普通用户:
数据库审核:
sqlplusSQL*Plus: Release 11.2.0.1.0 Production on Wed May 2 03:52:20 2018 Copyright (c) 1982, 2009, Oracle. All rights reserved. Enter user-name: oracle Enter password: Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production With the Partitioning, Automatic Storage Management, OLAP, Data Mining and Real Application Testing options ORACLE@ sundb>
系统审核:
在Linux系统root用户下创建测试用户
useradd -u 501 -g oinstall -G dba,oper,asmdba,asmadmin oracle查看创建后结果
id testuid=503(test) gid=501(oinstall) groups=501(oinstall),502(dba),503(oper),504(asmadmin),505(asmdba)以dba身份登录oracle开启操作系统认证
sqlplus / as sysdba查看认证前缀
select value from v$parameter where name = 'os_authent_prefix';创建数据库用户并授权
create user ops$test identified externally;User created.Elapsed: 00:00:00.58grant create session to ops$test;su - testvi ./.bash_profile添加以下内容
export ORACLE_BASE=/u01/app/oracleexport ORACLE_HOME=$ORACLE_BASE/product/11.2.0/db_1export ORACLE_SID=orclsource ~/.bashrc重新以test用户测试登录
[test@RHEL6 ~]$ /u01/app/oracle/product/11.2.0/db_1/bin/sqlplus /SQL> show userUSER is "OPS$TEST"
可以修改文件打开操作系统审核机制,但是由于oracle系统默认是打开操作系统认证的,所以也可以不修改以下文件
vi $ORACLE_HOME/network/admin/sqlnet.ora将其中的SQLNET.AUTHENTICATION_SERVICES值改为all
sqlnet.authentication_services=all
超级用户:
系统审核:
conn / as sysdba超级用户的系统审核必须在连接时带有角色的描述
口令文件审核:由于系统审核级别要高于口令文件审核,所以需要先将系统审核关掉
先将oracle用户移出dba组,在root用户下执行
gpasswd -d oracle dbaRemoving user oracle from group dba返回oracle用户登录
su - oraclesqlplus / as sysdbaSQL*Plus: Release 11.2.0.1.0 Production on Wed May 2 05:43:52 2018 Copyright (c) 1982, 2009, Oracle. All rights reserved. ERROR: ORA-01031: insufficient privileges这时用操作系统认证时就会报错了
SQL*Plus: Release 11.2.0.1.0 Production on Wed May 2 05:43:52 2018 Copyright (c) 1982, 2009, Oracle. All rights reserved. ERROR: ORA-01031: insufficient privileges
可以用超级用户的用户名密码进行连接
sqlplus sys/dba as sysdbaSQL*Plus: Release 11.2.0.1.0 Production on Wed May 2 05:46:02 2018 Copyright (c) 1982, 2009, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production With the Partitioning, Automatic Storage Management, OLAP, Data Mining and Real Application Testing options