Home » RDBMS Server » Security » / as sysdba issue with AD membership (11.2.0.4 Windows 2008R2)
| / as sysdba issue with AD membership [message #655469] |
Wed, 31 August 2016 08:13  |
 |
gijskerstens
Messages: 2
Registered: August 2016
|
Junior Member |
|
|
On most of our other servers, we add 1 AD group that contains the various relevant users to the local ORADBA group, and are able to log in with / as sysdba. On 1 server, with the same setup as the others, we get an ORA-01017 Invalid Username / password: logon denied when trying to connect with / as sysdba, usless the AD user logged in is directly a member of the ORADBA group, instead of via an AD group.
Has anyone ever encountered this issue, and knows what causes this difference?
[Updated on: Wed, 31 August 2016 08:49] Report message to a moderator |
|
|
|
|
|
| Re: / as sysdba issue with AD membership [message #655493 is a reply to message #655473] |
Thu, 01 September 2016 01:10  |
|
gijskerstens
Messages: 2
Registered: August 2016
|
Junior Member |
|
|
whoami / groups from server where it fuctions correctly:
GROUP INFORMATION
-----------------
Group Name Type SID Attributes
======================================== ================ ============================================== ===============================================================
Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group
DBS0010004\ora_dba Alias S-1-5-21-2546961453-2121279585-425628438-1000 Mandatory group, Enabled by default, Enabled group
BUILTIN\Users Alias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group
BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner
NT AUTHORITY\REMOTE INTERACTIVE LOGON Well-known group S-1-5-14 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group
LOCAL Well-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group
DAMEN\G-MG-IFS-A Group S-1-5-21-1367750691-1023149619-2204648915-1770 Mandatory group, Enabled by default, Enabled group
Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group
DBS0020056\ora_dba Alias S-1-5-21-3026858500-674165576-603926984-1000 Mandatory group, Enabled by default, Enabled group
BUILTIN\Users Alias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group
BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner
NT AUTHORITY\REMOTE INTERACTIVE LOGON Well-known group S-1-5-14 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group
LOCAL Well-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group
DAMEN\G-MG-IFS-A Group S-1-5-21-1367750691-1023149619-2204648915-1770 Mandatory group, Enabled by default, Enabled group
DAMEN\G-MG-IFS-A is the AD group that my colleagues and myself are part of, and that, in turn, is part of the local ORA_DBA group. On neither server am I directly part of ORA_DBA group
[Updated on: Thu, 01 September 2016 01:15] Report message to a moderator |
|
|
|
Goto Forum:
Current Time: Thu Jan 02 15:40:26 CST 2025
|
] 
Blog
Search
Help
Members
Register
Login
Home
