TECH INFO

Saturday, 25 February 2017

Oracle Data Guard Setup in Max Performance with a physical Standby from Active database

The data guard environment : -

Two machine with oracle Linux 6.8 installed (Names: Primary and Standby)
Oracle 11g database release 2 installed on each computer.
On the primary database Oracle software is installed with a database with the name primary , on the standby database only the oracle software has been installed the database will be created from active primary database.
Oracle home's path is identical on both databases.
Control files are also on identical path

The data guard process will be implemented in two processes :-

Primary database preparation.
Standby database preparation

Primary database Preparation : -

enable force logging on the primary databases

SYS @ primary > alter database force logging;

SYS @ primary > select force_logging from v$database;

Add standby log files on the primary databases for storing redo received from primary database before being propagated to the standby database during swicthover or failover, they must be equal or more to the redo on the primary database.

SYS @ primary > select * from v$log;

SYS @ primary > alter database add standby logfile size 50M;

SYS @ primary > select * from v$loglogfile;

set the log_archive_config and log_archive_config_2 parameters which disable or enable sending the sending of redo streams to standby.

SYS @ primary > show parameter db_name

NAME TYPE VALUE

------------------------------------ ----------- ------------------------------

db_name string primary

SYS @ primary > show parameter db_unique_name

NAME TYPE VALUE

------------------------------------ ----------- ------------------------------

db_unique_name string primary

SYS @ primary > alter system set log_archive_config='dg_config=(primary,standby)';

where primary is the primary database and standby is the standby database.

SYS @ primary > alter system set log_archive_dest_2='service=primary async valid_for=(online_logfile,primary_role) db_unique_name=standby';

where primary is the primary service name and standby is the db unique name of the standby database.

Set the standby file management to auto so that when oracle files are dropped or added to the primary database the changes are made on the standby automatically.

SYS @ primary > alter system set STANDBY_FILE_MANAGEMENT=AUTO;

Set the Primary database to run in archive log mode

SYS @ primary > archive log list;

Database log mode Archive Mode

Automatic archival Enabled

Archive destination USE_DB_RECOVERY_FILE_DEST

Oldest online log sequence 31

Next log sequence to archive 33

Current log sequence 33

SYS @ primary > shutdown immediate;

SYS @ primary > startup mount;

SYS @ primary > alter database archivelog;

SYS @ primary > alter database open;

6. Use net manager to ensure oracle net services aliases for both primary and standby are added to the tnsnames.ora.

[oracle@linux admin]$ cat tnsnames.ora

# tnsnames.ora Network Configuration File: /u01/app/oracle/product/11.2.0/home/network/admin/tnsnames.ora

# Generated by Oracle configuration tools.

PRIMARY =

(DESCRIPTION =

(ADDRESS_LIST =

(ADDRESS = (PROTOCOL = TCP)(HOST = linux)(PORT = 1521))

)

(CONNECT_DATA =

(SERVICE_NAME = primary)

)

STANDBY =

(DESCRIPTION =

(ADDRESS_LIST =

(ADDRESS = (PROTOCOL = TCP)(HOST = host1)(PORT = 1521))

)

(CONNECT_DATA =

(SERVICE_NAME = standby)

)

then copy the tnsnames.ora to the standby database using secure copy

[oracle@linux admin]$ scp /u01/app/oracle/product/11.2.0/home/network/admin/tnsnames.ora oracle@host1:/u01/app/oracle/product/11.2.0/home/network/admin/tnsnames.ora;

7. Copy the password file to the standby server

[oracle@host1 dbs]$ scp /u01/app/oracle/product/11.2.0/home/dbs/orapwprimary oracle@host1:/u01/app/oracle/product/11.2.0/home/dbs/orapwstandby

Standby database Preparation : -

- The SID will be Standby

Configure a listener on the standby with a static service entry of the standby databases

[oracle@host1 admin]$ more listener.ora

# listener.ora Network Configuration File: /u01/app/oracle/product/11.2.0/home/n

etwork/admin/listener.ora

# Generated by Oracle configuration tools.

SID_LIST_LISTENER =

(SID_LIST =

(SID_DESC =

(GLOBAL_DBNAME = standby)

(ORACLE_HOME = /u01/app/oracle/product/11.2.0/home)

(SID_NAME = standby)

)

(SID_DESC =

(GLOBAL_DBNAME = standby_DGMGRL)

(ORACLE_HOME = /u01/app/oracle/product/11.2.0/home)

(SID_NAME = standby)

)

LISTENER =

(DESCRIPTION =

(ADDRESS = (PROTOCOL = TCP)(HOST = host1)(PORT = 1521))

)

ADR_BASE_LISTENER = /u01/app/oracle

2. Create audit, fast recovery and oradata directories in the standby with the following path

[oracle@host1 adump]$ mkdir -p /u01/app/oracle/admin/standby/adump

[oracle@host1 standby]$ mkdir /u01/app/oracle/FRA/standby

[oracle@host1 oradata]$ mkdir /u01/app/oracle/oradata

3. Create a parameter file in the dbs directory with the db_name as the only value

[oracle@host1 oradata]$ cd $ORACLE_HOME/dbs

[oracle@host1 dbs]$ vi initstandby.ora

DB_NAME=standby

4. start the standby database in nomount mode

SYS @ standby > startup nomount

- Go back to the primary database and connect to rman in order to start the duplication by connecting to both primary and auxiliary databases

[oracle@linux admin]$ rman target / auxiliary sys@standby

Recovery Manager: Release 11.2.0.1.0 - Production on Sat Feb 25 21:06:59 2017

connected to target database: PRIMARY (DBID=1774373217)

auxiliary database Password:

connected to auxiliary database: PRIMARY (DBID=1774373217)

RMAN>

Run the below Rman script to duplicate the databases

run {

allocate channel p1 type disk;

allocate channel p2 type disk;

allocate channel p3 type disk;

allocate channel p4 type disk;

allocate auxiliary channel stby type disk;

duplicate target database for standby from active database

spfile

parameter_value_convert 'primary','standby'

set db_unique_name = 'standby'

set db_file_name_convert='/primary/','/standby/'

set log_file_name_convert='/primary/','/standby/'

set log_archive_max_processes='5'

set fal_server = 'primary'

set standby_file_management='AUTO'

set log_archive_config ='dg_config=(primary,standby)'

set log_archive_dest_2='service=primary async valid_for=(online_logfile,primary_role) db_unique_name=primary';

}

- After the script has completed successful run the following command on the standby databases

SYS @ standby > alter database recover managed standby database using current logfile disconnect;

The command enable redo apply to be started where current logfile allows redo to be applied as soon as it's received and disconnect option allow the redo apply to run in the background.

Now the data guard configuration is completed and can be tested by switching logfile on the primary database and checking the sequence number in the standby database.

On standby

SYS @ standby > select sequence#,first_time from v$archived_log;

SEQUENCE# FIRST_TIM

---------- ---------

25 25-FEB-17

26 25-FEB-17

27 25-FEB-17

28 25-FEB-17

30 25-FEB-17

29 25-FEB-17

31 25-FEB-17

32 25-FEB-17

33 rows selected

On Primary database

SYS @ primary > alter system switch logfile;

System altered.

SYS @ primary >

On standby database

SYS @ standby > select sequence#,first_time from v$archived_log;

SEQUENCE# FIRST_TIM

---------- ---------

25 25-FEB-17

26 25-FEB-17

27 25-FEB-17

28 25-FEB-17

30 25-FEB-17

29 25-FEB-17

31 25-FEB-17

32 25-FEB-17

SEQUENCE# FIRST_TIM

---------- ---------

33 25-FEB-17

34 rows selected.

In the next article I will discuss Data broker configuration and basic tasks like switching over roles from primary to standby database.

Friday, 12 February 2016

HOW TO REPAIR SUSPECT DATABASE IN SQL SERVER 2005 AND HIGHER VERSIONS

Reasons for SQL server becoming a suspect

Unexpected SQL server shutdown
Database cannot be opened due inaccessible files or insufficient memory
No enough space to recover the database during startup
Corrupt database
Database files being held by operating system

The database will appear with an exclamation mark and the word suspect in bracket e.g. Test(Suspect)

RECOVERY

Run the following TSQL to view which database are marked as suspect

Select Name,state_desc FROM sys.databases

where state_desc = 'suspect'

Check the SQL error log under the maintenance node to see the error log for the database marked as suspect
When a database is in suspect mode it cannot be queried , you need to bring it back to emergency mode using the following TSQL so that the data can be queried

Alter database Test set emergency

Run the following TSQL to check both logical and physical integrity of all objects

DBCC CHECKDB (test)

Bring the database to a single user mode so that it can be repaired

Alter database test set single_user with rollback immediate

Now repair the database with the following TSQL and allow data loss which is minimal

DBCC CHECKDB (test,REPAIR_ALLOW_DATA_LOSS)

Finally set the database back to Multi User

Alter database test Set Multi_user

Hope the information helps SQL DBAs out there

Sunday, 4 January 2015

DRIVE MAPPING IN WINDOWS SERVER 2012

Mapping a drive to individual user’s computers in a domain can be done in two ways:

1. Using a logon script

2. Using group policy

1. Using a logon script

- Assuming a shared folder exist and individual users folder exist inside with the right permissions given ( please refer to my previous blog)

- Write a script in a notepad with the following content net use s:\\192.168.2.8\UserData\%username% and save it with a bat extension

- Save as the script to C:\Windows\SYSVOL\sysvol\domainname.local\scripts

The script basically maps a drives referring directly to the user individual folder and its usually persistent (mapped at logon)

2. Using group policy preference

- Open group policy management and right click group policy objects then select new

- Give it a name that is easy to understand

- Right click the policy and select edit

- Expand user configuration-windows setting – drive maps

- - Right click map drive – click new – mapped drive then under action select create

- - Under location paste the path and change the label to a drive letter

- - Under show\hide drives select show this drive then on the right select show all drives

- Click apply then ok.

- - Go to the organizational unit that you want to apply right click link an existing select the GPO to apply the policy

Wednesday, 31 December 2014

ACCESS BASED ENUMERATION IN WINDOWS SERVER 2012 (ABE)

Q: What is access based enumeration

A: Access-based enumeration (ABE) displays only the files and folders that a user has permissions to access. It’s an inbuilt feature in windows server 2012 that you can enable it by using Share and Storage Management for the share were you want to enable it.

Example, if you enable access-based enumeration on a shared folder that contains many users’ home directories (Ill guide you on how to create users home directories in Active directory), users who access the shared folder can see only their personal home directories; other users folders are hidden from view. This can also be used on shares such as common areas, application areas and so on.

When planning your file server structure you should always keep in mind how you want to present the shares to the end user. If you are deploying your file server(s) in a domain with users accessing shared data in a common location I would suggest you take advantage of ABE or DFS with domain based namespace

Preliminary Steps: -

- In windows server 2012 server manager go to add roles and features and install File Server role

- Create a folder with in a drive that is going to be used as a parent folder

Implementing ABE:

- Open server Manager and click file and storage services

- Click on share, point on task and click new share

- Select SMB Share-Quick, select type a custom path and browse

- Locate where the shared folder is and click select folder then next

- Under Share Name give it a friendly name according to your needs and click next

- Under other setting that’s where you enable Access Based Enumeration by checking it then click next

- Under permission click customize permissions then click disable inheritance

- - Then click remove all inherited permissions from this object

- - Then click add, select a principal type administrator and click ok, under type select allow, applies to select this folder, sub folders and files, then under basic permission click full control

- - Repeat same procedure but this time round add domain admins

- - The last step is to add domain users but under applies to select this folder only and under basic permission leave the defaults, Click apply then ok

- - Click next to view summary then click create and close

- ABE is now fully functional but we need to add individual folders for domain users to that folder with appropriate permission so that a user can only see what folder is permitted.

Creating home Folders for Domain users in the share folder with their usernames:

- Open Active directory users and computers

- - Expand the OU (Organizational unit that contains the users)

- - Select all the users right click, go to properties and click on the profile tab

- In the profile tab select the checkbox for the home folder click connect, drive letter leave it the way it is then in the to: text box paste the network share path in the following format \\192.168.2.8\UserData\%username%

- Click Apply then ok, Users folders will be created in the SMB share folder with their domain usernames and with individual rights assigned to the individual folders.

Example With all the users’ folder created and ABE Implemented assuming the domain has 3 users John, Jane and Tom

The share folder looks like:

- But when john logs to his computer he sees :

In my next blog I’ll be talking about mapping the shared drive to individual users computers so that they can open it as a mapped drive and only see their individual folders,

Feel free to contact or make any improvement or correction to the above blog, hope this helps some Server administrators out there.

Tuesday, 20 May 2014

ADDING A SHARED LX – 350,300+ PRINTER SHARED ON WINDOWS XP ON WINDOWS SEVEN

ADDING A SHARED LX – 350,300+ PRINTER SHARED ON WINDOWS XP ON WINDOWS SEVEN

Windows seven comes preinstalled with Epson LX-300 + drivers but when adding a shared printer from windows XP it doesn’t always work, it searches on windows updates but never finds the drivers.

A simple solution for that:

· 1. Add an LX 300 printer in devices and printers and use any local port available e.g. LPT1

· 2. When the printer has installed successful right click the printer go to printer properties, click the port tab the add port

· 3. Select a local port under port name provide the URL to the shared as the port name e.g. \\192.168.2.230\epson lx 300, the second part shows the shared printer name

· 4. The make sure that is the active port on the printer and it should be ready to print

Thursday, 31 October 2013

Creating A forest Wide trust in AD with both incoming and outgoing trust

Introduction:

After having spent the last three days trying to get backups go to an offsite location an idea of creating a forest trust between the sites came up which I spent some more three days working on but finally the whole issue is now in the past.

The company has three locations with three subnets each having its own forest with a domain inside, this article covers the creation of forest wide trust between the three locations

Note: make sure DNS is working by making sure all DNS servers are able to resolve names in other domains, done by adding a conditional forwarder on each DNS server to the other servers:

Ø Open DNS manager , right click conditional forwarder and click new

Ø In the DNS Domain type the domain name e.g. TechNet. Local

Ø Where its written click here to add an IP type the IP address of the other DNS servers

Ø Select the store this conditional forwarder and replicate it as follows, the select all domain controllers in this domain (for windows 2000 compatibility)

Ø Repeat the previous steps in all the DNS servers

CREATING THE FOREST TRUST

The following steps shows creating a forest trust between 3 forests with all of them acting as trusted and trusting with both incoming and outgoing trust

Ø Open active directory domains and trust in one of the Domain controller

Ø Right click the domain name ,select properties then click the trust tab

Ø Click new trust

Ø In the trust name type the DNS name of the domain you want to create the trust with

Ø In the type of trust select forest trust and click next

Ø In the direction of trust click two way

Ø Side of trust select both this domain and the specified domain, click next

Ø Provide username and password for the specified domain

Ø In the outgoing trust authentication level – local forest select forest wide the click next

Ø In the outgoing trust authentication level – specified forest select forest wide the click next

Ø In the next screen confirm the details and click next to complete the creation

Ø In the next two screens you can confirm the outgoing and incoming trust if need be

To confirm the trust relationship and update routed names and suffixes click the name of the trusted or trusting domain and click properties.

Click the validate button and click yes validate the incoming or outgoing trust enter credentials for the specified domain and click ok

Repeat the above procedure for the third forest on the same forest that you were working on

Lastly on the second forest follow the above procedure to update the trust between the second and third server
Remember to update root hints in each DNS server, By adding FQDN names and IP addresses of the DNS servers Accessed through : Open DNS server > right click > select properties > click the root hints tab > click Add