virtual private catalog
The following databases are registered in the base recovery catalog: PROD1, PROD2, and PROD3.The database user CATOWNER owns the base recovery catalog. You want a new user VPC1 to have access to only the PROD1 database and create a virtual private catalog.The commands required to achieve this:
数据库中已经注册了三个数据库实例PRO1,PRO2,PRO3到恢复目录中,恢复目录的拥有者是catowner,现在想让一个新的用户vpc1只有权限来访问proc1数据库实例,并且能名创建虚拟专用目录,操作步骤如下:
1.SQL> GRANT recovery_catalog_owner TO vpc1; --sysdba授权
2.RMAN> CONNECT CATALOG catowner/password@catdb; --catlog Owner 连接恢复目录
3.RMAN> GRANT CATALOG FOR DATABASE prod1 TO vpc1; --catlog Owner 授权数据库实例prod1给vpc1用户
4.RMAN> CONNECT CATALOG vpc1/password@catdb; --viutual private catalog 用户vpc1连接catalog
5.RMAN> CREATE VIRTUAL CATALOG; --vpc1用户创建viutual catalog.
============================
The basic steps for creating a virtual private catalog are as follows:
1. Create the database user who will own the virtual private catalog (if this user does not exist) and grant this user access privileges.
1.1 Start SQL*Plus and connect to the recovery catalog database with administrator privileges.
1.2 If the user that will own the virtual private catalog does not exist, then create the user.
SQL> CREATE USER vpc1 IDENTIFIED BY password DEFAULT TABLESPACE vpcusers QUOTA UNLIMITED ON vpcusers;
1.3 Grant the RECOVERY_CATALOG_OWNER role to the database user that will own the virtual private catalog, and then exit SQL*Plus.
SQL> GRANT recovery_catalog_owner TO vpc1;
1.4 Start RMAN and connect to the recovery catalog database as the base recovery catalog owner (not the virtual private catalog owner).
RMAN> CONNECT CATALOG catowner@catdb;
1.5 Grant desired privileges to the virtual private catalog owner.
RMAN> GRANT CATALOG FOR DATABASE prod1 TO vpc1;
You can also use a DBID rather than a database name. The virtual private catalog user does not have access to the metadata for any other databases registered in the recovery catalog. You can also grant the user the ability to register new target databases in the recovery catalog.
For example:
RMAN> GRANT REGISTER DATABASE TO vpc1;
2. Create the virtual private catalog.
2.1 Start RMAN and connect to the recovery catalog database as the virtual private catalog owner (not the base recovery catalog owner).
RMAN> CONNECT CATALOG vpc1@catdb;
2.2 Create the virtual private catalog.
RMAN> CREATE VIRTUAL CATALOG;
If you intend to use a 10.2 or earlier release of RMAN with this virtual private catalog, then execute the following PL/SQL procedure (where base_catalog_owner is the database user who owns the base recovery catalog):
SQL> EXECUTE base_catalog_owner.DBMS_RCVCAT.CREATE_VIRTUAL_CATALOG;