驗證方式：作業系統驗證方式
口令檔案驗證方式（防止系統管理員誤操作你的資料庫）

================
1:作業系統驗證方式
================

[oracle@localhost ~]$ sqlplus
SQL*Plus: Release 11.2.0.3.0 Production on Sun Dec 30 16:58:46 2001
Copyright (c) 1982, 2011, Oracle. All rights reserved.

Enter user-name: / as sysdba

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> show user
USER is "SYS"

特點：不需要加密碼，直接可以以sysdba的身份登入，只要能進入你的作業系統，就能以dba身份登入到你的oracle

用途：當你即是系統管理員，又是oracle DBA時，可以採用這種方法
如果你是DBA，但不是系統管理員時，不能用這種驗證方法，因為其他人只要能進入你的系統就能登入你的ORACLE；

SQL> conn system/oracle -------dba有sys和system,不寫as sysdba預設是以一般使用者身份登入
Connected.

SQL> shutdown
ORA-01031: insufficient privileges ------沒有關閉資料庫的許可權

SQL> conn system/oracle as sysdba ---------以DBA的身份登入
Connected.

SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.

SQL> conn scott/tiger -----普通使用者沒有關閉資料庫的許可權
Connected.

SQL> shutdown immediate
ORA-01031: insufficient privileges

SQL> conn system/oracle as sysdba
Connected.

SQL> grant sysdba to scott; ---------給scott授予dba的許可權
Grant succeeded.

SQL> conn scott/tiger
Connected.

SQL> shutdown immediate
ORA-01031: insufficient privileges

SQL> conn scott/tiger as sysdba ----------scott以dba的身份登入後可以關閉資料庫
Connected.

SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.

================
2：口令檔案驗證方式
================
口令檔案
使用orapwd工具生成口令檔案
在引數檔案中改：
set remote_login_passwordfile=exclusive

windows ORACLE_HOME/Database/pwdoracl.ora(pwd+sid.ora)
linux ORACLE_HOME/dbs/orapworacl(orapw+sid)

1：
SQL> show parameter remote
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
remote_dependencies_mode string TIMESTAMP
remote_listener string
remote_login_passwordfile string EXCLUSIVE
remote_os_authent boolean FALSE
remote_os_roles boolean FALSE
result_cache_remote_expiration integer 0

2：
如果remote_login_passwordfile的值不是EXCLUSIVE,那麼需要手動改為EXCLUSIVE;

[oracle@ooo ~]$ cd $ORACLE_HOME

[oracle@ooo 11.2.0]$ cd dbs/

[oracle@ooo dbs]$ ls
aaspfileorcl.ora init.ora lkORCL orapworcl000
hc_orcl.dat initorcl.ora orapworcl spfileorcl.ora

[oracle@ooo dbs]$ vim initorcl.ora -------將excluesive寫入到啟動庫第一步讀到的引數檔案中
*.remote_login_passwordfile='EXCLUSIVE'

3：
[oracle@chen dbs]$ orapwd file=/u01/app/oracle/product/11.2.0/dbs/orapworcl password=test

[oracle@chen dbs]$ ls
hc_oracl.dat initoracl.ora orapworacl spfileoracl.ora
init.ora lkORCL orapworcl -----------生成密碼檔案

[oracle@chen ~]$ rlwrap sqlplus
SQL*Plus: Release 11.2.0.3.0 Production on Fri Jun 6 15:19:31 2014
Copyright (c) 1982, 2011, Oracle. All rights reserved.

Enter user-name: sys/aaaaaa as sysdba ---------輸入任意口令都能進入？如何解決？

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> show user
USER is "SYS"

4：解決辦法
[oracle@ooo admin]$ pwd
/u01/app/oracle/product/11.2.0/network/admin

[oracle@ooo admin]$ vim sqlnet.ora
SQLNET.AUTHENTICATION_SERVICES= (NONE) ----------新增這一行，登入時不是系統驗證,而是oracle驗證登入（防止系統管理員登入你的資料庫），註釋這一行又變化系統驗證方式
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)

ADR_BASE = /u01/app/oracle

[oracle@localhost ~]$ rlwrap sqlplus

Enter user-name: / as sysdba
ERROR:
ORA-01031: insufficient privileges --------系統驗證方式沒有透過，需要口令

Enter user-name: sys/aaaaa as sysdba
ERROR:
ORA-01017: invalid username/password; logon denied --------密碼輸入錯誤登入不上

[oracle@localhost ~]$ rlwrap sqlplus

Enter user-name: sys/test as sysdba ----------密碼正確，登入成功

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
歡迎關注我的微信公眾號"IT小Chen"，共同學習，共同成長！！！

Oracle 密碼驗證方式

Oracle 密碼驗證方式

相關文章