3 Replies Latest reply: Dec 14, 2012 5:14 AM by Harm Joris ten Napel-Oracle RSS

    Windows Authentication Doubt


      I'm testing the windows authentication option but I have the following doubt:

      I created an user OPS$My_Domain\My_user identified externally.

      I can connect as: sqlplus /@my_Database

      but I can't connect as: sqlplus "OPS$My_Domain\My_user"/my_password@my_Database

      Is this how it works?

      What I'm trying to achieve is to have thse same PWD for windows and Oracle (We want the users to login to the application)

        • 1. Re: Windows Authentication Doubt
          So, you are trying to force the user to enter the password a second time rather than using single sign-on? That seems like an unusual request-- the whole benefit of externally authenticated users is normally the ability to do single sign-on.

          I don't believe there is any way to specify that you want an externally authenticated user but then have Oracle accept and authenticate the password.

          • 2. Re: Windows Authentication Doubt
            Using an OPS$ account on Windows is a really bad idea given the many security issues in Windows. It is ok to use this technique with a robust operating system ... but Windows does not meet that criterion.
            • 3. Re: Windows Authentication Doubt
              Harm Joris ten Napel-Oracle

              there's a little known feature that if (and only if) os_authent_prefix = "OPS$", as it is in your case,
              you can give the user a password like this:

              alter user "OPS$MY_DOMAIN\MY_USER" identified by my_password;

              and then both OS authentication will work for local connections, and remote connections using @my_Database can use the password,


              Harm ten Napel