Create Named Credentials by Using emcli

In order to create a named credential, you need to know:

  • Target name (unless you create a global credential)
  • Target type
  •  Credential type associated with the target type

Now we start to create a named credential for cluster database ( RACTEST ) user ( JAMES).

1) To get TARGET_TYPE from TARGET_NAME. Normally we know a couple of target_type from daily emcli practice.

$ emcli get_targets -targets="RACTEST:%"

Status ID Status Target Type  Target Name
1         Up     rac_database  RACTETS

2) To get the credential types (and their attributes) associated with “rac_database”.

$ emcli show_credential_type_info -target_type=rac_database
Target Type  Cred Type Name      Cred Type Column Name Key Column
rac_database DBCreds             DBPassword            No
                                 DBRole                No
                                 DBUserName            Yes
             DBHostCreds         HostPassword          No
                                 HostUserName          Yes
             DBKerberosCreds     DBKerberosPassword    No
                                 DBKerberosUserName    Yes
             DBPkiCreds          DBPkiUserWallet       Yes
                                 DBPkiUserWalletPassword No
                                 DBPkiUserWalletType   No
             HostSSHCreds        SSH_PUB_KEY           No
                                 SSH_PVT_KEY           No
                                 USERNAME              Yes

We can see target type rac_database has four credential types. we will use credential type  DBCreds in the following steps.

3) Create named credential for JAMES user of the RAC database.

$emcli create_named_credential -auth_target_type=rac_database \
 -cred_scope=Instance -target_type=rac_database \
-target_name=RACTEST -cred_type=DBCreds -cred_name=NC_RACTEST_JAMES \
-attributes="DBUserName:JAMES;DBPassword:yourpasswd" -test

Credential NC_RACTEST_JAMES created.

Here “-test” to test the credential before saving.

If you want to create a global named credential, just remove “cred_scope, target_type, target_name” parameters.

Use emcli Command To Get Target Detailed Information

1) emcli login:

$ emcli login -username='sysman'
Enter password :

Login successful

2) To get all targets:

$ emcli get_targets

3) To get all the RAC databases only:

$ emcli get_targets -target='rac_database'

4) To list rac database TESTDB details:

$emcli list -resource="Targets" -search="TARGET_NAME='TESTDB'" 

or

$emcli list -resource="Targets" -search="TARGET_NAME='TESTDB'" 
 -format="name:csv"

5) Also we can run sql query to get target information. To check rac database TESTDB is primary or standby database:

$emcli list -sql="select TARGET_NAME,TARGET_TYPE,TYPE_QUALIFIER2 
 from sysman.mgmt\$target where TARGET_NAME='TESTDB'"

TARGET_NAME TARGET_TYPE  TYPE_QUALIFIER2
TESTDB      rac_database Physical Standby
Rows:1