Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: W2000 connect / as sysdba problem

Re: W2000 connect / as sysdba problem

From: Howard J. Rogers <hjr_at_dizwell.com>
Date: Sat, 01 May 2004 13:07:51 +1000
Message-ID: <40931483$0$12740$afc38c87@news.optusnet.com.au>


Andrew wrote:
> Hi
> now I switched to
>
> remote_login_passwordfile = SHARED

That is a very odd setting for that parameter. It means one password file will do duty for multiple instances. Are you going to have multiple instances on the one laptop?

But whatever, at least you are saying that the parameter is not set to NONE, and yet you can still do O/S authentication as a privileged user (provided you are connected to the domain).

Good. Case closed.

> so when laptop is connected to domain I can use
>
> connect / as sysdba
>
> if laptop is not connected to network, i.e. at home, I am using
>
> connect sys/password as sysdba.
>
> This is ok, I just have to edit my scripts to always use sys/password
> in connect string which is not a big deal.
>
> This all is taking place on my laptop. Instance is running on my
> laptop and I am connecting to this instance on the same laptop. Why
> the hell it requires domain access to allow me to "connect / as
> sysdba" I don't know...

Why don't you know? Is it not obvious?? I asked you specifically about domain groups/users versus local groups/users, and you said bluntly that you were using your domain logon. O/S authentication means, to Oracle, "go and check whether this user is a member of the ORA_DBA group", and in your case, because you are using a domain username, it needs to authenticate with the domain controller to find out details about the group memberships of your domain user account.

Pretty obvious, I would have thought. If you were logging on as a local (laptop) user, and that local user account was a member of the ORA_DBA group (again, presumably local to your laptop), then the laptop could solve the matter on its own. But you've *asked* to introduce a domain component, so how can you expect it work when the domain is not available?

OK, you say: Windows allows me to use the laptop under that domain username even when not connected to the domain. True: but it doesn't let you use mapped network drives or other domain resources, does it? Same deal with Oracle. It must check the domain for authentication each time a connection request that depends on it is made, and just happens to be cocded that way.

I think in any other walk of IT life, if you said "I want to use domain privileges, but without actually connecting to a domain", you could reasonably predict what would happen. I don't quite understand why you think Oracle should behave any differently. Received on Fri Apr 30 2004 - 22:07:51 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US