Oracle: Finding Terminal RDP Client Name - oracle

To understand the question, consider this scenario. Two employees log in to an Application server via Windows Remote Desktop Client. Both use the same username e.g., Salesmen. From the Application Server, they launch the ERP application that connects to a Database (located in the Database Server).
Now, if we want to record a log of some of the activities made by each individual salesmen, we can't use SYS_CONTEXT('USERENV','OS_USER') in Oracle because it will return the same OS name i.e., Salesmen.
What I am looking for is to know the Terminal RDP Client Name, who has logged in as "Salesmen" into the Application Server. I tried dbms_system.get_env to get %CLIENTNAME% environment variable but it is also of no use as it is returning null. Is there any other way of identifying who is remotely logged in to the Server having Oracle Client..

Related

How to connect to an Oracle database through VS Code using an SID instead of Service Name?

I'm trying to see if I can use VS Code to connect to the Oracle databases we use at my job. I installed the Oracle Developer tools extension for VS Code, but when I click to add a connection it is required that I use a service name.
VS Code Oracle Connection Form
Does anyone know of a way I can use SID instead of a Service Name? All of our connections use SID.
I've tried the different options for connection type, however they all ask for fields that are not required of me to connect to the db. I've also used the SID as the Service Name, but was still unsuccessful in connecting.
All of our connections use SID.
is something you should be looking at addressing as a side project. Services over SID became recommended in Oracle 8i (yeah you read that right...20 years ago)
But every database has an implicit service name equivalent to the SID so just entering the SID value should still get you connected without issue.
Of course, now that we're in the world of pluggable databases, this will pretty much force your organisation to move to services, because the SID is typically going to point to the root container whereas you will want to connect to the pluggable(s) that sit underneath it.

How can I run my project on client pc without installing SQL server on client pc

I have developed a c# windows application which uses SQL server 2012 database in Visual Studio 2015 which is running well on my pc.
I am to install this application on a number of computers without SQL server installed on it, but when I run the application, its gives me database connection error.
My question is, how can I create the setup file to be able to run the app on those clients pc without installing SQL server on all those computers. Please I need your help.
Thank you.
Am Emmanuel.
Use an Azure database and have the clients connect to that.
Have a look at https://azure.microsoft.com/en-us/services/sql-database/
Alter your application connection string and make sure you keep the connection string secret.
Server=tcp:myserver.database.windows.net,1433;Database=myDataBase;User ID=mylogin#myserver;Password=myPassword;Trusted_Connection=False;Encrypt=True;MultipleActiveResultSets=True;
An important fact is that the clients need to allow communication via port 1433.
If this is not an option create an API application and query the database via that.
If you need a private database per client you can use a database file and connect to the file
https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/sql-server-express-localdb?view=sql-server-ver15
Update based on reply
You can create a pop-up on the application allowing the users to add valid settings and credentials when your appsettings.json is blank or "a test connect" to the database fails.

Allow user to access SQL using ado.net windows authentication but restrict them using SSMS

We have a windows application which allow users to connect to SQL using windows authentication.
The problem is the users of that application also have SSMS installed on their desktops so they can also connect to prod db using windows authentication.
Is there any way wherein we can restrict users from accessing prod db using windows authentication on SSMS but they should be able to access windows application from their local system using windows authentication?
If I understand your scenario correctly:
You have an internal local database on Server 'A'
You also have a production database on Server 'A'
Using your custom windows application, users can only see the local non-production databases
However, using SSMS users can see both production and local databases on Server 'A', and you would like only authorized users to be able to see production databases.
If this is the case, what you want to do in SSMS is revoke database view rights to all production databases unless the user is a sysadmin or owner of the database. Run the following on your server:
USE MASTER
GO
DENY VIEW ANY DATABASE TO PUBLIC
GO
After you run the above statement, you will not be able to see any databases in SSMS unless you are a sysadmin or your login is the owner of a database.
Source:https://www.mssqltips.com/sqlservertip/2995/how-to-hide-sql-server-user-databases-in-sql-server-management-studio/
Maybe you could restrict access to your database objects by using application roles ... Msdn: "You can use application roles to enable access to specific data to only those users who connect through a particular application."

Sent Email process not working

I have a question about my application built in Oracle APEX 4.2. This application has a process to send emails (when a user changes his password or requests a password reset).
When I run this application online on my "apex.oracle.com" account, it runs fine. But when I run it on my home computer (running Windows 7), the email process doesn't work. Probably it is because my home server is not an email server.
Can someone please help me so that my home computer is able to send emails via my above mentioned application?
Thanks in advance.
you have several options:
Configure a local SMTP server so it can be use by APEX and send emails.
Connect to a remote server - like Google - and sends emails that way (you have to open a new account and connect with that and also there's some certificate problems, https://arkatec.wordpress.com/2011/08/15/sending-email-using-oracle-database-and-google-mail-service/)
Use htmldb_mail package (I haven't tried this one)
In the first options you need to construct a procedure that does all the work for you.
You can use one of this:
http://www.orafaq.com/wiki/Send_mail_from_PL/SQL
Important: keep in my that you're going to encounter permission issues with the UTL packages (grant execute on UTL_XXX to USER) and algo, if you're are working on 11g you need to create an ACL

Logging into oracle db as a global user

We are trying to shape up an old, 2 tier, Delphi based application. It originally uses database authentication, we'd like to transform the db user accounts to global users, so an OID server could perform the authentication instead of the database.
The Delphi program can no longer log into the database if the account is a global user. I'm trying to understand the login protocol, so far without results.
Similar thing happens with SQLDeveloper, I can't connect as a global user. SQLPlus however works with both kinds of users. We checked the information flow with Wireshark. When the dbserver asks back for a password, the SQLPlus sends it, while the SQLDeveloper doesn't send a password when attempting to connect as a global user.
The client sends the application name too in the login request. Is it possible that we have to store the client app name in the LDAP itself?
To connect to Oracle using OID, application must properly configure OCI (Oracle Call Interface). The data access components (which one ?), you are using, must set OCI_ATTR_DISTINGUISHED_NAME session attribute. If that is not done, then you will be not able to connect to Oracle server using ODI and OCI.
You should check your components documentation for this feature. And if it is not implemented, then discuss this issue with the components vendor. Actually, there is not much work to implement, but some work to setup testing environment is required ...

Resources