Generating a qlogin User Token File
Oracle RMAN-invoked backup and restore operations, also known as third party jobs, do not have authentication enabled by default. To enable authentication you must set the
Enable3rdPartyJobsFromQCommand global parameter to 1 (default value is 0 - no authentication). If this global parameter is set, RMAN jobs must specify the path to the qlogin user token file by means of the RMAN
--cv-token-file parameter. For more information on required and optional agentless parameters for RMAN jobs, see SBT Parameters for RMAN Jobs.
The qlogin user token file must be generated on the backup host:
- Log on to the backup host with a user ID that has privileges to execute backup and restore operations on the Oracle instance.
- Type the following commands to create the qlogin user token file.
./qlogin -u <user> -gt > <qlogin_token_path>
The backup administrator must copy the qlogin user token file to the database server and it should be accessible to the Oracle administrator responsible for Oracle backup and restore operations. RMAN scripts or RMAN commands must pass the path to this file as shown in the example below. File permissions for the qlogin user token file should be limited to the Oracle administrator to prevent unauthorized access to the file. For more information on authentication, see Enabling CommCell Console Authentication of Third Party Command Line Jobs.
The following RMAN script shows an example that specifies the qlogin user token file by means of the
allocate channel ch1 type sbt
allocate channel ch2 type sbt
send " --cv-host <backup_host> --cv-clientname <client_server> --cv-logfile <Oracle_plugin_log_file_location> --cv-token-file <token_path>";
Last modified: 1/19/2019 6:38:24 PM