系统认证可以让OS用户在登录oracle 系统时不需要提供密码,用以下方式就可以轻松登录
sqlplus /;
sqlplus /@service;
首先在操作系统创建操作系统用户,以下操作是在RHEL linux 5
useradd zhang;
password zhang;
su - zhang
sqlplus /
如果提示
sqlplus: error while loading shared libraries: libsqlplus.so: cannot open shared object file: No such file or director
网上查询确认为ORACLE 10g R2的一个BUG,版本号为4516865, 从网上下载了补丁,切回oracle用户关闭实例,把下载的文件changePerm.sh和restrict.lst解压到 $ORACLE_HOME/install目录下,之后进行如下操作:
[oracle@NCTEST install]$ ls
changePerm.sh restrict.lst
[oracle@NCTEST install]$ chmod 755 changePerm.sh
[oracle@NCTEST install]$ chmod 644 restrict.lst
[oracle@NCTEST install]$ ls -l
total 20
-rwxr-xr-x 1 oracle oinstall 10776 Feb 18 2006 changePerm.sh
-rw-r--r-- 1 oracle oinstall 7660 Feb 16 2006 restrict.lst
[oracle@NCTEST install]$ ./changePerm.sh
----------------------------------------------------------------------------
Disclaimer: The purpose of this script. is to relax permissions on some of the files in the database Oracle Home so that all clients can access them.
Please note that Oracle Corporation recommends using the most restrictive file permissions as possible for your given implementation. Running this script. should be done only after considering all security ramifications.
----------------------------------------------------------------------------
Do you wish to continue (y/n) [n]: y
Finished running the script. successfully
Please see /tmp/changePerm_err.log for errors and /tmp/changePerm.log for the log of events
补丁安装说明成功
# su - zhang
$ export ORACLE_HOME=/u01/app/oracle/product/10.1.0/db_1
$ export PATH=$PATH:$ORACLE_HOME/bin
$ export ORACLE_SID=orcl
$ sqlplus /
SQL*Plus: Release 10.1.0.3.0 - Production on Wed Jun 7 08:43:30 2006
Copyright (c) 1982, 2004, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
In both cases, the connections failed because we have not told Oracle the users are OS authenticated. To do this, we must create an Oracle user, but first we must check the value of the Oracle OS_AUTHENT_PREFIX initialization parameter.
SQL> SHOW PARAMETER os_authent_prefix
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
os_authent_prefix string ops$
SQL> create user ops$zhang identified by enterally;
User created.
SQL> grant connect to ops$zhang;
Grant succeeded.
SQL> host
[oracle@orazhang admin]$ su - zhang
Password:
[zhang@orazhang ~]$ export ORACLE_HOME=/u01/app/oracle/product/10.1.0/db_1
[zhang@orazhang ~]$$ export PATH=$PATH:$ORACLE_HOME/bin
[zhang@orazhang ~]$ export ORACLE_SID=orcl
[zhang@orazhang ~]$ echo $ORACLE_SID
orcl
[zhang@orazhang ~]$ sqlplus /
SQL*Plus: Release 10.2.0.1.0 - Production on Fri Apr 1 12:03:22 2011
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Production
With the Partitioning, OLAP and Data Mining options
SQL> show user
USER is "OPS$ZHANG"
SQL> select * from tab;
no rows selected
SQL>
成功
----------------
这个ops$前缀的定义在初始化参数中定义OS_AUTHENT_PREFIX
如果OS_AUTHENT_PREFIX="OPS$",
数据库用户名=OPS$+操作系统用户
如果OS_AUTHENT_PREFIX=""
数据库中用户名=操作系统用户名
如果remote_os_authent 配置为true,将回开启远程系统认证,远程机器就可以sqlplus /@service远程系统认证,是有一定危险的。
「喜欢文章,快来给作者赞赏墨值吧」 赞赏
【版权声明】本文为墨天轮用户原创内容,转载时必须标注文章的来源(墨天轮),文章链接,文章作者等基本信息,否则作者和墨天轮有权追究责任。如果您发现墨天轮中有涉嫌抄袭或者侵权的内容,欢迎发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。
评论
请登录后发表评论
975
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
