-- ========================================
-- Set the Oracle listener password (listener)
-- ========================================
Are listeners secure? Sure! By default, any user can use the LSNRCTL tool to operate or disable Oracle listener without any password.
As a result, a connection cannot be established for any new session. In Oracle 9i, the Oracle listener allows anyone to use LSNRCTL to remotely manage the listener. It is also easy to cause data
The database is damaged.
1. Stop listening if no password is set
[Oracle @ test ~] $ LSNRCTL stop listener_demo92 --> stop the listener. You can see that the listener can be stopped without any password. </P> <p> LSNRCTL for Linux: version 9.2.0.8.0-production on 26-jun-2011 08:22:26 </P> <p> copyright (c) 1991,200 6, Oracle Corporation. all rights reserved. </P> <p> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521 ))) <br/> the command completed successfully <br/>
2. Restart the listener and set the password.
[Oracle @ test ~] $ LSNRCTL </P> <p> LSNRCTL for Linux: Version 9.2.0.8.0-production on 26-jun-2011 08:24:09 <br/> copyright (c) 1991,200 6, Oracle Corporation. all rights reserved. </P> <p> welcome to LSNRCTL, type "help" for information. <br/> LSNRCTL> set current_listener listener_demo92 --> set the current listener <br/> current listener is listener_demo92 <br/> LSNRCTL> start --> no password is required during the startup process, <br/> LSNRCTL> change_password --> Use change_password to set the password <br/> old password: <br/> new password: <br/> reenter new password: <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521 ))) <br/> password changed for listener_demo92 <br/> the command completed successfully <br/> LSNRCTL> save_config --> note that the save_config here fails <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> TNS-01169: the listener has not recognized the password <br/> LSNRCTL> set password --> enter the new password for verification <br/> password: <br/> the command completed successfully <br/> LSNRCTL> save_config --> save_config again succeeded <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> saved listener_demo92 configuration parameters. <br/> listener parameter file/Oracle/92/Network/admin/listener. ora <br/> old parameter file/Oracle/92/Network/admin/listener. bak <br/> the command completed successfully </P> <p> --> after adding the password, you can see the listener. there is a new record in the ora file, that is, the password option (Note: although the password management method is used, you can still start the listener without a password) <br/> [Oracle @ test admin] $ more listener. ora <br/> # ---- added by tnslsnr 26-jun-2011 05:12:48 --- <br/> passwords_listener_demo92 = <br/> # ------------------------------------------ <br/>
3. Stop listening if no password is used
[Oracle @ test ~] $ LSNRCTL stop listener_demo92 <br/> LSNRCTL for Linux: Version 9.2.0.8.0-production on 26-jun-2011 06:09:51 <br/> copyright (c) 1991,200 6, Oracle Corporation. all rights reserved. </P> <p> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> TNS-01169: the listener has not recognized the password --> password authentication is required when an error message is received. <br/>
4. Use a password to stop listening
[Oracle @ test ~] $ LSNRCTL <br/> LSNRCTL> set current_listener listener_demo92 <br/> current listener is listener_demo92 <br/> LSNRCTL> stop <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> TNS-01169: the listener has not recognized the password <br/> LSNRCTL> set password <br/> password: <br/> the command completed successfully <br/> LSNRCTL> stop <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> the command completed successfully <br/> LSNRCTL> Status <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> TNS-12541: TNS: No listener <br/> TNS-12560: TNS: protocol adapter error <br/> TNS-00511: no listener <br/> Linux error: 111: Connection refused <br/> connecting to (description = (address = (Protocol = IPC) (Key = EXTPROC ))) <br/> TNS-12541: TNS: No listener <br/> TNS-12560: TNS: protocol adapter error <br/> TNS-00511: No listener <br/> Linux error: 2: no such file or directory <br/>
5. save_config failure
--> In Oracle 9i, using the save_config command will fail <br/> LSNRCTL> save_config <br/> connecting to (description = (address = (Protocol = TCP) (host = <postname>) (Port = <port>) <br/> TNS-01169: the listener has not recognized the password </P> <p> --> you must use set password before save_config. The configuration is saved successfully. <Br/> LSNRCTL> set password <br/> password: <The password you chose> <br/> the command completed successfully </P> <p>/* similar issues do not occur in Oracle 10g, because the operating system authentication method can be used in 10 Gb. Listener detects that if a user is a member of the DBA group, <br/> the user is granted permissions such as changing the password, saving the configuration, and stopping the listener. */<Br/>
6. Configure the admin_restrictions parameter in listener. ora.
Parameter Function:
When the admin_restrictions parameter is set in the listener. ora file, when the listener is running, it is not allowed to execute any management operations, and the SET command will not be available.
It cannot be executed either locally on the server or remotely. In this case, you only need to manually modify the listener. ora file for the listener settings.
Use the lsnrctl reload command or the LSNRCTL stop/start command to re-load the listener configuration information.
Modification method:
Manually Add the following line to the listener. ora file:
Admin_restrictions _ <listener Name> = on
7. More references
For performance optimization, see
Oracle hard parsing and soft Parsing
Sharedpool Tuning)
Buffercache adjustment and optimization (1)
Use of Oracle table cache (cachingtable)
For the Oracle architecture, see
Oracle tablespace and data files
Oracle Password File
Oracle parameter file
Oracle online redo log file)
Oracle Control File)
Oracle archiving logs
Oracle rollback and undo)
Oracle database instance startup and Shutdown Process
Automated Management of Oracle10g SGA
Oracle instances and Oracle databases (Oracle Architecture)
For more information about the flash back feature, see
Flashback Database)
Flashback drop & recyclebin)
Oracle flash back features (flashback query, flashbacktable)
Oracle flash back feature (flashback version, flashback transaction)
For more information about user-managed backup and recovery, see
Oracle cold backup
Oracle Hot Backup
Concept of Oracle backup recovery
Oracle instance recovery
Oracle recovery based on user management (describes media recovery and processing in detail)
System tablespace management and Backup Recovery
Sysaux tablespace management and recovery
For information on RMAN backup recovery and management, see
RMAN overview and architecture
RMAN configuration, Monitoring and Management
Detailed description of RMAN backup
RMAN restoration and recovery
Create and use rmancatalog
Create RMAN storage script based on catalog
Catalog-based RMAN backup and recovery
Use RMAN to migrate a file system database to ASM
RMAN backup path confusion (when using plus archivelog)
For Oracle faults, see
Error Handling for ORA-32004
ORA-01658 error.
CRS-0215 error handling
ORA-00119, ORA-00132 error handling
Another spfile setting error causes the database to fail to start.
Misunderstanding and setting of the parameter fast_start_mttr_target = 0
Spfile error causing database startup failure (ORA-01565)
For more information about ASM, see
Create an ASM instance and an ASM Database
Management of ASM disks and directories
Use asmcmd to manage the ASM directory and files
For more information about SQL and PLSQL, see
Common sqlplus commands
Replace variables with SQL * Plus Environment Settings
SQL plus paging using uniread
SQL Basics--> SELECT query
SQL Basics--> Use of new_value
SQL Basics--> Set operation (Union and Union all)
SQL Basics--> Common functions
SQL Basics--> View (createview)
SQL Basics--> Create and manage tables
SQL Basics--> Multi-Table query
SQL Basics--> Filtering and sorting
SQL Basics--> Subquery
SQL Basics--> Grouping and grouping Functions
SQL Basics--> Hierarchical query (startby... connect by prior)
SQL Basics--> Rollup and cube operators implement data aggregation
PL/SQL--> Cursor
PL/SQL--> Exception Handling)
PL/SQL--> Language basics
PL/SQL--> Process Control
PL/SQL--> PL/SQL records
PL/SQL--> Create and manage packages
PL/SQL--> Implicit cursor (SQL % found)
PL/SQL--> Package overloading and initialization
PL/SQL--> Use of dbms_ddl package
PL/SQL--> DML triggers
PL/SQL--> Instead of trigger
PL/SQL--> Stored Procedure
PL/SQL--> Function
PL/SQL--> Dynamic SQL
PL/SQL--> Common Errors of dynamic SQL
Other Oracle features
Common Oracle directory structure (10 Gb)
Use OEM, SQL * Plus, and iSQL * Plus to manage Oracle instances
Logging mode (logging, force logging, nologging)
Logging and nologging on table and index segments
Oralceomf Functions
Oracle users, object permissions, and system Permissions
Oracle role and configuration file
Oracle Partition Table
Oracle External table
Use external tables to manage Oracle alarm logs (alaert _ $ Sid. Log)
Cluster table and cluster Table Management (index clustered tables)
Use of Data Pump expdp export tool
Use of Data Pump impdp import tool
Import and Export Oracle Partition Table Data
SQL * loader usage
Enable User Process Tracking
Configure dynamic service registration for non-default ports
Configure the Oracle client to connect to the database
Difference between systemsys and sysoper sysdba
Oracle_sid, db_name, instance_name, db_domian, global_name
Complete Oracle patches (Oracle 9i 10g 11g path)
Upgrade oracle10.2.0.1 to 10.2.0.4
Oracle kill session