I use different tnsnames files. As dba/developer I access many more
databases than our users. I just set the tnsadmin variable for those people
to point to a production tnsnames.ora and mine points somewhere else.
Canadian Forest Oil Ltd.
> > I have seen many articles on maintaining multiple tnsnames.ora files so
> > individual groups can use each file which only points to the databases
> > need to see. This seems like a great idea. Why give a global file to
> > with pointers to databases they don't use so they will be curious to go
> > snooping?
> > I wanted to see if others out there are doing this and does it work?
> > say it is not easy to manage but I say "would you rather risk someone
> > breaking into the database because you made a global file available that
> > tells everyone how to find all of your databases?"
> > Does anyone NOT recommend this? Any ideas welcome!
> > Thanks,
> > Paul
> This is a definitely a very bad idea. Imagine (I have been in this
> several times) an organisation with 50+ developers, where literally
> *everyone* has his own tnsnames.ora. If they would only know how to
> it that would be fine, but in both cases a DBA distributed the file, and
> his sucessor I was forced to visit about every computer to maintain it.
> There were also frequent problems with people who accidentally deleted
> tnsnames.ora and were incapable of resolving that problem.
> Avoiding snooping is simply a matter of setting appropiate passwords. If
> never change the system password from manager into something else you
> shouldn't complain about people snooping into your databases.
> In short: your idea is just plain stupid, sorry to say so.
> Sybrand Bakker, Oracle DBA