Version / Date | 6 / 2002-03-15 |
Priority | Recommendations/additional info |
Category | Installation information |
Primary Component | BC-DB-ORA Oracle |
Secondary Components |
Summary |
---|
Symptom Setting up sysoper/sysdba authorization for a user Other terms connect internal sysoper sysdba Reason and Prerequisites As of Version Oracle 9I, the function of the user is changed 'internally'.With this release, you can no longer perform an internal connect without a password.The sole membership to the operating system group 'DBA' no longer provides an authorization to log on to the database without a password. A 'proper' database user with a user name/password is required to log on to the database. User name/password is stored directly in the internal ABAP Dictionary of the database. If the database is not started, these authorizations cannot be read directly in the database. You therefore require a mechanism which allows you to assign authorization to start and stop the database EXTERNALLY, WITHOUT having to verify the user name/password. We advise AGAINST using this mechanism for Releases 7.3.X and 8.0.X as it can result in breaches in security. These problems have only been corrected as of Oracle Release 8.1.5. Solution The functions for allocating sysoper/sysdba authorization was already supplied by Oracle with Version 7.X. With a connect <username>/<password> as sysoper; connect <username>/<password> as sysdba; This works as soon as the OS user that you used to log on to the system belongs to the OPER (for sysoper) or dba (for sysdba) group. Wfor Windows platforms: The OS user must belong the ORA_DBA or ORA_<SID>_DBA (for sysdba) or ORA_OPER or ORA_<SID>_OPER (for sysoper) group. You must create a password file if you need to start/stop the system with an OS user who is NOT a member of the aforementioned groups , or if a connect as sysdba or sysoper from a remote machine is required (for example, split mirror backups).
|
No comments:
Post a Comment