Oracle OS Authentication

This topic provides instructions for creating users and granting connection rights when using Oracle OS authentication. Prior to performing these steps, consider the following:

  • You must be a member of the ORA_DBA group and have SYSDBA privileges.

  • Users must be created in such a way that Oracle knows they are authenticated via a DOMAIN controller.

  • Use SQL*Plus or SQL*Plus Worksheet to create users. If you are not familiar with SQL*Plus, consult your Oracle documentation.

  • Users must be created within a Windows NT domain and added to the ORA_DBA group. Refer to your Microsoft Windows documentation for more information about using a Windows domain.

  • When setting up users for Silk Test Workbench in Oracle, create a schema to house the actual tables in addition to the remotely authenticated users. The schema is not domain authenticated, but is password authenticated.

  1. Start SQL*Plus or SQL*Plus Worksheet.
  2. Log on as SYSTEM and connect as SYSDBA.
  3. Type commands to create each user as "DOMAIN\USERNAME" IDENTIFIED EXTERNALLY, and grant connection rights and system privileges as shown in the following example. For each user as "DOMAIN\USERNAME". Type DOMAIN\USERNAME in uppercase and between double quotation marks, where DOMAIN\USERNAME is each user’s domain and user name. For example:
    CREATE USER "NT-DOMAIN\JEFF" IDENTIFIED EXTERNALLY;
    GRANT SELECT ANY SEQUENCE TO "NT-DOMAIN\JEFF";
    GRANT UNLIMITED TABLESPACE TO "NT-DOMAIN\JEFF";
    GRANT "CONNECT" TO "NT-DOMAIN\JEFF";
    GRANT "RESOURCE" TO "NT-DOMAIN\JEFF";
    GRANT "SELECT_CATALOG_ROLE" TO "NT-DOMAIN\JEFF";
    
    Important: Microsoft operating systems return the DOMAIN\USERNAME when the user is queried. If this does not match what is defined in the database, Oracle OS authentication will fail with ORA-1017.
  4. Test that Oracle OS authentication is set up correctly by connecting to the database via SQL*Plus.
    1. Type a "/" for the user name.
    2. Leave the Password text box empty, and enter the host string appropriately.
    3. Click OK. If you can log on, Oracle OS authentication is working properly.