Oracle password files and logon methods

Oracle password files and logon methods

Preface:

As we all know, the Oracle database has a password file, which is used to log on to the database and perform a series of mount and open operations when the database is not started;

The experiment shows how to create an ORACLE password file and related features;

Oracle Password File

Install Oracle 11gR2 (x64) in CentOS 6.4)

Steps for installing Oracle 11gR2 in vmwarevm

Install Oracle 11g XE R2 In Debian

1. Password File Path

Windows platform $ ORACLE_HOME \ database

Linux platform $ ORACLE_HOME/dbs

2. Password File Format

Windows platform PWDsid. ora

Linux orapwsid

3. Password File Creation Method

Orapwd file = filename [ENTRIES = numusers] [FORCE = {Y | N}] [IGNORECASE = {Y | N}]

Related parameters:

Argument	Description
FILE	Name to assign to the password file. you must supply a complete path. if you supply only a file name, the file is written to the current directory. (password file name, which must be named according to the above format)
ENTRIES	(Optional) Maximum number of entries (user accounts) to permit in the file)
FORCE	(Optional) If y, permits overwriting an existing password file. (If the password file already exists, it can be overwritten)
IGNORECASE	(Optional) If y, passwords are treated as case-insensitive. (case-insensitive. This parameter also needs to be associated with the SEC_CASE_SENSITIVE_LOGO parameter)

Example: orapwd file = orapworcl password = oracle force = y

4. There are two authentication methods for password files:

Use authentication integrated with the operating system

Use the password file of the Oracle database for Identity Authentication

Two parameters are involved when two types of password authentication are passed:

4.1 remote_login_passwordfile = none | exclusive | shared is located in the $ ORACLE_HOME/dbs/spfile $ ORACLE_SID.ora parameter file.

None: Do not authenticate the password file. You must pass operating system authentication, that is, the privileged user of the database can only log on from the operating system.

Exclusive: used exclusively for Password File authentication (default)

Shared: Password File authentication is required. Different instance dba users can share password files.

4.2 $ ORACLE_HOME/network/admin/sqlnet. ora

SQLNET. AUTHENTICATION_SERVICES = none | all | ntf (windows)

None: indicates that operating system authentication is disabled and password authentication is only allowed.

All: used for linux or unix platforms. It disables Password File authentication on the local machine and adopts OS authentication. However, password file authentication can be used remotely <on a different machine>.

NT: used for windows Platforms

Note: When both 1 and 2 are none, the sys user will not be able to log on (although unreasonable, it is also true after lab verification)