Database Vault is an additional option on the Oracle database that allows management of sensitive data to be performed by a data manager that is separate and distinct from the database administrator role. It allows the DBA to perform database maintenance tasks without ever having rights to view sensitive data. The option is critical where privacy of data is required for PII or PHI requirements.
Some scripts and products that are designed to run on Oracle will require the database vault to be disabled.
To enable and disable database vault follow the commands below:
After installing Oracle 11gR2 Enterprise Edition with Database Vault option :
Checking if Oracle Database Vault is enabled
select * from v$option where parameter = 'Oracle Database Vault';
PARAMETER VALUE
----------------------------- -----------------------
Oracle Database Vault FALSE
emctl stop dbconsole
Shut down the database instance.
For single-instance installations:
sqlplus sys as sysoper
Enter password: password
SHUTDOWN NORMAL
EXIT
For Oracle RAC installations:
srvctl stop database -d db_name
cd $ORACLE_HOME/rdbms/lib
make -f ins_rdbms.mk dv_on ioracle
For Oracle RAC installations, run these commands on all nodes.
sqlplus sys as sysoper
Enter password: password
STARTUP
EXIT
select * from v$option where parameter = 'Oracle Database Vault';
PARAMETER VALUE
----------------------------- -----------------------
Oracle Database Vault FALSE
Then run dbca and configure the database This will add the db owner and db admin accounts.
Then log in to EM as dbowner.
To disable audit vault so you avoid insufficient privilege errors when running RCU for OBIEE or other middleware components do -
emctl stop dbconsole
sqlplus sys as sysoper
SHUTDOWN NORMAL
EXIT
cd $ORACLE_HOME/rdbms/lib
make -f ins_rdbms.mk dv_off ioracle
sqlplus sys as sysoper
STARTUP
No comments:
Post a Comment