# copyright (c) 1996 by the Oracle Corporation # # NAME # sqlnet.ora # FUNCTION # Oracle Network Client startup parameter file example # NOTES # This file contains examples and instructions for defining all # Oracle Network Client parameters. It should be possible to read # this file and setup a Client by uncommenting parameter definitions # and substituting values. The comments should provide enough # explanation to enable a reasonable user to manage his TNS connections # without having to resort to 'real' documentation. # SECTIONS # ONames Client # Namesctl # Native Naming Adpaters # ... # MODIFIED # skanjila 06/06/97 - Correct default for Automatic_IPC # eminer 05/15/97 - Add the relevant onrsd parameters. # asriniva 04/23/97 - Merge with version from doc # ggilchri 03/31/97 - mods # bvasudev 02/07/97 - Change sqlnet.authentication_services documentation # bvasudev 11/25/96 - Merge sqlnet.ora transport related parameters # asriniva 11/12/96 - Revise with new OSS parameters. # asriniva 11/05/96 - Add ANO parameters. # ____________________________________________________________________ # - ONames Client ---------------------------------------------------- # #names.default_domain = world # #Syntax: domain-name #Default: NULL # # Indicates the domain from which the client most often requests names. When # this parameter is set the default domain name (for example, US.ACME), the # domain name will be automatically appended to any unqualified name in an # ONAmes request (query, register, deregister, etc). Any name which contains # an unescaped dot ('.') will not have the default domain appended. Simple # names may be qualified with a trailing dot (for example 'rootserver.'). # # #names.initial_retry_timeout = 30 # #Syntax: 1-600 seconds #Default: 15 (OSD) # # Determines how long a client will wait for a response from a Names Server # before reiterating the request to the next server in the preferred_servers # list. # # #names.max_open_connections = 3 # #Syntax: 3-64 #Default: ADDRS in preferred_servers # # Determines how many connections an ONames client may have open at one time. # Clients will ordinarily keep connections to servers open once they are # established until the operation (or session in namesctl) is complete. A # connection will be opened whenever needed, and if the maximum would be # exceeded the least recently used connection will be closed. # # #names.message_pool_start_size = 10 # #Syntax: 3-256 #Default: 10 # # Determines the initial number of messages allocated in the client's message # pool. This pool provides the client with pre-allocated messages to be used # for requests to ONames servers. Messages which are in the pool and unused # may be reused. If a message is needed and no free messages are available in # the pool more will be allocated. # # #names.preferred_servers = (address_list = # (address=(protocol=ipc)(key=n23)) # (address=(protocol=tcp)(host=nineva)(port=1383)) # (address=(protocol=tcp)(host=cicada)(port=1575)) # ) # #Syntax: ADDR_LIST #Default: Well-Known (OSD) # # Specifies a list of ONames servers in the client's region; requests will be # sent to each ADDRESS in the list until a response is recieved, or the list # (and number of retries) is exhausted. # # Addresses of the following form specify that messages to the ONames server # should use Oracle Remote Operations (RPC): # # (description = # (address=(protocol=tcp)(host=nineva)(port=1383)) # (connect_data=(rpc=on)) # ) # # # #names.request_retries = 2 # #Syntax: 1-5 #Default: 1 # # Specifies the number of times the client should try each server in the list # of preferred_servers before allowing the operation to fail. # # #names.directory_path # #Syntax: #Default: TNSNAMES,ONAMES,HOSTNAME # # Sets the (ordered) list of naming adaptors to use in resolving a name. # The default is as shown for 3.0.2 of sqlnet onwards. The default was # (TNSNAMES, ONAMES) before that. The value can be presented without # parentheses if only a single entry is being specified. The parameter is # recognized from version 2.3.2 of sqlnet onward. Acceptable values include: # TNSNAMES -- tnsnames.ora lookup # ONAMES -- Oracle Names # HOSTNAME -- use the hostname (or an alias of the hostname) # NIS -- NIS (also known as "yp") # CDS -- OSF DCE's Cell Directory Service # NDS -- Novell's Netware Directory Service # # - Client Cache (ONRSD) --------------------------------------------- names.addresses = (ADDRESS=(PROTOCOL=IPC)(KEY=ONAMES)) Syntax: ADDR Default: (ADDRESS=(PROTOCOL=IPC)(KEY=ONAMES)) Address on which the client cache listens (is available to clients). Any valid TNS address is allowed. The default should be used if at all possible; clients have this entry hardwired as the first line of their server-list file (sdns.ora). If the address is set to a non-default value the client's preferred_servers parameter should be set to include the client-cache address first. names.authority_required = False Syntax: T/F Default: False Determines whether system querys (for the root etc) require Authoritative answers. names.auto_refresh_expire = 259200 Syntax: Number of seconds, 60-1209600 Default: 259200 This is the amount of time (in seconds) the server will cache the addresses of servers listed in server-list file (sdns.ora). When this time expires the server will issue another query to the servers in those regions to refresh the data. names.auto_refresh_retry = 180 Syntax: Number of seconds, 60-3600 Default: sec. 180 This set how often the server will retry when the auto_refresh query fails. names.cache_checkpoint_file = cache.ckp Syntax: filename Default: $ORACLE_HOME/network/names/ckpcch.ora Specifies the name of the operating system file to which the Names Server writes its foreign data cache. names.cache_checkpoint_interval = 7200 Syntax: Number of seconds, 10-259200 Default: 0 (off) Indicates the interval at which a Names Server writes a checkpoint of its data cache to the checkpoint file. names.default_forwarders= (FORWARDER_LIST= (FORWARDER= (NAME= rootserv1.world) (ADDRESS=(PROTOCOL=tcp)(PORT=42100)(HOST=roothost)))) Syntax: Name-Value/address_list Default: NULL A list (in NV form) of the addresses of other servers which should be used to forward querys while in default_forwarder (slave) mode. NAME is the global names for the server to which forwards whould be directed, and ADDRESS is its address. names.default_forwarders_only = True Syntax: T/F Default: False When set to true this server will use the servers listed in default_forwarders to forward all operations which involve data in foreign regions. Otherwise it will use the servers defined in the server-list file (sdns.ora) in addition to any defined in the default_forwarders parameter. names.log_directory = /oracle/network/log Syntax: directory Default: $ORACLE_HOME/network/log Indicates the name of the directory where the log file for Names Server operational events are written. names.log_file = names.log Syntax: filename Default: names.log The name of the output file to which Names Server operational events are written. names.log_stats_interval = 3600 Syntax: Number of seconds, 10-ub4max Default: sec. 0 (off) Specifies the number of seconds between statistical entries in log file. names.log_unique = False Syntax: T/F Default: False If set to true the server will guarantee that the log file will have a unique name which will not overwrite any existing files (note that log files are appended to, so log information will not be lost if log_unique is not true). names.max_open_connections = 10 Syntax: 3-64 Default: 10 Specifies the number of connections that the Names Server can have open at any given time. The value is generated as the value 10 or the sum of one connection for listening, five for clients, plus one for each foreign domain defined in the local administrative region, whichever is greater. Any operation which requires the server to open a network connection will use an already open connection if it is available, or will open a connection if not. Higher settings will save time and cost network resources; lower settings save network resources, cost time. names.max_reforwards = 2 Syntax: 1-15 Default: 2 The maximum number of times the server will attempt to forward a certain operation. names.message_pool_start_size = 24 Syntax: 3-256 Default: 10 Determines the initial number of messages allocated in the server's message pool. This pool provides the server with pre-allocated messages to be used for incoming or outgoing messages (forwards). Messages which are in the pool and unused may be reused. If a message is needed and no free messages are available in the pool more will be allocated. names.no_modify_requests = False Syntax: T/F Default: False If set to true, the server will refuse any operations which modify the data in its region (it will still save foreign info in the cache which is returned from foreign querys). names.password = 625926683431AA55 Syntax: encrypted string Default: NULL If set the server will require that the user provide a password in his namesctl session (either with sqlnet.ora:namesctl.server_password or 'set password') in order to do 'sensitive' operations, like stop, restart, reload. This parameter is generally set in encrypted form, so it can not be set manually. names.reset_stats_interval = 3600 Syntax: 10-ub4max Default: 0 (off) Specifies the number of seconds during which the statistics collected by the Names Servers should accumulate. At the frequency specified, they are reset to zero. The default value of 0 means never reset statistics. names.trace_directory = /oracle/network/trace Syntax: directory Default: $ORACLE_HOME/network/trace Indicates the name of the directory to which trace files from a Names Server trace session are written. names.trace_file = names.trc Syntax: filename Default: names.trc Indicates the name of the output file from a Names Server trace session. names.trace_func # NA Syntax: T/F Default: False Internal mechanism to control tracing by function name. names.trace_level = ADMIN Syntax: T/F Default: False Syntax: {OFF,USER,ADMIN,0-16} Default: OFF (0) Indicates the level at which the Names Server is to be traced. Available Values: 0 or OFF - No trace output 4 or USER - User trace information 10 or ADMIN - Administration trace information 16 or SUPPORT - WorldWide Customer Support trace information names.trace_mask = (200,201,202,203,205,206,207) Syntax: list of numbers Default: NULL Internal mechanism to control trace behavior. names.trace_unique = True Syntax: T/F Default: False Indicates whether each trace file has a unique name, allowing multiple trace files to coexist. If the value is set to ON, a process identifier is appended to the name of each trace file generated. # - Namesctl --------------------------------------------------------- # #namesctl.trace_directory = /oracle/network/trace # #Syntax: directory #Default: $ON/trace # # Indicates the name of the directory to which trace files from a namesctl # trace session are written. # # #namesctl.trace_file = namesctl.trc # #Syntax: filename #Default: namesctl.trc # # Indicates the name of the output file from a namesctl trace session. # # #namesctl.trace_func # NA # #Syntax: word list #Default: NULL # # Internal mechanism to control tracing by function name. # # #namesctl.trace_level = ADMIN # #Syntax: {OFF,USER,ADMIN,0-16} #Default: OFF (0) # # Indicates the level at which the namesctl is to be traced. # Available Values: # 0 or OFF - No trace output # 4 or USER - User trace information # 10 or ADMIN - Administration trace information # 16 or SUPPORT - WorldWide Customer Support trace information # # #namesctl.trace_mask # NA # #Syntax: number list #Default: NULL # # Internal mechanism to control trace behavior. # # #namesctl.trace_unique = True # #Syntax: T/F #Default: False # # Indicates whether each trace file has a unique name, allowing multiple trace # files to coexist. If the value is set to ON, a process identifier is appended # to the name of each trace file generated. # # #namesctl.no_initial_server = False # #Syntax: T/F #Default: False # # If set to TRUE namesctl will suppress any error messages when namesctl is # unable to connect to a default names server. # # #namesctl.internal_use = True # #Syntax: T/F #Default: False # # If set to true namesctl will enable a set of internal undocumented commands. # All internal commands are preceded by an underscore ('_') in order to # distinguish them as internal. Without going into details, the commands # enabled are: # # _add_data _create_name _delete_name # _full_status _ireplace_data _newttl_name # _pause _remove_data _rename_name # _replace_data _start _walk* # # There are also a set of names server variables which may be set when # namesctl is in internal mode: # # _authority_required _auto_refresh* # _cache_checkpoint_interval _cache_dump # _default_autorefresh_expire _default_autorefresh_retry # _default_forwarders_only _forwarding_desired # _max_reforwards _modify_ops_enabled # _next_cache_checkpoint _next_cache_flush # _next_stat_log _next_stat_reset # _reload _request_delay # _restart _shutdown # # #namesctl.noconfirm = True # #Syntax: T/F #Default: False # # When set to TRUE namesctl will suppress the confirmation prompt when # sensitive operations (stop, restart, reload) are requested. This is # quite helpful when using namesctl scripts. # # #namesctl.server_password = mangler # #Syntax: string #Default: NULL # # Automatically sets the password for the names server in order to perform # sensitive operations (stop, restart, reload). The password may also be # set manually during a namesctl session using 'set password'. # # #namesctl.internal_encrypt_password = False # #Syntax: T/F #Default: True # # When set to TRUE namesctl will not encrypt the password when it is sent to # the names server. This would enable an unencrypted password to be set in # names.ora:names.server_password # # - Native Naming Adpaters ------------------------------------------- # #names.dce.prefix = /.:/subsys/oracle/names # #Syntax: DCE cell name #Default: /.:/subsys/oracle/names # #Specifies the DCE cell (prefix) to use for name lookup. # # #names.nds.name_context = personnel.acme # #Syntax: NDS name #Default: (OSD?) # # Specifies the default NDS name context in which to look for the name to # be resolved. # # #names.nis.meta_map # NA # # Syntax: filename # Default: sqlnet.maps # # Specifies the file to be used to map NIS attributes to an NIS mapname. # Currently unused. # - Advanced Networking Option Authentication Adapters ---------------- #sqlnet.authentication_services # # Syntax: A single value or a list from {beq, none, all, kerberos5, # cybersafe, securid, identitx} # Default: NONE # # Enables one or more authentication services. To enable # authentication via the Oracle Security Server, use (beq, oss). If # the Advanced Networking Option has been installed with Kerberos5 # support, using (beq, kerberos5) would enable authentication via # Kerberos. # #sqlnet.authentication_services=(beq, oss) ## ## Parmeters used with Kerberos adapter. ## #sqlnet.kerberos5_cc_name # # Syntax: Any valid pathname. # Default: /tmp/krb5cc_ # # The Kerberos credential cache pathname. # #sqlnet.kerberos5_cc_name=/tmp/mycc #sqlnet.kerberos5_clockskew # # Syntax: Any positive integer. # Default: 300 # # The acceptable difference in the number of seconds between when a # credential was sent and when it was received. # #sqlnet.kerberos5_clockskew=600 #sqlnet.kerberos5_conf # # Syntax: Any valid pathname. # Default: /krb5/krb.conf # # The Kerberos configuration pathname. # #sqlnet.kerberos5_conf=/tmp/mykrb.conf #sqlnet.kerberos5_realms # # Syntax: Any valid pathname # Default: /krb5/krb.realms # # The Kerberos host name to realm translation file. # #sqlnet.kerberos5_realms=/tmp/mykrb.realms #sqlnet.kerberos5_keytab # # Syntax: Any valid pathname. # Default: /etc/v5srvtab # # The Kerberos secret key file. # #sqlnet.kerberos5_keytab=/tmp/myv5srvtab #sqlnet.authentication_kerberos5_service # # Syntax: Any string. # Default: A default is not provided. # # The Kerberos service name. # #sqlnet.authentication_kerberos5_service=acme ## ## Parmeters used with CyberSAFE adapter. ## #sqlnet.authentication_gssapi_service # # Syntax: A correctly formatted service principal string. # Default: A default is not provided. # # The CyberSAFE service principal # #sqlnet.authentication_gssapi_service=acme/asriniva.us.oracle.com@US.ORACLE.COM ## ## Parmeters used with Identix adapter. ## #sqlnet.identix_fingerprint_method # # Syntax: Must be oracle. # Default: A default is not provided. # # The Identix authentication server method # #sqlnet.identix_fingerprint_method=oracle #sqlnet.identix_fingerprint_database # # Syntax: Any string. # Default: A default is not provided. # # The Identix authentication server TNS alias # #sqlnet.identix_fingerprint_database=ofm #sqlnet.identix_fingerprint_database_user # # Syntax: Any string # Default: A default is not provided. # # The Identix authentication service well known username. # #sqlnet.identix_fingerprint_database_user=ofm_client #sqlnet.identix_fingerprint_database_password # # Syntax: Any string # Default: A default is not provided. # # The Identix authentication service well known password. # #sqlnet.identix_fingerprint_database_password=ofm_client # - Advanced Networking Option Network Security ------------------------- #sqlnet.crypto_checksum_client #sqlnet.crypto_checksum_server #sqlnet.encryption_client #sqlnet.encryption_server # # These four parameters are used to specify whether a service (e.g. # crypto-checksumming or encryption) should be active: # # Each of the above parameters defaults to ACCEPTED. # # Each of the above parameters can have one of four possible values: # # value meaning # # ACCEPTED The service will be active if the other side of the # connection specifies "REQUESTED" or REQUIRED" and # there is a compatible algorithm available on the other # side; it will be inactive otherwise. # # REJECTED The service must not be active, and the connection # will fail if the other side specifies "REQUIRED". # # REQUESTED The service will be active if the other side specifies # "ACCEPTED", "REQUESTED", or "REQUIRED" and there is a # compatible algorithm available on the other side; it # will be inactive otherwise. # # REQUIRED The service must be active, and the connection will # fail if the other side specifies "REJECTED" or if there # is no compatible algorithm on the other side. # #sqlnet.crypto_checksum_types_client #sqlnet.crypto_checksum_types_server #sqlnet.encryption_types_client #sqlnet.encryption_types_server # # These parameters control which algorithms will be made available for # each service on each end of a connection: # # The value of each of these parameters can be either a parenthesized # list of algorithm names separated by commas or a single algorithm # name. # # Encryption types can be: RC4_40, RC4_56, RC4_128, DES, DES40 # # Encryption defaults to all the algorithms. # # Crypto checksum types can be: MD5 # # Crypto checksum defaults to MD5. # #sqlnet.crypto_seed ="4fhfguweotcadsfdsafjkdsfqp5f201p45mxskdlfdasf" #sqlnet.crypto_checksum_server = required #sqlnet.encryption_server = required # - Oracle Security Server --------------------------------------------- #oss.source.my_wallet # # Syntax: A properly formatted NLNV list. # Default: Platform specific. Unix: $HOME/oracle/oss # # The method for retrieving and storing my identity. # #oss.source.my_wallet # =(source # =(method=file) # (method_data=/dve/asriniva/oss/wallet) # ) #oss.source.location # # Syntax: A properly formatted NLNV list. # Default: Oracle method, oracle_security_service/oracle_security_service@oss # # The method for retrieving encrypted private keys. # #oss.source.location # =(source # =(method=oracle) # (method_data= # (sqlnet_address=andreoss) # ) # ) # - Sqlnet(v2.x) and Net3.0 Client ------------------------------------------ # # In the following descriptions, the term "client program" could mean # either sqlplus, svrmgrl or any other OCI programs written by users # ########################### #trace_level_client = ADMIN ########################### # #Possible values: {OFF,USER,ADMIN,0-16} #Default: OFF (0) # #Purpose: Indicates the level at which the client program # is to be traced. # Available Values: # 0 or OFF - No Trace output # 4 or USER - User trace information # 10 or ADMIN - Administration trace information # 16 or SUPPORT - Worldwide Customer Support trace information # #Supported since: v2.0 # ############################################### #trace_directory_client = /oracle/network/trace ############################################### # #Possible values: Any valid directory path with write permission #Default: $ORACLE_HOME/network/trace ($ORACLE_HOME=/oracle at customer # site) # #Purpose: Indicates the name of the directory to which trace files from # the client execution are written. # #Supported since: v2.0 # ################################################### #trace_file_client = /oracle/network/trace/cli.trc ################################################### # #Possible values: Any valid file name #Default: $ORACLE_HOME/network/trace/cli.trc ($ORACLE_HOME = # /oracle at customer site) # #Purpose: Indicates the name of the file to which the execution trace # of the client is written to. # #Supported since: v2.0 # ########################### #trace_unique_client = ON ########################### # #Possible values: {ON, OFF} #Default: OFF # #Purpose: Used to make each client trace file have a unique name to # prevent each trace file from being overwritten by successive # runs of the client program # #Supported since: v2.0 # ########################################### #log_directory_client = /oracle/network/log ########################################### # #Possible values: Any valid directory pathname #Default: $ORACLE_HOME/network/log ($ORACLE_HOME = /oracle at customer # site) # #Purpose: Indicates the name of the directory to which the client log file # is written to. # # #Supported since: v2.0 # ################ #log_file_client = /oracle/network/log/sqlnet.log ################ # #Possible values: This is a default value, u cannot change this #Default: $ORACLE_HOME/network/log/sqlnet.log ($ORACLE_HOME=/oracle in # customer site) # #Purpose: Indicates the name of the log file from a client program # #Supported since: v2.0 # ############################################# #log_directory_server = /oracle/network/trace ############################################# # #Possible values: Any valid diretcory path with write permission #Default: $ORACLE_HOME/network/trace ( $ORACLE_HOME=/oracle at customer # site) # #Purpose: Indicates the name of the directory to which log files from the # server are written # #Supported since: v2.0 # ############################################### #trace_directory_server = /oracle/network/trace ############################################### # #Possible values: Any valid directory path with write permission #Default: $ORACLE_HOME/network_trace ( $ORACLE_HOME=/oracle at customer # site) # #Purpose: Indicates the name of the directory to which trace files from # the server are written # #Supported since: v2.0 # ####################################################### #trace_file_server = /orace/network/trace/svr_.trc ####################################################### # #Possible values: Any valid filename #Default: $ORACLE_HOME/network/trace/svr_.trc where ####################################### # #Possible values: #Default: OFF # #Purpose: Sets a unique identifier for the client machine. This # identifier is then passed to the listener with any connection # request and will be included in the Audit Trail. The identifier # can be any alphanumeric string up to 128 characters long. # #Supported since: v2.3.2 # ###################### #bequeath_detach = YES ###################### # #Possible values: {YES,NO} #Default: NO # #Purpose: Turns off signal handling on UNIX systems. If signal handling # were not turned off and if client programs written by users make # use of signal handling they could interfere with Sqlnet/Net3. # #Supported since: v2.3.3 # #################### #automatic_ipc = OFF #################### # #Possible values: {ON,OFF} #Default: OFF # #Purpose: Force a session to use or not to use IPC addresses on the # client's node. # #Supported since: v2.0 # #################### #disable_oob = ON #################### # #Possible values: {ON,OFF} #Default: OFF # #Purpose: If the underlying transport protocol (TCP, DECnet,...) does # not support Out-of-band breaks, then disable out-of-band # breaks # #Supported since: v2.0 #