Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: os authentication question
Doeni <doeni_at_evhr.net> writes:
> kshave_at_health.gov.mb.ca wrote:
> >
> > Is it possible to log into an NT file server and have this password
> > authenticate you for all Oracle databases, no matter what machine the
> > database resides on? I know it works if the database resides on the
> > same machine you are logging into, but I'm curious to know if you can
> > use this for more.
Sure. Just make sure that the database user is created as identified
externally on all of the databases.
> >
> > -Keith
> >
> > Sent via Deja.com http://www.deja.com/
> > Share what you know. Learn what you don't.
>
> remote_os_authent=TRUE in init.ora
> But be aware of the security hole.
The name of this variable is a misnomer. It means to trust the username sent
by the client. In the case of NT authentication, the Oracle server consults
the operating system to see if the client been authenticated, rather than
blindly trusting the name sent by the client. Bottom line: this variable
does not need to be set for NT authentication to work. In addition, it is a
security hole so it should not be set to TRUE in any case.
--
Rick Rick Wessman Security and Directory Technologies Server Technologies Oracle Corporation rwessman_at_us.oracle.comReceived on Mon Jul 26 1999 - 14:38:02 CDT