DBAsupport.com Forums - Powered by vBulletin
Results 1 to 2 of 2

Thread: How to implement External Authentication in Windows NT 4.0?

  1. #1
    Join Date
    Oct 2001
    Location
    Singapore
    Posts
    4
    I installed Oracle 8.1.5.0.0 on my PC running Windows NT 4.0 O.S. In SQL*PLUS, under SYSDBA, I created a user as the following:
    create user ops$administrator identified externally;
    and then:

    grant DBA to ops$administrator

    Where "administrator" is the user name for my NT 4.0 system.

    However, as soon as I attempt to connect to the DB with the username ops$administrator, it always failed. The outcomes are described as the follows:

    (1)In the Command Prompt of Windows NT, issue the following command:

    C:\>sqlplus /nolog

    Then enter the SQL*Plus.

    (2)In SQL*Plus, issue the following command:

    SQL>connect / as sysdba
    ERROR:
    ORA-12203: TNS: unable to connect to destination.


    I logged on as the super-user administrator, and I am sure that administrator is a member of the ora_dba group.

    Who can help me to resolve the problem?

    moonriver

  2. #2
    Join Date
    May 2001
    Location
    Chennai
    Posts
    57
    Hi,

    This is what we did after some study/experiments to get the subject going at ur end:

    In oracle 8.1.5 even when you set OSAUTH_PREFIX_DOMAIN to TRUE in the server registry, it does not seem to validate your domain, whereas this seem to work perfectly in oracle 8.1.6

    For example, when you create an external oracle user called "DOMAIN\USERID" eg. SERVER1\abcd where "abcd" is a user in that domain SERVER1 (viz. DOMAIN\administrator, in ur case) and try to login to oracle 8.1.5, it does not seem to recognize the domain SERVER1, it only looks for user "abcd". Hence when you create a user called "abcd" without the domain, oracle authenticates it.

    We’ll have to set SQLNET.AUTHENTICATION_SERVICES = (NTS) in the sqlnet.ora file on both the server and the client to make authentication work in Oracle 8.1.5.

    In Oracle 8.1.6 SQLNET.AUTHENTICATION_SERVICES = (NTS) is the default setting in the sqlnet.ora file.

    Set the NT registry variable HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE\OSAUTH_ENFORCE_STRICT to TRUE on the server to enforce the adapter to verify the operating system's user account's membership to one of the following Windows NT local groups ex. ORA_USER i.e. Create a local group called ORA_USER on the database server and assign users to the group

    Set REMOTE_OS_AUTHENT=FALSE in production server for better security. Make this true in develop environment so OS authentication of oracle Users with/without domains is possible.


    Give me more inputs if u have successfully configured....

    Kevin

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Click Here to Expand Forum to Full Width