12 Replies Latest reply: May 7, 2012 2:12 PM by sb92075 RSS

    10g on Windows Server 2008

    user626836
      Hi everyone,
      I have installed Oracle 10g on a server that uses Windows Server 2008 Standard Edition, but when I use Net Configuration Assintant to connect each user to the database it says that the connection could not be establish. Is there any security issue with 2008 that I don't know to allow oracle users to connect?
      Can anyone please help me?
        • 1. Re: 10g on Windows Server 2008
          sb92075
          user626836 wrote:
          Hi everyone,
          I have installed Oracle 10g on a server that uses Windows Server 2008 Standard Edition, but when I use Net Configuration Assintant to connect each user to the database it says that the connection could not be establish. Is there any security issue with 2008 that I don't know to allow oracle users to connect?
          Can anyone please help me?
          my car won't go
          tell me how to make my car go

          open Command Window on DB Server & issue following OS commands

          lsnrctl status
          lsnrtcl service

          COPY command & results then PASTE all back here
          • 2. Re: 10g on Windows Server 2008
            Mark Malakanov (user11181920)
            Is there any security issue with 2008 that I don't know to allow oracle users to connect?
            Windows Firewall
            • 3. Re: 10g on Windows Server 2008
              user626836
              Hi sb92075 and thanks for replying,
              These are the commands that you suggested and here are the results:
              lsnrctl status:

              LSNRCTL for 32-bit Windows: Version 10.2.0.3.0 - Production on 04-MAY-2012 15:39
              :49

              Copyright (c) 1991, 2006, Oracle. All rights reserved.

              Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
              STATUS of the LISTENER
              ------------------------
              Alias LISTENER
              Version TNSLSNR for 32-bit Windows: Version 10.2.0.3.0 - Produ
              ction
              Start Date 04-MAY-2012 15:25:37
              Uptime 0 days 0 hr. 14 min. 12 sec
              Trace Level off
              Security ON: Local OS Authentication
              SNMP OFF
              Listener Parameter File E:\oracle\product\10.2.0\db_1\network\admin\listener.o
              ra
              Listener Log File E:\oracle\product\10.2.0\db_1\network\log\listener.log

              Listening Endpoints Summary...
              (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(PIPENAME=\\.\pipe\EXTPROC1ipc)))
              (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=server.DOMAIN.local)(PORT=1521)))
              Services Summary...
              Service "ORCLXDB" has 1 instance(s).
              Instance "orcl", status READY, has 1 handler(s) for this service...
              Service "ORCL_XPT" has 1 instance(s).
              Instance "orcl", status READY, has 1 handler(s) for this service...
              Service "PLSExtProc" has 1 instance(s).
              Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
              Service "orcl" has 1 instance(s).
              Instance "orcl", status READY, has 1 handler(s) for this service...
              The command completed successfully

              And the last one is lsnrctl services with the following:

              LSNRCTL for 32-bit Windows: Version 10.2.0.3.0 - Production on 04-MAY-2012 15:47
              :52

              Copyright (c) 1991, 2006, Oracle. All rights reserved.

              Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
              Services Summary...
              Service "ORCLXDB" has 1 instance(s).
              Instance "orcl", status READY, has 1 handler(s) for this service...
              Handler(s):
              "D000" established:0 refused:0 current:0 max:1002 state:ready
              DISPATCHER <machine: SERVER, pid: 3368>
              (ADDRESS=(PROTOCOL=tcp)(HOST=SERVER.DOMAIN.local)(PORT=49205))
              Service "ORCL_XPT" has 1 instance(s).
              Instance "orcl", status READY, has 1 handler(s) for this service...
              Handler(s):
              "DEDICATED" established:26 refused:0 state:ready
              LOCAL SERVER
              Service "PLSExtProc" has 1 instance(s).
              Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
              Handler(s):
              "DEDICATED" established:0 refused:0
              LOCAL SERVER
              Service "orcl" has 1 instance(s).
              Instance "orcl", status READY, has 1 handler(s) for this service...
              Handler(s):
              "DEDICATED" established:26 refused:0 state:ready
              LOCAL SERVER
              The command completed successfully
              • 4. Re: 10g on Windows Server 2008
                sb92075
                from Command Window on DB Server issue following OS command

                sqlplus scott/tiger@orcl

                COPY command & results then PASTE all back here

                post COPY & PASTE of original command & error message.
                • 5. Re: 10g on Windows Server 2008
                  user626836
                  When I connect locally works pretty well and I am able to connect. Is only when I try to connect from another computer on the internal network.
                  This is the message that I receive when I use the command you suggested:

                  C:\>sqlplus scott/tiger@orcl

                  SQL*Plus: Release 10.2.0.3.0 - Production on Fri May 4 16:18:09 2012

                  Copyright (c) 1982, 2006, Oracle. All Rights Reserved.

                  ERROR:
                  ORA-28000: the account is locked

                  If I connect to my account works pretty well.
                  • 6. Re: 10g on Windows Server 2008
                    Mark Malakanov (user11181920)
                    You've done lsnrctl and sqlplus tests from same machine where DB is.
                    But you having problems with connecting from other machines, is it correct?
                    • 7. Re: 10g on Windows Server 2008
                      user626836
                      Yes sir that is correct!!
                      • 8. Re: 10g on Windows Server 2008
                        sb92075
                        user626836 wrote:
                        If I connect to my account works pretty well.
                        I wanted to confirm that listener & DB Server were 100% functional.

                        Any error that occurs on/from remote client means some mis-configuration local to that client system.


                        What is actual command & error code/message from remote client?
                        • 9. Re: 10g on Windows Server 2008
                          user626836
                          I forgot to tell you that I have Microsoft Firewall Client for ISA server 2006 on all machines. The thing is that that firewall is kind of complicated to open ports, so maybe I need to find a way to open port 1521 because is trying to make the connection through the ISA server.
                          • 10. Re: 10g on Windows Server 2008
                            Mark Malakanov (user11181920)
                            1. you should open TCP 1521 port on the DB server, so Listener will be reachable. You can tnsping or telnet it from remote machine.
                            2. you should allow on Clients all TCP packets from DB server via any ports. If possible (for better security) only for TCP sessions established by outgoing TCP from the Client to DBserver:1521.

                            If nothing helps or #2 is not allowed in your company, enable USE_SHARED_SOCKET=TRUE as env var for Oracle or globally or in Win Registry HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE on DBserver.
                            • 11. Re: 10g on Windows Server 2008
                              user626836
                              Hi user11181920 and thanks for replying,
                              All of my users are not connecting remotly, just locally in my internal network. I have an ISA Server to protect our users from attacks from the Internet and each computer including our database server has a Firewall Client for ISA Server installed, so I believe that my firewall is the one who is blocking my connections.
                              • 12. Re: 10g on Windows Server 2008
                                sb92075
                                user626836 wrote:
                                Hi user11181920 and thanks for replying,
                                All of my users are not connecting remotly, just locally in my internal network. I have an ISA Server to protect our users from attacks from the Internet and each computer including our database server has a Firewall Client for ISA Server installed, so I believe that my firewall is the one who is blocking my connections.
                                I agree