Skip Headers
Oracle® Database Platform Guide
10g Release 2 (10.2) for Microsoft Windows (x64)

Part Number B15688-01
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Feedback

Go to previous page
Previous
Go to next page
Next
View PDF

4 Postinstallation Configuration Tasks on Windows

This chapter describes configuration tasks you can perform to increase security and other configuration tasks you must perform before using Oracle interMedia and other Oracle options. Where appropriate, the chapter provides references to other guides for those configuration tasks.

This chapter contains these topics:

4.1 Windows Firewall

By default, all installations of Windows XP Service Pack 2 and higher enable the Windows Firewall to block virtually all TCP network ports to incoming connections. This is also true for Windows Server 2003 Service Pack 1 and higher. As a result, any Oracle products that listen for incoming connections on a TCP port will not receive any of those connection requests, and the clients making those connections will report errors.

Depending upon which Oracle products are installed and how they are used, some postinstallation configuration of the Windows Firewall might be required for the products to be functional on these operating systems.

This section contains these topics:

4.1.1 Oracle Executables Requiring Firewall Exceptions

Table 4-1 lists the Oracle Database 10g Release 1 (10.1) or later executables that listen on TCP ports on Windows. If they are in use and accepting connections from a remote client computer, then Oracle recommends that you add them to the Windows Firewall exceptions list to ensure correct operation. Except as noted, they can be found in ORACLE_HOME\bin.

The RMI registry application and daemon executable listed in Table 4-1 are used by Oracle Ultra Search to launch a remote crawler. They must be added to the Windows Firewall exception list if you are using the Ultra Search remote crawler feature, and if the remote crawler is running on a computer with the Windows Firewall enabled.


Note:

If multiple Oracle homes are in use, then several firewall exceptions may be needed for the same executable: one for each home from which that executable loads.


See Also:

Oracle Database Oracle Clusterware and Oracle Real Application Clusters Installation Guide for Microsoft Windows for more information on RAC executables requiring Windows Firewall exceptions

Table 4-1 Oracle Executables Requiring Windows Firewall Exceptions

File Name Executable Name

oracle.exe

Oracle Database

tnslsnr.exe

Oracle TNS Listener

emagent.exe

Oracle Database Control

ORACLE_HOME\jdk\bin\java.exe

Java Virtual Machine

ORACLE_HOME\apache\apache\apache.exe

Apache Web Server

ORACLE_HOME\opmn\bin\opmn.exe

Oracle Process Manager

ORACLE_HOME\jdk\bin\rmiregistry.exe

RMI registry application

ORACLE_HOME\jdk\bin\rmid.exe

RMI daemon executable

dgmgrl.exe

Data Guard Manager

omtsreco.exe

Oracle Services for Microsoft Transaction Server

tg4sybs.exe

Oracle Transparent Gateway for SYBASE

tg4tera.exe

Oracle Transparent Gateway for Teradata

tg4msql.exe

Oracle Transparent Gateway for MS-SQL Server

tg4drsrv.exe

Oracle Transparent Gateway for DRDA

pg4arv.exe

Oracle Procedural Gateway for APPC

pg4t4ic.exe

Oracle Procedural Gateway for APPC

pg4mqs.exe

Oracle Procedural Gateway for Websphere MQ

pg4mqc.exe

Oracle Procedural Gateway for Websphere MQ

hdodbc.exe

Generic Connectivity

extproc.exe

External Procedures

oidldapd.exe

Oracle Internet Directory LDAP Server


4.1.2 Configuring the Windows Firewall

Postinstallation configuration for the Windows Firewall must be undertaken if all of the following conditions are met:

  • Oracle server-side components are installed.

    These components include the Oracle Database, network listeners, and any Web servers or services.

  • The computer services connections from other computers over a network.

    If no other computers connect to the computer with the Oracle software, then no postinstallation configuration steps are required and the Oracle software will function as expected.

  • The Windows Firewall is enabled.

    If the Windows Firewall is not enabled, then no postinstallation configuration steps are required.

You can configure Windows Firewall by opening specific static TCP ports in the firewall or by creating exceptions for specific executables so that they are able to receive connection requests on any ports they choose. To configure the firewall, choose Control Panel > Windows Firewall > Exceptions or enter netsh firewall add... at the command line.

Alternatively, Windows will inform you if a foreground application is attempting to listen on a port, and it will ask you if you wish to create an exception for that executable. If you choose to do so, then the effect is the same as creating an exception for the executable either in the Control Panel or from the command line.

4.1.3 Troubleshooting Windows Firewall Exceptions

If you cannot establish certain connections even after granting exceptions to the executables listed in Table 4-1, then follow these steps to troubleshoot the installation:

  1. Examine Oracle configuration files (such as *.conf files), the Oracle key in the Windows registry, and network configuration files in ORACLE_HOME\network\admin.

  2. Pay particular attention to any executable listed in ORACLE_HOME\network\admin\listener.ora in a PROGRAM= clause. Each of these must be granted an exception in the Windows Firewall, because a connection can be made through the TNS Listener to that executable.

  3. Examine Oracle trace files, log files, and other sources of diagnostic information for details on failed connection attempts. Log and trace files on the database client computer may contain useful error codes or troubleshooting information for failed connection attempts. The Windows Firewall log file on the server may contain useful information as well.

  4. If the preceding troubleshooting steps do not resolve a specific configuration issue on Windows XP Service Pack 2, then provide the output from command netsh firewall show state verbose=enable to Oracle Support for diagnosis and problem resolution.


See Also:


4.2 Resetting Passwords for Default Accounts

Oracle Database installs with a number of default accounts. Database Configuration Assistant locks and expires most default database accounts upon successful installation. Oracle recommends changing all user passwords immediately after installation.


See Also:

Oracle Database Administrator's Guide for more information on default database accounts and passwords

4.3 NTFS File System and Windows Registry Permissions

Oracle recommends that you configure Oracle Database files, directories, and registry settings to allow only authorized database administrators (DBAs) to have full control. If you created a database using Database Configuration Assistant, then no further action is required.

This section describes the permissions automatically set by Oracle Universal Installer and Database Configuration Assistant and the steps to set these permissions manually.

This section contains these topics:

4.3.1 File Permissions

Beginning with Oracle9i release 2 (9.2), Oracle Universal Installer and Database Configuration Assistant set file permissions when Oracle Database software is installed.

This section contains these topics:

4.3.1.1 File Permissions Set by Oracle Universal Installer

During Oracle Database installation, by default Oracle Universal Installer installs software in ORACLE_BASE\ORACLE_HOME. Oracle Universal Installer sets the following permissions to this directory, and all files and directories under this directory:

  • Administrators - Full Control

  • System - Full Control

  • Authenticated Users - Read, Execute and List Contents


    Important:

    If these accounts already exist and possess more restrictive permissions, then the most restrictive permissions are retained. If accounts other than Administrators, System, and Authenticated Users already exist, then the permissions for these accounts are removed.

4.3.1.2 File Permissions Set by Database Configuration Assistant

During database configuration, Database Configuration Assistant installs files and directories in the following default locations, where database_name is the database name or SID:

  • ORACLE_BASE\admin\database_name (administration file directories)

  • ORACLE_BASE\oradata\database_name (database file directories)

  • ORACLE_BASE\oradata\database_name (redo log files and control files)

  • ORACLE_BASE\ORACLE_HOME\database (SPFILESID.ORA)

Database Configuration Assistant sets the following permissions to these directories, and all files and directories under these directories:

  • Administrators - Full Control

  • System - Full Control


    Important:

    If these accounts already exist and possess more restrictive permissions, then the most restrictive permissions are retained. If accounts other than Administrators and System already exist, then the permissions for these accounts are removed.

4.3.2 Setting NTFS File System Security

To ensure that only authorized users have full file system permissions:

  1. Go to Windows Explorer.

  2. Set the following permissions for each directory or file:

    Directory Group and Permissions
    ORACLE_BASE\ORACLE_HOME
    • Administrators - Full Control
    • System - Full Control

    • Authenticated Users - Read, Execute and List Contents

    ORACLE_BASE\admin\database_name
    • Administrators - Full Control
    • System - Full Control

    ORACLE_BASE\oradata\database_name
    • Administrators - Full Control
    • System - Full Control

    ORACLE_BASE\ORACLE_HOME\database\spfileSID.ora
    • Administrators - Full Control
    • System - Full Control



Note:

Oracle Database uses the Windows LocalSystem built-in security account. Therefore, file permissions must be granted to the System account of the local computer running Oracle Database.


See Also:

Your operating system online help for more information about how to modify NTFS file system and registry settings

4.3.3 Setting Windows Registry Security

Oracle recommends that you remove write permissions from users who are not Oracle Database DBAs or system administrators in HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE of the Windows registry.

To remove write permissions:

  1. Open the registry.

  2. Go to HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE.

  3. Select Permissions from the Security main menu.

    The Registry Key Permissions dialog appears.

  4. Remove write permissions from any users who are not Oracle Database DBAs or system administrators. Note that the SYSTEM account must have Full Control, since this is the account with which Oracle Database runs.

  5. Ensure that user accounts that must run Oracle applications have read privileges.

  6. Choose OK.

  7. Exit the registry.

4.4 Configuring External Job Support for the Scheduler on Windows

This release includes a new database scheduler to provide enterprise scheduling functionality. External jobs performed by the user are started using the OracleJobScheduler service. This service is disabled by default. In order to use the external jobs functionality, the administrator must set the username and password for the user account under which this service must run and enable the service.

Restricting execution of external jobs to a low-privileged user prevents unauthorized database users from gaining operating system level privileges, but it also places restrictions on the kinds of jobs that can be run. Jobs requiring a higher level of operating system privileges cannot be run by this mechanism.

4.5 Oracle interMedia on Windows

Performance related components of Oracle interMedia are now packaged on the Companion CD. Although interMedia functions properly without the Companion CD, the following components must be installed from the Companion CD in order to achieve acceptable performance of image processing:

Oracle interMedia includes the following components.

Client

Oracle interMedia Client provides an Oracle Database interMedia Audio, Image, and Video Java interface that lets you use local (client-side) applications to manipulate or modify multimedia data stored in a network-accessible (server-side) database. To use the Java library, set environment variable CLASSPATH so that it contains the Oracle interMedia library.

Client also provides a simple interMedia Image sample (SimpImg.exe) that was developed using Microsoft Visual C++. SimpImg.exe locates and updates images, using interMedia Image in Oracle Database.

Audio

Oracle interMedia Audio manages audio data in multiple file formats in Oracle Database. Types of audio data supported include conversations, songs, and other sounds in popular audio file formats. This makes it possible to integrate audio data with other application-specific object-relational data.

Video

Oracle interMedia Video manages video data in multiple video file formats. This makes it possible to integrate video data with other application-specific object-relational data.

Image

Oracle interMedia Image provides image storage, retrieval, and format conversion capabilities through an object data type (ODT). It also supports image storage, using Binary Large Objects (BLOBs), and references to image data residing in external files (BFILEs).

The Image component of Oracle interMedia also comes with a sample demonstration that shows how an image is extracted from Oracle Database.

Locator

Oracle interMedia Locator enables Oracle Database to support online internet-based geocoding facilities for locator applications and proximity queries.

4.5.1 Upgrading Oracle interMedia from an Earlier Release

If you upgrade from an earlier Oracle release to the current release, Oracle interMedia will be upgraded automatically if it is detected. If for some reason you want to upgrade interMedia manually, follow this procedure:

  1. Upgrade the database.

  2. Start SQL*Plus:

    C:\> sqlplus /NOLOG
    
    
  3. Connect to Oracle Database with account SYSDBA:

    SQL> CONNECT / AS SYSDBA
    
    
  4. Run script imdbma.sql:

    SQL> @ORACLE_BASE\ORACLE_HOME\ord\im\admin\imdbma.sql
    
    
  5. If the script displays NOT_INSTALLED, then no prior release of Oracle interMedia was installed on your computer. You must install rather than upgrade Oracle interMedia.

  6. If the script displays INSTALLED, then the current Oracle interMedia release is already installed on your computer.

  7. If the script displays u0nnnnn0.sql, then Oracle interMedia release nnnnn is currently installed. For example, u0800060.sql means that Oracle Image Cartridge release 8.0.6.0.0 is currently installed.

  8. Upgrade Oracle interMedia common files:

    SQL> @ORACLE_BASE\ORACLE_HOME\ord\admin\u0nnnnn0.sql
    
    
  9. Upgrade Oracle interMedia:

    SQL> @ORACLE_BASE\ORACLE_HOME\ord\im\admin\u0nnnnn0.sql
    
    
  10. Verify the upgrade:

    SQL> CONNECT / AS ORDSYS
    SQL> @ORACLE_BASE\ORACLE_HOME\ord\im\admin\imchk.sql
    
    

4.5.2 Configuring Oracle interMedia Audio, Video, Image, and Locator

If you install Enterprise Edition, then Database Configuration Assistant starts automatically at the end of installation. If you choose any Database Configuration Assistant installation type other than Customized, then interMedia does not require manual configuration. All tasks described in this section are performed automatically.

If you select Customized installation, then Database Configuration Assistant will guide you through configuration of Oracle interMedia.

If you are creating and configuring a database manually, then you can configure Oracle interMedia Audio, Video, Image, and Locator as follows:

  1. Start SQL*Plus:

    C:\> sqlplus /NOLOG
    
    
  2. Connect to Oracle Database with account SYSDBA:

    SQL> CONNECT / AS SYSDBA
    
    
  3. Start the database (if necessary):

    SQL> STARTUP
    
    
  4. Run script ordinst.sql:

    SQL> @ORACLE_BASE\ORACLE_HOME\ord\admin\ordinst.sql
    
    
  5. Run script iminst.sql:

    SQL> @ORACLE_BASE\ORACLE_HOME\ord\im\admin\iminst.sql
    
    
  6. Exit SQL*Plus:

    SQL> EXIT
    
    

    Note:

    If you manually copy your Oracle8i listener.ora and tnsnames.ora files into your Oracle Database network directory, then you must modify network configuration files tnsnames.ora and listener.ora on your server to enable external routine calls to work and interMedia to function properly. Follow the procedure in Oracle Database Net Services Administrator's Guide.

4.5.3 Configuring Oracle interMedia Demos

To configure Oracle interMedia Audio, Video, and Image demos, follow instructions in readme.txt files at locations shown in Table 4-2.

Table 4-2 interMedia Demo Instructions

Demo File Location

Audio

ORACLE_BASE\ORACLE_HOME\ord\aud\demo

Video

ORACLE_BASE\ORACLE_HOME\ord\vid\demo

Image

ORACLE_BASE\ORACLE_HOME\ord\img\demo



Note:

These readme.txt files contain UNIX line breaks. If you simply double-click them, they will open in Notepad by default, and Notepad does not recognize UNIX line breaks. Use write.exe or edit.com instead.

Directory \img\demo also contains demo_ordimg.mk, the makefile to make interMedia Image demos for a Microsoft C compiler. But before you can build and run the demonstration, you must first modify it to adapt it to your environment.

To configure Oracle interMedia Locator demonstrations, go to the following directory:

ORACLE_BASE\ORACLE_HOME\md\demo\geocoder

Sample data that can be loaded into Oracle Database is in nh_cs.sql. Examples that show use of Locator functionality are in geohttp.sql and geolocate.sql. Examples of data indexes created by using Locator are in geoindex.sql.

4.6 Configuring Oracle Text on Windows

Oracle Text enables text queries through SQL and PL/SQL from most Oracle interfaces. By installing Oracle Text with an Oracle Database server, client tools such as SQL*Plus and Pro*C/C++ are able to retrieve and manipulate text in Oracle Database.

Oracle Text manages textual data in concert with traditional data types in Oracle Database. When text is inserted, updated, or deleted, Oracle Text automatically manages the change.

Your Oracle Text postinstallation tasks depend on your situation.

If you install Oracle Text from the CD-ROM and have a previous release of Oracle Text (formerly called interMedia Text) already installed, then see Oracle Text Application Developer's Guide.

If you upgrade your database, then you may be required to configure Oracle Net for external procedures. Otherwise, Oracle Text may not work. In any case other than upgrade, Oracle Net will be configured correctly by default to work with Oracle Text. See Oracle Text Application Developer's Guide and Oracle Text Reference.

If you are indexing formatted documents such as Microsoft Word, then you must set your environment to use the Inso filter before you can index your documentation set. For more information on setting up your environment for Inso filtering, see Oracle Text Reference.


Note:

The Inso filter is not supported on Windows XP 64-bit Edition Version 2003 or Windows Server 2003 Datacenter Edition for 64-bit Itanium 2 Systems.

Finally, if you install Oracle Text from the CD-ROM and do not have a previous release of Oracle Text installed, then Oracle Database is already configured for use with Oracle Text if one of the following is true:

If none of these is true, then you must configure Oracle Database for use with Oracle Text by doing one of the following:

Configuring Oracle Text Using Database Configuration Assistant

To use Database Configuration Assistant to configure Oracle Database for use with Oracle Text at the time you create the database, simply select Oracle Text as the option to configure when prompted.

To configure the database at a later time:

  1. Start Database Configuration Assistant.

    Choose Start > Programs > Oracle - HOME_NAME > Configuration and Migration Tools > Database Configuration Assistant.

  2. Select Configure database options in a database.

  3. Select the database to modify when prompted.

  4. Select Oracle Text as the option to configure when prompted.

Configuring Oracle Text Using Command-Line Tools

Manually configuring Oracle Database for use with Oracle Text consists of creating a tablespace for Oracle Text data dictionary tables and then creating username ctxsys and Oracle Text data dictionary tables.

  1. Start SQL*Plus:

    C:\> sqlplus /NOLOG
    
    
  2. Connect to Oracle Database with account SYSDBA:

    SQL: CONNECT / AS SYSDBA
    
    
  3. Create a tablespace for Oracle Text data dictionary tables:

    SQL> CREATE TABLESPACE tablespace_name DATAFILE 'ORACLE_BASE\oradata\db_name\drsys01.dbf' SIZE 80m;
    
    
  4. Connect AS SYSDBA:

    SQL> CONNECT USERNAME/PASSWORD AS SYSDBA
    
    
  5. Run script dr0csys.sql to create username ctxsys:

    SQL> @ORACLE_BASE\ORACLE_HOME\ctx\admin\dr0csys.sql password default_tablespace_name temporary_tablespace_name;
    
    

    where:

    • password is the password that you intend to use for username ctxsys.

    • default_tablespace_name is the default tablespace for Oracle Text data dictionary tables. Set the default tablespace to the value of tablespace_name in step 3.

    • temporary_tablespace_name is the temporary tablespace for Oracle Text data dictionary tables. Set the temporary tablespace to the value of tablespace_name in step 3.

  6. Connect as ctxsys:

    SQL> CONNECT ctxsys/password
    
    
  7. Run script dr0inst.sql to create and populate Oracle Text data dictionary tables:

    SQL> @ORACLE_BASE\ORACLE_HOME\bin\dr0inst.sql;
    
    
  8. Run the language-specific default script, where xx is the language code (for example, us):

    SQL> @ORACLE_BASE\ORACLE_HOME\ctx\admin\defaults\drdefxx.sql;
    
    
  9. Exit SQL*Plus:

    SQL> EXIT
    

4.7 Configuring Oracle Spatial on Windows

Oracle Spatial makes storage, retrieval, and manipulation of spatial data easier and more intuitive to users.

One example of spatial data is a road map. A road map is a two-dimensional object that contains points, lines, and polygons representing cities, roads, and political boundaries such as states. A road map represents geographic information. Locations of cities, roads, and political boundaries are projected onto a two-dimensional display or piece of paper, preserving relative positions and relative distances of objects.

If you install Oracle Spatial through Enterprise Edition, then no manual configuration is required. All Oracle Spatial configuration tasks are performed automatically.

If you install both Oracle Spatial and Oracle Database together through Enterprise Edition or Standard Edition Custom installation, then Database Configuration Assistant starts automatically at the end of installation. If you choose Custom installation and select Create new database, then the assistant asks if Oracle Spatial is to be configured automatically.

If you install Oracle Spatial during a separate installation from Enterprise Edition, then you must either start Database Configuration Assistant and select Configure database options in a database or configure Oracle Spatial manually.

To configure Oracle Spatial manually:

  1. Start SQL*Plus at the command prompt:

    C:\> sqlplus /NOLOG
    
    
  2. Connect to Oracle Database with account SYSDBA:

    SQL> CONNECT / AS SYSDBA
    
    
  3. Start the database (if necessary):

    SQL> STARTUP
    
    
  4. Run script ordinst.sql:

    SQL> @ORACLE_BASE\ORACLE_HOME\ord\admin\ordinst.sql
    
    
  5. Connect to the database as user SYSTEM:

    SQL> CONNECT SYSTEM/password
    
    
  6. Run script mdinst.sql:

    SQL> @ORACLE_BASE\ORACLE_HOME\md\admin\mdinst.sql
    
    
  7. Exit SQL*Plus:

    SQL> EXIT
    

    Note:

    Script mdinst.sql has a variable %MD_SYS_PASSWORD% that Oracle Universal Installer will instantiate at installation time. Therefore, if you have changed the mdsys user's password, then be sure during a manual installation to remember also to update script mdinst.sql with that password.

4.8 Configuring Advanced Replication on Windows

Oracle Database installs replication packages and procedures automatically rather than as a separate manual process. There are many configuration and usage possibilities with Advanced Replication.

This section describes how to manually configure Advanced Replication in Oracle Database. Follow the instructions only if you add Advanced Replication to an installation of Oracle Database that was not previously configured with this feature.


See Also:

Oracle Database Advanced Replication for more information about Advanced Replication and for definitions of master sites and materialized view sites

Configuring Advanced Replication consists of the following steps:

4.8.1 Checking Tablespace and Rollback Segment Requirements

Recommended tablespace and rollback segment requirements for Advanced Replication are shown in Table 4-3.

Table 4-3 Advanced Replication Tablespace/Rollback Segment Requirements

Tablespace/Rollback Segment Minimum Free Space

SYSTEMFoot 1 

20 MB

UNDO TABLESPACE

10 MB

RBS

5 MB

TEMP

10 MB

USERS

No specific requirement


Footnote 1 Replication triggers and procedures are stored here.

4.8.2 Adding and Modifying Initialization Parameters

If you use Advanced Replication, then certain parameter values must be added to the initialization parameter file, and others must be set to recommended values. Parameter names and values for the master site and materialized view sites are shown in Table 4-4.

Table 4-4 Advanced Replication Initialization Parameters

Parameter Name Recommended Value Site

JAVA_POOL_SIZE

50 MB

master

DISTRIBUTED_LOCK_TIMEOUT

300 seconds

master

GLOBAL_NAMES

TRUE

master

OPEN_LINKS

4

master

PROCESSES

Add 9 to current value

master

JOB_QUEUE-PROCESSES

2Foot 1 

master

JOB_QUEUE_PROCESSES

2

materialized view


Footnote 1 Depends on number of n-way sites.

4.8.3 Monitoring Data Dictionary Tables

If you use Advanced Replication and intend to set up a large number of replicated objects, then you are required to monitor the following data dictionary tables with the SQL SELECT command:

  • ARGUMENT$

  • IDL_CHAR$

  • IDL_UB1$

  • IDL_UB2$

  • IDL_SB4$

  • I_ARGUMENT1

  • I_SOURCE1I$

  • SOURCE$

  • TRIGGER

If necessary, increase storage parameters to accommodate storage requirements of large numbers of replicated objects.