RE: CONNECTING as SYSDBA via OS-AUTHENTICATION ...

RE: CONNECTING as SYSDBA via OS-AUTHENTICATION ...

 

  


I had 4 instances on one server much like you do with a different unix user
as owner of each instance. When I logged in, the environment, based on the
oracle owner, was set to the correct sid and oracle home etc.

I could login sqlplus '/as sysdba'.

Right now I get the same results as you with sqlplus '[Email Address Removed] as sysdba'
and sqlplus '/@test as sysdba'.

On the db server, I believe sqlplus '/as sysdba' will work even without a
password file. Password file is needed for remote access. Are you sure that
dba is the oracle group? That is the default, but it can be different.


| Henry A.L. Wollman Rejoice and be glad!
|_____________________________________________________
| Moody Bible Institute, Database Administrator, [Email address protected]
| 820 N. LaSalle Blvd, Chicago, IL 60610 312-329-2291
|_____________________________________________________
-----Original Message-----
From: BenBart
[mailto:oracledba-ezmlmshield-x37076507.[Email address protected]
Sent: Wednesday, January 04, 2006 3:28 PM
To: LazyDBA Discussion
Subject: RE: CONNECTING as SYSDBA via OS-AUTHENTICATION ...

Hi Joel,

I think you're right, the 'export' and 'set' are reversed ...

Do I set SQLNET.AUTHENTICATION_SERVICES= (NTS) only if I want to include
Windows Users/Logins?

Henry:

sqlplus '/as sysdba' will work if you've run oraenv in which case ORACLE_SID
and ORACLE_HOME are set which in theory is equivalent to what Juliano
suggested. My scenario is like this:

ONE SERVER, FOUR INSTANCES, 3 ARE ORACLE9 and 1 IS ORACLE10
The INSTANCES are installed with oracle1:dba, oracle2:dba, oracle3:dba,
oracle4:dba as the owner and group
All instances have password files and sysdba password is set

Because I can telnet to the server, and all these databases are local to the
server, I thought I should be able to just do sqlplus "/as sysdba" but
obviously, I need to supply a connection string.

So I tried sqlplus "@testdb / as sysdba", now Oracle assumes testdb is a
script and spits out

SP2-0310: unable to open file "testdb / as sysdba.sql"
Enter user-name:

Fair enough, so I tried sqlplus "/@testdb as sysdba", now Oracle complains
....

SQL*Plus: Release 9.2.0.5.0 - Production on Thu Jan 5 10:13:53 2006

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

ERROR:
ORA-01031: insufficient privileges

Finally, I tried, sqlplus "[Email Address Removed] /as sysdba", that works, but then it
asked for a password which I supplied and managed to login. Now, if I am to
write a script that needs to connect to each of these databases and amongst
these databases, I want to just be able to use sqlplus "/@testdb as sysdba"
so I do not have to supply a username and password because the scripts are
run locally on the server anyway and I don't want to be having
usernames/password visible on my scripts. Not sure if I should set the
REMOTE OS AUTHENTICATION parameter and then create OPS$ users? I wouldn't
mind having to do sqlplus "/@testdb as sysdba" from a Windows client and
then supplying the password but not on my UNIX scripts which are to run
locally on the servers.

Any feedback will be very much appreciated .... thanks ...





On Wed, 4 Jan 2006 14:59:24 -0500, "Patterson Joel "
<oracledba-ezmlmshield-x39608455.[Email address protected] wrote:
> Hi. Are you sure you don't have your 'export' and 'set' reversed...
> Linux/Windows?
>
> -----Original Message-----
> From: henry Wollman
> [mailto:oracledba-ezmlmshield-x24029336.[Email address protected]
> Sent: Wednesday, January 04, 2006 2:36 PM
> To: LazyDBA Discussion
> Subject: RE: CONNECTING as SYSDBA via OS-AUTHENTICATION ...
>
>
> or
> sqplus '/as sysdba'
>
> | Henry A.L. Wollman Rejoice and be glad!
> |_____________________________________________________
> | Moody Bible Institute, Database Administrator, [Email address
> protected]
> | 820 N. LaSalle Blvd, Chicago, IL 60610 312-329-2291
> |_____________________________________________________
> -----Original Message-----
> From: jsf [mailto:oracledba-ezmlmshield-x70852382.[Email address
> protected]
> Sent: Tuesday, January 03, 2006 11:13 PM
> To: LazyDBA Discussion
> Subject: Re: CONNECTING as SYSDBA via OS-AUTHENTICATION ...
>
> Hi,
>
> I've already have that problem before... please do a few checks which
> could help you:
>
> 1) Ensure that you're logging in the OS as a user which is in the DBA
> group(ORA_DBA Windows and oinstall on linux).
>
> 2) Ensure that you've correctly set ORACLE_HOME and ORACLE_SID
> environment
> variables
>
> export ORACLE_SID=testdb (Windows)
> or
> set ORACLE_SID=testdb (Linux)
>
> 3) Ensure that your SQLNET.ORA has this entry:
>
> SQLNET.AUTHENTICATION_SERVICES= (NTS)
>
> 4) If using Windows, check if register entries (using regedit) are set
> correctly.
>
> 5) Then you should be able to log in using
>
> conn / as sysdba
>
> HTH,
>
> Juliano
>
>> Hi all,
>>
>> I have four databases on the same server, does anyone know how to
>> configure OS authentication to connect as sysdba? At the moment, am
>> connecting as follows:
>>
>> sqlplus "[Email Address Removed] /as sysdba"
>> sqlplus "sys/[Email Address Removed] /as sysdba"
>>
>> The first option will prompt for the SYS password. Since am logged
> into
>> the box anyway and the databases are on the same machine, I want to
> use OS
>> authentication instead. Is it as simple as doing a create user with
> the
>> OPS$ appended to the OS USER?
>>
>>
>>
>>
>>
>> --------
>> website: http://www.LazyDBA.com
>> Please don't reply to RTFM questions
>> Oracle documentation is here: http://tahiti.oracle.com
>> To unsubscribe: see http://www.lazydba.com/unsubscribe.html
>> To subscribe: see http://www.lazydba.com
>> By using this list you agree to these
>> terms:http://www.lazydba.com/legal.html
>>
>
>
>
>
> --------
> website: http://www.LazyDBA.com
> Please don't reply to RTFM questions
> Oracle documentation is here: http://tahiti.oracle.com
> To unsubscribe: see http://www.lazydba.com/unsubscribe.html
> To subscribe: see http://www.lazydba.com
> By using this list you agree to these
> terms:http://www.lazydba.com/legal.html
>
>
>
> --------
> website: http://www.LazyDBA.com
> Please don't reply to RTFM questions
> Oracle documentation is here: http://tahiti.oracle.com
> To unsubscribe: see http://www.lazydba.com/unsubscribe.html
> To subscribe: see http://www.lazydba.com
> By using this list you agree to these
> terms:http://www.lazydba.com/legal.html
>
>
>
>
> ------



--------
website: http://www.LazyDBA.com
Please don't reply to RTFM questions
Oracle documentation is here: http://tahiti.oracle.com
To unsubscribe: see http://www.lazydba.com/unsubscribe.html
To subscribe: see http://www.lazydba.com
By using this list you agree to these
terms:http://www.lazydba.com/legal.html


Oracle LazyDBA home page