| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> RE: Need to Log on 2000 users
Hi gaurav and fellow DBAs,
I ran into the same problem once on a Sun Solaris 5.9 box. The lines on
your sqlnet.ora file have a great deal of impact on how authentication
works.
remote_os_authent=true will allow people remote users to connect to your
instance using the credentials on the machine they are logged in. This
means that OS credentials used are niether Oracle's nor the local OS's
that your insance resides on. I don't know about you but I 'goose bumps'
at the thought of allowing users to user THEIR OS authentication
credentials.
If you are comfortable with they way your authentication works, omit the following lines:
If I were you, I would take the SQLNET.AUTHENTICATION_SERVICES
= (none) out of my sqlnet.ora file and change your remote_os_authent =
false on my ora init instance file.
An excelent way to troubleshoot the sqlnet.ora file is to create a copy of it as a backup and try taking out a line at a time. Restart your ora instance every time you delete one of your lines in the file and test your login.
Another pointer....
I think you are missing grant connect and grant resource on your grant
statement.
Take care,
Julio
-----Original Message-----
Sent: Monday, June 02, 2003 7:55 AM
To: Multiple recipients of list ORACLE-L
Hello list , I tried the same thing but to log on an OS user I have to
set
remote_os_authent=true in parameter file and
SQLNET.AUTHENTICATION_SERVICES
= (none) in sqlnet.ora
Why would I need to set remote_os_authent ? shouldn't it be left at its
default value of 'false' ? otherwise wouldn't it be a security problem.
But I cannot log in my os users till I set remote_os_authent=true
Other details :
Oracle 9.2.0.1.0 enterprise edition on win32
OS_AUTHENT_PREFIX=''
create user administrator identified externally
default tablespace users
temporary tablespace temp
quota unlimited on users ;
grant create session, create table to administrator;
Munish Bajaj,
If you want your OS users to log into your database, you need to set the
OS_AUTHENT_PREFIX parameter in the init ora file for your instance to a
string of your like. Oracle's default is OPS$. If your OS user account
is JOE. Oracle looks at this account as OPS$JOE. The account is tacked
on the OS_AUTHENT_PREFIX. Then, you need to create the ORACLE user
account that will correspond to your OS account and make it externally
identified.
As sys do the following:
SQL> create user OPS$JOE externally identified;
Bear in mind that if you have and OS group called DBA, any member of
that group will be able to connect as sysdba, so you need to be careful
with the people you put in that group ;-- )
Regards,
Julio
-- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: QuijadaReina, Julio C INET: QuijadJC_at_alfredstate.edu Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).Received on Mon Jun 02 2003 - 08:34:52 CDT
 |
 |