I set up 2 new databases and I couldn't logon as sysdba without providing the password. I was trying:
sqlplus "/as sysdba"
It gave me this:
ORA-01031: insufficient privileges
Instead I had to do this:
sqlplus sys/password as sysdba
This problem was also preventing "rman" from working as it should.
Here's a full description of the error:
ORA-01031: insufficient privileges
Connect Internal has been issued
with no password. For local connections the user is NOT in the DBA group
as compiled into the 'oracle' executable.
For remote connections you must always supply a
password.
This error can also
occur after a successful connect internal/password
if there REMOTE_LOGIN_PASSWORDFILE is either unset or set to NONE
in
the init.ora file.
The problem that I was having turned out to be related to the fact that the wrong OSDBA group got compiled into the Oracle software.
I found the following instructions on the Oracle Metalink website and the described process fixed my problems.
OSDBA & OSOPER Groups on Unix/Linux
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The 'OSDBA' and 'OSOPER' groups are chosen at installation time and usually both default to the group 'dba'. These groups are compiled into the 'oracle' executable and so are the same for all databases running from a given ORACLE_HOME directory.The actual groups being used for OSDBA and OSOPER can be checked thus:
cd $ORACLE_HOME/rdbms/lib
cat config.[cs]
The line '#define SS_DBA_GRP "group"' should name the chosen OSDBA group.
The line '#define SS_OPER_GRP "group"' should name the chosen OSOPER group.
If you wish to change the OSDBA or OSOPER groups this file needs to be modifiedeither directly or using the installer. Eg: For an OSDBA group of 'mygroup' If your platform has config.c (this is the case for HP-UX, Compaq Tru64 Unixware and Linux):
Change: #define SS_DBA_GRP "dba"
to: #define SS_DBA_GRP "mygroup"
If your platform has config.s:
Due to the way different compilers under different architectures generate assembler code, it's not possible to give a universal rule. Here are some examples:
Sun SPARC Solaris:
------------------
Change both ocurrences of
.ascii "dba\0" to .ascii "mygroup\0"
IBM AIX/Intel Solaris:
----------------------
Change both ocurrences of
.string "dba" to .string "mygroup"
To effect any changes to the groups and to be sure you are using the groupsdefined in this file relink the Oracle executable.Be sure to shutdown all databases before relinking:
Eg: mv config.o config.o.orig
make -f ins_rdbms.mk ioracle
(Note config.o will be re-created by make because of dependencies automatically)
For a group to be accepted by Oracle as the OSDBA or OSOPER group it must:
- Be compiled into the Oracle executable
- The group name must exist in /etc/group (or in 'ypcat group' if NIS is being used)
- It CANNOT be the group called 'daemon'
Note: The commands above are examples and may vary between platforms.
Note: Some Oracle documentation refers to the ability to define OSDBA and OSOPER roles using group names of the form 'ORA_sid_OSDBA'. This functionality has not been implemented on Unix.
+++
I'll see you further on up the road.
Jim
No comments:
Post a Comment