Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Need to Log on 2000 users

RE: Need to Log on 2000 users

From: QuijadaReina, Julio C <>
Date: Mon, 02 Jun 2003 05:34:52 -0800
Message-ID: <>

Hi gaurav and fellow DBAs,

I ran into the same problem once on a Sun Solaris 5.9 box. The lines on your sqlnet.ora file have a great deal of impact on how authentication works.
remote_os_authent=true will allow people remote users to connect to your instance using the credentials on the machine they are logged in. This means that OS credentials used are niether Oracle's nor the local OS's that your insance resides on. I don't know about you but I 'goose bumps' at the thought of allowing users to user THEIR OS authentication credentials.

If you are comfortable with they way your authentication works, omit the following lines:

If I were you, I would take the SQLNET.AUTHENTICATION_SERVICES
= (none) out of my sqlnet.ora file and change your remote_os_authent =
false on my ora init instance file.

An excelent way to troubleshoot the sqlnet.ora file is to create a copy of it as a backup and try taking out a line at a time. Restart your ora instance every time you delete one of your lines in the file and test your login.

Another pointer....
I think you are missing grant connect and grant resource on your grant statement.

Take care,

-----Original Message-----

Sent: Monday, June 02, 2003 7:55 AM
To: Multiple recipients of list ORACLE-L

Hello list , I tried the same thing but to log on an OS user I have to set
remote_os_authent=true in parameter file and SQLNET.AUTHENTICATION_SERVICES
= (none) in sqlnet.ora

Why would I need to set remote_os_authent ? shouldn't it be left at its default value of 'false' ? otherwise wouldn't it be a security problem. But I cannot log in my os users till I set remote_os_authent=true

Other details :

Oracle enterprise edition on win32

OS_AUTHENT_PREFIX='' create user administrator identified externally default tablespace users
temporary tablespace temp
quota unlimited on users ;

grant create session, create table to administrator;

Munish Bajaj,
If you want your OS users to log into your database, you need to set the OS_AUTHENT_PREFIX parameter in the init ora file for your instance to a string of your like. Oracle's default is OPS$. If your OS user account is JOE. Oracle looks at this account as OPS$JOE. The account is tacked on the OS_AUTHENT_PREFIX. Then, you need to create the ORACLE user account that will correspond to your OS account and make it externally identified.

As sys do the following:
SQL> create user OPS$JOE externally identified; Bear in mind that if you have and OS group called DBA, any member of that group will be able to connect as sysdba, so you need to be careful with the people you put in that group ;-- ) Regards,

Please see the official ORACLE-L FAQ:
Author: QuijadaReina, Julio C

Fat City Network Services    -- 858-538-5051
San Diego, California        -- Mailing list and web hosting services
To REMOVE yourself from this mailing list, send an E-Mail message
to: (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).
Received on Mon Jun 02 2003 - 08:34:52 CDT

Original text of this message