Q
Problem solve Get help with specific problems with your technologies, process and projects.

Password protecting INTERNAL

I want our server to prompt for a password when someone other than a member of the DBA group attempts a connect internal. How do I password protect internal? Alter user?

Instead of INTERNAL, it is probably best if you create an account for each of these people who will be doing privileged operations, such as shutdown the database. There are two main reasons here. One, you can control security better. This gives you the ability to do independent audits of each account if you wish. And there is no "group" password that needs to be shared which must be changed when someone leaves your group. Two, INTERNAL is no longer available in Oracle 9i. So if you engineer a solution now, you'll have to re-engineer a solution when you upgrade to 9i.

Instead, create individual accounts for these people. They will have their own passwords. Then set REMOTE_LOGIN_PASSWORDFILE=EXCLUSIVE in your INIT.ORA. Then create a password file with the ORADIM utility. Then bounce the database. Now sign on as INTERNAL or an account with SYSDBA privileges. To grant the ability to do INTERNAL-type functions to these individual accounts, issue "GRANT sysdba TO the_user;" for each of the users. They will need to sign on to the database 'as sysdba'. For instance:

edcsns18 gast% svrmgrl

Oracle Server Manager Release 3.1.7.0.0 - Production

Copyright (c) 1997, 1999, Oracle Corporation.  All
Rights Reserved.

Oracle8i Enterprise Edition Release 8.1.7.2.0 -
Production
With the Partitioning option
JServer Release 8.1.7.2.0 - Production

SVRMGR> connect my_user as sysdba 
That's all there is to it!

For More Information


Dig Deeper on Oracle database design and architecture

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchDataManagement

SearchBusinessAnalytics

SearchSAP

SearchSQLServer

TheServerSide.com

SearchDataCenter

SearchContentManagement

SearchHRSoftware

Close