Currently I am changing passwords in several hundred databases, not that uncommon of a task for any DBA. Unfortunately it is time to rotate the dbsnmp password. Usually I would log into OEM after changing the password and manually update the password in the monitoring configuration for each and every database. This is fine if there are only a few passwords, but a huge pain when you are dealing with hundreds. The documentation oracle provides isn’t completely clear [1592390.1], at least it wasn’t to me at first.
First I would connect to the database as the sys user and change the password for dbsnmp
alter user dbsnmp identified by MyFancyPassword;
Then you connect to EM through emcli and update the monitoring credentials. For this post lets assume my Oracle RAC cluster has the name “MyRAC” which contains two nodes “MyRAC1” and “MyRAC2”. We don’t really need to know the individual instance names since the dbsnmp user is shared between both nodes.
Connect to the repository
$ emcli login -username=sysman Enter password : Login successful oracle@dcaxoem1:/home/oracle $ emcli sync Synchronized successfully
Now you can change the password via emcli
emcli set_monitoring_credential -target_type="rac_database" -target_name="MyRAC" -set_name="DBCredsMonitoring" -cred_type="DBCreds" -attributes="DBUserName:dbsnmp;DBPassword:MyFancyPassword;DBRole:Normal"
Where I ran into trouble was the last argument, if you look at the monitoring configuration page for a database, it becomes clear what is being asked for
The role is the same role you would select on the monitoring setup page, Normal or SYSDBA.
The syntax is slightly different if you are doing a single instance, but basically the same idea
emcli set_monitoring_credential -target_type=oracle_database -target_name="ora1" -set_name="DBMonCred" -cred_type="DBCreds" -attributes=”DBUserName:dbsnmp;DBPassword:MyFancyPassword;DBRole:Noraml”
So I am going to modify the change password proceedure to spool out these commands and just run them against OEM when I have completed changing the passwords on the databases.
Recent Comments