C Postinstallation Oracle Database Vault Procedures

After you have registered Oracle Database Vault, you can configure it on Oracle Real Application Clusters (Oracle RAC) nodes and add languages, if necessary. You can also de-install and reinstall Oracle Database Vault.

Topics:

See Also:

"Plugging a Database Vault-Enabled PDB to a CDB" if you are using a multitenant container database (CDB)

Configuring Oracle Database Vault on Oracle RAC Nodes

After you enable and register Oracle Database Vault for an Oracle Real Application Clusters (Oracle RAC) instance, complete the following procedure for each Oracle RAC node. This procedure assumes that you have a separate Oracle home for each node.

  1. Log into the database instance as user SYS with the SYSDBA administrative privilege.

    sqlplus sys as sysdba 
Enter password: password

  2. Run the following ALTER SYSTEM statements on each Oracle RAC node:

    ALTER SYSTEM SET AUDIT_SYS_OPERATIONS=TRUE SCOPE=SPFILE; -- For non-unified auditing environments
ALTER SYSTEM SET OS_ROLES=FALSE SCOPE=SPFILE; 
ALTER SYSTEM SET RECYCLEBIN='OFF' SCOPE=SPFILE; 
ALTER SYSTEM SET REMOTE_LOGIN_PASSWORDFILE='EXCLUSIVE' SCOPE=SPFILE;
ALTER SYSTEM SET SQL92_SECURITY=TRUE SCOPE=SPFILE;

  3. Restart Oracle Database.

    CONNECT / AS SYSOPER
Enter password: password

SHUTDOWN IMMEDIATE
STARTUP

Adding Languages to Oracle Database Vault

By default, Oracle Database Vault loads only the English language tables. You can add more languages by running the DBMS_MACADM.ADD_NLS_DATA procedure for each new language that you want to add. You can add more than one language to Database Vault.

  1. Log into the database instance as a user who has been granted the DV_OWNER or DV_ADMIN role.

  2. Run the following procedure:

    EXEC DBMS_MACADM.ADD_NLS_DATA('language');

    You can specify the language setting using any case. For example:

    EXEC DBMS_MACADM.ADD_NLS_DATA('french');

EXEC DBMS_MACADM.ADD_NLS_DATA('JAPANESE');

    Replace language with one of the following supported languages:

    • ENGLISH

    • GERMAN

    • SPANISH

    • FRENCH

    • ITALIAN

    • JAPANESE

    • KOREAN

    • BRAZILIAN PORTUGUESE

    • SIMPLIFIED CHINESE

    • TRADITIONAL CHINESE

Deinstalling Oracle Database Vault

You can remove Oracle Database Vault from an Oracle Database installation, for both to both single-instance and Oracle RAC installations. The deinstallation process does not affect the initialization parameter settings, even those settings that were modified during the installation process, nor does it affect Oracle Label Security.

  1. Log into the database instance as user SYS with the SYSDBA administrative privilege, or as user who has the ALTER SYSTEM system privilege.

    For example:

    sqlplus psmith -- Or, sqlplus psmith@hrpdb for a pluggable database (PDB)
Enter password: password

  2. Ensure that the recycle bin is disabled.

    SHOW PARAMETER RECYCLEBIN

  3. If the recycle bin is on, then disable it using one of the following statements:

    ALTER SYSTEM SET RECYCLEBIN = OFF;

ALTER SESSION SET recyclebin = OFF SCOPE = SPFILE;

  4. Connect as a user who has been granted the DV_OWNER or DV_ADMIN role.

    For example:

    CONNECT leo_dvowner -- Or, CONNECT leo_dvowner@hrpdb
Enter password: password

  5. Run the following procedure to disable Oracle Database Vault:

    EXEC DBMS_MACADM.DISABLE_DV;

  6. Connect as SYS with the SYSOPER privilege and then restart the database.

    For example:

    CONNECT SYS AS SYSOPER -- Or, CONNECT SYS@hrpdb AS SYSOPER
Enter password: password

SHUTDOWN IMMEDIATE
STARTUP

    For Oracle RAC installations, shut down and then restart each database instance as follows:

    $ srvctl stop database -db db_name
$ srvctl start database -db db_name

  7. Run the dvremov.sql script to remove Oracle Database Vault.

    For example:

    $ORACLE_HOME/rdbms/admin/dvremov.sql

Afterward, you can double-check that Oracle Database Vault is truly deinstalled by logging in to SQL*Plus and entering the following statement:

SELECT * FROM V$OPTION WHERE PARAMETER = 'Oracle Database Vault';

If Oracle Database Vault is deinstalled, the following output appears:

PARAMETER                     VALUE
----------------------------- -----------------------
Oracle Database Vault         FALSE

Reinstalling Oracle Database Vault

You can reinstall Oracle Database Vault by using Database Configuration Assistant and afterward, register Database Vault.

  1. Log into the database instance as user SYS with the SYSDBA administrative privilege.

    sqlplus sys as sysdba -- Or, sqlplus sys@hrpdb as sysdba
Enter password: password

  2. Start Database Configuration Assistant (DBCA).

    • UNIX: Enter the following command in a shell window:

      dbca

    • Windows: Use one of the following methods to start DBCA on Windows:

      • Click Start, select Programs (or All Programs), then Oracle - HOME_NAME, then Configuration and Migration Tools, and then Database Configuration Assistant.

      • Enter the following command at a command prompt:

        dbca

  3. Use DBCA to configure Database Vault for either a new or an existing database.

    See Oracle Database 2 Day DBA for detailed information about creating a database with DBCA.

  4. Register Database Vault.

    See "Registering Oracle Database Vault with an Oracle Database".