Enabling Oracle Label Security on the 11g RAC database

Oracle Label Security is a feature of Oracle Database Enterprise Edition ( Needs separate license for OLS) which protects the row level data by enforcing the labels. Users authorized to access the label will have the access to the row.
Follow the process below to enable the OLS on 11gR2 RAC database:
Shutdown the Applications and database:
If you have any application tier like EBS etc, Shutdown EBS Applications
adstpall.sh apps/appspwd
Shutdown oracle Database
srvctl stop database -d dbname
srvctl stop database -d orcl
on RAC node1:
Cd $ORACLE_HOME/bin
chopt enable lbac
Verify whether OLS is enabled or not:
cd $ORACLE_HOME/rdbms/lib
On AIX:
ar -X64 -t libknlopt.a | grep -c kzlilbac.o ( output should come as 1 on both nodes)
If the output is 1 (enabled), 0 (disabled)
Repeat the above steps on the second RAC node also.
start up the database
cd $ORACLE_HOME/bin
srvctl start database -d dbname
login as sysdba and run
@?/rdbms/admin/catols.sql (This command will shutdown the current instance)
shutdown the running second instance:
srvctl stop instance -d dbname -i instance-name
srvctl stop instance -d orcl -i orcl2
restart the database
srvctl start database -d dbname
srvctl start database -d orcl
verify the Label Security installation:
SQL> select * from v$option where parameter like '%ecurity%'; PARAMETER ---------------------------------------------------------------- VALUE ---------------------------------------------------------------- Enterprise User Security TRUE Oracle Label Security TRUE
SQL> select username,account_status from dba_users where username like '%LBAC%'; USERNAME ACCOUNT_STATUS ------------------------------ -------------------------------- LBACSYS OPEN