环境说明:
1.平时DG库处在mount恢复模式下,并且日志传输正常
2.主备库的sys用户被锁定(安全要求)
3.主备库上的密码文件一致的
当我们切换到snapshot模式,或者ADG模式下时,主库报错:
Tue Jul 10 22:15:50 2007
Error 1017 received logging on to the standby
------------------------------------------------------------
Check that the primary and standby are using a password file
and remote_login_passwordfile is set to SHARED or EXCLUSIVE,
and that the SYS password is same in the password files.
returning error ORA-16191
------------------------------------------------------------
Tue Jul 10 22:15:50 2007
Errors in file /u01/oracle/admin/primary/bdump/primary_arc1_3338.trc:
ORA-16191: Primary log shipping client not logged on standby
PING[ARC1]: Heartbeat failed to connect to standby 'standby'. Error is 16191.
这是个非常常见的错误,网上大部分的解答都是说由于主备上的密码文件不一致导致的。然而我的当前环境的密码文件都是从主库copy的,并且也从未修改过sys密码。另外在传统mount模式下能正常传输也说明密码文件没问题。
于是尝试着将主备库sys用户解锁,此时在snapshot模式下竟然能成功进行日志传输。上述的报错也未出现。百思不得其解。
考虑到10G及以前都只能在mount模式下恢复,到了11G时才出现了ADG模式,snapshot模式,所以想到可能日志传输的认证方式有了改变。于是去官方文档查看10G,11G的Redo Transport Authentication部分。
如下是10G部分:
Providing for Secure Redo Data Transmission
Data Guard provides a secure environment and prevents the possible tampering of redo data as it is being transferred to the standby database.
Redo transport services use authenticated network sessions to transfer redo data. These sessions are authenticated using the SYS user password contained in the password file. All databases in the Data Guard configuration must use a password file, and the SYS password contained in this password file must be identical on all systems. This authentication can be performed even if Oracle Advanced Security is not installed, and provides some level of security when shipping redo.
如下是11G部分:
Redo Transport Authentication Using a Password File
If the SSL authentication requirements are not met, each database must use a remote login password file. In a Data Guard configuration, all physical and snapshot standby databases must use a copy of the password file from the primary database, and that copy must be refreshed whenever theSYSOPER or SYSDBA privilege is granted or revoked, and after the password of any user with these privileges is changed.
When a password file is used for redo transport authentication, the password of the user account used for redo transport authentication is compared between the database initiating a redo transport session and the target database. The password must be the same at both databases to create a redo transport session.
By default, the password of the SYS user is used to authenticate redo transport sessions when a password file is used. The REDO_TRANSPORT_USERdatabase initialization parameter can be used to select a different user password for redo transport authentication by setting this parameter to the name of any user who has been granted the SYSOPER privilege. For administrative ease, Oracle recommends that the REDO_TRANSPORT_USERparameter be set to the same value on the redo source database and at each redo transport destination.
大致意思都差不多,但是为提到用户状态的问题。不过值得注意的是,11g后新增了REDO_TRANSPORT_USER参数,该参数可以指定非sys用户(具有SYSOPER权限)来进行日志传输认证,而10G及之前只能用SYS用户来验证。(这样就既能满足安全要求sys用户锁定,也能实现功能snapshot以及ADG)
最终猜想:在传统的mount恢复模式下,只需要密码文件里记录的密码一致就可以通过验证,而无需考虑用户的是否被锁定。
而在snapshot模式或者ADG模式下,可能因为此时数据库是open状态,所以可能即需要验证密码文件一致,也需要用户是open状态,而不能是lock状态。
(能力有限,暂时找不到依据证明上面猜想;或者是有其他原因,欢迎大佬指点)
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
