Snippet Name: USER system authentication
Description: Create Operating System Authenticated User.
Also see: » USER: connection information
» USER: User Information 2
» USER idle time
» USER Information
» USER active connected users
» USER memory use
» USER: Connected Users
» USER: drop user
» USER: misc queries and commands
» USER lock account
» USER password expiration
» USER profile
» USER tablespace quota
» USER temp tablespace
» USER tablespace
» USER password
» USERS: view specific user info
» USERS: view currently connected users
» USERS: view all active users
» USERS: Drop users
» USERS: Lock and Unlock accounts
» USERS: Proxy Users
» USERS: Grant tablespace access
» USERS: Alter a user
» USERS: CREATE USER w/ authentication
» USERS: Creating Users
» CREATE USER
» Drop User example
» Create User example
» Create User
Comment: Automatic logins by PC, Apple MacIntosh, and OS/2 users are not considered to be secure. A user could edit the Oracle configuration file and change their user ID at will. For security reasons, if users of these systems are logging in over the network, Oracle Corporation strongly recommends you disable the ops$ logins in the listener.ora file.
Language: PL/SQL
Highlight Mode: PLSQL
Last Modified: March 16th, 2009
|
Changes TO make FOR external authentication
-- Set the initSID.ora parameters:
remote_os_authent=TRUE
os_authent_prefix = "OPS$"
-- Generate a new spfile:
CREATE spfile FROM pfile='initorabase.ora';
-- Add the following to the sqlnet.ora:
sqlnet.authentication_services = (NTS)
===================================
-- The syntax for CREATE USER where authentication is
-- performed by the operating system on the server
-- Step 1: Connect as system/manager in SQL*Plus and create
-- the Oracle user:
CREATE USER ops$oracle IDENTIFIED EXTERNALLY;
SELECT username, password, external_name
FROM dba_users
ORDER BY 1;
GRANT CREATE session TO ops$oracle;
-- Step 2: Create a user in the operating system named oracle
-- if one does not already exist.
-- Step 3: Go to command line (terminal window in UNIX, cmd in
-- Windows. Type 'sqlplus' (without the single quotes). You
-- should be connected to the database without having to
-- enter a username or password.
===================================
-- The syntax for CREATE USER where authentication is performed
-- by the operating system on the client
-- Step 1: Connect as system/manager in SQL*Plus and create the
-- Oracle user:
CREATE USER "PC100\USER" IDENTIFIED EXTERNALLY;
-- where PC100 is the name of the client computer. Then:
GRANT CREATE SESSION TO "PC100\USER";
-- 2 - Create a user in Windows named USER.
-- 3 - Log on Windows as USER and go to the C:\> command line.
-- Type 'sqlplus' (without the single quotes). You should be
-- connected to your database without having to enter a
-- username or password.
|