Author: heemasatapathy

• Resource: A cloud object that a company’s employees create and use when interacting with OCI services, for example, compute instances, block storage volumes, virtual cloud networks (VCNs), subnets, and route tables. Each resource is assigned with a unique, Oracle assigned identifier called Oracle Cloud ID (OCID)
• Policy: A set of authorization rules that define access to resources within a tenancy.
• Compartment: A heterogeneous collection of resources for the purposes of security isolation and access control.
• Tenancy: The root compartment that contains all of an organization’s resources. Within a tenancy, administrators can create one or more compartments, create more users and groups, and assign policies that grant groups the ability to use resources within a compartment.
• User: A human being or system that needs access to manage their resources. Users must be added to groups in order to access resources. Users have one or more credentials that must be used to authenticate to Oracle Cloud Infrastructure services. Federated users are also supported.
• Group: A collection of users who share a similar set of access privileges. Administrators can grant access policies that authorize a group to consume or manage resources within a tenancy. All users in a group inherit the same set of privileges.
• Identity Provider: A trusted relationship with a federated identity provider. Federated users who attempt to authenticate to the Oracle Cloud Infrastructure console are redirected to the configured identity provider. After successfully authenticating, federated users can manage Oracle Cloud Infrastructure resources in the console just like a native IAM user. Currently, Oracle Cloud Infrastructure supports the SAML-2 compliant Oracle Identity Cloud Service (IDCS) and Microsoft Active Directory Federation Service (ADFS) as identity providers. Federated groups are mapped to native IAM groups to define the policies apply to a federated user.

Oracle Cloud Infrastructure has implemented one of its kind: Off-box network virtualization. As the name suggests, it pulls out the network and IO virtualization out of the software stack and puts it in the network. Basically you can have physical, dedicated hosts with no hypervisor overhead, noisy neighbours or shared resources with a full software-defined layer 3 network topology. You can enjoy the benefit of running bare metal hosts side-by-side with any class of systems like Virtual Machines(VMs) to Engineered Systems such as Exadata sharing the same set of APIs – meaning you can enjoy best of both worlds where benefitting from Exadata hardware(Infiniti Band) and software(smart scan, flash cache, columnar compression) features for your application along with cloud native security and governance capabilities of a layer 3 virtual cloud network.

The major benefits of Off-box network virtualisation is increase of network performance and higher level of security by providing isolation hence in case of any unforeseen attacks it affects single virtual network without touching other virtual networks.

Connect to production server and source the DB home.

1. Export the NLS date format in PROD

export NLS_DATE_FORMAT=’YYYY-MM-DD HH24:MI:SS’

2. Connect to production database(PROD)

rman target /

list backup of controlfile;

Pick the time of the latest controlfile time.

Sample Output:

RMAN> list backup of controlfile;

From the above output it helps to determine the control file which need to be copied over to DEV/TEST server.

3. To determine the point in time recover run the archive log backup command.

Please use the below command on PROD to retrieve that and the latest time stamp from Next Time column of the last archive log present in the backup being used.

RMAN> list backup of archivelog all;

Step 4: connect to RMAN (Target Environment)

Sample clone:

rman auxiliary / log=/u01/backups/RMAN/rman_instance_rec.log

DUPLICATE DATABASE TO DEV

UNTIL TIME “TO_DATE(’31-JAN-2014 00:00:28′,’DD-MON-YYYY HH24:MI:SS’)”

BACKUP LOCATION ‘/u01/backups/RMAN/PROD’

nofilenamecheck

;

Note: Following command automatically restore, recover, open database and also recreate the TEMP tablespace.

Error Message:

channel ORA_AUX_DISK_4: SID=626 device type=DISK

RMAN-00571: ===========================================================

RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============

RMAN-00571: ===========================================================

RMAN-03002: failure of Duplicate Db command at 09/06/2012 17:50:45

RMAN-05501: aborting duplication of target database

RMAN-06617: UNTIL TIME (06-SEP-12) is ahead of last NEXT TIME in archived logs (06-SEP-12)

RMAN> exit

If we run into issue in providing the point in time recovery, try to readjust the value to next lower sequence number from the archive log list and match it to that respective timing.

Error Fix: How to find the exact time to mention.

Description:

The below command will simulate the restore process from available backup. It won’t touch the data file

RMAN> Restore database PREVIEW;

PREVIEW tells about

1. At which SCN media recovery will start

2. AT which SCN recovery required to clear the datafile fuzziness.

3. What all archivelogs are required to clear this fuzziness.

4. Also it reports the missing archivelogs under backup.

Based on scn you can find until which archive log is required and based on SCN you can find the time of recover

1. Remove all entrees for TRACE_ from the client SQLNET.ORA

2. Place the below in the Client SQLNET.ORA making sure you change the file path for TRACE_DIRECTORY_CLIENT= to a location your user can write too.

TRACE_UNIQUE_CLIENT = ON
TRACE_LEVEL_CLIENT=16
TRACE_TIMESTAMP_CLIENT=TRUE
TRACE_DIRECTORY_CLIENT=/home/oracle/client_trace
TRACE_FILE_CLIENT=CL.trc
DIAG_ADR_ENABLED=OFF #<===Use this only for 11g and newer clients

3. Make sure to turn on SERVER side TRACE here on the Database side, Making sure you change the file path for TRACE_DIRECTORY_SERVER= to a location your user can write too.
Place the below in the Server side sqlnet.ora

TRACE_UNIQUE_SERVER = ON
TRACE_LEVEL_SERVER=16
TRACE_TIMESTAMP_SERVER=TRUE
TRACE_DIRECTORY_SERVER=/Path here/
TRACE_FILE_SERVER=SR.trc
DIAG_ADR_ENABLED=OFF #<===Use this only for 11g and newer clients

4. Review the DOC how to ID matching client to server trace and extract the trace files outlined (Only for concerned clients having the issue).

How to Match Oracle Net Client and Server Trace Files ( Doc ID 374116.1)