| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> RE: OS authentication
I usually don't bother to set os_authent_prefix. Its not necessary. Instead make sure OSAUTH_PREFIX_DOMAIN is set to TRUE and prefix the user with the domain name.
create user "DOMAIN-NAME\USERNAME" identified externally.
That way the user has to actually authenticate to the domain to be given access. Otherwise its fairly easy to spoof that username and gain access to the database.
You'll have to set SQLNET.AUTHENTICATION_SERVICES=(NTS) in sqlnet.ora on the clients.
HTH, Beth
-----Original Message-----
Sent: Tuesday, October 15, 2002 9:43 PM
To: Multiple recipients of list ORACLE-L
I want to use OS authentication. On the server side (Windows2000), does the user need to be created as OPS$USERNAME or just USERNAME? For authentication, do they need to be added to any other group besides User? Is there anything else that needs to be done for authentication to work?
In the init, I have os_authent_prefix = OPS$. I created the user as Create OPS$USERNAME identified externally;
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Eric Richmon
INET: cemail2_at_sprintmail.com
Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services ---------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services ---------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). Received on Tue Oct 15 2002 - 21:18:22 CDT
 |
 |