We can manage the listener started at remote machine via the lsnrctl tools. You can test the tnsping to find out the remote machine which provide the tns serveice. Before 10.2.0.1, you can run the lsnrctl in your compute to stop the tns service. It is very insecurity. If I stop the tns service, the Oracle instance can not provide the service for customer. It 's all over. Since 10.2.0.1 the Oracle provide the authentication for tns service. By default the security level of tns listener is os authentication. So that you can manager the tns service only in local machine.
For example:
The server listener configuration.
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = dxzq10)(PORT = 1522))
(ADDRESS = (PROTOCOL = TCP)(HOST = dxzq10)(PORT = 1523))
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
)
)
After we start the listener. The status of it is below:
[oracle@dxzq10]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 01-JUN-2010 10:07:08
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=dxzq10)(PORT=1522)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start Date 01-JUN-2010 10:05:55
Uptime 0 days 0 hr. 1 min. 12 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /u01/oracle/product/10.2.0.1/db_1/network/admin/listener.ora
Listener Log File /u01/oracle/product/10.2.0.1/db_1/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=dxzq10)(PORT=1522)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=dxzq10)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC0)))
Services Summary...
Now we access the tns listener from a remote client to show it status.
The client configuration is below:
LISTENER01 =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.150.136 )(PORT = 1522))
)
)
192.168.150.136 is the server's ip.
Run lsnrclt command.
C:/Documents and Settings/Administrator>lsnrctl status listener01
LSNRCTL for 32-bit Windows: Version 10.2.0.1.0 - Production on 01-6月 -2010 10:1
3:06
Copyright (c) 1991, 2005, Oracle. All rights reserved.
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.150.136)(PORT=1522)
))
TNS-01189: 监听程序无法验证用户
Oh. I can access the tns listener now. Because the tns listener just is os authentication by default. So I can access it in remote machine. And you can open the passowrd authentication by change_password command.
For example:
Come into lsnrctl console.
LSNRCTL> change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=dxzq10)(PORT=1522)))
Password changed for LISTENER
The command completed successfullyLSNRCTL> status
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=dxzq10)(PORT=1522)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start Date 01-JUN-2010 10:05:55
Uptime 0 days 0 hr. 9 min. 11 sec
Trace Level off
Security ON: Password or Local OS Authentication
In client machine
LSNRCTL> set current_listener listener01
目前的监听程序为 listener01
LSNRCTL> set password 11111111
命令执行成功
LSNRCTL> status
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.150.136)(PORT=1522)
))
LISTENER 的 STATUS
------------------------
别名 LISTENER
版本 TNSLSNR for Linux: Version 10.2.0.1.0 - Production
启动日期 01-6月 -2010 10:05:55
正常运行时间 0 天 0 小时 11 分 4 秒
跟踪级别 off
安全性 ON: Password or Local OS Authentication
Now we can stop the listener in remote machine.
