In most of the organizations there are multiple dbas working. A senior dba will keep the most important databases for himself and creates virtual private catalog to his team members. Here each member will be given access to 1 or more databases to work.
In 10g we use to create separate db to each team member to grant access of a particular database. In 11g with the help of virtual private catalog we can stay in a single rman catalog and still manage individual user access.
catalogdb = rman
target db = prod
one more production db = db1
Here we will create a virtual private catalog and grant db1 to junior dba.
- create one more catalog user (vcat) in catalog
db
export ORACLE_SID = rman
sqlplus / as sysdba
create user vcat identified by vcat
default tablespace catts
temporary tablespace temp
quota unlimited on catts;
grant resource, recovery_catalog_owner to vcat;
(recovery_catalog_owner role contains connect role)
Now login to rman main catalog and grant access of db1 to vcat user.
$export ORACLE_SID=db1
$rman target / catalog rman/pwd@torman
RMAN> register database;
RMAN> grant catalog for database "db1"
to vcat;
RMAN> list db_unique_name all;
EXIT;
Connect to RMAN through VCAT user and create virtual private catalog.
$rman catalog vcat/pwd@torman
RMAN>
create virtual catalog;
RMAN>
list db_unique_name all;
Here we can see db1 only. "db1" database backup information will be stored in virtual private catalog (vcat schema) as well as base catalog (rman schema).
No comments:
Post a Comment