Authentication methods of ORACLESYSDBA and Sysoper

Source: Internet
Author: User
Tags true true oracle database sqlplus

1.ORACLE There are two ways to authenticate Sysdba/sysoper users:

1. Operating system Level Authentication: that is, login to the Oracle database host, use the following user login, you can directly use Sqlplus/as SYSDBA login: Under Linux/unix under the DBA Authority Group (Linux/unix) users, Users under Windows who are subordinate to the ORA_DBA Group;

2. Remote Authentication: Password file authentication, that is, in any host can use Sqlplus sys/xxx@sid login.

2. There are two different ways to have individual switches:

1. Operating system level Certification switch: Sqlnet.ora authentication_services, when Sqlnet.authentication_services=nts,nts representative ntsecurity, that is, the use of the OS certification If none is turned off OS level authentication, must use USR/PWD as Sysdba/sysoper landing.

2). password file authentication switch: spfile/pfile remote_login_passwordfile parameter:

Remote_login_passwordfile = EXCLUSIVE, then an instance is dedicated;

Remote_login_passwordfile = share can be shared by multiple instances (for OPS/RAC environments);

Remote_login_passwordfile = None does not enable the password file, no sysdba/sysoper can be connected at this time.

Remote_login_passwordfile = Shared:more than one database canuse a password file. However, the only user recognized by the password file Issys.

OS level Authentication is preferred over password file authentication. These two authentication methods can be opened at the same time, closed or open only one, as shown below:

3. password file:

1). Generation and reconstruction of password files

Orapwd file=filename Password=password entries=max_users

Filename:name of the password file (mandatory)

password:the Password Forsysoperand SYSDBA (mandatory)

Entries:the Maximum number ofdistinct users allowed to connect as Sysdbaor

Sysoper. If you are exceed this number,you must create a new password file. It is safer to have a larger number. Thereare no spaces around the equal-to (=) character.

Windows password file default location is the Ora92/database directory, the default file name is Pwdsid.ora,linux under the ORACLE default location is $oracle_home/dbs directory, the default file name is Orapwsid, It is not recognized for other filenames.

2). Maintenance and query of password file users

Executing the grant Sysdba/sysoper to user, Oracle automatically adds an entry to the password file and the password copy comes in.

SELECT * Fromv$pwfile_users can view password file

For example:

Sql> Grant Sysdbato Scott;

Grant succeeded

sql> SELECT * fromv$pwfile_users;

USERNAME SYSDBA Sysoper sysasm

------------------------------------ ------- ------

SYS true True FALSE

SCOTT TRUE False

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.