Shulou(Shulou.com)05/31 Report--

This article focuses on "how to understand the Remote_login_passwordfile parameters in Oracl". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to understand the Remote_login_passwordfile parameters in Oracl.

The password file is used for the user with sysdba identity to perform remote login to the database. Oracle allows the user to authenticate through the password file and log in before the database is started, thus starting the instance, loading and opening the database. Oracle restricts the use of password files through an initialization parameter, remote_login_passwordfile. By configuring this parameter, you can control whether password files are shared among multiple data, or you can disable password file authentication by this parameter, the value of remote_login_passwordfile:

= > NONE: disable password file authentication.

1. Setting to none disables password file authentication directly, and sysdba users can only log in to the database through operating system authentication. At this point, the login will receive an error:

ORA-01017: invalid username/password; logon denied

two。 The operating system authentication method involves the SQLNET.AUTHENTICATION_SERVICES parameter value in the sqlnet.ora file:

1) NONE: disable operating system authentication and can only be authenticated through password files

2) under the ALL:linux/unix platform, the operating system authentication is adopted, but the password file authentication is also needed for remote sysdba login.

3) operating system authentication under NTS:windows platform

= > EXCLUSIVE: (default) exclusive mode uses password files. It is mentioned in the official file that "only one instance of one database" uses exclusive mode, which can be used to add, modify and delete sysdba users in the database. You can also change the password of sysdba users. These changes will be recorded in the password file.

1. View users who have been granted sysdba permission

SELECT USERNAME FROM V$PWFILE_USERS WHERE SYSDBA='TRUE'

two。 Add / remove sysdba privilege users from password file

REVOKE SYSDBA FROM non-SYS-user;GRANT SYSDBA TO non-SYS-user

= > SHARED: share password files among multiple databases.

1. Password files that configure sharedvalues can be shared by multiple databases on a server or RAC cluster databases; (now you know the meaning of "only one instance of one database" in exclusive mode, just to distinguish between RAC environments)

The password file under 2.shared cannot be modified, which means that sysdba permissions can no longer be granted to non-sys users, and it is not allowed to change the passwords of sysdba users, including sys users.

SQL > show parameter password

NAME TYPE VALUE

-

Remote_login_passwordfile string SHARED

SQL > grant sysdba to hr

Grant sysdba to hr

*

ERROR at line 1:

ORA-01999: password file cannot be updated in SHARED mode

SYS@db11g > alter user sys identified by netpwd

Alter user sys identified by netpwd

*

ERROR at line 1:

ORA-28046: Password change for SYS disallowed

3.oracle recommends that users who need sysdba privileges be set up in exclusive mode to change REMOTE_LOGIN_PASSWORDFILE to a shared shared password file.

The order in which 4.Oracle looks for password files is: orapw$ORACLE_SID-- > orapw-- > Failure

[example] convert Exclusive to shared:

1. Change password file name

$mv orapwdb11g orapw

two。 Modify the database remote_login_ passwordfile value

SQL > alter system set remote_login_passwordfile=shared scope=spfile

3. Restart the database takes effect

SQL > shutdown immediate;SQL > startup

Note: if you convert the password file of none to exclusive or shared, make sure that the sys password setting in the password file is consistent with that recorded in the data dictionary in the database.

At this point, I believe you have a deeper understanding of "how to understand the Remote_login_passwordfile parameters in Oracl". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.