Re: password file on rac

On Tue, 06 Dec 2005 22:20:12 -0800, Andreas Sheriff wrote:

> Database Password and Role Management in Real Application Clusters
> If you did not enable operating system authentication for the database
> server, then Oracle uses a password file for each instance of a Real
> Application Clusters database to authenticate user access to the database.

Actually, it's exactly the opposite. Privileged users will be authenticated by OS only if the use of password file is explicitly disabled:

REMOTE_LOGIN_PASSWORDFILE

Property 	Description
Parameter type 	String
Syntax 	REMOTE_LOGIN_PASSWORDFILE=

{NONE | SHARED}
Default value 	SHARED
Modifiable 	No
Basic 	Yes
Real Application Clusters 	Multiple instances must have the same value.

REMOTE_LOGIN_PASSWORDFILE specifies whether Oracle checks for a password file.

Values:

    *

      NONE       Oracle ignores any password file. Therefore, privileged users must be authenticated by the operating system.     *

      SHARED       One or more databases can use the password file. The password file can contain SYS as well as non-SYS users.

Note:
The value EXCLUSIVE is supported for backward compatibility. It now has the same behavior as the value SHARED.

> Because these password files are private to each instance,

I believe they're not private, as the above manual says. This is a page from 10.2 reference manual.

-- 
http://www.mgogala.com