What does "OS authentication" mean to you? Any guesses?
A hint: If you have enabled OS authentication on your server it is your local OS user id that is being authenticated against. If you have OS authentication enabled and your local user ID is a member of the ORA_DBA group you have full and complete access to all the databases on that server regardless of whatever other database settings. When you login "/ as sysdba" you don't need any userid or password - you could have used any userid including those that don't exist and you could still log in as SYS. That is the way it works and has been working all this while. You can try this by yourself. After you connect using a non-existent userid try: "select user from dual" and see who you are really login in as:
SQL> conn abcxyz/abcxyz as sysdba
SQL> select user from dual
as long as you loged in to the server with the Oracle software owner normally "oracle",
you can log in to the database with any username/password combination, even they are wrong, because oracle will authenticate you as O.S Authentication, which is the "oracle user" that is part of DBA os group.
so if you loged in as oracle O.S user and try the following:
sqlplus / as sysdba or
sqlplus asdfasdf/asdfasdf as sysdba or any user/password (even invalid),
oracle will give you a sysdba connection using o.s authentication.
Thanks you all for clearing the doubt.
I appreciate your help..
thanks a ton....
Oracle will authenticate sys as sysdba when instance down using O.S authentication
sys as sysdba is always using OS or password file authentication.
thanks, but I mean while he is connecting to the server locally as Oracle user, the authentication will be O.S
What matters is that the OS user account belongs to the SYSDBA user group and the account has execute privileges to oracle application binaries. This is usually the oracle user, but it does not have to be.