Tip

How do I restrict or allow a few client machines to connect to  Server ?

 

Oracle Techniques                                                                   By Sameer Wadhwa

Tip is valid for Oracle Version 8.x                                                  Check for Update of Oracle Version 9.x

This tip will tell you what you have to do if you do not want a particular client machine say machine of  person X , connect to oracle server or vice versa.

The step are very simple , you need the following things

1)      You must know the IP-address or host name of the client machine.

2)      You have to create a file named protocol.ora  in a   your favorite editor say notepad or vi and add the following lines in it.

# Add the following lines if you want to invite only the following client machine to connect

TCP.INVITED_NODES =(<Client IP-ADDRESS 1>, <Client IP-ADDRESS 2>)

# Add  the following lines if you want to invite all the client machine except the following

TCP.EXCLUDED_NODES=(<Client IP-ADDRESS 1>, <Client IP-ADDRESS 2>)

# The following is the required parameter.

      TCP.VALIDNODE_CHECKING=yes

 

Here is the simple example,  to allows the user to connect to the oracle database with  IP-ADDRESS 192.168.11.20  or 192.168.10.12  only  , configure the protocol.ora  as follows :-

tcp.invited_nodes=(192.168.11.20 ,192.168.10.12  )

tcp.validnode_checking=yes

3)The destination of this file should be same as of sqlnet.ora and tnsnames.ora on the server.

4)Stop and restart the listener to make this effect.

 

 

Note : There are certian bugs attached with this method , check the oracle support or metalink for this for your specific platform and oracle version.

BUG WORKAROUND

On windows NT  on Oracle version 8.1.x , you have to create a net80\admin directory and put the protocol.ora file in it rather than network\admin directory.

On Unix on Oracle version 8.1.x, you have to rename protocol.ora to .protocol.ora  in the network/admin directory.

 

Update Version 9.x

Protocol.ora file is not supported in Oracle 9i.

The parameters TCP.INVITED_NODES, TCP.EXCLUDED_NODES, TCP.VALIDNODE_CHECKING need to put in  SQLNET.ora  file instead of PROTOCOL.ora.

For further information check the metalink doc 185936.1

---------------------------------------------------------------------------------------------------

(Please report to me any Bugs, Issues)

 

End of Tip

Welcome to send comments or feedback at  SamOracle@Yahoo.com

 
Copyright © Oracle Techniques All Rights Reserved

Oracle Techniques