Authenticating database administrators methods - Oracle

Discussion

• Nirja Shah   -Posted on 30 Sep 15
  - Database Administrators can authenticate through the database data dictionary, (using an account password) like other users.
  
  - Keep in mind that beginning with Oracle Database 11g Release 1, database passwords are case sensitive. (You can disable case sensitivity and return to pre–Release 11g behavior by setting the SEC_CASE_SENSITIVE_LOGON initialization parameter to FALSE.)
  
  - In addition to normal data dictionary authentication, the following methods are available for authenticating database administrators with the SYSDBA or SYSOPER privilege:
  
  1. Operating system (OS) authentication
  2. A password file
  3. Strong authentication with a network-based authentication service, such as Oracle Internet Directory
  
  - These methods are required to authenticate a database administrator when the database is not started or otherwise unavailable. (They can also be used when the database is available.)
  
  - These methods replace the CONNECT INTERNAL syntax provided with earlier versions of Oracle Database. CONNECT INTERNAL is no longer supported.
  
  - Operating system authentication takes precedence over password file authentication.
  
  - If you meet the requirements for operating system authentication, then even if you use a password file, you will be authenticated by operating system authentication.
  
  - Your choice will be influenced by whether you intend to administer your database locally on the same machine where the database resides, or whether you intend to administer many different databases from a single remote client.
  
  - If you are performing remote database administration, consult your Oracle Net documentation to determine whether you are using a secure connection.
  
  - Most popular connection protocols, such as TCP/IP and DECnet, are not secure.

➨ Post your comment / Share knowledge