Oracle RMAN-invoked backup and restore operations, also known as third-party jobs, do not have authentication enabled by default. To enable authentication you must set the Enable3rdPartyJobsFromQCommand global parameter to 1. The default value is 0, which means there is no authentication. If this global parameter is set to 1, RMAN jobs must specify the path to the qlogin user token file by means of the RMAN --cv-token-file parameter. For more information about required and optional agentless parameters for RMAN jobs, see Oracle Agentless SBT Parameters for RMAN Jobs.
Procedure
-
Log on to the backup host with a user ID that has privileges to execute backup and restore operations on the Oracle instance.
-
Type the following commands to create the qlogin user token file.
cd /opt/commvault/Base ./qlogin -u <user> -gt > <qlogin_token_path> <userpassword>
The backup administrator must copy the qlogin user token file to the database server and it must be accessible to the Oracle administrator responsible for Oracle backup and restore operations. To prevent unauthorized access to the file, file permissions for the qlogin user token file should be limited to the Oracle administrator. For more information on authentication, see Enabling CommCell Console Authentication of Third Party Command Line Jobs.
For an example of the use of the --cv-token-file parameter in an RMAN script, see RMAN Example: Performing an In-Place Restore.