Bv-Control For Oracle Getting Started Guide PDF

bv-Control for Oracle v8.
10
® ®
Service Pack 1
Getting Started Guide
BindView Corporation · 5151 San Felipe, Suite 2500 · Houston, TX 77056

COPYRIGHT
Copyright © 2006 BindView Corporation. All rights reserved. BindView
Corporation is a business name of BindView Development Corporation.
Information in this document is subject to change and revision without
notice. The software described herein may only be used and copied as
outlined in the Software License Agreement. No part of this manual may be
reproduced by any means, electronic or mechanical, for any purpose other
than the purchaser’s personal use, without prior written permission from
BindView Corporation.
BINDVIEW CORPORATION PROVIDES THIS DOCUMENTATION “ AS IS ” WITHOUT
WARRANTY OF ANY KIND , EITHER EXPRESS OR IMPLIED , INCLUDING BUT NOT LIMITED
TO THE IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY OR FITNESS FOR
A PARTICULAR PURPOSE . IN NO EVENT SHALL BINDVIEW CORPORATION BE LIABLE FOR
ANY LOSS OF PROFITS , LOSS OF BUSINESS , LOSS OF USE OR DATA , INTERRUPTION OF
BUSINESS , OR FOR DAMAGES OF ANY KIND , EVEN IF BINDVIEW CORPORATION HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES ARISING FROM ANY DEFECT OR ERROR
IN THIS DOCUMENTATION .
BindView Corporation may revise this publication from time to time without
notice. Because some jurisdictions do not allow the exclusion or limitation
of liability for consequential or incidental damages, the above limitations
may not apply. BindView Corporation's liability for actual damages from any
cause whatsoever, and regardless of the form of the action (whether in
contract, tort (including negligence), product liability or otherwise) will be
limited to $50.00 U.S.
TRADEMARK NOTES
BindView, the BindView logo, and the BindView product names used in this
document are trademarks of BindView Corporation and may be registered in
one or more jurisdictions.
The names of products of other companies mentioned in this document, if
any, may be the registered or unregistered trademarks of the owners of the
products.
January 2006
© 2006 BindView Corporation. All rights reserved.

THIRD-PARTY COPYRIGHTS
This product includes cryptographic software written by Eric Young
(eay@cryptsoft.com <mailto:eay@cryptsoft.com>) Copyright (c)
1998-2000 The OpenSSL Project. All rights reserved.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ERIC
YOUNG OR ASSOCIATES BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
OF THE POSSIBILITY OF SUCH DAMAGE.
bv-Control for Oracle Getting Started Guide

Notice
Documentation Reorganization and Enhancement

In response to customer feedback and our ongoing effort to maximize user
satisfaction with BindView’s solutions documentation, we have reorganized
and enhanced our product documentation. We hope that you will find the
following changes useful.
• User Guide content pertaining to using the product was moved to the
online Help. The remaining User Guide information was moved to a new
document, the Getting Started Guide. With all of its content relocated, the
User Guide no longer exists as a separate document and the User Guide
title has been eliminated.
• The Planning & Deployment Guide contents and Evaluation Guide contents
were moved to the Getting Started Guide. The Planning & Deployment
Guide and Evaluation Guide no longer exist as separate documents and
their title have been eliminated.
• The new Getting Started Guide now provides
- deployment planning information
- detailed installation and configuration instructions
- troubleshooting information
- evaluation scenarios to guide you through the key features of this
product
We invite your comments and suggestions regarding all documentation.
Please contact the Documentation department at docs@bindview.com.
Notice

bv-Control for Oracle Getting Started Guide

Contents
Notice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Information Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
BindView Product Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

About BindView Corporation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Online Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Typestyle Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Alert Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Contacting BindView . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
1 bv-Control for Oracle Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
About bv-Control for Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Product Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
bv-Control for Oracle Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
BindView RMS Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2 Planning for Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Planning for Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Minimum Rights Required . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Upgrading from a Previous Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
3 Installing bv-Control for Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
Installing the Product . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Installing BindView RMS Console and Information Server. . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Installing the Snap-in . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Configuring RMS Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Adding bv-Control for Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Adding Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
4 Installing bv-Control for Unix Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Contents 9
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Installing bv-Control for Unix agent using install.sh on UNIX target machine . . . . . . . . . . . . . 38
Installing bv-Control for Unix agent manually on different Operating Systems . . . . . . . . . . . . . . . 41
AIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
HP-UX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Solaris . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Red Hat Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
SUSE Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Installing bv-Control for Unix agent using bv-Config UNIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
5 Registering and Configuring the UNIX Targets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65
Registering UNIX Targets with BindView Information Server . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Registering with BindView Information Server using Resource Name/Password . . . . . . . . . . . 66
Registering with BindView Information Server without using Resource Name/Password . . . . . 67
Running the setup.sh Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Un-registering UNIX Target from BindView Information Server . . . . . . . . . . . . . . . . . . . . . . . . . 71
6 Configuring and Adding Credentials in bv-Control for Oracle . . . . . . . . . . . . . . . . . . . . . . . .73
Configuring bv-Control for Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Configuring the Product . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Requirements for UNIX/Linux Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Configuring bv-Control for Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Adding Credential Databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
7 Evaluating bv-Control for Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
Evaluating the Product . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Database Access Control - Users with System Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Password Management - Password Identical to Username . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Database Role Assignments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Database Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Using Custom SQL Query Datasource . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
8 Uninstalling bv-Control for Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95
Product Removal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
Uninstalling bv-Control for Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
9 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .97
Symptoms and Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
10 bv-Control for Oracle Getting Started Guide

Appendix A Default User Accounts and Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103
Appendix B SELECT Privileges Required to Query Database-related Datasources . . . . . . . .109
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109
Appendix C Script to Create Credentials User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111
Using the Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113
Contents 11
Information Resources
In This Section
BindView Product Documentation ..................................................................14

Contacting BindView .....................................................................................16
Information Resources 13
BindView Product Documentation
About BindView BindView Corporation is a leading provider of proactive business policy, IT security
Corporation and directory management software worldwide. BindView solutions and services
enable customers to centralize and automate policy compliance, vulnerability
management, and directory administration across the entire organization. With
BindView insight at work™, customers benefit from reduced risk and improved
operational efficiencies with a verifiable return on investment. More than 20 million
licenses have shipped to 5,000 companies worldwide, spanning all major business
segments and the public sector.
Online Documentation is provided in the following electronic formats on the BindView

Documentation product CD:
• Adobe® Acrobat® PDF files
• HTML Release Notes files
• Online help
You must have Adobe® Reader® installed to read the PDF files. Adobe Reader
installation programs for common operating systems are available for a free
download from the Adobe Web site at www.adobe.com.
Getting Started Guide The Docs directory on the BindView product CD contains a copy of the Getting
Started guide and other documentation in the PDF format.
Release Notes If the autorun function is enabled, a Readme HTML file for your BindView product is
accessible under the Documentation menu of the BindView setup menu when you
insert your CD. You also can select to view this file after the installation is
completed, or by browsing to the Release Notes directory in the root directory for
your program:
C:\Program Files\BindView\RMS\Release Notes
Online Help Comprehensive help is available from the Help menu on the BindView RMS Console
and the BindView RMS Web Console. Additionally, you can access help by clicking
the Help button in any dialog, by right-clicking an item and selecting Help from the
action menu, or by pressing F1 in any dialog.

Typestyle The following conventions are observed throughout this guide:

Conventions
• Bold text is used to designate file and folder names, dialog titles, names of
buttons, icons, and menus, and terms that are objects of a user selection.
• Italic text is used for word emphasis, defined terms, and manual titles.
• Monospace text (Courier) is used to show literal text as you would enter it, or
as it would appear onscreen.
Alert Statements The alerting statements are Notes, Cautions, and Warnings. These statements are
formatted in the following style:
• • • • • •
Note: Information that is incidental to the main text flow, or to an important
point or tip provided in addition to the previous statement or instruction.
• • • • • •
Caution: Advises of machine or data error that could occur should the user fail
to take or avoid a specified action.
• • • • • •
Warning: Requires immediate action by the user to prevent actual loss of data
or where an action is irreversible, or when physical damage to the
machine or devices is possible.
Information Resources 15
Contacting BindView
Contacting BindView
Technical Support BindView has sales and support offices around the world. For information on
contacting BindView, please refer to the information below or to the BindView
Web site: www.bindview.com
For Technical Support: www.bindview.com/support
Technical Support is available Monday through Friday from 7:00 a.m. to 7:00 p.m.
Central Time. Normal working hours for all other departments are 9:00 a.m.
to 6:00 p.m.
Phone
Sales and Customer U.S. and Canada 800-813-5869
Service
Outside N. America 713-561-4000
Technical Support U.S. and Canada 800-813-5867
Training/Professional U.S. and Canada 800-749-8439
Service
Fax All Areas 713-561-1000
Email
Sales sales@bindview.com
Training edu@bindview.com
Documentation docs@bindview.com
Other
FTP Site ftp://ftp.bindview.com
Internet www.bindview.com
Postal Mail BindView
5151 San Felipe, Suite 2500
Houston, TX 77056

1 bv-Control for Oracle Overview
In This Chapter
About bv-Control for Oracle...........................................................................18

Product Overview .........................................................................................18
bv-Control for Oracle Features .......................................................................18
BindView RMS Console .................................................................................18
1: bv-Control for Oracle Overview 17

About bv-Control for Oracle
Product Overview BindView's bv-Control® for Oracle® application provides tools to analyze and
secure the Oracle enterprise. bv-Control for Oracle provides vulnerability
management and reporting for Oracle databases. This also helps in meeting the
compliance demands of the new regulatory requirements that make it mandatory for
organizations to demonstrate adequate internal controls over their IT systems.
A useful set of pre-defined reports has been designed to help the administrator in
managing the Oracle enterprise better.
bv-Control for bv-Control for Oracle supports vulnerability management and audit reporting for
Oracle Features Oracle Databases. bv-Control for Oracle provides out-of-the box reporting for the
enterprise Oracle infrastructure. It supports several pre-defined reports (BVDs) that
cover the essential best practices for Oracle databases. The product integrates with
the BindView RMS as an integrated solution.
Some of the key features of bv-Control for Oracle include:
• Configuration Information
Using the information obtained from the reports generated by bv-Control Oracle,
administrators can accurately view the status of the configuration information.
The reports can be obtained at the operating system level, network, and
databases.
• Access Control and Auditing
You can generate reports to analyze who has access to information on databases
by using the access control reports in bv-Control for Oracle. Action can be taken if
unauthorized users have access to databases.
The auditing feature involving the monitoring and recording of database actions is
available in the form of reports using bv-Control for Oracle.
• Query-based Analysis
This application provides administrators with advanced query-based capabilities
that allow report information to be graphed, compared to an established baseline,
and exported into a variety of data formats, such as Microsoft Excel, Microsoft
Word, HTML, and to e-mail addresses. Further, bv-Control for Oracle allows query-
based analysis on many useful data sources and fields.
• Pre-packaged Query Reports
Pre-configured reports that identify key issues such as database integrity, security,
and permissions tracking, are included with bv-Control for Oracle.
BindView RMS The BindView RMS® Console and Information Server installs as a snap-in to the
Console Microsoft Management Console (MMC). The MMC is a host application that provides
a common user interface enabling you to navigate the BindView RMS Console
application. The BindView RMS Console, along with bv-Control for Oracle, is a
powerful tool designed to help you manage your Oracle environment. The BindView
RMS Console is the primary user interface for bv-Control products. The BindView
RMS Console provides query, baseline, task list, chart, report, and export features.

As you install the RMS Console, you are requested to add the product you want to
install with the RMS Console. Though any of the products can be installed, only the
products for which you have licenses will be operable.
For more information about the BindView RMS Console, refer to the BindView RMS
Console and Information Server Online Help.
1: bv-Control for Oracle Overview 19


2 Planning for Deployment
In This Chapter
Overview .....................................................................................................22
System Requirements ...................................................................................22
Minimum Rights Required .............................................................................23
2: Planning for Deployment 21

Planning for Deployment
Overview Before you deploy bv-Control for Oracle, you must evaluate your environment to
ensure that your workstations meet the minimum system requirements for running
the product. The recommended system requirements are described in the “System
Requirements” section.
To successfully validate credentials in bv-Control for Oracle, you must have
appropriate permissions on the Information Server, the databases and the operating
systems. The required permissions are described in the “Minimum Rights” section.
If you are upgrading to bv-Control for Oracle 8.10 SP1, read the “Upgrading from a
Previous Version” section.
System Before you install the BindView RMS Console, make sure that your workstation and
Requirements network environment meet the following minimum requirements:
• Pentium® II 450 MHz
• 256 MB RAM
• 300 MB of free disk space
• SVGA monitor that supports 256 colors with the display set to 800 x 600 pixels or
greater
• Microsoft® Windows® 2000 SP3 (server or workstation), Windows XP®
Professional SP1, or Windows Server™ 2003 or later
• Microsoft Internet Explorer v5.5 SP1 or later
• Microsoft® Outlook® 2000, Novell® GroupWise® v5.5, Lotus Notes® v5.0 or
Lotus Domino® (only required for e-mailing export files)
• Microsoft® Excel (required for Excel (using OLE) export files)
• Client for Microsoft® Networks
Before you install the BindView RMS Information Server, make sure that your
workstation and network environment meet the following minimum requirements:
• Pentium III 800 MHz
• 512 MB RAM
• 500 MB of free disk space
• Microsoft Windows 2000 SP3 (server or workstation), Windows XP Professional
SP1, or Windows Server 2003 or later
• Microsoft SQL Server v7.0 or 2000, or Microsoft SQL Server Desktop Engine
(MSDE) v1.0 or 2000
• Microsoft Internet Explorer v5.5 SP1 or later
• Microsoft Outlook 2000, Novell GroupWise v5.5, Lotus Notes v5.0 or Lotus
Domino (only required for e-mailing export files)
• Microsoft Excel (required for Excel (using OLE) export files)
• Client for Microsoft Networks

If you install a Console and Information Server on the same machine, the machine
must meet all of the listed system requirements.
• • • • • •
Note:
bv-Control for Oracle v8.10 Service Pack 1 requires BindView RMS Console v8.00 SP
2.
Before launching the RMS Console, you must install BindView RMS Console
Hotfix 015-CRJ214821 or later. This hotfix is available for download on the
BindView Customer Portal website.
Apply the RMS Hotfix HF_CRJ208436 on the installed product.
Apply RMS Hotfix HF_CRJ208437 to prevent data of large files (greater than 2MB)
from getting truncated while exporting them from the result grid to the CSV format.
Hardware • Sun™ SPARCstation™1 or UltraSPARC® - for Solaris™

Requirements for
installing bv-Control for • HP9000 UNIX servers, HP Visualize® UNIX workstations (classes B, C and J)
Unix agents • IBM® RS/6000® UNIX workstations and servers
• Intel® or equivalent for Red Hat® and SUSE® Linux®
• 20 MB disk space
• TCP/IP network
Software Requirements • Sun Solaris Operating Environment version 5.6, 5.7, 5.8, 5.9, and 10
for installing bv-Control
for Unix agents • Red Hat Linux version 6.2, 7.0, 7.1, 7.2, 7.3, 8.0, and 9.0
• Red Hat Enterprise Linux AS version 2.1, and Red Hat Enterprise Linux AS/ES
version 3.0, and 4.0
• Hewlett-Packard® HP-UX® version 10.20, 11.00, 11.11(v1), 11.11i(v1),
11.23(v2)
• IBM® AIX® version 4.3.3, 5.1, 5.2, and 5.3
• SUSE Linux version 7.3, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, and 9.3
• SUSE Linux Enterprise Server version 8.0, 8.1, and 9.0
• BindView RMS® Console and Information Server v8.00
• openSSH installed on each UNIX target machine
Your BindView RMS Console and Information Server CD includes a Microsoft installer
MSDE Installation for the Microsoft SQL Server 2000 Desktop Engine (MSDE 2000). If the BindView
RMS Console and Information Server setup program determines that you need to
install MSDE, a warning message will appear. Click the 3rd Party Applications
button in the Install panel and then the MSDE 2000 button to start the MSDE
installer.
Minimum Rights This section describes the miminum rights required on the BindView Information
Required Server, the databases, and the operating system on which the queries report.

Windows Trust The domain of the Windows credentials supplied for connecting with the Oracle
Requirement server must have a one-way trust with the domain of the BindView Information
Server. Otherwise, the server will be displayed as “Unknown” while configuring the
product.
Privileges Required for The credential user needs certain privileges to run queries on database-related
Database-related datasources.
Queries
For information on specific SELECT privileges to query database-related
datasources, Refer to Appendix B: SELECT Privileges Required to Query Database-
related Datasources.
Alternatively, you can provide the following privileges:
For Oracle Database Version 9i and later:
SELECT ANY DICTIONARY - Granting this privilege allows access to the required
data dictionary objects.
SELECT ON SYSTEM.PRODUCT_USER_PROFILE - Granting this privilege allows
access to the SYSTEM.PRODUCT_USER_PROFILE synonym, which will be used for
reporting in the SQL*Plus Security datasource.
For Oracle Database Version 8i:
• • • • • •
Note: Oracle 8i does not have SELECT ANY DICTIONARY privilege and SELECT
ANY TABLE PRIVILEGE is not useful if O7_DICTIONARY_ACCESSIBILITY is
set to false.
SELECT_CATALOG_ROLE - Granting this privilege allows access to the required

"DBA_" views and the V$ dynamic performance views.
SELECT ON SYSTEM.PRODUCT_USER_PROFILE - Granting this privilege allows
access to the SYSTEM.PRODUCT_USER_PROFILE synonym, which will be used for
reporting in the SQL*Plus Security datasource
The following privileges grant access to the dictionary objects required for reporting
on Database Audit Trail datasource
SELECT ON SYS.OBJAUTH$
SELECT ON SYS.OBJ$
SELECT ON SYS.USER$
SELECT ON SYS.COL$
SELECT ON SYS.TABLE_PRIVILEGE_MAP
For Oracle 8i, the SELECT privileges must be granted on individual data dictionary
objects because Oracle 8i does not support the SELECT ANY DICTIONARY privilege.
Also, the SELECT ANY TABLE privilege does not allow access to data dictionary
objects when the O7_DICTIONARY_ACCESSIBILITY parameter is set to FALSE.
A SQL script, INITBVCO.SQL, that creates a credential user and assigns privileges to
be able to work with bv-Control for Oracle has been provided in the Utilities folder
in root of the CD. This script must be run on all the databases on which you want
bv-Control for Oracle to report. Refer to Appendix C: Script to Create Credentials and
Assign Privileges for more details.

Privileges Required for To obtain Windows platform-specific information, the credentials user must have
Platform-specific administrator privileges on the Windows machine.
Queries
You must have root access privileges for the machine on which you want to install
bv-Control for Unix agent. bv-Control for Unix agent is installed only under root
account credentials. Communication between the BindView Information Server and
the UNIX targets uses TCP port 1236.
Requirements for bv-Control for Oracle normally does not require the Oracle Client to be installed on
Encryption the BindView Information Server. Oracle client needs to be installed with Oracle
Advanced Security enabled only in case network data encryption is required.
Please refer to the bv-Control for Oracle online help for detailed information on how
to configure Network Data Encryption.
Upgrading from a bv-Control for Oracle v8.10 Service Pack 1 supports upgrade from bv-Control for
Previous Version Oracle v8.10. Upgrading from the previous version is a silent upgrade and requires
no additional steps other than the procedure described in the “Installing bv-Control
for Oracle” chapter.
• • • • • •
Note:
You must launch the BindView RMS Console to get the credentials upgraded.
Information about the operating system of the server in the configuration is used to
establish the type of credentials for a server in the credentials database. You can
view the credentials after upgrade.
If the server type is Unknown, then these credentials will be removed from the
credentials database since the credential type cannot be determined. Credentials will
not be usable since platform queries cannot be run on an unknown server.
The support for generic resource credentials in bv-Control for Oracle will not be
available after upgrade. You can enter the native UNIX/Linux credentials as generic
UNIX/Linux OS credentials after upgrade. Any queries that run with Resource
credentials as the generic UNIX/Linux credentials will fail.
We recommend that you upgrade both bv-Control for Oracle and bv-Control for Unix
to versions 8.10 SP 1 and 8.10 respectively so that both snap-ins work smoothly.


3 Installing bv-Control for Oracle
In This Chapter
Installing the Product....................................................................................28

Installing BindView RMS Console and Information Server.................................28
Installing the Snap-in....................................................................................28
Configuring RMS Console ..............................................................................30
Adding bv-Control for Oracle .........................................................................31
Adding Users................................................................................................34
3: Installing bv-Control for Oracle 27

Installing the Product
Installing BindView Before installing bv-Control for Oracle, you will need to install the BindView RMS
RMS Console and Console and Information Server.
Information
Once the system hardware and software requirements are met, the procedure to
Server.
install the RMS Console is as follows:
1. Autorun the CD.
If Autorun is not enabled, run Setup.exe at the root of the CD-ROM disk.
2. From the BindView RMS Demo Shield dialog, click Install.
3. Select 'RMS Console and Information Server' from the menu.
For more information on installing the BindView RMS Console, see the BindView
RMS Console and Information Server Help.
The bv-Control for Oracle application is shipped on a CD that must be available from
either a local or remotely mounted CD-ROM drive. If you do not have access to a
CD-ROM drive, contact BindView Technical Support for assistance.
Installing the You can install the bv-Control for Oracle snap-in by performing the following steps:
Snap-in
1. After installing the BindView RMS Console and Information Server, insert the
bv-Control for Oracle CD into your CD-ROM drive or double-click Setup.exe
from the installation directory.
The Install panel appears.
Fig. 1 Install Panel
2. Click Install.

The Welcome panel appears.
Fig. 2 Welcome Panel
3. Click Next.
The License Agreement panel appears.
Fig. 3 License Agreement Panel
4. Read the license agreement and click Yes to accept the terms.
The Start Copying Files panel appears.

Fig. 4 Start Copying Files Panel
5. Review the information and click Next.

The Setup Complete panel appears.
Fig. 5 Setup Complete Panel
The options to launch BindView RMS Console and to view the Release Notes
are selected by default.
6. Accept the default selections or make necessary changes and click Finish to
complete the installation.
Configuring RMS The first time a user opens the Console after it is installed or upgraded, or after a
Console bv-Control product is installed on the Console machine, the BindView RMS
Console Configuration Wizard appears. This wizard allows you to perform the
minimum configuration required by the Console and Information Server.

The BindView RMS Console Configuration Wizard will lead you

through the necessary configuration steps. You can perform the following
operations.
• Adding bv-Control for Oracle
• Adding licenses
• Adding users
To operate bv-Control for Oracle, you must configure the BindView RMS Console.
This section briefly describes how to configure the RMS Console.
For more information on configuring the BindView RMS Console, see the BindView
RMS Console and Information Server User Guide.
Adding bv-Control All bv-Control products installed on both the Console and the Information
for Oracle Server machines appear in the Installed product list.
1 Click Next on the Welcome panel of the BindView RMS Console
Configuration Wizard.
The Add/Remove Products panel appears.
Fig. 6 Add/Remove Products Panel
All bv-Control products installed on the Information Server machine appear in

the Installed Product List.
2 Select bv-Control for Oracle and any other bv-Control products that you
would like to use on the RMS Console.
3 Click Next.
The Add Licenses panel appears.

Fig. 7 Add Licenses Panel
In order to use this product, licenses must be assigned to the object you want
to query. When you add the necessary licenses, the license contains a limited
number of unassigned object licenses. These object licenses are automatically
assigned when you run a query.
4 There are different ways to add licenses.
- Enter the license code in the Add text frame and click Add.
- Click Browse and select a license file.
- Drag a license file to the License Type list.
5 Repeat the process until you have entered all of your BindView product license
codes.
6 Click Next.
The License Summary panel appears.

Fig. 8 License Summary Panel
• • • • • •
Note: If the panel contains a caution message for missing licenses, click Back to
return to the Add Licenses panel and add the missing licenses.
7 Click Next to add the licenses to the BindView Information Server.

The Add Licenses Completed panel appears.
8 Click Next.
The Add/Remove Products in progress panel appears.
9 Click Next.
The Add Users panel appears.

Fig. 9 Add Users Panel
Adding Users Add users and define properties for each user. You can select multiple users.
10 Add users of the Information Server by typing their fully qualified path in the
Users frame, or by using the browse (...) button to open a dialog for selecting
the desired user.
The added users have access rights to the Information Server.
11 Assign the desired user properties for each added user and click Next.
The Add Users Summary panel appears.
12 Review the summary information for the added users and click Next.
The BindView RMS Console Configuration Wizard completion panel appears.

Fig. 10 RMS Console Configuration Complete Panel
13 Click Finish.
The Console and Information Server are configured with the items
you selected in the BindView RMS Console Configuration
Wizard.


4 Installing bv-Control for Unix Agent
In This Chapter
Introduction ...........................................................................................38
Overview ...............................................................................................38
Installing bv-Control for Unix agent using install.sh on UNIX target machine38
Installing bv-Control for Unix agent manually on different Operating Systems41
AIX........................................................................................................41
HP-UX ...................................................................................................43
Solaris ...................................................................................................45
Red Hat Linux ........................................................................................48
SUSE Linux ............................................................................................49
Installing bv-Control for Unix agent using bv-Config UNIX .........................51
Installing bv-Control for Unix Agent 37

Introduction
Introduction
Overview You must install the bv-Control for Unix agent on the UNIX target machines and
register them with the BindView Information Server for effective query execution.
You can perform the installation of bv-Control for Unix agent either manually by
using the command line options of the different UNIX operating systems or by using
the install.sh script. You can also use the remote installation utility bv-Config
UNIX, to transfer, register, and install the agent software on multiple UNIX target
machines.
In the CD, the bv-Control for Unix agent package is located in the respective
Operating System’s folder. This package information is used for installing the agent
using the install.sh script, bv-Config UNIX utility or by manual installation.
Once you install the UNIX agent on the target machines, you must ensure that the
UNIX targets are registered with the BindView Information Server. For more details
on UNIX target registration refer to Chapter 5.
• • • • • •
Note: You must have root access privileges for the machine on which you want
to install bv-Control for Unix agent. Communication between the NT
machine and the UNIX targets uses TCP port 1236. Review output from
the command: netstat -a to verify that this port is not in use. Also, check
the /etc/services files or the services.byname NIS map, if NIS is being
used, to see if this port is currently assigned to another program.
Prerequisite packages to be available on UNIX target machine for

installing bv-Control for Unix agent
You must install the requisite packages of the respective operating systems on the
UNIX target machine, before installing the bv-Control for Unix agent.
Operating Red Hat SUSE Sun HP-UX AIX

System Solaris
Packages glibc-* glibc-* SUNWcsl OS-Core.CORE-SHLIBS bos.rte.bind_cm
compat- compat- SUNWlibms ds,
libstdc++-* libstdc++-* SUNWcslx bos.rte.libc,
where * denotes where * bos.rte.security
the version of the denotes the
package version of the
package
Installing bv- You can install the bv-Control for Unix agent on the UNIX target machines by
Control for Unix executing the install.sh script located in the InstallSet/bv-Control for Unix/
agent using directory of the mounted CD-ROM drive. This section details on the procedure to
install.sh on UNIX install bv-Control for Unix agent on different operating systems using the install.sh
target machine script.
You can install the bv-Control for Unix agent on any desired location other than the
default location (/BindView/bvcontrol/) in the UNIX target machine.
Introduction
• • • • • •
Note: You must ensure that you remove any previous version of the bv-Control
for Unix agent (e.g., v8.00) installed on any location of the UNIX target
machine, before installing the latest version (e.g., v8.10) of the product.
To execute install.sh script for installing bv-Control for Unix agent on

target machines of various operating system (OS)
1 Create a directory on the UNIX target machine on which the "the bv-Control for
Unix agent" is to be installed. (For example, /tmp/bvinstall).
2 Mount the CD into the CD-ROM drive using the appropriate command of the
respective operating system. For example, for Red Hat Linux, the CD mount
command is mount /dev/cdrom
3 Browse to the InstallSet/bv-Control for Unix/ directory and copy the
following files to the directory created (i.e. /tmp/bvinstall) in your local drive:
• install.sh
• Build of the specific operating system such as AIX, HP-UX, Sun Solaris,Red
Hat,or SUSE located inside the respective OS folders (i.e.,InstallSet/bv-Control
for Unix /<Operating System>/bv-Control.8.10.<build number> directory).
The format of the the bv-Control for Unix agent build packages for the different
OS are as follows:
• AIX: bv-Control.8.10.<build number>
• HP-UX:bv-Control.8.10.<build number>.tgz
• Red Hat:bvControl-8.10-<build number>.i386.rpm
• SUSE: bvControl-8.10-<build number>.i386.rpm
• Sun Solaris: bv-Control.8.10.<build number>
4 Navigate to the newly created directory in your local drive where you have
copied the "install.sh" and the specific OS build packages (i.e/tmp/bvinstall).
5 Type the following command in the command prompt to provide execution
permission for the install.sh.
chmod ug+x install.sh
6 Run the "install.sh" with the following command to install the bv-Control for
Unix agent on the target machines:
./install.sh -i [-u<User Name> -g <Group Name> ] [ -m <location
of the package> ] [ -l <Custom Logs Directory> ] [<package
name>]
and press ENTER.
where:
-i: install the bv-Control for Unix agent. This argument is not mandatory for the
installation.
You must specify a non-root user account to install the bv-Control for Unix agent
using the below mentioned arguments. Similarly, a group for the user must also be
specified.

Introduction
-u <User Name>: User account in whose context the bv-Control for Unix agent is
to be installed. You must ensure that the user specified already exists in the
machine.This argument is mandatory for product installation.
-g <Group Name>: Group in whose context the bv-Control for Unix agent is to be
installed. You must ensure that the group specified already exists in the
machine.This argument is mandatory for product installation.
• • • • • •
Note: You must specify the user (-u) and the group (-g) together during
installation of the bv-Control for Unix agent.
-m <location of the package>: Specify a location for the package other than the
default location (i.e./usr/local). This argument is not mandatory for product
installation.
• • • • • •
Note: Note: The -m option can be used only when you want to install the bv-
Control for Unix agent on any location (custom directory) other than the
default location (i.e. /usr/local or /opt/). For such installations, you must
ensure that you provide the appropriate permission (not less than 755) for
the specified directory. After installation, the created directory is as /
<custom_directory>/BindView/bvcontrol/.
-l <custom logs directory>: Specify the directory path where the installation and
functional logs are to be created while executing the product. For example, if you
specify a directory /tmp/bvinstall/logs, then you must ensure that tmp/bvinstall
(parent directory) exists under which the directory logs is created. This argument is
not mandatory for product installation.
<package name>: Specify the name of the package to be installed for the OS.
The package name comprises the product name followed by the build number and is
located in the specific OS folder (i.e., InstallSet/bv-Control for Unix/<OS> directory).
For example, bv-Control.8.10.<build number> for AIX.
An appropriate message is displayed after the successful installation of the the
bv-Control for Unix agent package on the respective OS target machine.
the bv-Control for Unix agent is installed in the following directories for the
different operating systems:
For AIX and RedHat : /usr/local/BindView/bvcontrol/
For HP-UX, SunOS, and SUSE : /opt/BindView/bvcontrol/

Installing bv-Control for Unix agent manually on different Operating Systems
Installing bv-Control for Unix agent manually on different Operating

Systems
BindView recommends that you install the bv-Control for Unix agent using
install.sh. You can also install the UNIX package manually on the AIX machine
either from the CD-ROM or from the local drive by performing the following steps.
AIX Complete the following steps to install the UNIX package on your IBM AIX target
machine.
• • • • • •
Caution: If you install bv-Control for Unix agent using the manual commands on
AIX, then you cannot install the agent for any non-root user. The bv-
Control for Unix agent can be installed only for the root user and hence
the queries will also execute in the root context.
! To install the UNIX package on the IBM AIX target machine from a
local drive
1 Create a directory on the AIX UNIX machine
Example: /tmp/bvinstall.
2 Copy /bv-Control for Unix/AIX/bv-Control.8.10.<build number> from
the CD into the newly created directory on the AIX machine.
• • • • • •
Note: The build number consists of the last three digits of the file name.
3 Change to the newly created directory.

4 Type the following command to install the package on the AIX machine:
installp -acNQqwX -d bv-Control.8.10.<build number>
bvControl.rte
and press Enter.
! To install the UNIX package on an AIX machine from the CD-ROM

1 Type the following commands to mount the CD-ROM drive:
mount -v cdrfs -r /dev/cd0 /mnt
and press Enter.
2 Type the following command to install the package:
installp -acNQqwX -d /mnt/bv-Control for Unix/AIX/bv-
Control.8.10.<build Number> bvControl.rte
and press Enter.
3 Type the following command to unmount the CD-ROM drive:
umount /mnt
and press Enter.

Once you install the package, the following prompt will appear:
+------------------------------------------------------------
--+
Pre-installation Verification...
+------------------------------------------------------------
-+
Verifying selections...done
Verifying requisites...done
Results...
SUCCESSES
---------
Filesets listed in this section passed pre-installation
verification and will be installed.
Selected Filesets
-----------------
bvControl.rte 8.10.0.0 # bv-Control for Unix is a com...
<< End of Success Section >>
FILESET STATISTICS
------------------
1 Selected to be installed, of which:
1 Passed pre-installation verification
----
1 Total to be installed
+------------------------------------------------------------
-+
Installing Software...
+------------------------------------------------------------
-+
installp: APPLYING software for:
bvControl.rte 8.10.0.0
. . . . . . . << Copyright notice for bvControl >> . . . . . .
bvControl for UNIX
Copyright (c) 2004 BindView Inc.
All Rights Reserved
This product is protected by copyright and distributed under
licenses restricting copying, distribution and decompilation.
. . . . << End of copyright notice for bvControl >>. . .

Setting up bv-Control for Unix to run daemon

##################################################
You have successfully installed bv-Control for Unix.
To complete the installation you must run.
/usr/local/BindView/bvcontrol/setup.sh
##################################################
Finished processing all filesets. (Total time: 10 secs).
+-----------------------------------------------------------+
Summaries:
+-----------------------------------------------------------+
Installation Summary
--------------------
Name Level Part Event Result
+-----------------------------------------------------------+
bvControl.rte 8.10.0.0 USR APPLY SUCCESS
#
• • • • • •
Note: You have installed the UNIX package on your UNIX target machine. You
must now run the setup shell to register the UNIX target with the
BindView Information Server. Refer to Running the setup.sh Script
section in Chapter 5 for more details.
HP-UX BindView recommends that you install bv-Control for Unix agent using install.sh.
You can also install the UNIX package manually on the HP-UX machine either from
the CD-ROM or from the local drive by performing the following steps.
• • • • • •
! To install the UNIX package on an HP-UX target machine from the

local drive
1 Create a directory on the HP-UX machine (for example: /tmp/bvinstall).
2 Copy /bv-Control for Unix/HP-UX/bv-Control.8.00.<build number>.tgz
from the CD into the newly created directory on the HP-UX machine.
3 Change directory to the newly created directory then uncompress and untar the
bvControl.tgz file on the HP-UX machine:
cd /tmp/bvinstall

gzip -d bv-Control.8.10.<build number>.tgz

tar xf bv-Control.8.10.<build number>.tar
swinstall -s /tmp/bvinstall bvControl
and press Enter.
! To install the UNIX package on an HP-UX target machine from the CD-
ROM
pfs_mountd & and press Enter.
pfsd & and press Enter.
pfs_mount [cd-rom device] /mnt and press Enter.
swinstall -s /mnt/bv-Control for Unix/HP-UX bvControl
and press Enter.
pfs_unmount /mnt and press Enter.
Once you install the package, the following prompt will appear:
# swinstall -s /mnt/bv-Control for Unix/HP-UX bvControl
======= 04/03/04 17:12:06 GMT BEGIN swinstall SESSION
(non-interactive) (jobid=hp-pune-0665)
* Session started for user "root@hp-pune".
* Beginning Selection
* Target connection succeeded for "hp-pune:/".
* "hp-pune:/mnt/bv-Control for Unix/HP-UX": Cannot open
the
logfile on this target or source. Possibly the media is
read-only or there is a permission problem. Check the
daemon
logfile and "/var/tmp/swagent.log" on this host for more
information.
* Source:/mnt/bv-Control for Unix/HP-UX
* Targets: hp-pune:/
* Software selections:
bvControl.bvControl,r=8.10,a=S700/S800_HPUX_10/
11,v=BindView
* Selection succeeded.
* Beginning Analysis and Execution

* Session selections have been saved in the file

"/home/.sw/sessions/swinstall.last".
* The analysis phase succeeded for "hp-pune:/".
* The execution phase succeeded for "hp-pune:/".
* Analysis and Execution succeeded.
*Note: More information may be found in the agent logfile
using the command "swjob -a log hp-pune-0665 @ hp-pune:/".
=== 04/03/04 17:12:35 GMT END swinstall SESSION
(noninteractive)
(jobid=hp-pune-0665)
• • • • • •
section for more details.
Solaris BindView recommends that you install bv-Control for Unix agent using install.sh.
You can also install the UNIX package manually on the Solaris machine either from
the CD-ROM or from the local drive by performing the following steps.
• • • • • •
To install the UNIX package on a Sun Solaris target machine in a directory other
than the /opt directory, refer to section To install UNIX agent at a different location
on the Sun Solaris.
! To install the UNIX package on a Sun Solaris target machine from the
local drive
1 Create a directory on the SunOS machine (for example: /tmp/bvinstall).
2 Copy /bv-Control for Unix/SunOS/bv-Control.8.00.<build number>
from the CD-ROM onto a SunOS machine.
pkgadd -d bv-Control.8.10.<build number>
and press Enter.
5 At the command line, type 1 and press Enter.
The following prompts appear:

Processing package instance <bvControl> from </cdrom/

bvcntrl_unix/bv-Control for Unix/SunOS/bv-
Control.8.10.210>
bv-Control for Unix
(sparc) 8.10
All Rights Reserved
This product is protected by copyright and distributed
under licenses restricting copying, distribution and
decompilation.
Using </opt> as the package base directory.
## Processing package information.
## Processing system information.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.
This package contains scripts that will be executed with
superuser permission during the process of installing this
package.
Do you want to continue with the installation of
<bvControl> [y,n,?]
6 At the command line, type y.
Installing bv-Control for Unix agent as <bvControl>
A series of prompts appears, ending with:
You have successfully installed bv-Control for Unix agent. To complete the
installation you must run /opt/BindView/bvcontrol/setup.sh.
! To install the UNIX package on a Sun Solaris target machine from the
CD-ROM drive
1 Type the following command to install the software package:
pkgadd -d /cdrom/cdrom0/bv-Control for Unix /SunOS/bv-
Control.8.10.<build number>
and press Enter.
The following packages are available:
1 bv-Control for Unix
(sparc) 8.10
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: 1
2 At the command line, type 1 and press Enter.

Processing package instance <bvControl> from </cdrom/

bvcntrl_unix/bv-Control for Unix /SunOS/bv-
Control.8.10.210>
bv-Control for Unix
All Rights Reserved
This product is protected by copyright and distributed
under
licenses restricting copying, distribution and
decompilation.
Using </opt> as the package base directory.
## Processing package information.
## Processing system information.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.
This package contains scripts that will be executed with
superuser
permission during the process of installing this package.
Do you want to continue with the installation of
<bvControl>
[y,n,?]
At the command line, type y.
Installing bv-Control for Unix agent as <bvControl>
A series of prompts appears, ending with:
You have successfully installed bv-Control for Unix agent.
To complete the installation you must run
/opt/BindView/bvcontrol/setup.sh
• • • • • •
section for more details
! To install UNIX agent at a different location on the Sun Solaris

1 The bv-Control for Unix agent is installed in the /opt directory by default. In
order to install UNIX agent at a different location, you need to follow these
steps:
2 Create a text file on the system (preferably at the same location where the
install package is present).

3 Specify the directory name (where you install the UNIX agent) in the text file.
You need to specify the directory in the following format:
basedir= “/<Directory Name>”
4 Run the following command to install the package:
pkgadd -a <Text file name> -d <Path of the executable>
5 Use the following command to create a symbolic link in the /opt directory:
ln. -s. <Directory Name>/BindView BindView
Red Hat Linux BindView recommends that you install bv-Control for Unix agent using install.sh.
You can also install the UNIX package manually on the Red Hat Linux machine
either from the CD-ROM or from the local drive by performing the following steps.
• • • • • •
! To install on a Red Hat Linux target machine from the local drive
1 Create a temporary directory on the Red Hat Linux machine.
Example: /tmp/bvinstall
2 Copy /bv-Control for Unix/Linux/RedHat/bvControl-8.00-<build
number>.i386.rpm on a Red Hat Linux machine.
rpm -i bvControl-8.10-<build number>-i386.rpm
and press Enter.
Once you have installed the package, the following prompt will appear:
##################################################
You have successfully installed bv-Control for Unix agent.
##################################################
! To install on a Red Hat Linux target machine from the CD-ROM drive
1 Type the following command to mount the CD-ROM drive:
mount /dev/cdrom
and press Enter.
rpm -i /mnt/cdrom/bv-Control for Unix/Linux/RedHat/
bvControl-8.10-<build number>-i386.rpm

and press Enter.

umount /mnt/cdrom
and press Enter.
• • • • • •
SUSE Linux BindView recommends that you install bv-Control for Unix agent using install.sh.
You can also install the UNIX package manually on the SUSE Linux machine either
from the CD-ROM or from the local drive by performing the following steps.
! To install on a SUSE Linux target machine from the local drive

1 Create a temporary directory on the SUSE Linux machine.
Example: /tmp/bvinstall
2 Copy /bv-Control for Unix/Linux/SUSE/bvControl-8.00-<build
number>.i386.rpm on a SUSE Linux machine.
rpm -i bvControl-8.10-<build number>-i386.rpm
and press Enter.
! To install on a SUSE Linux target machine from the CDROM

mount /dev/cdrom
and press Enter.
rpm -i /media/cdrom/bv-Control for Unix/Linux/SUSE/
bvControl-8.10-<build number>.i386.rpm
and press Enter.
3 3 Type the following command to unmount the CD-ROM drive:
umount /media/cdrom/
and press Enter.
Once you have installed the package, the following prompt will appear:
# rpm -i /media/cdrom/bv-Control for Unix/Linux/SUSE/
bvControl-
8.10-<build number>.i386.rpm


###############################################
You have successfully installed bv-Control for Unix.
###############################################
###
• • • • • •

Installing bv-Control for Unix agent using bv-Config UNIX

The bv-Config UNIX utility facilitates you to configure the communication means to
connect the BindView Information Server and the UNIX target machines. The utility
also enables you to automate the installation of bv-Control for Unix agent on
multiple target machines.
You can configure parameters for setting the communication channel between the
BindView Information Server and the UNIX target machine, and the messages to be
displayed on the UNIX target machine when a BindView Information Server is
registered with the target machine.
Communication with the UNIX target machines are done using third party
applications such as PLINK.exe, and pscp.exe. These utilities are used to login to the
UNIX target machines and perform various tasks such as install application on the
UNIX target machine, register the UNIX target and so on.
A Character Separated Value (CSV) delimited file format is used to store the data
required for executing various tasks on the UNIX target machines. You can export or
import the list of configuration parameters from a CSV file. Sensitive information,
such as passwords, will be encrypted when you enter a pass phrase.
Complete the following steps to install the UNIX package on one or more UNIX
target machines. You can install the package from either the CD-ROM or from the
local drive.
• • • • • •
All target machines must have openSSH installed and running.
! To access bv-Config UNIX

1 From the workstation where you installed the BindView RMS Console and bv-
Control for Oracle, double-click bv-Control for Oracle on the Console tree.

2 Double-click bvConfig UNIX on the Details pane. The bv-Config UNIX panel
appears
Fig. 11 bv-Config UNIX panel
On the left-hand side pane is a tree-view. On the right-hand side pane is a columnar
list-view displaying the Configuration and the Project Files under the Name and
Description coulmns.
! To install bv-Control for Unix agent on the UNIX targets

1 Insert the bv-Control for Unix agent Installation CD into the CD-ROM. You can
access the installation folders for the various types of UNIX operating systems
from the CD or copy the folder bv-Control for Unix agent to a local drive.
2 On the bv-Config UNIX console, double-click the Configuration node on the
left-hand side tree view. The Agent Install Set Configuration node appears
on the right-hand side of the console for configuring the agent’s Install Set.

3 Click the Agent Install Set Configuration node. A Summary of the agent’s
install set such as the release major number, build number, SSH port number,
time-out period and so on are displayed in the lower pane.
4 Double-click the Agent Install Set Configuration node.The Agent Install
Set Configuration dialog appears.
The Agent Install Set Configuration dialog appears.
5 Enter the desired values.

Default Project Location (Project Information): It is the location where the
CSV files are stored.
Package Location (Agent Package Location): bv-Config UNIX copies or
transfers appropriate installation files based on the operating system of the
target machine. Package Location parameter must direct to the folder
containing bv-Control for Unix agent installation files for various flavors of
the UNIX operating system. Installation files are stored in the bv-Control for
Unix agent folder on the bv-Control for Oracle CD-ROM.

Agent Version: The version of the agent to be installed must be specified for
the respective fields.
• Major Number: Specify the major number of the package to be installed on
the UNIX target machine. For example, if bvControl-8.10-201.i386.rpm is
the .rpm package for Red Hat UNIX target, then the major number is 8.
• Minor Number: Specify the minor number of the package to be installed on
the UNIX target machine. For example, if bvControl-8.10-201.i386.rpm is
the .rpm package for Red Hat UNIX target, then the minor number is 10.
• Build Number: Specify the version or build number of the installing
package on the UNIX target machine. For example, if bvControl-8.10-
201.i386.rpm is the .rpm package for Red Hat UNIX target, then the build
number is 201.
Project Execution Options
The connection details of the bv-Config UNIX must be specified for the
respective fields.
• Timeout (seconds): bv-Config UNIX terminates the operation if the target
machine does not respond in this specified time interval. Timeout is specified
in seconds.
• Thread Count: Number of threads that are active simultaneously. Value of
this parameter should be between one and five.
• SSH Port: Port used for Secure Shell communication during any operation.
6 When all values have been entered, click OK.
All values entered through the Agent Install Set Configuration dialog are
stored in a file.
! To add machine information for UNIX target machines

1 In bv-Config UNIX, create a new project file (.csv) using File>New menu. The
new file is enumerated under the Project Files node in the bv-Config UNIX
console.
2 Launch the Task Creation Wizard by the button.

The bv-Config UNIX Task Creation Wizard Welcome Panel appears.
Fig. 12 Welcome to the Tasks Wizard Panel
3 Click Next.
The Specify the Target Name or IP Address panel appears.
Fig. 13 Specify the Target Name or IP Address panel
4 Specify the Target Name or IP Address in the text box, as per the format
specified below:
<Machine Name>
Or
For IP Address - For example: <125.235.123.234>
• • • • • •
Note: You can also enter the multiple Target Name or IP Address in the text box,
as per the format specified below: For example: <Computer Name 1>,

<Computer Name 2>, <Computer Name 3> or <IP Address 1>, <IP
Address 2>, <IP Address 3> or <IP Address 1>, <Computer Name 2>
5 Click Next.
The Specify the Remote Operation panel appears.
Fig. 14 Specify Remote Operation panel
Select one or more operations to be performed on the target machine:

• Uninstall Agent - Select this check box to remove the agent from the
target machine.
• Install Agent - Select this check box to install the agent on the target
machine.
• Register Agent - Select this check box to register the target machine with
the Information Server.
• Unregistered Agent - Select this check box to unregister the target
machine with the Information Server.
• Configure Agent - Select this check box to configure the UNIX target. The
UNIX target can be configured only after registering it with the BindView
Information Server. If you select this option, then you need to specify details
in the Configuration Parameters panel in Step 9
6 Click Next.

The Connection Parameters panel appears.
Fig. 15 Connection Parameters panel
7 Enter the required Authetication Parameters.

Authentication Type - Select the method and protocol of communication
between bv-Config UNIX and the target machine from the drop down list. The
supported authentication mechanism are SSH Password Authentication or SSH
RSA/DSA Key Authentication.
• If you select SSH Password Authentication as the authentication type
then you need to specify the following.
SSH Protocol Version - Select the type of SSH Protocol version for which the
private key was generated. You can select SSH1 or SSH2 protocol version,
which are the two type of keys provided by SSH.
• SSH1 - The SSH1 protocol only supports RSA keys.
• SSH2 - The SSH2 protocol supports more than one key type. The two types
supported by PuTTY are RSA and DSA.
Root Credentials - If you want to connect to the UNIX target machine on
"root" account, then you must specify the root credentials.
• Password - Enter the password of the root account.
• Confirm Password - Enter the same password (of root account ) to
confirm.
Non-root Credentials - If you want to connect to the UNIX target machine as
a non-root (native) user, then you must specify the native credentials. You must
ensure that the native user have the root privileges.
• Login - Login name of the non-root user of the UNIX target machine
• Password - Enter the password for the user specified in Login Name on the
UNIX target. This is used to establish a login session
• Confirm Password - Confirmation of the password to authenticate the
UNIX target machine
• If you select SSH RSA/DSA Key Authentication as the authentication
type then you need to specify the SSH Protocol version and the Pass-phrase.

SSH Protocol Version - Select the type of SSH Protocol version for which the
private key was generated. You can select SSH1 or SSH2 protocol version,
which are the two type of keys provided by SSH
• SSH1 - The SSH1 protocol only supports RSA keys.
• SSH2 - The SSH2 protocol supports more than one key type. The two types
supported by PuTTY are RSA and DSA.
Private Key - If you select the type of authentication as SSH RSA/DSA Key
Authentication, then you can use the field Private Key to specify the file
containing private key information.
• Login Name - Login name to be used on the target machine. It should have
the root level privileges.
• Pass-phrase - Enter the password for the user specified in Login Name on
the target host. This will be used to establish a login session.
• Confirm Pass-phrase - Confirmation of the password to authenticate the
target machine.
8 Click Next.
The Installation Parameters panel appears.
Fig. 16 Installation Parameters panel
Agent Installation Context -The user and group contexts for which bv-
Control for Unix agent is installed.
• User Owner - Specify the user in whose context bv-Control for Unix agent
is to be installed on the target machine.
• Group Owner - Specify the group to which the specified user for installing
bv-Control for Unix agent on the target machine.
Installation Directory - Specify the directory where bv-Control for Unix
agent is installed. You can type the desired directory or choose the default
location (e.g., /opt or usr/local) from the list box.
Logs directory - Specify the directory for storing the logs of bv-Control for
Unix agent. For example, if you specify /tmp/bvinstall/logs as the directory then
you must ensure that /tmp/bvinstall (parent directory) exists under which the
directory logs is created.

9 Click Next. The Configuration Parameters panel appears only if you have
checked the Configure Agent check box in the Specify Remote Operation
panel of the wizard in Step 5. Else the Registration/Unregistration Parameters
panel appears.
The Configuration Parameters panel appears.
Fig. 17 Configuration Parameters panel
Agent Execution User Context - The user in whose context the agent is to
be executed.
Agent Run Mode - The mode in which the agent is to be executed. You can
choose any one of the following mode of execution for the agent:
• xinetd: It is used to set the mode of the agent as xinetd service.
• inetd: It is used to set the mode of the agent as inetd service.
• standalone: It is used to set the mode of the agent as stand-alone daemon
Debug Level on target - The debug level can be set on the UNIX target by
specifying the value in the corresponding field. The agent's debug level value
must be within 0 and 255. The default debug level value is 7.
Logs directory - The path of the logs directory can be set for this field. The
default directory path for Red Hat and operating system UNIX target machine is
/usr/local/ while that for HP-UX, Suse Linux, and Sun Solaris operating system
UNIX target machines are /opt/.
Agent Context: Here, you can specify the user and the group for which you
want bv-Control for Unix agent to be permission stamped. Queries execute in
the context of the user/group which is permission stamped.
• User Owner: Specify the user name, which is to be stamped with bv-
Control for Unix agent permission.
• Group Owner: Specify the group name, which is to be stamped with bv-
Control for Unix agent permission.
10 Click Next.

The Registration/Unregistration Parameters panel appears.
Fig. 18 Registration/Unregistration panel
11 Enter Registration/Unregistration parameters.

Product - Specify bv-Control for Unix in the this field.
Information Servers - Enter the name of the BindView Information Server or
Serevrs with which the UNIX target machine is to be registered. You can add
multiple BindView Information Server names separated by comma.
Message - Enter a message, which can be used to identify the registered UNIX
target machine.
You can check the Use Resource Name/Password option if you want to
register the UNIX target machine using the Resource Name and Password and
perform the following:
• Resource Name: Specify the Resource Name of the UNIX target machine.
• Resource Password: Specify the Resource Password .
• Confirm Password: Confirm the Resource Password.
12 Click Next.

The Task Creation Summary panel appears. This panel displays all the
configuration details specified for creating the task.
Fig. 19 Tasks Creation Summary
13 Click Next.
The Completing Tasks Wizard appears.
Fig. 20 Completing Tasks Wizard
14 Click Finish.
15 From the Tools menu, click Set Pass-phrase.
The Set Pass-phrase dialog appears.
Fig. 21 Set Pass-phrase Dialog

The CSV file contains important machine information along with the user and
resource passwords. Set Pass-phrase is used as a key to encrypt the username and
resource passwords stored in the CSV file.
Once you enter a pass-phrase it remains valid throughout the entire session. bv-
Config UNIX associates this pass-phrase with all the CSV files created during this
session.
16 Use one of these methods to save the information in a CSV file:
• Click File>Save, then enter a file name and location where you wish to save
the file.
• Click the Save button, then enter a file name and location where you wish
to save the file.
! To start the installation tasks

1 Launch bv-Config UNIX.
2 Open the CSV file containing the installation tasks that you wish to start.
3 Use any one of these methods to start the installation:
• Select Project Files from the tree-view, right-click on it and select Start
Execution, (OR)
• From the toolbar, select the Start Execution button.
! To stop the installation tasks in progress

If for some reason you need to stop the execution of the installation tasks, use this
procedure:
2 Open the CSV file containing the installation tasks that you wish to stop.
3 Use any one of these methods to stop the execution:
• Select Project Files in the tree-view, right-click on it and select Stop
Execution, (OR)
• From the toolbar, select the Stop Execution button.

All tasks will be aborted for each machine listed in the CSV file.
! To edit task information

2 On the right-hand side pane, select the record you wish to edit.
3 Right-click on the record and select Edit, or from the toolbar, click the Modify
Task button.
4 Enter the required information, then click OK.
5 To save the changed file, select File>Save. The Save As dialog opens.
6 Enter a new name or select the file name from the list, then click Save.

! To delete a task
2 On the right-hand side pane, select the record you wish to delete. Use one of
these methods to delete the record:
• Right-click on the record and select Delete.
• From the toolbar, click the Delete button.

3 To save the changed file, select File>Save. The Save As dialog opens. Enter a
new name or select the file name from the list, and click Save.


5 Registering and Configuring the UNIX
Targets
In This Chapter
Registering UNIX Targets with BindView Information Server ............................66

Overview .....................................................................................................66
Registering with BindView Information Server using Resource Name/Password .66
Registering with BindView Information Server without using Resource Name/
Password .....................................................................................................67
Running the setup.sh Script ..........................................................................67
To start the UNIX agent on a specified IP Address ..........................................67
To configure BindView Information Server to accept information from a specified IP
Address .......................................................................................................69
Un-registering UNIX Target from BindView Information Server.........................71
Registering and Configuring the UNIX Targets 65

Registering UNIX Targets with BindView Information Server
Overview All UNIX target machines need to be registered with the BindView Information
Server before being queried. The registration process of the UNIX target machine
includes setting the authentication mode of the UNIX target, which is later used to
add credentials of the UNIX target machine to the credential database. The UNIX
target machine credential is added using the bv-Control for Oracle Configuration
Wizard.
The UNIX target machine can be registered in any of the following manner:
• using Resource name/Password
• without using Resource name/Password
Registering with The following steps are to be performed for registering a UNIX target with a
BindView BindView Information Server:
Information Server
1 Navigate to the directory where the bv-Control for Unix agent is installed on the
using Resource
UNIX target machine. For example, in AIX the bv-Control for Unix agent
Name/Password
installation directory is /usr/local/BindView/bvcontrol/.
2 Execute the following command to register the UNIX target machine with the
BindView Information Server:
./setup.sh -a [BindView Information Server Name]
[Description] [Resource Name] [Resource Password][-s
<Snap-in Name>]
• • • • • •
Note: If -s option is not specified then:
• for one snap-in installed on the BindView Information Server, the UNIX agent is
registered with the BindView Information Server.
• for more than one snap-ins installed on the BindView Information Server, the
registration process displays a list of snap-ins to be registered with the BindView
Information Server from which you can select a snap-in and register.
If you have registered using the Resource Name/Password, then you must ensure
that you use the same Resource Name/Password (Resource Credentials) or use
the Native Credentials for configuring the UNIX target machine. On configuring
the UNIX target machine using the Resource Credentials, queries are executed in
the agent context on the machine and on configuring the target machine using the
Native Credentials, queries are executed in the context of the native operating
system user on the machine.

Registering with The following steps are to be performed for registering a UNIX target with a
BindView BindView Information Server:
Information Server
without using
Resource Name/
Password
2 Execute the following command to register the UNIX target machine with the
./setup.sh -c [BindView Information Server Name]
[Description][-s <Snap-in Name>]
• • • • • •
Note: Note: If -s option is not specified then:
• for more than one snap-ins installed on the BindView Information Server, the
registration process displays a list of snap-ins to be registered with the BindView
Information Server from which you can select a snap-in and register.
If you have registered the UNIX target machine without using Resource Name/
Password, then you can use the Native Credentials for configuring. Queries are
executed in the context of the native operating system user, on the UNIX target
machine.
Running the The setup shell (setup.sh) script can be used to register the UNIX agent with the
setup.sh Script BindView Information Server. The UNIX agent can be configured to communicate
with the BindView Information Server using a default interface or a specific IP
address.
UNIX target machines can have multiple Network Interface Cards (NICs) and
depending upon the need you can run the daemon on any one of them. By default,
the UNIX daemons listen to all installed NICs and hence there can be situation
where the BindView Information Server get the wrong IP address from a UNIX
target for communication.This can result in the loss of communication between the
UNIX target machine and the BindView Information Server.
• • • • • •
Note: You must ensure that your firewall does not block the UNIX target
registration process. If it blocks then, you can add the port 1236 as
Exception in the Wndows Firewall dialog of the Windows machine to
allow registration of UNIX targets.
To start the UNIX agent If a UNIX target machine has multiple network interfaces installed and is configured
on a specified IP for different sub-networks, then the UNIX agent can be configured to communicate
Address using the IP address of a particular network interface.

! To start the agent on the specified IP address

UNIX target machine. For example, in AIX, by default, the bv-Control for Unix
agent installation directory is /usr/local/BindView/bvcontrol/.
2 Execute the following command to initiate the UNIX daemon to communicate
with the BindView Information server using a specific IP address:
./setup.sh -ip <IP address>
where, <IP address> is the modified IP address of the UNIX target machine.
All the registered BindView Information Servers are notified with the modified
IP address.
! To start the agent on the default IP address

2 Execute the following command to reset the UNIX target to the default IP
address for communicating with the BindView Information Server by executing
the following command:
./setup.sh -ip reset
The existing entries of UNIX target machines' IP addresses are removed from
the bv.conf file.
To notify all BindView Any modification in the entry of the IP address of the UNIX target machine in the
Information Servers bv.conf file is notified to the BindView Information Servers. Therefore, irrespective of
about UNIX target IP the routing configuration, the correct IP address is always communicated to the
address information BindView Information Server. This enhances the stability of communication between
the UNIX target machine and the BindView Information Server.
! To notify BindView Information Servers about UNIX target IP Address

2 Execute the following command to notify all the BindView Information Servers
with the modified IP addresses of the UNIX target machine:
./setup.sh -n
To retrieve Snap-ins To retrieve the list of snap-ins installed on the specific BindView Information Server
installed on the
BindView Information 1 Navigate to the directory where the bv-Control for Unix agent is installed on the
Server UNIX target machine. For example, in AIX the bv-Control for Unix agent
2 Execute the following command to retrieve the list of snap-ins installed on the
./setup.sh -s [BindView Information Server Name]
For example, if the snap-ins installed on a BindView Information Server are bv-
Control for Unix and bv-Control for Oracle, then on executing the command the
result displayed is as follows:

./setup.sh s <Information Server Name/IP address>

<Records>Successfully retrieved SnapinList from the BVIS</
Records>
1: UNX
2: ORCL
To configure BindView The BindView Information Server is registered with the UNIX target machine using
Information Server to the setup.sh script. In the UNIX target machine execute the setup.sh script located
accept information in the <installation directory>/BindView/bvcontrol/ directory.
from a specified IP
Address 1 At the command line type one of the following commands:
• For HP-UX, Solaris and SUSE
and press Enter.
• For AIX and Red Hat Linux
and press Enter.
Select <-A,-C>Add <-D>elete or <N>otify configuration data
or <Q>uit to exit.
- A : Register agent to use resource name and password for
querying.
- C : Register agent to use native Unix credentials for
querying.
Enter your choice:
2 Type -A or -C to add a UNIX target to the BindView Information Server
configuration and press Enter. You can specify -A if you want to add
ResourceName/Password during registration and specify -C if you do not want
to specify Resource Name /Password during registration.
bv-Control for Unix agent needs to exchange keys and
configuration data with the bv-IS.
IP address or system name can't be empty.
Enter the system name (or IP Address) of the BindView
Information Server:
3 Type the system name or IP address of the BindView Information Server and
press Enter. The following prompt appears:
Please enter a message to help identify this machine:
4 Enter a description to identify the machine and press Enter. The following
prompts appear:
bv-Control for Unix agent needs to setup authentication via
passwords. You will need to add the Resource Name and
password for this machine. After you enter this
information, you will need to configure a credential
database in the BindView RMS Console with this information.

***Please do not use a User Name and passwd in the /etc/

passwd file***
Resource Name:
5 Type a Resource Name for the machine and press Enter. This is used to
authenticate the machine. You will need this information when you create the
credentials database.
6 Type a Password of at least eight alphanumeric characters (special characters
are not allowed) and press Enter.
7 Re-type the password to verify it and press Enter. The following prompts
appear:
<Records>Successfully retrieved SnapinList from the BVIS</
Records>
Contacting Information Server <server name>, Please
wait...
<Records><Cert>Success</Cert><Key>Success</Key></Records>

Un-registering UNIX Target from BindView Information Server

To un-register the UNIX agent from the BindView Information Server
2 Execute the following command to un-register the UNIX target machine with
the BindView Information Server:
./setup.sh -d [BindView Information Server Name] [-s <Snap-in Name>]
• • • • • •
Note: If -s option is not specified then:
unregistered, automatically.
• if more than one snap-in is installed on the BindView Information Server, the un-
registration process displays the list of snap-ins registered with the BindView
Information Server from which you can select a snap-in for un-registering.


6 Configuring and Adding Credentials in
bv-Control for Oracle
In This Chapter
Configuring bv-Control for Oracle...................................................................74

Adding Credential Databases .........................................................................78
6: Configuring and Adding Credentials in bv-Control for Oracle 73

Configuring bv-Control for Oracle
Configuring the Before you begin to use bv-Control for Oracle, you must configure the product. The
Product bv-Control for Oracle configuration wizard helps you to configure the servers and
databases.
When you select the BindView RMS>bv-Control for Oracle node, the Configuration
Wizard and the bv-Config UNIX icons appear.
The Configuration Wizard can be used to configure the Oracle servers and databases
in your organization.
Requirements for If you have Oracle databases on a UNIX/Linux environment, you need to install the
UNIX/Linux UNIX agent on the targets. For this, you can use the bv-Config UNIX utility for which
Environment you need SSH (version 1 or 2) running on the UNIX/Linux machine. If you do not
have SSH you must install the UNIX agent manually. For more information, refer to
the section Installing bv-Control for UNIX agent manually on different Operating
Systems in the chapter Installing bv-Control for UNIX Agent.
bv-Config™ UNIX® is a Windows® based utility that automates the tasks involved
in deploying UNIX agents on the target machines that support various flavors of
UNIX operating systems such as IBM®AIX®, Sun™ Solaris™, Red Hat® Linux®,
SUSE® Linux and HP-UX®. This utility makes use of a multi-threaded architecture
capable of performing multiple operations simultaneously. Please refer to the bv-
Config UNIX Help for more details.
• • • • • •
Warning: You must run the bv-Config Unix utility and register the UNIX target
servers if you require reports on your UNIX/Linux environment. You
can then proceed to configure the Unix servers using the bv-Control
for Oracle Configuration wizard. If you configure Unix servers directly
before running bv-Config Unix, the UNIX servers will displayed as
Unknown.
Configuring bv- Use the bv-Control for Oracle Configuration wizard to configure the servers and
Control for Oracle databases.
! To configure bv-Control for Oracle

1 Select bv-Control for Oracle>Configuration and double-click
Configuration Wizard in the details pane.
The bv-Control for Oracle Configuration Welcome panel appears. If you
do not want the Welcome panel to be displayed the next time, select the Do
not show this panel again checkbox.

Fig. 22 bv-Control for Oracle Configuration Welcome Panel
2 Click Next.
The Configure Oracle Servers panel appears.
Fig. 23 Configure Oracle Servers Panel
3 Use the Configure Oracle Servers panel to configure the databases hosted
on the Oracle servers. The servers are displayed in a tree view in the left-hand
pane below All Servers.
4 To view the databases configured for the servers, select the server below All
Servers. The database details are displayed in the right-hand pane.

! To register databases
5 Click Register Database to add a database to a server.
The bv-Control for Oracle Register Database dialog appears.
Fig. 24 Register Database Dialog
You can choose to register databases manually or from the TNSNames.ora

file.
! To Register Database Manually

6 Select the Register Database Manually option.
Specify the Oracle Server Name by either typing or selecting from the list of
servers. Alternatively, you can enter the Database Server IP Address.
Specify the following information.
Database SID - Enter the Oracle System Identifier (SID) of the database.
Port Number - Enter the Port Number of the port on which the listener service
is configured.
Connection Type
Database Default - The default configuration of the database.
Dedicated Server - A server that requires a dedicated server process for each
user process. There is one server process for each client.
Shared Server - Connect by sharing a server process.

! To Register Databases from Configuration File

7 By default, the configuration file (tnsnames.ora) is located at
%ORACLE_HOME%/network/ADMIN. You can also browse and select
this file from another location.
The databases that are found are listed. You can select the databases from this
list. The databases that you select will be registered.
8 Click OK to save the changes.
9 Click Next.
The Configuration Summary panel appears.
Fig. 25 Configuration Summary Panel
The Configuration Summary panel displays information regarding the

settings you have made.
10 You can proceed to configure credentials by selecting the Continue With
Credentials Configuration check box or click Next to Finish the
configuration process.

Adding Credential Databases

Use the Add Credential Databases wizard to add credentials to the BindView
Information Server. You can create a credential database to store the credentials
associated with databases or database servers. The Console uses the credentials
data so that the Information Server can log on to the databases or database servers
during query processing to obtain information and generate reports.
The credentials can be specified at different levels:
Databases - to report on the database-related datasources
• Individual Databases
• All Databases
• • • • • •
Note: Only database authentication is supported. Operating System
authentication is not supported.
Operating System - to report on the operating system settings

• UNIX and Linux - Server and Enterprise-level
• Windows - Server, Domain, and Enterprise-level
! To add credential databases

1 Right-click the BindView RMS Configuration node in the tree view and click
Add Credentials in the shortcut menu.
The Welcome Panel of the Add Credentials Wizard appears.
Fig. 26 Add Credentials Welcome Panel

2 Click Next on the Welcome panel to proceed. If you do not want to see the
Welcome panel when the wizard is launched the next time, select the Do not
show this panel again check box.
The Add Credentials Wizard appears.
Fig. 27 Add Credential Databases Panel
3 Click the arrow in the Database Name box.

A text field appears in the box.
Enter the name of the new credential database.
4 Click Next.
The Create New Database dialog appears.
Fig. 28 Create New Database dialog
5 Type a password and verify it for this database. You can repeat this process to
add more credential databases.
6 Click OK.
7 Click Next on the Add Credentials Wizard.
The Select Credentials panel appears. Use this panel to add credentials for
the resource objects to the credential databases.

Fig. 29 Select Credentials Panel
! To specify credentials for resource objects

8 Select bv-Control for Oracle from the Products list. The Resource Objects
are listed.
9 Select the Credential Database in which you want to store the credentials.
! To specify credentials for configured servers

10 Select the All Configured Servers node. Expand the node so that the servers
and databases are displayed. Select the Credential Database from the list on
the right-hand side.
11 Select the required server or database and click the Add (>>) button.
The Additional Settings - Server Credentials panel appears.
Fig. 30 Additional Settings - Server Credentials Panel

12 Specify the User/Resource name and Password and select the correct
credential type.
UNIX and Linux Resource Credentials - Select this option to use resource
credentials for the selected UNIX target. The resource credentials are those
that are specified while registering the bv-Control for Unix agents on the UNIX
targets.
UNIX and Linux Native Credentials - Select this option only in case of bv-
Control for Unix v8.10 agents. The user specified here has to be a member of
the bvunix group on the UNIX target.
Windows Credentials - Select this option to use the credentials for all
Windows servers.
• • • • • •
Note:
If you select the incorrect Credential Type and when you try to run queries, the
error "Invalid Credential Type" is displayed and the correct credential type is
suggested.
! To specify Operating System Credentials

13 Select the OS Credentials node. Select the Credential Database from the
list. Click the Add (>>) button and enter the following details in the following
format.
• • • • • •
Note: If incorrect explicit credentials are specified for the UNIX target, then the
default query credentials are not used for query execution.
- UNIX and Linux Native Credentials

Select UNIX and Linux Native Credentials and click the Add (>>) button,
enter the Username and Password. These are the credentials of a member
of the bvUser group on the target. This will be common to all UNIX and Linux
servers.
- Windows Credentials
Enter the User Name (DomainName\UserName) and Password. This will be
common to all Windows servers. The credentials will be used when credentials
are not specified for a Windows server and no domain credentials are specified
for the domain of that server.
- Add Domain Credentials
Enter the Domain Name (Server Domain), User Name and Password. This
will be common to all Windows servers in the specified domain.
! To specify database credentials

14 Select the Database Credentials folder. Click the Add (>>) button.

The Database Credentials dialog appears. Enter the User name and
Password. The added credentials will be used by the product when
connecting to and retrieving information from an Oracle server in the specified
domain.
If no explicit credentials have been specified for that server, then the domain
credentials are used.
15 Click Next.
The Assign a Credential Database to Each User panel appears.
Fig. 31 Assign a Credential Database to Each User
! To assign a Credential Database to each user

16 Select the User Name and assign a credential database to the user. This
allows you to run queries successfully using bv-Control for Oracle.
17 Click Next. A Summary of the assignment of the credential database is
displayed. The information that is displayed will be stored in the BindView
Information Server. Click Next.
18 Click Finish.

7 Evaluating bv-Control for Oracle
In This Chapter
Evaluating the Product..................................................................................84

Database Access Control - Users with System Privileges ..................................84
Password Management - Password Identical to Username ...............................84
Database Role Assignments ..........................................................................84
Database Users ............................................................................................87
Using Custom SQL Query Datasource.............................................................90
7: Evaluating bv-Control for Oracle 83

Evaluating the Product
Overview Securing the information contained in the databases of any organization is one of
the most important tasks for an administrator. Since many client programs access
the databases, loss or misuse of this data may cause serious harm to the company.
bv-Control for Oracle helps secure the Oracle environment by providing detailed
reports on the configuration (database, network, operating system), access control,
and auditing aspects.
Database Access Administrators can obtain valuable information so that only authorized users have
Control - Users access to databases. The administrator can review all the non-standard user
with System accounts that have been granted system privileges. Ideally, system privileges must
Privileges be granted via roles.
1 Navigate to the Users with System Privileges pre-defined query from the
following path: BindView RMS>Risk Assessment and Control>Pre-
Defined>bv-Control for Oracle>Security Best Practices>Database
Access Control.
2 Right-click and select Run>And View As Grid from the short cut menu.
The Task Status window displays the status of the query while it is running.
The result is displayed as a report.
Password Administrators can identify passwords that are identical to the user names and take
Management - action accordingly. Oracle creates some default users with passwords during
Password Identical installation. Some of these have passwords the same as the user name. This may
to Username present a security threat.
1 Navigate to the Password Identical to Username pre-defined query from
the following path: BindView RMS>Risk Assessment and Control>Pre-
Defined>bv-Control for Oracle>Security Best
Practices>Configuration>Database Configuration>Password
Identical to Username.
2 Right-click and select Run>And View as Grid from the shortcut menu.
The Task Status window displays the status of the query while it is running.
The result is displayed as a report.
Database Role This data source can be used to provide a report on the assignment of Roles in the
Assignments database. Some of the roles can be granted to other users. This may be misused by
an individual. The administrator can review the report and revoke any role if
required.
1 Click the New Query icon on the BindView product toolbar.

The Select Data Source dialog appears.

Fig. 32 Select Data Source Dialog
2 Expand the bv-Control for Oracle folder and select Roles Assignment.
3 Click OK.
The Query Builder dialog appears.

Fig. 33 Query Builder Dialog
Specify the Fields, Filters, Sorts, and the Scope for this query.
4 Click OK.
The Query Options window appears.
Fig. 34 Query Options Window
5 Select Grid and click Run.

The report is displayed in the format that you have specified.

Fig. 35 Roles Assignment Report
Database Users One of the uses of the report from the Database Users datasource is to get
information on the database users whose passwords have expired and account is
locked. The administrator can further review the report to see if all the default users
and passwords created during Oracle installation are either changed or locked to
reduce risk to the databases.
! To get list of users whose passwords have expired
1 Click the New Query icon on the BindView product toolbar.


2 Select Database Users and click OK.

The Query Builder dialog appears. The Available Fields and the Selected
Fields lists are displayed.
3 Expand the All Fields folder and select Account Status.
4 Click Add.
The Account Status field appears in the Selected Fields list.
5 Select the Filter Specification tab.
6 Expand the All Fields folder and select Account Status.
7 Click Add.
The Filter Term Definition dialog appears.
Fig. 37 Filter Term Definition Dialog

8 Select Specific Value. Under Account Status, select Equal To and Expired
and Locked.
9 Click OK.
The filter term appears in the Expression list.
10 Click OK on the Query Builder dialog.
The Query Options dialog appears.
Fig. 38 Query Options Dialog
You can save the results to be able to compare the results with a future
collection of data.
11 Click Save.
The Save Query dialog appears.
Fig. 39 Save Query Dialog
12 Enter User Account Expired and Locked.

13 Click OK.
The Query Options dialog reappears.
14 Select Report as the view type and click Run.
The result appears in a dataset report.

15 Review and close the report.

Click Yes to save the dataset.
Using Custom SQL You can use SELECT statements to build a custom SQL query and get reports.
Query Datasource
1 Click the New Query icon on the product toolbar.
2 Expand the bv-Control for Oracle folder and select Custom SQL Query.
3 Click OK.
The Query Builder dialog appears.

Fig. 41 Query Builder Dialog
4 Expand the All Fields folder and select SQL Query Text.
5 Click Add.
The SQL Query Text dialog appears.
Fig. 42 SQL Query Text dialog
6 Select the Descriptor Value option and click Change Descriptor.

The Descriptor: SQL Query Text dialog appears.

Fig. 43 Descriptor: SQL Query Text dialog
Type the SQL query you want to execute. You can specify multiple columns or
aliases separated by commas using SELECT statement. For example, SELECT
object_name, object_type, owner as schema_owner from dba_objects.
• • • • • •
Note: Only SELECT statement is supported. DML (except SELECT) and DDL
statements are not supported.
7 Click OK.
8 Click OK again on the SQL Query Text dialog.
9 Go back to the Query Builder dialog and define the columns or aliases that
you want to display in the result. To do this, select Field:... in the Query
Builder dialog and click Add.
The Field dialog appears.
Fig. 44 Field Dialog

10 Enter the column name or the alias in the Enter text box. In this example,
object_name.
11 Click OK.
Repeat the process for all the other columns and aliases present in the SQL
Query Text.
12 The fields are displayed under Selected Fields in the Query Builder dialog.
13 Click OK.
14 The Query Options dialog appears.
Fig. 45 Query Options Dialog
15 Click Run to get the report. The results are displayed in a grid. The details
appear under the column name or alias that you have specified.
• • • • • •
Note: The values under SQL Query Text show [Refer to Messages]. Click the
Messages button at the lower right-hand corner to get information about
the SQL Query that you have specified.
• • • • • •
Note:
This chapter provides information on a few features available in bv-Control for

Oracle that give you an idea of how to assess, audit, and secure your Oracle
environment. Using all the features in bv-Control for Oracle, you can properly
configure and protect your Oracle environment to avoid downtime and realize your
desired returns on your IT investments.


8 Uninstalling bv-Control for Oracle
In This Chapter
Product Removal ..........................................................................................96
8: Uninstalling bv-Control for Oracle 95

Product Removal
Product Removal
Uninstalling bv- Follow these steps to completely remove the bv-Control for Oracle product from the
Control for Oracle test system:
1. Ensure that the BindView Information Server is currently not executing
queries by checking the RMS Task Status dialog.
2. Close the BindView RMS Console and any open grids or task status
windows.
3. Select Start>Settings>Control Panel>Add/Remove Programs.
The Add/Remove Programs dialog appears.
Fig. 46 Add/Remove Programs Dialog
4. From the list of programs currently installed, select BindView bv-Control for
Oracle. Proceed with uninstallation, choosing to remove all files.
5. From the list of programs currently installed, select BindView Information
Server and Admin Console. Proceed with uninstallation, choosing to remove
all files.
6. Once the uninstallation is complete, restart the system.
7. To remove data files created by test execution, delete the BindView directory
where the application was initially installed. The default location is in Program
Files.

9 Troubleshooting
In This Chapter
Symptoms and Solutions ...............................................................................98
9: Troubleshooting 97
Symptoms and Solutions
Introduction This chapter provides information on resolving the problems you may encounter
while installing or using bv-Control for Oracle.
Privileges Required for You need certain specific privileges in the credentials database to run queries on
Database-related Data database-related data sources. Otherwise, you may encounter the following errors:
sources
Symptom
If the user does not have the required privileges, the following error message is
displayed:
Query to the database failed. Scope is database 'MASSDB' on server 'WKSERV'.
Additional Error Information: ORA-00942: table or view does not exist
If the user does not have the CREATE SESSION privilege but has
SELECT_CATALOG_ROLE, the following error message is displayed:
Unable to establish the connection with the database. Scope is database 'MESDB' on
server 'WKSERV'. Additional Error Information: ORA-01045: user TESTUSER lacks
CREATE SESSION privilege; logon denied
Solution
For information on specific SELECT privileges to query database-related data
sources, refer to Appendix B: SELECT Privileges Required to Query Database-related
Data sources in the bv-Control for Oracle Getting Started Guide.
The SQL script, INITBVCO.SQL creates a credential user and assigns privileges to it.
This is required to run queries on bv-Control for Oracle successfully. This script must
be run on all the databases on which you want bvControl for Oracle to report. Refer
to Appendix C: Script to Create Credentials User for more details.
Minimum Privileges To obtain Windows platform-specific Information, the credentials user must have
Required for Windows administrator privileges on the Windows machine.
Account to get
Windows Platform-
specific Information

Unknown Servers after Symptom

Registering a Database
A server may appear as "Unknown" during the configuration process after
registering a database. This may happen in the following cases:
Windows servers in a Workgroup or in untrusted domains.
Solution
In case of a workgroup, explicitly establish a session with the workgroup from the
machine running RMS Console.
To establish a session,
Open the command prompt.
Type "Net use \\<machine-name>\IPC$ user:<WorkgroupName\UserName>" and
press Enter.
You will be prompted for a password for the above user.
The session is established.
In case of untrusted domains, establish a trust or create a session with the server
that you are configuring.
To establish a session,
Open the command prompt.
Type "Net use \\<machine-name>\IPC$ user:<DomainName\UserName>" and
press Enter.
You will be prompted for a password for the above user.
The session is established.
UNIX servers that are not registered
Use bv-Config UNIX to register the targets.
After performing the above steps, remove the unknown server and register it again.
No RF Applicable Error Symptom

If a UNIX server is configured but no credentials are present in the Credentials
Database, deploying Rapid Fire Updates on this server would result in an error
message "No RF applicable to this server".
Solution
This can be resolved by providing the credentials for this UNIX server before trying
to deploy the Rapid Fire Updates.
Error related to Symptom

NLS_LANG Value in
Registry Failed to create the OCCI Environment. Scope is database 'TESTDB1' on server
'XYZSRV'. Additional Error Information: ORA-12705 : Invalid or Unknown NLS
parameter value specified
Solution
The NLS_LANG value in the registry is set to "NA" by default during installation. If
this value is set to any valid NLS_LANG value, the problem will not occur. For
example, "American_America.WE8MSWIN1252".
File Not Found Error for The Oratab file must be present in /etc or /var/opt/oracle directory. This is required
Some Data sources to run queries based on the following data sources successfully.
while Reporting on
UNIX Targets • Listener
• Server Configuration
• UNIX Server File and Directory Permissions
• UNIX Database File and Directory Permissions
SQL*Plus Security Data PRODUCT_USER_PROFILE synonym should be present. If not, then SQL* Plus
source Returns Error Security data source returns "Table or view does not exist"
Symptom
"Query to the database failed. Scope is database 'test1db' on server
'test5.ad.simulatedcomp.com'. Additional Error Information: ORA-00942: table or
view does not exist".
Solution
Make sure the synonym PRODUCT_USER_PROFILE is accessible or that it exists in
the database. Otherwise the query based on the SQL*Plus Security data source will
display an error.
Platform-related Symptom
Queries Error in case of
UNIX Agent If a UNIX agent is unregistered but the server entry remains in the configuration,
this server will be available for scoping but an error is displayed on running platform-
related queries. The error is "System cannot find the specified file".
Solution
Register the BindView Information Server again and try to execute the queries.
Platform-related Symptom
Queries Error Due to
BindView Information If the BindView Information Server is no longer registered with the UNIX/Linux
Server Registration agent but the agent’s entry exists in the scoping database of the BindView
Information server, then the platform-specific queries for the corresponding Oracle
server will fail with a “Connection dropped” error.
Solution
Delete the UNIX/Linux server in the RMS Console and then register the BindView
Information server again.
Refer to bv-Control for Oracle online help for information on deleting servers.
User Name with Special Symptom

Characters
User created within double quotes (" ") is not able to logon
When a user is created within double quotes, Oracle stores the name as it is. Special
characters are also allowed.
Solution
The user must logon with the name in double quotes to run the queries successfully.

Error on Deploying RFs Symptom

on UNIX Server
If a UNIX server is configured but no credentials are present in the Credentials
Database, deploying Rapid Fire Updates on these servers would result in an error
message "No RF applicable to this server".
Solution
This can be resolved by providing the credentials for this UNIX server before trying
to deploy Rapid Fire Updates.
Error in case of Oracle This occurs only for Oracle installation on Windows. By default sqlnet.ora file has
Server on Windows - AUTHENTION_SERVICE value set to (NTS). This means that whenever connection is
SQLNet.ora Containing attempted with the server, it tries to verify the Windows user that is trying to
NTS Entry connect.
Jobprocessor.exe, which connects to the database for querying, runs under the user
"bvpmuser". This is a local user on the BindView Information Server and cannot be
verified on the Oracle server to be a Windows user.
Hence, if the AUTHENTION_SERVICE value is set to NTS, the connection fails.
Symptom
Unable to establish the connection with the database. Scope is database 'MOSSDB'
on server 'W2KADSERV'. Additional Error Information: ORA-12638: Credential
retrieval failed
Solution
Open the Sqlnet.ora file present in the %ORACLE_HOME%/network/admin directory
and change SQLNET.AUTHENTICATION_SERVICES=(NTS) to
SQLNET.AUTHENTICATION_SERVICES=(NONE)
Error after Upgrading Symptom

The error "A failure occurred: Could not find the resource in the table during modify"
is displayed after upgrading.
This may happen in the following case.
1. Remove the credentials of an object from the credentials database.
2. Add the credentials for the same object to the same credential database.
3. Click Next on the Select Credentials panel and proceed to the Assign a
Credential Database to Each User panel.
Solution
If you want to update the credentials of an object, double-click in the credentials list
for the credential database and modify the credentials.
Unknown Entries in the Symptom

Reports
When you run a query, you may get "Unknown" entries in the report.
Solution
Click the Messages button at the right hand corner to view details of this error
since the errors are specific to the kind of report you are trying to generate.
Unknown Server Error Symptom

on entering IP Address
while Registering Server is displayed as Unknown Server when the IP Address option is used to
Database Manually register database manually. This happens if the IP cannot be resolved due to
incorrect DNS Configuration.
Solution
Enter the IP Address in the Database Server Name field in the Register
Database dialog. The IP Address entry is checked in the Scoping Database and
whether it is registered, or, the server is treated as a Windows server and
connection is attempted to get the Operating System version.
Unix Agent - Symptom

"Connection Dropped
Error" The "Connection Drop" error appears when the agent is uninstalled and thus not
Solution
Register the UNIX agent again with the BindView Information Server and then run
the queries.
Performance Tuning of You can improve the performance of database queries, by changing the value of
Database Queries PrefetchDataElementCount in the bvOConfig.ini file according to the needs of your
environment.

A Default User Accounts and Passwords
Overview The following table lists the default Oracle user accounts and their passwords that
may be created during the installation process.
Username Password
ADAMS WOOD
ADLDEMO ADLDEMO
ADMIN JETSPEED
APPLSYS FND
APPLYSYSPUB PUB
APPS APPS
APPUSER APPPASSWORD
AQ AQ
AQDEMO AQDEMO
AQJAVA AQJAVA
AQUSER AQUSER
AUDIOUSER AUDIOUSER
AURORA$JIS$UTILITY$ INVALID
AURORA$ORB$UNAUTHENTIC INVALID
ATED
BC4J BC4J
BLAKE PAPER
CATALOG CATALOG
CDEMO82 CDEMO82
CDEMOCOR CDEMOCOR
CDEMORID CDEMORID
CDEMOUCB CDEMOUCB
CENTRA CENTRA
CIDS CIDS
CIS ZWERG
A: Default User Accounts and Passwords 103

Username Password
CISINFO ZWERG
CLARK CLOTH
COMPANY COMPANY
COMPIERE COMPIERE
CQSCHEMAUSER PASSWORD
CSMIG CSMIG
CTXDEMO CTXDEMO
CTXSYS CTXSYS
DBI MUMBLEFRATZ
DBSNMP DBSNMP
DEMO DEMO
DEMO8 DEMO8
DEMO9 DEMO9
DES DES
DSGATEWAY DSGATEWAY
DSSYS DSSYS
EJSADMIN EJSADMIN_PASSWORD
EMP EMP
ESTOREUSER ESTORE
EVENT EVENT
FINANCE FINANCE
FND FND
FROSTY SNOWMAN
GPFD GPFD
GPLD GPLD
HCPARK HCPARK
HLW HLW
HR HR
IMAGEUSER IMAGEUSER
IMEDIA IMEDIA
JMUSER JMUSER
JONES STEEL
L2LDEMO L2LDEMO

Username Password
LBACSYS LBACSYS
LIBRARIAN SHELVES
MASTER PASSWORD
MDDEMO MDDEMO
MDDEMO_CLERK CLERK
MDDEMO_MGR MGR
MDSYS MDSYS
MFG MFG
MGWUSER MGWUSER
MIGRATE MIGRATE
MILLER MILLER
MMO2 MMO2
MMO2 MMO3
MODTEST YES
MOREAU MOREAU
MTS_USER MTS_PASSWORD
MTSSYS MTSSYS
MXAGENT MXAGENT
NAMES NAMES
OAS_PUBLIC OAS_PUBLIC
OCITEST OCITEST
ODS ODS
ODSCOMMON ODSCOMMON
OE OE
OEMADM OEMADM
OEMREP OEMREP
OLAPDBA OLAPDBA
OLAPSVR INSTANCE
OLAPSYS MANAGER
OMWB_EMULATION ORACLE
OPENSPIRIT OPENSPIRIT
ORACACHE ORACACHE
ORACLE ORACLE

Username Password
ORAREGSYS ORAREGSYS
ORDPLUGINS ORDPLUGINS
ORDSYS ORDSYS
OSE$HTTP$ADMIN INVALID
OSP22 OSP22
OUTLN OUTLN
OWA OWA
OWA_PUBLIC OWA_PUBLIC
PANAMA PANAMA
PATROL PATROL
PERFSTAT PERFSTAT
PLSQL SUPERSECRET
PM PM
PO PO
PO7 PO7
PO8 PO8
PORTAL30 PORTAL31
PORTAL30_DEMO PORTAL30_DEMO
PORTAL30_PUBLIC PORTAL30_PUBLIC
PORTAL30_SSO PORTAL30_SSO
PORTAL30_SSO_PS PORTAL30_SSO_PS
PORTAL30_SSO_PUBLIC PORTAL30_SSO_PUBLIC
POWERCARTUSER POWERCARTUSER
PRIMARY PRIMARY
PUBSUB PUBSUB
PUBSUB1 PUBSUB1
QS QS
QS_ADM QS_ADM
QS_CB QS_CB
QS_CBADM QS_CBADM
QS_CS QS_CS
QS_ES QS_ES
QS_OS QS_OS

Username Password
QS_WS QS_WS
RE RE
REP_MANAGER DEMO
REP_OWNER DEMO
REP_OWNER REP_OWNER
REPADMIN REPADMIN
RMAIL RMAIL
RMAN RMAN
SAMPLE SAMPLE
SAP SAPR3
SCOTT TIGER
SDOS_ICSAP SDOS_ICSAP
SECDEMO SECDEMO
SERVICECONSUMER1 SERVICECONSUMER1
SH SH
SITEMINDER SITEMINDER
SLIDE SLIDEPW
STARTER STARTER
STRAT_USER STRAT_PASSWD
SWPRO SWPRO
SWUSER SWUSER
SYMPA SYMPA
SYS CHANGE_ON_INSTALL
SYSADM SYSADM
SYSMAN OEM_TEMP
SYSTEM MANAGER
TAHITI TAHITI
TDOS_ICSAP TDOS_ICSAP
TESTPILOT TESTPILOT
TOAD TOAD
TRACESVR TRACE
TRAVEL TRAVEL
TSDEV TSDEV

Username Password
TSUSER TSUSER
TURBINE TURBINE
ULTIMATE ULTIMATE
USER USER
USER0 USER0
USER1 USER1
USER2 USER2
USER3 USER3
USER4 USER4
USER5 USER5
USER6 USER6
USER7 USER7
USER8 USER8
USER9 USER9
UTLBSTATU UTLESTAT
VIDEOUSER VIDEOUSER
VIF_DEVELOPER VIF_DEV_PWD
VIRUSER VIRUSER
VRR1 VRR1
VRR1 VRR2
WEBCAL01 WEBCAL01
WEBDB WEBDB
WEBREAD WEBREAD
WKPROXY WKPROXY
WKSYS WKSYS
WWW WWW
WWWUSER WWWUSER
XDB XDB
XPRT XPRT

B SELECT Privileges Required to Query
Database-related Datasources
Overview SELECT privileges are required on the following views to query database-related
datasources.
Datasource View
Database Application Contexts DBA_CONTEXT
Database Audit Trail DBA_AUDIT_TRAIL
Database Configuration V$DATABASE, V$INSTANCE,
GLOBAL_NAME,
V$SYSTEM_PARAMETER2,V$VERSION
Database Fine Grained Access Control DBA_POLICIES
Policies
Database Fine Grained Auditing Audit DBA_FGA_AUDIT_TRAIL
Trail
Database Initialization Parameters V$SYSTEM_PARAMETER2
Database Links DBA_DB_LINKS
Database Object Auditing DBA_OBJ_AUDIT_OPTS
Database Object Privilege Assignments SYS.OBJAUTH$, SYS.OBJ$,
SYS.USERS$, TABLE_PRIVILEGE_MAP,
DBA_ROLES, DBA_OBJECTS,
SYS.COL$C
Database Objects DBA_OBJECTS
Database Policy Contexts DBA_POLICY_CONTEXTS
Database Policy Groups DBA_POLICY_GROUPS
Database Privilege Auditing DBA_PRIV_AUDIT_OPTS
Database Profiles DBA_PROFILES
Database Resource Consumer Groups DBA_RSRC_CONSUMER_GROUPS
Database Resource Limits V$RESOURCE_LIMIT
Database Role Assignments DBA_ROLE_PRIVS, DBA_ROLES
Database Roles DBA_ROLES
Database Sessions V$SESSION
B: SELECT Privileges Required to Query Database-related Datasources 109

Datasource View
Database Statement Auditing DBA_STMT_AUDIT_OPTS
Database System Privilege DBA_SYS_PRIVS, DBA_ROLES
Assignments
Database Uniform Audit Trail DBA_COMMON_AUDIT_TRAIL
Database User Tablespace Quotas DBA_TS_QUOTAS
Database Users DBA_USERS, PROXY_USERS
Database and Instance Information V$DATABASE ,V$INSTANCE,
GLOBAL_NAME,V$VERSION
SQL*Plus Security SYSTEM.PRODUCT_USER_PROFILE
UNIX and Linux Database File and V$SYSTEM_PARAMETER2,
Directory Permissions V$CONTROLFILE,
V$DATAFILE, V$LOGFILE,
V$TEMPFILE
V$ARCHIVE_DEST
Windows Database File and Folder V$SYSTEM_PARAMETER2,
Permissions V$CONTROLFILE,
V$DATAFILE, V$LOGFILE,
V$TEMPFILE
V$ARCHIVE_DEST

C Script to Create Credentials User
Overview The SQL script, INITBVCO.SQL creates a credential user and assigns privileges to it.
This is required to run queries on bv-Control for Oracle successfully. This script must
be run on all the databases on which you want bvControl for Oracle to report.
This script is supported for Oracle database versions 8i and above.
Using the Script Follow these steps to use the script to create a credentials user and assign
privileges.
! To use the script to create credential user

1 Login to a database using the SQL*Plus tool.
2 Execute the script, INITBVCO.SQL, on the SQL> prompt as follows:
SQL>@<location of the script>\INITBVCO.SQL.
3 You will be asked if you want to create the credentials user as follows:
Do you want to create the credential user [TRUE/FALSE]. The default is TRUE
and creates a new user. Press Enter to accept. If you want to use an existing
user, then enter FALSE and press Enter.
4 If you have selected the option to create a new user, then enter a new user
name and password. The default new user name is BVCOUSER and the
corresponding password is BVCOUPASSWD.
If you have selected to use an existing user, enter the existing user name and
enter a blank password.
5 If you have selected to create a new user, then enter the default tablespace
name and temporary tablespace name for the user. The Default Tablespace is
SYSTEM. The Default Temporary Tablespace is TEMP1TBS.
If you have selected to use an existing user, press Enter to retain the
tablespaces.
C: Script to Create Credentials User 111

Index
Symbols filter term, 89
filter term definition, 88
58481
Heading1
Installing bv-Control for UNIX manually on G
different Operating, 41 grid
view type, 86
A
adding H
credential databases, 78 hardware, 28
licenses, 32 HP-UX, 43
products, 31
users, 34 I
AIX, 41
Information Server
minimum system requirements, 22
B system requirements, 22
BindView RMS Console and Information Server install.sh
Configuration Wizard, 31 Prerequisite packages for installing bv-Control for
UNIX, 38
C install.sh script, 38
prerequisites pacakges for installing bv-Control
compliance, 18
for UNIX, 38
configuration, 31
installing, 28
configuration file, 77
system requirements for, 22
configuration wizard, 74
Installing bv-Control for UNIX agent manually on dif-
configure
ferent Operating Systems, 41
databases, 74
AIX, 41
servers, 74
HP-UX, 41
Configuring bv-Control for UNIX, 66
Red Hat Linux, 41
connection type, 76
Solaris, 41
Console, 18
SUSE Linux, 41
minimum system requirements, 22
Installing bv-Control for UNIX agent on UNIX Target
system requirements, 22
Machines, 37
credential databases, 78
Installing bv-Control for UNIX agent using bv-Config
UNIX, 51
D Agent Install Set Configuration dialog, 51
dedicated server, 76 Task Creation Wizard, 51
deploy
planning, 22 L
licence, 29
E listener service, 76
execute “install.sh" script, 39
expression, 89 M
manual registration, 76
F miminum rights, 23
features, 18
Index 113
MSDE, 23
O
operating system credentials, 81
Oracle servers, 75
P
port number, 76
privileges, 24
database-related datasources, 24
platform-specific information, 25
SELECT, 109
UNIX, 25
product overview, 18
products, 31
R
Red Hat Linux, 48
register database, 76
Registering UNIX Targets with BindView Information
Server
Resource Name /Password, 66
report
view type, 89
requirements
software, 28
Running the Setup Shell Script, 63
Running the setup.sh Script, 67
S
shared server, 76
SID, 76
Solaris, 45
specify credentials
configured servers, 80
Operating system, 81
resource objects, 80
SuSE Linux, 49
system requirements for installation, 22
U
Un-registering UNIX Target from BindView Informa-
tion Server, 71
upgrading, 25
W
Windows trust requirement, 24


Bv-Control For Oracle Getting Started Guide PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Bv-Control For Oracle Getting Started Guide PDF

Uploaded by

Copyright:

Available Formats

bv-Control for Oracle v8.

Getting Started Guide

BindView Corporation · 5151 San Felipe, Suite 2500 · Houston, TX 77056

© 2006 BindView Corporation. All rights reserved.