Skip to main content

Using Password Protected RMAN Backups


References-

1.    Creating Duplicate database in RMAN using password-mode encrypted backups (Doc ID 464832.1)




Objective –

1.    RMAN backups on NAS are at risk and can be copied easily on intranet.

2.    They can be restored, and critical information can be fetched easily.

3.    Encryption of these backups is need of the hour.

4.    Need to find a simple yet reliable solution to solve this security breach.




Security risk












Proposed Solution –


RMAN backups are now password protected and we are safe even if backup files are stolen. This feature of Oracle will stop hackers restore our backup files and will ask for a password before restoring onto any other server.



















Real-time sample Use-case

Complete level-0 backup taken on Friday as highlighted – post estimation for s3 storage




















When trying to restore onto a different server(Stage in our case).














After setting password, restore was successful.






















Enabling password protection

Change configuration parameter as follows and set password accordingly before starting backup –

Now when restoring, provide same password with set decryption configuration parameter.

This needs to be done outside run block.




Comments

Post a Comment

Popular posts from this blog

Logfile locations in EBS r12.1 and EBS r12.2

Startup/shutdown Apps tier services are started and stopped frequently and we must know logfiles when troubleshooting startup/shutdown issues. $INST_TOP/logs/appl/admin/log $INST_TOP/logs/appl/admin/log Apache OHS being part of opmn in r12.1 has continued in r12.2. Logfile locations for troubleshooting have been changed $INST_TOP/logs/ora/10.1.3/Apache/error_log[timestamp] $INST_TOP/logs/ora/10.1.3/opmn/HTTP_Server~1.log $IAS_ORACLE_HOME/instances/*/diagnostics/logs/OHS/*/*log*   OPMN Logfile locations for r12.1 and r12.2 have been changed $INST_TOP/logs/ora/10.1.3/opmn/opmn* $IAS_ORACLE_HOME/instances/*/diagnostics/logs/OPMN/opmn/* Oacore oacore in r12.1 is oc4j component and part of 10gAS. However, in r12.2, oacore is now a managed server for weblogic server $LOG_HOME/ora/10.1.3/j2ee/oacore/oacore*/ $LOG_HOME/ora/10.1.3/j2ee/oacore/oacore*/ $LOG_HOME/ora/10.1.3/opmn/oacore*/oacor...
1 comment
Read more

Query to Check AD and TXK code levels in your EBS environment

Below query can be very handy in finding out current AD and TXK code levels. col ABBREVIATION for a10 set lines 1000 col NAME for a50 col CODELEVEL for a20 SELECT ABBREVIATION,NAME,codelevel FROM AD_TRACKABLE_ENTITIES WHERE abbreviation in ('txk','ad'); ABBREVIATI NAME                                                CODELEVEL ---------- -------------------------------------------------- ------------ ad           Oracle Applications DBA                             C.11 txk         Oracle Applications Technology Stack    ...
2 comments
Read more

Query to fetch Function assigned to which responsibility

1. Check for which function needs to be assigned to which responsibility. 2. Check for responsibility's menu sytem administrator-> Secutiry -> responsibilty -> Define 3. Search for responsiblity (% Inventory User) 4. Get default Menu name and search for that menu System Administrator -> Application->Menu 5.Once you get Function name, go for function short name as follows - System Administrator -> Application->Function Enter Function Short code for below query SELECT frtl.responsibility_name,        fr.responsibility_key,        fm.menu_id,        fm.menu_name,        menu.function_id,        menu.prompt,        menu.grant_flag,        fffv.user_function_name,        fffv.function_name,      ...
Post a Comment
Read more