**Error message: Services don’t appear as it should **
Hi,
Recently, installed an agent in a Windows machine running Oracle.
All was going fine, but saw that the agent was using the Local System Account (NT) to access the Oracle database which is not ideal, so I changed the CheckMK Service to be run at a local user with non administrative privileges.
Doing that I lost all services I had, just 1 remained called System Time but thats it.
I Tried to install the agent with the local user and stuff but nothing worked
The Oracle check does not use the local system account. It uses the user configured inside the “mk_oracle_cfg.ps1” file. If this file is not existing it tries to use to connect as “/ as sysdba”. Normally you should define this config file and insert the correct database users for the monitoring job.
The Windows agent itself should run als local system. If it runs as a normal user the output depends on the rights of this user.
The problem is that the account that I created for oracle should not be using sysdba, it shouldnt have priviliges to see the whole database like it is right now.
Which other role options can I insert in the config file? Only sysdba works, tried “normal connection” but its not accepting
I dont know if my last image from my sys admin helped or not, did it say something that it indicates that the user is not correctly created and it is indeed sysdba user?
This ORA error simply says, as in the error description, your credentials are incorrect. Please check them again. A wrong role would produce a different ORA error.
Okay, i can explain what’s happening:
You are running the check on the same system as the database, therefore the default connection is with local user. From the naming scheme of your DBA i guess the wallet function is active and the default connection without a username is set to / which means local user. If you don’t provide a password the wallet is checked if there is a password stored for your local user and is used to connect to the database. I assume the database is running with the same user as the checkmk agent. Therefore your connection string is now sqlplus / as sysdba and you connect as the main administrative user against the database.
Just ask you DBA if he has assigned the sysdba role for your monitoring user (which i hope he doesn’t).
As a reply to your screenshot with the many grants i can only say.
It should be enough to setup the account as shown inside the documentation.
sqlplus> create user checkmk identified by myPassword;
sqlplus> grant select_catalog_role to checkmk;
sqlplus> grant create session to checkmk;
sqlplus> connect checkmk/myPassword
sqlplus> exit
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.
