Run 'grant plustrace to user', then following message would go.
SP2-0618: Cannot find the Session Identifier.  Check PLUSTRACE role is enabled
SP2-0611: Error enabling STATISTICS report.
This message show off when you want to SET AUTOTRACE ON.

Note:
Run $ORACLE_HOME/sqlplus/admin/plustrce.sql by sys to create this role.

Use Oracle script "chgiphost.sh" to update Oracle As10g whenever hostname, domain name or IP got changed. But 2 things to rememer in mind:
1) NOT ALL COMPONENTS support changes in network.
2) Force Oracle runInstaller pick up appropriate ip/hostname by 'runInstaller OUI_HOSTNAME=_what_my_hostname_'

Case:
oracle@mid.domainx.com:FRalone:/myapp/u04/oracle/fr/chgip/scripts > ./chgiphost.sh -mid
Oracle Home set to /myapp/u04/oracle/fr
Starting Change Hostname/IP...

Enter fully qualified hostname (hostname.domainname) of destination
 (myhost)>>myapp.domainx.com
Enter fully qualified hostname (hostname.domainname) of source
 (myhost)>>mid.domainx.com
Enter valid IP Address of destination
 (100.100.100.12)>>
Enter valid IP Address of source
 (100.100.100.11)>>
Change Hostname/IP completed successfully.

Tip: if you see help messasge , you get an idea why some component can't be changed. :-p
oracle@mid.domainx.com:FRalone:/myapp/u04/oracle/fr/chgip/scripts > ./chgiphost.sh
Usage:
./chgiphost.sh [-version | -help | -mid [-silent] | -infra [-silent] | -idm [-silent]]
Where:
-version : Shows the version of the tool.
-infra : To change the IP of Infrastructure Home
-mid : To change the Hostname/IP of the Mid-tier Home
-idm : To change hostname/IP of IM-only Home
-silent : To run in silent mode

$ORACLE_HOME/sysman/j2ee/config/rmi.xml would block emctl command when we start, stop or check status of iasconsole, dbconsole or agent. It shows us with "ormi port value <rmi-server port= is erroneous.".

Solution:
Replace empty RMI port number with non-empty value in $ORACLE_HOME/sysman/j2ee/config/rmi.xml , then re-config RMI port number to a different value. Then it works again.

Case:
oramyapp@myHostA.mdsinc.com:BImyapp:~ > emctl config iasconsole rmiport 12420
TZ set to GMT
Oracle Enterprise Manager 10g Application Server Control Release 10.1.2.0.2
Copyright (c) 1996, 2005 Oracle Corporation.  All rights reserved.
http://myHostA:1155/emd/console/aboutApplication
ormi port value <rmi-server port= is erroneous.

Steps:
oramyapp@myHostA.mdsinc.com:BImyapp:/appm/u04/oramyapp/bi > find . -name "*.xml" -exec grep -H -i "<rmi-server port=" {} \;
./inventory/Templates/sysman/j2ee/config/rmi.xml:<rmi-server port="%EM_ADMIN_PORT%">
./j2ee/home/config/rmi.xml:<rmi-server port="23791" >
./j2ee/OC4J_BI_Forms/config/rmi.xml:<rmi-server port="23791" >
./sysman/j2ee/config/rmi.xml:<rmi-server port="">   ---> Replace it with non-empty value: i.e 12420
oramyapp@myHostA.mdsinc.com:BImyapp:/appm/u04/oramyapp/bi >

Don't reconfig RMI port to value you just put in, it won't work.
You must use differnt value.
oramyapp@myHostA.mdsinc.com:BImyapp:/appm/u04/oramyapp/bi > emctl config iasconsole rmiport 12420
TZ set to GMT
Oracle Enterprise Manager 10g Application Server Control Release 10.1.2.0.2
Copyright (c) 1996, 2005 Oracle Corporation.  All rights reserved.
http://myHostA:1155/emd/console/aboutApplication
Port 12420 already in use in /appm/u04/oramyapp/bi
Oracle Enterprise Manager 10g Application Server Control configuration update failed.
oramyapp@myHostA.mdsinc.com:BImyapp:/appm/u04/oramyapp/bi > emctl config iasconsole rmiport 12421
TZ set to GMT
Oracle Enterprise Manager 10g Application Server Control Release 10.1.2.0.2
Copyright (c) 1996, 2005 Oracle Corporation.  All rights reserved.
http://myHostA:1155/emd/console/aboutApplication
Oracle Enterprise Manager 10g Application Server Control configuration update succeeded.
oramyapp@myHostA.mdsinc.com:BImyapp:/appm/u04/oramyapp/bi > find . -name "*.xml" -exec grep -H -i "<rmi-server port=" {} \;
./inventory/Templates/sysman/j2ee/config/rmi.xml:<rmi-server port="%EM_ADMIN_PORT%">
./j2ee/home/config/rmi.xml:<rmi-server port="23791" >
./j2ee/OC4J_BI_Forms/config/rmi.xml:<rmi-server port="23791" >
./sysman/j2ee/config/rmi.xml:<rmi-server port="12421">

All set .

SELinux would bring trouble for Oracle ASMLib, not only this, it played OCFS, OEM grid control, Oracle cluster service as well. Turn it off, Oracle would be happy.

Solution:
Turn off SELinux or put it in permssive mode.

How-to:
1) Go to modify /etc/selinux/config in redhat or /boot/grub/grub.conf in other linux with GRUB boot loader. It looks like this:

# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=enforcing ---> change it to SELINUX=disabled
2) Reboot server to take it effect
You can set up it into permissive mode right away without reboot.

 Usage: setenforce [ Enforcing | Permissive | 1 | 0 ]

Reference:
Oracle support suggest this way in "fbirdzp's blog" (http://fbirdzp.blogbus.com/logs/41076012.html)
Oracle forums with this thread "Error install ASMLib on RedHat linux " (http://forums.oracle.com/forums/thread.jspa?threadID=853632)
Very good article in "How to disable SELinux?" (http://www.crypt.gen.nz/selinux/disable_selinux.html)
Command of SELinux (http://linuxcommand.gds.tuwien.ac.at/man_pages/setenforce8.html)


Case:
[root@cetos5 asmlib]# rpm -Uvh oracleasm-support-2.1.3-1.el5.i386.rpm \
>     oracleasmlib-2.0.4-1.el5.i386.rpm \
>     oracleasm-2.6.18-92.1.22.el5-2.0.5-1.el5.i686.rpm
Preparing...                ########################################### [100%]
   1:oracleasm-support      ########################################### [ 33%]
   2:oracleasm-2.6.18-92.1.2########################################### [ 67%]
   3:oracleasmlib           ########################################### [100%]
[root@cetos5 asmlib]# /etc/init.d/oracleasm configure
Configuring the Oracle ASM library driver.

This will configure the on-boot properties of the Oracle ASM library
driver.  The following questions will determine whether the driver is
loaded on boot and what permissions it will have.  The current values
will be shown in brackets ('[]').  Hitting <ENTER> without typing an
answer will keep that current value.  Ctrl-C will abort.

Default user to own the driver interface [oracle]:
Default group to own the driver interface [dba]:
Start Oracle ASM library driver on boot (y/n) [y]:
Scan for Oracle ASM disks on boot (y/n) [n]:
Writing Oracle ASM library driver configuration: done
Initializing the Oracle ASMLib driver:                     [FAILED]

[root@cetos5 asmlib]# vi /etc/sysconfig/selinux
Note: set  SELINUX=disabled
[root@cetos5 asmlib]# setenforce 0

[root@cetos5 asmlib]# /usr/sbin/sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          disabled
Policy version:                 21
Policy from config file:        targeted

[root@cetos5 asmlib]# /etc/init.d/oracleasm configure
Configuring the Oracle ASM library driver.

This will configure the on-boot properties of the Oracle ASM library
driver.  The following questions will determine whether the driver is
loaded on boot and what permissions it will have.  The current values
will be shown in brackets ('[]').  Hitting <ENTER> without typing an
answer will keep that current value.  Ctrl-C will abort.

Default user to own the driver interface [oracle]:
Default group to own the driver interface [dba]:
Start Oracle ASM library driver on boot (y/n) [y]:
Scan for Oracle ASM disks on boot (y/n) [y]:
Writing Oracle ASM library driver configuration: done
Initializing the Oracle ASMLib driver:                     [  OK  ]
Scanning the system for Oracle ASMLib disks:               [  OK  ]

We can adjust RMAN backup to disk with low workload and longer time. Good thing for busy production environment from Oracle 10g.

RMAN backup options works for this purpose:
1) DURATION hh:mm -> Specifies a maximum time for a backup command to run. If a backup command does not complete in the specified duration, the backup being taken stops.
2) [PARTIAL][MINIMIZE (TIME|LOAD)] -> With disk backups, you can use MINIMIZE TIME run the backup at maximum speed (default) , or MINIMIZE LOAD to slow the rate of backup to lessen the load on the system. With MINIMIZE LOAD the backup will take the full specified duration.

Example
I purposely let RMAN backup run 2 hours, though it would take only 30mins there without any constraints.
RMAN>  backup device type disk format='/myapp/u02/oradata/reportA/rman/reportA%U.bkp' as compressed backupset duration 2:00 minimize load database;

Starting backup at 22-JUN-09
using target database control file instead of recovery catalog
allocated channel: ORA_DISK_1
channel ORA_DISK_1: sid=123 devtype=DISK
channel ORA_DISK_1: starting compressed full datafile backupset
channel ORA_DISK_1: specifying datafile(s) in backupset
input datafile fno=00004 name=/myapp/u02/oradata/reportA/users01.dbf
...
input datafile fno=00019 name=/myapp/u02/oradata/reportA/tools01.dbf
channel ORA_DISK_1: starting piece 1 at 22-JUN-09

SQL> select sid,program from v$session where paddr = (select addr from v$process where spid=12345);

       SID PROGRAM
---------- ------------------------------------------------
       123 rman@oracle_node_1 (TNS V1-V3)

SQL> select time_remaining from v$session_longops where sid=123 and sofar<>totalwork;

TIME_REMAINING
--------------
          5669
--After some time
SQL> select message,time_remaining from v$session_longops where sid=123 and sofar<>totalwork;

MESSAGE
--------------------------------------------------------------------------------
TIME_REMAINING
--------------
RMAN: full datafile backup: Set Count 13521: 3442759 out of 0 Blocks done


RMAN: full datafile backup: Set Count 13521: 4858878 out of 4858880 Blocks done
             0

channel ORA_DISK_1: finished piece 1 at 22-JUN-09
piece handle=/myapp/u02/oradata/reportA/rman/reportA6hki7vbv_1_1.bkp tag=TAG20090622T170150 comment=NONE
channel ORA_DISK_1: backup set complete, elapsed time: 01:54:07
channel ORA_DISK_1: throttle time: 1:61:09
Finished backup at 22-JUN-09
...
RMAN> exit
Recovery Manager complete.

It only bother you only in combination: IE + Excel + SSL.  IE 6, 7 and 8, no exception.

Case: When people tried to save EXCEL report from Oracle Report Server, Internet Explorer pop up "Choose a digital certificate" dialog box, but box was empty: What happened? Furthermore, it only showed off in the 2nd open report then save file attempt.



I figure out it is the IE cause the problem by my way:
- Does firefox works? (yes)           
- Does open-office works? (yes)
- Does HTTP works ? (yes)
- Does "Save-File" works without any office software ? (yes with IE customized setup)
- Does Excel works if I save directly even without open it  ? (yes)
So, something in security inside IE block us. Excel is possible reuse IE security .

Google returned a bunch of solutions but none of them not worked for my case.
1) Workaround: "Click either OK or Cancel button couple of times until it disappear"
(http://www.techsupportforum.com/microsoft-support/internet-explorer-forum/161802-choose-digital-certificate-popup.html)
2) Bug: The "Choose a digital certificate" dialog box appears behind the Internet Explorer window in Windows Vista when you try to open an Office file from a site that requires digital certification
(http://support.microsoft.com/kb/960247)
3) IIS configuration: "IIS 6.0: Computer must trust all certification authorities trusted by individual sites"
(http://support.microsoft.com/?id=332077)
4) Tomcat configuration: "When Tomcat, HTTPS, and Excel collide"
(https://dev.youdevise.com/YDBlog/index.php?title=when_tomcat_https_and_excel_collide)
5) Office behavior: "DontAddToMRUIfURL registry value for Microsoft Word"
(http://www.techsupportforum.com/microsoft-support/internet-explorer-forum/161802-choose-digital-certificate-popup.html)

Solutions

1 use Non-IE browser, i.e Firefox
2 use Non-Office software, i.e OpenOffice
3 use IE with MS office but don't open EXCEL report, directly save it.
4 use IE without MS office software
Go to Tools->Internet Options->Advanced
Uncheck "Don't save encypted pages to disk"
Check "Use TLS 1.0"


Go to Tools->Internet Options->Security->Trusted Sites->Cutome Level (button)-> medium (default)
Check "Automatic prompting for file downloads"

Kinda tricky. eh?

We drove 350KM back and forth for delicious Chinese Food: BaoZi.




"A baozi or simply known as bao, bau, nunu, pow is a type of steamed, filled bun or bread-like (i.e. made with yeast) item in various Chinese cuisines, as there is much variation as to the fillings and the preparations. In its bun-like aspect it is very similar to the traditional Chinese mantou. It can be filled with meat and/or vegetarian fillings. It can be eaten at any meal in Chinese culture, and is often eaten for breakfast." -- Wikipedia

Clone ORACLE HOME is the most-efficient way to create/duplicate/move oracle software with all applied patch inside. Oracle provide this Perl script as $ORACLE_HOME/clone/bin/clone.pl. It accepts ORACLE HOME and ORACLE HOME NAME as parameters.

Example
I.e there is no sufficient space in previous OEM repository database home, move it to new location.

[@database_server]$ export ORACLE_BASE=/u01/app/db10g
[@database_server]$ export ORACLE_HOME=/u01/app/db10g/product/1020
[@database_server]$ export PATH=$ORACLE_HOME/bin:$PATH
[@database_server]$ perl $ORACLE_HOME/clone/bin/clone.pl  ORACLE_HOME=/u01/app/db10g/product/1020 ORACLE_HOME_NAME=OraDb10g_home2

./runInstaller -silent -clone -waitForCompletion  "ORACLE_HOME=/u01/app/db10g/product/1020" "ORACLE_HOME_NAME=OraDb10g_home2" -noConfig -nowait
Starting Oracle Universal Installer...

No pre-requisite checks found in oraparam.ini, no system pre-requisite checks will be executed.
Preparing to launch Oracle Universal Installer from /tmp/OraInstall2009-05-27_11-53-04PM. Please wait ...Oracle Universal Installer, Version 10.2.0.4.0 Production
Copyright (C) 1999, 2008, Oracle. All rights reserved.

You can find a log of this install session at:
 /d01/oem_inventory/db10g/inventory/logs/cloneActions2009-05-27_11-53-04PM.log
.................................................................................................... 100% Done.



Installation in progress (Wednesday, May 27, 2009 11:53:29 PM EDT)
........................................................................                                                        72% Done.
Install successful

Linking in progress (Wednesday, May 27, 2009 11:53:49 PM EDT)
Link successful

Setup in progress (Wednesday, May 27, 2009 11:55:17 PM EDT)
Setup successful

End of install phases.(Wednesday, May 27, 2009 11:55:27 PM EDT)
WARNING:
The following configuration scripts need to be executed as the "root" user.
#!/bin/sh
#Root script to run
/u01/app/db10g/product/1020/root.sh
To execute the configuration scripts:
    1. Open a terminal window
    2. Log in as "root"
    3. Run the scripts

The cloning of OraDb10g_home2 was successful.
Please check '/d01/oem_inventory/db10g/inventory/logs/cloneActions2009-05-27_11-53-04PM.log' for more details.
[@database_server]$

I can't stop laughing when I see "Top 10 Tips For a DBA" from LewisC at it.toolbox.com.
It is obviously a joke, but if you really see your DBA works in that way, you are in big trouble and gonna to take corrective action right way. Let us see what LewisC list for us:
"...
10 most important things you can do as a DBA

1. Sit around reading the newspaper until an application runs out of space. If applications never run out of space, how will management know they need DBAs. Don't add space until someone besides you notices.
2. Wait until a developer or user wants an ID, create it but don't grant any permissions.
3. Even if you know an application user or developer needs specific permissions, wait until they ask for it. This enhances security. (as in job)
4. When a user or developer asks for permissions, give it to them without question. Questions are a pain.
5. Explain to users and management that performance issues are always caused by network or application problems.
6. Explain to developers how performance is always bad code.
7. Explain to other DBAs how stupid your users, developers and managers are.
8. Say "No". The question doesn't matter. No is easier and usually the correct answer anyway.
9. Force developers to submit their code to you for review two days before you'll run it in production. Then, run it without looking at it. Tell them about it.
10. Don't allow production support to have any access to production. Complain when they call you at night.

"
I say nothing but ...Ha.ha.ha... You gonna to know how to deal with your "so-called DBA" if they matched LewisC's 10 features.

Free email to SMS gateway allow Oracle Grid Control send page / SMS though it is not supposed to.
Let us say I want to use my Rogers Cellphone to receive alerts triggered from Oracle database, it works in this way:

Steps:
1) Pickup what you interest in monitoring, either from built-in Host and/or Database metrics, yeah, we can create UDM as well
2) Create notification rule based on target Host/Database with specified metrics, choose default email method
3) Bind notification rule to Grid Control Administrators
4) Assign schedules when Administrators supposed to be oncall
5) Key: give email to Administrators.

If I give 613******@pcs.rogers.com, it would send to my CellPhone.

Free email to SMS gateway List
AT&T Enterprise Paging     number@page.att.net
Rogers (Canada)     number@pcs.rogers.com
...
See full list here: How To Send Email To Any Cell Phone (for Free)

From VirtualBox 2.2, We can clone and distribute VM much more easily by Export/Import Appliance in menu. It utilize Open Virtualization Format (OVF) standard to distribute VM on demand.

Note: if you are using VirtualBox 2.1.4 or lower version, clone VM in command line, see my article "Clone VirtualBox VM by vboxmanage".

What is OVF? see VMware good document. VMware is the leader of this standard. They says so:"

With OVF, customers’ experience with virtualization is greatly enhanced, with more portability, platform independence, verification, signing, versioning, and licensing terms. OVF lets you:

• Improve your user experience with streamlined installations
• Offer customers virtualization platform independence and flexiblity
• Create complex pre-configured multi-tiered services more easily
• Efficiently deliver enterprise software through portable virtual machines
• Offer platform-specific enhancements and easier adoption of advances in virtualization through extensibility

"

Example:


Tips
It generates 2 files during export. *.ovf and *.vmdk. 1 for VM description XML file, another is compressed image file.


VirtualBox become better , keep going, man.

We can use scripts or SQL query to extend monitoring capability of Oracle OEM Grid Control. Basically, it works in this way. Utilized existing monitoring OS level scripts for machine monitoring, it doesn't care it use Perl or Shell. And SQL statements (and/or call PL/SQL procedures) for database monitoring.

Example: Convert existing Perl scripts to user-defined metrics
Purpose: We need know windows service status from Grid Control, it would page us when service is down
Steps:
1. Install Oracle OEM Grid Control Agent in this windows server
2. Login to OEM Grid Control, go to Host: myhost.domain.com  >  User-Defined Metrics
3. Create Metric like this:
Definition
    Metric Name         My Windows Service Status
    Metric Type          NUMBER
    Command Line      perl c:/_myscripts_/check_win_service.pl "OracleServiceDB10g"
    Environment       
Operating System Credentials
    User Name        windows-domain\oracle
    Password          ******
Thresholds
    Comparison Operator    =
    Warning                        -1
    Critical                           0
    Consecutive Occurrences Preceding Notification        1
    Response Action       
Schedule
    Collection Schedule    Enabled
    Start            Immediately after creation
    Repeat every        5 Minute(s)

More Steps
1) Create notification rules and subscribe them , then you can get page
2) Create report to query this metric, then it send out report to you automatically

Conclusion
Reuse current monitoring scripts and integrate to Oracle Grid Control, of course, user-defined metrics is not the only way. I would cover this later.

This was what I did yesterday. Got couple of notes : 1) to prepare 2.5 us$ when crossed Canada-U.S border here (thousand islands area) , they don't care you can't see this beautiful area at night :-)  2) to show shopping receipt on demand in Canada Customs Border Agency. They would charge tax if it exceed some threshold. 3) This trip took 3.5 hours one way. 4) It is about 200 miles from Ottawa to Syracuse. 5) The Jeep GC consumed 85 litre when trip was done. I put Montreal and Albany in this map as well, which make it much more clear that how far it is and their relationship in map. Enjoy this trip if you want to have a try.

( screen shot from maps.google.com )

Who caused 99% UNDO tablespace usage yesterday? fortunately , Oracle 10g AWR allows you to find what SQL statements was consuming most of UNDO segments.

Views to check out:
DBA_HIST_UNDOSTAT
DBA_HIST_SQLTEXT

Top 10 UNDO usage SQL
select SQL_TEXT from DBA_HIST_SQLTEXT where SQL_ID in
   (select distinct MAXQUERYSQLID from
      (select * from 
         (select SNAP_ID,
                    MAXQUERYLEN,
                    UNDOBLKS,
                    MAXQUERYSQLID,
                    to_char(BEGIN_TIME,'yyyy/mm/dd hh24:mi') begin,
                    to_char(END_TIME,'yyyy/mm/dd hh24:mi') end
          from DBA_HIST_UNDOSTAT
          order by UNDOBLKS desc,
                        MAXQUERYLEN desc
         ) where rownum<11
      )
   );

Oracle moved on to add value to existing Oracle VM. See report at "Oracle buys Virtual Iron".
Note: there is a pdf inside this article. Oracle stated that major reason to reach this deal is Oracle VM can't but Virtual Iron does provide following advanced features in Dynamic resource management and automation: Capacity management, Power management and Integration capacities (Open, comprehensive, and scriptable API). Does it make Oracle VM much more attractive in the market? Let us see.

In some case, putty command line can help us run remote command in this way:

Example
c:> putty.exe -ssh -2 -l username -pw password -m c:\remote.cmd remote_host

c:> type c:\remote.cmd

echo `date`;exit 0;

Note:
For full Putty command line options, check out "Putty User Manual" .

You don't have permission to schedule script in crontab? np, Let Perl help you.

Example:
#!/usr/bin/perl
die "usage: $0 command_to_run interval" unless 2==@ARGV;
while(1){
   eval{ system("$ARGV[0]");}; warn $@ if $@;
   sleep $ARGV[1];
}

Note: for more details, check eval and sleep usage with command "perldoc -f eval" and "perldoc -f sleep".

"Borland Software Corporation to be Acquired by Micro Focus International plc"

To clone VM with Sun xVM VirtualBox : 1) clone current VM disk by command vboxmanage 2) create new VM attached to cloned disk.
Note: no GUI is available so far in release 2.1.4.
For VirtualBox version 2.2 or higher, use export/import wizard, see my new article "Clone VirutalBox VM via Open Virtualization Format (OVF)"

Example
C:\Documents and Settings\pang\.VirtualBox\HardDisks>path="C:\Program Files\Sun\xVM VirtualBox";%PATH%

C:\Documents and Settings\pang\.VirtualBox\HardDisks>vboxmanage clonehd "windows_2003.vdi" "windows_2003_clone.vdi"
VirtualBox Command Line Management Interface Version 2.1.4
(C) 2005-2009 Sun Microsystems, Inc.
All rights reserved.

0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
Clone hard disk created in format 'VDI'. UUID: ac8cd778-eb2d-47cf-8c60-82109dc498fe

C:\Documents and Settings\pang\.VirtualBox\HardDisks>

To Create test database from standby database directly. Exclude tablespaces is allowed here.
This solution works in 9i. 10g/11g works this way as well, but with different technology stack, 10g use flashback, 11g use snapshot standby. I would cover those topics in  this or next week.

Refresh database from standby database

Benefits:
1) don't need any backup from primary source database
2) don't need create dummy database then export/import
3) much faster than use fies from primary source database
4) much faster than exp/imp method
5) subset of database if on demand

2 methods:
- Copy current standby database to somewhere, then play the original standby, I don't recommend this way. It is obvious, some steps has to be done before primary/standby works again.
- Copy current standby database to somewhere, then play and refresh database there. I recommend this because it doesn't hurt current primary/standby relationship though maintain window is required to shutdown standby database and perform copy work. Shutdown standby is actually optional.

Steps
1 Stop log transport service in primary database
2 Shutdown down standby database cleanly or we can stop log apply service only
3 Copy full or subset of database to target server, i.e exclude tablespace which don't need in new database
4 Create password file, parameter file and folders for new database
5 Mount this new database and make it works:
- change standby_file_management to manual before following rename file command
- rename datafile and/or logfile if they are copied to new folders
- take offline those datafiles not copied over
- perform role transition , convert it to primary database
- set database protection mode to maximize performance
- etc...

Commands
startup nomount
alter database mount standby database;
alter system set standby_file_management=manual;
alter database rename file *** to ***; /* for datafiles, log files in new location */
alter database datafile *** offline drop; /* for those excluded tablespaces during copy */

/* you maybe need to copy, register archivelogs from standby database or primary to push forward database to the latest time before this step*/
alter database activate standby database;

shutdown immediate
startup mount
alter database set standby database to maximize performance; --optional, only for those already in higher protection mode
alter database open;
drop tablespace ****; -- optional, only for those excluded tablespace

Conclusion
Combination of available solutions to create new wheel.

I created Oracle VPD example quickly only to demonstrate what Oracle Virtual Private Database does.

Concept: it append to 'where' of SQL statement behind the scene. BTW, sys is not limited by VPD or label security , can be audit though.

Quick example
SQL> @c:\vpd.example.sql
SQL> --test case
SQL> -- Task 1: create users, data owner, data query users;
SQL> --         create data for access

SQL> create user data_owner identified by oracle default tablespace users quota unlimited on users;
SQL> grant connect,resource to data_owner;

SQL> --user: hr
SQL> create user user_hr identified by oracle default tablespace users quota unlimited on users;
SQL> grant connect,resource to user_hr;

SQL> --user: finance
SQL> create user user_finance identified by oracle default tablespace users quota unlimited on users;
SQL> grant connect,resource to user_finance;

SQL> --table: all data in table
SQL> create table data_owner.all_data
  2  (
  3  data_id number primary key,
  4  dept varchar2(10),
  5  content varchar2(100)
  6  );

SQL> insert into data_owner.all_data values(1,'hr','hr data');
SQL> insert into data_owner.all_data values(2,'finance','finance data');
SQL> commit;

SQL> --table access for user hr and finance
SQL> grant select,insert,update,delete on data_owner.all_data to user_finance;
SQL> grant select,insert,update,delete on data_owner.all_data to user_hr;

SQL> -- Task 2: create VPD on above data object
SQL> --RULEs
SQL> --1) hr can do everyting in dept='hr', but can't see other data
SQL> --2) finance can do everything in dept='finance', but can't see other data
SQL>
SQL> --Policy
SQL> --1) policy function
SQL> CREATE OR REPLACE FUNCTION data_owner.all_data_access_rule_1 (sname IN VARCHAR2, oname IN VARCHAR2)
  2  RETURN VARCHAR2 AS
  3  return_con VARCHAR2(4000) :='1=2';
  4  coming_user varchar2(4000) :='dummy';
  5  BEGIN
  6     -- get session user
  7     coming_user := lower(sys_context('userenv','session_user'));
  8     if coming_user = 'user_hr' then
  9          return_con := 'dept=''hr''';
 10     elsif coming_user = 'user_finance' then
 11          return_con := 'dept=''finance''';
 12     else
 13          null;
 14     end if;
 15     return return_con;
 16  EXCEPTION
 17     when others then
 18     return return_con;
 19  END;
 20  /

SQL> --2) apply policy with rules and users
SQL> BEGIN
  2     DBMS_RLS.ADD_POLICY (object_schema=>'data_owner',
  3                          object_name=>'all_data',
  4                          policy_name=>'all_data_access_rule_1',
  5                          function_schema=>'data_owner',
  6                          policy_function=>'all_data_access_rule_1'
  7                          );
  8  END;
  9  /

SQL> -- Task 3: test result
SQL> col data_id for 999999
SQL> col dept for a10
SQL> col content for a20
SQL> set linesize 100
SQL> conn / as sysdba
Connected.
SQL> select * from data_owner.all_data;

DATA_ID DEPT       CONTENT
------- ---------- --------------------
      1 hr         hr data
      2 finance    finance data

SQL> conn user_hr/oracle
Connected.
SQL> select * from data_owner.all_data;

DATA_ID DEPT       CONTENT
------- ---------- --------------------
      1 hr         hr data

SQL> conn user_finance/oracle
Connected.
SQL> select * from data_owner.all_data;

DATA_ID DEPT       CONTENT
------- ---------- --------------------
      2 finance    finance data

SQL>

It that happened. Oracle has super power in OS, storage , database and applications. What a product line!

Good news for Oracle DBA. But does mySQL still has future?