Re: oracle authentication from windows

Hello arup , I am using oracle 9.2.0.1.0 enterprise edition on windows xp
my os_authent_prefix='' (I know , after reading your post , that its a security flaw ,but since this is just a test database on a single computer not on the network, let it be )

: Are you logging in the server through TPCIP? If you are logging in
the
: server directly you should be using IPC and then you can use the
local
: server logins. By the way what is your Oracle version (in full, e.g.
9.2,
: not just 9i).

I am logging in directly into the computer, not via telnet. I did the following
create user administrator identified externally default tablespace users
temporary tablespace temp
quota unlimited on users ;

grant create session , create table to administrator;

now the winxp user is able to log into his schema ( after physically logging into this stand alone computer ) by using sqlplus /@service_name ONLY AS LONG AS I KEEP remote_os_authent=true other parameters :

sqlnet_authentication_services=(none)
remote_login_passwordfile=exclusive
remote_os_roles=false

As soon as I do the following :

alter system set remote_os_authent=false scope=spfile; shutdown
startup
SQL> conn /@service_name
ERROR:
ORA-01004: default username feature not supported; logon denied Warning: You are no longer connected to ORACLE.

but
after setting remote_os_authen=true and bouncing the database SQL> conn /@service_name
Connected.
SQL> show user
USER is "ADMINISTRATOR"
SQL> That is the question which has me stumped. Any ideas ?

Question number 2 :
I have sqlnet_authentication_services=(none) Does this mean that Oracle is instructed to accept any external authentication or does it mean that Oracle is being instructed not to trust any external authentication ?
I use sqlnet_authentication_services=(none) and am able to log in the winxp administrator ( as I show above) how did that work then ?

Question number 3 :
 Assume that sqlnet_authentication_services=(none) . If there is an externally identified user called scott ( when os_authent_prefix='' ) or ops$scott (when os_authent_prefix='ops$' ) either which way suppose there is some user called X who is to identified externally , does this mean that anyone on the network can create an operating system user called X (after taking into account the value of op$_authent_prefix) log into their own computer using their own password and then log into the oracle schema of X ? or will that depend on the value of remote_os_authent.

......................

-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.net
-- 
Author: <[EMAIL PROTECTED]
  INET: [EMAIL PROTECTED]

Fat City Network Services    -- 858-538-5051 http://www.fatcity.com
San Diego, California        -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).