You are on page 1of 135

Oracle9i: New Features for

Windows Platform
Student Guide

90248GC11
1.1
May 2001
D
Copyright © Oracle Corporation, 2001. All rights reserved.

This documentation contains proprietary information of Oracle Corporation. It is provided under a license
agreement containing restrictions on use and disclosure and is also protected by copyright law. Reverse
engineering of the software is prohibited. If this documentation is delivered to a U.S. Government Agency of the
Department of Defense, then it is delivered with Restricted Rights and the following legend is applicable:

Restricted Rights Legend

Use, duplication or disclosure by the Government is subject to restrictions for commercial computer software
and shall be deemed to be Restricted Rights software under Federal law, as set forth in subparagraph (c)(1)(ii)
of DFARS 252.227-7013, Rights in Technical Data and Computer Software (October 1988).

This material or any portion of it may not be copied in any form or by any means without the express prior
written permission of the Education Products group of Oracle Corporation. Any other copying is a violation of
copyright law and may result in civil and/or criminal penalties.

If this documentation is delivered to a U.S. Government Agency not within the Department of Defense, then it is
delivered with “Restricted Rights,” as defined in FAR 52.227-14, Rights in Data-General, including Alternate III
(June 1987).

The information in this document is subject to change without notice. If you find any problems in the
documentation, please report them in writing to Worldwide Education Services, Oracle Corporation, 500 Oracle
Parkway, Box SB-6, Redwood Shores, CA 94065. Oracle Corporation does not warrant that this document is
error-free.

Oracle and all references to Oracle Products are trademarks or registered trademarks of Oracle Corporation.

All other products or company names are used for identification purposes only, and may be trademarks of their
respective owners.

Author

This book was published using:

Oracle Tutor
Table of Contents

Window Data Access: Oracle Objects for OLE (OO4O) ...................................................1-1


Window Data Access: Oracle Objects for OLE (OO4O) ....................................................1-2
Objectives ............................................................................................................................1-3
Overview of Oracle Objects for OLE ..................................................................................1-4
Software Layers to Use OO4O ............................................................................................1-5
COM Data Access to Oracle................................................................................................1-6
OO4O Advantages Compared with ADO/OLE DB and ODBC........................................1-7
Common Deployments ........................................................................................................1-8
OO4O Features ....................................................................................................................1-9
Additional OO4O Features ..................................................................................................1-10
Basic Code Sample ..............................................................................................................1-12
New Oracle9i Features.........................................................................................................1-13
XML Support Overview ......................................................................................................1-14
XML Code Sample ..............................................................................................................1-15
Oracle Services for MTS Support........................................................................................1-16
Database Events Support .....................................................................................................1-17
Database Events Code Sample ............................................................................................1-18
Full Unicode Support...........................................................................................................1-19
Temporary LOBs Support ...................................................................................................1-20
Summary..............................................................................................................................1-21
Windows Data Access: ADO and the Oracle Provider for OLE DB.................................2-1
Windows Data Access: ADO and the Oracle Provider for OLE DB...................................2-2
Objectives ............................................................................................................................2-3
OLE DB Overview ..............................................................................................................2-4
ADO/OLE DB Access to Oracle .........................................................................................2-5
Common Deployments ........................................................................................................2-6
OraOLEDB Advantages versus other OLE DB Providers .................................................2-7
New and Updated OraOLEDB Features..............................................................................2-8
OraOLEDB Features ...........................................................................................................2-9
Data Source..........................................................................................................................2-10
Connecting to an Oracle Database.......................................................................................2-11
ADO Examples: Connecting to the Oracle DB ...................................................................2-13
Sessions ...............................................................................................................................2-14
Transactions.........................................................................................................................2-15
Commands and Custom Properties......................................................................................2-16
PLSQLRSet Property...........................................................................................................2-17
NDatatype Support ..............................................................................................................2-18
SPPrmsLOB Property..........................................................................................................2-19
Stored Procedures and Functions Returning Rowsets .........................................................2-20
Multiple Rowsets .................................................................................................................2-21
Rowsets................................................................................................................................2-22
JOIN Rowsets ......................................................................................................................2-23
Date Formats........................................................................................................................2-24
LOB Support........................................................................................................................2-25
Unicode Support ..................................................................................................................2-26
Errors ...................................................................................................................................2-27
Tracing and Debugging .......................................................................................................2-28
Summary..............................................................................................................................2-29
Oracle Open Database Connectivity (ODBC) .....................................................................3-1
Oracle Open Database Connectivity (ODBC) ....................................................................3-2
Objectives ............................................................................................................................3-3

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle9i: New Features for Windows Platform Table of Contents


i
ODBC Overview .................................................................................................................3-4
Oracle9i ODBC Driver ........................................................................................................3-5
New ODBC Features Supported..........................................................................................3-6
Oracle Services for MTS Support........................................................................................3-7
Expanded Unicode Support .................................................................................................3-8
ODBC Administration Utility..............................................................................................3-9
ODBC Installation Changes.................................................................................................3-10
Performance Improvements.................................................................................................3-11
Summary..............................................................................................................................3-12
Oracle Services for Microsoft Transaction Server (MTS) .................................................4-1
Oracle Services for Microsoft Transaction Server (MTS) ..................................................4-2
Objectives ............................................................................................................................4-3
MTS Overview ....................................................................................................................4-4
Distributed Transaction Coordinator ...................................................................................4-5
Common Deployment scenarios ..........................................................................................4-7
Oracle9i Availability and Scalability Improvements..........................................................4-10
MTS Integration: Resource Dispenser.................................................................................4-11
Configuring the Oracle Database for MTS..........................................................................4-12
Oracle Services for MTS: MTS-Initiated Transactions .......................................................4-14
Oracle Services for MTS: Resource Manager Proxy Enlistment........................................4-15
Oracle Services for MTS: Completing the MTS transaction ..............................................4-16
Oracle Services for MTS: Application Initiated Transactions ............................................4-17
Oracle Services for MTS: In-doubt Transactions ...............................................................4-18
Real Application Clusters and Fail Safe Support.................................................................4-20
Connection Pooling .............................................................................................................4-21
Summary..............................................................................................................................4-23
Oracle Fail Safe Release 3.2 for Windows Clusters ............................................................5-1
Oracle Fail Safe Release 3.2 for Windows Clusters ............................................................5-2
Objectives ............................................................................................................................5-3
Overview .............................................................................................................................5-4
What is Oracle Fail Safe? ....................................................................................................5-5
Problem: High Cost of Downtime .......................................................................................5-6
Windows Clusters................................................................................................................5-7
Microsoft Cluster Server Basics ..........................................................................................5-8
Oracle Fail Safe Basics ........................................................................................................5-10
Oracle Fail Safe New Features ............................................................................................5-11
Oracle Fail Safe Manager Wizards ......................................................................................5-12
Highly Available Oracle Applications.................................................................................5-13
Economies of Scale with Larger Clusters ............................................................................5-14
More Information.................................................................................................................5-15
Summary..............................................................................................................................5-16
Oracle on Windows Security and Active Directory Features ............................................6-1
Oracle on Windows Security and Active Directory Features .............................................6-2
Objectives ............................................................................................................................6-3
Windows Native Authentication Adapter ............................................................................6-4
Windows Native Authentication Adapter Features.............................................................6-5
Windows Native Authentication Adapter - External Users and Roles ...............................6-6
Windows Native Authentication Adapter - Enterprise Users and Roles.............................6-7
Tools for Enterprise User Security ......................................................................................6-8
Automatically Enabling Windows Native Authentication During Installation....................6-10
Oracle PKI integration with Windows System Registry.....................................................6-11
Advantages of Oracle PKI Integration with Windows System Registry ............................6-12
Using the Oracle PKI Integration with Windows System Registry ....................................6-13
Oracle PKI Integration Configuration Example .................................................................6-14
Oracle Wallet Manager Enhancements................................................................................6-15

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle9i: New Features for Windows Platform Table of Contents


ii
Oracle Enterprise Login Assistant Enhancements ..............................................................6-16
Oracle Enterprise Login Assistant LDAP support..............................................................6-17
Windows Public Key Infrastructure (Windows 2000).........................................................6-18
Microsoft Certificate Store ..................................................................................................6-19
Oracle and Windows PKI Integration Overview ................................................................6-20
Oracle PKI Integration with Windows PKI ........................................................................6-21
Smart Card Setup.................................................................................................................6-22
Configuration Example........................................................................................................6-23
Summary..............................................................................................................................6-24

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle9i: New Features for Windows Platform Table of Contents


iii
Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle9i: New Features for Windows Platform Table of Contents


v
Window Data Access: Oracle
Objects for OLE (OO4O)
Chapter 1

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 1
Window Data Access: Oracle Objects for OLE (OO4O)

Window Data Access:


Oracle Objects for OLE (OO4O)

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 2
Objectives

Objectives

After this lesson, you should be able to:


• Describe the components and functionality of the
OO4O
• Describe new Oracle9i OO4O features

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 3
Overview of Oracle Objects for OLE

Overview of Oracle Objects for OLE

Key features:
• Allow easy data access to Oracle databases with
any programming language that supports COM
Automation and ActiveX technology
• Support two-tier client/server to n-tiered server
environments
• Enable client and middle-tier applications to
connect to Oracle database servers, execute
commands, and access and manipulate the results
returned

You can use Oracle Objects for OLE (OO4O) from any COM client, including
Visual Basic, Visual C++, Visual Basic For Applications (VBA), Active Server
Pages (VBScript and JavaScript), and others.
OO4O provides key features for accessing Oracle databases efficiently and
easily in environments ranging from the typical two-tier client/server
applications, such as those developed in Visual Basic or Excel, to application
servers deployed in multitiered application server environments such as Web
server applications in Microsoft Internet Information Server (IIS) or Microsoft
Transaction Server (MTS).

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 4
Software Layers to Use OO4O

Software Layers to Use OO4O

Data Aware ActiveX Controls

C++ Class Oracle Data Automation Controllers


Libraries Control (VB, Excel, ASP)

COM/DCOM

OO4O In-Process
Automation
Server

Oracle Client Libraries


(OCI, CORE, NLS)

Oracle
Database

OO4O consists of an in-process COM Automation Server, the C++ class


library, and the Oracle Data Control. Relationships shows the high-level
relationship between OO4O components.
The OO4O In-Process Automation Server can be used from any COM client,
such as ASP and VB. Oracle provides additional methods to access the OO4O
Automation Server through C++ class libraries and a data control.
OO4O is an application programming interface (API) that lies on top of the
Oracle client libraries. OO4O provides an easy to use interface to these libraries.
These libraries provide the underlying plumbing for Oracle data access and
result manipulation.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 5
COM Data Access to Oracle

COM Data Access to Oracle

Active Server Visual C/C++ Any COM


MS Office
Pages Basic Applications Client

ActiveX Data
Objects (ADO)

Oracle Objects for OLE Oracle Provider COM Automation


(OO4O) for OLE DB Feature

OCI Library

Oracle

This graphic shows the the different methods by which Oracle COM data access
occurs. From any COM client, users access Oracle databases through OO4O or
ADO/OLE DB. Both OO4O and ADO/OLE DB serve as APIs on top of OCI,
which is a C based API that provides efficient access to Oracle.
Most Windows programmers use OO4O and ADO/OLE DB, rather than OCI,
as they tend to be easier to use and can be accessed from programming
languages outside of C/C++.
The COM Automation Feature allows stored procedures to send data to COM
Automation servers, such as Microsoft Office, and manipulate them.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 6
OO4O Advantages Compared with ADO/OLE DB and
ODBC

OO4O Advantages Compared with


ADO/OLE DB and ODBC
• Higher performance
• Access to Oracle-specific features
– Advanced Queuing
– XML
– Database Events
– Advanced Data Types
– Object References (REFs)
– Object Instances (Objects)
– Nested Tables
– VARRAYs
– BLOBs, CLOBs, NCLOBs and BFILEs

In general, OO4O provides better performance than ADO/OLE DB and ODBC.


ADO/OLE DB and ODBC were developed to be open specifications for multi-
data source access. However, by providing generic data access, ADO/OLE DB
and ODBC tend to have additional layers of overhead compared to OO4O.
OO4O exposes the latest and most advanced features in the Oracle9i database.
These features include XML, Advanced Queuing, and Oracle data types.
OO4O was developed specifically for Oracle to ensure high performance and
access to the latest Oracle database features.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 7
Common Deployments

Common Deployments

Client
MTS

OCI
Oracle OO4O

IIS
HTML
Internet
Active XML
Server
Pages

OO4O is used commonly within ASP and VB applications. These OO4O


applications participate with Web and transaction servers, such as Microsoft
Internet Information Server (IIS) and Microsoft Transaction Server (MTS).

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 8
OO4O Features

OO4O Features

• Full PL/SQL support


• Tunable client-side, scrollable, and updateable
cursors support
• Array fetches, updates, and inserts support
• Connection pooling and multiplexing support
• Thread safety
• Small disk and memory footprint
• Full support for Microsoft Transaction Server
(MTS) coordinated transactions

• PL/SQL support includes seamless access to PL/SQL Cursors.


• Tunable client-side, scrollable and updateable cursors provide easy and
efficient access to result sets of any size.
• Support for array fetches, updates, and inserts result in reduced network
roundtrips.
• Connection pooling allows scalable mid-tier application component
development such as Web applications that heavily use and serve dynamic
content stored in Oracle database servers. Connection pooling allows
applications to reuse open connections, rather than creating new ones.
Creating new connections consumes more resources than reusing already
open ones.
• Multiplexing allows multiple user sessions to share a network connection.
This saves on the resources by consolidating the number of DB
connections.
• Thread safety allowing safe access to automation objects in multithreaded
environments.
• Supports the Oracle Services for MTS for transaction-based applications.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 9
Additional OO4O Features

Additional OO4O Features

Seamless access to advanced data types:


• Object References (REFs), Object Instances
(Objects), Nested Tables, VARRAYs, BLOBs,
CLOBs, NCLOBs and BFILEs
• Easy-to-use interface for describing schema
objects
• Advanced Queuing support
• Asynchronous processing support
• Oracle Code Wizard for Stored Procedures
• Application failover notifications

• OO4O provides full support for accessing and manipulating instances of


REFs, value instance, variable-length arrays (VARRAYs), nested tables,
and LOBs. Instances of these types can be fetched from the database or
passed as input or output variables to SQL statements and PL/SQL. All
instances are mapped to COM Automation Interfaces that provide methods
for dynamic attribute access and manipulation.
• OO4O includes interfaces for retrieving attributes of schema objects. Using
the Describe method of the OraDatabase interface retrieves attributes. This
method takes the name of a schema object (for example, emp) and returns a
COM Automation object (OraMetaData). OraMetaData provides methods
for dynamically navigating and accessing all the attributes
(OraMDAttribute collection) of a schema object described.
• OO4O provides interfaces for accessing the Advanced Queuing (AQ)
feature in Oracle. It makes AQ accessible from popular COM-based
development environments, such as Visual Basic. The OraAQ Automation
interface provides methods for enqueuing and dequeuing messages
(OraAQMsg). It also provides a method for monitoring queues for message
arrivals. Client applications are notified when messages of interest are
dequeued using a callback object.
• Asynchronous processing support allows OO4O to execute a second
command after another command without waiting for first command to
finish processing.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 10
• The Oracle Code Wizard for Stored Procedures automatically generates
OO4O code that executes PL/SQL or Java stored procedures.
• Application failover notification provides a method to initiate database
failover.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 11
Basic Code Sample

Basic Code Sample

Dim OO4OSession As OraSession


Dim OO4ODatabase As OraDatabase
Dim OO4ODynaset As OraDynaset
'Create the OraSession Object.
Set OO4OSession =
CreateObject("OracleInProcServer.XOraSession")
'Create the OraDatabase Object by opening a DB connection
Set OO4ODatabase = OraSession.OpenDatabase("ExampleDb",
"scott/tiger", 0&)
'Create the OraDynaset Object.
Set OOO4ODynaset = OO4ODatabase.CreateDynaset("select
empno, ename from emp", 0&)
'Display the first record to a message box.
MsgBox "Employee " & OO4ODynaset.Fields("empno").value &
", #" & OO4ODynaset.Fields("ename").value

You can use the Visual Basic CreateObject method with two OO4O server
objects, OraSession or OraServer. In the code sample, OO4OSession is the
object variable that holds an instance of the OraSession object.
Once you have obtained an interface, you can use it to establish a user session
in an Oracle database by invoking the OpenDatabase method.
Once a user session is established, the CreateDynaset method of the
OraDatabase interface is used to execute queries. This method returns an
OraDynaset object that is then used to access and manipulate the set of rows
returned. An OraDynaset object encapsulates the functionality of a client-side
scrollable (forward and backward) cursor that allows browsing the set of rows
returned by the query it executes. Result set rows are locally cached in a
temporary file on the client machine to provide for backward scrollability.
In the code sample, the OraDynaset object is used to display the first record in
the query of the EMP table.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 12
New Oracle9i Features

New Oracle9i Features

• XML support
• Improved scalability and reliability with Oracle
Services for Microsoft Transaction Server (MTS)
• DB Events support
• Full Unicode support
• Temporary LOBs support

These are the new features in Oracle9i. The following slides will describe these
features in detail.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 13
XML Support Overview

XML Support Overview

• Allows OO4O to easily extract and insert data from


Oracle in XML format
– Renders XML from an OraDynaset
– Renders the XML based on row number and a
specified amount of rows
– Supports advanced Oracle types
– BLOBs, CLOBs, BFILEs, Objects, REFs,
Collections (Nested Tables, VARRAYs)
– Allows control over XML format

XML is quickly becoming the format of choice for data interchange. Data in
XML markup language can easily be integrated with other software components
that support XML. Web servers can serve up XML documents along with a
stylesheet, thus separating the data content from its presentation, and preserving
the data in its native form for easy searching.
By using XSLT, Extensible Stylesheet Language Transformations, businesses
can reformat XML documents received from other businesses into their desired
style.
OO4O allows the following XML options to be set:
• DTD, XMLSCHEMA, or NONE included at top of document
• ROWSET tag replacement
• ROW tag replacement
• Rowid attribute name replacement
• COLLECTION_ITEM ID name change
• Uppercasing/lowercasing of all tags can be forced
• Character set encoding type

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 14
XML Code Sample

XML Code Sample

Dim OO4OSession As OraSession


Dim OO4ODatabase As OraDatabase
Dim OO4ODynaset As OraDynaset
Dim XMLstring As String
Set OO4OSession =
CreateObject("OracleInProcServer.XOraSession")
Set OO4ODatabase = OO4OSession.OpenDatabase("ExampleDb",
"scott/tiger", 0&)
Set OO4ODynaset = OO4ODatabase.CreateDynaset("select
empno, ename from emp", 0&)

'GetXML method returns a string containing an XML


' document.

XMLstring = OO4ODynaset.GetXML(startrow, maxrows)

OO4O renders XML from the contents of any OraDynaset based on a starting
row number and continuing for a specified amount of rows.
GetXML method arguments:
• startrow - the first row number from which to start retrieving
• maxrows - the maximum number of rows to retrieve (if the end of the
recordset is reached fewer rows may be returned)

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 15
Oracle Services for MTS Support

Oracle Services for MTS Support

• OO4O improves Oracle Services for MTS support


– Enhanced reliability
– No single point of failure
– Enhanced scalability
– No external processes
– Transaction enlistment and completion
occur within an MTS process

Oracle Services for MTS has been improved in Oracle9i, making transaction-
based OO4O applications much more stable and reliable. In Oracle8i, an
external agent was used as a proxy for the database. There was a limitation of
one such agent per database, which was a potential source of a single point of
failure.
In the new Oracle Services implementation, transaction enlistment and
completion occur within the application server process. From an availability
perspective, embedding the transaction enlistment and completion engine in-
process removes the single point of failure, and thereby increasing availability.
Additionally, this makes the Oracle9i-MTS integration scale better in the
middle-tier since the Oracle Services run now within MTS, rather than as an
external agent.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 16
Database Events Support

Database Events Support

• Supports subscription to Oracle Database events


• Supports asynchronous notification of database
events to interested subscribers
• Supports declarative definitions for publishing,
detection, and run-time publication of such events

Oracle supports declarative definitions for publishing database events as well as


detection, and run-time publication of such events.
This feature supports asynchronous notification of database events to interested
subscribers. Under this model, the client can subscribe to one or more database
events. Each database event that the client is interested in is stored as a
subscription. When a database event of interest is triggered, the client
subscriber's database event handler for that event is fired and the subscriber is
notified.
The database event or dbevent subscriber is required to create a subscription,
based on the database event of interest. The subscriber should provide a dbevent
handler at the time of creating the subscription. The dbevent handler should be
an automation object that implements the method NotifyDBEvents. The
NotifyDBEvents method of the dbevent handler is invoked by OO4O when
database events of interest are fired.
For more detailed information about Oracle Database Events, refer to the
Oracle9i Concepts and Administration manual.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 17
Database Events Code Sample

Database Events Code Sample

Public DBEventsHdlr As New DBEventCls


Private Sub Form_Load()
Dim gOraSession As Object
Dim gOraSubscriptions As Object
Dim gOraDatabase As OraDatabase
Set gOraSession =
CreateObject("OracleInProcServer.XOraSession")
Set gOraDatabase =
gOraSession.OpenDatabase("ExampleDB",
"scott/tiger", ORADB_ENLIST_FOR_CALLBACK)
Set gOraSubscriptions = gOraDatabase.Subscriptions

'LOGON:ADMIN is the event name in the SCOTT schema


gOraSubscriptions.Add "SCOTT.LOGON:ADMIN",
DBEventsHdlr,gOraDatabase
gOraSubscriptions(0).Register
End Sub

The main application for registering with the event is in the slide. In the
example, DBEventCls is a user-defined DB event handler. Within
DBEventsCls, the method NotifyDBEvents callback handler must be
implemented (see code sample below). The DB event handler must first be
instantiated prior to event subscription.
Public countofMsgs as integer
Public Function NotifyDBEvents
(Ctx As Variant, Payload As Variant)
' Display DB event message
MsgBox "Retrieved payload " + Payload
' Unregister subscriptions after 3 notifications
countofMsgs = countofMsgs + 1
If countofMsgs > 3 Then
Ctx.Subscriptions(0).UnRegister
End If
End Sub
The Ctx variable is the application-defined context sensitive object that was
passed in when creating the subscription. The Payload variable is the message
that was retrieved when the database event was fired.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 18
Full Unicode Support

Full Unicode Support

• Added support for metadata, user name, and


Unicode NCHAR data types on RDBMS
• UCS-2 encoding is now fully supported

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 19
Temporary LOBs Support

Temporary LOBs Support

• Used for pass into stored procedures and


functions which have LOB arguments
• Code Sample:

Set OO4OBLOB = OO4ODatabase.CreateTempBLOB(false)


Set OO4OCLOB = OO4ODatabase.CreateTempCLOB(false)

• CreateTempBLOB and CreateTempBCLOB


arguments
– use_caching - specifies whether OO4O uses
caching when accessing this LOB
– Default value is false

Temporary LOBs are do not exist permanently in the database. OO4O


programmers most commonly use them to pass into stored procedures and
functions which have LOB arguments.
Temporary LOBs do not require, nor do they take part in, transactions. (It is not
necessary to acquire a lock prior to writes, and rollbacks have no effect on
temporary LOBs.)
The use_caching argument directs Oracle to use caching when accessing the
temporary LOB. This is suggested when multiple accesses are expected on a
single LOB. Caching is not required for the typical case, where a LOB is
created, filled with data, passed to a stored procedure, and then discarded.
Temporary LOBs exist on the server until no more references to the
corresponding OraBLOB or OraCLOB exist on the client. Please note that these
references include any OraParameter or OraParamArray which contain a
temporary OraBLOB or OraCLOB.

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 20
Summary

Summary

In this lesson, you should have learned how to:


• Describe the components and functionality of the
OO4O
• Describe new Oracle9i OO4O features

Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 21
Copyright © Oracle Corporation, 2000. All rights reserved.

Window Data Access: Oracle Objects for OLE (OO4O)


Chapter 1 - Page 22
Windows Data Access: ADO
and the Oracle Provider for
OLE DB
Chapter 2

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 1
Windows Data Access: ADO and the Oracle Provider
for OLE DB

Windows Data Access:


ADO and the Oracle Provider for OLE DB

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 2
Objectives

Objectives

After this lesson, you should be able to:


• Describe the components and functionality of the
Oracle Provider for OLE DB (OraOLEDB)
• Describe new OraOLEDB features

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 3
OLE DB Overview

OLE DB Overview

• OLE DB is an open standard data access


methodology which utilizes a set of COM interfaces
for accessing and manipulating different types of
data
• Oracle Provider for OLE DB offers high
performance and efficient access to Oracle data by
OLE DB consumers
• ActiveX Data Objects (ADO) is a high-level data
access layer for using OLE DB
– Easy to Use
– Accessible from more programming languages

ADO provides a high-level data access interface to OLE DB. In general, ADO
is easier to use and accessible from scripting languages, unlike OLE DB.
Programmers often use OLE DB directly when performance is a top priority in
their data access applications.
The Oracle Provider for OLE DB provides optimized access to the Oracle
database for both ADO and OLE DB users.
For more information on ADO and OLE DB, please visit
http://www.microsoft.com/data/ [http://www.microsoft.com/data/]

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 4
ADO/OLE DB Access to Oracle

ADO/OLE DB Access to Oracle

Active Server Visual C/C++ Any COM


MS Office
Pages Basic Applications Client

ActiveX Data
Objects (ADO)
Oracle Provider
for OLE DB (OraOLEDB)

Oracle Call Interface (OCI) Library

Oracle

By using OraOLEDB, ADO programmers can access Oracle data from any
COM client, such as Visual Basic and Microsoft Office. ADO/OLE DB serves
as an API on top of OCI, which is a C-based API that provides efficient
database access and exposes Oracle’s advanced features.
C/C++ programmers can use OLE DB directly.

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 5
Common Deployments

Common Deployments

Client
MTS

OCI OLE
Oracle DB

IIS HTML
Internet
Active XML
ADO
Server
Pages

ADO and OraOLEDB are commonly used within ASP and VB applications.
These applications participate with Web and transaction servers, such as
Microsoft Internet Information Server (IIS) and Microsoft Transaction Server
(MTS).

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 6
OraOLEDB Advantages versus other OLE DB
Providers

OraOLEDB Advantages
versus other OLE DB Providers
• High performance
– Code is optimized for Oracle
• Access to Oracle advanced features
– LONG, LONG RAW, and LOBs support
– No 32K limit on LOB parameters in stored
procedures
– Full Unicode support
– N datatype support
– Oracle password expiration feature

OraOLEDB is optimized to provide high performance data access and expose


advanced Oracle features. OraOLEDB was built to be high-performing by
taking advantage of the latest OCI and Oracle DB features. Additionally,
OraOLEDB users will be able to use Oracle’s advanced features.
These features will be described in more detail in later slides.

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 7
New and Updated OraOLEDB Features

New and Updated OraOLEDB Features

• Returning multiple rowsets from stored procedures


– Consumers can use this feature to access all
the REF CURSORs being returned by a stored
procedure
• Support for the Unicode character set
– Consumers can access data in multiple
languages on the same client machine
– Useful in creating global Internet applications
supporting many languages
– For example, an ASP page that accesses Oracle
can dynamically generate content in Japanese,
Arabic, English, and Thai

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 8
OraOLEDB Features

OraOLEDB Features

The following OraOLEDB features will be covered in


the following sections:
• Data Source
• Sessions
• Commands
• Rowsets
• LOB Support
• Unicode Support
• Errors

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 9
Data Source

Data Source

• To establish the initial connection, use the


CoCreateInstance function to create an instance of
the data source object
– OraOLEDB’s class ID is CLSID_OraOLEDB
– When calling CoCreateInstance, use the
CLSCTX_INPROC_SERVER macro

Set OO4OBLOB = OO4ODatabase.CreateTempBLOB(false)


// create an instance of OraOLEDB data source object and
// obtain the IDBInitialize interface
hr = CoCreateInstance(CLSID_OraOLEDB,
NULL,CLSCTX_INPROC_SERVER, IID_IDBInitialize,
(void**)&pIDBInitialize);

OraOLEDB is an in-process server.


Note: OraOLEDB does not support persistent data source objects.
Note: Oracle9i OraOLEDB supports connections to Oracle8 databases and
higher.

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 10
Connecting to an Oracle Database

Connecting to an Oracle Database

• To connect to an Oracle database, the OLE DB


connection string must be as follows:

"Provider=OraOLEDB.Oracle;User ID=user;Password=pwd;Data
Source=constr;"

• Offers provider-specific Connection String


attributes

OraOLEDB offers provider-specific Connection String attributes, which are set


in the same way as the Provider and User ID are set.
• CacheType: Specifies the type of cache used to store the rowset data on the
client. The default is Memory. OraOLEDB provides two caching
mechanisms:
– Memory: Stores all the rowset data in-memory. This caching
mechanism provides better performance at the expense of higher
memory utilization.
– File: Stores all the rowset data on-disk. This caching mechanism limits
the memory consumption at the expense of performance.
• ChunkSize: Specifies the size, in bytes, of LONG or LONG RAW column
data stored in the provider’s cache. Providing a high value for this attribute
improves performance, but requires more memory to store the data in the
rowset. Valid values are 1 to 65535. The default is 100.
• DistribTX: Enables or disables distributed transaction enlistment capability.
Valid values are 0 (disabled) and 1 (enabled). The default is 1. Applications
using Microsoft Transaction Server must have DistribTX set to 1, the
default.
• FetchSize: Specifies the number of rows the provider will fetch at a time. It
must be set appropriately depending on the data size and the response time
of the network. If the value is set too high, this could result in more wait
time during the execution of the query. If the value is set too low, this could

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 11
result in many more round trips to the database. Valid values are 1 to
429,496,296. The default is 100.
• OSAuthent: Specifies whether OS Authentication will be used when
connecting to an Oracle database. Valid values are 0 (disabled) and 1
(enabled). The default is 0 which indicates that OS authentication is not
used.
• PLSQLRSet: Enables or disables returning a rowset from PL/SQL stored
procedures.
• PwdChgDlg: Enables or disables the displaying of the password change
dialog, whenever a logon fails due to an expired password. When enabled,
the provider displays the dialog to change the password. When disabled, the
logon fails with an error message. The valid values are 0 (disabled) and 1
(enabled). The default is 1.

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 12
ADO Examples: Connecting to the Oracle DB

ADO Examples:
Connecting to the Oracle DB
• Connect using Connection String
Dim con As New ADODB.Connection
con.ConnectionString = "Provider=OraOLEDB.Oracle;” & _
• “Data Source=MyOraDb;User ID=scott;Password=tiger;"
con.Open
• Connect without using Connection String
Dim con As New ADODB.Connection
con.Provider = "OraOLEDB.Oracle"
con.Open "MyOraDb", "scott", "tiger"
• OS Authenticated connect setting user id to “/”
Dim con As New ADODB.Connection
con.Provider = "OraOLEDB.Oracle"
con.Open "MyOraDb", "/", ""

Connect and Set Provider Specific Attributes


Dim con As New ADODB.Connection
con.Provider = "OraOLEDB.Oracle"
con.ConnectionString = "FetchSize=200;CacheType=Memory;" & _
"OSAuthent=0;PLSQLRSet=1;Data Source=MyOraDb;" & _
"User ID=scott;Password=tiger;"
con.Open
OS Authenticated Connect Using OSAuthent
Dim con As New ADODB.Connection
con.Provider = "OraOLEDB.Oracle"
con.ConnectionString = "Data Source=MyOraDb;OSAuthent=1;"
con.Open

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 13
Sessions

Sessions

• OraOLEDB session object represents a single


connection to an Oracle DB
– The session object exposes the interfaces that
allow data access and manipulation
• Each session object also defines a transaction
space for a data source
– All command and rowset objects created from a
particular session object are part of the
transaction of that session

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 14
Transactions

Transactions

• OraOLEDB supports local and distributed


transactions which provide explicit commit and
abort
• Local Transactions
– Supports explicit commit and abort
– By default, OraOLEDB is in an autocommit
mode, meaning that each unit of work done on
the database is automatically or implicitly
committed
• Distributed Transactions
– Requires Oracle Services for Microsoft
Transaction Server (MTS) release 8.1.7.0.0 or
later

For local transactions, with the use of ITransactionLocal interface, consumers


may explicitly start a transaction for a particular session, allowing a unit of
work to be explicitly committed or aborted by the consumer.
For distributed transactions, Oracle Services for MTS are required to be able to
participate in Microsoft Transaction Server (or COM+) transactions or to enlist
in a distributed transaction coordinated by Microsoft Distributed Transaction
Coordinator (MSDTC).
OraOLEDB does not support nested transactions. In addition, a local transaction
cannot be started if the session is currently enlisted in a distributed transaction.
This also applies to distributed transactions if the session is currently enlisted in
a local transaction.

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 15
Commands and Custom Properties

Commands and Custom Properties

• When executing a PL/SQL stored procedure using a


command, use Oracle native syntax or the ODBC
procedure call escape sequence in the command text

• Oracle native syntax: BEGIN credit_account(123, 40); END;


• ODBC syntax: {CALL credit_account(123, 40)}
• Custom properties for Commands are grouped under the
ORAPROPSET_COMMANDS custom property set
– PLSQLRSet (ORAPROP_PLSQLRSet for C++ users)
– NDatatype (ORAPROP_NDatatype for C++ users)
– SPPrmsLOB (ORAPROP_SPPrmsLOB for C++ users)

OraOLEDB supports ANSI SQL as supported by Oracle and the ODBC SQL
syntax.
Command Parameters
When using Oracle ANSI SQL, parameters in the command text are preceded
by a colon. In ODBC SQL, parameters are indicated by a question mark ("?").
OraOLEDB supports input, output, and input/output parameters for PL/SQL
stored procedures and stored functions. OraOLEDB supports input parameters
for SQL statements.
Note: OraOLEDB supports only positional binding.

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 16
PLSQLRSet Property

PLSQLRSet Property

Specifies whether a rowset from the PL/SQL stored


procedure needs to be returned
Dim objCon As NEW ADODB.Connection
Dim objCmd As NEW ADODB.Command
....
objCmd.ActiveConnection = objCon
objCmd.CommandType = adCmdText
’ Enabling the PLSQLRSet property indicates to the provider
’ that the command returns one or more rowsets
objCmd.Properties("PLSQLRSet") = TRUE
’ Assume Employees.GetEmpRecords() has a REF CURSOR as
’ one of the arguments
objCmd.CommandText = "{ CALL Employees.GetEmpRecords(?,?) }"
objCmd.Execute
’ It’s a good idea to disable the property after execution
objCmd.Properties("PLSQLRSet") = FALSE

If the stored procedure, provided by the consumer, returns a rowset,


PLSQLRSet needs to be set to TRUE (enabled). This property should be set to
FALSE after the command has been executed. It is a good idea to disable the
property after stored procedure execution as the same command object may be
used for a different SQL statement. By default, the property is set to FALSE
(disabled).

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 17
NDatatype Support

NDatatype Support

• Allows specifying whether any of the parameters


bound to the command are of Oracle’s N datatypes
(NCHAR, NVARCHAR or NCLOB).
– Should not be set for commands executing
SELECT statements
– Needs to be set for all other SQL statements,
such as INSERT, UPDATE, and DELETE
• Property’s use should be limited to SQL containing
parameters of N datatype
– Setting the property incurs a processing
overhead of at least one roundtrip to the
database

Note: OraOLEDB does not support parameters of N datatypes in the WHERE


clause of SQL statements.
Note: Consumers are required to use the ODBC procedure call escape sequence
to call stored procedures or functions having N datatype parameters.
By default, this property is set to FALSE.
Code Sample:
Set prEmpno = objCmd.CreateParameter
("prEmpno", adSmallInt, adParamInput, ,8521)
' prEname is bound to a NVARCHAR column in the EMP table
Set prEname = objCmd.CreateParameter
("prEname", adBSTR, adParamInput, , "Joe")
objCmd.Parameters.Append prEmpno
objCmd.Parameters.Append prEname
' Enabling the NDatatype property indicates to the provider
' that one or more of the bound parameters is of N datatype
objCmd.Properties("NDatatype") = TRUE
' Assume column ENAME in table EMP is of NVARCHAR type
objCmd.CommandText = "INSERT INTO EMP (EMPNO, ENAME) VALUES (?,
?)"
objCmd.Execute

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 18
SPPrmsLOB Property

SPPrmsLOB Property

• Specifies whether any stored procedures


parameters are of Oracle’s LOB datatype (CLOB,
BLOB, or NCLOB)
– Limits the processing overhead of stored
procedures with LOB datatype parameters

Note: Consumers are required to use the ODBC procedure call escape sequence
to call stored procedures or functions having LOB datatype parameters.
This property should be set to FALSE after the command has been executed. By
default, the property is set to FALSE.
Example: Setting the Custom Property SPPrmsLOB
' Create and append the parameters to the command object
Set prCLOB = objCmd.CreateParameter
("prCLOB", adLongVarchar, adParamOutput, 10000)
objCmd.Parameters.Append prCLOB
' Enabling the SPPrmsLOB property indicates to the provider
' that one or more of the bound parameters is of LOB datatype
objCmd.Properties("SPPrmsLOB") = TRUE
' Assume the Stored Procedure requires a CLOB parameter
objCmd.CommandText = "{ call storedproc(?) }"
objCmd.Execute
' It is a good idea to disable the property after execution.
' The same command object may be used for other SQL statements
objCmd.Properties("SPPrmsLOB") = FALSE

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 19
Stored Procedures and Functions Returning Rowsets

Stored Procedures and Functions


Returning Rowsets

• OraOLEDB can execute PL/SQL stored


procedures/functions with a REF CURSOR
– Supports REF CURSOR arguments
– Supports returning a REF CURSOR from a
function
• OraOLEDB returns a rowset for each REF CURSOR
bind variable
• Can use for stand-alone or packaged PL/SQL
stored procedures

Because there is no predefined datatype for REF CURSORs in the OLE DB


specification, the consumer must not bind this parameter.
To return rowsets, stored procedures or functions must be called in the ODBC
procedure call escape sequence.
If a PL/SQL stored procedure has one or more arguments of REF CURSOR
type, OraOLEDB binds these arguments appropriately and returns a rowset for
each argument of REF CURSOR type. If a PL/SQL stored function returns a
REF CURSOR or has an argument of REF CURSOR type, OraOLEDB binds
these appropriately and returns a rowset for each REF CURSOR bound in the
stored function.

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 20
Multiple Rowsets

Multiple Rowsets

• OraOLEDB supports returning more than one


rowset from a stored procedure
– Provides access to all the REF CURSORs being
returned by a stored procedure

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 21
Rowsets

Rowsets

• Support for rowset creation with


IOpenRowset::OpenRowset and
ICommand::Execute
• Support for SELECT statements returning rowsets
• Support for both immediate and deferred
updateable rowset
• Updateable rowset code sample:
Cmd.ActiveConnection = Con
Cmd.CommandText = "SELECT * FROM emp"
Cmd.CommandType = adCmdText
’ Set properties to allow update, insert, or delete
cmd.Properties("IRowsetChange") = TRUE
Cmd.Properties("Updatability") = 7
Set Rst = cmd.Execute

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 22
JOIN Rowsets

JOIN Rowsets

• Support for updateable rowsets created using JOIN


queries
– Only available with the Client Cursor Engine
enabled

objCon.Provider = "OraOLEDB.Oracle"
objCon.Open "MyOraDb", "scott", "tiger"
objRst.CursorLocation = adUseClient ’ADO Client Cursor
objRst.Open "select ename, dname " & _
"from emp, dept where emp.deptno = dept.deptno", _
objCon, adOpenStatic, adLockOptimistic, adCmdText
’ Recordset created is updateable. Please note that
’ CursorLocation property needs to be explicitly set to
’ adUseClient for this join recordset to be updateable.

ADO consumers must specify the CursorLocation as adUseClient to make these


rowsets updateable.

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 23
Date Formats

Date Formats

• NLS_DATE_FORMAT is fixed for the session to


’YYYY-MM-DD HH24:MI:SS’
– When passing a date to Oracle as a string, the
date needs to be in the ’YYYY-MM-DD
HH24:MI:SS’ format
• Use a different date format
– When dates are passed as strings, use the SQL
function, TO_DATE(), to specify the format
– When dates are passed as parameters, ADO
controls the format
– Cannot use TO_DATE()function

The date format for the Oracle session cannot be set using ALTER SESSION
SET NLS_DATE_FORMAT command.
Dates Passed as Strings Sample:
select * from emp
where hiredate > to_date('15-JUN-81', 'DD-MON-YY')
Dates Passed as Parameters Sample :
objCon.Provider = "OraOLEDB.Oracle"
objCon.Open "MyOraDb", "scott", "tiger"
Set pDate = objCmd.CreateParameter("pDate", adDate, _
adParamInput)
objCmd.Parameters.Append pDate
objCmd.CommandText = "SELECT * FROM EMP WHERE HIREDATE > ?"
objCmd.ActiveConnection = objCon
objCmd.CommandType = adCmdText
pDate.Value = "06/15/1981"
Set objRst = objCmd.Execute

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 24
LOB Support

LOB Support

• Support for all LONG, LONG RAW, and LOB (BLOB,


CLOB, NCLOB, and BFILE) columns through
ISequentialStream interface
– Read and write to LOB columns
– Supports LOBs up to 2GB in size

Note: BFILEs are read-only in the Rowset interface.


Note: Although most of the LOB columns in an Oracle database support up to 4
GB of data storage, ADO limits the maximum column size to 2 GB.
To have read and write access to LOB columns, the SELECT SQL statement
used to create the rowset should not contain a JOIN.
BFILE columns can be updated using the Command interface, if the update is
limited to modifying the directory and name of the external file pointed to by
the BFILE column. For example:
INSERT INTO topomaps (areanum, topomap)
VALUES (158, BFILENAME(’mapdir’, ’topo158.tps’));

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 25
Unicode Support

Unicode Support

• Transparently converts the data between Unicode


encoding schemes
– Oracle9i and Windows NT/2000 use UCS2
encoding scheme
– Oracle8 and Oracle8i stores data in the UTF8
encoding scheme
– OraOLEDB provides transparent conversion
between UTF8 and UCS2
– Allows consumers to deal with only UCS2
• No ADO code changes necessary between Unicode
mode and non-Unicode mode

Note: OLE DB consumers using C/C++ need to explicitly specify


DBTYPE_WSTR in their datatype bindings when Unicode data in involved.
In order to prevent any data loss, the database character set should be UTF8.
Other than this, there is no other setup required for the Unicode support.
How Oracle Unicode Support Works
OraOLEDB works in two modes, Unicode mode and non-Unicode mode. When
the client character set is not a superset of the server character set, OraOLEDB
automatically enables the Unicode mode. In this mode, OraOLEDB stores the
data in its cache in the UCS2 encoding scheme. The user should ensure that the
database’s character set is UTF8 in order to prevent any data loss. If the client
character set is a superset of the server’s, the provider operates in the non-
Unicode mode. This mode provides slightly better performance as it does not
have to deal with larger character buffers required by the UCS2 encoding.
The detection of the client’s and the server’s character set is performed during
logon.

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 26
Errors

Errors

• All objects support extended error information


• Exposes IErrorLookup to retrieve information
about an error.
• Returns the entire error stack in one text block
• ADO sample:

Dim oerr As ADODB.Error


For Each oerr in con.Errors
MsgBox "Error: " & oerr.Description _
& vbCrLf & "Source: " & oerr.Source
Next

To support extended error information, the consumer needs to instantiate the


OLE DB Extended Error object followed by calling the method
GetErrorDescription()to get the error text.
Code Sample
// Instantiate OraOLEDBErrorLookup and obtain a pointer to
// its IErrorLookup interface
CoCreateInstance(CLSID_OraOLEDBErrorLookup, NULL,
CLSCTX_INPROC_SERVER, IID_IErrorLookup,
(void **)&pIErrorLookup)
// Call the method GetErrorDescription() to get the full
// error text
pIErrorLookup->GetErrorDescription()

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 27
Tracing and Debugging

Tracing and Debugging

• Provides the ability to trace the interface calls for


debugging purposes
• Configurable to record the following:
– For OLE DB Interface method entry and exit:
– Parameter value(s) supplied (entry)
– Return value; HRESULT (exit)
– Thread ID (entry and exit)
– For distributed transaction enlistment and
delistment:
– Session object information
– Transaction ID

Note: In order to record global transaction enlistment and delistment


information, the TraceLevel value must be set to session object.

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 28
Summary

Summary

In this lesson, you should have learned about:


• The components and functionality of the Oracle
Provider for OLE DB (OraOLEDB)
• The new OraOLEDB features

Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 29
Copyright © Oracle Corporation, 2000. All rights reserved.

Windows Data Access: ADO and the Oracle Provider for OLE DB
Chapter 2 - Page 30
Oracle Open Database
Connectivity (ODBC)
Chapter 3

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 1
Oracle Open Database Connectivity (ODBC)

Oracle Open Database Connectivity


(ODBC)

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 2
Objectives

Objectives

After this lesson, you should be able to:


• Describe an overview of Oracle9i ODBC
• Describe the new features for MTS support
• Describe the expanded unicode support
• Describe enhancements to the ODBC
Administration Utility
• Describe the performance improvements

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 3
ODBC Overview

ODBC Overview

• Open Database Connectivity (ODBC) defines a


vendor-independent API for accessing data stored
in databases using SQL
• ODBC interface permits maximum interoperability
where a single application can access different
database management systems
• You can access, query and update data with the
ODBC driver set

Open Database Connectivity (ODBC) defines a vendor-independent API


(Application Programming Interface) as defined by Microsoft Corporation, for
accessing data stored in Relational & Non-Relational Databases (DBMS) using
Structured Query Language (SQL) as a standard for accessing data.
The ODBC interface permits maximum interoperability where a single
application can access different database management systems. This allows an
applications developer to develop, compile, and ship an application without
targeting a specific DBMS. Users can then add modules called database drivers
that link the application to their choice of database management systems.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 4
Oracle9i ODBC Driver

Oracle9i ODBC Driver

• ODBC 3.51 Compliant


• Supported on Windows 2000, Windows NT 4.0,
Windows 98 and Windows 95
• 32-bit only
• Implemented as an OCI Application

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 5
New ODBC Features Supported

New ODBC Features Supported

• SQLGetData Extensions
• Added support for the SQL_ATTR_METADATA_ID
• High scalability and reliability with Oracle Services
for Microsoft Transaction Server (MTS)
• Expanded Unicode support

New ODBC Features Supported


• SQLGetData Extensions: Added support for options
SQL_GD_ANY_COLUMN, SQL_GD_ANY_ORDER and
SQL_GD_BOUND. These options allow an application to issue
SQLGetData calls on any column, in any order, regardless of whether the
column has been bound or not.
• Added support for the SQL_ATTR_METADATA_ID. This attribute
allows an application to specify the case sensitivity of arguments to the
ODBC catalog functions. The default value for
SQL_ATTR_METADATA_ID, as specified by the Microsoft ODBC
specification, is to be case sensitive. The default of the Oracle driver was
case insensitive. This could cause a regression in existing applications.
Therefore we have added a new ODBC data source configuration option to
override the default value of SQL_ATTR_METADATA_ID so that it is
case insensitive.
• Oracle Services for MTS and the expanded Unicode support are discussed
further on the following slides.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 6
Oracle Services for MTS Support

Oracle Services for MTS Support

ODBC improves Oracle Services for MTS support


• Enhanced reliability
– No single point of failure
• Enhanced scalability
– No external processes
– Transaction enlistment and completion occur
within an MTS process

Oracle Services for MTS has been improved in Oracle9i, making transaction-
based ODBC applications much more stable and reliable. In Oracle8i, an
external agent was used as a proxy for the database. There was a limitation of
one such agent per database, which was a potential source of a single point of
failure.
In the new Oracle Services implementation, transaction enlistment and
completion occur within the application server process. From an availability
perspective, embedding the transaction enlistment and completion engine in-
process removes the single point of failure, and thereby increasing availability.
Additionally, this makes the Oracle9i-MTS integration scale better in the middle
tier because the Oracle Services now run within MTS, rather than as an external
agent.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 7
Expanded Unicode Support

Expanded Unicode Support

• Unicode support has been expanded to utilize new


Unicode features available in an Oracle9i database
and through the OCI 9i interface
• SQL_WCHAR, SQL_WVARCHAR and
SQL_WLONGVARCHAR are now supported data
types
• SQL statements encoded as Unicode will be
passed to an Oracle9i server as Unicode

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 8
ODBC Administration Utility

ODBC Administration Utility

• Added “Test Connection” button to the data


source configuration form
• This feature is used to verify a data source can
successfully connect to the database
• The creation of ODBC data sources has been
simplified with the addition of a pull down menu to
select from available TNS names in the
tnsnames.ora file

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 9
ODBC Installation Changes

ODBC Installation Changes

• ODBC installation now supports multiple Oracle


Homes
• ODBC Test utility deprecated and replaced with
“Test Connection” functionality in ODBC
Administrator

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 10
Performance Improvements

Performance Improvements

Performance improved of the ODBC catalog


functions:
• SQLColumns
• SQLColumnPrivileges
• SQLPrimaryKeys
• SQLTables
• SQLTablePrivileges

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 11
Summary

Summary

In this lesson, you should have learned how to utilize


the enhancements of Oracle9i ODBC including:
• MTS support
• Expanded Unicode support
• Enhancement to the ODBC Administration Utility
• Performance improvements

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Open Database Connectivity (ODBC)


Chapter 3 - Page 12
Oracle Services for Microsoft
Transaction Server (MTS)
Chapter 4

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 1
Oracle Services for Microsoft Transaction Server
(MTS)

Oracle Services for


Microsoft Transaction Server (MTS)

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 2
Objectives

Objectives

After this lesson, you should be able to:


• Describe Oracle’s integration with Microsoft
Transaction Server (MTS)
• Explain the Oracle-MTS integration application
stack
• Explain the scalability and reliability enhancements
to Oracle-MTS integration in Oracle9i

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 3
MTS Overview

MTS Overview

MTS:
• Is an application server typically implemented in
the middle tier for managing distributed
applications
• Offers an ActiveX/DCOM based programming
model
• Under Windows 2000, MTS is not a separate entity,
but subsumed by COM+ as another service
• Provides services such as thread and process
management, object pooling, and reuse

MTS is an application server typically used in the middle-tier of n-tier


applications for managing distributed applications. Its primary purpose is to
provide declarative transactional semantics to ActiveX/COM components much
like the declarative transactions provided by Enterprise Java Beans (EJB)
environment. In addition to transaction services, MTS also provides other
application server services like thread and process management, object pooling,
and reuse.
MTS is currently available on Windows NT (using Windows NT Option Pack
4) and Windows 95 platforms. However, under Windows 2000, Microsoft
Transaction Server is no longer a separate entity; it has been subsumed by
COM+ as another COM+ service.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 4
Distributed Transaction Coordinator

Distributed Transaction Coordinator

• Provides transaction monitoring for MTS


• Client application
requests Transaction
Monitors (TM) to start Begin Txn
or complete Application DTC Txn Mon 0
Complete Txn
transaction
• Client connects to Join TXN

Resource Manager RM 1 DTC Txn Mon 1


2PC
(RM)

RM Connections
• Resource Manager(s) Join TXN
join Distributed RM 2 DTC Txn Mon 2
Transaction 2PC
Coordinator
Join TXN
(DTC)
RM 3 DTC Txn Mon 3
• At commit, 2-Phase 2PC
Commits (2PC)
are issued.

The graphic above shows how an application process uses the DTC as a
Transaction Processing Monitor.
The DTC is the foundation of the Microsoft Transaction Server application
server. The DTC is a transaction monitor available on Windows NT and
Windows 2000. This allows applications to initiate transactions and also allows
resource managers accessed by such applications to join these transactions.
Using the 2-phase commit protocol, the DTC performs the atomic commits of
these transactions. The interaction between applications and the TM and the
interactions between an RM and the TM is through OLE Transaction (OLETx)
COM interfaces.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 5
Oracle Services for MTS Overview

• Key objective is for Oracle to participate in global


transactions coordinated by the Microsoft
Distributed Transaction Coordinator (DTC)
• Transaction
– Enlistment
– Completion
– Recovery
• The integration of Oracle and MTS must be highly
scalable and robust with no single point of failure
• Optimize connection pooling
• Integration with OCI, OO4O, OLEDB and ODBC

Key areas of integration are:


• Transaction Enlistment: Maintaining transaction context for global
transactions
• Transaction completion: Translation of 2-phase commit calls between the
DTC and Oracle databases to Oracle’s transaction control API calls
• Transaction recovery: Resolution of in-doubt externally coordinated
Oracle transactions that were started on behalf of MTS-transactions
• Oracle9i enhancements: Enhancements for improved scalability and
availability have been made to the Oracle9i implementation
• Connection pooling: Managing connections between the client and the
database server
• Data access interfaces: OCI, OO4O, OLEDB and ODBC integration with
MTS

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 6
Common Deployment scenarios

Common Deployment scenarios

Client browser Client browser Client browser Client browser Client browser

Middle T ier (Web Server Farm)

IIS using MT S IIS using MT S IIS using MT S


components with components with components with
Oracle Services Oracle Services Oracle Services
For MT S and For MT S and For MT S and
OLEDB/ ODBC/OO4O OLEDB/ ODBC/OO4O OLEDB/ ODBC/OO4O

Oracle Databse Microsoft


on UNIX or Message Queue
W indows on W indows

The graphic above shows a typical transaction-based website using Oracle’s


data access and middle-tier integration on Windows and the Oracle database.
In the top layer lies the client tier where browser-based clients access
transactional COM components in Active Server Pages (ASPs). These ASPs are
accessed using the web server, Microsoft Internet Information Server (IIS).
MTS and IIS both lie the application server in the middle-tier. Data access can
occur through any of the following interfaces: OO4O, ADO/OLEDB, ODBC,
OCI.
The MTS-hosted COM business logic objects access Oracle databases in the
bottom layer, the data tier. You can run the Oracle database on either UNIX or
Windows.
The connections to the databases are enlisted in MTS-initiated transactions via
Oracle9i-MTS integration. Note that each application server instance is
completely self-contained regarding Oracle-MTS enlistment and transaction
completion, thereby scaling with the middle-tier.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 7
Oracle-MTS integration in Oracle8i

DTC DTC
log log
MTS application server 3

MSDTC begin txn/ MSDTC TM-to-TM MSDTC


MSDTC

Machine boundary
txn object commit txn (TM1) communication (TM2)
Proxy
MTS executive
OLEDB,ODBC, Oracle-
OO4O MTS
integration
OLEDB, layer
ODBC, or 2
OO4O RM proxy for DB1
enlistment RPC
connection 1
returned XID 2PC
4 callback
OCI object
Net8

Machine boundary

Machine boundary
Net8 Oracle Net8
Oracle Oracle
Server
databas Server
(business
e DB1 (2PC)
logic)

• The application layer requests the integration layer to enlist a transaction


in a DTC transaction. The application layer places the request using data
access interfaces, such as OO4O, OLEDB, or ODBC.
• The Oracle-MTS integration layer requests the RM proxy for DB1 to join
the DTC transaction. The RM proxy publishes a 2PC callback object to
the DTC and returns a transaction ID (XID).
• The TM of the RM proxy contacts the transaction’s originating TM and
joins as a subordinate TM.
• The RM proxy returns an XID back to the Oracle-MTS integration layer
which starts an Oracle global transaction using the generated XID on the
existing DB connection.
• Committing the transaction involves TM1 sending the 2PC messages to
MT2 which calls the RM proxy using the 2PC callback. The RM proxy
uses the pooled connections to the database to perform the 2PC.
In Oracle8i, the integration of Oracle and MTS involved the use of an external
agent (that is, a proxy for the Oracle database). Each database (UNIX or
Windows NT) had only one such agent running on the Windows middle-tier
machine.
This agent enlisted clients’ MTS transactions on behalf of the database. The
client requests the agent to enlist an MTS transaction using a remote procedure
call (RPC). The agent then joins the transaction by publishing a 2PC callback
object to its DTC.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 8
The agent can run on a different Windows machine to the one the client
application server uses and hence, it has its own MSDTC (see slide example). In
this case, the agent’s DTC is subordinate to the application server’s DTC. RPC
calls provide the mode of communication for the agent to the application server.
When the client requests its DTC to commit the transaction, the 2PC callbacks
are sent to the agent (through its DTC) which handles the 2PC commands using
a pool of connections to its database.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 9
Oracle9i Availability and Scalability Improvements

Oracle9i Availability and


Scalability Improvements
• Better Availability
– No single point of failure
• Better Scalability
– No external processes
– All enlistment and completion occur within the
MTS process

In the Oracle8i implementation in the previous slide, the external agent (a


Windows NT service) acted as a proxy for the database and joined MTS-
initiated transactions on behalf of the Oracle database. This implementation had
a limitation of one agent per database.
From an availability perspective, since each Oracle database could only have
one proxy agent for MTS, there was a single point-of failure. Embedding the
transaction enlistment and completion engine in-process removes this single
point-of-failure increasing availability.
Additionally, transaction enlistment and transaction completion is performed
within the application server process. This allows the Oracle9i-MTS integration
to scale with the middle tier as more application servers are added.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 10
MTS Integration: Resource Dispenser

MTS Integration: Resource Dispenser

• Resources used by MTS components can be


pooled
– Examples: DB connection, memory
• Resource Dispensers are created for their
respective resources
• Resource Dispensers work in conjunction with a
Dispenser Manager (part of the MTS infrastructure)
to create and maintain pools of their respective
resources

Resource Dispenser
To achieve scalability in the MTS environment, resources (for example,
database connections, and memory) used by MTS components can be pooled.
This requires the various resource providers to implement resource dispensers
for their respective resources. The resource dispensers, hereafter referred to as
dispensers, work in conjunction with a dispenser manager to create and
maintain pools of the resource they dispense. The dispenser manager ensures
that transactional resources, such as database connections, will automatically be
enlisted in the requesting MTS component’s ongoing transaction if any.
The OLEDB provider manager is the dispenser for all OLEDB connections,
while the ODBC 3.0 driver manager is the dispenser for all ODBC connections.
OO4O provides the option of using OO4O pooling or the MTS resource
dispenser.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 11
Configuring the Oracle Database for MTS

Configuring the Oracle Database


for MTS
• Create a MTS admin account with appropriate
privileges
• Set the relevant init.ora parameters
• Create the Windows service for the recovery
daemon on each node
• Run appropriate SQL scripts

Configuring the Oracle database server for MTS


Each Oracle Server that participates in MTS transactions needs to be configured
appropriately. The following are required on Oracle databases that participate in
MTS transactions:
• An MTS admin account on that database.
• The MTS admin account must have the FORCE_ANY_TRANSACTION
database privilege to be able to recover global transactions started by other
database users.
• The MTS admin user must have execute privileges on the UTL_HTTP
PL/SQL package in the database.
• The MTS admin user must have execute privileges on the DBMS_JOB
PL/SQL package in the database. Moreover, the database must be
configured to run scheduled database jobs using the appropriate setting of
init.ora parameters (for example, JOB_QUEUE_PROCESSES).
• Databases participating in MTS/DTC transactions must have the following
init.ora parameters adequately setup: PROCESSES, SESSIONS,
TRANSACTIONS.
• A Windows service for the recovery daemon on each node that the product
is installed on. The recovery daemon has very few configurable parameters
and can be easily modified by editing the Windows registry.
• SQL scripts are provided to create the MTS admin account. This script also
installs the relevant PL/SQL packages required for recovery, and creates

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 12
the database job for periodic recovery. The MTS admin account and the
database jobs are already set up on the seed databases for Windows.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 13
Oracle Services for MTS: MTS-Initiated Transactions

Oracle Services for MTS:


MTS-Initiated Transactions
MTS Application Server
Client Application D
T
OO4O OLEDB ODBC C
MTS Integration Layer P DTC (TM)
r
o
OCI
x
y
Net9

Oracle Server

Oracle
Oracle Server Database

Oracle Server

Application components hosted by MTS typically use ADO/OLEDB, ODBC, or


OO4O to connect to Oracle databases. These data access interfaces use the
Oracle-MTS integration layer to enlist the connection in any ongoing MTS
transactions. Components may also use OCI directly.
When a client calls a method on a component hosted by the MTS environment,
the MTS environment may propagate an existing DTC transaction to the
invocation or start a new DTC transaction.
When an MTS-hosted component that is part of a transaction requests an Oracle
connection (through the Oracle OLEDB provider or the Oracle ODBC driver),
the corresponding resource dispensers call the underlying connection provider
to automatically enlist the connection in the transaction. The connection
providers (that is,. the Oracle OLEDB provider or the Oracle ODBC driver)
request the Oracle-MTS integration layer to enlist the connection in the MTS-
initiated transaction.
OO4O obtains the connection from the OCI connection dispenser implemented
by the Oracle-MTS integration layer. This dispenser is directly requested by the
dispenser manager to implicitly enlist the connection in the transaction. The
same applies to OCI-based clients that directly obtain connections from the OCI
connection dispenser implemented by the Oracle-MTS integration layer.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 14
Oracle Services for MTS: Resource Manager Proxy
Enlistment

Oracle Services for MTS:


Resource Manager Proxy Enlistment

MTS Application Server

MTS Executive

OO4O/OLEDB/ Oracle-MTS Integration TXN


Object
ODBC RM Proxy
1 DTC (TM)
4
Connection
2PC DTC
Callback 2 Proxy

OCI
3
Net9
DTC Log

Net9 Oracle
Oracle Server
Database
DB1

The Oracle-MTS integration layer provides interfaces to permit OO4O,


OLEDB, or ODBC to enlist their connections in MTS-initiated transactions. In
addition, the integration layer will also permit explicit enlistment of Oracle
connections in application-initiated transactions.
The following is an overview of the sequence of events that occur:
• The application layer (OO4O, OLEDB, or ODBC) requests the
integration layer to enlist a connection in a DTC transaction
• The Oracle-MTS integration layer requests the RM proxy for DB1 to join
the DTC transaction.
• The TM registers the fact that an RM has joined the transaction in the
DTC log.
• The Oracle-MTS integration layer receives a transaction identifier (XID)
as a result of joining the transaction.
• The Oracle-MTS integration layer then starts an Oracle global transaction
using the XID obtained in 4 on the existing connection.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 15
Oracle Services for MTS: Completing the MTS
transaction

Oracle Services for MTS:


Completing the MTS transaction

MTS Application Server

MTS Executive

OO4O/OLEDB/ Oracle-MTS Integration


ODBC RM Proxy
2 1
2PC DTC
MSTDC DTC (TM)
callback
Connection Proxy
4
New pooled
2PC connection
OCI
5
Net9
DTC Log

3
Net9 Oracle
Server

Net9 Oracle Oracle


Server Database

The above graphic is an overview describing how the MTS environment


completes transactions:
– The TM (DTC) calls the 2PC callback object via the TM proxy with 2PC
requests (prepare, commit, abort).
– The callback object uses the original (OO4O, OLEDB, or ODBC)
connection or a new pooled connection to perform the requested 2PC
operation.
– Oracle performs the necessary 2PC operation.
– The outcome of the 2PC operation is conveyed to the TM via the TM
proxy.
– The TM alters the state of the transaction appropriately (for example,
prepared, committed).

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 16
Oracle Services for MTS: Application Initiated
Transactions

Oracle Services for MTS:


Application Initiated Transactions
• An application working outside the MTS
environment can still begin and complete DTC
transactions
• Resource dispensers are not invoked by the
dispenser manager
• Application has to explicitly enlist the resource by
calling the Oracle-MTS layer
• Transaction management rests on the application,
including initiation, propagation, and completion

Application Initiated Transactions


Using the DTC’s transaction control interfaces, an application working outside
the MTS environment can begin to complete DTC transactions. In this case, the
application resource dispensers will not be invoked by the dispenser manager to
perform automatic enlistment of resources in these transactions. The application
has to call the connection provider to explicitly enlist the acquired connections
(in a provider specific manner) in the DTC transaction. Moreover, the onus of
transaction management rests on the application. This includes transaction
initiation, propagation, and completion (commit or abort).
The application can use ADO/OLEDB, ODBC, or OO4O to acquire
connections to Oracle databases. The application has to explicitly enlist the
resource by calling the Oracle-MTS integration layer. The same applies to OCI
connections obtained from the dispenser implemented by the Oracle-MTS
integration layer.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 17
Oracle Services for MTS: In-doubt Transactions

Oracle Services for MTS:


In-doubt Transactions
• Database-driven recovery
– Transaction recovery is driven from the RM(s)
that participated in the transaction
– A PL/SQL job in the database is used to
periodically detect any unresolved transactions
and resolve them
• Additional help from a recovery daemon
– DTC transaction recovery requires the use of
COM and an external process running (recovery
daemon) on each node
– Oracle databases can contact the recovery
daemon on the node to resolve in-doubt
transactions that originated from that node

Database-Driven Recovery
DTC transaction recovery is driven from the RMs that participated in the DTC
transaction. The RM that joined a DTC transaction must request the final
outcome of the in-doubt transaction from the DTC itself by a process called
reenlistment. During reenlistment the RM passes in the DTC global transaction
identifiers (trids) corresponding to the in-doubt transaction in the RM’s data
source. The DTC then responds with the final outcome of the transaction.
Each MTS-enabled database periodically executes a PL/SQL recovery job to
resolve any unresolved DTC-based transactions. This ensures that recovery will
be initiated whenever the database is up and running. Moreover, this job will
survive database restarts.
Recovery Daemon
DTC transaction recovery requires the use of COM. Since Oracle databases run
on operating systems that do not support COM (for example, Solaris), an
external process is required to resolve transaction outcomes with the DTC. On
each application server node, Oracle has a single recovery daemon instance
which services in-doubt transaction resolution requests for transactions
originating from that node.
The database PL/SQL recovery job contacts the MTS application server node
recovery daemon to resolve any in-doubt transactions that originated from that
node. The recovery daemon in turn contacts its DTC to resolve the transaction
and conveys the outcome to the PL/SQL recovery job. The PL/SQL job then
commits or aborts the in-doubt transaction, accordingly.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 18
Oracle Services for MTS:
In-Doubt Transactions (Recovery Daemon)

Oracle MT S Recovery Daemon

3
RM Proxy
RM Proxy MSDTC (TM)
RM Proxy

RM-proxy cache

HTTP Listener

DTC Log
Machine boundary

2 4
1

HTTP DBMS Job Queue process


HTTP executing recovery job Oracle
database
5

• DBMS job process queries pending_trans$ for in-doubt transactions


(XIDs).
• DBMS job process extracts the recovery daemon’s endpoint address from
each XID and requests recovery daemon for the outcome of the
MTS/DTC transaction.
• Recovery daemon requests DTC for transaction outcome.
• Recovery daemon reports transaction outcome to DBMS job process.
• DBMS job process commits/aborts the in-doubt transaction.
On each application server node, a recovery daemon is created as a Windows
service. This occurs when Oracle Services For MTS is installed on that
machine.
The recovery daemon’s purpose is to resolve the outcome of in-doubt Oracle
database transactions corresponding to DTC-coordinated transactions that
originate from that node.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 19
Real Application Clusters and Fail Safe Support

Real Application Clusters


and Fail Safe Support
• Oracle Real Application Clusters support
– Database job may be run in multiple instances
– Execution of these jobs cannot be assumed
to be serialized
• Oracle Real Application Clusters Data Guard for
Oracle Fail Safe
– Recovery daemon is logically grouped with the
DTC
– All information pertaining to transaction
recovery is stored in the database

In a cluster environment using Real Application Clusters, the database job may
be run on multiple instances. The execution of these jobs cannot be assumed to
be serialized. However, this would not cause inconsistencies in the resolution of
in-doubt transactions because the outcome of any in-doubt transactions that
have been resolved cannot be changed subsequently. In other words, it is
impossible to commit an aborted transaction and vice-versa. Once an executing
recovery job commits or aborts the transaction, no other recovery job will be
able to reverse the outcome. This functionality will be optimized in future
release so that the redundancies will be eliminated.
In a high availability environment using Oracle Fail Safe, the recovery daemon
logically should be grouped with the DTC. Because there is no other
configuration that needs to be done after installation, enabling fail safe for
recovery daemon is straightforward. All information pertaining to transaction
recovery is stored in the database.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 20
Connection Pooling

Connection Pooling

• A connection pooling mechanism is implemented


within the Oracle-MTS integration layer
– Leads to improved scalability
• A Resource Dispenser within the Oracle-MTS layer
dispenses pooled OCI connections
– Pooled OCI connections can be used by OLEDB,
ODBC, OO4O, or by clients directly
• A public API is provided for pooling performed
both inside and outside the MTS environment

Connection Pooling
A connection pooling mechanism has been implemented within the Oracle-
MTS integration layer for use by MTS clients (in particular) to address
scalability issues. A resource dispenser within the Oracle-MTS integration layer
dispenses pooled OCI connections. New interface functions to allocate and
release pooled connections by way of the dispenser are provided.
A “pooled OCI connection” is essentially an OCI service context handle and its
associated OCI environment and error handles. For each database accessed from
the dispenser, a cache of unused Net9 connections will be maintained. When a
pooled OCI connection is destroyed by the dispenser, the underlying Net9
connection is not dropped immediately; instead, the connection is cached. The
Net9 connection cache will be periodically cleaned up by a garbage collector
thread within the dispenser.
Pooled OCI connections can be used by any of the existing interfaces, such as
the Oracle OLEDB provider, the Oracle ODBC driver, OO4O, or clients that
use pooled connections directly. However, the Oracle OLEDB provider and the
Oracle ODBC driver manage their own database connections and do not use
pooled OCI connections directly. OO4O uses the pooled connections dispensed
by the resource dispenser. Pooled OCI connections will also be used by 2PC
callback objects within the Oracle-MTS integration layer to perform 2PC in
cases where the originally “enlisted” application connection is no longer
available.
Public API

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 21
Because pooling can be performed both inside and outside the MTS
environment, Oracle provides one set of pooling APIs and does runtime
determination of the environment.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 22
Summary

Summary

In this lesson, you should have learned how to:


• Utilize the integrated Oracle Services within
Microsoft Transaction Server

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 23
Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Services for Microsoft Transaction Server (MTS)


Chapter 4 - Page 24
Oracle Fail Safe Release 3.2
for Windows Clusters
Chapter 5

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 1
Oracle Fail Safe Release 3.2 for Windows Clusters

Oracle Fail Safe Release 3.2


for Windows Clusters

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 2
Objectives

Objectives

After this lesson, you should be able to:


• Describe how Oracle Fail Safe helps you deploy
high availability solutions on Windows clusters
• Describe key Oracle Fail Safe features

This lesson provides an overview of Oracle Fail Safe release 3.2 and describes
the kinds of high availability solutions that can be deployed on Windows
clusters with Oracle Fail Safe.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 3
Overview

Overview

• What is Oracle Fail Safe?


• High availability and downtime
• Windows clusters and Microsoft Cluster Server
overview
• Oracle Fail Safe overview
• Highly available Oracle Fail Safe e-business
solutions

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 4
What is Oracle Fail Safe?

What is Oracle Fail Safe?

• Core feature of Oracle9i, Oracle iAS, and Oracle


Applications Release 11i
• Provides high-availability for e-business solutions
deployed on Windows clusters
• Optimized for Windows customers who require
high availability for database and application
workloads that can be handled by a single system
• Works with Microsoft Cluster Server to ensure that
Oracle databases and applications running on that
node will fail over (move) automatically and quickly
to a surviving node, if a failure occurs

Customers who require high availability on other platforms or who want a


database solution that scales across multiple systems can consider Oracle Real
Application Clusters. More information about Oracle availability and disaster
recovery solutions can be found online through the Oracle Technology Network
at http://technet.oracle.com/deploy/availability/
[http://technet.oracle.com/deploy/availability/]

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 5
Problem: High Cost of Downtime

Problem: High Cost of Downtime

Financial impact per hour of interrupted computer operations by industry

Retail Brokerage $6,450,000


Credit Card Sales $2,600,000
Pay-Per-View $150,000
Home Shopping (TV) $113,000
Catalog Sales $90,000
Airline Reservations $89,500

Source: Gartner Group & Contingency Planning Research, Inc.

System downtime costs an average company


over $80,000 an hour

Whether planned (for example, during upgrades or maintenance) or unplanned


(for example, as a result of hardware failure), downtime costs the average
company over $80,000 per hour. For online auction or brokerage companies, the
cost is millions of dollars per hour, not to mention the possibility of lost future
business for the lifetime of the affected customers. For many businesses, this is
money that can never be recovered.
Fortunately, Oracle can help. The combination of Oracle databases and
applications deployed on Windows clusters with Oracle Fail Safe, along with a
tailored set of best practices, can keep your business up and running.
A more detailed discussion of availability and the causes of downtime is
available online through the Oracle Technology Network at
http://technet.oracle.com/deploy/availability/htdocs/ha_overview.html
[http://technet.oracle.com/deploy/availability/htdocs/ha_overview.html]

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 6
Windows Clusters

Windows Clusters

• A cluster is a group of independent computing


systems (nodes) that operates as a single virtual
system.
• Component redundancy in clusters eliminates
individual host systems as points of failure.
• The majority of Windows clusters rely on Microsoft
Cluster Server to form a basic “shared nothing”
cluster environment.
• Each cluster node owns a subset of the cluster
resources, and high availability is achieved
through failover.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 7
Microsoft Cluster Server Basics

Microsoft Cluster Server Basics

• Shared-nothing cluster environment


• 2 node limit for Windows NT EE and Windows 2000
Advanced Server
• Up to 4 nodes with Windows 2000 Datacenter
Server
• Certified configurations from all major vendors
listed on Microsoft hardware compatibility list
(http://www.microsoft.com/hcl, search for All
Products of type Cluster)

Microsoft Cluster Server (MSCS) provides a basic high availability


environment known as a "shared-nothing" cluster. Individual cluster resources
such as disks, IP addresses, database instances and the like are owned by and
accessed through exclusively one cluster node at any given time. If a failure
occurs, ownership of the affected resources are transferred, or failed over, to a
surviving cluster node. In this way, individual cluster systems are eliminated as
potential points of failure. MSCS clusters are currently limited to 2 nodes for
Windows NT Enterprise Edition and Windows 2000 Advanced Server, and to 4
nodes for Windows 2000 Datacenter.
When deploying mission critical solutions on MSCS clusters, it is critical to be
sure the hardware configuration is listed on the Microsoft cluster hardware
compatibility list (http://www.microsoft.com/hcl [http://www.microsoft.com/hcl]
, search for All Products of type Cluster). In the event of any problems, neither
Microsoft nor Oracle will provide any support if the cluster hardware is not on
this list of certified configurations.
Also, it is critical to note that MSCS provides high availability, but only limited
disaster protection. In a typical MSCS cluster configuration, the storage array
cabinet remains a potential point of failure. Although individual Fibre Channel
cluster nodes can be located as far apart as 7-10 kilometers, there is only a
single copy of the data stored on the cluster disks. Since MSCS itself provides
no protection from data loss, use of RAID arrays to protect against individual
drive failures is highly recommended. Customers who require both high
availability and disaster protection can combine Oracle9i disaster recovery
features (such as Advanced Replication or Automated Standby) with databases

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 8
configured for high availability with Oracle Fail Safe at multiple sites. MSCS
compatible geo-clustering solutions such as EMC GeoSpan or Compaq Stretch
Clusters can provide additional local area disaster protection.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 9
Oracle Fail Safe Basics

Oracle Fail Safe Basics

• Core feature included with every Windows license


for Oracle9i, Oracle iAS, and Oracle Applications
11i
• High availability software, integrated with Microsoft
Cluster Server, that provides a fast, easy, and
accurate way to:
– Configure and verify Windows clusters
– Automatically fail over Oracle databases and
applications

Oracle Fail Safe is a core feature included with every Oracle9i, Oracle iAS, and
Oracle Applications Release 11i license for Microsoft Windows NT and
Windows 2000. It is high availability software, integrated with Microsoft
Cluster Server,that provides a fast, easy, and accurate way to configure and
verify Windows clusters and to automatically fail over Oracle databases and
applications. In the event of a system failure, Oracle Fail Safe works with
Microsoft Cluster Server to automatically restart Oracle databases and
applications on a surviving cluster node. Oracle Fail Safe also includes
extensive online documentation, help, and a comprehensive tutorial to help you
get started quickly.
Oracle Fail Safe includes two main components: a server and a manager. The
server component is installed on each cluster node and works with Microsoft
Cluster Server and a set of cluster resource dynamically linked libraries
(Resource DLLs) to ensure fast automatic failover during planned and
unplanned outages. The management component, Oracle Fail Safe Manager, is
an easy-to-use graphical interface that works with the Oracle Fail Safe server
component on one or more clusters to perform configuration, management,
verification, and static load balancing. Together, these components provide a
rich set of features and integrated troubleshooting tools that enable rapid
deployment of highly available databases and applications to make complete e-
business solutions.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 10
Oracle Fail Safe New Features

Oracle Fail Safe New Features

Support for:
• Oracle Service for Microsoft Transaction Server
(MTS)
• Oracle iAS, with the exception of Oracle9i Caches
• Windows operating system (OS) authentication for
database authentication
• Oracle Applications Release 11i
• Windows 2000 Datacenter 4-node clusters
• Improved command line and scripting options

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 11
Oracle Fail Safe Manager Wizards

Oracle Fail Safe Manager Wizards

Oracle Fail Safe Manager drag-and-drop features and wizards simplify the
process of configuring Oracle e-business solutions for high availability on
MSCS clusters. The Oracle Fail Safe Manager Add Resource to Group Wizard
panel shown above lists many of the Oracle software components that can be
configured for failover. Oracle Fail Safe automatically registers software
resources and updates cluster information on each node, reconfigures the Oracle
Network Services components on each cluster node, and ensures that databases
and applications can successfully fail over from one node to another. In addition
to automating failover configuration for Oracle8, Oracle8i, and Oracle9i
databases, Oracle Fail Safe also automates most aspects of failover
configuration for Oracle iAS and Oracle Applications Release 11i.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 12
Highly Available Oracle Applications

Highly Available Oracle Applications

Forms Load Balancer Clients


Forms Servers Oracle Reports Server
Concurrent Manager
Forms Load Balancer Server 1 Oracle Database
Web Servers Oracle Fail Safe
Oracle Fail Safe
2

n
Client Tier Application Tier Data Tier

In a typical Oracle Applications Release 11i multitiered configuration, such as


shown in the figure, the Web server and Forms Load Balancer Server reside on
one node, while the other node hosts the highly available Oracle database,
Reports Server, and concurrent processing services. For larger deployments or
where the fastest possible failover times are desired, separate clusters can be
used for the application tier and database tier components. Additional clustered
or nonclustered Forms and Reports servers also can be added to provide middle-
tier scalability. Multitiered solutions eliminate what would otherwise be
potential points of failure in nonclustered deployments.
In this example, application-tier scalability can be achieved by deploying
multiple Oracle Forms Servers on additional systems external to the cluster. The
Forms Load Balancer Clients on the additional systems are configured to
connect to the highly available Forms Load Balancer Server running on the
cluster. If any system hosting an Oracle Forms Server fails, the Forms Load
Balancer Server simply routes requests to a surviving system.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 13
Economies of Scale with Larger Clusters

Economies of Scale with Larger Clusters

Oracle Fail Safe Oracle Fail Safe Oracle Fail Safe Oracle Fail Safe

Fail Safe Oracle9i Fail Safe Oracle9i Fail Safe Oracle9i


Sales Database Marketing Database Inventory Database

Fiber Channel

Cluster Drives

Oracle Fail Safe supports Windows 2000 Datacenter clusters, which currently
can contain up to four nodes. Larger clusters can provide significant economies
of scale. Replacing a collection of two-node clusters with a single Windows
2000 Datacenter Server cluster can substantially reduce the hardware cost
associated with otherwise "idle" systems. Management and administration tasks
are also consolidated into a single cluster environment.
In the figure, a four-node Windows 2000 Datacenter cluster is configured so
that a single cluster node serves as the backup system in the event that any of
the other nodes fails. By contrast, if each of the three workloads is instead
deployed on its own separate two-node active/passive cluster, then three of the
six total systems in the complete solution would be idle.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 14
More Information

More Information

• Oracle Fail Safe Beta Programs:


laurence.clarke@oracle.com
• High Availability:
http://www.oracle.com/ip/solve/continuity/
• Oracle Databases:
http://www.oracle.com/ip/deploy/database/
• Oracle Fail Safe:
http://www.oracle.com/ip/deploy/database/features/failsafe/
http://technet.oracle.com/tech/nt/failsafe/

If you have questions, comments, or suggestions about Oracle Fail Safe, please
email failsafe_us@oracle.com [mailto:failsafe_us@oracle.com]

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 15
Summary

Summary

• Oracle Fail Safe ensures fast failover and recovery


– Planned outages (example, rolling upgrades,
maintenance)
– Unplanned outages (example, hardware failures,
human error)
• Core Oracle9i, Oracle iAS, and Oracle Applications
11i feature
– Complete highly available e-business solutions
– Synergies with many Oracle9i features
• Low cost and easy-to-use

Oracle Fail Safe is a core feature of Oracle9i, Oracle iAS, and Oracle
Applications Release 11i that minimizes or eliminates many potential sources of
both planned and unplanned downtime. With Oracle Fail Safe, developers and
administrators can quickly design and implement a large variety of highly
available application and database solutions on Windows clusters. The
automated wizards and configuration tools included with Oracle Fail Safe make
deployment and maintenance easy. For many customers, the business downtime
prevented during a single server outage provides an immediate return of
investment for their entire high availability solution.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle Fail Safe Release 3.2 for Windows Clusters


Chapter 5 - Page 16
Oracle on Windows Security
and Active Directory Features
Chapter 6

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 1
Oracle on Windows Security and Active Directory
Features

Oracle on Windows Security and


Active Directory Features

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 2
Objectives

Objectives

• After this lesson, you should be able to:


• Describe the features supported by Windows
Native Authentication Adapter and
how to use it
• Describe how Oracle PKI uses
Windows System Registry
• Describe how Oracle PKI is
integrated with Windows 2000 PKI
(Microsoft Certificate Store)

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 3
Windows Native Authentication Adapter

Windows Native Authentication Adapter

• Enables Single Sign On (SSO) for Oracle on


Windows users
– Enables a Windows NT/2000 domain or local
user to connect to an Oracle database without
providing a username or password
• Automatically installed with Net9 Server and Net9
Client

To use Windows Native Authentication with Oracle products, ensure that the
SQLNET.AUTHENTICATION_SERVICES is set to NTS in the sqlnet.ora file
on both client and server (default setting after installation).

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 4
Windows Native Authentication Adapter Features

Windows Native Authentication


Adapter Features
Supports two types of Oracle users
• External users
– User authentication and role authorization by
an entity external to the database
• Enterprise users
– User authentication as an X.509 user and role
authorization using a LDAP-enabled directory
server

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 5
Windows Native Authentication Adapter - External
Users and Roles

Windows Native Authentication


Adapter - External Users and Roles
• External users
– Windows domain or local user is authenticated
to the Oracle database as
“DomainName\Username” or “Username”
depending on the registry parameter
– User can be assigned a database role or an
external role
• External role
– Assigning users to an external role provides
those users external user privileges

Creating an External Role for Windows Security


1. Create a local NT/2000 group ORA_<rolename> or ORA_<sid>_rolename
2. Add a Windows domain or local user to this group
3. In the database server, create role <rolename> identified externally
4. Setup the following in the database server
• Create user <ALL UPPERCASE NAME> identified externally
• Set init.ora parameter os_authent_prefix = ““
• Set Windows Registry parameters in <Oracle DB Home> under
\\HKEY_LOCAL_MACHINE
– OSAUTH_PREFIX_DOMAIN
– Type: REG_EXPAND_SZ
– Value: TRUE (default) or FALSE
- TRUE: Username will be Domainname\Username
- FALSE: Username will be Username

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 6
Windows Native Authentication Adapter - Enterprise
Users and Roles

Windows Native Authentication


Adapter - Enterprise Users and Roles
• Enterprise Users
– Supported only in Windows 2000 domain
– Windows domain or local user is authenticated
to the Oracle database as an X.509 user
– User can be assigned a database role or an
enterprise role
• Enterprise roles
– Enterprise roles are stored in a LDAP-enabled
directory server like Oracle Internet Directory
(OID) or Active Directory (AD)
– Oracle Enterprise Security Manager is used

Creating an Enterprise Role for Windows Security


Enterprise roles can be assigned to Windows domain or local users and
Windows groups. Setup the following in the database server:
• Create user <username> identified globally as ‘<X.509 username>’
• Set init.ora parameter rdbms_server_dn = “<X.509 dbname>
• Set Windows Registry parameter in <Oracle DB Home> under
\\HKEY_LOCAL_MACHINE:
OSAUTH_X509_NAME
Type: REG_EXPAND_SZ
Values: TRUE or FALSE (default)
If set to TRUE, NTS adapter returns X.509 name of the user
If both OSAUTH_X509_NAME and OSAUTH_PREFIX_DOMAIN are set,
OSAUTH_X509_NAME takes precedence.
You can use NetCA to create the Oracle Schema in Active Directory. You can
use Oracle Enterprise Security Manager for managing enterprise roles.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 7
Tools for Enterprise User Security

Tools for Enterprise User Security

Enterprise Security Manager (ESM)


• OID
– Manages enterprise users and roles
• Active Directory
– Manages only enterprise users
– ESM will try using Windows Native
Authentication first
– If this fails, user can select the
authentication to use

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 8
Tools for Enterprise User Security

Tools for Enterprise User Security

NetCA
• Used to install the Oracle Schema in the directory
server
• With Active Directory, NetCA uses Windows Native
Authentication to connect to the directory server
• Access control on Oracle objects is different
between OID and AD

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 9
Automatically Enabling Windows Native Authentication
During Installation

Automatically Enabling Windows Native


Authentication During Installation
• A special NT local group, ORA_DBA, is
automatically created when Oracle9i database
server is installed.
– Members of the ORA_DBA group have Oracle
SYSDBA privileges
– Being a member of this group allows users to
connect as SYSDBA without a password locally
or remotely and perform database
administrative procedures

When you install your Oracle9i database, your Windows username is


automatically added to a Windows NT local group called ORA_DBA. The
ORA_DBA local group is automatically created when your Oracle9i database is
installed and is a special Windows NT local group whose members
automatically receive the SYSDBA privilege. This enables you to:
• Connect to any local Oracle9i databases without a password by issuing
commands such as the following:
– CONNECT / AS SYSDBA
• Connect to remote Oracle9i databases without a password by issuing a
command such as the following:
– CONNECT /@net_service_name AS SYSDBA
– Where net_service_name is the net service name of the Oracle9i
database to which to connect.
• Perform local or remote database administration procedures such as starting
and shutting down local databases
• Add additional Windows NT users to ORA_DBA, enabling them to have
the SYSDBA privilege, provided you have Administrator privileges

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 10
Oracle PKI integration with Windows System Registry

Oracle PKI integration with


Windows System Registry
• Encrypted and decrypted Oracle wallets are stored
in the Windows user's profile area of the Windows
Registry
– Oracle Wallet Manager creates encrypted wallet
– Oracle Enterprise Login Assistant creates
decrypted wallet used by Oracle for SSL
authentication
• Multiple Oracle wallets can be stored and used
from the user profile area

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 11
Advantages of Oracle PKI Integration with Windows
System Registry

Advantages of Oracle PKI Integration


with Windows System Registry
• Better security
– Oracle wallet can be read only by the user
– No user has the ability to access the users’
profile once they have logged out of the
machine
• Easier administration
– When a user is removed from a domain or
computer, the user’s profile is automatically
deleted along with the wallet
– On Windows NT/2000, the administrator
explicitly will not need to manage the access
control on the file system

Storing Oracle wallets on the Windows file system can be insecure and
difficult to manage users. Windows 95/98 have no access control available for
their file systems. Additionally, when a user is removed from the computer or
domain, the administrator has to explicitly remove the user’s wallet from the
local computer’s file system.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 12
Using the Oracle PKI Integration with Windows System
Registry

Using the Oracle PKI Integration


with Windows System Registry
• The Windows System Registry default location is

\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\DEFAULT

• Oracle wallets can be uploaded from the user


profile area or downloaded to the user profile area
from a user object in OID using Oracle Wallet
Manager and Oracle Enterprise Login Assistant
• To use Oracle wallets from Windows System
Registry, set the wallet_location parameter in the
sqlnet.ora file

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 13
Oracle PKI Integration Configuration Example

Oracle PKI Integration


Configuration Example
• Using the Oracle wallet in the Registry under
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\SALESAPP

• The sqlnet.ora file contains the following:


wallet_location = (SOURCE =
(METHOD=REG)(METHOD_DATA=(KEY=SALESAPP)))

• Encrypted and decrypted Oracle wallet is stored in


\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\
SALESAPP\EWALLET.P12

\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\
SALESAPP\CWALLET.SSO

The wallet_location parameter is used in sqlnet.ora to specify the location of


the decrypted Oracle wallet for use by Oracle PKI applications.
If no value is specified for wallet_location in sqlnet.ora, on Windows
95/98/NT/2000 the Oracle PKI applications will look for the decrypted wallet
in the Windows System Registry key:
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\DEFAULT
\CWALLET.SSO
The value of this will be used if found. Otherwise, Oracle PKI applications will
look for the decrypted Oracle wallet in the machine’s local file system under
$USERPROFILE\ORACLE\WALLETS.
If no decrypted Oracle wallet is found in the Windows System Registry or file
system default locations, then an error saying that no Oracle wallet exists will
be displayed.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 14
Oracle Wallet Manager Enhancements

Oracle Wallet Manager


Enhancements
• Used to create and manage one or more Oracle
wallets in a machine’s file system or the user
profile area in Windows System Registry
• Ability to store Oracle wallet from file system to
Windows Registry or the reverse
• Ability to download and upload Oracle wallets to or
from user object in OID

The Oracle Wallet Manager tool is used to create and manage Oracle wallets.
In Oracle9i, the user can store Oracle wallets in Windows System Registry.
When the tool opens or saves a wallet, a screen is displayed with the choice of
“Windows System Registry” or “File”. If Windows System Registry is
selected, then then tool will show a list of existing keys under
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS. You can
select one of the existing locations, or enter the name for a new location
(registry key).
For example, if the new key is KEY1, then the tool will create a registry key
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\KEY1. The
encrypted wallet is the registry value
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\KEY1\EWA
LLET.P12, and the decrypted wallet is the registry value
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\KEY1\CWA
LLET.SSO.
If the user selects to choose “File”, then the tool will display all the available
drives/directories on the local machine. The user can select one of the existing
directories or can enter a new directory. The tool will then store the
encrypted/decrypted wallet in the selected directory, creating the directory if it
does not exist.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 15
Oracle Enterprise Login Assistant Enhancements

Oracle Enterprise Login


Assistant Enhancements
• ELA will first look in the Registry for the Oracle
wallet:
\\HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\DEFAULT

• If not found, it will then look at the file system for


the Oracle Wallet:

%USERPROFILE%ORACLE\WALLETS\DEFAULT

To enable single sign-on to Oracle products which use Oracle PKI, Oracle has
a single sign-on tool Oracle Enterprise Login Assistant. A user can logon once
(which will create the decrypted wallet for Oracle) and from then on until the
user logs out, all applications will use this decrypted wallet to authenticate.
When logging out from the tool, the decrypted wallet is removed from the
corresponding location.
If a decrypted wallet is not found in Windows System Registry or file system
default locations, then the login assistant displays that Auto Login is not
enabled (in the status bar at the bottom).

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 16
Oracle Enterprise Login Assistant LDAP support

Oracle Enterprise Login


Assistant LDAP support
• Ability to download a wallet from the user object in
the LDAP directory using the Login Assistant
– Can be downloaded to the default location in
the Registry or the local machine’s file system
• Ability to upload a wallet to the user object in the
LDAP directory from the default location in the
Registry or the local machine’s file system

LDAP Support is implemented as part of the Enterprise Login Assistant for


Oracle9i. This means that using the login assistant, you can download a wallet
from the user object in the LDAP directory to the default location in the
Windows System Registry or local machine’s file system.
A wallet can be uploaded to the user object in the LDAP directory from the
local machine’s file system. On launch, if the tool finds the decrypted wallet in
the default location in the Windows System Registry, then any subsequent
uploads/downloads to/from the directory will always be to/from the Windows
System Registry for that session of the tool. If the tools finds the decrypted
wallet in the default location in the local machine’s file system, then any
subsequent uploads/downloads to/from the directory will always be to/from the
file system for that session of the tool. In the event that no decrypted wallet is
found locally, but an encrypted wallet is found and the user logs in using this
encrypted wallet, then if we select to download from/upload to the LDAP
directory, the Oracle wallet from the directory will always be stored wherever
the original encrypted wallet was found (Windows System Registry or File
system).
On logout, the corresponding decrypted wallet will be removed. On exit without
logout, the decrypted wallet will be left intact.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 17
Windows Public Key Infrastructure (Windows 2000)

Windows Public Key Infrastructure


(Windows 2000)

Certificate Services Active Directory Domain Admin

Security Policy

Policy DC/KDC
Distribution,
Certificate
Publication, Domain
Certificate etc. Logon
Enrollment
and
Revocation

Domain Client
Machine

Microsoft has its own Public Key Infrastructure (PKI). This infrastructure is
built around the Certificate Store which stores the certificates, references to
private keys and trust points, and Microsoft's Crypto APIs. Microsoft provides
its own Certificate Server bundled with NT 4.0 Server Option Pack and
Windows 2000 server editions.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 18
Microsoft Certificate Store

Microsoft Certificate Store

• Windows 2000 stores public key objects in logical


stores and physical stores
– Physical stores: Public key objects are stored
in the local registry
– Logical stores: Group public key objects for
users, computers, and services
– Contain pointers to the public key objects in
the physical stores
– Enable public key objects to be shared
among users, computers, and services
without requiring duplicate storage of each
object

Public key objects are things such as certificates and certificate revocation lists.
Note: Some user certificates are stored in Active Directory.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 19
Oracle and Windows PKI Integration Overview

Oracle and Windows PKI


Integration Overview
• Oracle PKI Integration with Windows PKI provides
the customer with a simple, well-integrated
solution with the following capabilities:
– Oracle SSL can use, for example, certificates
and trustpoints from Microsoft Certificate Store
– Support for Smart Cards
– Smart Cards provide for tamper-resistant
storage of private keys and portability of
credentials

The integration of Oracle PKI with Microsoft PKI provides customers with a
simple, well-integrated Oracle PKI solution on Windows operating systems,
where ease of use and flexibility are primary objectives. Customers have a
choice of either using a complete Oracle PKI solution from start to finish or
using Oracle PKI with Windows PKI.
The following are some of the benefits of integrating Oracle PKI with
Windows PKI:
• Allow Oracle products to interoperate with already existing products other
than Oracle, using Microsoft PKI
• Single sign-on for both Oracle and Windows
• Support Smart Cards for Oracle products

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 20
Oracle PKI Integration with Windows PKI

Oracle PKI Integration


with Windows PKI
• Advantages
– Same set of security information (certificates,
trustpoints, private keys) is being used for both
Oracle and non-Oracle products
– Users already familiar with Microsoft tools do
not need to learn new ones
• Smart Card support
– Available only on the client side
– No server side support

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 21
Smart Card Setup

Smart Card Setup

• Windows Registry variable


ORA_ENABLE_SMARTCARD
– set in \\HKEY_LOCAL_MACHINE/<Oracle home
key>
– Type: REG_EXPAND_SZ
– Values: TRUE or FALSE
– Default is FALSE
– If set to TRUE, smart card is used for Oracle
SSL authentication
• wallet_location parameter in sqlnet.ora set to
(SOURCE=(METHOD=MCS))

Smart cards are becoming a key component of the public-key infrastructure


that Microsoft is integrating into the Windows platforms. They are supported
as part of Windows 2000. They are also supported on Windows 98 and
Microsoft is also adding support for Smart Cards on NT 4.0 and Windows 95
platforms.
Smart cards provide tamper resistant storage for private keys and credentials
portability. Microsoft's Crypto APIs support smart cards through a Smart Card
Crypto Service Provider.
In order to support Smart Cards, a new registry variable,
ORA_ENABLE_SMARTCARD, has been created.
ORA_ENABLE_SMARTCARD can have a value of TRUE or FALSE. The
default value is FALSE.
If one sets up wallet_location = (SOURCE = (METHOD=MCS)) in the
sqlnet.ora file and ORA_ENABLE_SMARTCARD to TRUE in the registry
under the Oracle home, then the Smart Card will be used for Oracle PKI.
If ORA_ENABLE_SMARTCARD is set to FALSE in the registry under
Oracle the home, then the Microsoft Certificate Store will be used for Oracle
PKI. Likewise, if ORA_ENABLE_SMARTCARD is not set up in the registry
under Oracle home, then the Microsoft Certificate Store will be used for Oracle
PKI.

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 22
Configuration Example

Configuration Example

• Syntax example of wallet_location parameter in


sqlnet.ora for using credentials from Microsoft
Certificate Store:

wallet_location = (SOURCE = (METHOD=MCS))

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 23
Summary

Summary

In this lesson, you should have learned how to:


• Use Oracle Windows native authentication adapter
• Manage and use Oracle wallets from Windows
System Registry
• Use Oracle SSL with Windows PKI

Copyright © Oracle Corporation, 2000. All rights reserved.

Oracle on Windows Security and Active Directory Features


Chapter 6 - Page 24