When cloning databases from one RDBMS to another, you should also migrate the users that access the databases, otherwise new users will need to be created. See Database Clone Command for more information on cloning databases. The BathyDBUsersClone command is used to migrate users. This command should be run BEFORE cloning databases.
Information about the users in the RDBMS is retrieved using information in the bathynodemanagerconfig.xml file. This configuration file is located in the System folder of the BDB Server installation directory. When the BathyDBUsersClone command is run, this configuration file is read, a connection to the RDBMS is made, and new users are created and loaded into the node manager. New users will also be created in the Relational Database Management System (RDBMS) and associated with the BDB users.
User Roles on Cloned User Accounts
The RDBMS accounts will have roles assigned to them in accordance to the user roles assigned to the BDB users. Users in the node manager will have the same node manager privileges as the original users. When you log in to the BDB Administration Tools, the cloned users should be present in the User Management page and will be assigned to the relevant databases once the BathyDBClone command is run.
Once cloning of the user accounts is complete, an administrator should examine the new roles of each user to ensure they reflect the correct level of access.
If you are using a custom administrator user instead of the default "DBA" user, and the RDBMS is Oracle, you will need to manually grant this user access to the tables/views containing the user role information. Without doing this, the user will not be able to perform user administration tasks. Run the following commands in the Oracle sqlplus system to grant the necessary privileges to the custom administrator user:
c:\sqlplus sys[@<TNS Service name>] as sysdba
SQL> grant select on dba_role_privs to <custom admin user>;
SQL> grant select on dba_roles to <custom admin user>;
Passwords on Cloned User Accounts
If upgrading from a 4.1 installation and upgrading to a newer RDBMS or changing to a different RDBMS, passwords must be migrated to user accounts manually once the user clone is complete. This is accomplished by running commands on the source and destination databases. Different commands are used for each RDBMS.
For a PostgreSQL to PostgreSQL upgrade:
• Run the following command on the source database as the "postgres" user:
postgres=> SELECT 'alter role '||pg_shadow.usename|| ' with password '''||pg_shadow.passwd||''';' from pg_shadow join
pg_auth_members on (pg_shadow.usesysid
=pg_auth_members.member) join pg_roles on
(pg_roles.oid=pg_auth_members.roleid)
where rolname = 'bdb_database_role';
• On the destination database, using the same account, run the commands that were output from the above command.
For an Oracle to Oracle upgrade:
• Run the following command on the source database as the system or sys user:
SQL> set head off
SQL> set linesize 150
SQL> set pages 0
SQL> SELECT 'alter user '||name|| ' identified by VALUES '''||spare4||''';' FROM SYS.USER$ WHERE name in (select grantee from dba_role_privs where GRANTED_ROLE = 'BDB_DATABASE_ROLE');
• On the destination database, using the same account, run the commands that were output from the above command.
If you are cloning from one RDBMS to another, there is no way to transfer the password information. Users will automatically be assigned the default password, which is their username in all uppercase letters.
Running the BathyDBUsersClone Command
The following is the command line format for the BathyDBUsersClone tool and descriptions of the available parameters:
bathydbusersclone --login <value> --conf <value> --log <value>
Parameter |
| |
|---|---|---|
Long | Short | Description |
--help | -h | Display the help message (command format and descriptions of the available parameters). |
--login | -l | The credentials used to login to the Node Manager. These can be entered in any of the following formats: • username • username/password • username@hostname • username/password@hostname If the password is not provided with the parameter (i.e. username or username@hostname parameter values) the system prompts for the password. The hostname is the name or IP address of the computer on which the Node Manager service is installed and running. When hostname is not specified, it is assumed to be the local machine. |
--conf | The path for the bathynodemanagerconfig.xml file from the previous version of BDB Server. | |
--log | Specify the name and location for the log file that will contain the details of the cloning. | |
This command can only be run using an administrator account. |
To use this command:
1. Open the command prompt window.
2. Go to the BDB Server bin directory, for example
C:\Program Files\CARIS\BDB Server\<version>\bin.
3. Type “BathyDBUsersClone” followed by the appropriate parameters.
4. To finish, press <Enter>.
The users and their settings are migrated to the new RDBMS and Node Manager.
Example:
You need to clone users, where:
• the Node Manager username and password values are dba and sql respectively,
• the original bathynodemanagerconfig.xml file is located in the System directory: C:\CARIS\BDB_Server\4.3\system,
• a log file will be created with the name DBUserCloneLog, in the C:\Program Files\CARIS\BDB Server\5.4\logs directory.
Type the following:
BathyDBUsersClone -l "dba/sql" --conf "C:\CARIS\BDB_Server\4.3\system\bathynodemanagerconfig.xml"--log "C:\Program Files\CARIS\BDB Server\5.4\logs\DBUserCloneLog.txt" |