Oracle password files and logon methods
Preface:
As we all know, the Oracle database has a password file, which is used to log on to the database and perform a series of mount and open operations when the database is not started;
The experiment shows how to create an ORACLE password file and related features;
Oracle Password File
Install Oracle 11gR2 (x64) in CentOS 6.4)
Steps for installing Oracle 11gR2 in vmwarevm
Install Oracle 11g XE R2 In Debian
1. Password File Path
Windows platform $ ORACLE_HOME \ database
Linux platform $ ORACLE_HOME/dbs
2. Password File Format
Windows platform PWDsid. ora
Linux orapwsid
3. Password File Creation Method
Orapwd file = filename [ENTRIES = numusers] [FORCE = {Y | N}] [IGNORECASE = {Y | N}]
Related parameters:
Argument |
Description |
FILE |
Name to assign to the password file. you must supply a complete path. if you supply only a file name, the file is written to the current directory. (password file name, which must be named according to the above format) |
ENTRIES |
(Optional) Maximum number of entries (user accounts) to permit in the file) |
FORCE |
(Optional) If y, permits overwriting an existing password file. (If the password file already exists, it can be overwritten) |
IGNORECASE |
(Optional) If y, passwords are treated as case-insensitive. (case-insensitive. This parameter also needs to be associated with the SEC_CASE_SENSITIVE_LOGO parameter) |
Example: orapwd file = orapworcl password = oracle force = y
4. There are two authentication methods for password files:
Use authentication integrated with the operating system
Use the password file of the Oracle database for Identity Authentication
Two parameters are involved when two types of password authentication are passed:
4.1 remote_login_passwordfile = none | exclusive | shared is located in the $ ORACLE_HOME/dbs/spfile $ ORACLE_SID.ora parameter file.
None: Do not authenticate the password file. You must pass operating system authentication, that is, the privileged user of the database can only log on from the operating system.
Exclusive: used exclusively for Password File authentication (default)
Shared: Password File authentication is required. Different instance dba users can share password files.
4.2 $ ORACLE_HOME/network/admin/sqlnet. ora
SQLNET. AUTHENTICATION_SERVICES = none | all | ntf (windows)
None: indicates that operating system authentication is disabled and password authentication is only allowed.
All: used for linux or unix platforms. It disables Password File authentication on the local machine and adopts OS authentication. However, password file authentication can be used remotely <on a different machine>.
NT: used for windows Platforms
Note: When both 1 and 2 are none, the sys user will not be able to log on (although unreasonable, it is also true after lab verification)