The default value of this parameter is OPS$ for backward compatibility with previous versions. However, you might prefer to set the prefix value to "" (a null string), thereby eliminating the addition of any prefix to operating system account names.
可见,用ops$只是为了向前兼容。
下面,我们来实验一下。
一、创建操作系统用户
[root@node1 ~]# useradd test
二、创建Oracle用户并授予相应的权限
SQL> create user ops$test identified externally;
SQL> grant create session to ops$test;
三、用test用户登录数据库
[test@node1 ~]$ /u01/app/oracle/product/11.2.0.4/db_1/bin/sqlplus /
Error 6 initializing SQL*Plus
SP2-0667: Message file sp1
SP2-0750: You may need to set ORACLE_HOME to your Oracle software directory
报以上错误,根据提示,我们为ORACLE_HOME设置相应的值
在/home/test/.bash_profile中添加如下值:
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/11.2.0.4/db_1
重新用test用户登录数据库
[test@node1 ~]$ /u01/app/oracle/product/11.2.0.4/db_1/bin/sqlplus /
SQL*Plus: Release 11.2.0.4.0 Production on Sat Jan 10 01:14:53 2015
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-12162: TNS:net service name is incorrectly specified
Enter user-name:
又报TNS:net service name is incorrectly specified错误。
怀疑没有指定相应的SID,在/home/test/.bash_profile中添加如下值:
export ORACLE_SID=orcl
重新用test用户登录
[test@node1 ~]$ /u01/app/oracle/product/11.2.0.4/db_1/bin/sqlplus /
SQL*Plus: Release 11.2.0.4.0 Production on Sat Jan 10 01:18:22 2015
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - Production
With the Partitioning, Automatic Storage Management, OLAP, Data Mining
and Real Application Testing options
SQL> show user
USER is "OPS$TEST"
终于成功登录!
这个是在本地环境下的操作系统认证,即test与oracle数据库在同一个主机上。
倘若不在同一个主机上,必须将remote_os_authent设置为TRUE。
外部认证之网络认证
Network authentication is performed using Oracle Advanced Security, which can be configured to use a third-party service such as Kerberos. If you are using Oracle Advanced Security as your only external authentication service, then the REMOTE_OS_AUTHENT parameter setting is irrelevant, becauseOracle Advanced Security only allows secure connections.
关于外部认证,我们来看看官方文档的说明
1> More choices of authentication mechanism are available, such as smart cards, fingerprints, Kerberos, or the operating system.
2> Many network authentication services, such as Kerberos support single sign-on, enabling users to have fewer passwords to remember.
3> If you are already using some external mechanism for authentication, such as one of those listed earlier, then there may be less administrative overhead to use that mechanism with the database as well.
Easy Connect
[oracle@node3 ~]$ sqlplus system/oracle@192.168.2.12:1521/sz.being.com
其中,192.168.2.12是数据库所在主机的IP,1521是数据库所在主机的监听端口,sz.being.com是数据库提供的服务名
