Friday, February 15, 2013

Oracle parameter REDO_TRANSPORT_USER for dataguard - standby configuration - redo transport authentication

Make log shipping to work without copying password file from primary to physical standby when changing sys password on primary? Sometimes in a dataguard configuration the user SYS must be changing because of security policies. This results in a failed redolog shiping problem as describe by Harald van Breederode "Password file maintenance in a Data Guard environment"

In this blogpost Harald was also mentioning redo transport authentication by an other Oracle user then SYS.
To use an other Oracle user then SYS for redo transport authentication you have to do the following steps: In Oracle 11gR1 Oracle has introduced an new init.ora parameter called REDO_TRANSPORT_USER, with this parameter Oracle can activate the redo transport authentication to be done by an other user then the default  user SYS.


First create a Oracle user  for example the user : user redo_ship_dg
GRANT SYSOPER to redo_ship_dg;
ALTER SYSTEM SET REDO_TRANSPORT_USER =  SID='*';
The user you specified for REDO_TRANSPORT_USER must be an existing user in the database which exactly matches the value of the USERNAME column of a row in the V$PWFILE_USERS view and the value of the SYSDBA or SYSOPER column of the row must also be TRUE. If the current Oracle environment is a Datagard environment. You need to copy the password file from the primary to the standby site.

Useful information