DBAsupport.com Forums - Powered by vBulletin
Results 1 to 6 of 6

Thread: insufficient privilege

  1. #1
    Join Date
    Oct 2000
    Posts
    123

    Red face

    Hi,

    Here is the problem which i never solved by all means:

    My OS is WINNT 4.0 with service pack 6.0, I just installed the Oracel server personal edition on my desktop, version is 8.1.5.

    I want to login as trusted OS method, so setup the parameter:
    SQLNET.AUTHENTICATION_SERVICES=(NTS) in sqlnet.ora.
    The parameter REMOTE_LOGON_PASSWORDFILE=EXCLUSIVE in init.ora file.
    I create one user called "administrator" which is member of group "ORA_DBA", and log in as administrator.

    I can svrmgrl and connect as internal/oracle and do startup and shutdown as well as grant things. -------> good

    Problem:

    As long as i do the following:
    C:> sqlplus /nolog
    .....succeed
    SQL> connect / as sysdba
    SQL> ora-1031 insufficient privilege <-----------?
    SQL> connect internal/oracle as sysdba
    SQL> ...... succeed ----------->Good
    SQL> connect system/manager as sysdba
    SQL> ora-1031 insufficient privilege <-----------?
    SQL> connect sys/change_on_install as sysdba
    SQL> ora-1031 insufficient privilege <-----------?

    I just don't know why, and tried everything i can.

    Note: I just reinstalled the ORACLE after my computer upgraded, and it works great before with OS log on:
    SQL> connect / as sysdba
    SQL> .......
    succeed.

    Any input will be appreciate

    Thanks

  2. #2
    Join Date
    Oct 2001
    Location
    Lexington
    Posts
    11
    1) Change your password from change_on_install to something else. Then try connect sys/something as sysdba. It will work.
    2) Wrong password results in the same error

  3. #3
    Join Date
    Sep 2001
    Location
    NJ, USA
    Posts
    1,287
    Try:

    C:> sqlplus /nolog
    SQL> connect sys/change_on_install
    SQL> select * from v$pwfile_users;
    -- check SYSDBA users

    SQL> alter user sys identified by change_on_install;
    ..
    SQL> disconnect

    SQL> connect sys/change_on_install as sysdba

    SQL> grant sysdba to system;

    SQL> disconnect

    SQL> connect system/manager as sysdba

  4. #4
    Join Date
    Oct 2000
    Posts
    123
    Thanks for you valuable input.

    I already tried that grant sysdba to system and/or others, it seems that i can connect user/pwd as sysdba, but i still can not succeed on "connect / as sysdba" ---- insifficient privilege.

    By the way, after i revoke sysdba from system account, it seems that you can not log back in with system account and the error message is: "lack create session priovilege", is it normal? I mean originally, we don't need to grant anything to system account to log on, is it weird?

    Thanks

  5. #5
    Join Date
    Sep 2001
    Location
    NJ, USA
    Posts
    1,287
    Check REMOTE_LOGIN_PASSWORDFILE in init.ora

    It may has values:

    NONE - Setting this parameter to NONE causes Oracle to behave as if the password file does not exist. That is, no privileged connections are allowed over non-secure connections. NONE is the default value for this parameter.

    EXCLUSIVE - An EXCLUSIVE password file can be used with only one database. Only an EXCLUSIVE file can contain the names of users other than SYS. Using an EXCLUSIVE password file allows you to grant SYSDBA and SYSOPER system privileges to individual users and have them connect as themselves.

    SHARED - A SHARED password file can be used by multiple databases. However, the only user recognized by a SHARED password file is SYS. You cannot add users to a SHARED password file. All users needing SYSDBA or SYSOPER system privileges must connect using the same name, SYS, and password.

    if it set NONE - then check(create) OS user groups OSDBA and OSOPER and create OS account for some user, and then you can use :

    CONNECT / AS SYSDBA
    CONNECT / AS SYSOPER


    if it not set NONE you can't use connect / as sysdba ...
    you must connect thru

    connect sys/PWD as sysdba
    -------------------------------------------------
    PS: it is a new security policy start with oracle 8.1.7 ver.
    -------------------------------------------------



    [Edited by Shestakov on 10-26-2001 at 03:41 PM]

  6. #6
    Join Date
    Oct 2000
    Posts
    123
    Thanks man.

    The reason i used the exclusive is i can make it work when i set it up to NONE.

    When i set the remote_password_logon=NONE, i create a user "usr1" and grant it to be a member of "ORA_DBA" group which is automatically created when i installed the PERSONAL ORACLE server. But i can not logn to the ORACLE as sysdba by all means, and can not connect internal either.

    Thanks again


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Click Here to Expand Forum to Full Width