1.

oracle DBA Linux & oracle 19c installation

installation oracle linuix 7
after installation prerequisites
installing oracle DB 19c
step 1, update host file
step 2, install required packages
step 3 create the groups
step 4 , create the users and add them to the groups
steps 5, update selinuix config
step 6 disable the firewall
step 7 create directory
step 8 edit the bash profile of oracle user
step 9 upload oracle db. installation
step 10 resolve installation error
steps 11 complete the installation wizard
connecting to oracle dba
starting database after restart
installing oracle sql developer

we will be working on oracle 19c

it will be installed on oracle Linux 7.

installation oracle Linux 7

redhat instalation

you will have to setup partition .

disable kdm feature
select data and time
setup root user
setup network
setup hostname
after installation prerequisites
first you need update and upgrade .
yum update -y
yum upgrade -y

installing oracle DB 19c

Install Database Only.txt

Error.txt

step 1, update host file

you need to go your host file and add ip and hostname of the current server

you can use the below command that will that will indent the hostname to the file for faster action.

hostname >> /etc/hosts

the syntax is for updating hostname is as follow

ip hostname FQDN

then vi and add the Ip address

oracle-db01
step 2, install required packages
the there is some prerequisites packages that need to be installed you can copy whole script and past it in the terminal

yum install -y bc
yum install -y binutils
yum install -y compat-libcap1
yum install -y compat-libstdc++-33
yum install -y dtrace-modules
yum install -y dtrace-modules-headers
yum install -y dtrace-modules-provider-headers
yum install -y dtrace-utils
yum install -y elfutils-libelf
yum install -y elfutils-libelf-devel
yum install -y fontconfig-devel
yum install -y glibc
yum install -y glibc-devel
yum install -y ksh
yum install -y libaio
yum install -y libaio-devel
yum install -y libdtrace-ctf-devel
yum install -y libXrender
yum install -y libXrender-devel
yum install -y libX11
yum install -y libXau
yum install -y libXi
yum install -y libXtst
yum install -y libgcc
yum install -y librdmacm-devel
yum install -y libstdc++
yum install -y libstdc++-devel
yum install -y libxcb
yum install -y make
yum install -y net-tools
yum install -y nfs-utils
yum install -y python
yum install -y python-configshell
yum install -y python-rtslib
yum install -y python-six
yum install -y targetcli
yum install -y smartmontools
yum install -y sysstat

you can also use the bellow command that will install the required package but will not consider only the default data path and
user , which limit our ability to modify the installation.
yum install -y oracle-database-preinstall-19c
it will installed the default path and default setting so that why we are using the manual way to install packages.

step 3 create the groups

the below command will create groups that is needed for successful installation

groupadd -g 54321 oinstall

groupadd -g 54322 dba
groupadd -g 54323 oper
groupadd -g 54324 backupdba
groupadd -g 54325 dgdba
groupadd -g 54326 kmdba
 groupadd -g 54327 asmdba
groupadd -g 54328 asmoper
groupadd -g 54329 asmadmin
groupadd -g 54330 racdba

I have run the command again to make sure that group are done

step 4 , create the users and add them to the groups

we need to create user called oracle that will be used to install and managed oracle database
the root will be only used to managed the server but oracle is used to managed db
below command will create users and add them to group oinstall , and also it will create a user called oracle that will be used
you can change the name of the user if you would like
oinstall group is responsible for installation of oracle db
you can notice there is other users such as dba , backupdba that have there part in daily operation of oracle DB

useradd -u 54321 -g oinstall -G dba,oper,backupdba,dgdba,kmdba,asmdba,asmoper,asmadmin,racdba oracle

steps 5, update selinuix config
To allow Oracle to be installed and make changes on the OS level, you need to change the permission on SELinux. You can do
this by following the steps below:

Open the file /etc/selinux/config using the vi editor.

Add the following line to the file: SELINUX=permissive.
Save the file and exit the editor.

This should allow Oracle to be installed and make changes on the OS level.

As User Oracle

nano /etc/selinux/config

set SELINUX=permissive

selinuix

setenforce Permissive
step 6 disable the firewall

systemctl stop firewalld

systemctl disable firewalld

step 7 create directory

will create directories for data and config of oracle
oracle database need two path
1.oracle base : This is your repository for all things Oracle. It's where your database data files and other critical elements will call
home.
2. oracle home : This directory houses the Oracle software binaries and configuration files that are essential for running your
Oracle instance.

use the below command to create the need directory

 mkdir /u01/app/oracle/product/19c/db_1
mkdir -p /u01/oradata
chown -R oracle:oinstall /u01
chmod -R 775 /u01

mkdir -p /u01/app/oracle/product/12.2.1
chown -R oracle:oinstall /u01/app/oracle/product/12.2.1
chmod -R 775 /u01/app/oracle/product/12.2.1

step 8 edit the bash profile of oracle user

next you need to edit the bash profile to specify the directory of oracle data and bin library
the directory must match the the same name directories in server and in export ORCALE_HOSTNME= MAKE SURE YOU FILL THE
SERVER Hostname

nano /home/oracle/.bash_profile

# Oracle Settings
export TMP=/tmp
export TMPDIR=$TMP

export ORACLE_HOSTNAME=db
export ORACLE_UNQNAME=orcl
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/19c/db_1
export ORA_INVENTORY=/u01/app/oraInventory
export ORACLE_SID=orcl
export PDB_NAME=pdorcl
export DATA_DIR=/u01/oradata
export PATH=/usr/sbin:/usr/local/bin:$PATH
export PATH=$ORACLE_HOME/bin:$PATH
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
export CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib
step 9 upload oracle db. installation
upload the database file and move the file to using the oracle user****

then copy the file to the below directory we have created before

note : above prosses must be done using oracle user and not the root
/u01/app/oracle/product/19c/db_1/

then unzip the file make sure all this steps must be run using the oracle user
run the installer
./runInstaller

note : When dealing with Oracle installation on a server running a non-GUI (Graphical User Interface) operating system, a
different approach is needed. In this scenario, the absence of a GUI means you can't directly interact with the installer through
graphical means.

To overcome this limitation, you'll have to initiate an SSH (Secure Shell) connection from a separate device that does have a
GUI and is equipped with Java JDK (Java Development Kit). This secondary device will serve as your remote control center for
the installation process.

step 10 resolve installation error

sometimes the installation it wont work due error and you will need to add some directory to make installation GUI open on source
device , in this case for me I will SSH to the server through windows server running mobxtrem that have java already installed on
it , next you need to update some libraries on home directory , you will add the below line that will allow source device java to
display the installation gui, below must be done using root user
nano /home/oracle/.bash_profile
DISPLAY=[device that ssh to the server ]:0.0; export DISPLAY
Error.txt

steps 11 complete the installation wizard

with wizard started you will be asked to select between two option
1.create and configure instance: this the option we will select to install and configure instance
2. setup software only , this will only install the database engine useful for RAC implementation
select 'create and configure a single instance database '
1. desktop class : will have minimal configuration useful if you want to install oracle on you personal laptop
2. server class : contain all the feature an has advanced configuration suitable for production
we will select server class
1. standard : allow only to setup one database container
database container is collection of database allow similar to PostgreSQL dbcluster
2. enterprise : allow to create as mush as db container as you want also it support high availability and more security feature
for this purpose we will select enterprise edition
next window will ask to confirm oracle base path just confirm its the same in the server and bash profile and click next .

next window also you have to confirm inventory directory to be same in the server , also confirm the group 'oinstall' must be
available on sever
next window will ask about global database , just make

sure they match the bash profile

next window about memory memory usage you can restrict it or keep the default , also there character set similar to ms sql
collation , simple schema it will ask to add sample schema to test database

next window will ask where to store data , just confirm and click next
next window root script execution , there some script that need privileged user to execute the window will ask to provide root
username and password or a user that have sedure privilege , uncheck mark automatly run he configuration and click next means
there possible chance the installation will failed , check mark it and provide either root or suder username and password
connecting to oracle dba
to connect to oracle database make sure your running using oracle & use the below command
sqlplus sys/sys as sysdba

use the below command to show which user is running

show user

starting database after restart

in case of the server crash or you restart the server

oracle database will not start automatically

first run the below command to start the listener
lsnrctl start

startup

once done the "database open "must show means the database is online
installing oracle sql developer
for sql developer to work you must install java jdk
first extract the sqldeveloper zip file .

run the sqldevelver.exe

once the the application started click + sing to create connection
2. database engine and listener articture
connecting to database
listener
changing the listener default port using config file
changing the listener default port using netca
error after change the port
add more listener port netmgr
oracle database architecture
RAM architecture
1. sga system global area
2. pga Program Global Area
shared pool
large pool
buffer cache
java pool
redo log buffer
stream pool

Connecting to database
connect to database remotely :
if you have application server , in this case we will provide connection parameter to application server to connect to database . this
similar to what we did with sql developer application

listener
is responsible for communication between the client and database engine , listener handle the authenticating by communicating
with database engine and allow the privilege base on permission the user has

the config of the listener can be found in the below path

 1. for host ip you want to connect
2. for the port its listening to
from listener you can change the default port , or change to which remote Ip listener should listen .

Changing the Listener Default Port Using Config File

you to go to config of the listener and change the port
before you do that you have to stop the listener

lsnrctl stop

now vim to listener config and change the port

now start the listener

lsnrctl start

the listener is configured to accept connection on TCP 5444 port we defend

Changing the Listener Default Port Using Netca
netca is utility that help configure the listener of the to run this you have to run command from device that has java

from the configuration you can make multitap lisnter or reconfigure the lisnter

for this purpose we will select reconfigure .

then it will ask the protocol keep it the same
next add the new port you want
the lisnter default port has been changed
error after change the port
/u01/app/oracle/product/19c/db_1/network/admin/

the port has not changed we will change it and restart the listener and shut down and start the database

then stop and start the listner

lsnrctl stop
lsnrctl start

shutdown immediate

startup
add more listener port netmgr
if you have multiple interface you can configure multiple listener to acuminate the interface , this is done by using netmgr .
the window will open expand the window till you reach listener and click + green sing
give friendly name
then click add address and then give random port and then click ok
lsnrctl start ahmed

oracle database architecture

RAM architecture
oracle ram is divided to two

1. sga system global area

is the space that occupied in memory in order to start the database engine
inside it we will find this component to run the database engine

database buffer cache

redo log buffer cache
archive log

2. pga Program Global Area

It is a memory area that contains a couple of sub-areas in it. Unlike the SGAs, PGAs are private for each user. So any other user
cannot see or touch that memory area.
In PGA, there are a couple of sub-memory areas. As you can see in the diagram

pga is responsible to open connection between the client and database .

it use the listener to open the connection

shared pool
it response of taking the query and execute the query on data folder and return the result

large pool
similar to shared pool but specified for large query's with loops inside of it .

buffer cache
this is responsible for keep store of result of common executed query to avoid going to the data folder to speed up the process of
query executing , also reduce CPU usage .
the query that goes to shared pool to be executed , if the query is getting executed many time , then shared pool will send the
query to buffer cache to keep the result of the query to save time and load .

java pool
responsible for java command & query's

redo log buffer

if you have done update on row but you have not commit , redo log will take copy of the original row in case another update is
running on the same row

redo log allow you to rollback

redo log will be done once we commit the transaction.

stream pool
reasonable for query contain any media such as photos or videos.
3. managing database instance paramter
how to view the parameters
preciouses to be follow before editing the parameter
taking bckup of psfile
how to edit the parameter
basic parameter
advanced parameter
example 1change java pool parameter.
rollback the configuration

the parameter for configuring the instance such as for spa & pga are found on the below files .
''spfileorcl.ora' & ''initorcle.ora'
this both have all parameter that defined how database run .
there are many parameter in the file you can edit

its not recommended to edit the parameters by opening the ''spfileorcl.ora' & ''initorcle.ora' as the database may not work after
restart

how to view the parameters

to view the parameters configured on database login to oracle and execute the below command

show parameters;
also you can view the parameter from sql developer for better view of the parameter just connect to oracle and issue the same
command .

you will find the path for ''spfileorcl.ora' & ''initorcle.ora' & also you will find parameters for large pool and spa pga
some parameters has dependency such sga pga , you cannot change their parameters with informing the parameter'' memory
target ''

for better view of the parameter

use the below command .

select name , value from v$parameter;

 select name , value from v$parameter where name =('spfile');

preciouses to be follow before editing the parameter

before editing the parameter need to have rollback plan in case of misconfiguration
you need to take backup of ''spfileorcl.ora' & ''initorcle.ora' , you can do it from oracle sql cmd

taking backup of psfile

create pfile='path for where you want save the spfile/filename.ora' from spfile;
create pfile ='share/pfile.ora' from spfile;
how to edit the parameter
you will use the command alter follow by parameter name and parameter value .

the parameter it self are divided to two

basic parameter
this are easy to edit parameter such as 'control_file' , 'db_block_size' ,'undo_tablespace' and many more .

you can change the parameter and continue working on database.

changes here doesn't require restart the instance .

advanced parameter
this parameter has some specific steps such as 'shared_pool_size' 'db_cach_size' this parameters are specific for core component
of the database engine .
the parameters here will not take effect unless you restart the instance .

example 1- change java pool parameter.

https://docs.oracle.com/en/database/oracle/oracle-database/19/refrn/JAVA_POOL_SIZE.html#GUID-F24C4770-0B7C-42BD-
9AAD-0EC1E92A90F6
check the link to know about the parameter and the allowed values
the syntax is as follow

alter system set [parameter name] = [value ] scope=[both] or [spfile]

alter system set java_pool_size='151' scope=both;

shutdown immediate ;

startup ;
 select name , value from v$parameter where name =('java_pool_size');

note : the value is displayed in bites.

rollback the configuration

in case you changed the parameter and the database is not starting up , the you can rollback using the backup spfile you created
before you edited the parameter.

first shutdown the database

shutdown immediate

then startup the database using the spfile you took copy of it

startup pfile='/share/pfile.ora';
4. database mode
startup modes
shutdown mode

startup modes
the database mode while starting

1- shutdown :when you startup the server the database will be in shutdown state
2.nomount : when you execute the startup command the instance start will begin and then database will move to nomunt, in the
nomount this will happen

read the parameter file (spfile) , and init file.

memory is allocated in pfile
background process in spfile and init file
3- mount : next the database will move to mount file which include the below steps
read the control file
datafile will be visible but not available to users
the recovery stage , which include the status of database before shutdown .
4-open : in this mode the database will be available to users to use the database .following will be done during this mode
-data file integrity is verified
shutdown mode
there are many type of shutdown

Immediate Shutdown

Normal Shutdown: Think of this as the polite way to shut down Oracle. In normal shutdown mode, the database doesn't accept
new connections, but it waits for existing transactions to complete before closing. It's like letting everyone finish their conversations
before turning off the lights.

-Transactional Shutdown: This mode is even more patient. It allows all transactions to complete, and then it shuts down the
database gracefully. It's like waiting for the last guest to leave the party before cleaning up.

Immediate Shutdown Abort: This one is a bit like yanking the power cord out of your computer. It forcefully terminates the
Oracle database without any regard for ongoing transactions. It's not the recommended way to do it, but sometimes it's
necessary in extreme situations.
5.managed database storage structure
database engine will not talk directory with storage of server when it need to store data in the disk

tablespace
Tablespace

Contains Belongs to Associated with

Segments Datafile Data Dictionary

Comprises of Stores Holds Contains Manages

Table Index LOB Data Cluster Undo Data

is place where the tables and data will be stored

segment

tablespace type
 Stores Transactional Data

Undo Tablespace

Supports Rollback and Recovery

Holds Temporary Data

Temporary Tablespace

Optimizes Query Performance

Contains Permanent Data

Permanent Tablespace

Stores Database Objects

undo tablespace
The redo log employs this tablespace to store transaction data that has not yet been committed. This ensures that in the event of a
rollback, the necessary information is readily available, offering a safeguard against data inconsistencies or incomplete
transactions.

temporary tablespace
The temporary tablespace is harnessed by the buffer pool to house the results of queries that are frequently executed. It acts as a
short-term storage repository for this data, which is eventually purged after its temporary use, ensuring efficient memory
management

premiant tablespace
A 'Permanent Tablespace' is where all the important stuff in a database lives – like tables and their data. It's the safe and stable
home for your valuable information, and it sticks around even when you turn off the computer or close the application. Just
remember, when you want your data to stay put, it goes into the Permanent Tablespace

creating segmented of tablespace for users

In the context of an Oracle database with multiple concurrent users, there exists a potential challenge where the shared
tablespace might reach its storage capacity due to the cumulative data generated by these users. To pre-emptively address this
issue and optimize data management, a common strategy involves the creation of distinct tablespaces for each individual user
you can also consider increasing the space for tablespace but for better management creating separate tablespace for each user
is consider a better and best practise.

first use the below command to check all tablespace in database

select tablespace_name , file_name from dba_data_files;

creating tablespace
use the below syntax when creating tablespace

syntax:

CREATE TABLESPACE tablespace_name

DATAFILE 'datafile_name.dbf' SIZE size;

create tablespace tbs1 datafile 'tbs1_data.dbf' size 100m;

the tablespace is stored in directory oradata

we can use the below query to get the path for tablespace we jut created .

select tablespace_name , file_name from dba_data_files;

now you can create users on this tablespace .

create tablespace in deferent directory

you can stored them in place other that the default path

create tablespace [tablespace-name] datafile 'filepath\anyname.dbf' size [sizeyou want]m

alter tablespace to increase

you can resize the tablespace if we want using alter command to increase the space but be noted to but in consideration the
space in physical storage .
as tablespace will reserve the space it configured from disk .
syntax:
 ALTER DATABASE DATAFILE 'datafile_name' RESIZE size;

alter database datafile 'tbs1_data.dbf' resize 10m;

When you've already utilized 80MB out of the 100MB available in a tablespace, issuing a RESIZE command to increase it by
10MB will adjust the tablespace size to 90MB, effectively accommodating the additional storage needed. It doesn't expand the
tablespace to its original 100MB size; instead, it adapts to your storage requirements.

Conversely, if you apply the RESIZE command to a 100MB tablespace that hasn't stored any data, setting it to 10MB will shrink
the tablespace size to match the specified 10MB. In this case, the command alters the tablespace size to exactly what you've
designated, as there is no existing data to consider

create user stored in deferent tablespace

now we will create user but we will store the the user in tablespace we have created before .
syntax:

CREATE USER [username]

IDENTIFIED BY [password]
DEFAULT TABLESPACE [tablespace_name];

CREATE USER salah IDENTIFIED BY 101124738 DEFAULT TABLESPACE tbs1;

enable autoextend on tablespace

You can create a tablespace that automatically extends its allocated space by a specified value when needed. However, it's crucial
to exercise caution when employing this command, as the tablespace will reserve additional space from the disk where it's
configured. This means that if not managed prudently, it can consume disk space rapidly, potentially leading to storage issues.

syntax:

CREATE TABLESPACE [tablespace_name]

DATAFILE '[datafile_name]' SIZE [initial_size] AUTOEXTEND ON NEXT [next_size];

CREATE TABLESPACE tbs3 DATAFILE 'tbs3_data.dbf' SIZE 1M AUTOEXTEND ON NEXT 20M;

table portioner
if you have tables that you want to stored them in tablespace with faster disk space
and store table that is not used a lot in tablespace in slower disk

ALTER TABLE table_name MOVE TABLESPACE new_tablespace;

how to check the table space size and free space

you can sue the below query that will get the space and free space on all tablespace

select df.tablespace_name "Tablespace",

totalusedspace "Used MB",
(df.totalspace - tu.totalusedspace) "Free MB",
df.totalspace "Total MB",
round(100 * ( (df.totalspace - tu.totalusedspace)/ df.totalspace),2)
"Pct. Free"
from
(select tablespace_name,
round(sum(bytes) / 1048576) TotalSpace
from dba_data_files
group by tablespace_name) df,
(select round(sum(bytes)/(1024*1024)) totalusedspace, tablespace_name
from dba_segments
group by tablespace_name) tu
where df.tablespace_name = tu.tablespace_name;

cerate temporary tablespace

you can create temporary tablespace for temp storieng user and tables

create tabalespace [name] tempfile [fielname.dbf] size [size you want]m;

CREATE TEMPORARY TABLESPACE temporarytablespace

TEMPFILE 'temptbs_file.dbf' SIZE 1000M;
tablespace status
read only tablespace
${toc}
this tablespace that only support select command usfull for tables that are not in use or that not used anymore

read write tablespace

this allow read and write you can execute the select and update and insert and delete on the tables on tablespace

offline tablespace
this one that will not allow any action t be done on data on tablespace

drop tablespace
there two way to drop

if you have tablespace that table has constrian or forgenkeys

then you need to use the below command

drop tablespace [tablespace - name] including contents and cascade constrains

this query doesn't not delete data file it only delete tablespace object

DROP TABLESPACE [tablespace_name] INCLUDING CONTENTS AND DATAFILES;

6. Administrating user permission and security
${toc}
in oracle the database it self is called users , and users are called users
when create a database it will be created under the user who created the database.

normally in oracle we will create user and then create database under the user this which the called user database.

manging user
there are two type of user security
below are type of privilege you can grant to the user

1. system privilege
is all the privilege that are granted to user to manage the database engine.

2. object privilege

User A User B Database

GRANT SELECT ON emp TO UserB

SELECT privilege granted

User A grants SELECT privilege

on the "emp" table to User B

User A User B Database

user privilege on another user , if we have user that has table called emp , then I can give other user select privilege on the user
emp table .

In Oracle's SQL syntax, 'GRANT' and 'REVOKE' are SQL statements used to control access and permissions for various
database objects. These objects can include tables, views, procedures, and more. The 'GRANT' statement gives specific
privileges to a user or role, while the 'REVOKE' statement takes those privileges away. Here's a more detailed breakdown:

1. GRANT Statement Syntax:

GRANT privilege [, privilege, ...]

ON object
TO user [, user, ...]
[WITH ADMIN OPTION];

'privilege': This represents the specific permission you want to grant, such as 'SELECT,' 'INSERT,' 'UPDATE,' 'DELETE,'
or 'CREATE.' You can specify multiple privileges separated by commas.
 'object': This refers to the database object (e.g., a table, view, or procedure) on which you want to grant the privileges.
'user': The user or role to whom you're granting the privileges. You can grant to multiple users or roles simultaneously.
'WITH ADMIN OPTION' (optional): When used, this option allows the recipient to further grant the same privileges to
other users or roles. It essentially delegates the privilege management.
2. REVOKE Statement Syntax:

REVOKE privilege [, privilege, ...]

ON object
FROM user [, user, ...]
[CASCADE CONSTRAINTS];

'privilege': Similar to 'GRANT,' this specifies the privilege(s) you want to revoke.
'object': The database object from which you're revoking the privileges.
'user': The user or role from whom you're revoking the privileges.
'CASCADE CONSTRAINTS' (optional): If you're revoking privileges on a table, this option also removes any dependent
constraints owned by the user. Be cautious when using it, as it can have far-reaching consequences.

Here's a practical example. Let's say you want to grant the 'SELECT' and 'INSERT' privileges on the 'employees' table to the user
'Alice' and allow her to further grant these privileges to others:

GRANT SELECT, INSERT

ON employees
TO Alice
WITH ADMIN OPTION;

This command grants 'Alice' both SELECT and INSERT permissions on the 'employees' table and empowers her to pass on these
privileges to additional users if needed.

On the flip side, if you want to remove these privileges from 'Alice,' you'd use the 'REVOKE' statement:

REVOKE SELECT, INSERT

ON employees
FROM Alice;

This statement takes away the SELECT and INSERT privileges from 'Alice' on the 'employees' table.

Remember, precise management of privileges is crucial for database security and access control. Always use these commands
with care and according to your database security policies.

example
create user with admin option
i will create user called mg , the another user called sg
i will grant mg create session privilage and adding with admin option so he can grant other user the same privilege .

what is create session privilege's

This privilege allows a user to establish a connection to the Oracle database. In essence, it's the basic permission needed for a
user to log in and interact with the database.

1. create user
create user mg identified by mg;
2. grant the user create session with admin option
grant create session to mg with admin option

3. create another user that will we use to test with admin option
create user sg identified by sg;
4. login to oracle db using mg user

5. then grant user sg create session using mg user

since we provided the user mg with admin option then the user will be able to grant other user his same privilege .
grant create session to sg ;
we didn't provide user sg with admin privilege's , if we try to grant other user privilege using sg then he will not be able to grant
the user.

revoke permission
now we will revoke the permission using
revoke parameter

syntax :

revoke [permission] from [user]

now will revoke permission [create session] from mg user

revoke create session from mg;

now user cannot connect to database

system privilege
In the realm of Oracle Database, these privileges are akin to the ultimate authority, conferring users with the capability to execute
profound administrative operations and wield control over fundamental aspects of the database system. Here's a more in-depth
exploration:
CREATE SESSION: This privilege is fundamental , this allow you to connect to database so it must be exist
this similar to MSSQL public privilege that allow you to connect to the database .

1. SYSDBA: This is the most powerful system privilege, granting full administrative control over the database, including the
ability to start and stop the database, perform backup and recovery operations, and modify database parameters.
2. SYSOPER: A step below SYSDBA, SYSOPER allows for basic database operations such as starting and shutting down the
database. It has fewer administrative capabilities compared to SYSDBA.
3. CREATE SESSION: This privilege is fundamental, allowing users to establish a connection and log in to the database.
Without it, users can't even access the database.
4. CREATE TABLE: Grants the ability to create new tables within a schema. It's often used by application developers to define
data structures.
5. ALTER SYSTEM: Provides the authority to modify certain global database settings and configuration parameters.
6. DROP USER: Permits the removal of user accounts. This privilege is typically held by administrators responsible for user
management.
7. SELECT ANY TABLE: Allows a user to query any table in the database, regardless of ownership. It's useful in scenarios
where users need broad read access.
8. INSERT, UPDATE, DELETE ANY TABLE: These privileges enable users to perform data manipulation operations on any
table in the database, irrespective of ownership.
9. EXECUTE ANY PROCEDURE: Grants the right to execute any stored procedure or function in the database, regardless of
the schema in which it resides.
 10. CREATE SESSION, ALTER SESSION: These privileges pertain to session management and configuration, including the
ability to alter one's own session settings.

These system privileges cover a spectrum of actions, from fundamental access (CREATE SESSION) to more advanced
administrative and data manipulation capabilities. They are typically assigned based on a user's role and responsibilities within the
database environment.

object privilege
here you can give privilege on object of the database to do specific action
such as you can give select privilege to user to do select statment on certain table or all tables on object
or update or insert for user to certain table of the database .

example
grant user select statement on table
we will grant select privilege on table called employee to user called mg user

grant select on hr.empolyees to mg

can user share privilege to other user

le's check the user can grant other user grant select on table hr.employees
grant select on hr.employees to ahmed

he cannot because the user don't have with grant option

grant select on hr.employees to mg with grant option ;

mg

revoke privilege from user

now we will revoke select privilege from mg user .
 REVOKE [privilege] ON [schema].[table] FROM [user];

revoke select on hr.employees from mg

make role to automate privilege

if you have more than 200 user you want to grant select , this will take time , best option to create role .
role is container containing all privilege you want to assinge to specif user , and you can customize this role.

in the role you can assignee mutable privilege and assignee it to users.
 Create Role

Role Name: Select_Role

Grant SELECT Privilege

Table: hr.employees Users: user1, user2, user3, ... user20

Assign Role to Users

create role
Create a Role: First, create a role named "Select_Role" using SQL:

CREATE ROLE Select_Role;

create role hr_select ;

Grant SELECT Privilege: Assign the SELECT privilege on the desired table(s) to the "Select_Role". Let's assume you want to
grant SELECT on the employees table in the hr schema:

GRANT SELECT ON hr.employees TO Select_Role;

grant select on hr.employees to hr_select ;

with this you can assignee role to meltable user using the below syntax

GRANT Select_Role TO user1, user2, user3, ... user200;

grant hr_select to mg ;

predefined roles

profile
each user created has preference

session per user:

how many session can single user connect to oracledb.
by default is set as unlimited

cpu-per-session
when user create session it consume cpu
you can edit the amount of cpu the user can consume

cpu-per-call
when you session is open when you make query you will make call to database , here is how many call can user can make.

connection time
how mush time can session can be open if ideal.

fail_login_attempt
how many failed attempt allowed till user is get locked by default is set to 5
8. backup and restore
type of backup
1.export regular
2, data pumb
how to export and import using datapump
1.create directory and marked it in oracle engin
export schema
what does the export contain
import dump file
export dump with password
import and export normal way
export the normal way
import the normal way

type of backup
1.Export regular
it produce dump file 'dmp' extensions
allow to export database and save it in any place with out the need to specfy the dump directory

2, Data pumb
data pump must specify the directory
it also produce dump file 'dmp' extensions
in this case you have to create folder and then go to database engine and specify the directory
create directory dump as '/path '
once you specify the directory this will be only directory to export and import
and also the user must have privilege
the user hr must have dba privilege
grant dba to hr

How to export and import using datapump

1.Create directory and marked it in oracle engin
first we will create directory for backup.
note that directory must be owned by oracle user .
for this purpose I will create directory in oracle home directory.

now login to user for this instance i will login using hr user that have sample schema
and the execute the below command .

CREATE DIRECTORY dumps AS '/home/oracle/dump2/';

CREATE DIRECTORY : This part of the command initiates the creation of a directory object.
dumps : This is the name of the directory object you are creating. You can choose any name that makes sense for your use
case.
AS '/home/oracle/dump2/' : This specifies the actual physical directory path on the server's file system that you want to
associate with the directory object. In this example, the directory object named "dumps" is associated with the path
'/home/oracle/dump2/' on the server.
syntax :
 CREATE DIRECTORY directory_name AS 'directory_path';

Export schema
to export the schema is expdp and can only be done through the terminal .
and you will have to fill the directory which we have submitted in database engine .
which dumps
and then fill the filename follow by the file extensions .dmp

expdp hr/hr@orcl directory=dumps dumpfile=test_exp_jan.dmp

syntax

expdp [username[/password]@connect_identifier] DIRECTORY=directory_object DUMPFILE=dumpfile_name

username[/password] : The Oracle username and optional password for the database connection.
@connect_identifier : The connection identifier for the Oracle database.
DIRECTORY=directory_objec t: Specifies the Oracle directory object representing the directory where the export file will be
placed.
DUMPFILE=dumpfile_name : Indicates the name of the dump file to be generated.
Remember to replace username, password, connect_identifier, directory_object, and dumpfile_name with your specific
database and export file details.
the
What does the export contain
the export will contain the table , roles , views , database links ,index.

you can see the details during the export

processes.

Import dump file

as we did before , we exported everting under user hr .

now we want to export, to achieve that we will need to import the dump under another user
for this purpose i will create user and grant it the necessary privilege .
then I will import hr user dump to that user .

since I have use expdp to export files ,

then we will use impdp
importing for dump created using expdp can only be imported using impdp .

example :

impdp ahmed/ahmed@prod directory=dumps dumpfile=test_exp_jan.dmp remap_schema=hr:ahmed

logfile=import.log

username/password: The Oracle username and password used to connect to the target database.
@connect_identifier: The connection identifier for the Oracle database.

-DIRECTORY=directory_object: Specifies the Oracle directory object representing the directory from which the export file will be
read during import.

DUMPFILE=dumpfile_name: Indicates the full path to the dump file to be used for the import operation.

-REMAP_SCHEMA=source_schema:target_schema: Allows you to map the source schema in the dump file to the target
schema in the database during the import process
so for our case we exported from hr user and planning to import ahmed user
Export dump with password
if you have very critical database with sensitive data that you don't want to be seen by unauthorised people
syntax:

expdp hr/hr@prod schemas=hr directory=dumps dumpfile=[file].dmp logfile=[name].log encryption=all

encryption_password=[password]

-expdp: This is the command used to invoke Oracle Data Pump, a utility for exporting and importing data in Oracle databases.

-hr/hr@prod: This section specifies the username and password used to connect to the Oracle database. It's in the format
username/password@database. In this case, it's connecting as user hr with the password hr to the prod database.

-schemas=hr: This option specifies the schema (hr) from which data will be exported. A schema is a logical container for database
objects within the Oracle database.

-directory=dumps: Here, you specify the Oracle directory named dumps. This directory should have been previously created in
the database and is used as the location where the Data Pump utility will store the export files.

-dumpfile=[file].dmp: This part defines the name of the dump file that will be generated during the export. You should replace [file]
with your desired file name. The .dmp extension is standard for Oracle Data Pump export files.

-logfile=[name].log: Similar to the dumpfile, this option specifies the name of the log file that will be generated during the export.
Replace [name] with your preferred log file name. The .log extension is commonly used for log files.

-encryption=all: This indicates that data in the export file will be encrypted. The encryption=all option ensures that all exported
data is encrypted for security purposes.

-encryption_password=[password]: Here, you need to specify the encryption password. Make sure to replace [password] with
the actual encryption password you intend to use. This password will be required to decrypt the exported data when needed.

Import and export normal way

export the normal way
In here you don't need to inform the database engine what is the directory for storing the backup in here you can specify the path
directory in export command

syntax:

exp username/password file=[filename].dmp log=[file-name].log

example:

exp hr/hr file=/home/oracle/dump2/backup2.dmp log=/home/oracle/dump2/backup2.log

Import the normal way

The below is syntax for importing using the normal exportnote that the import only work with export execute with exp command
Syntax

imp userid=username/password full=y file='path of dmp export file '

Examble:

imp userid=ahmed/ahmed full=y file='/home/oracle/dump2/backup2.dmp'