manager | The ORACLE-BASE Blog

Password Manager Woes

I read a post this morning and it hit a raw nerve or two.

Websites, Please Stop Blocking Password Managers. It’s 2015

As followers of the blog will know, I use KeePass for all my work and personal passwords. I’ve come across a number of sites that prevent pasting passwords for “security reasons” and it drives me nuts. Fortunately, most of the them can’t prevent the auto-type feature, so at least that’s something…

This attitude goes beyond websites though. The policy at my current employer is all passwords should be strong and unique, but you are not allowed to use a password manager. Why? Because if someone installs a key-logger on your PC and gets the credentials for the password manager, they will have access to all your passwords. WTF? I think this attitude is moronic. I am not capable of remembering hundreds of unique, strong passwords. Using patterns is predictable, so that is also a fail.

I have seen the way some of my colleagues (past and present) deal with passwords and it is farcical.

One password to rule them all.
Kept in a text/word document on the desktop.
Kept in a text/word document on a network drive.
Kept on a piece of paper in their desk draw, that is never locked.
Freely shared amongst colleagues, so they can “test something using my account”.

For someone to step in and say we can’t use a tool that generates random, strong, completely unpredictable passwords and stores them in an encrypted format makes my blood boil.

Flippin’ morons!

Cheers

Tim…

Cloud Control : 12.1.0.7 Plugin Patch

I applied some of the 12.1.0.7 plugin patches to our Cloud Control installation today. We already have Cloud Control 12.1.0.4 installed, so this was just a case of updating the plugins.

Here’s a quick overview of what I did.

Backup up everything! Database and file system.
Setup > Extensibility > Self Update
Download the latest versions of the plugins. The minimum you can really get away with is “Oracle Database 12.1.0.7”, “Oracle Cloud Framework 12.1.0.2” and “Oracle Fusion Middleware 12.1.0.7”. The Cloud Framework plugin is a dependency for the FWM plugin. Obviously, grab the extra plugins if you need them…
Setup > Extensibility > Plugins
Do a “Deploy On > Management Server” for the plugins you’ve downloaded. These require OMS downtime, so you will be monitoring progress using “./emctl status oms -details” from the “$OMS_HOME/bin” directory.
Wait until it is all running again.
Do a “Deploy On > Management Agent” for the DB and FMW plugins on just the cloud control server. I wanted to know it was all fine on this server before pushing out the updates to the agents on the monitored hosts.
Convince yourself nothing weird is happening.
Do a “Deploy On > Management Agent” for the DB plugin on any monitored database severs. Where possible I did Dev environments in one pass. Test environments in a second pass, then Prod environments.
Do a “Deploy On > Management Agent” for the FMW plugin on any monitored WebLogic severs. Once again, Dev, Test, Prod.

The plugin deploys to the OMS are a bit slow, but the deploys to the agents are pretty quick. Numbers will vary depending on your kit.

I much prefer the plugin patches to the main Cloud Control OMS and Agent patches as we (the DBAs) don’t have root or sudo access on the servers, so when we do the full-on patches we end up swamping the sysadmins with requests to run “root.sh” scripts. We don’t have to do that for the plugin patches.

Cheers

Tim…

Enterprise Manager Cloud Control 12cR4 Production Upgrade

I’ve already written about the 12cR3 to 12cR4 upgrade here. I did a few run through’s at home to practice it and it all seemed good.

Setting The Scene

Just to set the scene, for our production environment we run Cloud Control in a VMware virtual machine, using Oracle Linux 6.5 as the guest OS. With that setup, we can use a simple installation (DB and OMS on the same VM) and use VMware to provide our failover, rather than having to worry about multiple OMS installations and any DB failover technology etc. If there’s one thing I’ve learned about Cloud Control, it’s Keep It Simple Stupid (KISS)! As far as our managed servers go, most of our databases and all our middle tier stuff runs on VMware and Oracle Linux too. We have a handful of things still hanging around on HP-UX and Solaris, which will hopefully be migrated soon…

Upgrade Attempt 1 : Non-Starter

Yesterday I started the upgrade of our production system. Pretty much straight out of the blocks I hit a road block. It didn’t like the agents running on our HP-UX servers. The upgrades of the HP-UX agents are so painful. Every time so far I’ve had to reinstall them. As a result, I didn’t bother to upgrade them last time and kept running with the previous version of the agents. The upgrade wouldn’t have anything to do with that, so I forgot about the Cloud Control upgrade and I spent yesterday attempting to upgrade the HP-UX agents to 12cR3, before I could attempt the 12cR4 Cloud Control upgrade.

As usual, the upgrade of the agents on HP-UX involved me uninstalling, removing all the targets, installing, discovering all the targets and setting up the backups etc. Not all of it is scripted yet, so it is an annoying and painful process. I’m not sure if other HP-UX users suffer this, but it seems pretty consistently bad for us. The sooner we get rid of these straggling HP-UX servers the better!

So this wasn’t so much a failure of the upgrade. It was really down to me being lazy and not bothering to upgrade some agents.

Fast forward to this morning and I was actually ready to start the upgrade. 🙂

Upgrade Attempt 2 : Success

With the 12cR3 agents in place on HP-UX, the upgrade ran past that step with no problems and on to the main body of the installation. The install and upgrade were textbook.

I’ve upgraded the agent on the cloud control server, but I’m not going to upgrade any of the other agents until I know things are working fine.

Happy days!

Cheers

Tim…

Resource Manager Enhancements in 11g…

I’ve just put another Oracle 11g new features article live:

Resource Manager Enhancements in Oracle Database 11g Release 1

Cheers

Tim…

Rules Manager (tip of the iceberg)…

I’ve been having a play with the Rules Manager introduced in Oracle 10g Release 2. There is quite a bit of functionality in there, so my article is just a “tip of the iceberg” type of thing.

This would have come in extremely handy in two previous jobs, both of which required quite complex state-event engines. It certainly would have made the decision processes a little more flexible, provided the performance was acceptable.

Cheers

Tim…