Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: W2000 connect / as sysdba problem
Howard J. Rogers wrote:
> Kenneth Koenraadt wrote:
> [snip]
>
>> >> >> Hi Howard, >> >> Can't agree. >> >> It's true that you can "connect / as sysdba" even with >> remote_login_passwordfile =exclusive, >> but only as long as your user is a *LOCAL* W2K user.
>> If you logon to >> the server *remotely* with e.g. a Domain user account, which is also >> a member of the local ORA_DBA group you *won't* be able to "connect / >> as sysdba". I guess that's why it is called >> "remote_login_passwordfile" and not "local_login_passwordfile"
>> The doc also states that you must set remote_login_passwordfile =NONE >> to use OS-authentication on W2k. The fact that a *local* user can >> somehow bypass it does not affect that. >> >> <quote> >> Set the REMOTE_LOGIN_PASSWORDFILE parameter to NONE in the >> INIT<SID>.ORA file. This parameter enables operating system >> authenticated >> logins for the >> INTERNAL user. </quote>
SQL> show parameter remote_login
NAME TYPE VALUE ------------------------------------ ----------- --------- remote_login_passwordfile string EXCLUSIVE
Here's my sqlnet.ora on the *CLIENT* machine:
SQLNET.AUTHENTICATION_SERVICES= (NTS) NAMES.DIRECTORY_PATH= (TNSNAMES) And here's the acid test:
H:\>sqlplus "/@win92 as sysdba"
SQL*Plus: Release 10.1.0.2.0 - Production on Fri Apr 30 18:00:36 2004
Copyright (c) 1982, 2004, Oracle. All rights reserved.
Connected to:
Oracle9i Enterprise Edition Release 9.2.0.1.0 - Production
With the Partitioning, OLAP and Oracle Data Mining options
JServer Release 9.2.0.1.0 - Production
So that's me finally managing to get a remote connection using O/S authentication to a 9i database that's got R_L_P set to something other than NONE.
Still think the docs are correct?
Regards
HJR
Received on Fri Apr 30 2004 - 03:03:11 CDT