Oracle OS verification Logon

From the earliest version to today, Oracle has continuously improved its username and password security policies. For example, after entering 11 GB, DefaultProfile requires regular user passwords.

From the earliest version to today, Oracle has continuously improved its user name and password security policies. For example, after entering 11 GB, the Default Profile requires regular user passwords.

Username and password are our most common security authentication policies and the most common security protection policies we use in various application system software. It is a natural responsibility for Oracle to maximize the security of system data.

From the earliest version to today, Oracle has continuously improved its user name and password security policy. For example, after entering the 11g, the Default Profile requires regular user password modification, strengthen the user password encryption algorithm and optimize and improve data dictionary views such as dba_users. Today we are going to discuss another Oracle verification policy-OS verification policy.

Here, we need to clarify. The most common OS verification policy occurs on the Oracle server. Outstanding Performance: If we have passed the operating system-level verification, that is, logging on to the server (Remote Desktop or SecurCRT), Oracle considers that the current user can pass the authentication, no additional database verification is required. Of course, this requires that operating system users belong to specific user groups, such as oinstall and dba in Linux. For example, we often start the conn/method used to disable the server, which is the login authentication method of this type. Note: By configuring parameters in sqlnet. ora, we can disable this feature.

The common OS authentication policy has two features: one is that the server takes effect locally and the client's Anonymous logon is invalid. The other user can only log on to the system as the administrator, but cannot log on to other users. Is there a way to remotely and anonymously log on to the client and implement non-sys users?

--------------------------------------------------------------------------------

Installing Oracle 12C in Linux-6-64

Install Oracle 11gR2 (x64) in CentOS 6.4)

Steps for installing Oracle 11gR2 in vmwarevm

Install Oracle 11g XE R2 In Debian

--------------------------------------------------------------------------------

In this article, we will introduce this method.

1. experiment environment Introduction

The lab environment is Oracle 11g, and the specific version is 11.2.0.4. The server is in Linux.

SQL> select * from v $ version;

BANNER

---------------------------------------

Oracle Database 11g Enterprise Edition Release 11.2.0.4.0-64bit Production

PL/SQL Release 11.2.0.4.0-Production

CORE 11.2.0.4.0 Production

TNS for Linux: Version 11.2.0.4.0-Production

NLSRTL Version 11.2.0.4.0-Production

Parameters related to this experiment are kept in the default state.

SQL> show parameter OS

NAME TYPE VALUE

-----------------------------------------------------------------------------

Db_lost_write_protect string NONE

Diagnostic_dest string/u01/app

Optimizer_index_cost_adj integer 100

OS _authent_prefix string ops $

OS _roles boolean FALSE

Remote_ OS _authent boolean FALSE

Remote_ OS _roles boolean FALSE

Timed_ OS _statistics integer 0

By default, you can only perform Anonymous Logon on the server. After logon, the system role with the highest permission appears.

SQL> conn/as sysdba

Connected.

SQL> show user

USER is "SYS"

The as sysdba logon process is not allowed.

SQL> conn/

ERROR:

ORA-01017: invalid username/password; logon denied

Next we will discuss how to perform OS-level verification.

For more details, please continue to read the highlights on the next page: