Oracle教程

Oracle 参数 REMOTE_LOGIN_PASSWORDFILE 官方解释,作用,如何配置最优化建议

本站中文解释

REMOTE_LOGIN_PASSWORDFILE参数指定Oracle的身份验证模式:认证文件方式或密码文件方式。在认证文件方式中,客户端与数据库服务器之间进行通信,而且还不使用用户名和密码。只有在身份验证文件中的会话ID才能够IT连接到服务器。在密码文件方式中,客户端必须在连接服务器时指定用户名和密码,并且必须在数据库服务器上存在一个匹配的用户。

要正确设置REMOTE_LOGIN_PASSWORDFILE参数,必须先创建密码或认证文件,然后分别更改其参数值。要创建密码文件,可以使用Oracle提供的utlpwdmg.sql脚本。要创建认证文件,可以使用utlauth.sql脚本。如果要把这些参数设置为使用认证文件,可以用以下命令:

SQL>alter system set REMOTE_LOGIN_PASSWORDFILE=NONE scope=spfile;

让Oracle服务器在重新启动时自动把参数设置为认证文件模式,可以用以下命令:

SQL>shutdown immediate

SQL>startup

SQL> alter system set REMOTE_LOGIN_PASSWORDFILE=NONE scope=spfile;

SQL>shutdown immediate

SQL>startup

官方英文解释

REMOTE_LOGIN_PASSWORDFILE specifies whether Oracle checks for a password file.

Property Description

Parameter type

String

Syntax

REMOTE_LOGIN_PASSWORDFILE = { shared | exclusive | none }

Default value

exclusive

Modifiable

No

Modifiable in a PDB

No

Basic

Yes

Oracle RAC

Multiple instances must have the same value.

Values

  • shared

    One or more databases can use the password file. The password file can contain SYS and non-SYS users.

    When REMOTE_LOGIN_PASSWORDFILE is set to shared:

    • The SYS password cannot be changed. If you try, the password change operation fails with “ORA-28046: Password change for SYS disallowed.”

    • The password of any user who has SYS* admin privileges (SYSDBA, SYSOPER, SYSASM, SYSBACKUP, SYSDG, SYSKM) cannot be changed. If you try, the password change operation fails with “ORA-01999: password file cannot be updated in SHARED mode.”

    • Grants of SYS* admin privileges (SYSDBA, SYSOPER, SYSASM, SYSBACKUP, SYSDG, SYSKM) to individual users are not allowed. For example, grant sysdba to scott fails with “ORA-01999: password file cannot be updated in SHARED mode.” Similarly, revoke of SYS* admin privileges fails.

    • If the password file does not exist, then the behavior is the same as setting REMOTE_LOGIN_PASSWORDFILE to none.

  • exclusive

    The password file can be used by only one database. The password file can contain SYS and non-SYS users.

    When REMOTE_LOGIN_PASSWORDFILE is set to exclusive, if the password file does not exist, then the behavior is the same as setting REMOTE_LOGIN_PASSWORDFILE to none.

  • none

    Oracle ignores any password file. Therefore, privileged users must be authenticated by the operating system.

Note:

If you change REMOTE_LOGIN_PASSWORDFILE to exclusive or shared from none, then ensure that the password file is synchronized with the dictionary passwords.


数据运维技术 » Oracle 参数 REMOTE_LOGIN_PASSWORDFILE 官方解释,作用,如何配置最优化建议
分享到:

相关推荐