Oracle11g: Creating Virtual Private Catalog with RMAN

In this section, i will describe how to create virtual private catalog in order to allow several rman users to manage distinct database catalog in a private way.

I assume here that the database instance that contains the catalog is created (rcat_db) with the main catalog owner (rcatowner).

1) Create the catalog
Here we connect to the catalog with rcatowner and create a new catalog.

RMAN> connect catalog rcatowner/rcatowner
RMAN> CREATE CATALOG;

2) create a virtual catalog owner
Now we connect to the database instance that manages catalogs in order to create a new virtual catalog owner and give it the RECOVERY_CATALOG_OWNER role.

$> export ORACLE_SID=rcat_db
$>sqlplus / as sysdba
SQL> CREATE USER vpcuser1 IDENTIFIED BY vpcuser1
TEMPORARY TABLESPACE TEMP
DEFAULT TABLESPACE rcat_ts
QUOTA UNLIMITED ON rcat_ts;
SQL> GRANT RECOVERY_CATALOG_OWNER TO vpcuser1;

3) Give the user the right to register a new database in its virtual private catalog
May be we can give the virtual user the right to register a database itself in its catalog or the possibility to reference a database that has been previously registered by the catalog owner.

    a) How to give the REGISTER right to a private catalog user

$> rman catalog rcatowner/rcatowner
RMAN> GRANT REGISTER DATABASE to vpcuser1;

    b) How to allow a virtual user to reference a database previously registered by the catalog owner

$> rman catalog rcatowner/rcatowner
RMAN> GRANT CATALOG FOR DATABASE <db_name> TO vpcuser1;

4) Let's the virtual private catalog owner creating it's private catalog

RMAN> CONNECT CATALOG vpcuser1/vpcuser1
RMAN> CREATE VIRTUAL CATALOG;

5) Now the user can register its database into its private catalog

$gt: export ORACLE_SID=MY_DB
$> rman target / CATALOG pvcuser1/vpcuser1@rcat_db
RMAN> REGISTER DATABASE;
RMAN> list incarnation;

List of Database Incarnations
DB Key  Inc Key DB Name  DB ID            STATUS  Reset SCN  Reset Time
------- ------- -------- ---------------- --- ---------- ----------
726     727     MY_DB    179332583        CURRENT 1          07-MAR-11

note: If we connect with the rcatowner user, we can see that this user can see all the database (it own registrered database and database registered for user vpcuser1).

$> rman catalog rcatowner/rcatowner@rcat_db
RMAN> list incarnation;

List of Database Incarnations
DB Key  Inc Key DB Name  DB ID            STATUS  Reset SCN  Reset Time
------- ------- -------- ---------------- --- ---------- ----------
2       20      TEST     2058702964       PARENT  1          13-AUG-09
2       4       TEST     2058702964       CURRENT 754488     30-AUG-11
726     727     MY_DB    179332583        CURRENT 1          07-MAR-11