Oracle® Database Net Services Administrator's Guide 11g Release 1 (11.1) Part Number B28316-01 |
|
|
View PDF |
This chapter describes how to configure connectivity information for client connections to the database server.
This chapter contains these topics:
Configuring External Naming Methods
See Also:
"Naming" for an overview of naming methodsTo connect to a service, clients use a connect identifier in the connect string to connect to a service. The connect identifier can be a connect descriptor or a simple name that maps to a connect descriptor. The connect descriptor contains:
Network route to the service, including the location of the listener through a protocol address
Oracle8i or later release database service name or Oracle8 database Oracle System Identifier (SID)
A simple name is resolved to a connect descriptor by a naming method. A naming method configuration consists of the following steps:
Select a naming method.
Map connect descriptors to simple names.
Configure clients to use the naming method.
A connect descriptor is comprised of one or more protocol addresses of the listener and the connect information for the destination service.
The following example shows a connect descriptor mapped to simple name called sales
:
sales= (DESCRIPTION= (ADDRESS= (PROTOCOL=tcp)(HOST=sales-server)(PORT=1521)) (CONNECT_DATA= (SERVICE_NAME=sales.us.acme.com)))
The ADDRESS
section contains the listener protocol address, and the CONNECT_DATA
section contains the destination service information. In this example, the destination service is a database service named sales.us.acme.com
.
When creating a connect descriptor to an Oracle9i or Oracle8i database service, you must identify the service with the SERVICE_NAME
parameter. Optionally, you can identify an instance with the INSTANCE_NAME
parameter, as shown in the following:
sales= (DESCRIPTION= (ADDRESS=(PROTOCOL=tcp)(HOST=sales-server)(PORT=1521)) (CONNECT_DATA= (SERVICE_NAME=sales.us.acme.com) (INSTANCE_NAME=sales)))
The values for these parameters come from the SERVICE_NAMES
and INSTANCE_NAME
parameters in the initialization parameter file. Note that SERVICE_NAMES
uses a final S. The SERVICE_NAMES
parameter in the initialization parameter file is typically the global database name, a name which includes the database name and domain name entered during installation or database creation. For example, sales.us.acme.com
has a database name of sales
and a domain of us.acme.com
. The INSTANCE_NAME
parameter in the initialization parameter file defaults to the SID entered during installation or database creation.
When creating a connect a descriptor for an Oracle database, you identify the service with the SID parameter. The following example shows a connect descriptor for an Oracle database with a SID of sales
:
sales=
(DESCRIPTION=
(ADDRESS=(PROTOCOL=tcp)(HOST=sales-server)(PORT=1521))
(CONNECT_DATA=
(SID=sales)))
Table 8-1 describes the naming methods that Oracle Net supports.
Table 8-1 Naming Methods
Naming Method | Description |
---|---|
Easy Connect Naming |
Enables clients to connect to a database server without any configuration. Clients use a connect string for a simple TCP/IP address, which includes a host name and optional port and service name: CONNECT username/password@[//]host[:port][/service_name][/server][/instance_name] This method is recommended for simple TCP/IP environments. See Also: "Using the Easy Connect Naming Method" |
Local Naming |
Resolves a net service name stored in a Local naming is most appropriate for simple distributed networks with a small number of services that change infrequently. See Also: "Configuring the Local Naming Method" |
Directory Naming |
Resolves a database service name, net service name, or net service alias stored in a centralized LDAP-compliant directory server |
External Naming |
Resolves service information stored in an a third-party naming service See Also: "Configuring External Naming Methods" |
See Also:
"Naming"The easy connect naming method eliminates the need for service name lookup in the tnsnames.ora
files for TCP/IP environments; in fact, no naming or directory system is required if you use this method.
This naming method provides out-of-the-box TCP/IP connectivity to databases. It extends the functionality of the host naming method by enabling clients to connect to a database server with an optional port and service name in addition to the host name of the database:
CONNECT username/password@[//]host[:port][/service_name][/server][/instance_name]
If you installed Oracle Database in Typical mode, the default service name used by the oracle
instance is ORCL
, and the following easy connect syntax can be used to connect to that instance:
CONNECT username/password@host/ORCL
Table 8-2 lists the easy connect syntax elements and descriptions for each.
Table 8-2 Connect Identifier for Easy Connection Naming Method
Syntax Element | Description |
---|---|
|
Optional. Specify |
|
Required. Specify the host name or IP address of the database server computer. The host name is domain-qualified if the local operating system configuration specifies a domain. |
|
Optional. Specify the listening port. The default is 1521. |
|
Optional. Specify the service name of the database. If a user specifies a service name, the listener connects the user to that specific database. Otherwise, the listener connects to the database specified by the See Also: Oracle Database Net Services Reference for more information about configuring the |
|
Optional. Specify the database server type to use. This parameter instructs the listener to connect the client to a specific type of service handler. The values for the Note: In Oracle Call Interface documentation, See Also: Oracle Database Net Services Reference for more information about configuring the |
|
Used to identify the database instance to access. The instance name can be obtained from the See Also: Oracle Database Net Services Reference for more information about configuring the |
The connect identifier converts into the following connect descriptor:
(DESCRIPTION= (ADDRESS=(PROTOCOL=tcp)(HOST=host)(PORT=port)) (CONNECT_DATA= (SERVICE_NAME=service_name) (SERVER=server) (INSTANCE_NAME=instance_name)))
For example, the following connect strings connect the client to database service sales.us.acme.com
with a listening endpoint of 1521 on database server sales-server
.
CONNECT scott/tiger@sales-server:1521/sales.us.acme.com CONNECT scott/tiger@//sales-server/sales.us.acme.com CONNECT scott/tiger@//sales-server.us.acme.com/sales.us.acme.com
These connect strings convert into the following connect descriptor:
(DESCRIPTION= (ADDRESS=(PROTOCOL=tcp)(HOST=sales-server)(PORT=1521)) (CONNECT_DATA= (SERVICE_NAME=sales.us.acme.com)))
For URL or JDBC connections, prefix the connect identifier with a double-slash (//
). For example:
scott/tiger@[//]nineva]
For SQL connections, preceding the connect identifier with a double-slash (//
) is optional. For example:
SQL> CONNECT scott/tiger@nineva
or
SQL> CONNECT scott/tiger@//nineva
Easy Connect Naming Method Examples
This section includes various examples of easy connect naming syntax and how each string converts into a connect descriptor.
Host only, where the host name is nineva
:
nineva
This connect string converts into the following connect descriptor:
(DESCRIPTION= (CONNECT_DATA= (SERVICE_NAME=nineva.us.acme.com)) (ADDRESS= (PROTOCOL=TCP) (HOST=130.35.45.131) (PORT=1521)))
Host and port, where the host name is nineva
and the port number is 3456:
nineva:3456
This connect string converts into the following connect descriptor:
(DESCRIPTION= (CONNECT_DATA= (SERVICE_NAME=nineva.us.oracle.com)) (ADDRESS= (PROTOCOL=TCP) (HOST=130.35.45.131) (PORT=3456)))
Host and service name, where the host name is nineva
and the service name is wanda
:
nineva/wanda
This connect string converts into the following connect descriptor:
(DESCRIPTION= (CONNECT_DATA= (SERVICE_NAME=wanda)) (ADDRESS= (PROTOCOL=TCP) (HOST=130.35.45.131) (PORT=1521)))
Host, service name and server, and instance name where the host name is nineva
, the service name is wanda
, the server is dedicated
, and the instance name is inst1
:
nineva/wanda:dedicated/inst1
This connect string converts into the following connect descriptor:
(DESCRIPTION= (CONNECT_DATA= (SERVICE_NAME=wanda) (INSTANCE_NAME=inst1) (SERVER=dedicated)) (ADDRESS= (PROTOCOL=TCP) (HOST=130.35.45.131) (PORT=1521)))
Host and instance name, where the host name is nineva
and the instance name is inst1
:
nineva//inst1
This connect string converts into the following connect descriptor:
(DESCRIPTION= (CONNECT_DATA= (SERVICE_NAME=nineva.us.oracle.com) (INSTANCE_NAME=inst1)) (ADDRESS= (PROTOCOL=TCP) (HOST=130.35.45.131) (PORT=1521)))
Using Easy Connect Naming on the Client
Clients can connect to Oracle Database using easy connect naming if the following conditions are met:
Oracle Net Services software installed on the client.
Oracle TCP/IP protocol support on both the client and database server
No features requiring a more advanced connect descriptor are required
For large or complex environments where advanced features, such as connection pooling, external procedure calls, or Heterogeneous Services, which require additional connect information, are desired, easy connect naming is not suitable. In these cases, another naming method is recommended.
Easy connect naming is automatically configured at installation. Prior to using it, you may want to ensure that EZCONNECT
is specified by the NAMES.DIRECTORY_PATH
parameter in the sqlnet.ora
file. This parameter specifies the order of naming methods Oracle Net can use to resolve connect identifiers to connect descriptors.
To verify that the easy connect naming method is configured:
Start Oracle Net Manager.
See Also:
"Oracle Net Manager"In the navigator pane, expand Local > Profile.
From the list in the right pane, select Naming.
Click the Methods tab.
Check that EZCONNECT listed in the Selected Methods list. If it is not, then proceed to Step 5.
From the Available Methods list, select EZCONNECT, and then click the right-arrow button.
From the Selected Methods list, select EZCONNECT, and then use the Promote button to move the selection to the top of the list.
Choose File > Save Network Configuration.
The sqlnet.ora
file updates with the NAMES.DIRECTORY_PATH
parameter, listing hostname
first:
NAMES.DIRECTORY_PATH=(ezconnect, tnsnames)
Optionally Configuring Easy Connect Naming to Use a DNS Alias
You can optionally configure a DNS alias for the host name, as provided with the host naming method in Oracle Database 11g. With host naming, clients use a connect string of:
CONNECT username/password@DNSalias
To configure an alias, perform these tasks:
Task 1: Ensure Database Service is Registered with the Listener
Task 2: Establish Host Name Resolution Environment
Task 3: Connect to the Database
Task 1: Ensure Database Service is Registered with the Listener
You must register database service information with the listener. If the database can find the listener, then information about the database service is dynamically registered with the listener during service registration, including the service name. The listener is found if:
The default listener named LISTENER
running on TCP/IP, port 1521 is running
The LOCAL_LISTENER
parameter is set in the initialization file
If the database cannot find the listener, then configure the listener.ora
file with the GLOBAL_DBNAME
parameter, as shown next:
SID_LIST_listener= (SID_LIST= (SID_DESC= (GLOBAL_DBNAME=sales.acme.com) (SID_NAME=sales) (ORACLE_HOME=/u01/app/oracle))
See Also:
"Configuring Static Service Information"Task 2: Establish Host Name Resolution Environment
The service name must be resolved through an IP address translation mechanism, such as Domain Name System (DNS), NIS, or a centrally-maintained TCP/IP host file, /etc/hosts
.
For example, if a service name of sales.us.acme.com
for a database exists on a computer named sales-server
, the entry in the /etc/hosts
file would look like the following:
#IP address of server host name alias 10.10.150.35 sales-server sales.us.acme.com
Note that the domain section of the service name must match the network domain.
Task 3: Connect to the Database
Clients can connect to the database using the alias. Using the example in "Task 2: Establish Host Name Resolution Environment", the client can use sales.acme.com
in the connect string:
CONNECT username/password@sales.us.acme.com
If the client and server are in the same domain of us.acme.com
, the client needs to enter only sales
in the connect string.
The local naming method adds net service names to the tnsnames.ora
file. Each net service name maps to a connect descriptor. The following example shows a net service name mapped to a connect descriptor:
sales= (DESCRIPTION= (ADDRESS=(PROTOCOL=tcp)(HOST=sales-server)(PORT=1521)) (CONNECT_DATA= (SERVICE_NAME=sales.us.acme.com)))
In this example, the net service name sales
is mapped to the connect descriptor contained in DESCRIPTION
. DESCRIPTION
contains the protocol address and identifies the destination database service.
You can configure local naming during or after installation, as described in these topics:
Oracle Net Configuration Assistant enables you to configure net service names for clients. Oracle Universal Installer launches Oracle Net Configuration Assistant after software installation. The configuration varies depending on the installation mode.
This section includes the following topics:
Oracle Net Configuration Assistant prompts you to configure net service names in the tnsnames.ora
file to connect to an Oracle database service.
You can add net service names to the tnsnames.ora
file at any time after installation. To configure the local naming method, perform the following tasks:
Task 1: Configure Net Service Names
Task 2: Configure TNSNAMES as the First Naming Method
Task 3: Distribute Configuration
Task 4: Configure the Listener
Task 5: Connect to the Database
Note:
The underlying network connection must be operational before attempting to configure connectivity with Oracle Net.To configure with the local naming method, use one of the following tools:
Oracle Enterprise Manager
To configure net service names in the tnsnames.ora
file with Oracle Enterprise Manager:
Access the Net Services Administration page in Oracle Enterprise Manager.
See Also:
"Oracle Enterprise Manager"Select Local Naming from the Administer list, and then select the Oracle home that contains the location of the configuration files.
Click Go.
The Local Naming page appears.
Click Create.
The Create Net Service Name page appears.
Enter any name in the Net Service Name field.
You can qualify the net service name with the client's domain. The net service name is automatically domain qualified if the sqlnet.ora
file parameter NAMES.DEFAULT_DOMAIN
is set.
In the Database Information section, configure service support:
Enter a destination service.
If the destination service is an Oracle8i or later release database, then select Use Service Name, and enter a service name in the Service Name field. If the destination service is an Oracle8 database, then select Use SID, and enter an Oracle System Identifier for an instance in the SID field.
See Also:
"About Connect Descriptors" for further information about the service name string to useSelect a database connection type
The default setting of Database Default is recommended for the connection type. If shared server is configured in the initialization parameter file, you can select Dedicated Server to force the listener to spawn a dedicated server, bypassing shared server configuration. If shared server is configured in the initialization parameter file and you want to guarantee the connection always uses shared server, select Shared Server.
See Also:
Chapter 12, "Configuring Dispatchers" for further information about shared server configurationIn the Addresses section, configure protocol support:
Click Add.
The Add Address page appears.
From the Protocol list, select the protocol on which the listener is configured to listen. This protocol must also be installed on the client.
Enter the appropriate parameter information for the selected protocol in the fields provided.
See Also:
Oracle Database Net Services Reference for protocol parameter settingsOptionally, in the Advanced Parameters section, specify the I/O buffer space limit for send and receive operations of sessions in the Total Send Buffer Size and Total Receive Buffer Size fields.
See Also:
"Configuring I/O Buffer Space" for further informationClick OK.
The protocol address is added to the Addresses section.
Click OK to add the net service name.
The net service name is added to the Local Naming page.
See Also:
"Creating a List of Listener Protocol Addresses" to configure multiple protocol addresses
"Configuring Advanced Connect Data Parameters" to configure additional CONNECT_DATA
options
Oracle Net Manager
To configure net service names in the tnsnames.ora
file with Oracle Net Manager:
Start Oracle Net Manager.
See Also:
"Oracle Net Manager"In the navigator pane, expand Local > Service Naming.
Click plus (+) from the toolbar, or choose Edit > Create from the menu bar.
Enter any name in the Net Service Name field.
You can qualify the net service name with the client's domain. The net service name is automatically domain qualified if the sqlnet.ora
file parameter NAMES.DEFAULT_DOMAIN
is set.
Click Next.
The Protocol page appears.
Select the protocol on which the listener is configured to listen. Note that this protocol must also be installed on the client.
Click Next.
The Protocol Settings page appears.
Enter the appropriate parameter information for the selected protocol in the fields provided.
See Also:
Oracle Database Net Services Reference for protocol parameter settingsClick Next.
The Service page appears.
Select a release, enter a destination service, and optionally, select a database connection type.
If the destination service is an Oracle8i or later release database, then select Oracle8i or later, and enter a service name in the Service Name field. If destination service is an Oracle8 database, then select Oracle8 or Previous, and enter an Oracle System Identifier for an instance in the Database SID field.
See Also:
"About Connect Descriptors" for further information about the service name string to useOracle Corporation recommends that you use the default setting of Database Default for the connection type. If shared server is configured in the initialization parameter file, you can select Dedicated Server to force the listener to spawn a dedicated server, bypassing shared server configuration. If shared server is configured in the initialization parameter file and you want to guarantee the connection always uses shared server, select Shared Server.
See Also:
Chapter 12, "Configuring Dispatchers" for further information about shared server configurationClick Next.
The Test page appears.
Click Test to verify that the net service name works, or click Finish to dismiss the Net Service Name Wizard.
If you click Test, then Oracle Net connects to the database server by using the connect descriptor information you configured. Therefore, the database and the listener must be running for a successful test. If they are not, see "Starting Oracle Net Services Components" to start components before testing. During testing, a Connection Test dialog box appears, providing status and test results. A successful test results in the following message:
The connection test was successful.
If the test was successful, click Close to dismiss the Connect Test dialog box, and proceed to Step 13.
If the test was not successful:
Ensure that the database and listener are running, and then click Test.
Click Change Login to change the username and password for the connection, and then click Test.
Click Finish to dismiss the Net Service Name Wizard.
Choose File > Save Network Configuration.
See Also:
"Creating a List of Listener Protocol Addresses" to configure multiple protocol addresses
"Configuring Advanced Connect Data Parameters" to configure additional CONNECT_DATA
options
Oracle Net Configuration Assistant
To configure net service names in the tnsnames.ora
file with Oracle Net Configuration Assistant:
Start Oracle Net Configuration Assistant.
See Also:
"Oracle Net Configuration Assistant"The Welcome page appears.
Select Local Net Service Name Configuration, and then click Next.
The Net Service Name Configuration page appears.
Click Add, and then click Next.
The Service Name Configuration page appears.
Enter a service name in the Service Name field.
Click Next.
Follow the prompts in the wizard and online help to complete net service name creation.
Configure local naming as the first method specified in the NAMES.DIRECTORY_PATH
parameter in the sqlnet.ora
file. This parameter specifies the order of naming methods Oracle Net uses to resolve connect identifiers to connect descriptors.
To specify local naming as the first naming method:
Start Oracle Net Manager.
See Also:
"Oracle Net Manager"In the navigator pane, expand Local > Profile.
From the list in the right pane, select Naming.
Click the Methods tab.
From the Available Methods list, select TNSNAMES, and then click the right-arrow button.
From the Selected Methods list, select TNSNAMES, and then use the Promote button to move the selection to the top of the list.
Choose File > Save Network Configuration.
The sqlnet.ora
file updates with the NAMES.DIRECTORY_PATH
parameter, listing tnsnames
first:
NAMES.DIRECTORY_PATH=(tnsnames, hostname)
After one client is configured, it is best to simply copy the tnsnames.ora
and sqlnet.ora
configuration files to the same location on the other clients. This ensures that the files are consistent. Alternatively, you can use Net8 Assistant or Net8 Configuration Assistant on every client.
Ensure that the listener (located on the server) is configured to "listen on" the same protocol address you configured for the net service name. By default, the listener should already be configured for the TCP/IP protocol on port 1521.
See Also:
Chapter 10, "Configuring and Administering Oracle Net Listener" for listener configuration detailsWith the directory naming method, connect identifiers are mapped to connect descriptors contained in an LDAP-compliant directory server, including Oracle Internet Directory and Microsoft Active Directory. A directory provides central administration of database services and net service names, making it easier to add or relocate services.
A database service entry is created with Database Configuration Assistant during installation; net service name and net service alias entries can be created with Oracle Enterprise Manager or Oracle Net Manager. To modify Oracle Net attributes of a database service entry and the net service name entries, use Oracle Enterprise Manager or Oracle Net Manager.
Clients can use these entries to connect to the database.
This section contains these topics:
To configure the directory naming method, perform the following tasks:
Task 1: Verify Directory Version Compatibility
Task 2: Create or Modify Net Entries
Task 3: Configure LDAP as the First Naming Method for Client Lookups
Task 4: Configure the Listener
Task 5: Connect to the Database
On the computer from which you plan to create net service names, perform the following verification steps:
Ensure that computer has the latest version of Oracle Net Services software.
Run Oracle Internet Directory Configuration Assistant to verify directory server, Oracle Context, and Oracle schema versions.
See Also:
Oracle Internet Directory Administrator's Guide for further information about configuring directory server usageThis section covers the following topics:
Creating Net Service Names in the Directory
Notes:
Only users that are members of either the OracleNetAdmins
or OracleContextAdmins
group can create net service name entries in a directory. To add or remove users from the OracleNetAdmins
group, see "Adding Users To the OracleNetAdmins Group".
You can export existing net service names from a tnsnames.ora
file. See "Exporting Local Naming Entries to a Directory Naming Server".
You can configure clients to use a net service name rather than the database service entry created by Database Configuration Assistant. To create net service names, use Oracle Enterprise Manager.
Access the Net Services Administration page in Oracle Enterprise Manager.
See Also:
"Oracle Enterprise Manager"Select Directory Naming from the Administer list, and then select the Oracle home that contains the location of the directory server.
Click Go.
The Directory Naming page appears.
Click the Net Service Names tab.
In the Results section, click Create.
The Create Net Service Name page with the General tab appears.
Enter any name in the Net Service Name field.
In the Database Information section, configure service support:
Enter a destination service.
If the destination service is for an Oracle9i or Oracle8i database, then select Use Service Name, and enter a service name in the Service Name field. If destination service is an Oracle8 database, then select Use SID, and enter an Oracle System Identifier for an instance in the SID field.
See Also:
"About Connect Descriptors" for further information about the service name string to useSelect a database connection type
Oracle Corporation recommends that you use the default setting of Database Default for the connection type. If shared server is configured in the initialization parameter file, you can select Dedicated Server to force the listener to spawn a dedicated server, bypassing shared server configuration. If shared server is configured in the initialization parameter file and you want to guarantee the connection always uses shared server, select Shared Server.
See Also:
Chapter 12, "Configuring Dispatchers" for further information about shared server configurationIn the Addresses section, configure protocol support:
Click Add.
The Add Address page appears.
From the Protocol list, select the protocol on which the listener is configured to listen. This protocol must also be installed on the client.
Enter the appropriate parameter information for the selected protocol in the fields provided.
See Also:
Oracle Database Net Services Reference for protocol parameter settingsOptionally, in the Advanced Parameters section, specify the I/O buffer space limit for send and receive operations of sessions in the Total Send Buffer Size and Total Receive Buffer Size fields.
See Also:
"Configuring I/O Buffer Space" for further informationClick OK.
The protocol address is added to the Addresses section.
Click OK to add the net service name.
The net service name is added to the Results section of the Net Service Names tab.
See Also:
"Creating a List of Listener Protocol Addresses" to configure multiple protocol addresses
"Configuring Advanced Connect Data Parameters" to configure additional CONNECT_DATA
options
Modifying Connectivity Information for Database Service Entries
Note:
Only users that are members of either theOracleNetAdmins
or OracleContextAdmins
group can modify network information for a database service in a directory. To add or remove users from these groups, see "Adding Users To the OracleNetAdmins Group".When database registration with the directory completes, Database Configuration Assistant creates a database service entry in the directory. By default, this entry contains network route information that includes the location of the listener through a protocol address. You can re-create this information, if it has been removed, or modify the existing network route information.
To create or modify network route information for a database service, use Oracle Enterprise Manager.
Access the Net Services Administration page in Oracle Enterprise Manager.
See Also:
"Oracle Enterprise Manager"Select Directory Naming from the Administer list, and then select the Oracle home that contains the location of the directory server.
Click Go.
The Directory Naming page appears.
Click the Database Services tab.
In the Simple Search section, select Oracle Context and search criteria to see the net service names for a particular Oracle Context.
The database service names display in the Results section.
In the Results section, select a database service, and then click Edit.
Notes:
Only users that are members of either the OracleNetAdmins
or OracleContextAdmins
group can create or modify net service alias entries in a directory. To add or remove users from the OracleNetAdmins
group, see "Adding Users To the OracleNetAdmins Group".
To create or access net service aliases, ensure that the Oracle home is upgraded to at least 9.2.
Net service aliases are not supported using Microsoft Active Directory.
Net service aliases in a directory server enable clients to refer to a database service or a net service name by an alternative name. For example, a net service alias of salesalias
can be created for a net service name of sales
. When salesalias
is used to connect to a database, as in CONNECT scott/tiger@salesalias
, it will actually resolve to and use the connect descriptor information for sales
.
There are two main uses of net service aliases:
Use a net service alias as a way for clients to refer to a database service or net service name by another name.
Use a net service alias in one Oracle Context for a database service or net service name in a different Oracle Context. This enables a database service or net service name to be defined once in the directory server, but referred to by clients that use other Oracle Contexts.
See Also:
"Net Service Alias Entries" for an overview of net service aliasesTo create or modify network route information for a database service, use Oracle Enterprise Manager.
Access the Net Services Administration page in Oracle Enterprise Manager.
See Also:
"Oracle Enterprise Manager"Select Directory Naming from the Administer list, and then select the Oracle home that contains the location of the directory server.
Click Go.
The Directory Naming page appears.
Click the Net Service Aliases tab.
In the Results section, click Create.
The Create Net Service Alias page appears.
Enter a name for the alias in the Net Service Alias Name field.
In the Referenced Service Detail section, enter the information in the fields described in Table 8-3.
Table 8-3 Reference Service Detail Fields in Create Net Service Alias
Field | Description |
---|---|
Oracle Context |
Select the Oracle Context of the database service or net service name by selecting one from the list or entering one in the field. |
Referenced Service Name |
Select the DN of the database service or net service name. |
Click OK to add the net service alias.
The net service alias is added to the Directory Naming page.
Configure directory naming as the first method specified in the NAMES.DIRECTORY_PATH
parameter in the sqlnet.ora
file. This parameter specifies the order of naming methods Oracle Net uses to resolve connect identifiers to connect descriptors.
To specify directory naming as the first naming method:
Start Oracle Net Manager.
See Also:
"Oracle Net Manager"In the navigator pane, expand Local > Profile.
From the list in the right pane, select Naming.
Click the Methods tab.
From the Available Methods list, select LDAP, and then click the right-arrow button.
From the Selected Methods list, select LDAP, and then use the Promote button to move the selection to the top of the list.
Choose File > Save Network Configuration.
The sqlnet.ora
file updates with the NAMES.DIRECTORY_PATH
parameter, listing ldap
first:
NAMES.DIRECTORY_PATH=(ldap, tnsnames, hostname)
Ensure that the listener (located on the server) is configured to listen on the same protocol address configured for the net service name. By default, the listener is configured to listen on the TCP/IP protocol, port 1521.
See Also:
Chapter 10, "Configuring and Administering Oracle Net Listener" for listener configuration detailsClients that are configured with a default directory entry that matches the directory location of the database service or net service name can connect to the database using the following syntax:
CONNECT username/password@connect_identifier
Clients that are configured with a default directory entry that does not match the entry's directory location cannot use the connect identifier in the connect string. Instead, these connections require the entry's distinguished name or its absolute name.
See Also:
"Connect Identifier and Connect Descriptor Syntax Characteristics" for connect identifier syntax rules
"Absolute Name Specification for Directory Naming" for absolute name usage
Members of OracleNetAdmins
(cn=OracleOracleNetAdmins,cn=OracleContext,...
) have create, modify, and read access to Oracle Net objects and attributes. Oracle Net Configuration Assistant establishes these access rights for this group during Oracle Context creation.
This section contains the following topics:
Removing Users From the OracleNetAdmins Group
Note:
Members of theOracleContextAdmins
groups can also add and delete members of the OracleNetAdmins
group.Establishing Access For the OracleNetAdmins Group
The owner of the OracleNetAdmins
group can perform the following functions:
Add or delete members from the OracleNetAdmins
group
Add or delete groups which are owners of the OracleNetAdmins
group
By default, the owner of the OracleNetAdmins
group is the OracleNetAdmins
group itself. This means that any member of the OracleNetAdmins
group can add or delete other members from the OracleNetAdmins
group. If you prefer that another group other than OracleNetAdmins
add or delete other OracleNetAdmins
members, you can change the owner attribute of the OracleNetAdmins
group to another group.
The owner cannot be an individual user entry, such as cn=scott
, but must be a group entry, where the group entry is one comprised of the LDAP schema object classes GroupOfUniqueNames
and orclPriviledgeGroup
.
To add a group as an owner of an OracleNetAdmins
group:
Create an LDAP Data Interchange Format (LDIF) file:
Specify the group you want to add as an owner.
You can use the following sample LDIF file. Enter the appropriate distinguished name (DN) for cn=OracleNetAdmins
and the DN of the group that you want to add.
dn: cn=OracleNetAdmins,cn=OracleContext,...
changetype: modify
add: owner
owner: <DN of group to add>
Optionally, specify the group to delete as an owner.
dn: cn=OracleNetAdmins,cn=OracleContext,...
changetype: modify
add: owner
owner: <DN of group to add>
For example, the following LDIF syntax changes the ownership from the OracleNetAdmins
group to another group named cn=AcmeSecurityAdmins
. The group can be either be inside or outside the Oracle Context; in this case, it is outside the Oracle Context.
dn: cn=OracleNetAdmins,cn=OracleContext,... changetype: modify add: owner owner: cn=AcmeSecurityAdmins dn: cn=OracleNetAdmins,cn=OracleContext,... changetype: modify delete: owner owner: cn=OracleNetAdmins,cn=OracleContext,...
Use the following ldapmodify
syntax to delete the user:
ldapmodify -h directory_host -p port -D binddn -w password -f ldif_file
Table 8-4 ldapmodify Arguments
Argument | Description |
---|---|
|
Specify the directory server host. |
|
Specify the listening TCP/IP port for the directory server. If you do not specify this option, the default port (389) is used. |
|
Specify the directory administrator or user DN. |
|
Specify the password for the directory administrator or directory user. |
|
Specify the input file name. |
Adding Users To the OracleNetAdmins Group
To add a user to the OracleNetAdmins
group with ldapmodify
:
Create an LDIF file that specifies that you want to add a user to the OracleNetAdmins
group.
You can use the following sample LDIF file. Use the appropriate DN for cn=OracleNetAdmins
and the user that you want to add.
dn: cn=OracleNetAdmins,cn=OracleContext,...
changetype: modify
add: uniquemember
uniquemember: <DN of user being added to group>
Enter the following ldapmodify
syntax to add a user:
ldapmodify -h directory_host -p port -D binddn -w password -f ldif_file
Removing Users From the OracleNetAdmins Group
To remove a user from the OracleNetAdmins
group with ldapmodify
:
Create an LDIF file that specifies that you want to add a user to the OracleNetAdmins
group.
You can use the following sample LDIF file. Enter the appropriate DN for cn=OracleNetAdmins
and the user that you want to delete.
dn: cn=OracleNetAdmins,cn=OracleContext,...
changetype: modify
delete: uniquemember
uniquemember: <DN of user being deleted from group>
Use the following ldapmodify
syntax to delete the user:
ldapmodify -h directory_host -p port -D binddn -w password -f ldif_file
This section explains how to export data stored in a tnsnames.ora
file to a directory server.
If a tnsnames.ora
file already exists, then its net service names can be exported to a directory server. The export is performed for one domain at a time.
The tasks to export data from a tnsnames.ora
file are as follows:
Task 1: Create Structure in Directory Server
Task 2: Create Oracle Contexts
Task 3: Configure Directory Server Usage
Task 4: Export Objects To a Directory Server
Note:
These tasks assume that you have a directory server installed and running.Task 1: Create Structure in Directory Server
In the directory server, create the directory information tree (DIT) with the structure in which you want to import net service names. Create the structure leading up to the top of the Oracle Context.
For example, if the tnsnames.ora
file supports a domain structure acme.com
and you want to replicate this domain in the directory, then create domain component entries of dc=com
and dc=acme
in the directory, as depicted in Figure 8-1.
You can replicate the domain structure you currently use with tnsnames.ora
, or you can develop an entirely different structure. Introducing an entirely different structure can change the way in which clients enter the net service name in the connect string. Therefore, Oracle Corporation recommends considering relative and absolute naming issues prior to changing the structure.
See Also:
Directory server vendor documentation for directory entry configuration instructions
Task 2: Create Oracle Contexts
Create an Oracle Context under each DIT location that you created in Task 1. The Oracle Context has a relative distinguished name (RDN) of cn=OracleContext
. The Oracle Context stores network object entries, as well as other entries for other Oracle components. In Figure 8-2, cn=OracleContext
is created under dc=acme,dc=com
.
To create the Oracle Context, use Oracle Internet Directory Configuration Assistant to create a DIT structure that looks similar to the one in Figure 8-2.
See Also:
Chapter 4, "Configuration Management Concepts" for further information about the Oracle Context
Oracle Internet Directory Administrator's Guide for instructions on creating an Oracle Context
Task 3: Configure Directory Server Usage
If not already done as a part of creating the Oracle Contexts, configure the Oracle home for directory server usage. The Oracle home you configure should be the one that will perform the export.
See Also:
Oracle Internet Directory Administrator's Guide for further information about configuring directory server usageTask 4: Export Objects To a Directory Server
To export net service names contained in a tnsnames.ora
file to a directory, use either Oracle Enterprise Manager or Oracle Net Manager.
Oracle Enterprise Manager
Access the Net Services Administration page in Oracle Enterprise Manager.
See Also:
"Oracle Enterprise Manager"Select Directory Naming from the Administer list, and then select the Oracle home that contains the location of the directory server.
Click Go.
The Directory Naming page appears.
Click the Net Service Names tab.
In the Related Links section, click Import Net Service Names To Directory Server.
The Import Net Service Names To Directory Server page appears.
From the Oracle Context list in the Oracle Internet Directory Server Destination section, select the Oracle Context to which you want to export the selected net service names.
In the Net Service Names to Import section, select the net service names.
Click Add to add the net service names to the directory.
The net service name is added to the Directory Naming page.
Oracle Net Manager
Start Oracle Net Manager.
See Also:
"Oracle Net Manager"If the tnsnames.ora
file you want to export is not the one loaded into Oracle Net Manager, then use File > Open Network Configuration to select the tnsnames.ora
file to export to the directory.
Choose Command > Directory > Export Net Service Names from the menu bar.
Click Next.
If net service names with multiple domain were detected in the tnsnames.ora
file, then the Select Domain page appears. Continue to Step 5.
If the net service names are not domain qualified, the Select Net Service Names page appears. Skip to Step 6.
Select the network domain whose net service names you want to export, and then click Next.
The Select Net Service Names page appears.
Select the net service names from the list to export, and then click Next.
The Select Destination Context page appears.
In the Select Destination Context page, perform the following:
From the Directory Naming Context list, select the directory entry that contains the Oracle Context. The directory naming context is part of a directory subtree that contains one or more Oracle Contexts.
From the Oracle Context list, select the Oracle Context to which you want to export the selected net service names.
Click Next.
The Directory Server Update page appears with the status of the export operation.
Click Finish to dismiss the Directory Server Migration Wizard.
If you want clients to use discovery in directories which have more than one oracleContext
, you can define the orclCommonContextMap
attribute in the base admin
context; this will override the orclDefaultSubscriber
attribute. During name lookup the discovery operation will return both values, and the client will decide based on these which oracleContext
to use.
If the orclCommonContextMap
attribute is not defined the orclDefaultSubscriber
will be used as the default. If orclCommonContextMap
is defined, then the client will find the default oracleContext
which is associated with its DNS domain in the orclCommonContextMap
. To enable multiple default contexts, define the orclCommonContextMap
with a list of associations between a domain and a DN to be used as the default oracleContext
. A sample LDIF file entry is shown here:
$ ldapmodify -v -h nineva -p 1389 -D cn=orcladmin -w juliet# dn: cn=Common,cn=Products,cn=OracleContext replace: orclCommonContextMap orclCommonContextMap: (contextMap= (domain_map=(domain=us.acme.com)(DN="dc=acme,dc=com")) (domain_map=(domain=uk.acme.com)(DN="dc=sales,dc=com")) )
In practice, the contextMap entry must be entered without line breaks, as in the following example:
orclCommonContextMap:(contextMap=(domain_map=(domain=us.acme.com)(DN=" dc=acme,dc=com"))(domain_map=(domain=uk.acme.com)(DN="dc=sales,dc=com")))
See Also:
Oracle Internet Directory Administrator's Guide for further information on how to configure the directory for context mappingOnce you create the directory naming entries, consider exporting the entries to a local tnsnames.ora
file, and distributing that files to clients. Clients can use the locally saved file when a directory server is temporarily unavailable.
To export directory naming entries to a local tnsnames.ora
file, use Oracle Enterprise Manager:
Access the Oracle Net Administration page in Oracle Enterprise Manager.
See Also:
"Oracle Enterprise Manager"Select Directory Naming from the Administer list, and then select the Oracle home that contains the location of the directory server.
Click Go.
The Directory Naming page appears.
Click the Net Service Names tab.
In the Simple Search section, select Oracle Context and search criteria to see the net service names for a particular Oracle Context.
The net service names display in the Results section.
In the Results section, click Save to tnsnames.ora.
The Processing: Create tnsnames.ora File page appears, informing you of the creation process.
External naming refers to the method of resolving a net service name, stored in a non-Oracle naming service, to a network address. External naming services include:
Organizations and corporations already using network information service (NIS) as part of their systems infrastructure have the option to store net service names and addresses in NIS, using NIS external naming.
When a user gives a command such as
sqlplus scott/tiger@payroll
(where payroll
is an Oracle service) NIS external naming on the node running the client program (or database server acting as a client program) contacts an NIS server located somewhere in the network, and passes the net service name to the NIS server. The NIS server resolves the net service name into a Oracle Net address and returns this address to the client program (or server acting as a client program). The client program then uses this address to connect to the Oracle database.
A computer that acts as an NIS server runs a program called ypserv
, which handles name requests. The ypserv
program stores different types of data in special files called maps. For example, passwords are stored in a map called passwd.byname
. Oracle database service names are stored in a map called tnsnames
.
When a user issues a connect string, NIS external naming uses an RPC call to contact the ypserv
program and passes the Oracle net service name payroll
and the name of the map—tnsnames
. The ypserv
program looks in the tnsnames
map for the name payroll
and its corresponding value, which is the address for the net service name. The address is returned to the client, and the client program (or server acting as a client program) uses this address to contact the database server.
Note:
The NIS external naming method is not available on all platforms. Use theadapters
command to check availability of NIS external naming on your system. If available, it will be listed under Oracle Net naming methods, as follows:
$ adapters
Installed Oracle Net naming methods are:
Local Naming (tnsnames.ora)
Oracle Directory Naming
Oracle Host Naming
NIS Naming
See Oracle platform-specific documentation for more information.
This section includes the following topics:
Before configuring servers to support the NIS external naming, make sure that NIS is configured and running on the NIS servers that need to resolve Oracle database net service names. Consult your NIS documentation for specifics.
This task includes the following additional tasks:
To add the tnsnames
map to the existing set of NIS maps:
Create a tnsnames.ora
file, as specified in "Configuring the Local Naming Method".
Note:
Keep a copy of thetnsnames.ora
file, preferably in $ORACLE_HOME/network/admin
directory. You may need to use this file again later to load net service names into the NIS map.Convert the contents of the tnsnames.ora
file to a tnsnames
map using the tns2nis
program.
Note:
Thetns2nis
program is supplied with NIS External Naming.For example, run tns2nis
on the command line with one argument:
tns2nis tnsnames.ora
The tns2nis
program reads the tnsnames.ora
file from the current directory. (If tnsnames.ora
file is not located in the current directory, you can use a full path name to specify its location—for example, /etc/tnsnames.ora
or $ORACLE_HOME/network/admin/tnsnames.ora
).
The tnsnames
map is then written into the current working directory.
Copy tnsnames
to the NIS server, if it is not already there.
Install the tnsnames
map using makedbm
, which is an NIS program.
Note:
This step should be performed by the person in charge of NIS administration.The makedbm
program converts the tnsnames
map into two files that the NIS server can read. The location of these files is operating system specific.
See Also:
Oracle operating system-specific documentation for detailsFor example, to generate and install a tnsnames
map on the Solaris Operating System, as the root
user, enter the following at the command line:
# makedbm tnsnames /var/yp/'domainname'/tnsnames
You can test the NIS server to see if the map has been installed properly by typing a command with the format:
ypmatch net_service_name tnsnames
For example, you might enter:
ypmatch payroll.com tnsnames
This returns the length of the address (in characters) followed by the address; for example:
99 (description=(address=(protocol=tcp) (host=garlic)(port=1999))) (connect_data=(service_name=dirprod)))
To configure clients, configure NIS as the first method specified in the NAMES.DIRECTORY_PATH
parameter in the sqlnet.ora
file. This parameter specifies the order of naming methods Oracle Net can use to resolve connect identifiers to connect descriptors.
Start Oracle Net Manager.
See Also:
"Oracle Net Manager"In the navigator pane, expand Local > Profile.
From the list in the right pane, select Naming.
Click the Methods tab.
From the Available Methods list, select NIS, and then click the right-arrow button.
In the Selected Methods list, select NIS, and then use the Promote button to move the selection to the top of the list.
Choose File > Save Network Configuration.
The sqlnet.ora
file updates with the NAMES.DIRECTORY_PATH
parameter, listing nis
first:
NAMES.DIRECTORY_PATH=(nis, hostname, tnsnames)
See Also:
Oracle Database Advanced Security Administrator's Guide for instructions about how to configure Cell Directory Services (CDS)