In an Oracle multi-tenant there are CDBs (container databases) and PDBs (pluggable databases).
- CDB
- CDB$ROOT
- Customer1PDB
- Customer2PDB
- PDB1
- PDBORCL
- CDB$ROOT
A CDB contains several PDBs. To efficiently inventory the Oracle databases with vScope you want to use one single Credential. To do so you must connect to a service that is connected to CDB$ROOT where the PDBs are connected.
To achieve this you need a credential with sufficient rights to read the CDB$ROOT, like SYSDBA. In our example below, the system user “sys” has SYSDBA permissions.
In this example we are connecting to the service orc.isl.local (you have another name here). Log in to your Oracle Database to find all possible service names. See below example.
Orcl.ISL.local is a service that is connected to CDB$ROOT. If we connect to it as sys/SYSDBA, vScope gets access to CBS$ROOT and the other PDBs that are connected to the CBS$ROOT. If we connect to pdb1.ISL.local we only get access to what is under the PDB “PDB1”.
Picture for clarification:
So if the credential with permission SYSDBA targets one of the services in the root, it gains access to the other services in the CDB$ROOT, and also PDBs that are connected to it.
By targeting the root with the SYSDBA you now scan all services instead of having to connect to each PDB individually.