3 Replies Latest reply: Dec 14, 2012 5:14 AM by Harm Joris ten Napel-Oracle RSS

    Windows Authentication Doubt

    rumana2
      Hi

      I'm testing the windows authentication option but I have the following doubt:

      I created an user OPS$My_Domain\My_user identified externally.

      I can connect as: sqlplus /@my_Database

      but I can't connect as: sqlplus "OPS$My_Domain\My_user"/my_password@my_Database

      Is this how it works?

      What I'm trying to achieve is to have thse same PWD for windows and Oracle (We want the users to login to the application)

      Thanks
        • 1. Re: Windows Authentication Doubt
          JustinCave
          So, you are trying to force the user to enter the password a second time rather than using single sign-on? That seems like an unusual request-- the whole benefit of externally authenticated users is normally the ability to do single sign-on.

          I don't believe there is any way to specify that you want an externally authenticated user but then have Oracle accept and authenticate the password.

          Justin
          • 2. Re: Windows Authentication Doubt
            damorgan
            Using an OPS$ account on Windows is a really bad idea given the many security issues in Windows. It is ok to use this technique with a robust operating system ... but Windows does not meet that criterion.
            • 3. Re: Windows Authentication Doubt
              Harm Joris ten Napel-Oracle
              Hi,

              there's a little known feature that if (and only if) os_authent_prefix = "OPS$", as it is in your case,
              you can give the user a password like this:

              alter user "OPS$MY_DOMAIN\MY_USER" identified by my_password;

              and then both OS authentication will work for local connections, and remote connections using @my_Database can use the password,

              greetings,

              Harm ten Napel