To Verify if the Enterprise Manager GC (OMS) is Locked or Unlocked_428874.1

rongshiyuan發表於2014-08-08
GC

How To Verify if the Enterprise Manager Grid Control (OMS) is Locked or Unlocked? (Doc ID 428874.1)

In this Document

Goal
Solution
References

Applies to:

Enterprise Manager Base Platform - Version 10.1.0.3 to 10.2.0.5 [Release 10.1 to 10.2]
Information in this document applies to any platform.
Enterprise Manager Grid Control - Version: 10.1.0.3 to 10.2.0.5 - Release: 10.1 to 10.2
***Checked for relevance on 22-Feb-2012***

Goal

How can we verify if the Grid Control OMS is locked or if it is unlocked?

When we run "emctl secure lock" this locks the OMS. It means that all Agents must be Secure and upload over HTTPS Port. Any unsecured Agents will be not able to upload data. Conversely running "emctl secure unlock" will unlock the OMS meaning that Non Secure Agents may upload using the HTTP port.

The problem is there is no simple command to run to find out if the Grid Control OMS is locked or unlocked.

To check if the Cloud Control OMS 12c is locked or unlocked please read:

Document 1566110.1 - How to check if the Enterprise Management Cloud Control 12c OMS is locked or unlocked ?

Solution

 

1. httpd_em.conf file

To see if the OMS is locked or unlocked we can look at the $OMS_HOME/sysman/config/httpd_em.conf file.
Find the heading for your unsecured port number. (Default 4889)

ie. Listen 4889

Check for the entries "Deny from ....".
If the OMS is locked they will show "Deny from all" otherwise you will see the entry "Deny from none". This is shown below. 

This is the httpd_em.conf file when the OMS is unlocked.

This is the httpd_em.conf file when the OMS is locked.

Listen 4889


    ServerName emgrid.au.oracle.com
    Port 4889
    Timeout 900

     
        Order deny,allow
        Deny from none
        Allow from localhost
   

   
        Order deny,allow
        Deny from none
        Allow from localhost 
    




    Order deny,allow
    Deny from none
    Allow from localhost



    Order deny,allow
    Deny from none
    Allow from localhost
Listen 4889


    ServerName emgrid.au.oracle.com
    Port 4889 
    Timeout 900 

     
        Order deny,allow 
        Deny from all 
        Allow from localhost 
     

     
        Order deny,allow 
        Deny from all 
        Allow from localhost 
   



 
    Order deny,allow 
    Deny from all 
    Allow from localhost


 
    Order deny,allow 
    Deny from all 
    Allow from localhost


2. Repository:

Starting from Grid Control 10gR2 (10.2.0.x.0)  you may use the following SQL query to verify if the OMS is locked or not. Connect to the Repository Database as SYSMAN user and issue the following query:

SQL> SELECT DISTINCT oms.host_url,
oms.timestamp ,
DECODE(oms.value,0,'Unsecured',1,'Secured and Unlocked',2,'Secured and Locked','error:'
||oms.value) lock_status
FROM mgmt_oms_parameters oms,
(SELECT host_url ,
name ,
MAX(TIMESTAMP) last_time
FROM mgmt_oms_parameters
WHERE name = 'oms_secure_status'
GROUP BY host_url,
name
) s
WHERE oms.host_url = s.host_url
AND oms.TIMESTAMP = s.last_time
AND oms.name = s.name
ORDER BY oms.host_url;

References

NOTE:1566110.1 - How to check if the Enterprise Management Cloud Control 12c OMS is locked or unlocked ?

來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/17252115/viewspace-1247812/,如需轉載,請註明出處,否則將追究法律責任。

相關文章