Setup Oracle credentials with Onepoint
- 1 Assumption
- 2 Install Dependencies
- 3 Install Oracle Instant Client
- 4 Install cx_Oracle Python Library
- 5 Create Oracle Instance Asset
- 6 Create Delegate Credential for this instance
- 7 Customize Delegate Account name in scripts (optional)
- 8 Now it's ready
On Onepoint servers, you need install some dependencies
]# yum install python-devel libaio
Install Oracle Instant Client
From Oracle website (link below), download Oracle Instant Client RPM package. If you want, you can also install Oracle SQL*Plus optional package, for testing purposes.
]# yum localinstall oracle-instantclient<VERSION>-basic-<VERSION>.x86_64.rpm
]# yum localinstall oracle-instantclient<VERSION>-sqlplus-<VERSION>.x86_64.rpm
Install cx_Oracle Python Library
You need to install cx_Oracle library through Python pip utility. Earlier in onepoint installation, you installed pip utility.
]# pip install cx_Oracle
Create Oracle Instance Asset
Create Delegate Credential for this instance
Note: We are using svc_admin as delegate credential name for demo purposes. You can use other name of your choice, but you need to replace the new name for svc_admin occurrences in this guide. Also, you need to edit oracle scripts to use that name (in the end of this article you can see how to do it)
You need to use a delegate credential for this instance. Let's create the account svc_admin in Oracle for managing credentials
Creating admin user in Oracle
Connect as SYSDBA for creating the user. Remember to replace password for <PASSWORD> occurrence in script below.
]$ sqlplus SYS AS SYSDBA Enter password: SQL> ALTER SESSION SET "_ORACLE_SCRIPT" = true; Session updated SQL> CREATE USER svc_admin identified by <PASSWORD>; User created SQL> GRANT CREATE SESSION TO svc_admin; Grant succeeded SQL> GRANT ALTER USER TO svc_admin; Grant succeeded
Creating Deletage credential in Onepoint
In Onepoint, in Vault > Delegate Credentials > New, add svc_admin under the Oracle Instance.
Set password for the delegate credential with password chosen earlier in user creation.
Customize Delegate Account name in scripts (optional)
If you want to use a different account name for oracle default delegate account, you must edit both oracle scripts in Onepoint Development Studio. Go to Development > Development Studio, and then click open icon to open the scripts oracledb-account-discovery and oracledb-change-password. You must edit the variable defaultValues / adminaccount in the begining of the script for changing the admin account name. Remember saving the script after changing.
Now it's ready
Now you can perform account discovery and password changes for your Oracle DB instances.
Note: For each instance, you need to add the asset and the delegate credential for it.