Re: Authentication Problem

From: Jared Still <jkstill_at_gmail.com>
Date: Mon, 4 Feb 2008 10:25:33 -0800
Message-ID: <bf46380802041025i572617dfmc7ef5eea960160e4@mail.gmail.com>

On Jan 30, 2008 6:53 PM, Jack van Zanen <jack_at_vanzanen.com> wrote:

>
> When creating the domain user in the database you use double quotes ( "OPS$<domainname>\<username>"
> ). It than becomes case sensitive as well. Make sure the case is spot on.
>
> log on to the database as a dba user and look in v$session to see exact
> spelling of your os account.
>
>
> Jack
>

Creating an account with domainnname/username is not necessary when connecting
to Oracle on unix/linux from a windows client.

I just created an account on 2 different databases on linux using "OPS$<myusername>".
No domain name.

One server knows how to authenticate via AD, the other does not.

Both allowed an OS authenticated login from a Windows client.

Setting remote_os_authent=true is a rather dangerous option.

If is *extremely* easy for a windows client to gain ownership of the database when remote_os_authent=true.

If you set it, you better be using invited_nodes in sqlnet.ora to limit who can get to the database.

Jared

-- 
Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist

--
http://www.freelists.org/webpage/oracle-l

Received on Mon Feb 04 2008 - 12:25:33 CST

This message: [ Message body ]
Next message: Dennis Williams: "Re: Licensing costs"
Previous message: VIVEK_SHARMA: "High "log buffer space" wait in BATCH Type Transactions"
Maybe in reply to: Jack van Zanen: "Re: Authentication Problem"
Reply: Jack van Zanen: "Re: Authentication Problem"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message