Saturday, August 17, 2013

ORA-16191: Primary log shipping client not logged on standby

Changing SYS password of PRIMARY database when STANDBY in place to avoid ORA-16191
Refrence DOC ID 806703.1

Applies to:

Oracle Server - Enterprise Edition - Version: 9.2.0.8 to 11.1.0.7 - Release: 9.2 to 11.1
Information in this document applies to any platform.

Goal

What are the steps to change the SYS password in PRIMARY when STANDBY database in place to avoid ORA-16191 -Primary log shipping client not logged on standby

Solution


INSTRUCTIONS
Its advisable to follow the steps below when you are planning to change the SYS password in PRIMARY

Step 1: Defer the remote archival destination (log_archive_dest_state_n) parameter in primary. In case of RAC defer LOG_ARCHIVE_DEST_STATE_n in all nodes.
Step 2: change the password in primary
Step 3: Recreate or copy the password file in standby. In case of RAC shutdown all instance of standby before recreating the password file.
Step 4: Enable the remote archival destination (log_archive_dest_state_n) parameter in primary


If the password is already changed, and you are getting ORA-16191 during log shipping then follow the below action.

Action: Copy the password file from PRIMARY to STANDBY (OR) recreate the password file in standby with the same password.


For 9i database
By default the redo is shipped via SYS user, Its not mandatory to have the SYS password to be identical in PRIMARY and STANDBY for 9i dataguard configuration.

For 10g database

a) Every database in a Data Guard configuration must use a password file, and the password for the SYS user must be identical on every system for redo data transmission to succeed.

b) REMOTE_LOGIN_PASSWORDFILE parameter setting should be either EXCLUSIVE or SHARED.


For 11g database With 11.0, we are using strong password authentication by default, and so the password file has to be identical at primary and physical, so it needs to be copied - i.e orapwd using the same password for SYS does not work anymore, unless you choose to bypass the strong authentication framework.

Turn off case sensitivity by changing the init.ora parameter
SEC_CASE_SENSITIVE_LOGON=FALSE
Create password files on both servers using the same password, and pass "ignorecase=Y" to orapwd utility.
Also, starting from 11g The REDO_TRANSPORT_USER database initialization parameter can be used to select a different user password for redo transport authentication by setting this parameter to the name of any user who has been granted the SYSOPER privilege. The REDO_TRANSPORT_USER parameter be set to the same value on the redo source database and at each redo transport destination.