We all know how to sum up by year select to_char(trunc(hiredate,’Y’),’YYYY’) year, count(*) from scott.emp group by trunc(hiredate,’Y’) order by trunc(hiredate,’Y’) YEAR COUNT(*) —- ——– 1980 1 1981 10 1982 1 1987 2 This is quite easy. Same for day (DD), century (CC), quartal (Q), hour (HH24), month (MM) But how do you group by, […]
Author: Laurent Schneider
sqlnet.ora and ldap.ora parameters in jdbc thin url
Using the latest instant client, the Easy Connect Plus improvement let you parametrise your jdbc url more intensively jdbc:oracle:thin:@ldaps://ldap.example.com/db01?WALLET_LOCATION=/db00/mywallet&AUTHENTICATE_BIND=true&AUTHENTICATE_BIND_METHOD=none&DIRECTORY_SERVER_TYPE=OID EasyConnect Plus appeared in 19c, but was further improved in 21c and 23ai. See more JDBC Developer’s Guide https://docs.oracle.com/en/database/oracle/oracle-database/19/jjdbc/data-sources-and-URLs.html#GUID-44572C63-10D2-478A-BB2E-ACF6674C59CC
negative regexp
if you want to grep anything except foo, use grep -v or negative lookahead echo -e ‘foo\nbar\nboz’|grep -P ‘^(?!.*foo).*$’ bar boz it is just so beautiful ! e.g. get IP address except localhost in /etc/hosts grep -Po ‘^(?!127.0.0.1)[0-9.]+’ /etc/hosts 192.168.1.1 192.168.1.2 if you have no grep -P, use perl
oem cpu jul 23
this blog is no longer maintained. go there : OEM patch | LaurentSchneider.Com (wordpress.com)
wlst
new post on https://laurentschneider.wordpress.com/2023/07/31/wlst/ this blog is no longer maintained
XMLRoot desupport
XMLRoot has been deprecated since 12cR2 and desupported since 21c. Still, it is not really obvious to understand how to generate a prolog. Also, you couldn’t specify the encoding. Well, one could fake the version with double quote, but this is not recommended, there even was some dirty SQL injection in oldish versions. select xmlroot(xmlelement(x),version […]
SQL + DTD
How to select xml with DTD ? Imagine this XML code SQL> select xmltype( ‘<!DOCTYPE FOO SYSTEM “/public/test/foo.dtd”><FOO/>’, wellformed => 1) xml from dual; XML —————————————————– <!DOCTYPE FOO SYSTEM “/public/test/foo.dtd”><FOO/> Most validations are done with XSD and not DTD, so it is not that easy, even google probably lead you here 😉 Create the dtd […]
cp -r preserves links
Linux is not Unix, I keep finding out differences years after years. I’ve been using cp -r for over 25 years to find out today, the good old cp -r is cp -Lr on Linux. e.g. AIX $ touch foo $ ln -s foo bar $ cp -r bar boz $ ls -la boz -rw-r–r– […]
DROP IF EXISTS / CREATE IF NOT EXISTS
DROP TABLE [IF EXISTS] table-name Drop table if exists has been there for ages, in Oracle MySQL, Oracle NoSQL and others. Now we got this in Oracle Database 23c too. First thing I do on my sandbox database is creating SCOTT tables. Now, for the first time, I can make my script 100% error free. […]
23c is out
but only for developers. You can get it from oracle.com as a RH8 rpm :Â https://www.google.ch/search?q=download+oracle+23c You need about 6Gb in /opt and there is a /etc/init.d/oracle-free-23c configure -i command that does create a database for you. Some goodies : select 1; select true; create table if not exists t(x number); arg 1 def xxx select […]
grant select on sysman view
Quite often you select from the sysman schema, let’s say select target_name from sysman.mgmt$target; To do so, you better be sys.. because SYS can see everything ! Let’s see what’s missing with a standard user connect sys/***@oem01 as sysdba; create user user1 identified by ***; grant create session to user1; conn user1/***@oem01; select count(*) from […]
ODP standalone
Without Administrative privilege, how would you install ODP.NET? Note 784309.1 describes the required files if you have no Oracle client download XCOPY ODAC from Oracle .NET, Visual Studio, and VS Code ODAC Downloads for Oracle Database Copy the files Oracle.DataAccess.dll OraOps.dll orannzsbb.dll oraociei.dll oci.dll to your directory (ex: C:\ODAC) Add that directory to your PATH […]
R+ODBC
I just established a connection from R to Oracle / MSSQL using ODBC. First, I installed R sudo yum install R Then, ODBC sudo yum install unixODBC-devel freetds-libs I set up my mirror in .Rprofile options(repos=structure(c(CRAN=”http://cran.example.com/”))) I install ODBC Library in R R -s <<EOF install.packages(“odbc”) EOF I configure my odbc driver to Oracle Instant […]
connect to mssql with python/linux
done for a friend : install rpm’s sudo yum install -y freetds unixODBC unixODBC-devel freetds-libs python3-pyodbc create odbc.ini and odbcinst.ini for sybase go there Unix ODBC Sybase for oracle go there Unix ODBC Oracle for mssql ~/.odbc.ini : the Database definition [DB01] Driver = FreeTDS Description = DB01 Server = src01 Port = 1433 Database = DB01 […]
generate Excel from scott.emp
Ages ago I explained how to generate excel from the Unix command line. For instance with HTML or with XML+ZIP To do this in Windows is way more elegant. You get your dataset from Oracle or any other source. Then you create an Excel Object, you add content, saves, that’s all folk! # 1) get […]
proxy user revisited
A new 10.2 feature I mentioned in su in sqlplus – Laurent Schneider is the ability to use a proxy user in a connection string. This was documented in What’s New in Oracle Call Interface? Proxy access for a single client can be set using various connect strings. Today I got one user complaining about […]
ODBC/OLEDB/ODP and Kerberos
Precondition : sqlplus can connect to the database server using a kerberos ticket. I wrote The long long route to Kerberos – Laurent Schneider in 2014, but most of the bugs in 11.2.0.2 / 12.1.0.2 are no longer interesting, so probably you should be fine to just read Configuring Kerberos Authentication (oracle.com) let’s see sqlplus […]
Log4J and OEM Part II
After part 1, where Oracle wrote in an official document there is no impact for your targets, Critical Patch Advisory April 2022 reveals multiple vulnerabilities, one of them is Log4J severity 9.8/10. 9.8 means it is kindergarden easy to compromise confidentiality, integrity and availability even without a login. In the meanwhile, per 30. April, Oracle […]
jdbc url with ldap ssl in 21c
the basic : you have tns resolution over ldap. To change from ldap to ldaps, you modify : jdbc:oracle:thin:@ldap://ldap.example.com:389/DB01,cn=OracleContext,dc=example,dc=com to jdbc:oracle:thin:@ldaps://ldap.example.com:636/DB01,cn=OracleContext,dc=example,dc=com now the advanced : Oracle Support mentions, there is no support for Mode 2 SSL (note 1664857.1) So one approach was to either not use ldaps, or to use level 1, which means no […]
Restore controlfile without catalog
The easiest is : restore controlfile from autobackup Also possible : restore controlfile from “/bckdir/c-123-45” If you use tape run { allocate channel c1 type ‘SBT_TAPE’ PARMS ‘ENV=(TDPO_OPTFILE=…)’; restore controlfile from “c-3635577900-20220330-02”; }
Log4J and Oracle Enterprise Manager
Log4j issues allow a remote client to execute code without authentication. Software vendors spent the last two months thinking of the impact and the mitigations. The bad: If you have Enterprise Manager, you have multiple web services, like em itself (https://oms.example.com:7799/em), the weblogic console (https://oms.example.com:7102/console), the agent (https://dbsrv01.example.com:3872/emd/main/) and others. This makes you an easy […]
Log4J and Oracle Database
CVE-2021-44228 issue allows an user without authentication to execute code. It is tremendously easy to exploit, it is more a working-as-designed feature than a hard-core memory glitch. Log4j is a logging library for java. If you enter some unexpected string, your web server may log it to a logfile. What’s your name? John What’s your […]
TNS resolution with LDAP and SSL
Long time ago, ldapsearch without password and without ssl was the way to go. But clear-text authentication (so called simple-bind) is a security leak. More and more, directory server vendors and administrators are closing the default non-ssl port and enforce authentication. And if you use ldap for TNS naming, things will break. Back in 2003, […]