Monday, March 18, 2013

ASMCMD-08102: NO CONNECTION TO ASM; COMMAND REQUIRES ASM TO RUN


Platform         Microsoft Windows x64 (64-bit)
Product Version  11.2.0.2

DETAILED PROBLEM DESCRIPTION
+ASM instance is up/running and only accessible through EMGrid Control and cannot use 
sqlplus to connect to +ASM instance, but asmcmd fails with the following error:
 
ASMCMD-08102: no connection to ASM; command requires ASM to run

C:\Users\vmummadi>set oracle_home=C:\Oracle\Grid11gR2
C:\Users\vmummadi>SET ORACLE_SID=+ASM
C:\Users\vmummadi>asmcmd
Connected to an idle instance.
ASMCMD> lsdg
ASMCMD-08102: no connection to ASM; command requires ASM to run
 Enabled asmcmd tracing and the trace further shows:
C:\Users\vmummadi>set DBI_TRACE=1
C:\Users\vmummadi>set oracle_home=C:\Oracle\Grid11gR2
C:\Users\vmummadi>asmcmd
   DBI 1.602-ithread default trace level set to 0x0/1 (pid 7412) at DBI.pm line 273 via asmcmdshare.pm line 201
   -> DBI->connect(dbi:Oracle:, , ****, HASH(0x44ca968))
   -> DBI->install_driver(Oracle) for MSWin32 perl=5.010000 pid=7412 ruid=0 euid=0
      install_driver: DBD::Oracle version 1.20 loaded from C:/Oracle/Grid11gR2/perl/site/lib/DBD/Oracle.pm
            !! ERROR: '12560' 'ORA-12560: TNS:protocol adapter error (DBD ERROR: OCIServerAttach)' (err#0)
         DBI connect('','',...) failed: ORA-12560: TNS:protocol adapter error (DBDERROR: OCIServerAttach)
Connected to an idle instance.
ASMCMD>
check listener:
C:\Users\vmummadi>lsnrctl status
LSNRCTL for 64-bit Windows: Version 11.2.0.2.0 - Production on 07-MAR-2013 08:49:35
Copyright (c) 1991, 2010, Oracle.  All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1521)))
STATUS of the LISTENER
---------------------------
Alias                     LISTENER
Version                   TNSLSNR for 64-bit Windows: Version 11.2.0.2.0 - Production
Start Date                22-FEB-2013 20:39:32
Uptime                    12 days 12 hr. 10 min. 4 sec
Trace Level               off
Security                  ON: Local OS Authentication
SNMP                      OFF
Listener Parameter File   C:\Oracle\Grid11gR2\network\admin\listener.ora
Listener Log File         C:\Oracle\diag\tnslsnr\ATLAS\listener\alert\log.xml
Listening Endpoints Summary...
 (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(PIPENAME=\\.\pipe\EXTPROC1521ipc)))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=<omitted here>)(PORT=1521)))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=<omitted here>)(PORT=1521)))
Services Summary...
Service "+asm" has 1 instance(s).
 Instance "+asm", status READY, has 1 handler(s) for this service...
...
The command completed successfully
Errors:
The errors are misleading, including the ORA-12560 (TNS:protocol adapter error).

The clue to the underlying problem is coming from the ORA-1031 (insufficient privileges) 
during sqlplus "/ as sysasm"
C:\> set oracle_home=C:\Oracle\Grid11gR2
C:\> SET ORACLE_SID=+ASM
C:\> echo %ORACLE_SID%
+ASM
C:\> echo %ORACLE_HOME%
C:\Oracle\Grid11gR2
C:\> sqlplus "/ as sysasm"
SQL*Plus: Release 11.2.0.2.0 Production on Wed Mar 13 12:03:09 2013
Copyright (c) 1982, 2010, Oracle.  All rights reserved.
ERROR:
ORA-01031: insufficient privileges 


Also, check if "SQLNET.AUTHENTICATION_SERVICES = (NTS)" is already set in the server's 
sqlnet.ora file






Solutions:


User is not part of the ORA_DBA OS group:


C:\Users\vmummadi>echo %username%
vmummadi
C:\Users\vmummadi>NET LOCALGROUP ORA_DBA
Alias name     ORA_DBA
Comment        Oracle DBA Group
Members
-------------------------------------------------------------------------------
.... <-- other users listed here except 'vmummadi'

NT AUTHORITY\SYSTEM
The command completed successfully.

The problem is to do with harden security in 11g that affects non-dba OS users with 
connections to Oracle instances.



If the user is not a member of the ORA_DBA OS group, then it either needs to connect to 
the ASM instance using the ASM orapw file (either using his/her own account or using the 
Oracle SYS account and as sysasm privilege) or be added to the OS ORA_DBA group.


Other workarounds include :


    

  • Add the non-dba OS user to the ASM's orapw file and grant it 'SYSASM' privileges:
  • Follow this -                                                                                                                                     http://docs.oracle.com/cd/E11882_01/server.112/e25494/dba007.htm#ADMIN12478
    • 

  • Allow the non-dba user to connect to the ASM instance using the SYS Oracle user account 
  • (for this, the non-dba user must know what is the password for SYS): 

  • Example: sqlplus sys@<hostname or IP address of the host>:<port were the listener
  • lis  tens>/+ASM as sysasm
    • 

  • Make the non-dba OS user a member of the ORA_DBA OS group so it can use bequeath connections 
  • (ie, not using the listener) to the asm instance (ie, sqlplus "/ as sysasm")                                                                                                                                                                       
             Oracle Support -ID 1537484.1   Reference: Bug 16470328 
    • 



















Posted by



at







































3 comments:








  1. UnknownFebruary 21, 2019 at 1:37 AM
    Thanks for the insight. I was able to get closer to an solution.
    ReplyDelete
  2. Vinay MummadiDecember 6, 2020 at 5:42 PM
    Glad, that my post helped you. Ty
    ReplyDelete
  3. Bronco AustinFebruary 12, 2021 at 5:04 AM

    Iam so thrilled because of finding your alluring website here.Actually i was searching for Oracle DBA.Your blog is so astounding and informative too..Iam very happy to find such a creative blog. Iam also find another one by mistake while am searching the same topicOracle APEX.Thank you soo much..
    ReplyDelete




























        

      









Subscribe to:
Post Comments (Atom)