From: Ed Kulis <ekulis@apple.com>
Subject: Re: How to logon via SQL*NET as OPS$USERS
Date: 2000/06/06
Message-ID: <393D8EB4.1C23C02E@apple.com>#1/1
Content-Transfer-Encoding: 7bit
References: <8h79vu$2b7o$1@news.cz.js.cn>
X-Accept-Language: en
Content-Type: text/plain; charset=us-ascii; x-mac-type="54455854"; x-mac-creator="4D4F5353"
X-Complaints-To: usenet@news.apple.com
X-Trace: news.apple.com 960335336 27548 17.216.18.78 (6 Jun 2000 23:48:56 GMT)
Organization: Apple Computer, Inc.
Mime-Version: 1.0
Reply-To: ekulis@apple.com
NNTP-Posting-Date: 6 Jun 2000 23:48:56 GMT
Newsgroups: comp.databases.oracle.tools


Hi there,

There's another way to get the OPS$ effect that will work remotely as well as
locally.
I've had the same problem with remote auth and I never looked into it to fix
it.

In the DB create a schema/user name of "login" and give it a passwd of
"login".
grant connect and create session to "login" and don't grant anything else.

Now you can sign in as say
    sqlplus login/login@remoteserver
or just
     sqlplus login/login
locally.

There's no real danger because the login name can't access  or run anything
with out any grants. Make the username and passwd bizarre if you don't want
any outsiders who read this news group guessing at it.


Once at the SQL> prompt you can
        connect realschema/realpasswd

This prevents the name/passwd from appearing in the Unix ps list as well.

Even better is to create some script that echos the name and passwd string
and access it from the SQL prompt with the backtick method
    connect `namepasswd.acn` ;

The script echos 'realschema/realpasswd` to stdout and thus sqlplus sees
    connect  realschema/realpasswd ;
and your in.

    chmod 500 namepasswd.acn
will make it so that only the unix user can actually run the script.

If you organize your Unix groups and put the script in a standard path
directory then
    chmod 550 namepasswd.acn
will allow the trusted group members to use the script and no one will need
to hard code the name and passwd into the sqlplus script.

-ed



Michael wrote:

> Dear all,
>
> I am newbie of ORACLE. Thanks a lot if someone can help me.
>
> I create a operating system user USERS and create a oracle user OPS$USERS.
> Now I can access it on the local SCO Unix, but I can't access it through
> SQL*NET on another PC.
> I have set remote_os_authent in init.ora to TRUE.
> Is there anything I miss?
>
> Thanks a lot!
>
> Michael
> gzwjt@21cn.com

--
- Ed Kulis    --CRM Data Lead(IS&T)-- email: ekulis@apple.com
- Apple       --Building: VG 6 West-- voice: 408-974-3998
- 1 Infinite Loop, MS: 60-CAR         fax  : 408-974-6528
- Cupertino, CA 95014                 cell : 408-406-5190