATUS; ( db labled status )










We have to create 2 user one for db vault user and another for account manager user .. it will create new users for you.

2.      How to Create new Users for Database Vault

 

GRANT CREATE SESSION, SET CONTAINER TO c##dbv_owner_root IDENTIFIED BY WelcomE_321 CONTAINER = ALL;

GRANT CREATE SESSION, SET CONTAINER TO c##dbv_acctmgr_root IDENTIFIED BY WelcoMe_321 CONTAINER = ALL;




3.      How to Configure Database Vault in CDB$ROOT

BEGIN

CONFIGURE_DV (

dvowner_uname => 'c##dbv_owner_root',

dvacctmgr_uname => 'c##dbv_acctmgr_root',

force_local_dvowner => FALSE);

 END;

 /

 

 exec CONFIGURE_DV('c##dbv_owner_root','c##dbv_acctmgr_root');

 



4.      Compile the invalids if anything ( its advise to compile invalids)

              @?/rdbms/admin/utlrp.sql 





Note : we have to Connect as root admin to perform this activity.

5.      Connect to root as DBV Owner User( c##dbv_owner_root).

Dv_app_protection  not configured ?

DV_CONFIGURE_STATUS >> TRUE ( configured )

Dv_enable_status false ..

 


below command enable db vault .. connect to db vault owner user and execute it.

              EXEC DBMS_MACADM.ENABLE_DV;

Note : above commands shouldn’t execute from sys or other users ..

6.      After the above db vault enabled need to Bounce  the Database

                 Shutdown immediate Startup

                  Now Verify the status of  Label Security and Database Vault are Installed & Configured

                SELECT * FROM SYS.DBA_DV_STATUS;

                SELECT * FROM DBA_OLS_STATUS;





 How to Configure and enable the db vault inside  PDB ?

 

Pre-requisites : db vault should enabled on CDB level first ..

 

Ø  Connect to PDB database

                  Alter session set container=pdb1;

Ø  Verify the Label Security and Database Vault are Installed & Configured

                  SELECT * FROM SYS.DBA_DV_STATUS;

                   SELECT * FROM DBA_OLS_STATUS;

 






Ø  Create sample schema for HR / scott etc  Schema

   create schema from /u01/app/oracle/product/19.0.0/db_1/demo/schema/ human_resources

@hr_main.sql

 



select EMPLOYEE_ID,FIRST_NAME,LAST_NAME,SALARY from hr.employees ;

 



Ø  We no need to create new users , we can use the common users .Configure Database Vault

             BEGIN

                    CONFIGURE_DV (

                 dvowner_uname => 'c##dbv_owner_root',

                dvacctmgr_uname => 'c##dbv_acctmgr_root');

                END;

              /





Ø  Connect as DBV Owner User( c##dbv_owner_root)

Sqlplus  c##dbv_owner_root@pdb

Sqlplus c##dbv_owner_root@192.168.56.156:1521/pdb

 

               EXEC DBMS_MACADM.ENABLE_DV;

 


Ø  Bounce Pluggable database

Alter pluggable database pdb1 close; Alter pluggable database open;

 


Check the Label Security and Database Vault are Installed & Configured -



Thanks,

Srini

Posted by at

No comments:

Post a Comment


No one has ever become poor by giving

Subscribe to: Post Comments (Atom)