Friday, March 26, 2010

How to set oracle listener password

In general there are three ways by which you can set Oracle database listener password.
A. Editing the listener.ora file directly and setting the password within it.
B. Using lsnrctl utility.
C. Using GUI such as Oracle Net Manager or Enterprise Manager.

A. Editing the listener.ora file directly and setting the password within it:
Through this method password is stored in a plain text format inside listener.ora file without any encryption. Note that, through this way it is possible to set more than one listener password. Following steps demonstrate the procedure.

Step 01: Locate the listener.ora file. Based on the operating system and environmental settings the location varies. The default location is $ORACLE_HOME/network/admin or if you set TNS_ADMIN environmental variable then it overrides default location. Alternatively, if your listener is up you can issue "lsnrctl status" command to check the location of listener.ora file.
E:\>lsnrctl status

LSNRCTL for 32-bit Windows: Version 10.2.0.1.0 - Production on 27-MAR-2010 09:40:38

Copyright (c) 1991, 2005, Oracle.  All rights reserved.

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
STATUS of the LISTENER
------------------------
Alias                     LISTENER
Version                   TNSLSNR for 32-bit Windows: Version 10.2.0.1.0 - Production
Start Date                27-MAR-2010 09:36:06
Uptime                    0 days 0 hr. 4 min. 32 sec
Trace Level               off
Security                  ON: Local OS Authentication
SNMP                      OFF
Listener Parameter File   E:\oracle\product\10.2.0\db_2\network\admin\listener.ora
Listener Log File         E:\oracle\product\10.2.0\db_2\network\log\listener.log
Listening Endpoints Summary...
  (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(PIPENAME=\\.\pipe\EXTPROC1ipc)))
  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
  Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "a" has 1 instance(s).
  Instance "a", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully

Step 02: After you locate listener.ora file check its contents.
For example, following is my listener.ora file contents.
# listener.ora Network Configuration File: E:\oracle\product\10.2.0\db_2\network\admin\listener.ora
# Generated by Oracle configuration tools.

SID_LIST_LISTENER =
  (SID_LIST =
    (SID_DESC =
      (SID_NAME = PLSExtProc)
      (ORACLE_HOME = E:\oracle\product\10.2.0\db_1)
      (PROGRAM = extproc)
    )
  (SID_DESC=
        (GLOBAL_DBNAME=a)
        (ORACLE_HOME=E:\oracle\product\10.2.0\db_1)
        (SID_NAME=a)
   )
  )

LISTENER =
  (DESCRIPTION_LIST =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1))
      (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
    )
  )

Step 03: Add a password line corresponding to the listener.
From above contents you see my listener has the default name LISTENER from lines,
LISTENER =
   (DESCRIPTION_LIST =
It is the line starting LISTENER= . Within listener.ora file we need to add a line to this file with the following format:
   PASSWORDS_{LISTENER_NAME}=listener_password
Here the listener is called LISTENER then we need a add following lines within the listener.ora file.
 PASSWORDS_LISTENER=listener_password
You can also set multiple passwords as follows:
   PASSWORDS_LISTENER=(password1,password2)
For example I want to have my "LISTENER" listener password as "arjudba" so my listener.ora file will look like,
# listener.ora Network Configuration File: E:\oracle\product\10.2.0\db_2\network\admin\listener.ora
# Generated by Oracle configuration tools.

SID_LIST_LISTENER =
  (SID_LIST =
    (SID_DESC =
      (SID_NAME = PLSExtProc)
      (ORACLE_HOME = E:\oracle\product\10.2.0\db_1)
      (PROGRAM = extproc)
    )
  (SID_DESC=
        (GLOBAL_DBNAME=a)
        (ORACLE_HOME=E:\oracle\product\10.2.0\db_1)
        (SID_NAME=a)
   )
  )

LISTENER =
  (DESCRIPTION_LIST =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1))
      (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
    )
  )
PASSWORDS_LISTENER=arjudba
Note that, After you set password in 9i, you will now require a password whenever you wish to stop the listener or any other "destructive" listener actions. However in Oracle database 10g, if you are not logged into the operating system with a privileged account, you will have to enter a password while doing any destructive operation to listener. Like,
$ lsnrctl
LSNRCTL> set password

B. Using lsnrctl utility.
With the lsnrctl utility you can secure your password by making password encrypted. Setting password through lsnrctl utility is a recommended option. Step by step it is demonstrated.

Step 01: Invoke lsnrctl utility.
E:\>lsnrctl

LSNRCTL for 32-bit Windows: Version 10.2.0.1.0 - Production on 27-MAR-2010 11:24:26

Copyright (c) 1991, 2005, Oracle.  All rights reserved.

Welcome to LSNRCTL, type "help" for information.
Step 02: Set the current listener to which you want to set password.
LSNRCTL> set current_listener listener
Current Listener is listener
Step 03: Invoke change_password command:
After invoking change_password it will prompt you for old password, if you have any old password set then type that. But if you don't have any old password then simply press Enter.
Then it will prompt you for the new password which you want to set and then press enter.
Then it will again prompt you to reenter the new password for confirmation and then press enter.
After this password will be changes for running instance or session of the listener.
LSNRCTL> change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
Password changed for listener
The command completed successfully
Step 04: Set up password for the all future instance or session:
Issue "set password" and "save_config" command if want it applicable for all the future instance or session. Issuing "save_config" command you save the configuration file after setting the password otherwise it will be lost.

LSNRCTL> set password
Password:
The command completed successfully
LSNRCTL> save_config
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
Saved LISTENER configuration parameters.
Listener Parameter File   E:\oracle\product\10.2.0\db_2\network\admin\listener.ora
Old Parameter File   E:\oracle\product\10.2.0\db_2\network\admin\listener.bak
The command completed successfully

After you set password using lsnrctl utility if you open listener.ora file you will see a new entry like below which is an encrypt one.
#----ADDED BY TNSLSNR 27-MAR-2010 11:37:15---
PASSWORDS_LISTENER = 44A81038BB249678
#--------------------------------------------

C. Using GUI such as Oracle Net Manager or Enterprise Manager.
Invoke netca or using Eneterprise Manager you can add listener password as directed by graphical window.

Related Documents
ORA-12518: TNS:listener could not hand off client connection
The listener supports no services
lsnrctl start fails with TNS-12541, TNS-12560,TNS-00511, Linux Error: 111:
Listener Hangs, Child listener process remains persistence
EM Daemon is not running
ORA-12541: TNS:no listener
ORA-12514: TNS:listener does not currently know of service requested in connect descriptor
Login to Dbconsole, Authentication failed!null Returned
How to Enable Listener Logging and Tracing
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)