Install & uninstall the Database vault in Oracle 12c database

Leave a reply

Install the database vault in Oracle 12c database.

  1. Login with sysdba user and run the script to create the metadata or objects for database vault.
sqlplus / as sysdba
@?/rdbms/admin/catols.sql

2. Check the label security is enabled or not.

SELECT VALUE FROM V$OPTION WHERE PARAMETER = 'Oracle Label Security';

VALUE
--------------------------
FALSE

3. If its false then enable the Oracle Label Security by executing following procedure other wise skip this step.

EXEC LBACSYS.CONFIGURE_OLS;
EXEC LBACSYS.OLS_ENFORCEMENT.ENABLE_OLS;

--Restart the database
Shutdown immediate
Startup

--Check status after restart
SQL> SELECT VALUE FROM V$OPTION WHERE PARAMETER = 'Oracle Label Security';

VALUE
-------------------------
TRUE

4. Run the CATMAC.SQL script with parameter tablespace & temp tablespace.

@?/rdbms/admin/catmac.sql system temp <syspasswd>

5. After execute create the user for Database vault. Two user is created by login sysdba user one as OWNER or other as Manager

sqlplus / as sysdba
create user <DV owner> identified by <Password>;
create user <DV Manager> identified by <Password>;

-- used only if you are using CDBROOT database
SQL>  alter session set "_ORACLE_SCRIPT" = true;

Session altered.
-- Owner User

SQL> create user dvowner identified by dvowner;

User created.

SQL> grant connect to dvowner;

Grant succeeded.
-- Manager user 
SQL> create user dvmanager identified by dvmanager;

User created.

SQL> grant connect to dvmanager;

Grant succeeded.

6. Assign the user to Database vault from sysdba user.

sqlplus / as sysdba
exec dvsys.configure_dv('<DV owner user>','<DV Manager user>');

-- Example
SQL> conn sys as sysdba
Enter password:
Connected.
SQL> exec dvsys.configure_dv('DVOWNER','DVMANAGER');

PL/SQL procedure successfully completed.

7. Enable the Database vault by login with DVOWNER user.

SQL> conn dvowner/dvowner
Connected.
SQL> exec dbms_macadm.enable_dv;

PL/SQL procedure successfully completed.

8. Restart the database then database value is enabled.

Shutdown immediate;
Startup

--Verify the status
SQL> SELECT VALUE FROM V$OPTION WHERE PARAMETER = 'Oracle Database Vault';

VALUE
----------                                                                
TRUE

Uninstall the Database value in Oracle Database

  1. Connect to the Database vault owner user and disable the database vault.
SQL> conn dvowner/dvowner
Connected.
SQL> exec dbms_macadm.disable_dv;

PL/SQL procedure successfully completed.

2. Restart the database to make the changes effect with sysdba user.

Conn / as sysdba
shutdown immediate
startup

3. Check the database vault status, its disabled.

SQL> SELECT value FROM V$OPTION WHERE PARAMETER = 'Oracle Database Vault';

VALUE
----------------------------------------------------------------
FALSE

4. For complete uninstall, remove the metadata with dvremove.sql

conn / as sysdba

@?/rdbms/admin/dvremov.sql

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.