Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: OS Password authentication

Re: OS Password authentication

From: Ruben Safir <ruben_at_llinderman.dental.nyu.edu>
Date: Thu, 04 Nov 1999 21:08:51 GMT
Message-ID: <DBmU3.37$WT1.4145@typhoon.nyu.edu> 





[Posted and mailed]


Thanks for the Reply.



Because of how the documentation is layed out in the online manuals,
I was under the assumption that all user authentication  could be on the OS
Level.  The more I investigate this, it seems the less likely this is to be
true.  It seems only dba group users can be password authenticated through
the OS.



I need to understand some of the detail in this  for my own peace of mind.



<< As you probably know, the object of a password file is to give selected users


the privilege of connecting as "internal". >>



When we are refering to A password file, are we talking about THE /etc/passwd
file in Unix or something created by Oracle?  I see in init.ora a variable
for naming a file.



http://intranet.dental.nyu.edu/oracle/doc/server.805/a58397/ch1.htm#1078

This URL which has the Oracle Docs on line seems to say that all user
authorization can be done through the OS.  So this is my reason for confussion i
if this is not the case.



<< 1) The internal password holder should have granted you the SYSOPER


and/or SYSDBA privileges.>>



OK.  This is done through the /etc/groups permisions I assume as described in
 the intallation documents?


What exactly is the would a password holder look like :)



<<  2)  The init.ora file needs to have the parameter


REMOTE_LOGIN_PASSWORD = EXCLUSIVE.>>


OK - This is very confussing to me because it seems to be a contradiction to    what it says in the documentation.  WHat you describe is the setup of my
initorcl.ora  BUT - This is a quote from the documentation:





If you choose, you can have your operating system authenticate users performing database administration operations. 



    1.Set up the user to be authenticated by the operating system. 
    2.Make sure that the initialization parameter, REMOTE_LOGIN_PASSWORD, is set to NONE, which is the default value for this
      parameter. 


    3.Authenticated users should now be able to connect to a local database, or to connect to a remote database over a secure connection, by
      typing one of the following commands: 





Is this an error in the Docs?!?




I'm also still confused about why we want to use a prefix.
I'm not understanding exactly the advantage it creates for me and the reason
it gives me this advantage.




ruben_at_wynn.noSppam.com



http://www.brooklynonline.com



Manager of Intranet Development NYU College of Dentisty
Resume:  http://www.wynn.com/jewish/resume.html




Perl Notes:


http://www.wynn.com/jewish/perl_course


Received on Thu Nov 04 1999 - 15:08:51 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US