Strong Authentication Configuration for Oracle RAC

To use Oracle RAC with CA Strong Authentication, you modify the database script, the JDBC URL, and the odbc.ini file.
aa813test
To use Oracle RAC with CA Strong Authentication, you modify the database script, the JDBC URL, and the odbc.ini file.
Modify the Database Script
You run the database scripts as a post-installation task in the CA Strong Authentication installation procedure. Before you run this script, modify it for Oracle RAC.
Follow these steps:
  1. To determine the Oracle RAC shared datafile path, log in to the database and run the following command:
    SELECT file_name, tablespace_name FROM dba_data_files
    The following text is sample output of this command:
    +DATA/qadb/datafile/users.259.797224649 USERS   
    +DATA/qadb/datafile/undotbs1.258.797224649  UNDOTBS1    
    +DATA/qadb/datafile/sysaux.257.797224647    SYSAUX  
  2. Open the arcot-db-config-for-common-8.0.sql file. This file is in the install_location/arcot/dbscripts/oracle/ directory.
  3. Search for the following line in the file:
    filename varchar2(50) := 'tabspace_arreports_'|| to_char(current_timestamp, 'YYYY-MM-DD-HH24-MI-SS') || '.dat';
  4. Replace that line with the following line:
    filename varchar2(100) := '+shared_location/service_name/datafile/tabspace_arreports_'|| to_char(current_timestamp, 'YYYY-MM-DD-HH24-MI-SS') || '.dat';
    In the new line:
    • Replace shared_location with the shared datafile path that you determined by running the command from the first step.
    • Replace service_name with the service name of the Oracle RAC installation.
    For example:
    filename varchar2(100) := '+DATA/forwardinc/datafile/tabspace_arreports_'|| to_char(current_timestamp, 'YYYY-MM-DD-HH24-MI-SS') || '.dat';
  5. Save and close the script file, and then run it.
Configure the JDBC URL
Specify the JDBC URL in the format that is supported by Oracle RAC in the arcotcommon.ini file.
Follow these steps:
  1. Open the arcotcommon.ini file in a text editor. This file is in the install_location/arcot/conf/ directory.
  2. Specify a value for the URL parameter in the [arcot/db/primarydb] section. If necessary, also add it in the [arcot/db/backupdb] section of the INI file. Enter the URL in the following format:
    URL.1=jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=host_name)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=service_name)(SERVER=DEDICATED)))
    For example:
    URL.1=jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=172.30.250.18)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=forwardinc)(SERVER=DEDICATED)))
    If Oracle RAC is client configured, then include all the nodes in this format.
  3. If the CA Strong Authentication database user is different from the database user in Oracle RAC, then:
    1. Change the database user credentials in the arcotcommon.ini file.
    2. Use DBUtil to change the database user credentials in the securestore.enc file. DBUtil is available in the ARCOT_HOME/tools/
      <platform_name>
      directory. Instructions on using DBUtil are given in Updating the securestore.enc File and Setting the TrustStore Password.
  4. Save and close the arcotcommon.ini file.
Update the odbc.ini File
The odbc.ini file contains connection parameters. For Oracle RAC, specify values pertaining to the Oracle RAC installation in the odbc.ini file.
Follow these steps:
  1. Create a *.ora file on the system on which you have installed CA Strong Authentication. For example, /var/opt/tns.ora
  2. Enter the following lines in the file:
    section_name =
      (DESCRIPTION =
        (ADDRESS_LIST =
          (ADDRESS = (PROTOCOL = TCP)(HOST = host_name_or_IP_address)(PORT = 1521))
        )
        (CONNECT_DATA =
          (SERVICE_NAME = service_name)
        )
      )
    For example:
    fwdincrac =
      (DESCRIPTION =
        (ADDRESS_LIST =
          (ADDRESS = (PROTOCOL = TCP)(HOST = 172.30.250.18)(PORT = 1521))
        )
        (CONNECT_DATA =
          (SERVICE_NAME = forwardinc)
        )
      )
    If Oracle RAC is client configured, then include all the nodes in this format.
  3. Save the file.
  4. Open the
    ARCOT_HOME
    /odbc32v60wf/odbc.ini file in a text editor.
  5. For the required DSN sections, comment out the lines containing the following parameters:
    • HostName
    • PortNumber
    • SID
    For example:
    #HostName=172.30.251.251
    #PortNumber=1521
    #SID=an
  6. Add the following parameters:
    TNSNamesFile=ARCOT_HOME/
    ora_file_name
    ServerName=
    section_name
    For example:
    TNSNamesFile=/var/opt/tns.ora
    ServerName=fwdincrac
  7. Save and close the file.