Tag Archives: database vault

Enable and disable the Oracle Database Vault Service

Leave a reply

Enable and Disable the Oracle Database Vault Services

Enable Steps for Database Vault

1. Run the DVCA service

dvca -action enable
-oh /u01/app/oracle/product/11.1.0/db_1
-service conn_alias
-instance orcl
-dbname orcl
-owner_account lbrown_dvowner
-logfile dvcalog.txt

Enter SYS password: sys_password
Enter owner password: owner_password

2. Stop the database, Database Control console process, and listener.

sqlplus sys as sysoper

Enter password: password

SQL> SHUTDOWN IMMEDIATE

SQL> EXIT

$ emctl stop dbconsole
$ lsnrctl stop [listener_name]

3. Enable the Oracle Database Vault option as follows:

cd $ORACLE_HOME/rdbms/lib
make -f ins_rdbms.mk dv_on lbac_on
cd $ORACLE_HOME/bin
relink all

4. Restart the database, Database Control console process, and listener.

sqlplus sys as sysoper
Enter password: password
SQL> STARTUP
SQL> EXIT

$ emctl start dbconsole
$ lsnrctl start [listener_name]

Disable steps for Database Vault:

1. Check the option parameter value:

SELECT * FROM V$OPTION WHERE PARAMETER = 'Oracle Database Vault';
PARAMETER                     VALUE
----------------------------- -----------------------
Oracle Database Vault         TRUE

2. Stop the database, Database Control console process, and listener. To disable Oracle Database Vault:

sqlplus sys as sysoper
Enter password: password
SQL> SHUTDOWN IMMEDIATE
SQL> EXIT

$ emctl stop dbconsole
$ lsnrctl stop [listener_name]

3. Disable the Oracle Database Vault option.

cd $ORACLE_HOME/rdbms/lib
make -f ins_rdbms.mk dv_off
cd $ORACLE_HOME/bin
relink all

4. Restart the database, Database Control console process, and listener.

sqlplus sys as sysoper
Enter password: password
SQL> STARTUP
SQL> EXIT

$ emctl start dbconsole
$ lsnrctl start [listener_name]

5. At a command prompt, run Oracle Database Vault Configuration Assistant (DVCA) by using the dvca -action disable option.

dvca -action disable
-oh /u01/app/oracle/product/11.1.0/db_1
-service conn_alias
-instance orcl
-dbname orcl
-owner_account lbrown_dvowner
-logfile dvcalog.txt

Enter SYS password: sys_password
Enter owner password: owner_password

6. Connect to SQL*Plus as SYS using the SYSDBA privilege, and then run the following ALTER TRIGGER statement:

CONNECT SYS / AS SYSDBA
Enter password: password
ALTER TRIGGER LBACSYS.LBAC$LOGON ENABLE;