Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: W2000 connect / as sysdba problem

Re: W2000 connect / as sysdba problem

From: Howard J. Rogers <hjr_at_dizwell.com>
Date: Sat, 01 May 2004 00:32:12 +1000
Message-ID: <40926365$0$25012$afc38c87@news.optusnet.com.au>


Kenneth Koenraadt wrote:

[snip]

>>>>>If you logon to
>>>>>the server  *remotely* with e.g. a Domain user account, which is also
>>>>>a member of the local ORA_DBA group  you *won't* be able to "connect /
>>>>>as sysdba". I guess that's why it is called
>>>>>"remote_login_passwordfile" and not "local_login_passwordfile"
>>>>
>>>>Well, since it's a remote connection, you won't be able to connect / as 
>>>>sysdba *at all* because there needs to be a tnsnames alias in there 
>>>>somewhere (somewhere I can never get right in any case: sqlplus "/@win92 
>>>>as sysdba" isn't doing it for me!).
>>>
>>>
>>>Yes you will.
>>>You logon to the server with a domain user being a member of the local
>>>ORA_DBA group. With R_L_P=NONE, and sqlnet.ora properly set, I can
>>>connect / as sysdba easily. Have done it hundreds of times.
>>
>>Define "properly setting" sqlnet.ora 

>
>
> SQLNET.AUTHENTICATION_SERVICES= (NTS)
Which doesn't obviate the necessity for specifying which remote database you want to connect to, does it? Setting ORACLE_SID on the client doesn't do it, because then you simply get protocol adapter errors.

Viz:

H:\>set ORACLE_SID=win92

H:\>sqlplus / as sysdba

SQL*Plus: Release 10.1.0.2.0 - Production on Sat May 1 00:05:09 2004

Copyright (c) 1982, 2004, Oracle. All rights reserved.

ERROR:
ORA-12560: TNS:protocol adapter error

But:

H:\>sqlplus /@win92 as sysdba

SQL*Plus: Release 10.1.0.2.0 - Production on Sat May 1 00:09:27 2004

Copyright (c) 1982, 2004, Oracle. All rights reserved.

Connected to:
Oracle9i Enterprise Edition Release 9.2.0.1.0 - Production With the Partitioning, OLAP and Oracle Data Mining options JServer Release 9.2.0.1.0 - Production

If you are doing a remote connection, truly remote, you will need a tnsnames alias in the connect string.

(Incidentally, this happens to be a 10g client, and that rather nicely obviates the necessity of putting quotes around the thing. But it works identically with a 9iR2 client, too).

>
> Guess it should, but I want to know the whole truth.
> I am not able to demonstate, since the only W2k-system I work on now
> is my laptop.
>
> Maybe someone out there can reveal it :
>
> You have an oracle 8i+ on a W2K server called DBS. It participates in
> a domain DOM with a Domain admin user USR also being member of the
> local ORA_DBA group.
>
> We assume
> SQLNET.AUTHENTICATION_SERVICES= (NTS)
> present in sqlnet.ora.
>
> You now login to the domain DOM with user USR from DBS.
>
> And I claim : In order to "connect / as sysdba" to a DB on DBS, that
> DB *cannot* have R_L_P = EXCLUSIVE or SHARED.
>
> False or true ?? I believe true, it is what I experienced through 1
> year and hundreds of logins.

False, I'm afraid.

My test setup is not *exactly* as you describe, and I'm not about to re-configure it to make the point. But I have a W2K (Advanced) server hosting domain dizwell.local. I have a domain-member laptop running XP. The 8i database is on a participating server called HAYDN, the 9i database is on a participating server called MOZART and the 10g database is on a participating server called BRITTEN. And I can log on to all of 'em, as a privileged user, with RLP set to EXCLUSIVE, having first logged on to my laptop as me (a Domain Admin, natch, and where Domain Admins as a group has been added to each server's ORA_DBA group). Precisely the case I posted earlier.

If I knew Linux better than I do, I'd fiddle my /etc/group to see whether I can do it on a Linux box, too. With the Linux box "visible" on the domain, but not actually sort-of integrated into it, I'm not sure how to go about adding me, the Windows domain user, in as a member of the oinstall or dba group. That's my Linux ignorance for you.

Oh, just for the hell of it then, here's a 9i XP client connecting to the 8i database:

H:\>sqlplus "/@win81 as sysdba"

SQL*Plus: Release 9.2.0.1.0 - Production on Sat May 1 00:29:39 2004

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

Connected to:
Oracle8i Enterprise Edition Release 8.1.7.3.0 - Production With the Partitioning option
JServer Release 8.1.7.3.0 - Production

SQL> show parameter remote_login

NAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------
remote_login_passwordfile            string      EXCLUSIVE

Although the quotes are now obligatory, the answer remains 'false'.

HJR Received on Fri Apr 30 2004 - 09:32:12 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US