Difference between revisions of "Setup Oracle credentials with Onepoint"
(→Creating Deletage credential in Onepoint) |
|||
(One intermediate revision by the same user not shown) | |||
Line 18: | Line 18: | ||
]# yum localinstall oracle-instantclient<VERSION>-sqlplus-<VERSION>.x86_64.rpm | ]# yum localinstall oracle-instantclient<VERSION>-sqlplus-<VERSION>.x86_64.rpm | ||
− | = Install cx_Oracle = | + | = Install cx_Oracle Python Library = |
You need to install cx_Oracle library through Python pip utility. Earlier in onepoint installation, you installed pip utility. | You need to install cx_Oracle library through Python pip utility. Earlier in onepoint installation, you installed pip utility. | ||
Line 58: | Line 58: | ||
[[File:Changepassworddelegatecredentialoracledb.jpg|frameless|600px|Change Oracle DB delegate credential password]] | [[File:Changepassworddelegatecredentialoracledb.jpg|frameless|600px|Change Oracle DB delegate credential password]] | ||
+ | |||
+ | = Customize Delegate Account name in scripts (optional) = | ||
+ | If you want to use a different account name for oracle default delegate account, you must edit both oracle scripts in Onepoint Development Studio. Go to '''Development > Development Studio''', and then click open icon to open the scripts '''oracledb-account-discovery''' and '''oracledb-change-password'''. You must edit the variable defaultValues / adminaccount in the begining of the script for changing the admin account name. Remember saving the script after changing. | ||
+ | |||
+ | [[File:Changeadminaccountfororacledb.jpg|frameless|1200px|Change default admin account for Oracle DB in Onepoint Oracle scripts]] | ||
+ | |||
+ | = Now it's ready = | ||
+ | Now you can perform account discovery and password changes for your Oracle DB instances. | ||
+ | |||
+ | '''Note: For each instance, you need to add the asset and the delegate credential for it.''' |
Latest revision as of 13:46, 14 April 2020
Contents
Assumption
This article's assumption is that you correctly installed Onepoint through this link or this link.
Install Dependencies
On Onepoint servers, you need install some dependencies
]# yum install python-devel libaio
Install Oracle Instant Client
From Oracle website (link below), download Oracle Instant Client RPM package. If you want, you can also install Oracle SQL*Plus optional package, for testing purposes.
https://www.oracle.com/br/database/technologies/instant-client/linux-x86-64-downloads.html
]# yum localinstall oracle-instantclient<VERSION>-basic-<VERSION>.x86_64.rpm
Optional:
]# yum localinstall oracle-instantclient<VERSION>-sqlplus-<VERSION>.x86_64.rpm
Install cx_Oracle Python Library
You need to install cx_Oracle library through Python pip utility. Earlier in onepoint installation, you installed pip utility.
]# pip install cx_Oracle
Create Oracle Instance Asset
You need to create an OracleDB asset, whose name is <ADDRESS>::<SID>. Please, fill also the IPv4 field with server's IP address
Create Delegate Credential for this instance
Note: We are using svc_admin as delegate credential name for demo purposes. You can use other name of your choice, but you need to replace the new name for svc_admin occurrences in this guide. Also, you need to edit oracle scripts to use that name (in the end of this article you can see how to do it)
You need to use a delegate credential for this instance. Let's create the account svc_admin in Oracle for managing credentials
Creating admin user in Oracle
Connect as SYSDBA for creating the user. Remember to replace password for <PASSWORD> occurrence in script below.
]$ sqlplus SYS AS SYSDBA Enter password: SQL> ALTER SESSION SET "_ORACLE_SCRIPT" = true; Session updated SQL> CREATE USER svc_admin identified by <PASSWORD>; User created SQL> GRANT CREATE SESSION TO svc_admin; Grant succeeded SQL> GRANT ALTER USER TO svc_admin; Grant succeeded
Creating Deletage credential in Onepoint
In Onepoint, in Vault > Delegate Credentials > New, add svc_admin under the Oracle Instance.
Set password for the delegate credential with password chosen earlier in user creation.
Customize Delegate Account name in scripts (optional)
If you want to use a different account name for oracle default delegate account, you must edit both oracle scripts in Onepoint Development Studio. Go to Development > Development Studio, and then click open icon to open the scripts oracledb-account-discovery and oracledb-change-password. You must edit the variable defaultValues / adminaccount in the begining of the script for changing the admin account name. Remember saving the script after changing.
Now it's ready
Now you can perform account discovery and password changes for your Oracle DB instances.
Note: For each instance, you need to add the asset and the delegate credential for it.