the NTS option makes the Oracle client attempt to use your current Windows domain credentials to authenticate you with the oracle server. This could fail for a couple of reasons: - The Oracle server is not configured to support Windows authentication In my case, it was the later. Despite the fact that I had told the client to use a different user name and password, it was still attempting to login using my domain credentials first. This failed because I was logged on to my local machine using my normal domain credentials rather than my administrator account. Replacing the line: SQLNET.AUTHENTICATION_SERVICES= (NTS) with SQLNET.AUTHENTICATION_SERVICES= (NONE) in sqlnet.ora resolved the issue by disabling local support for authenticating using Windows credentials. |
NTS 是使用 登陆本地 账号 ,4.47 是本地管理员账号/db服务器也是本地管理员账号,都有dba 属组 ,因此不会有问题,适用于打补丁必须这样连接。 as sysdba
但是客户使用域名账号登陆本地os,没有dba 属组,就无法登陆远程数据库。
None 是使用 数据库密码认证。不区分os帐号。 适用于客户使用域名账号(非dba属组)登陆本地os,远程访问数据库
FIX: IN DB SERVER
找到安装目录:E:/oracle/product/10.2.0/db_1/NETWORK/ADMIN 打开sqlnet.ora
option 1: 在里面找到 SQLNET.AUTHENTICATION_SERVICES= (NTS)
将其更改为: SQLNET.AUTHENTICATION_SERVICES= (BEQ,NONE)
option 2:或者注释掉:#SQLNET.AUTHENTICATION_SERVICES= (NTS)
option 3: SQLNET.AUTHENTICATION_SERVICES= (NONE)
在windows中,是通过sqlnet.ora这个文件来实现验证机制控制的,当你装完数据库并用netca创建了监听,就会生成这个文件,通常默认是以下内容:
# This file is actually generated by netca. But if customers choose to
# install "Software Only", this file won't exist and without the native
# authentication, they will not be able to connect to the database on NT.
SQLNET.AUTHENTICATION_SERVICES = (NTS)
也就是说,默认就是采用操作系统验证的,也许Oracle认为,拥有了SA权限,就拥有了系统最高权限,所以数据库DBA的sys用户也无需再验证密码了
如果设置成(NONE),就表示采用数据库身份验证,还可以设置成(NONE,NTS),其实这样设也没有意义了,只要括号中有NTS,就会采用操作系统验证,NONE就没有用了
这里要指出一点,有些文章中说还可以设置成(ALL),但我设计测试下来,如果设置成(ALL),会提示ERROR:
C:\Documents and Settings\Administrator>sqlplus / as sysdba
SQL*Plus: Release 10.2.0.1.0 - Production on 星期四 8月 28 21:26:06 2014
Copyright (c) 1982, 2005, Oracle. All rights reserved.
ERROR:
ORA-12641: 验证服务无法初始化