Set the Oracle listener password (listener)

-- ========================================
-- Set the Oracle listener password (listener)
-- ========================================

Are listeners secure? Sure! By default, any user can use the LSNRCTL tool to operate or disable Oracle listener without any password.
As a result, a connection cannot be established for any new session. In Oracle 9i, the Oracle listener allows anyone to use LSNRCTL to remotely manage the listener. It is also easy to cause data
The database is damaged.

1. Stop listening if no password is set

[Oracle @ test ~] $ LSNRCTL stop listener_demo92 --> stop the listener. You can see that the listener can be stopped without any password. </P> <p> LSNRCTL for Linux: version 9.2.0.8.0-production on 26-jun-2011 08:22:26 </P> <p> copyright (c) 1991,200 6, Oracle Corporation. all rights reserved. </P> <p> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521 ))) <br/> the command completed successfully <br/>

2. Restart the listener and set the password.

[Oracle @ test ~] $ LSNRCTL </P> <p> LSNRCTL for Linux: Version 9.2.0.8.0-production on 26-jun-2011 08:24:09 <br/> copyright (c) 1991,200 6, Oracle Corporation. all rights reserved. </P> <p> welcome to LSNRCTL, type "help" for information. <br/> LSNRCTL> set current_listener listener_demo92 --> set the current listener <br/> current listener is listener_demo92 <br/> LSNRCTL> start --> no password is required during the startup process, <br/> LSNRCTL> change_password --> Use change_password to set the password <br/> old password: <br/> new password: <br/> reenter new password: <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521 ))) <br/> password changed for listener_demo92 <br/> the command completed successfully <br/> LSNRCTL> save_config --> note that the save_config here fails <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> TNS-01169: the listener has not recognized the password <br/> LSNRCTL> set password --> enter the new password for verification <br/> password: <br/> the command completed successfully <br/> LSNRCTL> save_config --> save_config again succeeded <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> saved listener_demo92 configuration parameters. <br/> listener parameter file/Oracle/92/Network/admin/listener. ora <br/> old parameter file/Oracle/92/Network/admin/listener. bak <br/> the command completed successfully </P> <p> --> after adding the password, you can see the listener. there is a new record in the ora file, that is, the password option (Note: although the password management method is used, you can still start the listener without a password) <br/> [Oracle @ test admin] $ more listener. ora <br/> # ---- added by tnslsnr 26-jun-2011 05:12:48 --- <br/> passwords_listener_demo92 = <br/> # ------------------------------------------ <br/>

3. Stop listening if no password is used

[Oracle @ test ~] $ LSNRCTL stop listener_demo92 <br/> LSNRCTL for Linux: Version 9.2.0.8.0-production on 26-jun-2011 06:09:51 <br/> copyright (c) 1991,200 6, Oracle Corporation. all rights reserved. </P> <p> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> TNS-01169: the listener has not recognized the password --> password authentication is required when an error message is received. <br/>

4. Use a password to stop listening

[Oracle @ test ~] $ LSNRCTL <br/> LSNRCTL> set current_listener listener_demo92 <br/> current listener is listener_demo92 <br/> LSNRCTL> stop <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> TNS-01169: the listener has not recognized the password <br/> LSNRCTL> set password <br/> password: <br/> the command completed successfully <br/> LSNRCTL> stop <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> the command completed successfully <br/> LSNRCTL> Status <br/> connecting to (description = (address = (Protocol = TCP) (host = test) (Port = 1521) <br/> TNS-12541: TNS: No listener <br/> TNS-12560: TNS: protocol adapter error <br/> TNS-00511: no listener <br/> Linux error: 111: Connection refused <br/> connecting to (description = (address = (Protocol = IPC) (Key = EXTPROC ))) <br/> TNS-12541: TNS: No listener <br/> TNS-12560: TNS: protocol adapter error <br/> TNS-00511: No listener <br/> Linux error: 2: no such file or directory <br/>

5. save_config failure

--> In Oracle 9i, using the save_config command will fail <br/> LSNRCTL> save_config <br/> connecting to (description = (address = (Protocol = TCP) (host = <postname>) (Port = <port>) <br/> TNS-01169: the listener has not recognized the password </P> <p> --> you must use set password before save_config. The configuration is saved successfully. <Br/> LSNRCTL> set password <br/> password: <The password you chose> <br/> the command completed successfully </P> <p>/* similar issues do not occur in Oracle 10g, because the operating system authentication method can be used in 10 Gb. Listener detects that if a user is a member of the DBA group, <br/> the user is granted permissions such as changing the password, saving the configuration, and stopping the listener. */<Br/>

6. Configure the admin_restrictions parameter in listener. ora.
Parameter Function:
When the admin_restrictions parameter is set in the listener. ora file, when the listener is running, it is not allowed to execute any management operations, and the SET command will not be available.
It cannot be executed either locally on the server or remotely. In this case, you only need to manually modify the listener. ora file for the listener settings.
Use the lsnrctl reload command or the LSNRCTL stop/start command to re-load the listener configuration information.
Modification method:
Manually Add the following line to the listener. ora file:

Admin_restrictions _ <listener Name> = on

7. More references

For performance optimization, see

Oracle hard parsing and soft Parsing

Sharedpool Tuning)

Buffercache adjustment and optimization (1)

Use of Oracle table cache (cachingtable)

 

For the Oracle architecture, see

Oracle tablespace and data files

Oracle Password File

Oracle parameter file

Oracle online redo log file)

Oracle Control File)

Oracle archiving logs

Oracle rollback and undo)

Oracle database instance startup and Shutdown Process

Automated Management of Oracle10g SGA

Oracle instances and Oracle databases (Oracle Architecture)

 

For more information about the flash back feature, see

Flashback Database)

Flashback drop & recyclebin)

Oracle flash back features (flashback query, flashbacktable)

Oracle flash back feature (flashback version, flashback transaction)

 

For more information about user-managed backup and recovery, see

Oracle cold backup

Oracle Hot Backup

Concept of Oracle backup recovery

Oracle instance recovery

Oracle recovery based on user management (describes media recovery and processing in detail)

System tablespace management and Backup Recovery

Sysaux tablespace management and recovery

 

For information on RMAN backup recovery and management, see

RMAN overview and architecture

RMAN configuration, Monitoring and Management

Detailed description of RMAN backup

RMAN restoration and recovery

Create and use rmancatalog

Create RMAN storage script based on catalog

Catalog-based RMAN backup and recovery

Use RMAN to migrate a file system database to ASM

RMAN backup path confusion (when using plus archivelog)

 

For Oracle faults, see

Error Handling for ORA-32004

ORA-01658 error.

CRS-0215 error handling

ORA-00119, ORA-00132 error handling

Another spfile setting error causes the database to fail to start.

Misunderstanding and setting of the parameter fast_start_mttr_target = 0

Spfile error causing database startup failure (ORA-01565)

 

For more information about ASM, see

Create an ASM instance and an ASM Database

Management of ASM disks and directories

Use asmcmd to manage the ASM directory and files

 

For more information about SQL and PLSQL, see

Common sqlplus commands

Replace variables with SQL * Plus Environment Settings

SQL plus paging using uniread

SQL Basics--> SELECT query

SQL Basics--> Use of new_value

SQL Basics--> Set operation (Union and Union all)

SQL Basics--> Common functions

SQL Basics--> View (createview)

SQL Basics--> Create and manage tables

SQL Basics--> Multi-Table query

SQL Basics--> Filtering and sorting

SQL Basics--> Subquery

SQL Basics--> Grouping and grouping Functions

SQL Basics--> Hierarchical query (startby... connect by prior)

SQL Basics--> Rollup and cube operators implement data aggregation

PL/SQL--> Cursor

PL/SQL--> Exception Handling)

PL/SQL--> Language basics

PL/SQL--> Process Control

PL/SQL--> PL/SQL records

PL/SQL--> Create and manage packages

PL/SQL--> Implicit cursor (SQL % found)

PL/SQL--> Package overloading and initialization

PL/SQL--> Use of dbms_ddl package

PL/SQL--> DML triggers

PL/SQL--> Instead of trigger

PL/SQL--> Stored Procedure

PL/SQL--> Function

PL/SQL--> Dynamic SQL

PL/SQL--> Common Errors of dynamic SQL

 

Other Oracle features

Common Oracle directory structure (10 Gb)

Use OEM, SQL * Plus, and iSQL * Plus to manage Oracle instances

Logging mode (logging, force logging, nologging)

Logging and nologging on table and index segments

Oralceomf Functions

Oracle users, object permissions, and system Permissions

Oracle role and configuration file

Oracle Partition Table

Oracle External table

Use external tables to manage Oracle alarm logs (alaert _ $ Sid. Log)

Cluster table and cluster Table Management (index clustered tables)

Use of Data Pump expdp export tool

Use of Data Pump impdp import tool

Import and Export Oracle Partition Table Data

SQL * loader usage

Enable User Process Tracking

Configure dynamic service registration for non-default ports

Configure the Oracle client to connect to the database

Difference between systemsys and sysoper sysdba

Oracle_sid, db_name, instance_name, db_domian, global_name

Complete Oracle patches (Oracle 9i 10g 11g path)

Upgrade oracle10.2.0.1 to 10.2.0.4

Oracle kill session