Différences

Ci-dessous, les différences entre deux révisions de la page.

--- oracle:database:cloning_pdb_in_an_isolated_tde_environment [15/04/2025 09:02] – mdl
+++ oracle:database:cloning_pdb_in_an_isolated_tde_environment [15/04/2025 09:08] (Version actuelle) – mdl
@@ Ligne 19: / Ligne 19: @@
     CON_ID CON_NAME                       OPEN MODE  RESTRICTED
 ---------- ------------------------------ ---------- ----------
 PDB1TDE                        READ WRITE NO
@@ Ligne 27: / Ligne 25: @@
 SQL> SELECT CON_ID, KEYSTORE_MODE,status,wallet_type from gV$ENCRYPTION_WALLET;
     CON_ID KEYSTORE STATUS                         WALLET_TYPE
 ---------- -------- ------------------------------ --------------------
 ISOLATED OPEN                           PASSWORD
 </code>
+ \\
 == 2/ On target CDB TARTDECL create a database link for the PDB PDB1TDE that you want to clone remotely. ==
 <code PLSQL>
@@ Ligne 40: / Ligne 36: @@
 CON_NAME
 ------------------------------
 CDB$ROOT
 SQL> create database link forclone connect to system identified by ZicZac##4523Pec using '//moros:1521/PDB1TDE.COE.CORP';
 Database link created.
 SQL> alter session set global_names=false;
 Session altered.
 SQL> select * from dual@forclone;
 D
 -
 X
 SQL>
 </code>
+ \\
+== 3/ On source cdb give following privilege ==
+<code PLSQL>
+SQL> show parameter db_un
+NAME                                 TYPE        VALUE
+------------------------------------ ----------- ------------------------------
+db_unique_name                       string      TSTTDECL
+SQL> grant create pluggable database to system container=all;
+Grant succeeded.
+</code>
+ \\
+== 4/ CREATE PLUGGABLE DATABASE statement with the KEYSTORE IDENTIFIED BY clause to perform the clone of the PDB. ==
 <code PLSQL>
+alter session set global_names=false;
+SQL> show parameter tde
+NAME                                 TYPE        VALUE
+------------------------------------ ----------- ------------------------------
+one_step_plugin_for_pdb_with_tde     boolean     FALSE
+tde_configuration                    string      KEYSTORE_CONFIGURATION=FILE
+SQL> alter system set one_step_plugin_for_pdb_with_tde=true;
+System altered.
+SQL>  create pluggable database PDB1TDECLNE2 from PDB1TDE@forclone keystore identified by pwdtartdecl;  --with target cdb tde passwd
+Pluggable database created.
+SQL> alter pluggable database PDB1TDECLNE2 open;
+Pluggable database altered.
+</code>
+ \\
+== 5/ Rekey the master encryption key of the remotely cloned PDB ==
+<code PLSQL>
+SQL> show pdbs
+    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
+---------- ------------------------------ ---------- ----------
+PDB1TDECLNE2                   READ WRITE NO
+SQL> ADMINISTER KEY MANAGEMENT SET KEY  FORCE KEYSTORE IDENTIFIED BY pwdtartdecl WITH BACKUP USING 'after_clne_key_backup';
+keystore altered.
+</code>
+ \\
+==  6/ Change password for the PDB ==
+<code PLSQL>
+SQL> show pdbs
+    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
+---------- ------------------------------ ---------- ----------
+PDB1TDECLNE2                   READ WRITE NO
+SQL> ADMINISTER KEY MANAGEMENT ALTER KEYSTORE PASSWORD IDENTIFIED BY pwdtartdecl  SET pwdpdbclne2 WITH BACKUP ;
+keystore altered.
+</code>
+ \\
+== 7/ Create Auto login for the PDB ==
+<code PLSQL>
+SQL> show pdbs
+    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
+---------- ------------------------------ ---------- ----------
+PDB1TDECLNE2                   READ WRITE NO
+SQL> ADMINISTER KEY MANAGEMENT CREATE AUTO_LOGIN KEYSTORE FROM KEYSTORE  IDENTIFIED BY pwdpdbclne2;
+keystore altered.
+</code>
-</code>

Outils

menus et recherche rapide

recherche rapide

statut du site

Outils de la page

meta données pour cette page

Différences