Here are some notes I recorded when I was working on Symantec DLP project.
Restart DLP Enforce services in the correct order
Stopping services in DLP 15.1 and later
2. Symantec DLP Incident Persister
3. Symantec DLP Manager
4. Symantec DLP Notifier
Starting services in DLP 15.1 and later
2. Symantec DLP Manager
3. Symantec DLP Incident Persister
4. Symantec DLP Detection Server Controller
Cold Backup Symantec DLP Oracle DB
Here is an example, assuming, Oracle DB has been installed to D:\Oracle folder. The Symantec DLP Backup folder is at the same machine under following folder: C:\Program Files\Symantec\DataLossPrevention\SymantecDLP_Backup_Files\
There are two folders under this DLP backup folder:
- Database
- Recovery_Aid
There are six steps to follow to do a cold backup of Oracle in Windows:
1. Create recovery aid files.
1.1 At the command prompt, enter sqlplus /nolog
1.2 At the SQL> command prompt, to connect as the sysdba user, enter
connect sys/password@protect as sysdba
where password is the SYS password.
1.3 After receiving the Connected message, at the SQL> command prompt, enter:
alter database backup controlfile to trace as
‘C:\Program Files\Symantec\DataLossPrevention\SymantecDLP_Backup_Files\
Recovery_Aid\controlfile.trc’;
Success is indicated by the message “Database altered.”
1.4 Issue the following command to backup the init.ora file.
create pfile=’C:\Program Files\Symantec\DataLossPrevention\SymantecDLP_Backup_Files\
Recovery_Aid\init.ora’ from spfile;
1.5 Navigate to the C:\Program
Files\Symantec\DataLossPrevention\SymantecDLP_Backup_Files\Recovery_Aid
directory. You should see the controlfile.trc and init.ora files in this directory.
1.6 Rename the file controlfile.trc so that it can be easily identified, for example:
controlfilebackupMMDDYY.trc
2. Collecting a list of files to be backed up
2.1 Enter the following SQL commands to create lists of files that must be backed up: (One command)
SELECT file_name FROM dba_data_files
UNION
SELECT file_name FROM dba_temp_files
UNION
SELECT name FROM v$controlfile
UNION
SELECT member FROM v$logfile;
2.2 Save the list of files returned by the query to use in the following procedures: C:\Program
Files\Symantec\DataLossPrevention\ SymantecDLP_Backup_Files\Recovery_Aid\
oracle_datafile_directories.txt.
C:\Users\admin>sqlplus /nolog SQL*Plus: Release 12.2.0.1.0 Production on Sun Dec 15 21:29:32 2019 Copyright (c) 1982, 2016, Oracle. All rights reserved. SQL> connect sys/A5uPVqbK@protect as sysdba Connected. SQL> SQL> SELECT file_name FROM dba_data_files 2 UNION 3 SELECT file_name FROM dba_temp_files 4 UNION 5 SELECT name FROM v$controlfile 6 UNION 7 SELECT member FROM v$logfile; FILE_NAME ------------------------------------------------------- D:\ORACLE\ORADATA\PROTECT\CONTROL01.CTL D:\ORACLE\ORADATA\PROTECT\CONTROL02.CTL D:\ORACLE\ORADATA\PROTECT\CONTROL03.CTL D:\ORACLE\ORADATA\PROTECT\DRSYS01.DBF D:\ORACLE\ORADATA\PROTECT\LOB01.DBF D:\ORACLE\ORADATA\PROTECT\REDO01.LOG D:\ORACLE\ORADATA\PROTECT\REDO02.LOG D:\ORACLE\ORADATA\PROTECT\REDO03.LOG D:\ORACLE\ORADATA\PROTECT\SYSAUX01.DBF D:\ORACLE\ORADATA\PROTECT\SYSTEM01.DBF D:\ORACLE\ORADATA\PROTECT\TEMP01.DBF FILE_NAME ------------------------------------------------------- D:\ORACLE\ORADATA\PROTECT\UNDOTBS01.DBF D:\ORACLE\ORADATA\PROTECT\USERS01.DBF 13 rows selected.SQL>
3. Creating a copy of the spfile on Windows
To create a copy of the spfile
3.1 In Oracle SQL*Plus, at the SQL> command prompt, enter:
create pfile='C:\Temp\inittemp.ora' from spfile;
3.2 To exit Oracle SQL*Plus, enter:
exit
3.3 Navigate to the C:\Temp directory and verify that the inittemp.ora file was created.
3.4 In Windows, copy the inittemp.ora file from the C:\Temp directory to the \Recovery_Aid
subdirectory that you created earlier on the backup computer.4. Shutting down the Symantec Data Loss Prevention system on
Windows
4.1 Stopping following four services in DLP Enforcement Server version 15.1 and later4.1.1. Symantec DLP Detection Server Controller
4.1.2. Symantec DLP Incident Persister
4.1.3. Symantec DLP Manager
4.1.4. Symantec DLP Notifier4.2 On the computer that hosts the database, stop the OracleService databasename, where
databasename is the Global Database Name and SERVICE_NAME selected during
installation.5. Copying the database files to the backup location on Windows
5.1 Make sure that the Oracle services are stopped.
5.2 On the computer that hosts the database, copy the files from the list that you collected in
the procedure Collecting a list of files to be backed up to the computer that hosts the
backup files. Copy the Protect directory into the C:\Program
Files\Symantec\DataLossPrevention\SymantecDLP_Backup_Files\Database directory
of the computer that hosts the backup files.
5.3 On the computer that hosts the database, select the
%ORACLE_HOME%\database\PWDprotect.ora file and copy it into the C:\Program
Files\Symantec\DataLossPrevention\SymantecDLP_Backup_Files\Database directory
of the computer that hosts the backup files.%ORACLE_HOME% = D:\oracle\product\12.2.0.1\db_1\
note: if you do not know your %ORACLE_Home% name, you can just search PWDprotect.ora file from your hard drive.
6. Restarting the system on Windows
To restart the system
6.1 On the computer that hosts the database, navigate to Start > All Programs >
Administrative Tools > Services to open the Windows Services menu.
6.2 From the Services menu, start all of the Oracle services:
■ OracleServiceDATABASENAME
6.3 On the computer that hosts the Enforce Server, start the SymantecDLPNotifierService
service before starting other Symantec Data Loss Prevention services.
6.4 Starting services in DLP 15.1 and later6.4.1. Symantec DLP Notifier
6.4.2. Symantec DLP Manager
6.4.3. Symantec DLP Incident Persister
6.4.4. Symantec DLP Detection Server ControllerReferences