溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
這篇文章將為大家詳細講解有關Oracle密碼文件有什么用,小編覺得挺實用的,因此分享給大家做個參考,希望大家閱讀完這篇文章后可以有所收獲。
--==============================
-- Oracle密碼文件
--==============================
/*
一、密碼文件
作用:主要進行DBA權限的身份認證
DBA用戶:具有sysdba,sysoper權限的用戶被稱為dba用戶。默認情況下sysdba角色中存在sys用戶,sysoper角色中存在system用戶
二、Oracle的兩種認證方式;
1.使用與操作系統集成的身份驗證
2.使用Oracle數據庫的密碼文件進行身份認證
三、密碼文件的位置
Linux下的存放位置:$ORACLE_HOME/dbs/orapw$ORACLE_SID
即:ORACLE_HOME/dbs/orapw<sid>
Windows下的存放位置:$ORACLE_HOME/database/PWD%ORACLE_SID%.ora
密碼文件查找的順序
--->orapw<sid>--->orapw--->Failure
兩種認證方式:類似于SQL server中的windows認證和SQL server認證
決定在兩個參數中
1.remote_login_passwordfile = none | exclusive |shared 位于$ORACLE_HOME/dbs/spfile$ORACLE_SID.ora參數文件中
none : 不使用密碼文件認證
exclusive :要密碼文件認證,自己獨占使用(默認值)
shared :要密碼文件認證,不同實例dba用戶可以共享密碼文件
2. $ORACLE_HOME/network/admin/sqlnet.ora
SQLNET.AUTHENTICATION_SERVICES = none | all | ntf(windows)
none : 表示關閉操作系統認證,只能密碼認證
all : 用于linux或unix平臺,關閉本機密碼文件認證,采用操作系統認證,但遠程<異機>可以使用密碼文件認證
nts : 用于windows平臺
不同的組合
1 2
none none sys用戶無論是本機還是遠程均不可用
四、演示:實驗判斷當前使用的是操作系統認證還是密碼認證
1.在sqlnet.ora中追加SQLNET.AUTHENTICATION_SERVICES = none
oracle@testdb admin]$ vi sqlnet.ora
SQLNET.AUTHENTICATION_SERVICES = none
~
"sqlnet.ora" [New] 1L, 39C written
[oracle@testdb admin]$
--使用操作系統登陸認證,失敗
[oracle@testdb admin]$ sqlplus / as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:26:22 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-01017: 用戶名/口令無效; 登錄被拒絕
Enter user-name:
ERROR:
ORA-01017: invalid username/password; logon denied
Enter user-name:
ERROR:
ORA-01017: invalid username/password; logon denied
SP2-0157: unable to CONNECT to ORACLE after 3 attempts, exiting SQL*Plus
[oracle@testdb admin]$
--改用密碼認證登陸,成功。
[oracle@testdb admin]$ sqlplus sys/oracle as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:27:04 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
2.將SQLNET.AUTHENTICATION_SERVICES的值改為all
[oracle@testdb admin]$ cat sqlnet.ora
SQLNET.AUTHENTICATION_SERVICES = all
[oracle@testdb admin]$
[oracle@testdb admin]$ cat tnsnames.ora
DBDB =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.56.12)(PORT = 1521))
)
(CONNECT_DATA =
(SERVICE_NAME = DBdb)
)
)
testdb =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.56.28)(PORT = 1521))
)
(CONNECT_DATA =
(SERVICE_NAME = DBdb)
)
)
[oracle@testdb admin]$
DBDB是連接到遠程的數據庫的tns
testdb是連接到本機數據庫的tns;
--使用操作系統登陸認證,成功。
[oracle@testdb admin]$ sqlplus / as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:36:00 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> exit
Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
[oracle@testdb admin]$
--使用本機密碼認證,成功;
[oracle@testdb admin]$ sqlplus sys/oracle as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:40:35 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
--使用本機密碼認證加本機tns連接,失敗;
[oracle@testdb admin]$ sqlplus sys/oracle@testdb as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:36:17 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-12641: Authentication service failed to initialize
Enter user-name:
ERROR:
ORA-01017: invalid username/password; logon denied
--使用客戶端遠程密碼連接方式連接本機,成功:
C:\Users\Administrator>sqlplus system/oracle@192.168.56.28/DBdb
SQL*Plus: Release 11.2.0.1.0 Production on 星期二 12月 26 10:16:53 2017
Copyright (c) 1982, 2010, Oracle. All rights reserved.
連接到:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
--使用tns連接到其他數據庫的tns,成功;
[oracle@testdb admin]$ sqlplus sys/oracle@DBDB as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Mon Dec 25 21:36:43 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
五、密碼文件的建立:orapwd */
[oracle@testdb ~]$ orapwd
Usage: orapwd file=<fname> password=<password> entries=<users> force=<y/n>
where
file - name of password file (mand), /*密碼文件的名字orapw<sid>*/
password - password for SYS will be prompted if not specified at command line, /*sys用戶的密碼*/
entries - maximum number of distinct DBA (optional), /*可以有多少個sysdba,sysoper權限用戶放到密碼文件中去,去掉重復記錄*/
/*注意entries中存放的個數但不是實際個數,這個是二進制數據*/
force - whether to overwrite existing file (optional),/*10g新增的參數,默認值為n ,y表示允許覆蓋*/
ignorecase - passwords are case-insensitive (optional),
nosysdba - whether to shut out the SYSDBA logon (optional Database Vault only).
There must be no spaces around the equal-to (=) character.
關于“Oracle密碼文件有什么用”這篇文章就分享到這里了,希望以上內容可以對大家有一定的幫助,使各位可以學到更多知識,如果覺得文章不錯,請把它分享出去讓更多的人看到。
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
