| SYSDBA Login without password [message #636514] |
Mon, 27 April 2015 05:44  |
muktha_22
Messages: 527
Registered: December 2009
|
Senior Member |
|
|
Hi,
Hope all is well,
I am able to login into DB without \ wrong password for SYS as SYSDBA within the server.
But no issues while connecting remotely.
When I checked the type of password for the user with below query, it shows PASSWORD authentication only.
select gn.GLOBAL_NAME as "Instance", username, authentication_type
from dba_users du, global_name gn
where authentication_type = 'EXTERNAL'
Also the parameter "os_authent_prefix" is also NULL.
Where is the problem could be?
Kindly provide some idea, eventhough I checked the older forums, not able to get the answer.
Regards
Muktha
|
|
|
|
|
|
|
|
|
|
| Re: SYSDBA Login without password [message #636521 is a reply to message #636519] |
Mon, 27 April 2015 06:33  |
gazzag
Messages: 1114
Registered: November 2010
Location: Bedwas, UK
|
Senior Member |
|
|
|
This is why you should do as Michel suggests and Copy & Paste to SHOW us what you are doing. It will help eliminate misunderstandings. Now, if I understand you correctly, you have the opposite issue to what I assumed. Have you created a password file?
|
|
|
|
|
|
|
|
| Re: SYSDBA Login without password [message #636525 is a reply to message #636523] |
Mon, 27 April 2015 06:50 |
muktha_22
Messages: 527
Registered: December 2009
|
Senior Member |
|
|
Hi Gazzag,
Simple,
When I connect to the DB inside the server, I could do, without the password. (As in the screen shot given).
Which is a big threat.
But If I do remotely by Toad, it allows only with the correct password to connect to the DB. Which gets password from the password file.
Regards
Muktha
|
|
|
|
|
|
|
|
| Re: SYSDBA Login without password [message #636533 is a reply to message #636532] |
Mon, 27 April 2015 07:32 |
gazzag
Messages: 1114
Registered: November 2010
Location: Bedwas, UK
|
Senior Member |
|
|
Again, this is by design:
C:\>sqlplus /nolog
SQL*Plus: Release 11.2.0.2.0 Production on Mon Apr 27 13:29:46 2015
Copyright (c) 1982, 2014, Oracle. All rights reserved.
SQL> connect / as sysdba;
Connected.
SQL>
SQL> connect sys/wrong_password as sysdba
Connected.
SQL>
SQL> connect no_user/wrong_password as sysdba;
Connected.
SQL>
Just to add, only an O/S user that is part of the ora_aba group on the database server will be allowed to connect as SYSDBA with no password. That is secure enough providing you restrict access to that server to regular users.
[Edit: addendum]
[Updated on: Mon, 27 April 2015 07:48] Report message to a moderator |
|
|
|
|
|
| Re: SYSDBA Login without password [message #636536 is a reply to message #636534] |
Mon, 27 April 2015 09:03 |
muktha_22
Messages: 527
Registered: December 2009
|
Senior Member |
|
|
Hi Michel,
Thanks for the reply.
Understood, there is no threat.
But if the management want to remove, then if I set:
SQLNET.AUTHENTICATION_SERVICES=(NONE), will it affect remote login?
Regards
Muktha
|
|
|
|
|
|
| Re: SYSDBA Login without password [message #636538 is a reply to message #636537] |
Mon, 27 April 2015 09:18 |
cookiemonster
Messages: 13904
Registered: September 2008
Location: Rainy Manchester
|
Senior Member |
|
|
If your server accounts are set up right removing it is fairly pointless.
Only DBAs should have access to accounts in the ORA_DBA grouop.
Those same accounts should be able to modify sqlnet.ora.
|
|
|
|
|
|
] 
Search
Help
Members
Register
Login
Home
