Shulou(Shulou.com)05/31 Report--

This article will explain in detail what is the use of Oracle password files for you. The editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

-- = =

-- Oracle password file

-- = =

/ *

I. password file

Function: mainly for identity authentication of DBA authority

DBA user: a user with sysdba,sysoper authority is called a dba user. By default, there are sys users in the sysdba role and system users in the sysoper role

2. Two authentication methods of Oracle

1. Use authentication integrated with the operating system

two。 Use the password file of the Oracle database for authentication

The location of the password file

Storage location under Linux: $ORACLE_HOME/dbs/orapw$ORACLE_SID

Namely: ORACLE_HOME/dbs/orapw

Storage location under Windows: $ORACLE_HOME/database/PWD%ORACLE_SID%.ora

The order in which password files are found

-> orapw--- > orapw--- > Failure

Two authentication methods: similar to windows authentication and SQL server authentication in SQL server

It is decided that in two parameters

1.remote_login_passwordfile = none | exclusive | shared is located in the $ORACLE_HOME/dbs/spfile$ORACLE_SID.ora parameter file

None: no password file authentication

Exclusive: to authenticate the password file, use it exclusively (default)

Shared: to authenticate password files, dba users with different instances can share password files

2. $ORACLE_HOME/network/admin/sqlnet.ora

SQLNET.AUTHENTICATION_SERVICES = none | all | ntf (windows)

None: disable operating system authentication, only password authentication

All: for linux or unix platforms, turn off local password file authentication and use operating system authentication, but password file authentication can be used remotely

Nts: for windows platform

Different combinations

1 2

None none sys users are not available either locally or remotely

Demonstration: the experiment determines whether the operating system authentication or password authentication is currently used.

1. Append SQLNET.AUTHENTICATION_SERVICES = none to sqlnet.ora

Oracle@testdb admin] $vi sqlnet.ora

SQLNET.AUTHENTICATION_SERVICES = none

~

"sqlnet.ora" [New] 1L, 39C written

[oracle@testdb admin] $

-- failed to log in to authentication using the operating system

[oracle@testdb admin] $sqlplus / as sysdba

SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:26:22 2017

Copyright (c) 1982, 2013, Oracle. All rights reserved.

ERROR:

ORA-01017: invalid username / password; login denied

Enter user-name:

ERROR:

ORA-01017: invalid username/password; logon denied

Enter user-name:

ERROR:

ORA-01017: invalid username/password; logon denied

SP2-0157: unable to CONNECT to ORACLE after 3 attempts, exiting SQL*Plus

[oracle@testdb admin] $

Use password authentication to log in successfully.

[oracle@testdb admin] $sqlplus sys/oracle as sysdba

SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:27:04 2017

Copyright (c) 1982, 2013, Oracle. All rights reserved.

Connected to:

Oracle Database 11g Enterprise Edition Release 11.2.0.4.0-64bit Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL >

two。 Change the value of SQLNET.AUTHENTICATION_SERVICES to all

[oracle@testdb admin] $cat sqlnet.ora

SQLNET.AUTHENTICATION_SERVICES = all

[oracle@testdb admin] $

[oracle@testdb admin] $cat tnsnames.ora

DBDB =

(DESCRIPTION =

(ADDRESS_LIST =

(ADDRESS = (PROTOCOL = TCP) (HOST = 192.168.56.12) (PORT = 1521))

)

(CONNECT_DATA =

(SERVICE_NAME = DBdb)

)

)

Testdb =

(DESCRIPTION =

(ADDRESS_LIST =

(ADDRESS = (PROTOCOL = TCP) (HOST = 192.168.56.28) (PORT = 1521))

)

(CONNECT_DATA =

(SERVICE_NAME = DBdb)

)

)

[oracle@testdb admin] $

DBDB is a tns that connects to a remote database

Testdb is the tns that connects to the local database

-- using the operating system to log in and authenticate successfully.

[oracle@testdb admin] $sqlplus / as sysdba

SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:36:00 2017

Copyright (c) 1982, 2013, Oracle. All rights reserved.

Connected to:

Oracle Database 11g Enterprise Edition Release 11.2.0.4.0-64bit Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL > exit

Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.4.0-64bit Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

[oracle@testdb admin] $

-- successfully authenticated with local password

[oracle@testdb admin] $sqlplus sys/oracle as sysdba

SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:40:35 2017

Copyright (c) 1982, 2013, Oracle. All rights reserved.

Connected to:

Oracle Database 11g Enterprise Edition Release 11.2.0.4.0-64bit Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL >

-- failed to use local password authentication and native tns connection

[oracle@testdb admin] $sqlplus sys/oracle@testdb as sysdba

SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:36:17 2017

Copyright (c) 1982, 2013, Oracle. All rights reserved.

ERROR:

ORA-12641: Authentication service failed to initialize

Enter user-name:

ERROR:

ORA-01017: invalid username/password; logon denied

-- using the client remote password connection method to connect to the local machine, successfully:

C:\ Users\ Administrator > sqlplus system/oracle@192.168.56.28/DBdb

SQL*Plus: Release 11.2.0.1.0 Production on Tuesday 26 December 10:16:53 2017

Copyright (c) 1982, 2010, Oracle. All rights reserved.

Connect to:

Oracle Database 11g Enterprise Edition Release 11.2.0.4.0-64bit Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL >

-- using tns to connect to the tns of other databases, successfully

[oracle@testdb admin] $sqlplus sys/oracle@DBDB as sysdba

SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:36:43 2017

Copyright (c) 1982, 2013, Oracle. All rights reserved.

Connected to:

Oracle Database 11g Enterprise Edition Release 11.2.0.4.0-64bit Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL >

5. Establishment of password file: orapwd * /

[oracle@testdb ~] $orapwd

Usage: orapwd file= password= entries= force=

Where

File-name of password file (mand), / * name of password file orapw*/

Password-password for SYS will be prompted if not specified at command line, / * password of sys user * /

Entries-maximum number of distinct DBA (optional), / * how many sysdba,sysoper users can be put into the password file to remove duplicate records * /

/ * Note the number stored in entries but not the actual number. This is binary data * /

Force-whether to overwrite existing file (optional), / * 10g new parameter. Default is n. Y means override * /.

Ignorecase-passwords are case-insensitive (optional)

Nosysdba-whether to shut out the SYSDBA logon (optional Database Vault only).

There must be no spaces around the equal-to (=) character.

This is the end of this article on "what is the use of Oracle password files?". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.