3 Replies Latest reply: Jul 15, 2014 10:35 AM by Nip-Oracle RSS

    Dataguard Broker utility connects with invalid passwords why?

    soufir

      DGMGRL> connect sys/oraclee

      Connected.

       

      Database version : 11.2.0.1.0

        • 1. Re: Dataguard Broker utility connects with invalid passwords why?
          mseberg

          Hello

           

          I can confirm the same:

           

          DGMGRL for Linux: Version 11.2.0.4.0 - 64bit Production

           

          Copyright (c) 2000, 2009, Oracle. All rights reserved.

           

          Welcome to DGMGRL, type "help" for information.

          DGMGRL> connect sys/oraclee

          Connected.

          DGMGRL>

           

          It will even prompt you if you just enter /

           

          Welcome to DGMGRL, type "help" for information.

          DGMGRL> connect sys/

          Password:

          Connected.

           

          If you add a connect_identifier it should force you to use the correct password.


          Example


          Welcome to DGMGRL, type "help" for information.

          DGMGRL> connect sys/bspassword@standby

          ORA-01017: invalid username/password; logon denied

           

          Best Regards

           

          mseberg

          • 2. Re: Dataguard Broker utility connects with invalid passwords why?
            BPeaslandDBA

            The reason is because you are connecting to a local instance and you have already authenticated. No matter what I supply for the password, I can connect just fine.

             

            DGMGRL> connect sys/good_password

            Connected.

            DGMGRL> connect sys/bad_password

            Connected.

             

            This is no different than being able to connect as SYS without a password in SQL*Plus.

             

            [oracle@myhost ~]$ sqlplus /nolog

             

             

            SQL*Plus: Release 11.2.0.3.0 Production on Tue Jul 15 09:46:08 2014

             

             

            Copyright (c) 1982, 2011, Oracle.  All rights reserved.

             

             

            SQL> connect / as sysdba

            Connected.

            SQL> show user

            USER is "SYS"

             

            I can even provide a bad password and connect in SQL*Plus.

             

            SQL> connect sys/bad_password as sysdba

            Connected.

             

            All of this is possible because I have authenticated to the OS and my user is part of the 'dba' group. Oracle assumes that because I'm in the group, I have SYS access to the database.

             

            Where you will run into problems is when you try to authenticate remotely, from another host. For SYS, the password would need to be validated with what is in the password file on the database server.

             

            Cheers,
            Brian

            • 3. Re: Dataguard Broker utility connects with invalid passwords why?
              Nip-Oracle

              As explained above by Gurus, this is expected behavior.

               

              To change this behavior to resolve your issue, edit $ORACLE_HOME/network/admin/sqlnet.ora  (or $TNS_ADMIN/sqlnet.ora if set ) and then change :

               

              SQLNET.AUTHENTICATION_SERVICES= (none)