RE: Oracle Security

RE: Oracle Security

 

  

If you're using OEM standalone directly on the database server, the server will authenticate using your OS User's credentials.

If you're on a Windows Server and don't want that user to have access to logon to the database, you need to remove that userID from the ORA_DBA group.
When accessing your database, you will need to enter a user ID and password when logged on to your server.
This will also prevent you from loging on to SQLPLUS with "/" or "/as sysdba" without a password.

I'm not sure if there are any other repercussions to this action (I don't think there are... someone might be able to elaborate).

Charles.

-----Original Message-----
From: Hemant Patil
[mailto:oracledba-ezmlmshield-x34623861.[Email address protected]
Sent: February 28, 2006 10:21 AM
To: LazyDBA Discussion
Subject: RE: Oracle Security


Hey thanks for reply.

I've checked in Configuration -> Edit Local Preferred Credentials, where
for none of my databases I've saved the credentials. Everything is already blank.
I don't know what to do now.

Strange thing is while connecting, if I leave the credentials blank then also I'm able to log in.

Hemant.

-----Original Message-----
From: Champagne Charles
[mailto:oracledba-ezmlmshield-x25597406.[Email address protected]
Sent: Tuesday, February 28, 2006 8:30 PM
To: LazyDBA Discussion
Subject: RE: Oracle Security


Sounds like you have your local preferred credentials setup.

If you're using OEM 9i standalone, goto menu Configuration -> Edit Local Preferred Credentials
- Select the service name.
- Remove the UserName, Password and Confirm Password.

If auto logon is an issue for you, make sure not to check the "Save As Local Preferred Credentials" when asked to logon.

Hope this helps.
Charles.
Ottawa.

-----Original Message-----
From: Hemant Patil
[mailto:oracledba-ezmlmshield-x64579541.[Email address protected]
Sent: February 28, 2006 9:51 AM
To: LazyDBA Discussion
Subject: Oracle Security


Hi All,

I am facing one issue, hope you can help me out.

In DBA Studio (8i) & Enterprise Manager (9i), I've noticed there is no security.
Anybody, can connect to the database and start of shutdown the database.
Even blank user ID and blank Password and connect to the database as a sysdba privileges.

Its a very serious issue I'm suffering and needed to closed as early as possible.
Please let me know why this is happening or else I'm missing something in the implementation.

Thanks in advance.
Hemant.


--------
website: http://www.LazyDBA.com
Please don't reply to RTFM questions
Oracle documentation is here: http://tahiti.oracle.com
To unsubscribe: see http://www.lazydba.com/unsubscribe.html
To subscribe: see http://www.lazydba.com
By using this list you agree to these terms:http://www.lazydba.com/legal.html



--------
website: http://www.LazyDBA.com
Please don't reply to RTFM questions
Oracle documentation is here: http://tahiti.oracle.com
To unsubscribe: see http://www.lazydba.com/unsubscribe.html
To subscribe: see http://www.lazydba.com
By using this list you agree to these terms:http://www.lazydba.com/legal.html



--------
website: http://www.LazyDBA.com
Please don't reply to RTFM questions
Oracle documentation is here: http://tahiti.oracle.com
To unsubscribe: see http://www.lazydba.com/unsubscribe.html
To subscribe: see http://www.lazydba.com
By using this list you agree to these terms:http://www.lazydba.com/legal.html


Oracle LazyDBA home page