Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
Showing results for 
Search instead for 
Did you mean: 

TNS Configuration In ORACLE

Occasional Contributor

TNS Configuration In ORACLE

Hello to all ITRC Member,

I am having 8 server running different databases and are in LAN.
We can access the database of one server from other server throuh SQL*net.
How can I restrict the access to database from perticular Server(node).
Is it possible to restrict it at user level.

Frequent Advisor

Re: TNS Configuration In ORACLE


You want to disable a paticular server
contacting the particular database....

Remove the that database alias entry
from that server tnsnames.ora file.

Stefan Farrelly
Honored Contributor

Re: TNS Configuration In ORACLE

If you want to restrict it by user then best to use the /var/adm/inetd.sec file which allows you to allow/disallow by IP - as long as each user is using a different PC/IP. Check which tcp port sqlnet is using (1521?) and thats all you need to start adding entries into inetd.sec
Im from Palmerston North, New Zealand, but somehow ended up in London...
Honored Contributor

Re: TNS Configuration In ORACLE

Yes,you can restrict the user from SAM too.
When We Seek To Discover The Best In Others, We Somehow Bring Out The Best In Ourselves.
Javier Ballesteros
Occasional Contributor

Re: TNS Configuration In ORACLE

Restricting access by /var/adm/inetd.sec to port 1521 (or whatever) doesn't work because this file prevents inetd to START a service to that port if the address is not allowed. But if the service is ALREADY RUNNING (as is the Oracle listener), inetd does allow the connection.
There is a file you can create to specify which machines (IP addresses) can access via SQL*Net your database (this works for Oracle 7.3.4, I don't know at later releases).

# su - oracle7
# cd $ORACLE_HOME/network/admin
# vi protocol.ora
tcp.validnode_checking = yes
ipc.validnode_checking = yes
tcp.invited_nodes = (IPaddress1, ... IPaddressN)
icp.invited_nodes = (IPaddress1, ... IPaddressN)
# chmod 644 protocol.ora
# lsnrctl // restart the listener to take this file into account
LSNRCTL> stop cgc
LSNRCTL> start cgc

Hope this helps.
JosT M. del Rfo

Re: TNS Configuration In ORACLE

The following worked for oracle 8.1.6 :

create protocol.ora in $TNS_ADMIN directory with

tcp.excluded_nodes= (,,) (examples of IPs)

Stop and restart listener.ora


PS: feedback (and points ;-) appreciated.