CNDBA社区
APPLIES TO:
Oracle Database - Enterprise Edition - Version 11.2.0.4 and later Information in this document applies to any platform.
SYMPTOMS
RMAN archivelog backup at the standby site is throws the following errors at the start of the job:
Starting backup at 15-JAN-2014 13:44:46
RMAN-06820: WARNING: failed to archive current log at primary database
ORACLE error from target database:
ORA-17629: Cannot connect to the remote database server
ORA-17627: ORA-01017: invalid username/password; logon denied
ORA-17629: Cannot connect to the remote database server
But the rest of the backup actually complete successfully:
skipping archived log of thread 1 with sequence 607; already backed up
skipping archived log of thread 1 with sequence 614; already backed up
channel t1: starting archived log backup set
channel t1: specifying archived log(s) in backup set
input archived log thread=1 sequence=678 RECID=290 STAMP=836919086
input archived log thread=1 sequence=679 RECID=291 STAMP=836919369
input archived log thread=1 sequence=680 RECID=292 STAMP=836919706
input archived log thread=1 sequence=681 RECID=293 STAMP=836919873
channel t1: starting piece 1 at 15-JAN-2014 13:44:52
channel t1: finished piece 1 at 15-JAN-2014 13:46:17
piece handle=LOG_THMDB_20140115_171228_1_1 tag=LOG_TWMDB comment=API Version 2.0,MMS Version 5.4.1.0
channel t1: backup set complete, elapsed time: 00:01:25
Finished backup at 15-JAN-2014 13:46:17
CHANGES
Database was upgraded to 11.2.0.4
CAUSE
Change in 11.2.0.4 onward
Per ‘unpublished’ Bug 8740124, as of 11.2.0.4, we now include the current standby redo log as part of an RMAN archivelog backup at the standby site. This is achieved by forcing a log switch at the primary site.
However, the connection to the primary failed when attempting to do so.
This is due to this bug:
Bug 17580082 - ACTIVE STANDBY - RMAN-06820: WARNING: FAILED TO ARCHIVE CURRENT LOG AT PRIMARY
Status: 32 - Not a Bug. To Filer
SOLUTION
Workaround
Do not use operating system authentication to login with RMAN. Use a username and password.
That is, do not use just the “/“ (operating system authentication) connect to the standby database:
$rman target /
Connecting as ‘rman target /‘
it gets the sys user but not the password and so, it does NOT mean it is being explicitly specified to connect as sysdba.
Instead put in the username and password for the SYSDBA user:
$ rman target sys/password@stby
Connecting as ‘rman target sysdba_user/password@stby’
Note: The password, within the password file, for the primary and standby should be identical.
This is an explicit connection as sysdba
Note from Bug: 17580082
As for having ability to connect from standby to primary, there are few options
(Option 1) is to connect as SYSDBA, like: ‘rman target sysdba_user/password@stby’
(Option 2) is to setup wallets using which authentication can be done (more details can be obtained from SECURITY team here),
(Option 3) use CONNECT command inside the command file supplied to RMAN. For example: RMAN> connect target sysdba_user/password@stby
Currently only SYSDBA is allowed to connect for switch or resync operation.
Enhancement Request/Bug 18070699 allows for the use of other user/password apart from sys password to connect to remote database for RMAN operation.
Bug 18070699: ALLOW NON-SYS USERNAME GRANTED SYSDBA TO RESYNC DB_UNIQUE_NAME ALL
Patches are available for this issue by searching bug 21476308 for Patch Name or Number.
