OS Authentication

OS authentication is used to  authenticate user  at the OS level to connect  to the database. For OS authentication OS username must be mapped to the Oracle user name. The initialization parameter OS_AUTHENT_PREFIX controls that mapping. This value is concatenated with the OS username and used as the database user. Default value for OS_AUTHENT_PREFIX parameter ops$. If the default value is not changed, then database user of the OS user valeh will be ops$valeh.If this value is set to null then you will log onto the database as user valeh.

SQL> show parameter os_authent_prefix;

-------------------- ---------- -------------
os_authent_prefix     string	 ops$

To allow access from OS users, you must enable remote OS authentication, create a user and grant privileges :

--Fisrt create OS user for testing

[root@orcl ~]# useradd valeh
[root@orcl ~]# passwd valeh
Changing password for user valeh.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.

SQL> show parameter remote_os_authent;
NAME 		      	TYPE 		VALUE
------------------ ----------- ----------------
remote_os_authent     boolean	FALSE

SQL> alter system set remote_os_authent=true scope=spfile;
SQL> shutdown
SQL> startup
SQL> show parameter remote_os_authent;
NAME			     TYPE	      VALUE
------------------  ---------- --------------
remote_os_authent    boolean     TRUE

SQL> create user ops$valeh identified externally;

User created.
SQL> grant create session to ops$valeh;

Grant succeeded.

Log in to the new created user, set oracle environment variables and run sqlplus, you don’t need to specify a username or a password to logon to Oracle:

[root@orcl ~]# su - valeh
[valeh@orcl ~]$ sqlplus /

SQL*Plus: Release Production on Thu Jul 2 19:56:37 2015
Copyright (c) 1982, 2009, Oracle.  All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> show user

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s