Oracle Net Services Profile Parameters
Profile parameters exist in the $ORACLE_HOME/network/admin/sqlnet.ora file. The profile parameters
file can exist on both the client and the server machines. In general profile parameters tend to
override all other parameters and apply to all connections made between client node and server nodes. The sqlnet.ora
file usually is configured onto the client machine.
- BEQUEATH_DETACH = [YES | NO] - switches signal handling on for Unix.
- DAEMON. - Oracle Enterprise Manager daemon.
- TRACE_LEVEL [OFF | USER | ADMIN | SUPPORT].
- TRACE_DIRECTORY - $ORACLE_HOME/network/trace.
- TRACE_MASK - forces only Oracle Enterprise Manager trace entries to be passed to the trace file.
- DISABLE_OOB [ON | OFF] - disables sending and receiving of break messages by Net8 when set to ON.
- LOG_[ DIRECTORY | FILE]_[CLIENT | SERVER] - $ORACLE_HOME/network/log/sqlnet.log.
- INTERNAL_ENCRYPT_PASSWORD = [TRUE | FALSE] - NAMESCTL utility encrypts the password when sent to an Oracle Names server.
- INTERNAL_USE = [TRUE | FALSE] - enables internal commands, ie. command.
- NO_INITIAL_SERVER [TRUE | FALSE] - Oracle Names server connection error message suppression.
- NOCONFIRM [ON | OFF] - switches on confirmation for important commands such as starting and stopping an Oracle Names server.
- SERVER_PASSWORD - Oracle Names server password configured in the server names.ora file. When this parameter sets the password the SET PASSWORD command is not required when executing sensitive commands to the Oracle Names server.
- TRACE_LEVEL = [OFF | USER | ADMIN | SUPPORT].
- TRACE_UNIQUE [ON | OFF ] - appends the pid to to the $ORACLE_HOME/network/trace/namesctl_pid.trc file.
- TRACE_[ DIRECTORY | FILE] - $ORACLE_HOME/network/trace/namesctl_pid.trc.
- OSS.SOURCE.MY_WALLET - Oracle Wallets contain SSL certificates, keys and trust-points. This parameter contains Oracle Wallet's location.
- SERVICES - enables authentication services. Available are NONE, ALL, BEQ, NDS and NTS. With Oracle Advanced Security are KERBEROS5, SECURID, CYBERSAFE, IDENTIX, RADUIS or DCEGSSAPI.
- KERBEROS5_SERVICE - Kerberos service.
- GSSAPI_SERVICE - Cybersafe service.
- CLIENT_REGISTRATION - client machine unique identifier which is passed to the listener.
- CHECKSUM_[CLIENT | SERVER] = [ACCEPTED | REJECTED | REQUESTED | REQUIRED].
- CHECKSUM_TYPE_[CLIENT | SERVER] - allow crypto-checksum algorithms.
- SEED - seed character string for generation of crytographic keys.
- ENCRYPTION_[CLIENT | SERVER ] = [ACCEPTED | REJECTED | REQUESTED | REQUIRED].
- ENCRYPTION_TYPES_[CLIENT | SERVER] = [ RC4_40 | RC4_56 | RC4_128 | DES | DES40].
- EXPIRE_TIME - timeout for probe verification of alive session. Net8 will actually probe periodically for a dead client connection which will ultimately cause the server process to be killed thus not leaving idle server processes running when a client connection has been disconnected abnormally. There is very little overhead for this type of probe so it is well worth considering in a client server environment where the users of the client machines are not highly technically literate. Many PC users will often warm-boot and even cold-boot their machines when things go wrong. What else can they do ?
- IDENTIX_FINGERPRINT_[DATABASE | DATABASE_USER | DATABASE_PASSWORD | METHOD] - fingerprint database.
- KERBEROS5_[CC_NAME | CLOCKSKEW | CONF | KEYTAB | REALMS] - Kerberos.
- RADIUS_[ALTERNATE | ALTERNATE_PORT | ALTERNATE_RETRIES | AUTHENTICATION | AUTHENTICATION_INTERFACE | AUTHENTICATION_PORT | AUTHENTICATION_RETRIES | AUTHENTICATION_TIMEOUT | CHALLENGE_RESPONSE | SECRET | SEND_ACCOUNTING].
- SSL_CLIENT_AUTHENTICATION - SSL authentication at the client node.
- SSL_CIPHER_SUITES - SSL encryption and data integrity used.
- SSL_VERSION - forces SSL version used.
- TNSPING.TRACE_DIRECTORY - $ORACLE_HOME/network/trace.
- TNSPING.TRACE_LEVEL = [OFF | USER | ADMIN | SUPPORT].
- TRACE_[DIRECTORY | FILE | FILELEN | FILENO]_[CLIENT | SERVER] - $ORACLE_HOME/network/trace/[client | svr]sqlnet.trc. Can also set file length and multiple, recyclable files.
- TRACE_LEVEL_[CLIENT | SERVER] = [OFF | USER | ADMIN | SUPPORT].
- TRACE_TIMESTAMP_[CLIENT | SERVER] - adds a timestamp to trace events.
- TRACE_UNIQUE_CLIENT = [ON | OFF] - single trace file.
- USE_CMAN = [TRUE | FALSE ] - instructs a client connection request to be routed through an Oracle Connection Manager process by using a connect descriptor containing two addresses containing the Oracle Connection Manager address and the listener address. Obviously this option should be set when using Oracle Connection Manager. Additionally unavailable Oracle Connection Manager addresses will be covered by the listener as a failover for Oracle Connection Manager.
- USE_DEDICATED_SERVER = [ON | OFF] - ON will spawn dedicated server processes and OFF will utilise existing server processes. This parameter should be set for a client connection using the bequeath protocol, running the client connection on the server. Thus an administrator connecting using a utility such as SVRMGRL, SQL*PLUS or SQL*LDR would always connect to a dedicated server session. This would give an administration activity better service and not place a possibly essential administrative function in an dispatcher queue for shared server process in an MTS environment, also avoiding conflict with general users. Recovery Manager must always use a dedicated server connection.