Académique Documents
Professionnel Documents
Culture Documents
Document Control
Change Record Date Author Version Change Reference
1
Slide 3
General Information
This document contains the course notes for Oracle Database Administration L1
Scope
- The scope of the training will cover areas of Oracle Database Administration as needed by a
DBA of L1 level.
Training Prerequisites
- None
Conventions
(N) Navigation
(B) Button
(M) Menu
(T) Tab
Notes
- Please refer to the notes attached to the slides for detailed explanation and for Navigations
2
Slide 4
Course Objectives
Understanding Database Security
Managing Database Objects including indexes, tables,
clusters, and partitions, Managing Users, Resources,
Privileges and Roles
Understanding Oracle Network configuration
Understanding various Oracle Utilities like Exp/Imp,
DataPump, LogMiner, SQL Loader, and Dbverify
Using the Database Resource Manager
Detecting and Repairing Data Block Corruption
Oracle DB Performance Monitoring and analysis
3
Slide 5
5
Slide 7
Understanding of basic
administration tasks
6
Slide 8
Instructor Notes
Explain all the basic database administrative tasks given in the subsequent slides.
Slide 9
8
Slide 10
9
Slide 11
10
Slide 12
11
Slide 13
Understanding Oracle DB
Architecture
12
Slide 14
Objectives
13
Objectives
This lesson introduces the Oracle server architecture by examining the physical, memory,
process, and logical structures involved in establishing a database connection, creating a
session, and executing SQL commands.
Slide 15
Instance
User
process Shared Pool SGA
Redo Log
Library Database Buffer
Cache Buffer Cache
Streams Pool
Server Data Dictionary
process Cache Java Pool Large Pool
PGA
PMON SMON DBWR LGWR CKPT Others
14
An Oracle Instance
Every time a database is started, a system global area (SGA) is allocated and Oracle
background processes are started. The system global area is an area of memory used for
database information shared by the database users. The combination of the background
processes and memory buffers is called an Oracle instance.
Slide 16
Oracle Instance
An Oracle Instance:
Is a means to access an Oracle database
Always opens one and only one database
Consists of memory and background process structures
Instance
Shared Pool SGA
Memory
Library Redo Log
Cache
Database structures
Buffer Cache Buffer
Data Dictionary
Cache Java Pool Large Pool
15
Oracle Instance
An Oracle Instance consists of the System Global Area (SGA) memory structure and the
background processes used to manage a database. An instance is identified by using methods
specific to each operating system. The instance can open and use only one database at a time.
Slide 17
Connection Server
process
established Session created
Database user
16
Connection:
A connection is a communication pathway between a user process and an Oracle server. A
database user can connect to an Oracle server in one of three ways:
The user logs on to the operating system running the Oracle Instance and starts an
application or tool that accesses the database on that system. The communication
pathway is established using the interprocess communication mechanisms available on
the host operating system.
Slide 18
Oracle Database
An Oracle database:
Is a collection of data that is treated as a unit
Consists of three file types
Oracle Database
Redo
Parameter Datafiles Control Log
Archived
files files
file Log files
Password
file
17
Oracle Database
The general purpose of a database is to store and retrieve related information. An Oracle
database has a logical and a physical structure. The physical structure of the database is the set
of operating system files in the database. An Oracle database consists of three file types.
Datafiles containing the actual data in the database
Redo log files containing a record of changes made to the database to enable recovery of the
data in case of failures
Control files containing information necessary to maintain and verify database integrity
Physical Structure
The physical structure includes three types of files:
Control files
Datafiles
Redo log files
Header
Control
files
Datafiles
(includes
Online
Data
Redo Log
Dictionary)
files
18
Memory Structure
19
Slide 21
20
21
The components (Database Buffer Cache and Shared Pool) are allowed to grow and shrink
based on granule boundaries. For each component which owns granules, the number of
granules allocated to the component, any pending operations against the component (for
example, allocation of granules through ALTER SYSTEM, freeing of granules through ALTER
SYSTEM, corresponding self-tuning), and target size in granules will be tracked and displayed
by the V$BUFFER_POOL view. At instance startup, the Oracle server allocates granule
entries, one for each granule to support SGA_MAX_SIZE bytes of address space. As startup
continues, each component acquires as many granules as it requires. The minimum SGA
configuration is three granules (one granule for fixed SGA [includes redo buffers]; one granule
for Database Buffer Cache; one granule for Shared Pool).
Slide 23
Shared Pool
Used to store:
Most recently executed SQL statements
Most recently used data definitions
It consists of two key performance-related memory
structures:
Library Cache
Data Dictionary Cache
Sized by the parameter
SHARED_POOL_SIZE
Shared Pool
Library
Cache
Data
ALTER SYSTEM SET Dictionary
SHARED_POOL_SIZE = 64M; Cache
22
Shared Pool
The Shared Pool environment contains both fixed and variable structures. The fixed structures
remain relatively the same size, whereas the variable structures grow and shrink based on user
and program requirements. The actual sizing for the fixed and variable structures is based on an
initialization parameter and the work of an Oracle internal algorithm.
Library Cache
Stores information about the most recently used SQL and PL/SQL
statements
Enables the sharing of commonly used statements
Is managed by a least recently used (LRU) algorithm
Consists of two structures:
Shared SQL area
Shared PL/SQL area
Size determined by the Shared Pool sizing
23
Library Cache
The Library Cache size is based on the sizing defined for the Shared Pool. Memory is allocated
when a statement is parsed or a program unit is called. If the size of the Shared Pool is too
small, statements are continually reloaded into the Library Cache, which affects performance.
The Library Cache is managed by an LRU algorithm. As the cache fills, less recently used
execution paths and parse trees are removed from the Library Cache to make room for the new
entries. If the SQL or PL/SQL statements are not reused, they eventually are aged out.
Shared PL/SQL: The Shared PL/SQL area stores and shares the most recently executed
PL/SQL statements. Parsed and compiled program units and procedures (functions,
packages, and triggers) are stored in this area.
Slide 25
24
Database Buffer
Cache
25
26
Redo Log
Buffer
27
Large Pool
28
Large Pool
By allocating session memory from the Large Pool for Shared Server, Oracle XA, or parallel
query buffers, Oracle can use the Shared Pool primarily for caching Shared SQL statements.
Thus relieving the burden on areas within the Shared Pool. The Shared Pool does not have to
give up memory for caching SQL parse trees in favor of Shared Server session information,
I/O, and backup and recover processes. The performance gain is from the reduction of
overhead from increasing and shrinkage of the shared SQL cache.
Parallel execution:
The Large Pool is used if PARALLEL_AUTOMATIC_TUNING is set to TRUE, otherwise,
these buffers are allocated to the Shared Pool.
Slide 30
Java Pool
29
Java Pool
The Java Pool is an optional setting but is required if installing and using Java. Its size is set, in
bytes, using the JAVA_POOL_SIZE parameter. In Oracle9i, the default size of the Java Pool is
24 MB.
Slide 31
30
Slide 32
31
Contents of PGA:
The contents of the PGA memory varies, depending whether the instance is running in a
Dedicated Server or Shared Server configuration. Generally the PGA memory includes these
components:
Private SQL area: Contains data such as bind information and runtime memory structures.
Each session that issues a SQL statement has a private SQL area. Each user that submits
the same SQL statement has his or her own private SQL area that uses a single shared
SQL area. Thus, many private SQL areas can be associated with the same shared SQL
area. The private SQL area of a cursor is divided into two areas:
Persistent area: Contains bind information, and is freed only when the cursor is closed
Run-time area: Created as the first step of an execute request. For INSERT, UPDATE,
and DELETE commands, this area is freed after the statement has been executed.
For queries, this area is freed only after all rows are fetched or the query is
canceled.
Slide 33
Process Structure
Oracle takes advantage of various types of processes:
User process: Started at the time a database user requests
connection to the Oracle server
Server process: Connects to the Oracle Instance and is started
when a user establishes a session
Background processes: Started when an Oracle Instance is
started
32
Slide 34
User Process
A program that requests interaction with the Oracle server
Must first establish a connection
Does not interact directly with the Oracle server
Server
process
User
process
Connection
established
Database user
33
Server Process
A program that directly interacts with the Oracle server
Fulfills calls generated and returns results
Can be Dedicated or Shared Server
Server
Connection process
established Session created
User Oracle server
process
Database user
34
Server Process
Once a user has established a connection, a server process is started to handle the user
processes requests. A server process can be either a Dedicated Server process or a Shared
Server process. In a Dedicated Server environment, the server process handles the request of a
single user process. Once a user process disconnects, the server process is terminated. In a
Shared Server environment, the server process handles the request of several user processes.
The server process communicates with the Oracle server using the Oracle Program Interface
(OPI).
Slide 36
Background Processes
35
Background Processes
The Oracle architecture has five mandatory background processes that are discussed further in
this lesson. In addition to the mandatory list, Oracle has many optional background process
that are started when their option is being used. These optional processes are not within the
scope of this course, with the exception of the background process, ARCn. Following is a list
of some optional background processes:
RECO: Recoverer
QMNn: Advanced Queuing
ARCn: Archiver
LCKn: RAC Lock ManagerInstance Locks
LMON: RAC DLM MonitorGlobal Locks
LMDn: RAC DLM MonitorRemote Locks
CJQ0: Coordinator Job Queue background process
Dnnn: Dispatcher
Snnn: Shared Server
Pnnn: Parallel Query Slaves
Slide 37
Instance
DBWn writes when:
Checkpoint occurs
SGA
Dirty buffers reach threshold
Database
Buffer There are no free buffers
Cache Timeout occurs
RAC ping request is made
Tablespace OFFLINE
DBWn
Tablespace READ ONLY
Table DROP or TRUNCATE
Tablespace BEGIN BACKUP
Redo
Datafiles Control Log
files files
Database
36
Instance
SGA LGWR writes:
Redo Log
At commit
Buffer
When one-third full
When there is 1 MB
DBWn LGWR of redo
Every three seconds
Before DBWn writes
Redo
Datafiles Control Log
files files
Database
37
Database
38
1. Rolling forward to recover data that has not been recorded in the datafiles but that has
been recorded in the online redo log. This data has not been written to disk because of the
loss of the SGA during instance failure. During this process, SMON reads the redo log
files and applies the changes recorded in the redo log to the data blocks. Because all
committed transactions have been written to the redo logs, this process completely
recovers these transactions.
2. Opening the database so that users can log on. Any data that is not locked by unrecovered
transactions is immediately available.
3. Rolling back uncommitted transactions. They are rolled back by SMON or by the
individual server processes as they access locked data.
SMON also performs some space maintenance functions:
It combines, or coalesces, adjacent areas of free space in the datafiles.
It deallocates temporary segments to return them as free space in datafiles.
Slide 40
PGA area
39
40
41
Checkpoint (CKPT)
Redo
Datafiles Control Log
files files
Database
42
Checkpoint (CKPT)
Every three seconds the CKPT process stores data in the control file to identify that place in the
redo log file where recovery is to begin, this being called a checkpoint. The purpose of a
checkpoint is to ensure that all of the buffers in the Database Buffer Cache that were modified
prior to a point in time have been written to the datafiles. This point in time (called the
checkpoint position) is where database recovery is to begin in the event of an instance failure.
DBWn will already have written all of the buffers in the Database Buffer Cache that were
modified prior to that point in time. Prior to Oracle9i, this was done at the end of the redo log.
In the event of a log switch CKPT also writes this checkpoint information to the headers of the
datafiles.
Checkpoints are initiated for the following reasons:
To ensure that modified data blocks in memory are written to disk regularly so that data is
not lost in case of a system or database failure
To reduce the time required for instance recovery. Only the redo log entries following the
last checkpoint need to be processed for recovery to occur
To ensure that all committed data has been written to the datafiles during shutdown
Checkpoint information written by CKPT includes checkpoint position, system change
number, location in the redo log to begin recovery, information about logs, and so on.
Slide 44
Archiver (ARCn)
Redo ARCn
Datafiles Control Log Archived
files files Redo Log
files
43
Archiver (ARCn)
All other background processes are optional, depending on the configuration of the database;
however, one of them, ARCn, is crucial to recovering a database after the loss of a disk. As
online redo log files get filled, the Oracle server begins writing to the next online redo log file.
The process of switching from one redo log to another is called a log switch. The ARCn
process initiates backing up, or archiving, of the filled log group at every log switch. It
automatically archives the online redo log before the log can be reused, so that all of the
changes made to the database are preserved. This enables the DBA to recover the database to
the point of failure even if a disk drive is damaged.
Archiving redo log files:
One of the important decisions that a DBA has to make is whether to configure the database to
operate in ARCHIVELOG or in NOARCHIVELOG mode.
NOARCHIVELOG mode: In NOARCHIVELOG mode, the online redo log files are
overwritten each time a log switch occurs. LGWR does not overwrite a redo log group until the
checkpoint for that group is complete. This ensures that committed data can be recovered if
there is an instance crash. During the instance crash, only the SGA is lost. There is no loss of
disks, only memory. For example, an operating system crash causes an instance crash.
Slide 45
Summary
44
Slide 46
Creating a Database
Slide 47
Objectives
46
Slide 48
47
Creating your database is a task that prepares several operating system files and is needed only
once no matter how many datafiles the database will use.
During migration from an older version of Oracle, database creation is necessary only if an
entirely new database is needed. Otherwise you can use a migration utility. The Oracle Data
Migration Assistant is a tool designed to assist you in migrating your current database system.
Slide 49
48
Software Files
oracle_base
oradata/
/product db01/
/release_number system01.dbf
/bin control01.ctl
/dbs redo0101.log
/rdbms ...
/sqlplus
db02/
system01.dbf
/admin
control01.ctl
/inst_name redo0101.log
...
/pfile
49
Creation Prerequisites
50
Creation Prerequisites
SYSDBA privileges are required to create a database. These are granted either using operating
system authentication or password file authentication.
Before you create the database, make sure that the memory for the SGA, the Oracle executable,
and the processes is sufficient. Refer to your operating system installation and administration
guides.
Calculate the necessary disk space for the database, including online redo log files, control
files, and datafiles.
Slide 52
Yes Yes
Do you Do you want
to use OS Use OS
have a secure
authentication? authentication
connection?
No No
Use a
password file
51
Set REMOTE_LOGIN_PASSWORDFILE=EXCLUSIVE
in initialization parameter file
Add users to the password file
$ orapwd
Assignfile=$ORACLE_HOME/dbs/orapwU15
appropriate privileges to each user
password=admin entries=5
52
Access to the database using the password file is provided by special GRANT commands issued
by privileged users.
Slide 54
Creating a Database
53
Creating a Database
Creating a database can be done one of three ways: automatically created as part of the
Oracle9i installation using the Oracle Universal Installer, using the Oracle Database
Configuration Assistant (DBCA), or by creating a SQL script using the CREATE DATABASE
command.
The Database Configuration Assistant is a graphical user interface that interacts with the Oracle
Universal Installer, or can be used standalone, to simplify the creation of a database. The
DBCA is Java-based and can be launched from any platform with a Java engine.
During the installation of the Oracle Server, DBCA is launched by the Oracle Universal
Installer and can automatically create a starter database for you. You have the option of using
or not using DBCA, and you also have the option to create a starter database. You also have the
option to launch DBCA later as a standalone application to create a database.
You can also migrate or upgrade an existing database if you are using a previous version of
Oracle software.
Slide 55
54
55
56
Specify options for memory, archiving, database sizing, and file locations
Define database storage parameters
Change file location variables as needed
Select a database creation option to complete database creation
57
58
59
Summary
60
Slide 62
Lab
1. Installing Oracle Software
2. Using orapwd utility to create the password file.
3. Create the database through DBCA. Check the services which are running after
database creation.
4. Select columns OWNER, TABLE_NAME, and TABLESPACE_NAME from data
dictionary view DBA_TABLES.
5. Spool the initialization parameters to a file.
6. Locate the alert log file.
7. Locate the adump, bdump, cdump directories.
8. List the non default parameters.
9. Shutdown the database. Mount the database. Try to connect to HR schema from
other session. See what happens. Open the database. Connect to HR schema from
other session.
10. Create pfile from spfile. Locate the newly created pfile. Note the naming convention of
pfile.
11. Shutdown the database using immediate option.
61
Slide 63
Lab
12. Increase the sga_max_size parameter by 5 MB and sga_target parameter by 3 MB .
Verify that the values has been changed of not. ( Hint : Make changes in pfile.
Connect to the idle instance. Create spfile from pfile. Startup the database. Use
v$parameter view to verify the values of parameters.)
13. Shutdown the database and open it in read-only mode. Connect as user HR and
insert the following into the REGIONS table.
1. INSERT INTO regions VALUES ( 5, Mars );
See what happens? Put the database back in read-write mode.
14. Make sure the database is started. Keep the two SQL*Plus sessions open, one session as user
SYS AS SYSDBA and one as user HR. As user SYS AS SYSDBA enable restricted session. As
user HR select from the regions table. Is the select successful? In the HR session exit SQL*Plus
then reconnect as HR. What happens? Disable restricted session.
15. Turn off the Cluster Synchronization service.
16. Turn off the Oracle Enterprise Manager service.
62
Slide 64
Objectives
64
Slide 66
Control File
A small binary file
Defines current state of physical database
Maintains integrity of database
Required:
At MOUNT state during database startup
To operate the database
Linked to a single database
Loss may require recovery
Database
Sized initially by CREATE DATABASE
Control
files
65
Control File
The control file is a small binary file necessary for the database to start and operate
successfully. Each control file is associated with only one Oracle database. Before a database is
opened, the control file is read to determine if the database is in a valid state to use.
A control file is updated continuously by the Oracle server during database use, so it must be
available for writing whenever the database is open. The information in the control file can be
modified only by the Oracle server; no database administrator or end user can edit the control
file.
If for some reason the control file is not accessible, the database does not function properly. If
all copies of a databases control files are lost, the database must be recovered before it can be
opened.
Slide 67
66
CONTROL_FILES=
$HOME/ORADATA/u01/ctrl01.ctl, $HOME/ORADATA/u02/ctrl02.ctl
ctrl01.ctl ctrl02.ctl
67
shutdown immediate
cp $HOME/ORADATA/u01/ctrl01.ctl
$HOME/ORADATA/u02/ctrl02.ctl
68
Alter the SPFILE: Using the ALTER SYSTEM SET command alter the SPFILE to
include a list of all control files to be used: main control file and multiplexed copies.
Shutdown the database: Shutdown the database in order to create the additional control
files on the operating system.
Create additional control files: Using the operating system copy command, create the
additional control files as required and verify that the files have been created in the
appropriate directories.
Start the database: When the database is started the SPFILE will be read and the Oracle
server will maintain all the control files listed in the CONTROL_FILES parameter.
Slide 70
startup
69
Shut down the database: Shutdown the database in order to create the additional control
files on the operating system.
Create additional control files: Using the operating system copy command, create the
additional control files as required and verify that the files have been created in the
appropriate directories.
Add control file names to PFILE: Alter the PFILE to include a listing of all of the control
files.
Start the database: When the database is started the PFILE will be read and the Oracle
server will maintain all the control files listed in the CONTROL_FILES parameter.
Slide 71
70
Summary
72
Slide 74
Lab
1. Where is the existing control file located and what is the name? Hint: Query the dynamic
performance view V$CONTROLFILE or V$PARAMETER, or execute the SHOW
PARAMETER command to display the name and the location of the control file.
2. Multiplex the existing control file and name the new control file control04.ctl.
Hints:
- Before shutting down the database alter the SPFILE (SCOPE=SPILE) to add
the new control file to the initialization file.
- Shut down the database, and copy any of the existing control file to a new file with the
name control04.ctl in the directory where currently all the control files are residing.
- Start up the database.- Query the Dynamic View V$CONTROLFILE or V$PARAMETER, or use
the SHOW PARAMETER command to confirm that both control files are being used.
- create pfile from spfile. What changes you see in pfile?
3. What is the initial sizing of the data file section in your control file?
Hint: Query the Dynamic View
V$CONTROLFILE_RECORD_SECTION.
4. Backup the control file to trace.
73
Slide 75
74
Slide 76
Redo
Log
files
75
76
77
FAST_START_MTTR_TARGET = 600
78
Forcing checkpoints:
FAST_START_MTTR_TARGET parameter replaces the deprecated parameters:
FAST_START_IO_TARGET
LOG_CHECKPOINT_TIMEOUT
These deprecated parameters must not be used if the parameter
FAST_START_MTTR_TARGET is used.
In the example above, the FAST_START_MTTR_TARGET parameter has been set so that
instance recovery should not take more than 600 seconds. The database will adjust the other
parameters to this goal.
Slide 80
79
You specify the name and location of the members with the file specification. The value of the
GROUP parameter can be selected for each redo log file group. If you omit this parameter, the
Oracle server generates its value automatically.
Slide 81
80
81
Restrictions:
An instance requires at least two groups of online redo log files.
An active or current group cannot be dropped.
When an online redo log file group is dropped, the operating system files are not deleted.
Slide 83
log1a.rdo log1a.rdo
log1b.rdo log1b.rdo
log1c.rdo log2c.rdo
Group 1 Group 2
82
Relocating or Renaming
Online Redo Log Files
Relocate or rename online redo log files in one of
the two following ways:
ALTER DATABASE CLEAR LOGFILE command
Copy the online redo log files to the new location
Execute the command
83
The following ALTER DATABASE RENAME FILE command changes the name of the online
redo log file:
SQL> ALTER DATBASE [database}
2 RENAME FILE filename [,filename]
3 TO filename]
Slide 85
Group 1
?
Group 2 Group 3
Member Member
Disk 1 Disk 2
84
Disk 3
85
86
87
Summary
In this lesson, you should have learned how to:
Explain the use of online redo log files
Obtain redo log file information
Control log switches and checkpoints
Multiplex and maintain online redo log files
Manage online redo log files with OMF
Online redo log files record the changes made to the database
Redo log files are used in a cyclic fashion and entries are recorded
sequentially.
Minimum of 2 redo log groups and 1 member in each redo log group
Redo log groups and members can be added and dropped
Multiplex and maintain online redo log files to avoid single-point failure
Manage online redo log files with OMF
Archive log files are copy of filled redo log files, also called as offline redo log
files.
The two advantages of archiving are Recovery and Backup
88
Slide 90
Lab
1. List the number and location of existing log files and display the number of redo log file groups and
members your database has. Hints: Query the dynamic view V$LOGFILE. Use the dynamic
view V$LOG.
2. Add a redo log member to each group in your database located on u04, using the following naming
conventions: Add member to Group 1: log01b.rdo. Add member to Group 2: log02b.rdo
Verify the result.
Hints: Execute the ALTER DATABASE ADD LOGFILE MEMBER command to add a redo log
member to each group. Query the dynamic performance view V$LOGFILE to verify the result.
3. Add a redo log group in your database with two members with following naming conventions:
Add Group 4: log04a.rdo and log04b.rdo . Verify the result .
Hints: Execute the ALTER DATABASE ADD LOGFILE command to create a new group. Query
the Dynamic View V$LOGFILE to display the name of the new members of the new group. Query
the Dynamic View V$LOG to display the number of redo log file groups and members.
4. Make sure that the newly added online redo log is the current online redo log. [Hint: Perform log
switch]
5. Drop the redo log group created in step 3.
Hints: Perform log switch. Execute the ALTER DATABASE DROP LOGFILE GROUP command
to remove the log group. Query the Dynamic View V$LOG to verify the result. Remove the
operating system files for the group.
89
Slide 91
Objectives
After completing this lesson, you should be able to do the following:
91
Slide 93
92
Types of Tablespaces
SYSTEM tablespace
Created with the database
Contains the data dictionary
Contains the SYSTEM undo segment
Non-SYSTEM tablespace
Separate segments
Eases space administration
Controls amount of space allocated to a user
93
Types of Tablespaces
The DBA creates tablespaces for increased control and ease of maintenance. The Oracle server
perceives two types of tablespaces: SYSTEM and Non-System (all others).
SYSTEM tablespace:
Every Oracle database contains a tablespace named SYSTEM, which Oracle creates
automatically when the database is created.
The SYSTEM tablespace is always online when the database is open.
The SYSTEM tablespace always contains the data dictionary tables for the entire database.
The data dictionary tables are stored in datafile 1.
It also contains the system UNDO segment .
Non-SYSTEM tablespaces:
It is used to store users data
Separate undo, temporary, application data and application index segments
Separate dynamic and static data
Control the amount of space allocated to the users objects
Slide 95
Creating Tablespaces
A tablespace is created using the command:
CREATE TABLESPACE
94
Creating Tablespaces
You create a tablespace with the CREATE TABLESPACE command:
CREATE TABLESPACE tablespace
[DATAFILE clause]
[MINIMUM EXTENT integer[K|M]]
[BLOCKSIZE integer [K]]
[LOGGING|NOLOGGING]
[DEFAULT storage_clause ]
[ONLINE|OFFLINE]
[PERMANENT|TEMPORARY]
[extent_management_clause]
[segment_management_clause]
where:
Tablespace: This is the name of the tablespace to be created
DATAFILE: This specifies the datafile or datafiles that make up the tablespace
MINIMUM EXTENT: This ensures that every used extent size in the tablespace is a multiple
of the integer. Use K or M to specify this size in kilobytes or megabytes.
BLOCKSIZE: BLOCKSIZE specifies a nonstandard block size for the tablespace. In order to
specify this clause, you must have the DB_CACHE_SIZE and at least one
DB_nK_CACHE_SIZE parameter set, and the integer you specify in this clause must
correspond with the setting of one DB_nK_CACHE_SIZE parameter setting.
Slide 96
95
96
Undo Tablespace
Used to store undo segments
Cannot contain any other objects
Extents are locally managed
Can only use the DATAFILE and EXTENT MANAGEMENT clauses
97
Undo Tablespace
Oracle strongly recommends operating in automatic undo management mode. The database
server can manage undo more efficiently, and automatic undo management mode is less
complex to implement and manage.
An undo tablespace is used with Automatic Undo Management.
CREATE UNDO TABLESPACE tablespace
[DATAFILE clause]
Slide 99
Temporary Tablespaces
98
Temporary Tablespaces
You can manage space for sort operations more efficiently by designating temporary
tablespaces exclusively for sorts. Doing so effectively eliminates serialization of space
management operations involved in the allocation and deallocation of sort space.
All operations that use sorts--including joins, index builds, ordering (ORDER BY), the
computation of aggregates (GROUP BY), and the ANALYZE statement for collecting
optimizer statistics--benefit from temporary tablespaces. The performance gains are
significant with Oracle9i Real Application Clusters.
ALTER DATABASE
DEFAULT TEMPORARY TABLESPACE temp;
99
10
0
Creating a default temporary tablespace during database creation prevents the SYSTEM
tablespace from being used for temporary space. When a default temporary tablespace is
created with the CREATE DATABASE command, it is of locally managed type.
Slide 102
ALTER DATABASE
DEFAULT TEMPORARY TABLESPACE default_temp2;
10
1
10
2
Causes a checkpoint
Data available only for read operations
Objects can be dropped from tablespace
10
3
You can drop items, such as tables and indexes, from a read only tablespace, because these
commands affect only the data dictionary. This is possible because the DROP command
updates only the data dictionary, but not the physical files that make up the tablespace. For
locally managed tablespaces, the dropped segment is changed to a temporary segment, to
prevent the bitmap from being updated. To make a read only tablespace writable, all of the
datafiles in the tablespace must be online. Making tablespaces read only causes a checkpoint
on the datafiles of the tablespace.
Slide 105
10
4
Offline Tablespaces
A database administrator can bring any tablespace other than the SYSTEM tablespace online
(accessible) or offline (not accessible) whenever the database is open. The SYSTEM
tablespace is always online when the database is open because the data dictionary must always
be available to Oracle.
A tablespace is usually online so that the data contained within it is available to database users.
However, the database administrator can take a tablespace offline for maintenance or backup
and recovery purposes.
Resizing a Tablespace
A tablespace can be resized by:
Changing the size of a datafile:
Automatically using AUTOEXTEND
Manually using ALTER TABLESPACE
Adding a datafile using ALTER TABLESPACE
10
5
Resizing a Tablespace
You can enlarge a tablespace in two ways:
Add a datafile to a tablespace
When you add another datafile to an existing tablespace, you increase the amount of
disk space allocated for the corresponding tablespace.
Increase the size of a datafile
The third option for enlarging a database is to change a datafile's size or let datafiles
in existing tablespaces grow dynamically as more space is needed. You accomplish
this by altering existing files or by adding files with dynamic extension properties.
Slide 107
10
6
ALTER DATABASE
DATAFILE '/u03/oradata/userdata02.dbf'
RESIZE 200M;
10
7
10
8
This illustration shows the SQL statement for adding a datafile to a tablespace:
Database size and tablespace size increase with the addition of datafiles.
Slide 110
10
9
11
0
Dropping Tablespaces
Cannot drop a tablespace if it:
Is the SYSTEM tablespace
Example:
11
1
Dropping Tablespaces
You can remove a tablespace from the database when the tablespace and its contents are no
longer required with the following DROP TABLESPACE SQL command:
DROP TABLESPACE tablespace
[INCLUDING CONTENTS [AND DATAFILES] [CASCADE CONSTRAINTS]]
where:
tablespace: Specifies the name of the tablespace to be dropped
INCLUDING CONTENTS: Drops all the segments in the tablespace
AND DATAFILES: Deletes the associated operating system files
CASCADE CONSTRAINTS: Drops referential integrity constraints from tables outside the
tablespace that refer to primary and unique keys in the tables in the dropped tablespace
Slide 113
11
2
Slide 114
SELECT TABLESPACE_NAME,BIGFILE
FROM DBA_TABLESPACES;
11
3
Slide 115
11
4
Slide 116
11
5
Slide 117
Database
PROD
TABLESPACES
SYSTEM USER_DATA RBS TEMP
DATAFILES
DISK2/ DISK3/ DISK1/ DISK1/
DISK1/SYS1.dbf USER1.dbf USER2.dbf ROLL1.dbf TEMP.dbf
SEGMENTS S_DEPT S_EMP S_DEPT S_EMP RBS1 RBS2 RBS1 RBS2
Temp
(cont'd) FIRST_N (cont'd) (cont'd)
D.D. D.D. AME
Index
Table Index RB RB RB RB
RB Data Data Data Seg Seg Seg Seg Temp
Data Index Seg
Index
Seg Seg Seg Seg Seg
Seg Seg
EXTENTS
1 2 1 2 1 2 1 1 2 2 1 FREE 1 1 2 2 1
11
6
Database Architecture
The previous lesson discussed the storage structure of a database, its tablespaces, and its data
files. This lesson continues the discussion of database storage by examining segments, extents,
and data blocks.
Slide 118
Types of Segments
Table Table
partition
Cluster Index
11
7
Types of Segments
Segments are space-occupying objects in a database. They use space in the data files of a
database. This section describes the different types of segments.
Table:
A table is the most common means of storing data within a database. A table segment stores
that data for a table that is neither clustered nor partitioned. Data within a table segment is
stored in no particular order, and the database administrator (DBA) has very little control over
the location of rows within the blocks in a table. All the data in a table segment must be stored
in one tablespace.
Table partition:
Scalability and availability are major concerns when there is a table in a database with high
concurrent usage. In such cases, data within a table may be stored in several partitions, each of
which resides in a different tablespace. The Oracle server currently supports partitioning by a
range of key values, by a hashing algorithm, and by a list of values. If a table is partitioned,
each partition is a segment, and the storage parameters can be specified to control them
independently. Use of this type of segment requires the partitioning option within the Oracle9i
Enterprise Edition.
Slide 119
Types of Segments
Index-organized Index
table partition
Undo Temporary
segment segment
11
8
Types of Segments
Index-organized table:
In an index-organized table, data is stored within the index based on the key value. An index-
organized table does not need a table lookup, because all the data can be retrieved directly from
the index tree.
Index partition:
An index can be partitioned and spread across several tablespaces. In this case, each partition
in the index corresponds to a segment and cannot span multiple tablespaces. The primary use
of a partitioned index is to minimize contention by spreading index input/output (I/O). Use of
this type of segment requires the partitioning option within the Oracle9i Enterprise Edition.
Undo segment:
An undo segment is used by a transaction that is making changes to a database. Before
changing the data or index blocks, the old value is stored in the undo segment. This allows a
user to undo changes made.
Temporary segment:
When a user executes commands such as CREATE INDEX, SELECT DISTINCT, and
SELECT GROUP BY, the Oracle server tries to perform sorts in memory. When a sort needs
more space than the space available in memory, intermediate results are written to the disk.
Temporary segments are used to store these intermediate results.
Slide 120
Types of Segments
Bootstrap
segment
11
9
Types of Segments
LOB segment:
One or more columns in a table can be used to store large objects (LOBs) such as text
documents, images, or videos. If the column is large, the Oracle server stores these values in
separate segments known as LOB segments. The table contains only a locator or a pointer to
the location of the corresponding LOB data.
Nested table:
A column in a table may be made up of a user-defined table as in the case of items within an
order. In such cases, the inner table, which is known as a nested table, is stored as a separate
segment.
Bootstrap segment:
A bootstrap segment, also known as a cache segment, is created by the sql.bsq script when a
database is created. This segment helps to initialize the data dictionary cache when the
database is opened by an instance.
The bootstrap segment cannot be queried or updated and does not require any maintenance by
the database administrator.
Slide 121
Undo Management
Undo Management
12
0
Slide 122
12
1
Undo Segment
Old image
Table
New
image
Undo segment
Update transaction
12
2
Undo Segment
An undo segment is used to save the old value (undo data) when a process changes data in a
database. It stores the location of the data and the data as it existed before being modified.
The header of an undo segment contains a transaction table where information about the
current transactions using the undo segment is stored.
A serial transaction uses only one undo segment to store all of its undo data.
Many concurrent transactions can write to one undo segment.
Slide 124
Transaction rollback
12
3
Read Consistency
SELECT *
Table FROM table
New image
Image at start of statement
12
4
Read Consistency
Read consistency, as supported by Oracle, does the following:
Guarantees that the set of data seen by a statement is consistent with respect to a single point
in time and does not change during statement execution (statement-level read consistency)
Ensures that readers of database data do not wait for writers or other readers of the same data
Ensures that writers of database data do not wait for readers of the same data
Ensures that writers only wait for other writers if they attempt to update identical rows in
concurrent transactions
The simplest way to think of Oracle's implementation of read consistency is to imagine each
user operating a private copy of the database, hence the multiversion consistency model.
Slide 126
Auto mode:
Deferred: Used when tablespaces are taken offline immediate, temporary, or for
recovery
12
5
12
6
undo1db01.dbf
12
7
UNDO_MANAGEMENT specifies which undo space management mode the system should
use. When set to AUTO, the instance starts in automatic undo management mode.
Slide 129
UNDO_MANAGEMENT=AUTO
UNDO_TABLESPACE=UNDOTBS
12
8
UNDO_TABLESPACE parameter:
UNDO_TABLESPACE specifies the undo tablespace to be used when an instance starts up. If
this parameter is specified when the instance is in manual undo management mode, an error
will occur and startup will fail.
If the UNDO_TABLESPACE parameter is omitted, the first available undo tablespace in the
database is chosen. If no undo tablespace is available, the instance will start without an undo
tablespace. In such cases, user transactions will be executed using the SYSTEM rollback
segment. You should avoid running in this mode under normal circumstances.
You can replace an undo tablespace with another undo tablespace while the instance is running.
Specifies the UNDO tablespace to be used. This parameter can be set in the initialization files
or altered dynamically using the ALTER SYSTEM command.
SQL> ALTER SYSTEM SET undo_tablespace = UNDOTBS;
Slide 130
Create the UNDO tablespace with the database by adding a clause in the CREATE DATABASE
command
12
9
You can create a specific undo tablespace using the UNDO TABLESPACE clause of
the CREATE DATABASE statement. But, this clause is not required. If the UNDO
TABLESPACE clause is not specified and the CREATE DATABASE statement is
executed in automatic undo management mode, a default undo tablespace is
created with the name SYS_UNDOTBS. This tablespace is allocated from the
default set of files used by the CREATE DATABASE statement and its attributes are
determined by Oracle. The initial size is 10M, and it is autoextensible. This method
of creating an undo tablespace is only recommended to users who do not have
any specific requirements for allocation of undo space.
Slide 131
13
0
13
1
You can switch from using one undo tablespace to another. Because the
UNDO_TABLESPACE initialization parameter is a dynamic parameter, the ALTER
SYSTEM SET statement can be used to assign a new undo tablespace.
The following statement effectively switches to a new undo tablespace:
ALTER SYSTEM SET UNDO_TABLESPACE = undotbs_02;
If any of the following conditions exist for the tablespace being switched to, an
error is reported and no switching occurs:
The tablespace does not exist,
The tablespace is not an undo tablespace
The tablespace is already being used by another instance
The database is online while the switch operation is performed, and user
transactions can be executed while this command is being executed. When the
switch operation completes successfully, all transactions started after the switch
operation began are assigned to transaction tables in the new undo tablespace.
Slide 133
13
2
You can drop UNDO tablespace after all transactions within the tablespace are complete. To
determine whether any active transactions exists use the following query:
SQL> SELECT a.name,b.status
2 FROM v$rollname a, v$rollstat b
3 WHERE a.name IN ( SELECT segment_name
4 FROM dba_segments
5 WHERE tablespace_name = 'UNDOTBS )
6 AND a.usn = b.usn;
NAME STATUS
-----------------------------------------------
_SYSSMU4$ PENDING OFFLINE
Slide 134
UNDO_SUPPRESS_ERRORS parameter:
Set to TRUE, this parameter suppresses errors while
attempting to execute manual operations in AUTO mode.
UNDO_RETENTION parameter:
This parameter controls the amount of undo data to retain
for consistent read.
By default UNDO_RETENTION is 15 minutes in 10g.
13
3
If you want to run in automatic undo management mode, ensure that your tools or applications
are updated to run in automatic undo management mode.
UNDO_RETENTION Parameter
Retention is specified in units of seconds, for example 500 seconds. It is persistent and can
survive system crashes. That is, undo generated before an instance crash, is retained until its
retention time has expired even across restarting the instance. When the instance is recovered,
undo information will be retained based on the current setting of the UNDO_RETENTION
initialization parameter.
Slide 135
SELECT end_time,begin_time,undoblks
FROM v$undostat;
END_TIME BEGIN_TIME UNDO
------------------ ------------------ -----
22-JAN-01 13:44:18 22-JAN-01 13:43:04 19
22-JAN-01 13:43:04 22-JAN-01 13:33:04 1474
22-JAN-01 13:33:04 22-JAN-01 13:23:04 1347
22-JAN-01 13:23:04 22-JAN-01 13:13:04 1628
22-JAN-01 13:13:04 22-JAN-01 13:03:04 2249
22-JAN-01 13:03:04 22-JAN-01 12:53:04 1698
22-JAN-01 12:53:04 22-JAN-01 12:43:04 1433
22-JAN-01 12:43:04 22-JAN-01 12:33:04 1532
22-JAN-01 12:33:04 22-JAN-01 12:23:04 1075
13
4
Each row in the view keeps statistics collected in the instance for a 10-minute interval. The
rows are in descending order by the BEGIN_TIME column value. Each row belongs to the
time interval marked by (BEGIN_TIME, END_TIME). Each column represents the data
collected for the particular statistic in that time interval. The first row of the view contains
statistics for the (partial) current time period. The view contains a total of 1008 rows, spanning
a 7 day cycle.
Slide 136
13
5
13
6
13
7
Slide 139
13
8
Slide 140
13
9
Slide 141
14
0
Slide 142
14
1
Slide 143
14
2
Slide 144
If your undo tablespace is too small to accommodate all the active transactions that
are using it, the following will happen:
Oracle will issue an automatic tablespace warning alert when the undo tablespace is
85 percent full (if you havent disabled the automatic tablespace alert feature
(DBMS_SERVER_ALERT Package)).
Oracle will also issue an automatic tablespace critical alert when the undo tablespace
is 97 percent full.
All DML statements will be disallowed and will receive an out-of-space error.
DDL statements will continue to be allowed.
14
3
Slide 145
Flashback Database feature uses Flashback database logs which are stored in
new flash recovery area.
Only used for logical error recovery and not for media recovery.
14
4
Slide 146
14
5
Slide 147
FLASHBACK_ON
------------------
YES
14
6
Slide 148
sql> SELECT
OLDEST_FLASHBACK_SCN,OLDEST_FLASHBACK_TIME
FROM V$FLASHBACK_DATABASE_LOG;
sql> SHUTDOWN IMMEDIATE;
sql> STARTUP MOUNT;
sql> FLASHBACK DATABASE TO SCN 5964663;
sql> ALTER DATABASE OPEN RESETLOGS;
14
7
Slide 149
Restore Points
create restore point P1;
When you want to flashback the database to that restore point, you
could simply issue:
If you examine the alert log, it will show a line similar to:
Media Recovery Applied UNTIL CHANGE 1429814
14
8
Slide 150
Rollback Monitoring
sql> select * from v$session_longops where sid = 9;
SID : 9
SERIAL# : 68
OPNAME : Transaction Rollback
TARGET :
TARGET_DESC : xid:0x000e.01c.00000067
SOFAR : 10234
TOTALWORK : 20554
UNITS : Blocks
START_TIME : 07-dec-2003 21:20:07
LAST_UPDATE_TIME : 07-dec-2003 21:21:24
TIME_REMAINING : 77
ELAPSED_SECONDS : 77
CONTEXT : 0
MESSAGE : Transaction Rollback: xid:0x000e.01c.00000067 :
10234 out of 20554 Blocks done
USERNAME : SYS
SQL_ADDRESS : 00000003B719ED08
SQL_HASH_VALUE : 1430203031
SQL_ID : 306w9c5amyanr
QCSID : 0
14
9
Slide 151
Summary
There are two methods for managing undo data: Automatic Undo Management and
Manual Undo Management
The main purpose of undo segments are Transaction Rollback, Transaction
Recovery, Read Consistency
Types of undo segment: System and Non-System
Automatic Undo Management: Undo data is managed using an UNDO tablespace.
UNDO_TABLESPACE and UNDO_MANAGEMENT initialization prameters have to be
set.
At least one UNDO tablespace must be created
Only one UNDO tablespace can be in assigned to a database at a time.
More than one UNDO tablespace may exist within an instance, but only one can be
active.
To drop an active UNDO tablespace: 1. Switch to a new UNDO tablespace 2.Drop the
tablespace after all current transactions are complete
Use alter SYSTEM SET command to switch undo tablespaces dynamically
15
0
Practice Overview
Note: Practice can be accomplished using SQL*Plus or using Oracle Enterprise Manager
and SQL*Plus Worksheet.
Slide 152
Lab
1. Create a new undo tablespace with name name UNDO02. Make it the default undo tablespace.
Keep the autoextend clause off.
2. Drop the original undo tablepsace.
3. Check the current value of undo retention parameter. Increase the undo_retention parameter
to 3 Hours.
4. Login to HR schema. Create a table similar to employees table and name it as test_employees.
5. Note down the current timestamp ( T1) of the database.
6. Insert 3 new rows in the test_employees table. Commit the data.
7. Use the flashback query to view the contents of the table as they were at timestamp T1.
8. Update any row and use the flashback versions query to view versions of that updated row.
9. Use flashback transaction query. Observe the XID,START_SCN,UNDO_SQL column. [ Hint: Use
flashback_transaction_query view.]
10. Login into HR schema create a test table similar to employees. Drop the table. Login as sysdba
user through other session and query the dba_recyclebin dictionary. Observe the
OBJECT_NAME AND ORIGINAL_NAME columns. Restore the dropped table to HR schema. From
HR sqlplus session verify that the table is restored.
11. Query a data dictionary to check whether the flashback is on or not.[Hint: Use v$database]
12. Ensure that the database is in archive log mode.
13. Enable the flashback database. Verify the flashback database is enabled.
14. Create a new test table similar to employees table in HR schema. Note down the current_scn
from v$database.
15
1
Slide 153
Lab
15. Insert few new rows in the test table and commit. Note down the current_scn from
v$database.
16. Flashback the database to the SCN noted down in step 14. Open the database with resetlogs
option.
17. Check whether the rows inserted in test table in Step 15 exist or not.
18. Query the V$FLASHBACK_DATABASE_LOG. Observe the OLDEST_FLASHBACK _SCN column.
15
2
Slide 154
15
3
Slide 155
Auditing Privileges
Use of privileges can be audited, for example
15
4
Auditing Options
Statement auditing:
Statement auditing is the selective auditing of related groups of statements that fall into two
categories:
DDL statements, regarding a particular type of database structure or schema object,
but not a specifically named structure or schema object (for example, AUDIT
TABLE audits all CREATE and DROP TABLE statements)
DML statements, regarding a particular type of database structure or schema object,
but not a specifically named structure or schema object (for example, AUDIT
SELECT TABLE audits all SELECT ... FROM TABLE/VIEW statements,
regardless of the table or view)
Statement auditing can be broad or focused, auditing the activities of all database users or the
activities of only a select list of database users.
Slide 156
Auditing Objects
Use of objects can be audited, for example
15
5
Auditing Options
Statement auditing:
Statement auditing is the selective auditing of related groups of statements that fall into two
categories:
DDL statements, regarding a particular type of database structure or schema object,
but not a specifically named structure or schema object (for example, AUDIT
TABLE audits all CREATE and DROP TABLE statements)
DML statements, regarding a particular type of database structure or schema object,
but not a specifically named structure or schema object (for example, AUDIT
SELECT TABLE audits all SELECT ... FROM TABLE/VIEW statements,
regardless of the table or view)
Statement auditing can be broad or focused, auditing the activities of all database users or the
activities of only a select list of database users.
Slide 157
Auditing Sessions
Use of objects can be audited, for example
sql> audit session whenever not successful;
15
6
Auditing Options
Statement auditing:
Statement auditing is the selective auditing of related groups of statements that fall into two
categories:
DDL statements, regarding a particular type of database structure or schema object,
but not a specifically named structure or schema object (for example, AUDIT
TABLE audits all CREATE and DROP TABLE statements)
DML statements, regarding a particular type of database structure or schema object,
but not a specifically named structure or schema object (for example, AUDIT
SELECT TABLE audits all SELECT ... FROM TABLE/VIEW statements,
regardless of the table or view)
Statement auditing can be broad or focused, auditing the activities of all database users or the
activities of only a select list of database users.
Slide 158
15
7
Slide 159
15
8
Slide 160
15
9
Slide 161
16
0
Summary
16
1
Slide 163
Lab
Connect to your database as SYSDBA using SQL*Plus.
Set the AUDIT_TRAIL instance parameter to enable auditing to the data dictionary. As this is a
static parameter, you must use the SCOPE clause and restart the instance.
sql> conn sys/passwod@sid as sysdba
sql> alter system set audit_trail=db scope=spfile;
sql> startup force;
Connect to your database as user SYSTEM using SQL*Plus.
Create a table and insert some rows as follows:
sql> create table audit_test(name varchar2(10),salary number);
sql> insert into audit_test values('McGraw',100);
sql> insert into audit_test values('Hill',200);
Enable database auditing of access to the table.
sql> audit select, update on system.audit_test;
Execute some statements against the table.
sql> select * from audit_test;
sql> update audit_test set salary=50 where name='McGraw';
Query the DBA_AUDIT_TRAIL view to see the results of the auditing.
sql> select username, userhost, os_username, ses_actions, obj_name from dba_audit_trail;
16
2
Slide 164
Lab
Create an FGA policy to capture all SELECTs against the AUDIT_TEST table that read the
SALARY column, if the salary retrieved is greater than 100, with this procedure call:
sql> exec dbms_fga.add_policy(-
> object_schema=>'system',-
> object_name=>'audit_test',-
> policy_name=>'high_sal',-
> audit_condition=>'salary > 100',-
> audit_column=>'salary',-
> statement_types=>'select');
Run some queries against the table.
ocp10g> select * from audit_test;
ocp10g> select salary from audit_test where name='Hill';
ocp10g> select salary from audit_test where name='McGraw';
ocp10g> select name from audit_test;
16
3
Slide 165
Lab
Query the fine-grained audit trail.
sql> select os_user,db_user,sql_text from dba_fga_audit_trail;
OS_USER DB_USER SQL_TEXT
----------------------- -------------- -------------------------------------
ORA10G\Guest SYSTEM select * from audit_test
ORA10G\Guest SYSTEM select salary from audit_test where name='Hill'
Note that only the first and second queries from previous step generated audit records, and that
the actual statement used can be retrieved.
Tidy up by canceling the database auditing, dropping the FGA policy, and dropping the table.
sql> noaudit select,update on system.audit_test;
Sql> exec dbms_fga.drop_policy(object_name=>'audit_test, policy_name=>'high_sal');
sql> drop table audit_test;
16
4
Slide 166
Objectives
After completing this lesson, you should be able to do
the following:
Manage passwords using profiles
Administer profiles
Control use of resources using profiles
Obtain information about profiles, password
management, and resources
16
6
Slide 168
Profiles
A profile is a named set of password and resource
limits.
Profiles are assigned to users by the CREATE USER
or ALTER USER command.
Profiles can be enabled or disabled.
Profiles can relate to the DEFAULT profile.
16
7
Profiles
A profile is a named set of resource limits. A user's profile limits database usage and instance
resources as defined in the profile. You can assign a profile to each user, and a default profile to
all users who do not have specific profiles. For profiles to take effect, resource limits must be
turned on for the database as a whole.
A profile has been created, the database administrator can assign it to each user. If resource
limits are enabled, the Oracle server limits the database usage and resources to the defined
profile of the user.
The Oracle server automatically creates a DEFAULT profile when the database is created.
The users who have not been explicitly assigned a specific profile conform to all the limits of
the DEFAULT profile. All limits of the DEFAULT profile are initially unlimited. However, the
database administrator can change the values so that limits are applied to all users by default.
Slide 169
Password Management
Password Account
history locking
User Setting up
profiles
Password Password
expiration verification
and aging
16
8
Password Management
For greater control over database security, Oracle password management is controlled by
database administrators with profiles.
16
9
Create the profile to limit password settings, and assign the profile to the user by using the
CREATE USER or ALTER USER command.
When password management is enabled, the user account can be locked or unlocked by using
the CREATE USER or ALTER USER command.
Slide 171
Parameter Description
FAILED_LOGIN_ATTEMPTS Number of failed login attempts
before lockout of the account
17
0
The CREATE PROFILE statement configures the number of failed logins a user can attempt
and the amount of time the account remains locked before automatic unlock.
The database administrator can also lock accounts manually. When this occurs, the account
cannot be unlocked automatically but must be unlocked explicitly by the database
administrator.
Slide 172
Parameter Parameter
PASSWORD_LIFE_TIME Lifetime of the password in days
after which the password expires
17
1
The user is expected to change the password within the grace period. If the password is not
changed within the grace period, the account is locked and no further logins to that account are
allowed without assistance by the database administrator.
The database administrator can also set the password state to expired. When this happens, the
user's account status is changed to expired, and the user or the database administrator must
change the password before the user can log in to the database..
Slide 173
Password History
Parameter Description
PASSWORD_REUSE_TIME Number of days before a
password can be reused
17
2
Password History
The password history option checks each newly specified password to ensure that a
password is not reused for the specified amount of time or for the specified number of
password changes. The database administrator can configure the rules for password reuse
with CREATE PROFILE statements.
Slide 174
Password Verification
Parameter Description
PASSWORD_VERIFY_FUNCTION PL/SQL function that performs a
password complexity check
before a password is assigned
17
3
Password Verification
Complexity verification checks that each password is complex enough to provide
reasonable protection against intruders who try to break into the system by guessing
passwords.
The Oracle default password complexity verification routine requires that each password:
Be a minimum of four characters in length
Not equal the userid
Include at least one alphabet character, one numeric character, and one punctuation mark
Not match any word on an internal list of simple words like welcome, account, database,
user, and so on
Differ from the previous password by at least three characters
Slide 175
function_name(
userid_parameter IN VARCHAR2(30),
password_parameter IN VARCHAR2(30),
old_password_parameter IN VARCHAR2(30))
RETURN BOOLEAN
17
4
17
5
Creating a Profile:
Password Settings
17
6
Slide 178
17
7
Altering a Profile
Use the ALTER PROFILE command to change the password limits assigned to a profile:
ALTER PROFILE profile LIMIT
[FAILED_LOGIN_ATTEMPTS max_value]
[PASSWORD_LIFE_TIME max_value]
[ {PASSWORD_REUSE_TIME
|PASSWORD_REUSE_MAX} max_value]
[PASSWORD_LOCK_TIME max_value]
[PASSWORD_GRACE_TIME max_value]
[PASSWORD_VERIFY_FUNCTION
{function|NULL|DEFAULT} ]
If you want to set the password parameters to less than a day:
1 hour: PASSWORD_LOCK_TIME = 1/24
10 minutes: PASSWORD_LOCK_TIME = 10/1400
5 minutes: PASSWORD_LOCK_TIME = 5/1440
Slide 179
17
8
Guidelines:
The DEFAULT profile cannot be dropped.
When a profile is dropped, this change applies only to sessions that are created subsequently
and not to the current sessions.
Slide 180
Summary
In this lesson, you should have learned how to:
Administer passwords
Administer profiles
In this lesson, you should have learned how to:
A profile is a named set of password and resource limits.
Profiles are assigned to users by the CREATE USER or ALTER USER
command.
Password management features are Password Account Locking, Password
Expiration and Aging, Password History and Password Verification
Limit usage of resources with profiles
Enable resource limits with the:
RESOURCE_LIMIT initialization parameter
ALTER SYSTEM command
Resource Management: Manage resources using Database Resource
Manager
It provides the Oracle server with more control over resource management
decisions
The Resource Plan Directives provides several means of allocating
resources like CPU method, Active session pool and queuing, Degree of
parallelism limit, Automatic consumer group switching, Maximum estimated
execution time, Undo quota
17
9
Practice Overview
Note: Practice can be accomplished using SQL*Plus or using Oracle Enterprise Manager
and SQL*Plus Worksheet.
Slide 181
Lab
1. Create user Jeff with password pass and default tablespace users. Enable password management
by running script @$ORACLE_HOME/rdbms/admin/utlpwdmg.sql.
2. Try to change the password of user Jeff to Jeff. What happens? Try changing the password for
Jeff to follow the password management format. [Hint: Password should contain at least one digit,
one character, and one punctuation. ]
3. Alter the DEFAULT profile to ensure the following applies to users assigned the DEFAULTprofile:
After two login attempts, the account should be locked. The password should expire after 30 days.
The same password should not be reused for at least one minute. The account should have a
grace period of five days to change an expired password. Ensure that the requirements given
have been implemented. [Hints: Use the ALTER PROFILEcommand to change the default profile
limits. Query the data dictionary view DBA_PROFILESto verify the result.
4. Log in to user Jeff supplying an invalid password. Try this twice, then log in again, this time
supplying the correct password. What happens? Why?
5. Using data dictionary view DBA_USERS verify user Jeff is locked. Unlock the account for the user
Jeff. After unlocking user Jeff connect as Jeff. [Hint: Execute the ALTER USERcommand to unlock
the account. ]
6. Disable password checks for the DEFAULTprofile. [Hint: Execute the ALTER PROFILEcommand
to disable the password checks. ]
7. Log in to user Jeff supplying an invalid password. Try this twice, then log in again, this time
supplying the correct password. What happens? Why?
18
0
Slide 182
Managing Users
Slide 183
Objectives
After completing this lesson, you should be able to do
the following:
Create new database users
Alter and drop existing database users
Monitor information about existing users
18
2
Slide 184
Account Default
locking tablespace
Authentication Temporary
mechanism tablespace
Security
domain
Role Tablespace
privileges quotas
Direct Resource
privileges
limits
18
3
Authentication mechanism:
A user who requires access to the database can be authenticated by one of the following:
Data dictionary
Operating system
Network
The means of authentication is specified at the time the user is defined in the database and can
be altered later. This lesson covers authentication by database and by operating system only.
Slide 185
Database Schema
18
4
Database Schema
A schema is a collection of logical structures of data, or schema objects. A schema is owned
by a database user and has the same name as that user. Each user owns a single schema.
Schema objects can be created and manipulated with SQL and include the following types
of objects:
Clusters
Database links
Database triggers
Dimensions
External procedure libraries
Indexes and index types
Java classes, Java resources, and Java sources
Materialized views and materialized view logs
Object tables, object types, and object views
Operators
Sequences
Stored functions, procedures, and packages
Synonyms
Tables and index-organized tables
Views
Slide 186
18
5
Slide 187
18
6
To enhance security when using database authentication, Oracle recommends the use of
password management, including account locking, password aging and expiration,
password history, and password complexity verification.
Use the CREATE USER statement to create and configure a database user, or an account
through which you can log in to the database and establish the means by which Oracle
permits access by the user.
Slide 188
18
7
18
8
By default, a user has no quota on any tablespace in the database. If the user has the
privilege to create a schema object, you must assign a quota to allow the user to create
objects. Minimally, assign users a quota for the default tablespace, and additional quotas
for other tablespaces in which they can create objects.
Dropping a User
Use the CASCADE clause to drop all objects in the
schema if the schema contains objects.
18
9
Dropping a User
DROP USER user [CASCADE]
Guidelines:
The CASCADE option drops all objects in the schema before dropping the user. This must
be specified if the schema contains any objects.
A user who is currently connected to the Oracle server cannot be dropped.
Slide 191
19
0
USERNAME DEFAULT_TABLESPACE
--------- ------------------------------
SYS SYSTEM
SYSTEM SYSTEM
OUTLN SYSTEM
DBSNMP SYSTEM
HR SAMPLE
OE SAMPLE
Slide 192
Summary
19
1
Slide 193
Lab
1. Create user Bob with a password of CRUSADER. Make sure that any objects and
temporary segments created by Bob are not created in the system tablespace. Also,
ensure that Bob can log in and create objects up to one megabyte in size in USERS
and INDX tablespaces. [Hint: Ensure that the temporary tablespace temp is
assigned. Grant Bob the ability to create sessions.
2. Create a user Emi with a password of MARY. Make sure that any objects and sort
segments created by Emi are not created in the system tablespace.
3. Display the information on Bob and Emi from the data dictionary. [Hint: This can be
obtained by querying DBA_USERS. ]
4. From the data dictionary, display the information on the amount of space that Bob can
use in tablespaces. [Hint: This can be obtained by querying DBA_TS_QUOTAS. ]
5. As user BOB change his temporary tablespace. What happens? Why? As Bob,
change his password to SAM. As SYSTEM, remove Bobs quota on his default
tablespace. Remove Emis account from the database. [ Hint: Because Emi owns
tables, you need to use the CASCADE option.]
6. Bob has forgotten his password. Assign him a password OLINK and require that Bob
change his password the next time he logs on.
19
2
Slide 194
Managing Privileges
Slide 195
Objectives
After completing this lesson, you should be able to do
the following:
Identify system and object privileges
Grant and revoke privileges
19
4
Slide 196
Managing Privileges
Two types of Oracle user privileges:
System: Enables users to perform particular actions
in the database
Object: Enables users to access and manipulate a
specific object
19
5
Privileges
A user privilege is a right to execute a particular type of SQL statement, or a right to access
another user's object. Oracle also provides shortcuts for grouping privileges that are commonly
granted or revoked together.
This section describes Oracle user privileges, and contains the following topics:
System Privileges
Object Privileges
System privileges:
There are over 100 distinct system privileges. Each system privilege allows a user to perform a
particular database operation or class of database operations. System privileges can be very
powerful, and should be granted only when necessary to roles and trusted users of the database.
Slide 197
System Privileges
There are more than 100 distinct system privileges.
The ANY keyword in privileges signifies that users
have the privilege in any schema.
The GRANT command adds a privilege to a user or a
group of users.
The REVOKE command deletes the privileges.
19
6
System Privileges
Note: In general, you grant system privileges only to administrative personnel and
application developers. End users normally do not require the associated capabilities
Use either of the following to grant or revoke system privileges to users and roles:
The Grant System Privileges/Roles dialog box and Revoke System Privileges/Roles dialog
box of Oracle Enterprise Manager
The SQL statements GRANT and REVOKE
Slide 198
19
7
19
8
GRANT {system_privilege|role}
[, {system_privilege|role} ]...
TO {user|role|PUBLIC}
[, {user|role|PUBLIC} ]...
[WITH ADMIN OPTION]
where:
system_privilege: Specifies the system privilege to be granted
role: Specifies the role name to be granted
PUBLIC: Grants system privilege to all users
WITH ADMIN OPTION: Enables the grantee to further grant the privilege or role to other
users or roles
Slide 200
Category Examples
SYSOPER STARTUP
SHUTDOWN
ALTER DATABASE OPEN | MOUNT
19
9
Database startup and shutdown are powerful administrative options and are restricted to
users who connect to Oracle with administrator privileges.
Depending on the operating system, one of the following conditions establishes
administrator privileges for a user:
The user's operating system privileges allow him or her to connect using administrator
privileges.
The user is granted the SYSDBA or SYSOPER privileges, and the database uses password
files to authenticate database administrators.
When you connect with SYSDBA privileges, you are placed in the schema owned by SYS.
When you connect as SYSOPER, you are placed in the public schema. SYSOPER
privileges are a subset of SYSDBA privileges.
Slide 201
20
0
20
1
Prerequisites
To revoke a system privilege or role, you must have been granted the privilege with the
ADMIN OPTION.
To revoke a role, you must have been granted the role with the ADMIN OPTION. You can
revoke any role if you have the GRANT ANY ROLE system privilege.
To revoke an object privilege, you must have previously granted the object privileges to each
user and role.
The REVOKE statement can revoke only privileges and roles that were previously granted
directly with a GRANT statement. You cannot use this statement to revoke:
Privileges or roles not granted to the revokee
Roles or object privileges granted through the operating system
Privileges or roles granted to the revokee through roles
Slide 203
GRANT
20
2
There are no cascading effects when revoking a system privilege related to DDL
operations, regardless of whether the privilege was granted with or without the
ADMIN OPTION. For example, assume the following:
The security administrator grants the CREATE TABLE system privilege to jfee with the ADMIN
OPTION.
jfee creates a table.
jfee grants the CREATE TABLE system privilege to tsmith.
tsmith creates a table.
The security administrator revokes the CREATE TABLE system privilege from jfee.
jfee's table continues to exist. tsmith still has the table and the CREATE TABLE system privilege.
Cascading effects can be observed when revoking a system privilege related to a
DML operation. If SELECT ANY TABLE is revoked from a user, then all procedures
contained in the users schema relying on this privilege will fail until the privilege
is reauthorized.
Slide 204
Object Privileges
20
3
Object Privileges
A schema object privilege is a privilege or right to perform a particular action on a specific
schema object:
Table
View
Sequence
Procedure
Function
Package
Different object privileges are available for different types of schema objects. For example, the
privilege to delete rows from the DEPT table is an object privilege.
Some schema objects, such as clusters, indexes, triggers, and database links, do not have
associated object privileges. Their use is controlled with system privileges. For example, to
alter a cluster, a user must own the cluster or have the ALTER ANY CLUSTER system
privilege.
A schema object and its synonym are equivalent with respect to privileges. That is, the object
privileges granted for a table, view, sequence, procedure, function, or package apply whether
referencing the base object by name or using a synonym.
Slide 205
20
4
Schema object privileges can be granted to and revoked from users and roles. If you grant
object privileges to roles, you can make the privileges selectively available. Object
privileges for users and roles can be granted or revoked using the following:
The SQL statements GRANT and REVOKE, respectively
The Add Privilege to Role/User dialog box and the Revoke Privilege from Role/User dialog
box of Oracle Enterprise Manager.
20
5
Specify the object on which the object privileges are to be revoked. This object can be:
A table, view, sequence, procedure, stored function, or package, materialized view
A synonym for a table, view, sequence, procedure, stored function, package, or materialized
view
A library, indextype, or user-defined operator
If you do not qualify object with schema, Oracle assumes the object is in your own schema.
If you revoke the SELECT object privilege (with or without the GRANT OPTION) on the
containing table or materialized view of a materialized view, Oracle invalidates the
materialized view.
If you revoke the SELECT object privilege (with or without the GRANT OPTION) on any of
the master tables of a materialized view, Oracle invalidates both the materialized view and its
containing table or materialized view.
Slide 207
20
6
Revoking an object privilege can have cascading effects that should be investigated before
issuing a REVOKE statement.
Object definitions that depend on a DML object privilege can be affected if the DML object
privilege is revoked. For example, assume the procedure body of the test procedure
includes a SQL statement that queries data from the emp table. If the SELECT privilege
on the emp table is revoked from the owner of the test procedure, the procedure can no
longer be executed successfully.
When a REFERENCES privilege for a table is revoked from a user, any foreign key
integrity constraints defined by the user that require the dropped REFERENCES
privilege are automatically dropped. For example, assume that the user jward is granted
the REFERENCES privilege for the deptno column of the dept table and creates a foreign
key on the deptno column in the emp table that references the deptno column. If the
references privilege on the deptno column of the dept table is revoked, the foreign key
constraint on the deptno column of the emp table is dropped in the same operation.
Slide 208
20
7
Summary
20
8
Practice Overview
Note: Practice can be accomplished using SQL*Plus or using Oracle Enterprise Manager
and SQL*Plus Worksheet.
Slide 210
Lab
1. As SYSTEM, create user Emi and give her the capability to log on to the database and create
objects in her schema. Connect as Emi, and create tables CUSTOMERS and ORDERS. Connect
as SYSTEM and copy the data from OE.CUSTOMERS to Emis CUSOMTERS table. Verify that
records have been inserted. As SYSTEM give Bob the ability to select from Emi's CUSTOMERS
table.
2. Reconnect as Emi and give Bob the ability to select from Emi's CUSTOMERS table. Also, enable
Bob to give the select capability to other users. Examine the data dictionary views that record
these actions.
3. Create user Trevor with the capability to log on to the database. As Bob, enable Trevor to access
Emis CUSTOMERS table. Give Bob the new password sam. As Emi, remove Bobs privilege to
read Emis CUSTOMERS table. As Trevor, query Emis CUSTOEMRS table. What happens and
why?
4. Enable Emi to create tables in any schema. As Emi, create the table ORDERS in Bobs schema as
a copy of EMI.ORDERS. What happened and why?
20
9
Slide 211
Managing Roles
Slide 212
Objectives
After completing this lesson, you should be able to
do the following:
Create and modify roles
Control availability of roles
Remove roles
Use predefined roles
Display role information from the data dictionary
21
1
Slide 213
Roles
Users
A B C
Privileges
SELECT ON INSERT ON
JOBS JOBS
21
2
Introduction to Roles
What is a Role?
Oracle provides for easy and controlled privilege management through roles. Roles are
named groups of related privileges that you grant to users or other roles. Roles are
designed to ease the administration of end-user system and schema object privileges.
However, roles are not meant to be used for application developers, because the privileges
to access schema objects within stored programmatic constructs need to be granted
directly.
These properties of roles allow for easier privilege management within a database:
Benefits of Roles
Easier privilege management
Dynamic privilege management
Selective availability of privileges
Can be granted through the operating system
21
3
Benefits of Roles
Easier privilege management:
Use roles to simplify privilege management. Rather than granting the same set of privileges
to several users, you can grant the privileges to a role, and then grant that role to each
user.
Creating Roles
Roles with ADMIN option:
Not identified:
By password:
Identified externally:
CREATE ROLE oe_clerk;
21
4
Creating Roles
Purpose
Use the CREATE ROLE statement to create a role, which is a set of privileges that can be
granted to users or to other roles. You can use roles to administer database privileges. You
can add privileges to a role and then grant the role to a user. The user can then enable the
role and exercise the privileges granted by the role.
A role contains all privileges granted to the role and all privileges of other roles granted to
it. A new role is initially empty. You add privileges to a role with the GRANT statement.
Predefined Roles
21
5
Predefined Roles
Modifying Roles
21
6
Modifying Roles
Purpose
Use the ALTER ROLE statement to change the authorization needed to enable a role.
Prerequisites
You must either have been granted the role with the ADMIN OPTION or have ALTER ANY
ROLE system privilege.
Before you alter a role to IDENTIFIED GLOBALLY, you must:
Revoke all grants of roles identified externally to the role and
Revoke the grant of the role from all users, roles, and PUBLIC.
The one exception to this rule is that you should not revoke the role from the user who is
currently altering the role.
Slide 218
Assigning Roles
21
7
Assigning Roles
Grant Roles
You grant roles from users or other roles using the following options:
The Grant System Privileges/Roles dialog box and Revoke System Privileges/Roles dialog
box of Oracle Enterprise Manager
The SQL statement GRANT
Privileges are granted to roles using the same options. Roles can also be granted to from
users using the operating system that executes Oracle, or through network services.
Any user granted a role with the ADMIN OPTION can grant or revoke that role to or from
other users or roles of the database. This option allows administrative powers for roles on a
selective basis.
Slide 219
21
8
Default Roles
When a user logs on, Oracle enables all privileges granted explicitly to the user and all
privileges in the user's default roles.
A user's list of default roles can be set and altered using the ALTER USER statement. The
ALTER USER statement allows you to specify roles that are to be enabled when a user
connects to the database, without requiring the user to specify the roles' passwords. The
user must have already been directly granted the roles with a GRANT statement. You
cannot specify as a default role any role managed by an external service including a
directory service (external roles or global roles).
Application Roles
21
9
Application Roles
You grant a secure application role all privileges necessary to run a given database application.
Then, you grant the secure application role to other roles or to specific users. An application
can have several different roles, with each role assigned a different set of privileges that allow
for more or less data access while using the application.
SQL> CREATE ROLE admin_role IDENTIFIED USING hr.employees;
In this example, admin_role is an application role and the role can be enabled only by modules
that are defined inside the hr.employee PL/SQL package.
Slide 221
22
0
22
1
22
2
If you revoke a role from a user, Oracle makes the role unavailable to the user. If the role is
currently enabled for the user, the user can continue to exercise the privileges in the role's
privilege domain as long as it remains enabled. However, the user cannot subsequently
enable the role.
If you revoke a role from another role, Oracle removes the revoked role's privilege domain
from the revokee role's privilege domain. Users who have been granted and have enabled
the revokee role can continue to exercise the privileges in the revoked role's privilege
domain as long as the revokee role remains enabled. However, other users who have been
granted the revokee role and subsequently enable it cannot exercise the privileges in the
privilege domain of the revoked role.
If you revoke a role from PUBLIC, Oracle makes the role unavailable to all users who have
been granted the role through PUBLIC. Any user who has enabled the role can continue
to exercise the privileges in its privilege domain as long as it remains enabled. However,
users cannot subsequently enable the role. The role is not revoked from users who have
been granted the role directly or through other roles.
Slide 224
Removing Roles
Dropping a role:
Removes it from all users and roles it was
granted
Removes it from the database
Requires the ADMIN OPTION or DROP ANY
ROLE privilege
To drop a role:
22
3
Dropping Roles
In some cases, it may be appropriate to drop a role from the database. The security
domains of all users and roles granted a dropped role are immediately changed to reflect
the absence of the dropped role's privileges. All indirectly granted roles of the dropped role
are also removed from affected security domains. Dropping a role automatically removes
the role from all users' default role lists.
Because the creation of objects is not dependent on the privileges received through a role,
tables and other objects are not dropped when a role is dropped.
You can drop a role using the SQL statement DROP ROLE. To drop a role, you must have
the DROP ANY ROLE system privilege or have been granted the role with the ADMIN
OPTION.
The following statement drops the role CLERK:
DROP ROLE clerk;
Slide 225
Users
User
roles
HR_CLERK HR_MANAGER PAY_CLERK
Application
roles BENEFITS PAYROLL
Application
privileges
22
4
Create a role for each application task. The name of the application role corresponds to a task
in the application, such as PAYROLL.
Assign the privileges necessary to perform the task to the application role.
Create a role for each type of user. The name of the user role corresponds to a job title, such
as PAY_CLERK.
Grant application roles to users roles.
Grant users roles to users.
If a modification to the application requires that new privileges are needed to perform the
payroll task, then the DBA only needs to assign the new privileges to the application role,
PAYROLL. All of the users that are currently performing this task will receive the new
privileges.
Slide 226
PAY_CLERK PAY_CLERK_RO
22
5
Passwords allow a role to be enabled only through an application. This technique is shown in
the example in the slide.
The DBA has granted the user two roles, PAY_CLERK and PAY_CLERK_RO.
The PAY_CLERK has been granted all of the privileges that are necessary to perform the
payroll clerk function.
The PAY_CLERK_RO (RO for read only) has been granted only SELECT privileges on the
tables required to perform the payroll clerk function.
The user can log in to SQL*Plus to perform queries, but cannot modify any of the data,
because the PAY_CLERK is not a default role, and the user does not know the password
for PAY_CLERK.
When the user logs in to the payroll application, it enables the PAY_CLERK by providing
the password. It is coded in the program; the user is not prompted for it.
Slide 227
22
6
Summary
22
7
Practice Overview
Note: Practice can be accomplished using SQL*Plus or using Oracle Enterprise Manager
and SQL*Plus Worksheet.
Slide 229
Lab
1. Examine the data dictionary view and list the system privileges of the RESOURCE
role.
2. Create a role called DEV, which enables a user to create a table, create a view and
select from OEs CUSTOMERS table.
3. Create user Bob. Assign the RESOURCE and DEV roles to Bob, but make only the
RESOURCE role to be automatically enabled when he logs on.
4. Give Bob the ability to read all the data dictionary information.
5. Bob needs to check the undo segments that are currently used by the instance.
6. Connect as Bob and list the undo segments used.
7. As SYSTEM, try to create a view CUST_VIEW on OEs CUSTOMERS table. What
happens and why?
8. As user OE grant select on customers to SYSTEM. As SYSTEM try to create view
CUST_VIEW on OEs CUSTOMERS table. What happens and why?
22
8
Slide 230
22
9
Slide 231
23
0
Slide 232
23
1
Slide 233
Managing Tables
Creating a Table
Adding a Column To a Table
Modifying a Column In a Table
Dropping a Column From a Table
Adding a Check Constraint
Adding a Unique Constraint
Adding a Primary Key Constraint
Adding a Foreign Key Constraint
Viewing Existing Constraints
Disabling and Enabling a Constraint
Dropping a Constraint
Adding Data to a Table
Modifying Data in a Table
Removing a Row in a Table
Dropping a Table
23
2
Slide 234
Managing Tables
Creating a Table
Syntax
CREATE TABLE "table_name"
("column 1" "data_type_for_column_1",
"column 2" "data_type_for_column_2",
... )
Example
Create table emp
(EmpNo. Number,
EmpName Varchar2[100]);
23
3
Slide 235
Managing Tables
Altering a Table
Once a table is created in the database, there are many occasions
where one may wish to change the structure of the table. Typical
cases include the following:
Add a column
Drop a column
Change a column name
Change the data type for a column
Syntax
ALTER TABLE "table_name"
[alter specification]
23
4
Slide 236
Managing Tables
The ALTER TABLE statement allows you to rename an
existing table. It can also be used to add, modify, or drop
a column from an existing table.
Renaming a table
Syntax
ALTER TABLE table_name
RENAME TO new_table_name;
Example:
ALTER TABLE emp
RENAME TO employee
This will rename the emp table to employee
23
5
Slide 237
Managing Tables
Adding column(s) to a table
Syntax
ALTER TABLE table_name
ADD column_name column-definition;
Example:
ALTER TABLE emp
ADD dept_name varchar2(50);
23
6
Slide 238
Managing Tables
Modifying column(s) in a table
Syntax
ALTER TABLE table_name
MODIFY column_name column_type;
Example
ALTER TABLE emp
MODIFY dept_name varchar2(100) not null;
23
7
Slide 239
Syntax
ALTER TABLE table_name
DROP COLUMN column_name;
Example
23
8
Slide 240
Managing Tables
Rename column(s) in a table
Syntax
ALTER TABLE table_name
RENAME COLUMN old_name to new_name;
Example
23
9
Slide 241
Managing Indexes
Create an Index
Display the index on a table
Dropping an index
24
0
Slide 242
Creating an Index
Create Index
SYNTAX
Example
This will create index idx_empno on the column empno of table emp.
24
1
Slide 243
Example
24
2
Slide 244
Dropping an Index
SYNTAX
Example
24
3
Slide 245
Managing Views
24
4
Slide 246
Creating View
CREATE VIEW
SYNTAX
EXAMPLE
24
5
Slide 247
EXAMPLE
24
6
Slide 248
Dropping a view
DROP VIEW
SYNTAX
24
7
Slide 249
Managing Synonyms
24
8
Slide 250
Managing Synonyms
CREATE SYNONYM
SYNTAX
EXAMPLE
24
9
Slide 251
Managing Synonyms
Display information of Synonyms
Dropping a synonym
EXAMPLE
25
0
Slide 252
Summary
In this lesson you understood how to manage the following database objects
Tables
Indexes
Views
Synonyms
LAB
1) Create table emp in HR schema with two columns empno and empname
2) Now add two columns salary and deptname to the table emp
3) Drop column deptname from the table emp
4) Create index emp_idx on empno column of emp table
5) Check the index emp_idx in the dba_indexes
6) Create synonym of emp table in the SCOTT schema
7) Check the synonym name in the dba_sequences
8) Create view on the table emp so as to not select salary column.
25
1
Slide 253
Networking Overview
Slide 254
Objectives
25
3
Slide 255
Client
Server
Listener
tnsnames.ora
sqlnet.ora listener.ora
sqlnet.ora
25
4
Connection Methods
25
5
Connection Methods
Spawn and Bequeath
The listener passes or bequeaths the connection to a spawned process. This method is used in a
dedicated server configuration only.
Direct Hand-Off
The listener will hand off a connection to a dispatcher when an Oracle Shared Server is used.
This method is not possible with dedicated server processes.
Redirected (Message)
A connection may be redirected by the listener to a dispatcher if a Shared Server is used.
Note: Each of the connection types is covered in more detail later in the lesson.
Transparency of Direct Hand Off and Redirect
Whether a connection session is bequeathed, handed off, or redirected to an existing process,
the session is transparent to the user. It can be detected only by turning on tracing and
analyzing the resulting trace file.
Slide 257
3
4
2
1
listener
25
6
Redirected Session
Client Server
Server or
dispatcher
6 process
5 3
port
4 2
1 port
Listener
25
7
25
8
25
9
1. LISTENER =
2. (ADDRESS_LIST =
3. (ADDRESS= (PROTOCOL= TCP)(Host= stc-
sun02)(Port= 1521)))
4. SID_LIST_LISTENER =
5. (SID_LIST =
6. (SID_DESC =
7. (ORACLE_HOME= /home/oracle)
8. (GLOBAL_DBNAME = ORCL.us.oracle.com)
9. (SID_NAME = ORCL)))
26
0
26
1
26
2
Service Registration
By default, the PMON process registers service information with its local listener on the
default local address of TCP/IP, port 1521.
Using a Nondefault Listener
You can force PMON to register with a local listener on the server that does not use TCP/IP or
use port 1521 by configuring the LOCAL_LISTENER parameter in the initialization parameter
file as follows:
LOCAL_LISTENER=listener_alias
listener_alias must be resolved to the listener protocol address through a naming
method such as tnsnames.ora. An example entry in the tnsnames.ora follows:
listener_name=
(DESCRIPTION=
(ADDRESS=(PROTOCOL=tcp)(HOST=sales-server)(PORT=1421)))
Slide 264
Prompt syntax:
LSNRCTL> <command name>
26
3
LSNRCTL Commands
26
4
LSNRCTL Commands
Starting the Listener
You can use the START command to start the listener from the Listener Control utility. Any
manual changes to the listener.ora file must be made when the listener is shut down. The
argument for the START command is the name of the listener, and if no argument is specified,
the current listener is started. If a current listener is not defined, LISTENER is started.
LSNRCTL> START [listener_name] or
$ lsnrctl start [listener_name]
On Windows NT, the listener can also be started through the Control Panel:
1. Double-click the Services icon in the Control Panel window.
2. Select the Oraclehome_nameTNSListener service (the service name if you are using
the default listener name LISTENER) or Oraclehome_nameTNSListenerlsnr, where
lsnr is the nondefault listener name.
3. Click Start to start the service.
4. In the Services window, click Close.
Slide 266
26
5
Summary
26
6
Slide 268
Objectives
After completing this lesson, you should be able to do the
following:
Describe the difference between host naming and local
service name resolution
Use Oracle Net Configuration Assistant to configure:
Host Naming method
Local naming method
Net service names
Perform simple connection troubleshooting
26
8
Slide 270
26
9
Host Naming
Clients can connect to a server using a host name
under the following conditions:
Connecting to an Oracle database service using
Oracle Net Services Client software
Client and server are connecting using TCP/IP
protocol
Host names are resolved through an IP address
translation mechanism such as DNS or a local
/etc/hosts file
No advanced features such as Connection Manager or
security options are used
27
0
Client Server
TCP/IP
names.directory_path = (HOSTNAME)
sqlnet.ora
listener.ora
27
1
Client-Side Requirements
If you are using the host naming method, you must have TCP/IP installed on your client
machine. In addition you must install Oracle Net Services and the TCP/IP protocol adaptor.
The host name is resolved through an IP address translation mechanism such as Domain Name
Services (DNS), Network Information Services (NIS), or a centrally maintained TCP/IP host
file. This should be configured from the client side before attempting to use the host naming
method.
Slide 273
Client Server
TCP/IP
1521
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = stc-sun02.us.oracle.com)
(ORACLE_HOME = /u03/ora9i/rel12)
(SID_NAME = TEST)
sqlnet.ora listener.ora
27
2
Server-Side Requirements
If you are using the host naming method, you must have TCP/IP installed on your server as
well as your client. You also need to install Oracle Net Services and the TCP/IP protocol
adaptor on the server side.
In Oracle8i and Oracle9i information about the database is automatically registered with the
listener, including the global database name when one of the following is true:
The default listener named LISTENER running on TCP/IP on port 1521 is running
The LOCAL_LISTENER parameter is set in the initialization file
In earlier versions, database information is registered with the listener through the
listener.ora file. You must statically configure the SID_LIST_listener_name
section to include the GLOBAL_DBNAME parameter. The global database name is comprised of
the database name and database domain name. You can obtain the GLOBAL_DBNAME value
from the SERVICE_NAMES parameter, or from the DB_NAME and DB_DOMAIN parameters in
the initialization parameter file.
The host name must match the connect string you specify from your client. The additional
information included is the database to which you want to connect.
Slide 274
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = stc-sun02.us.oracle.com)
(ORACLE_HOME = /u03/ora9i/rel12)
(SID_NAME
Connecting =from the client
TEST)
sqlplus system/manger@stc-sun02.us.oracle.com
27
3
27
4
27
5
Local Naming
Client Server
sqlnet.ora
tnsnames.ora listener.ora
27
6
27
7
27
8
27
9
28
0
28
1
Network Protocol
28
2
28
3
28
4
28
5
Test Result
If the data entered is correct, the connection should be made successfully. If not, the Details
window should provide useful diagnostic information to troubleshoot the connection. Please
note that the default username used for the connection is scott. If you have no such user you
should click Change Login and enter a valid username and password combination then retry
the connection.
If the connection is successful, click Next to continue. Do not click Cancel because the service
information is not yet saved.
Note: After the tnsnames.ora file has been saved, the net service name can also be tested
from the command line by using the tnsping utility. For example:
$ tnsping U01
TNS Ping Utility for Solaris: Version 9-Production
Used parameter files:
/u01/user01/NETWORK/ADMIN/sqlnet.ora
/u01/user01/NETWORK/ADMIN/tnsnames.ora
Used TNSNAMES adapter to resolve the alias
Attempting to contact (ADDRESS=(PROTOCOL=TCP)(HOST=stc-
sun02)(PORT=1701))
OK (0 msec)
Slide 287
28
6
28
7
28
8
sqlplus system/manager@MY_SERVICE
SQL*Plus:Release 9.0.1.0.0-Production on Thu Nov 15 13:46:24 2001
(c) Copyright 2001 Oracle Corporation. All rights reserved.
Connected to:
Oracle9i Enterprise Edition Release 9.0.1.0.0 - Production
JServer Release 9.0.1.0.0 - Production
SQL>
28
9
29
0
Troubleshooting
The following describes common errors and how they can be resolved.
ORA-12154: TNS:could not resolve service name
Cause: Oracle Net Services cannot locate the connect descriptor specified in the
tnsnames.ora configuration file.
Action
1. Verify that a tnsnames.ora file exists and that it is accessible.
2. Verify that the tnsnames.ora file is in the location specified by the TNS_ADMIN
environment variable.
3. In your tnsnames.ora file, verify that the service name specified in your connection
string is mapped to a connect descriptor in the tnsnames.ora file. Also, verify that
there are no syntax errors in the file.
4. Verify that there are no duplicate copies of the sqlnet.ora file.
5. If you are connecting from a login dialog box, verify that you are not placing an at
symbol (@) before your connection service name.
Slide 292
Summary
In this lesson, you should have learned how to:
Describe the difference between host naming and local
service name resolution
Use Oracle Net Configuration Assistant to configure:
Host naming method
Local naming method
Net service names
Perform simple connection troubleshooting
29
1
Slide 293
Understanding Oracle DB
Utilities
29
2
Slide 294
29
3
Slide 295
29
4
Slide 296
29
5
Slide 297
29
6
Slide 298
Export Example
29
7
Slide 299
29
8
Slide 300
Network Mode
Restartability
Parallelization
Include/Exclude
SQLFILE
29
9
Slide 301
30
0
Slide 302
30
1
Slide 303
30
2
30
3
Slide 305
30
4
Slide 306
30
5
Slide 307
30
6
Slide 308
30
7
Slide 309
Fine grained object selection is allowed for both expdp and impdp
Objects may be either excluded or included
List of object types and a short description of them may be found in the
following views:
DATABASE_EXPORT_OBJECTS
SCHEMA_EXPORT_OBJECTS
TABLE_EXPORT_OBJECTS
30
8
Old Export/Import had limited object selection through the indexes, constraints, statistics, and
triggers parameter
A Data Pump job works upon object classes.
Slide 310
30
9
Slide 311
31
0
Slide 312
31
1
In original Import, the INDEXFILE parameter generated a text file which contained the
SQL commands necessary to recreate tables and indexes that you could then edit to
get a workable DDL script.
Slide 313
FLASHBACK_SCN
31
2
Slide 314
FLASHBACK_TIME
The FLASHBACK_TIME parameter is similar to the FLASHBACK_SCN
parameter. The only difference is that here you use a time, instead of an SCN, to
limit the export.
Oracle finds the SCN that most closely matches the time you specify, and uses
this SCN to enable the Flashback utility.
The Data Pump Export operation will be consistent as of this SCN. Heres an
example:
$ expdp system/sammyy1 DIRECTORY=dpump_dir1
DUMPFILE=hr_time.dmp FLASHBACK_TIME="TO_TIMESTAMP('25-05-
2005 17:22:00', 'DD-MM-YYYY HH24:MI:SS)
31
3
Slide 315
31
4
Slide 316
31
5
How can I monitor my Data Pump jobs to see what is going on? :
Enhancement in 10g
V$transportable_platform
Endian Formats and RMAN convert command
31
6
Slide 318
Is my tablespace transportable ?
Enterprise Edition is required to generate a transportable tablespace set.
It should be self contained tablespace.
Must use same characterset and national characterset.
To import a transportable tablespace set into an Oracle Database on a
different platform, both databases must have compatibility set to at least
10.0.
SQL> select * from v$transportable_platform order by platform_id;
PLATFORM_ID PLATFORM_NAME ENDIAN_FORMAT
----------- ----------------------------------- --------------
1 Solaris[tm] OE (32-bit) Big
2 Solaris[tm] OE (64-bit) Big
3 HP-UX (64-bit) Big
4 HP-UX IA (64-bit) Big
5 HP Tru64 UNIX Little
6 AIX-Based Systems (64-bit) Big
7 Microsoft Windows IA (32-bit) Little
8 Microsoft Windows IA (64-bit) Little
9 IBM zSeries Based Linux Big
10 Linux IA (32-bit) Little
11 Linux IA (64-bit) Little
12 Microsoft Windows 64-bit for AMD Little
13 Linux 64-bit for AMD Little
15 HP Open VMS Little
16 Apple Mac OS Big
31
7
Source Database
ALTER TABLESPACE READ ONLY
Exporting TTS Metadata
Convert Datafile(s) within RMAN, if needed.
ALTER TABLESPACE READ WRITE
Copy to Target Database
TTS Metadata
Datafile(s)
Target Database
Move Datafile(s) to database directory
Import TTS Metadata
Test the plugged tablespace
Slide 319
Endian Format
Operating systems, including Windows, store multi-byte binary data with
the least significant byte in the lowest memory address; therefore, the
system is called Little Endian.
Other OSs, including Solaris, store the most significant byte in the
lowest memory address, hence the term Big Endian.
31
8
Slide 320
31
9
RMAN>
Slide 321
32
0
Lab
32
1
Slide 323
Overview of DBVERIFY
32
2
Slide 324
32
3
32
4
Slide 326
Objectives
After completing this lesson, you should be able to
do the following:
Describe the usage of SQL*Loader
Perform basic SQL*Loader operations
List guidelines for using SQL*Loader and Direct load
32
5
Slide 327
SQL*Loader
Loader control file
Input datafiles
Parameter file
SQL*Loader Rejected
(optional)
Field processing
Discarded Accepted
Record selection Bad
file
Selected
Oracle server
Discard file
Inserted Rejected
(optional)
Log file
Database datafiles
32
6
SQL*Loader Features
SQL*Loader loads data from external files into tables in an Oracle database. SQL*Loader has
the following features:
SQL*Loader can use one or more input files.
Several input records can be combined into one logical record for loading.
Input fields can be of fixed or variable lengths.
Input data can be in any format: character, binary, packed decimal, date, and zoned decimal.
Data can be loaded from different types of media such as disk, tape, or named pipes.
Data can be loaded into several tables in one run.
Options are available to replace or to append to existing data in the tables.
SQL functions can be applied on the input data before the row is stored in the database.
Column values can be auto generated based on rules. For example, a sequential key value can
be generated and stored in a column.
Data can be loaded directly into the table, bypassing the database buffer cache.
Slide 328
Using SQL*Loader
$sqlldr hr/hr \
> control=case1.ctl \
> log=case1.log direct=Y
case1.ctl
SQL*Loader
EMPLOYEES table
case1.log
32
7
Using SQL*Loader
Command line:
When you invoke SQL*Loader, you can specify parameters that establish session
characteristics. Parameters can be entered in any order, optionally separated by commas. You
can specify values for parameters, or in some cases, you can accept the default without entering
a value.
If you invoke SQL*Loader without specifying any parameters, SQL*Loader displays a Help
screen that lists the available parameters and their default values.
Example
1,amar,consultant
2,akbar,se
3,anthony,analyst
32
8
Using SQL*Loader
Command line:
When you invoke SQL*Loader, you can specify parameters that establish session
characteristics. Parameters can be entered in any order, optionally separated by commas. You
can specify values for parameters, or in some cases, you can accept the default without entering
a value.
If you invoke SQL*Loader without specifying any parameters, SQL*Loader displays a Help
screen that lists the available parameters and their default values.
Example
Prepare a controlfile as control.ctl as follows
load data
infile 'c:\Text.txt'
into table employees
fields terminated by ',
(emp_id,name,designation)
32
9
Using SQL*Loader
Command line:
When you invoke SQL*Loader, you can specify parameters that establish session
characteristics. Parameters can be entered in any order, optionally separated by commas. You
can specify values for parameters, or in some cases, you can accept the default without entering
a value.
If you invoke SQL*Loader without specifying any parameters, SQL*Loader displays a Help
screen that lists the available parameters and their default values.
33
0
Slide 332
Summary
33
1
Practice Overview
Note: Practice can be accomplished using SQL*Plus or using Oracle Enterprise Manager
and SQL*Plus Worksheet.
Slide 333
Lab
Using a text editor (such as Windows Notepad), create a SQL*Loader controlfile, called
STREAMIN.CTL, as follows:
load data
infile 'STREAMIN.DAT' "str \n"
append
into table dp_test
fields terminated by ','
(username,user_id)
Note that the append keyword allows SQL*Loader to insert into a table that already contains rows.
Using a text editor as before, create the input datafile, to be called STREAMIN.DAT, as follows:
John,100
Damir,200
McGraw,9999
From an operating system prompt, issue this command:
sqlldr userid=system/oracle control=STREAMIN.CTL
Log in to your instance with SQL*Plus, and confirm that the three new rows have been inserted into
the table:
select * from dp_test
33
2
Slide 334
Unit Objectives
After this session you must be able to -
Create Resource Consumer Groups
Create Resource plans
Assign resource allocation methods to Resource Plans
Use Database Resource Manager
33
4
Slide 336
33
5
The main goal of the Database Resource Manager is to give the Oracle Database server more
control over resource management decisions, thus circumventing problems resulting from
inefficient operating system management.
When database resource allocation decisions are left to the operating system, you may encounter
the following problems:
Excessive overhead
Excessive overhead results from operating system context switching between
Oracle Database server processes when the number of server processes is high.
Inefficient scheduling
The operating system deschedules database servers while they hold latches, which
is inefficient.
Inappropriate allocation of resources
The operating system distributes resources equally among all active processes and
is unable to prioritize one task over another.
33
6
Slide 338
33
7
Slide 339
33
8
Slide 340
Element Description
Resource consumer group User sessions grouped together based on resource processing
requirements.
Resource plan Contains directives that specify how resources are allocated to resource
consumer groups.
Resource allocation method The method/policy used by the Database Resource Manager when
allocating for a particular resource; used by resource consumer groups
and resource plans. The database provides the resource allocation
methods that are available, but you determine which method to use.
Resource plan directive Used by administrators to associate resource consumer groups with
particular plans and allocate resources among resource consumer groups.
33
9
Slide 341
34
0
Slide 342
34
1
Slide 343
34
2
CPU Method
This method enables you to specify how CPU resources are to be allocated among consumer
groups or subplans. Multiple levels of CPU resource allocation (up to eight levels) provide a
means of prioritizing CPU usage within a plan schema.
When there is only one level, unused allocation by any consumer group or subplan can be used
by other consumer groups or subplans in the level.
Active Session Pool with Queuing
You can control the maximum number of concurrently active sessions allowed within a
consumer group. This maximum designates the active session pool. When a session cannot be
initiated because the pool is full, the session is placed into a queue. When an active session
completes, the first session in the queue can then be scheduled for execution. You can also
specify a timeout period after which a job in the execution queue (waiting for execution) will
timeout, causing it to terminate with an error.
An entire parallel execution session is counted as one active session.
Degree of Parallelism Limit
Specifying a parallel degree limit enables you to control the maximum degree of parallelism for
any operation within a consumer group.
Automatic Consumer Group Switching
This method enables you to control resources by specifying criteria that, if met, causes the
automatic switching of sessions to another consumer group. The criteria used to determine
switching are:
Switch group: specifies the consumer group to which this session is switched if the other
(following) criteria are met
Switch time: specifies the length of time that a session can execute before it is switched to
another consumer group
Switch time in call: specifies the length of time that a session can execute before it is switched to
another consumer group. Once the top call finishes, the session is restored to its original
consumer group.
Use estimate: specifies whether the database is to use its own estimate of how long an operation
will execute
The Database Resource Manager switches a running session to switch group if the session is
active for more than switch time seconds. Active means that the session is running and
consuming resources, not waiting idly for user input or waiting for CPU cycles. The session is
allowed to continue running, even if the active session pool for the new group is full. Under
these conditions a consumer group can have more sessions running than specified by its active
session pool. Once the session finishes its operation and becomes idle, it is switched back to its
original group.
If use estimate is set to TRUE, the Database Resource Manager uses a predicted estimate of how
long the operation will take to complete. If the database estimate is longer than the value
specified as the switch time, then the database switches the session before execution starts. If this
parameter is not set, the operation starts normally and only switches groups when other switch
criteria are met.
Switch time in call is useful for three-tier applications where the middle tier server is using
session pooling. At the end of every top call, a session is switched back to its original consumer
group--that is, the group it would be in had it just logged in. A top call in PL/SQL is an entire
PL/SQL block being treated as one call. A top call in SQL is an individual SQL statement issued
separately by the client being treated as a one call.
You cannot specify both switch time in call and switch time.
Canceling SQL and Terminating Sessions
You can also specify directives to cancel long-running SQL queries or to terminate long-running
sessions. You specify this by setting CANCEL_SQL or KILL_SESSION as the switch group.
Execution Time Limit
You can specify a maximum execution time allowed for an operation. If the database estimates
that an operation will run longer than the specified maximum execution time, the operation is
terminated with an error. This error can be trapped and the operation rescheduled.
Undo Pool
You can specify an undo pool for each consumer group. An undo pool controls the amount of
total undo that can be generated by a consumer group. When the total undo generated by a
consumer group exceeds its undo limit, the current DML statement generating the redo is
terminated. No other members of the consumer group can perform further data manipulation
until undo space is freed from the pool.
Idle Time Limit
You can specify an amount of time that a session can be idle, after which it will be terminated.
You can further restrict such termination to only sessions that are blocking other sessions.
Slide 344
34
3
Slide 345
EXEC DBMS_RESOURCE_MANAGER_PRIVS.GRANT_SYSTEM_PRIVILEGE -
(GRANTEE_NAME => 'scott', PRIVILEGE_NAME =>
'ADMINISTER_RESOURCE_MANAGER', - ADMIN_OPTION => FALSE);
34
4
Slide 346
DBMS_RESOURCE_MANAGER_PRIVS
Procedure Description
GRANT_SYSTEM_PRIVILEGE Grants ADMINISTER_RESOURCE_MANAGER system privilege to
a user or role.
34
5
Slide 347
34
6
Slide 348
34
7
Slide 349
34
8
Before using the Database Resource Manager to allocate resources, modify an old plan or create a new plan, you need to create what is called a
pending area to validate changes before their implementation. The pending area serves as a work area for your changes. All the resource plans
youll create will be stored in the data dictionary and the pending area is the staging area where you work with before they are implemented
Slide 350
34
9
Slide 351
35
0
Slide 352
35
1
Slide 353
35
2
Slide 354
SQL> EXEC
DBMS_RESOURCE_MANAGER.SUBMIT_PENDING_AREA();
35
3
Slide 355
35
4
Slide 356
35
5
Slide 357
35
6
Slide 358
35
7
Slide 359
35
8
Slide 360
Block Corruption
Datafile block can be accessed but the contents within
block are invalid or inconsistent.
Database remains available
Causes
Faulty hardware or software in the I/O stack including
The file system
Volume Manager
Device Manager
Host Bus Adapter
Storage Controller
Disk Drive
35
9
Slide 361
36
0
Slide 362
A single corrupt data block in a user table that cannot be read by the
application because of a bad spot of the physical disk
A database that automatically shuts down because of the invalid
blocks of a datafile in the SYSTEM tablespace caused by a failing
disk controller
Regularly monitoring of application logs the alert log, and Oracle
trace files for errors such as ORA-1578 and ORA-1110
ORA-01578: ORACLE data block corrupted (file # 4, block # 26)
ORA-01110: data file 4: '/u01/oradata/objrs/obj_corr.dbf'
36
1
Slide 363
36
2
Slide 364
36
3
Slide 365
36
4
Slide 366
36
5
Slide 367
The following query can be used to find out which objects are affected after
getting the file id and block id
36
6
Slide 368
Object affected
Data dictionary or UNDO segment:
Temporary segment
Application segment
Impact to application
Cost of local recovery
Extent of corruption
36
7
Object affected: The recovery actions available depend on which objects are affected by the
corruption. Possible values are:
Data dictionary or UNDO segment: The object affected is owned by SYS or is part of
UNDO tablespace
Temporary segment: Corruptions within a temporary segment or object within a
temporary tablespace do not affect permanent objects
Application segment: Table, index, or cluster used by the application
Impact to application
An object may be critical for the application to function. This includes objects that are
critical for the performance and usability of the application. It could also be a history,
reporting, or logging table, which may not be as critical. It could also be an object that is
no longer in use or a temporary segment.
This criterion only applies to a Data Guard environment and should be used to decide
between recovering the affected object locally and using Data Guard failover. Possible
values are:
High: Object is critical to the application such that available or performance
suffers significantly
Low: Object is not critical and has little or no impact to the application
Cost of local recovery
This criterion only applies to a Data Guard environment and should be used to decide
between recovering the affected object locally and using Data Guard failover. This is not
a business cost which is assumed to be implicit in deciding how critical an object is to the
application but cost in terms of feasibility of recovery, resources required and their
impact on performance and total time taken.
Cost of local recovery should include the time to restore and recover the object from a valid
source; the time to recover other dependent objects like indexes, constraints, and related tables
and its indexes and constraints; availability of resources like disk space, data or index tablespace,
temporary tablespace; and impact on performance and functionality of current normal
application functions due to absence of the corrupt object.
Extent of corruption
Corruption may be localized so that it affects a known number of blocks within one or a
few objects, or it may be widespread so that it affects a large portion of an object.
Slide 369
36
8
Slide 370
36
9
Slide 371
DUMP_ORPHAN_KEYS Reports on index entries that point to rows in corrupt data blocks
FIX_CORRUPT_BLOCKS Marks blocks as software corrupt that have been previously identified as
corrupt by the CHECK_OBJECT procedure
SEGMENT_FIX_STATUS Provides the capability to fix the corrupted state of a bitmap entry when
segment space management is AUTO
SKIP_CORRUPT_BLOCKS When used, ignores blocks marked corrupt during table and index scans. If
not used, you get error ORA-1578 when encountering blocks marked
corrupt.
37
0
Slide 372
37
1
Instructor Note
Demonstrate all the four tasks mentioned in the slide using DBMS_REPAIR package
Slide 373
Summary
37
2
Slide 374
LAB
1) Use dbv command to verify a datafile and study the
output it gives.
2) Use DBMS_REPAIR package to Detect Block Corruption
3) Use DBMS_REPAIR package to Fix Corrupt Blocks
4) Use DBMS_REPAIR package to find index entries
pointing to corrupt data blocks
5) Use DBMS_REPAIR package to skip corrupt blocks
37
3
Slide 375
37
4
Slide 376
37
5
Slide 377
Examples
Copy of physical datafiles, controlfiles and logfiles,
when the database is shutdown (Also called cold
backup)
Rman Backup
37
6
Slide 378
Examples
Backup of a particular schema or an object using
tools like export utility, datapump
37
7
Slide 379
37
8
Slide 380
Recovery concepts
Recovery can be done using SQLPLUS or RMAN. If
SQLPLUS is used the command used is RECOVER. If
RMAN is used then RMAN RECOVER command is run
from the RMAN prompt
37
9
Slide 381
Hot backup is taken when the database is up and
running. Hot backup is taken when the database is
mission critical and cannot be shutdown for taking
backup. This type of backup is also called online backup
38
0
Slide 382
Objectives
After completing this lesson, you should be able to
do the following:
Identify types of RMAN specific backups
Use the RMAN BACKUP command to create backup
sets
Back up the control file
Back up the the archived redo log files
Use the RMAN COPY command to create image
copies
38
2
Slide 384
38
3
Backup set
Datafile Datafile Datafile Datafile Control
1 4 1 3 file
Datafile Control Datafile Datafile
2 file 2 4
Datafile Backup Backup Backup
3 set 1 set 2 set 3
38
4
Backup Sets
38
5
Backup Sets
A backup set consists of one or more physical files stored in an RMAN-specific format, on
either disk or tape. You can make a backup set containing datafiles, control files, and archived
redo log files. You can also back up a backup set. Backup sets can be of two types:
Datafile: Can contain datafiles and control files, but not archived logs
Archived log: Contains archived logs, not datafiles or control files
Note: Backup sets may need to be restored by Recovery Manager before recovery can be
performed, unlike image copies which are on disks.
Control Files in Datafile Backup Sets
Each file in a backup set must have the same Oracle block size. When a control file is included,
it is written in the last datafile backup set. A control file can be included in a backup set either:
Explicitly by using the INCLUDE CONTROL FILE syntax
Implicitly by backing up file 1 (the system datafile)
The RMAN BACKUP command is used to back up datafiles, archived redo log files, and
control files. The BACKUP command backs up the files into one or more backup sets on disk or
tape. You can make the backups when the database is open or closed. Backups can be full or
incremental backups.
Slide 387
38
6
Backup Piece
A backup piece is a file in a backup set.
A backup piece can contain blocks from more than
one datafile.
38
7
Backup Piece
A logical backup set usually only has one backup piece. A backup piece is a single physical file
that can contain one or more Oracle datafiles or archived logs.
For a large database, a backup set might exceed the maximum size for a single tape reel,
physical disk, or operating system file. The size of each backup set piece can therefore be
limited by using MAXPIECESIZE with the CONFIGURE CHANNEL or ALLOCATE CHANNEL
commands.
Slide 389
RMAN> RUN {
2> ALLOCATE CHANNEL t1 TYPE 'SBT
3> BACKUP DATABASE;
4> }
38
8
38
9
39
0
39
1
Datafile Datafile
Datafile 1 1
1
Datafile Datafile
Datafile 2 2
2
BACKUP1 BACKUP2
Backup set
39
2
Datafile Datafile
1 1
Datafile Datafile
2 2
39
3
39
4
RMAN> BACKUP
2> FORMAT '/disk1/backup/ar_%t_%s_%p'
3> ARCHIVELOG ALL DELETE ALL INPUT;
39
5
Backup Constraints
The database must be mounted or open.
Online redo log backups are not supported.
Only clean backups are usable in NOARCHIVELOG
mode.
Only current datafile backups are usable in
ARCHIVELOG mode.
39
6
Backup Constraints
When performing a backup using Recovery Manager, you must be aware of the following:
The target database must be mounted for Recovery Manager to connect.
Backups of online redo logs are not supported.
If the target database is in NOARCHIVELOG mode, only clean tablespace and datafile
backups can be taken (that is, backups of offline normal or read only tablespaces).
Database backups can be taken only if the database has first been shut down cleanly and
restarted in Mount mode.
If the target database is in ARCHIVELOG mode, only current datafiles can be backed up
(restored datafiles are made current by recovery).
If a recovery catalog is used, the recovery catalog database must be open.
Slide 398
Image Copies
39
7
Image Copies
An image copy contains a single datafile, archived redo log file, or control file. An image copy
can be created with the RMAN COPY command or an operating system command.
When you create the image copy with the RMAN COPY command, the server session validates
the blocks in the file and records the copy in the control file.
Slide 399
39
8
Archived Archived
log file log file Copy of archived log
39
9
Image Copies
The RMAN COPY command creates an image copy of a file. The output file is always written
to disk. You can copy datafiles, archived redo log files, or control files. In many cases, copying
datafiles is more beneficial than backing them up, because the output is suitable for use without
any additional processing.
If you want to make a whole database backup with the COPY command, you must copy each
datafile with a separate COPY statement. You can also make a copy of the control file and
archived redo log files.
The example in the slide assumes that you are using automatic channel allocation. If you are
manually allocating channels, include the COPY command within the RUN statement as
follows:
RMAN > RUN {
2> ALLOCATE CHANNEL c1 type disk;
3> COPY
4> DATAFILE '/ORADATA/users_01_db01.dbf' to
5> '/BACKUP/users01.dbf' tag=DF3,
6> ARCHIVELOG 'arch_1060.arc' to
7> 'arch_1060.bak';}
Slide 401
RMAN> COPY
2> DATAFILE 3 TO '/BACKUP/file3.dbf',
3> DATAFILE 1 TO '/BACKUP/file1.dbf';
Datafile
Datafile Control Redo log
1 files file 1
1
Image copy
Datafile Redo log
2 file 2
Datafile
3 Datafile
3 Database
Image copy
40
0
40
1
40
2
40
3
Level 0 Level 0
Lvl 0 2 2 1 2 2 2 0
Day Sun Mon Tue Wed Thu Fri Sat Sun
40
4
Level 0 Level 0
Lvl 0 2 2C 1 2 2C 2C 0
Day Sun Mon Tue Wed Thu Fri Sat Sun
40
5
40
6
40
7
Datafiles Datafile
2,4 4
40
8
40
9
41
0
41
1
Summary
In this lesson, you should have learned how to:
Determine what type of RMAN backups should be
taken
Make backups with the RMAN COPY and BACKUP
commands
Back up the control file
Back up the archived redo log files
41
2
Slide 414
41
3
Slide 415
How
- To diagnose performance problems correctly,
statistics must be available.
- Oracle generates different types of cumulative
statistics for the system, sessions, and individual SQL
statements.
- Oracle provides different performance monitoring
tools to effective diagnose a problem
41
4
Slide 416
DB Statistics
- gives information on the type of load, internal and
external resources used by the database etc
Wait Event
- Any event that prevents an oracle process from
proceeding to complete its task
E.g..
Idle: wait events that signify the session is inactive, such
as SQL*Net message from client
41
5
Slide 417
41
6
Slide 418
41
7
Slide 419
41
8
Slide 420
41
9
Slide 421
42
0
Slide 422
42
1
Slide 423
42
2
Slide 424
AWR
- Automatically generates snapshots once every hour &
stores in workload repository.
- Possible to create manual snapshots
- Automatic Database Diagnostic Monitor (ADDM) uses
snapshot details
- Compares the difference between snapshots to
determines, SQL statements to be captured
- snapshots are captured once every hour and are
retained in the database for 7 days, by default
42
3
Slide 425
AWR Views
DBA_HIST_ACTIVE_SESS_HISTORY displays the
history of the contents of the in-memory active
session history for recent system activity.
DBA_HIST_DATABASE_INSTANCE displays
information about the database environment
42
4
Slide 426
AWR Views
DBA_HIST_SNAPSHOT displays information on
snapshots in the system
42
5
Slide 427
42
6
Slide 428
42
7
Slide 429
42
8
Slide 430
ADDM
42
9
Slide 431
ADDM Views
DBA_ADVISOR_TASKS - provides basic information
about existing tasks, such as the task Id, task name
DBA_ADVISOR_RECOMMENDATIONS - displays
the results of completed diagnostic tasks with
recommendations
DBA_ADVISOR_FINDINGS - findings and symptoms
encountered along with the specific recommendation
43
0
Slide 432
TKPROF
Converts Oracle trace files into a more readable form
43
1
Slide 433
STATSPACK
Set of performance monitoring and reporting utilities
provided by Oracle
43
2
Slide 434
STATSPACK
PERFSTAT schema & related objects will be created
43
3
Slide 435
43
4
Slide 436
43
5
Slide 437
43
6
Slide 438
43
7
Slide 439
43
8
Slide 440
43
9
Slide 441
44
0
Slide 442
44
1
Slide 443
44
2
Slide 444
Locks
mechanism to prevent more than one transaction
accessing the same resource, which would destruct
the transaction
44
3
Slide 445
Locks
Oracle automatically detects deadlocks and resolves
by rolling back any one of the statements involved in
the deadlock
44
4
Slide 446
Locks
Locks are released when transaction commits or rolls
back
44
5
Slide 447
44
6
Slide 448
44
7
Slide 449
Shared pool
Buffer cache
44
8
Slide 450
44
9
Slide 451
Advisories V$SHARED_POOL_ADVICE,
V$LIBRARY_CACHE_MEMORY gives suggestions
based on the Statics collected
45
0
Slide 452
45
1
Slide 453
45
2
Slide 454
LGWR server process writes data into Online redo log file
from Redo log buffer, when
45
3
Slide 455
45
4
Slide 456
45
5
Slide 457
45
6