HPE Community
Operating System - HP-UX
1752781 Members
6690 Online
108789 Solutions
New Discussion юеВ

Achieving the same functionality as "remote_os_authent" in oracle 11gR1

 
kumasudh
Advisor

тАО07-16-2008 04:36 AM

тАО07-16-2008 04:36 AM

Achieving the same functionality as "remote_os_authent" in oracle 11gR1

Hi,

Here is what i am trying to do in oracle 11g database.
1)create a user in databse identified 'EXTERNALLY'
2)sqlplus> grant dba, connect, resource to
3)do "su - " on unix prompt.
4)sqlplus /nolog
5)sqlplus> connect /@SERVICE_NAME

I get this error "ORA-01017: invalid username/password; logon denied".

my database has

SQL> show parameter remote_os_authent;

NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
remote_os_authent boolean FALSE

SQL> show parameter os_authent_prefix;

NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
os_authent_prefix string ops$

Knowing that "remote_os_authent" param is been deprecated in 11g . Any help to get a workaround for this will be greatly appreciated.

Thanks,
Sudhir
0 Kudos
Reply
4 REPLIES 4
Yogeeraj_1
Honored Contributor

тАО07-16-2008 10:26 AM

тАО07-16-2008 10:26 AM

Re: Achieving the same functionality as "remote_os_authent" in oracle 11gR1

Hi Sudhir,

AS you say it, this parameter is now deprecated.

try:
alter system reset remote_os_authent scope=spfile;

see metalink note: 456001.1

kind regards
yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
0 Kudos
Reply
kumasudh
Advisor

тАО07-16-2008 08:20 PM

тАО07-16-2008 08:20 PM

Re: Achieving the same functionality as "remote_os_authent" in oracle 11gR1

Hi Yogeraj,

Thanks for the suggestion. But my problem is not starting the database .Because i have already removed the remote_os_authent parameter from the spfile and then started the database and it comes up nicely. My problem starts when i try to login as a user but don't specify the passwd with the connect string .

4)sqlplus /nolog
5)sqlplus> connect /@SERVICE_NAME
step "5" is the place where i have problem .And the problem is because of the "remote_os_authent" parameter is not been set to "TRUE" because by default it would be false. And the Oracle 11g doesn't allow you put this parameter explicitly in the spfile(because deprecated..).

So my request is to get a workaround which will get me the same behavior which i could get after setting this parameter as "TRUE" in the spfile .

Thanks,
Best Regards
Sudhir
0 Kudos
Reply
patrik rybar_1
Frequent Advisor

тАО07-16-2008 08:50 PM

тАО07-16-2008 08:50 PM

Re: Achieving the same functionality as "remote_os_authent" in oracle 11gR1

if you read this NOTE closely, you will find this:
REMOTE_OS_AUTHENT specifies whether remote clients will be authenticated over insecure connections, this parameter is now deprecated. It is retained for backward compatibility only. Stepping up 'out-of-the-box' security Oracle has decided to deprecate this potentially dangerous parameter in the 11g release.

and this mean , in 11g you cannot create unsecure blackhole into 11g database


if you need to connect as slash as sysdba
from the same server as the oracle owner
just set your sid in your shell and than in sqlplus issue
connect / as sysdba

if you wanted set the external authentification for users read this for example :
http://www.filibeto.org/sun/lib/nonsun/oracle/11.1.0.6.0/B28359_01/network.111/b28530/asoauth.htm

or here http://www.oracle.com/pls/db111/homepage
in the section authentication method

http://download.oracle.com/docs/cd/B28359_01/server.111/b28318/security.htm#CNCPT1556
0 Kudos
Reply
Yogeeraj_1
Honored Contributor

тАО07-17-2008 09:06 AM

тАО07-17-2008 09:06 AM

Re: Achieving the same functionality as "remote_os_authent" in oracle 11gR1

hi again,

as mentioned by Patrik, you cannot do this anymore with Oracle 11g.

Why do you need this functionality?

revert!
kind regards
yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.