RE: ORA-01031: insufficient privileges
Date: Fri, 13 Feb 2009 15:17:16 -0500
Message-ID: <CC7ECEDD58772D41A44D87EBED4A77A10534830C_at_TCCEML02.gbrownc.on.ca>
Hi Branimir,
Here are some notes I have on this:
SYSDBA and SYSOPER privileges are stored in an external password file. The default location for the file (in Unix) is $ORACLE_HOME/dbs. The default name for the password file is orapw<SID>.
I know of two ways to change the SYS password:
- Run the orapwd program. This program replaces the password file and any users with SYSDBA privileges automatically lose those privileges.
- Use the standard alter user sys identified by xxx;. This will update / replace the password file, but preserve users who previously had SYSDBA privileges.
SYSDBA privileges are granted in the usual way. Eg. grant sysdba to user X;
Performance view v$pwfile_users exposes users who have these privileges.
system_at_XXXTST> desc v$pwfile_users
Name
USERNAME SYSDBA SYSOPER HTH Sam Bootsma
Oracle Database Administrator
Information Technology Services
George Brown College
Phone: 416-415-5000 x4933
Fax: 416-415-4836
E-mail: sbootsma_at_georgebrown.ca <mailto:sbootsma_at_georgebrown.ca>
From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Branimir Petrovic
Sent: February 13, 2009 2:51 PM
To: oracle-l_at_freelists.org
Subject: ORA-01031: insufficient privileges
Please help me see what am I doing wrong or missing.
My system is (freshly installed):
OS: OEL 5.2 64 bit
Oracle: 10.2.0.3 64 bit
dba' group is primary group for user 'oracle' (created via 'oracle
validated' rpm):
~]# cat /etc/passwd | grep oracle
oracle:x:500:500::/home/oracle:/bin/bash
[root_at_s-ora-004 ~]# cat /etc/group | grep dba
dba:x:500:
sqlnet.ora has:
SQLNET.AUTHENTICATION_SERVICES= (NTS)
When I try to log on as 'oracle' (after sourcing environment and SID):
~]$ sqlplus '/ as sysdba'
I get:
ERROR:
ORA-01031: insufficient privileges
but providing user name and password:
Enter user-name: sys as sysdba
Enter password:
does get me there:
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - 64bit
Production
Looks like without ability successfully log on with '/ as sysdba' dbshut and dbstart scripts will not stop or start database services (TNS listener starts but not the database). What should I be looking at to restore '/ as sysdba' login capability?
Thanks,
Branimir
-- http://www.freelists.org/webpage/oracle-lReceived on Fri Feb 13 2009 - 14:17:16 CST