OS authentication question

From: GS <GS_at_GS.com>
Date: Wed, 16 Jan 2008 21:23:17 GMT
Message-ID: <9Bujj.33921$fj2.21282@edtnps82>

Database is running on W2K server, clients are windows xp pro running 9i client.

We've not used OS authentication here for any databases yet, so this is relatively new to me. To make our SOX compliance easier we are thinking about going to OS authentication for a lot of our app's that run on Oracle databases, since our network passwords are now very stringent and the beancounters are saying the database passwords need to meet the same criteria, but if the users connect with the complex OS password then we are ok.

So, on a test database I created a login for myself with the following:

create user "ops$my_domain\my_network_username" identified externally; grant connect, create session et. to the new user (me)

I enter "sqlplus /nolog" then "connect / @testdb" and I am in with no password, as expected. So far so good, so I take an existing user in the test database, and from EOM I highlight this user and choose create like so he will have the correct roles etc., then add "ops$my_domain\his_domain_username" in the database. We try from his machine to connect via sqlplus the same way I did, and I am getting invalid username/password errors. I double checked the new username I created for him and all looks fine.

The servers sqlnet.ora file has SQLNET.AUTHENTICATION_SERVICES= (NTS), I thought I might need that on the client side too but my machine is SQLNET.AUTHENTICATION_SERVICES= (NONE) and I can connect ok. I am on my way back over to check his sqlnet.ora file, but is there something else I am missing here?

thanks in advance Received on Wed Jan 16 2008 - 15:23:17 CST

Original text of this message