Re: User identified externally

Frank Calfo wrote in message <01bec27d$66072f40$e401010a_at_FRANK>...
>I'm having trouble setting up a user identified externally in Oracle 7.3.4
>on NT 4.

You need to add to your INITxxxx.ORA file the line

REMOTE_OS_AUTHENT = TRUE , the default is false

>1) Do I need the operating system prefix parameter set in the init.ora file
>or can I leave it
> blank/default?

yes, as well as the above add

OS_AUTHENT_PREFIX=OPS$
>2) When I create the user account in oracle do I use the prefix or not?
>Ex. do I setup Fred
> or OPS$Fred

no, just CREATE (or ALTER) USER FRED IDENTIFIED EXTERNALLY

>3) When connecting through SQL*Plus, must the user supply a password?

No, just CONNECT /@xxxxx will do

>
>4) When using this option, does Oracle attempt to confirm the password from
>the OS or does Oracle just assume that if you've logged into the OS then it
>must be ok to let you in the database?

No, identified externally assumes that the user has already been authenticated and so is to be trusted. It is not particularly safe since any user with access to your network can create an NT user (domain or local) with the same user name and then connect to the database from SQL*Plus! I wouldn't use external accounts on NT if you're even slightly concerned abou security, even a saving the password in the registry is safer!

>Thanks.
>
Received on Sat Jul 03 1999 - 09:36:13 CDT