Re: OS authentication

From: Rick Wessman <Rick.WessmanNO_SPAM_at_oNrOaScPlMe.com>
Date: 10 Apr 2003 10:03:36 -0700
Message-ID: <b74858020fp_at_drn.newsguy.com>

In article <a20d28ee.0304092331.73237840_at_posting.google.com>, postbus_at_sybrandb.demon.nl says...
>
>Frank <fvanbortel_at_netscape.net> wrote in message
>news:<3E9471BE.7050409_at_netscape.net>...
>> Didier wrote:
>> > Hi,
>> >
>> > I'm trying to use the OS authentication :
>> >
>> > - Server : Oracle 8.1.7
>> > - Client : ODP.NET 9.2 (and parallel Oracle client 8.1.7)
>> >
>> > I've configured the database server (remote_os_authent=true /
>> > os_authent_prefix = "" and create the user with a role giving access
>> > to the db objects - also connect and create session right).
>> > When using sqlplus with 'sqlplus /_at_myalias', all works fine. When
>> > trying an Open on an OracleConnection in .NET (with the connect string
>> > : "user id=/; data source=myalias"), I become an exception with the
>> > error ORA-01017 (wrong login/password). Using my connection
>> > (OracleConnection) starting with an Oracle identified user works fine.
>> > I'm probably missing something, could someone give me some hints
>> > please ? (I'v also set in registry OSAUTH_PREFIX_DOMAIN to FALSE -as
>> > string key).
>> >
>> > Thanks
>>
>> Now I know Gate$ considers every PC, connected to the web as his own,
>> but do you have _any_ idea what OS user would be used?!?
>> Neither do I, or does Oracle
>
>
>Sorry to say so but this is not true. The user is the user currently
>connected to the system. And even in the Evil Empire users have names,
>albeit it might be just 'administrator'.
>To get this working the OP must have
>sqlnet.authentication_services=(NTS) in sqlnet.ora on the server, or
>it won't work.
>
>Regards
>
>Sybrand Bakker
>Senior Oracle DBA
Also, please make sure that REMOTE_OS_AUTHENT is set to FALSE, not TRUE. The parameter does not mean that the network is to be used for authentication. Instead, it tells the database to trust whatever name is passed over by the client program. Obviously, this is a bad idea in most cases.

                                                                      Rick

P.S. To respond by mail, please reverse the "elcaro".
                                Rick Wessman
                                Oracle Corporation
     The opinions expressed above are mine and do not necessarily reflect
                         those of Oracle Corporation.

Received on Thu Apr 10 2003 - 19:03:36 CEST

This message: [ Message body ]
Next message: Didier: "Re: OS authentication"
Previous message: Sybrand Bakker: "Re: os authentication for sys"
Maybe in reply to: Frank: "Re: OS authentication"
Next in thread: Didier: "Re: OS authentication"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message