I have a MySQL instance on an Amazon EC2 instance. I set up the necessary bind address and can synchronize with it using my local PhpMyAdmin app.
However, any other method of connecting to the remote server fails. This includes MySQLWorkbench, MySQL command line and JDBC.
The only difference I can tell is there is a socket field in PhpMyAdmin that is not configured in any of there others. Any ideas ?
I eventually solved it, though I still don't know what the problem is. Even though PhpMyAdmin was connecting, it didn't do anything.
I followed the article here:
http://www.cyberciti.biz/tips/how-do-i-enable-remote-access-to-mysql-database-server.html
and make a new user with privileges on that database and it connected with the new user. Still doesn't connect with root.
Also, for anyone else stumbling on this you might wanna try the method below. It's more secure.
http://masdel.wordpress.com/2012/06/13/connecting-your-toad-for-mysql-to-amazon-aws-ec2-using-ssh-tunneling/
Related
I have Oracle Linux 8.5 in Oracle Cloud, and have been using the host for several months.
But today I was trying to setup vscode remote ssh and looks like I messed up the ssh key that I use to login to the host. Now I cannot!
I tried to follow this documentation and this thread to fix some commands.
However, that did not help! And in fact now the host having difficulty stopping quickly; rebooting looks fine.
Any ideas on how to correct this issue?! (Was having a lot of fun until this struck :) )
In the OCI console, go to the instance, and click on the "console connection", this will show you 2 options, one is create local connection, which will allow you to upload a new ssh key file. Or you can create a console connection and then update the authorized_keys file with your new id_rsa.pub contents
Console connection did NOT work for me. That's why I went by attaching the volume to another instance. The documentation I followed suggests to mount /dev/sdb3. However that did not work for me. Instead, I mounted /dev/ocivolume/root, and modified the ssh key there, and now works!
After rebooting my Windows Server 2016 Standard (SQL Server 2016) my SSIS process that runs this query:
select * from openquery(HRMPROD, 'SELECT QUERY HERE' )
started failing with this error:
I get the same error if I try to run the query in SSMS. I have the same linked server set up on my test instance and the query is successful when I run it there. I have compared the linked server create script on both instances and it is the same.
Any idea where I should look for what is causing the connection issue on the one server but not the other?
Thank you.
Saying the answer is on the Oracle side is just like pointing fingers across the way. Let's just fix the issue here.
There is a connection string that is used from SSIS, (which you also used in SSMS) The connection string contains three main components to connect and would result in the 12154 error if any of them were incorrect:
Host
Instance name (different than Instance on Sql Server, think database name)
port
The port most likely hasn't change, neither has the database name, but the host...No, hasn't changed, but the DNS server used to connect most likely has! I would ping the host and see what returns from the SSIS and your SSMS host that you're using. I would expect it to fail. Find out what IP address the host is using and ping that - see if it returns. I'm guessing that's the change that needs to be updated or your Network folks need to fix a DNS configuration/server issue.
Hope this helps!
Kellyn
Since you are getting a response from the TNS Listener, the problem lies on the Oracle side. See Architecture of Oracle Network Services for an overview of how the Oracle networking handles things. Keep in mind that based on the error message you've reached the TNS Listener, so you only need to check things between TNS and the Oracle database... In other words, your networking and SQL Server settings are fine or you wouldn't be able to get this error message.
I would agree with above that the issue might have to do with the network. I have come across that a few times, where we can set everything up, but a firewall is blocking communication between the two servers.
Open up powershell on the new server and run a tracert to the target to see the hops and identify if is connecting across the network.
If it is, then run a test-netconnect on the specific port, to see if the port is open from the firewalls.
Cheers!
I have created a Google Cloud Project MySQL database to use in conjunction with the Jdbc service provided by Google Apps Script. Everything went as planned with the connection. I am basically connecting as it does in the docs.
var conn = Jdbc.getCloudSqlConnection(dbUrl, user, userPwd);
I shared the file with another account and all of a sudden I am seeing a red error saying:
'Failed to establish a database connection. Check connection string, username and password.'
Nothing changed in the code, but there is an error. When I go back to my original account and run the same bit of code, there is no error. What is happening here? Any ideas?
Jdbc.getConnection works from both: my account and another account:
var conn = Jdbc.getConnection('jdbc:mysql://' + IP + ':3306/' + database_name, user, password)
I'm really confused because the recommended method did not work.
There are two ways of establishing a connection with a Google Cloud
SQL database using Apps Script's JDBC service:
(Recommended) Connecting using Jdbc.getCloudSqlConnection(url)
Connecting using Jdbc.getConnection(url)
Notes:
IP is a Public IP address from the OVERVIEW tab in your database console:
I've allowed any host when created a user:
I am not sure whether this question has been resolved or not, but let me add this answer.
I also faced the same problem but I found the resolution. What I did is:
First, go to the console.
https://console.cloud.google.com
Then, open IAM.
and add the account as a member and add this permission: "Cloud SQL Client".
I think this is a permission issue in your second account. Necessary information are missing in your question. But, the secound account, if run as a another user, won't necessarily have your sqlservice authorization. The permission,
https://www.googleapis.com/auth/sqlservice
Manage the data in your Google SQL Service instances
is required to use Jdbc.getCloudSqlConnection(url), while Jdbc#getConnectionUrl() just requires external link connection permission
https://www.googleapis.com/auth/script.external_request
I believe that you can only connect to sql instances owned by you with getCloudSqlConnection() which doesn't even require external connection permission. This method probably calls your sql instance internally.
References:
Jdbc#getCloudConnection
Jdbc#getConnection
Conclusion
To connect to any external service, you need external_request permission. But, You don't need that permission to connect to your own documents say, Spreadsheets owned by you/have edit access permission - through SpreadsheetApp.openByUrl(). I believe it's the same thing with Jdbc.getCloudSqlConnection(). It calls your Google sql internally - So, even if you grant external request permission, It won't work. What will work for this method is
Installable triggers (which runs as you).
Add the second account also as owner in GCP-IAM (may not work though) See this answer
I'd double-check once again all IP ranges which should be whitelisted. According to your description it worked fine in first account, probably in second account Apps Script uses another IP for connection, which was not whitelisted or whitelisted with some typo. Could you share screenshot how did you exactly whitelist the ranges from this article?
I have a GAS Add-On that uses a Google cloud dB. I initially set this up by:
Whitelisting Google Cloud IP ranges in my SQL instance
Getting the script.external_request scope approved for OAuth Consent screen
This all works great from GAS for the add-on, but I suspect that if this whitelist is not comprehensive and volatile (which I expect it is), I will see intermittent connectivity issues.
I recently added a Firebase web app that needs access to the same dB. I had issues, because Firebase does not conform to those Google IP ranges and does not expose its IP for whitelisting. So I had to create a socket layer connection as if Firebase was an external service.
Which got me thinking, should I put a socket layer in my GAS Add-On? But nothing in the GAS JBDC Class documentation indicates a socket parameter.
Which leads me to a question that was not really answered in this thread:
Does anyone know why Jdbc.getCloudSqlConnection(url) is the "Recommended" approach? The documentation seems to imply that because the IP whitelisting is not required, Jdbc.getCloudSqlConnection(url) is using a socket (or some other secure method) to connect to the dB?
It also seems silly that if that is the case, that I would need two have two sensitive scopes to manage a dB connection. I would rather not go through another OAuth const audit and require my users to accept another scope unless there is a benefit to doing so.
We have an Oracle server set up and are using TCP with SSL as connection. This setup was made with the assistant wizard and we used the default settings pretty much everywhere (which also means that no tnsnames.ora or listener.ora exist). lsnrctl status shows that the correct ports are listening.
We are trying to connect to this database via DBeaver and SQuirrel SQL but cannot get it to work. We have set the vmargs for the programs to contain the certificate of the server (e.g. dbeaver.exe -vmargs -Djavax.net.ssl.trustStore=C:/...keystore.jks -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.trustStoreType=JKS), which works fine.
Connecting to the database with a concrete JDBC URL string (jdbc:oracle:thin:#(DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS)(HOST=IP)(PORT=5500))(CONNECT_DATA=(SERVICE_NAME=testdb)))) does not work and times out after 60 seconds without a proper error (IO Error: Got minus one from a read call). We have tried pretty much everything and cannot get it to work.
The ports are correctly assigned, the database can successfully get accessed with the normal TCP protocol and port 1521.jdbc:oracle:thin:#(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=IP)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=testdb)))
Are we missing steps? There don't seem to be any firewall issues. The certificates seem to be working fine as well, but we cannot connect with any of the programs (or sqlplus via command line).
Anyone know what could be the problem? Thanks!
Can you check out the SSL blog or our OTN page for step-by-step instructions? If you are using TLSv1.2 then the JDK version and JDBC driver versions are very important.
In the end I got it to work. There are various sites online that show you how it's done. I used this one:
https://database.edorex.ch/blog/database-connection-with-a-certificate/
Getting the wallets set up, certificates set up and the user set up in the database were the most important steps. Additionally, I had to separate the server and client machines. The server is now on a VM and it works that way, I couldn't get it to work having both on the same machine.
Some context: I'm setting up an environment to run some Ruby code our Lead wrote to connect to some remote Databases. I'm using Win10 and have WSL installed. I have installed SQL*Plus, docker, and Ruby, and am sure I have installed all the dependent gems (actually at this point I know for a fact its not a ruby problem). I'm using Docker to use a pre-built image of an Oracle Database, and I have populated it with data.
Obfuscated company DB information:
'Broken' DB (TNS no listener)
Username: W-WORK-DEV
Password: password
Host: host1
Port: 999
SID: W-WORK-DB.tech.company
'Working' DB (can connect just fine)
Username: C-OLD-DEV
Password: password
Host: host2
Port: 999
SID: C-OLD-DB.tech.company
Please note the names I have provided here are purely for obfuscation, they do not represent anything about age or even config. They are essentially the same, just different databases on different hosts. Also note this is a corporate company and would have a lot of base infrastructure for their internal network.
The issue I am having is that with the specific database I am working on, I cannot connect to it. I connect to the company intranet via a VPN (I work offsite) and have issues connecting to WORK-DB.tech.company, though I can connect to C-OLD-DB.tech.company. Methods I have tried to connect with:
Oracle SQL Developer
I have inputted all the correct jdbc strings and username / password. Have even asked other people to attempt to connect (at least 3 others). They can all access C-OLD-DB as well as W-WORK-DB. When using this method, I get The network adapter could not establish the connection.
Side note: I'm fairly sure I have connected to the DB just fine in the past, though I can't be certain because I'm fairly new to this team and have only accessed it once, if that.
SQL*Plus via WSL
I installed SQL*Plus because I think Ruby was accessing it in some capacity when running the script. I got to the point where the script was able to connect to my local docker Database, but when it tried to connect to the remote database, it would return TNS: no listener. I attempted this using sqlplus as well and got the same error.
Example:
sqlplus C-OLD-DEV/password#host2:999/C-OLD-DB.tech.company
This command works and connected to the DB jsut fine.
sqlplus W-WORK-DEV/password#host1:999/W-WORK-DB.tech.company
This command gave me TNS: no listener.
During my research I had found mentions about tnsnames.ora, sqlnet.ora, and listener.ora. I have found relevant files around the company intranet and attempted to use them in my own personal environment to no avail (one of the sqlnet.ora files actually stopped me from being able to connect to any) I found mention about a config/database.yml file related to ruby, but our code already has the database information set up and I seem to be getting to the same solution as the script when trying to manually connect via sqlplus.
Here are some relevant environment variables I have set up when doing these installs. I'm thinking that at some point when trying to set up my environment, I messed up some config that changed the way sqldeveloper or sql plus would connect to that database.
$ echo $ORACLE_HOME: /usr/lib/oracle/12.2/client64/
$ echo $TNS_ADMIN: /usr/lib/oracle/12.2/client64/network/admin
$ echo $LD_LIBRARY_PATH: /usr/lib/oracle/12.2/client64/lib
I hope I have provided all the information I have come across and have explained clearly what my issue is, if you have any questions feel free to comment about it so I can clear it up. Thank you for any and all your help.
So my problem ended up being a 'firewall/port' issue. In the end i found out that specific port I was connecting to was blocked, but I thought it was only on my system. Turns out the VPN I'm using was the issue blocking that port. Company has a Primary Data Center and a Secondary one, and apparently the SDC VPN was blocking that port from me. I switched to using the PDC VPN and it worked.
Are you using the 64 bit jdbc drivers?