Oracle Net Service Name Resolution

Similar documents
Deltek Costpoint New Installation Guide for Microsoft SQL Server

IBM Cloud Manager with OpenStack

AWS Schema Conversion Tool. User Guide Version 1.0

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

What s New with Oracle Database 12c on Windows On-Premises and in the Cloud

Hitachi Backup Services Manager Certified Configurations Guide 6.5

JAMF Software Server Installation Guide for Linux. Version 8.6

AWS Schema Conversion Tool. User Guide Version 1.0

Microsoft Active Directory and Windows Security Integration with Oracle Database

Open Directory. Apple s standards-based directory and network authentication services architecture. Features

HP Application Lifecycle Management

Oracle Virtual Desktop Infrastructure. VDI Demo (Microsoft Remote Desktop Services) for Version 3.2

OnCommand Performance Manager 1.1

Oracle Product Data Quality

Importing data from Linux LDAP server to HA3969U

Using LDAP Authentication in a PowerCenter Domain

70-417: Upgrading Your Skills to MCSA Windows Server 2012

Implementing Failover Capabilities in Red Hat Network Satellite

Oracle Exam 1z0-102 Oracle Weblogic Server 11g: System Administration I Version: 9.0 [ Total Questions: 111 ]

An Oracle White Paper June Enterprise Manager Cloud Control 12c Disaster Recovery with Storage Replication

LifeKeeper for Linux. Network Attached Storage Recovery Kit v5.0 Administration Guide

Installation and configuration op5 Oracle Extension

Application Note 116: Gauntlet System High Availability Using Replication

SSIM Database Extension Pack 4.0 for Oracle on Linux Installation Guide

Planning and Administering Windows Server 2008 Servers

An Oracle White Paper June Oracle Single Client Access Name (SCAN)

Tivoli Access Manager Agent for Windows Installation Guide

Oracle EXAM - 1Z Oracle Weblogic Server 11g: System Administration I. Buy Full Product.

Alfresco Enterprise on AWS: Reference Architecture

Automated Deployment of Oracle RAC Using Enterprise Manager Provisioning Pack

How To Install An Org Vm Server On A Virtual Box On An Ubuntu (Orchestra) On A Windows Box On A Microsoft Zephyrus (Orroster) 2.5 (Orner)

Centralized Oracle Database Authentication and Authorization in a Directory

Utilizing Ansible to Manage a Highly Available MySQL Environment

Migration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module

Database Assessment. Vulnerability Assessment Course

PATROL Console Server and RTserver Getting Started

Robert Honeyman Honeyman IT Consulting.

Verax Service Desk Installation Guide for UNIX and Windows

CN=Monitor Installation and Configuration v2.0

VMware Identity Manager Connector Installation and Configuration

Creating an LDAP Directory

Access Management Analysis of some available solutions

Moving to Plesk Automation 11.5

1Z Oracle Weblogic Server 11g: System Administration I. Version: Demo. Page <<1/7>>

JAMF Software Server Installation and Configuration Guide for OS X. Version 9.0

FREQUENTLY ASKED QUESTIONS

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.2

Kony MobileFabric. Sync Windows Installation Manual - WebSphere. On-Premises. Release 6.5. Document Relevance and Accuracy

How to Scale out SharePoint Server 2007 from a single server farm to a 3 server farm with Microsoft Network Load Balancing on the Web servers.

DS License Server V6R2013x

XMPP Instant Messaging and Active Directory

Qualogy M. Schildmeijer. Whitepaper Oracle Exalogic FMW Optimization

identity management in Linux and UNIX environments

Maximum Availability Architecture

Cisco TelePresence Authenticating Cisco VCS Accounts Using LDAP

DocuShare Installation Guide

Embarcadero Performance Center 2.7 Installation Guide

F-Secure Messaging Security Gateway. Deployment Guide

Websense Support Webinar: Questions and Answers

StreamServe Persuasion SP4

CA Workload Automation Agent for Databases

Installing Management Applications on VNX for File

System Administration Training Guide. S100 Installation and Site Management

SIEMENS. Teamcenter Windows Server Installation PLM

Migration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module

Oracle Easy Connect Naming. An Oracle White Paper October 2007

ICANWK401A Install and manage a server

OBIEE 11g Security it s as easy as 1-2-3!

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

Configuration Guide. BES12 Cloud

Attix5 Pro Server Edition

Installing Active Directory

To integrate Oracle Application Server with Active Directory follow these steps.

Best Practices: Integrating Mac OS X with Active Directory. Technical White Paper April 2009

MOC 6436A: Designing Active Directory Infrastructure and Services in Windows Server 2008

MarkLogic Server. Installation Guide for All Platforms. MarkLogic 8 February, Copyright 2015 MarkLogic Corporation. All rights reserved.

DS License Server. Installation and Configuration Guide. 3DEXPERIENCE R2014x

Quark Publishing Platform 10.1 ReadMe

LDAP Server Configuration Example

Oracle Database Security and Audit

BlackBerry Enterprise Service 10. Version: Configuration Guide

Managing R12 EBS using OEM with the Application Management and Application Change Management Packs

Tushar Joshi Turtle Networks Ltd

1z0-102 Q&A. DEMO Version

Best Practices: Integrating Mac OS X with Active Directory. Technical White Paper September 2007

Storage Sync for Hyper-V. Installation Guide for Microsoft Hyper-V

Implementing a Weblogic Architecture with High Availability

Content Server Installation Guide

Product Guide Revision A. McAfee Web Reporter 5.2.1

BMC BladeLogic Client Automation Installation Guide

Introduction to Linux (Authentication Systems, User Accounts, LDAP and NIS) Süha TUNA Res. Assist.

AVALANCHE MC 5.3 AND DATABASE MANAGEMENT SYSTEMS

High Availability Implementation for JD Edwards EnterpriseOne

RSA Authentication Manager 8.1 Virtual Appliance Getting Started

Integrating OID with Active Directory and WNA

Lotus Domino Security

ORACLE CONFIGURATION SERVICES EXHIBIT

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

JAMF Software Server Installation Guide for Windows. Version 8.6

CA Harvest Software Change Manager

Transcription:

Oracle Net Service Name Resolution Getting Rid of the TNSNAMES.ORA File! Simon Pane Oracle Database Principal Consultant March 19, 2015

ABOUT ME Working with the Oracle DB since version 6 Oracle Certified Expert Oracle Certified Professional Oracle Database 8, 8i, 9i, 10g, 11g and 12c Oracle Certified Partner Specialist Oracle ACE Associate MOS Communities: Simon_DBA Level: Expert

ABOUT PYTHIAN 10,000 Pythian currently manages more than 10,000 systems. 385 Pythian currently employs more than 385 people in 30 countries worldwide. Global leader in data consulting and managed services. Unparalleled expertise Top 5% in databases, applications, infrastructure, Big Data, Cloud, Data Science, and DevOps Unmatched certifications 8 Oracle ACEs, 2 Oracle ACE Directors, 2 Oracle ACE Associates, 2 Oracle Certified Masters, 5 Microsoft MVPs, 1 Microsoft Certified Master 1997 Pythian was founded in 1997 1 Cloudera Champion of Big Data Broad technical experience Oracle, Microsoft, MySQL, Oracle EBS, Hadoop, Cassandra, MongoDB, virtualization, configuration management, monitoring, trending, and more.

TARGET AUDIENCE This presentation is for Not Sys Admins Not Network Admins Not LDAP Admins

NET SERVICE NAME RESOLUTION A Quick Refresher

WHAT ARE WE TALKING ABOUT? Net Service Name A simple name for a service that resolves to a connect descriptor Connect Descriptor A specially formatted description of the destination for a network connection. A connect descriptor contains destination service and network route information. The TNSNAMES.ORA file The tnsnames.ora file is a configuration file that contains net service names mapped to connect descriptors for the local naming method, or net service names mapped to listener protocol addresses. Source: https://docs.oracle.com/database/121/ntdbi/glossary.htm

THE BASICS: THE CONNECT DESCRIPTOR Everything could be specified at the prompt Good for testing the string/troubleshooting

THE BASICS: EZCONNECT 10g added EZCONNECT shortened command line specification

THE BASICS: NET SERVICE NAME SEARCH Net Service Name can be found in multiple locations TNSNAMES.ORA files, external service, directory server Oracle Net stops searching when it finds the first one

STORING AS UNSTRUCTURED DATA Unstructured not in a database DNS is somewhat similar yet DNS entries aren t stored in host files In the TNSNAMES.ORA the Connect Descriptors aren t consistent in structure or layout

MANAGEMENT TECHNIQUES Scripts that run nightly to push out new files to all servers and desktops Centralized files using the TNS_ADMIN environment variable or soft links Storing on a network share or NFS mount Centralized using the IFILE parameter Can be used up to four times

PROBLEMS WITH THIS APPROACH One typo can corrupt the current and all subsequent entries Cumbersome to work with/edit with a large number of entries If centralized, problems affect all users If localized, may take time to propagate changes Multiple copies can get out of sync changes clobbered

BUT WE'VE ALWAYS DONE IT THAT WAY Old way doesn't mean it's the best way

WHAT ARE THE OPTIONS How can we make things better?

ALTERNATIVES Store in an LDAP compatible Directory Server Oracle Internet Directory (OID) Microsoft Active Directory (AD) OpenLDAP Others (IBM Tivoli Directory Server, Sun Java System Directory Server, Red Hat Directory Server, Apache Directory Server) EZCONNECT A hybrid approach using all methods

STRUCTURE IN A DIRECTORY SERVER Published LDAP Schema for Oracle Net Services Structural LDAP Classes for Oracle Net: orcldbserver orclnetservice orclnetservicealias orclnetdescription orclnetdescriptionlist orclnetaddress orclnetaddresslist orclnetdescriptionaux1 orclnetaddressaux1

CHOOSING A DIRECTORY SERVER Easy to install and setup? Supported platforms? Additional software required? Additional hardware required? Additional licenses required? Bulk load existing entries? Easy additions? Easy modifications and removals? Ability to export to a TNSNAMES.ORA file? Supports advanced entries (i.e. TAF, RAC, other options)? Supports aliases? High availability and protection (backup options)? Security implications?

OID BENEFITS Complete Oracle stack full Oracle Support Data stored in the Oracle Database DBAs know how to manage / backup High availability options Easy TNSNAMES.ORA file generation Easy to handle multiple contexts (i.e..world,.example.com)

OID ISSUES Requires a WebLogic domain Cumbersome, likely difficult for most DBAs May require additional hardware For Oracle database repository and/or WLS Upgrades and patching (WLS & DB) Overkill for just Net Service Name lookup?

ACTIVE DIRECTORY BENEFITS Register databases via Oracle Tools (optional) DBCA or Oracle Net Manager SA handles: Replication, HA, Patches, Updates, Backups, etc Critical part of the network infrastructure Typically high performance

ACTIVE DIRECTORY SETUP Very easy to setup (Demo later) Requires access to the AD on a DC Need Domain Administrator privileges Implement using Oracle Net Configuration Assistant and Oracle Net Manager Follow Oracle Implementation PDF guides Follow step-by-step guides: Configuring Microsoft Active Directory for Net Naming (Doc ID 1587824.1)

ACTIVE DIRECTORY ISSUES Will need cooperation from Domain Admins to install / configure Extra AD permissions may be required to query 11g Clients: NAMES.LDAP_AUTHENTICATE_BIND = YES Anonymous query may be required for UNIX clients

OPENLDAP BENEFITS Free (open-source) Directory Server software available on a variety of platforms Linux, Solaris, MacOS X, Windows, etc Master-slave replication options Including multiple slaves, cross-platform, crossendian Easy updates (i.e. yum for Linux deployments)

OPENLDAP INSTALLATION Install additional RPMs openldap-servers, openldap-clients slapd = stand-alone LDAP directory server Simple initial setup (Demo later) Customize some text files; run commands; etc Requires some basic Linux skills Will need root access

OPENLDAP ISSUES No GUI included Using with Oracle Net Manager is difficult Apache Directory Studio Free for Windows, Mac & Linux

COMMON FUNCTIONALITY All have (in some form or another) Bulk load ability: ldapadd f <file> Command line searching: ldapsearch Extraction to a TNSNAMES.ORA file via tool or command

TOOLS ARE ALREADY INSTALLED! LDAP tools in every Database and Client home

WHAT S THE DOWNSIDE? Risks, Concerns, Supportability, Troubleshooting?

WHAT ABOUT SUPPORT? With OID the whole stack is supported Resolution via AD also supported Net Service Name resolution from other Directory Services not fully supported But is that really an issue?

SUPPORT RISKS? If using an unsupported Directory Server, DBAs must know how to investigate/resolve some problems Oracle Support will be limited when investigating TNS-03505 via SR when not using AD or OID

FAILOVER PERFORMANCE? Test failover times from an unresponsive master server! Related MOS notes: Slow LDAP Naming Resolution when Primary LDAP server unavailable. (Doc ID 1193853.1) Performance problem with Oracle*Net Failover when TCP Network down (no IP address) (Doc ID 249213.1) How to Setup LDAP Client Naming Resolution Failover Timeout Against OID - If OID1 is Busy, Quickly Try OID2. (Doc ID 1671486.1)

BUT REMEMBER Used for initial connection lookup only Listener sends back a new socket Not used again for persistent connections Not used for RAC interconnect Data Guard & DB Links Optionally configure with EZCONNECT if support is a concern

OTHER RISKS? Slow / no response from the Directory Servers? All options offer redundancy or high availability Worst case, switch back to TNSNAMES.ORA Some applications may not support it Might need some one-off TNSNAMES.ORA files

FUNCTIONALITY RISKS? Extra complexity with advanced options TAF entries, RAC entries, global_name Oracle Net aliases Oracle7 and Oracle8.0 clients Still can be done but requires extra/different steps

DEBUGGING TECHNIQUES: TRACING Oracle Net (SQL*Net) Tracing HOWTO : Use sqlnet tracing to track down which tnsnames.ora file is used in the connection? (Doc ID 846822.1) How to Enable Oracle SQLNet Client, Server, Listener, Kerberos and External procedure Tracing from Net Manager (Doc ID 395525.1) Oracle whitepaper on interpreting the result Examining Oracle Net, Net8, SQL*Net Trace Files (Doc ID 156485.1) Trace Assistant Example of Using Trace Assistant (TRCASST) to Work an Oracle Net issue (Doc ID 1336069.1)

DEBUGGING TECHNIQUES: TRCROUTE Oracle Trace Route utility Reports on TNS entries on route to the server https://docs.oracle.com/database/121/netag/connect.htm#netag383

DEBUGGING TECHNIQUES: OS TOOLS Linux Strace: $ strace tnsping ORCL Windows Windows Sysinternals Process Monitor: Run in batch file with command line switches NtTrace: http://www.howzatt.demon.co.uk/nttrace

THINGS TO WATCH OUT FOR NAMES.DIRECTORY_PATH Methods not specified are excluded Also determines search order Must keep EZCONNECT for RAC cluster interconnect Files searched Remember: /etc/tnsnames.ora Hidden file: ~/.tnsnames.ora Windows Different search order rules (cwd vs. home dir) Different search orders if %ORACLE_HOME% is set

VIRTUAL DEMO 1 OpenLDAP setup on OL6.5 In 10 simple steps!

DEMO1: OpenLDAP SETUP STEP 1: Install the required RPMs

DEMO1: OpenLDAP SETUP STEP 2: Some basic initial setup STEP 3: Set the LDAP admin password Record the hash for use later

DEMO1: OpenLDAP SETUP STEP 4: Create a default configuration file STEP 5: Create the OID schema files

DEMO1: OpenLDAP SETUP STEP 6: Edit /etc/openldap/slapd.conf Add new OID schema files Update all occurrences of my-domain Add rootpw hash value (could use plain text as well)

DEMO1: OpenLDAP SETUP STEP 7: Start and register slapd service STEP 8: Manually add the OU to the root

DEMO1: OpenLDAP SETUP STEP 9: Add the orclcontext and the first entry

DEMO1: OpenLDAP SETUP STEP 10: Adjust SQLNET.ORA & LDAP.ORA

DEMO1: OpenLDAP SETUP Additional optional steps Add master and slave(s) replication (HA) Secure with TLS and a certificate Configure Apache Directory Studio Script simplified additions using ldapadd Script TNSNAMES.ORA generation using ldapsearch

VIRTUAL DEMO 2 Active Directory Setup In < 10 simple steps!

DEMO 2: ACTIVE DIRECTORY SETUP STEP 1: Follow steps provided in Oracle PDF Configuring Microsoft Active Directory for Net Naming (Doc ID 1587824.1)

DEMO 2: ACTIVE DIRECTORY SETUP STEP 2: Adjust SQLNET.ORA & LDAP.ORA

DEMO 2: ACTIVE DIRECTORY SETUP STEP 3: Add an entry Using the Oracle Net Manager utility on the DC Under the Directory tab

DEMO 2: ACTIVE DIRECTORY SETUP STEP 4: Verify the entry Using Active Directory Users and Computers

DEMO 2: ACTIVE DIRECTORY SETUP STEP 5: Verify that the entry can be modified Using Active Directory Explorer (Sysinternals)

DEMO 2: ACTIVE DIRECTORY SETUP STEP 6: Test that data can be extracted Using ldapsearch

DEMO 2: ACTIVE DIRECTORY SETUP STEP 7: Test resolution from Windows

DEMO 2: ACTIVE DIRECTORY SETUP STEP 8: Test resolution from Linux

WRAP UP!

SUMMARY 1 OID, Active Directory, and OpenLDAP are all just three out of many possible LDAP Directory Servers software products Oracle Connect Descriptors can be stored and accessed from any LDAP Directory Server Active Directory and OpenLDAP are the easiest to setup

SUMMARY 2 Initial data can be bulk loaded Data can be extracted to a TNSNAMES.ORA Simple scripts can be used to automate: Creation of new entries Extraction into a TNSNAMES.ORA LDAP utilities are already in every $OH

SUMMARY 3 Cost is typically a few days of initial setup work Include setup and procedural documentation!!!! Deployment risk is minimal As hybrid approach can be used Lower risk of issues if stored in a proper Directory Service Reduced propagation time for additions/changes Lower chance of introducing a widespread error Higher availability

THANKS AND Q&A pane@pythian.com 1-877-PYTHIAN http://www.pythian.com/blog http://is.gd/pythianfacebook @Pythian http://linkedin.com/company/pythian

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information