How to Configure the SQL*Net Layer for Remote OS Authentication and Windows Native Authentication on a Windows Platform in a Two-Tier Environment (Doc ID 371110.1)

Last updated on JULY 05, 2017

Applies to:

Oracle Net Services - Version 8.1.7.0 and later
Oracle Provider for OLE DB - Version 8.1.7.0 and later
Oracle Data Provider for .NET - Version 9.2.0.1 and later
Oracle ODBC Driver - Version 8.1.7.0.0 and later
Microsoft Windows (32-bit)
Microsoft Windows x64 (64-bit)
***Checked for relevance on 23-Jun-2016***

Goal

To explain how to connect to an Oracle database from a client without specifying a password while using the operating system as the authentication mechanism rather than the database.

This is the process by which a user does not directly enter a username or password from the client application but rather sends a "/" in place of the username and password.  For example, if you wanted to connect with this type of authentication from SQL*Plus you would do the following:

SQL> CONNECT /@orcl
Connected.
SQL> SHOW user
USER is "MyOSUsername"


The Oracle networking software can be configured to invoke this authentication process one of two different ways depending on the setting of the SQLNET.AUTHENTICATION_SERVICES parameter in your SQLNET.ORA file on both the client and server.

In the example above we can see that the operating system's username, MyOSUsername, is the actual user which has connected to Oracle.  Depending on some additional settings discussed later in this article you will see that this name can take on various forms.

 

NOTE: This information pertains to a Windows platform and a Two-Tier environment only.

 

Username & Password Requirements

The following table shows the Username and Password requirements to properly invoke this type of authentication from various interfaces.

InterfaceUsernamePassword
SQL*Plus / omitted (if specified, a syntax error occurs)
Oracle ODBC Driver <blank> omitted (if specified, it will be ignored)
Microsoft ODBC for Oracle <blank> omitted (if specified, ORA-01017)
Microsoft ODBC for Oracle / omitted (if specified, ORA-01017)
Oracle Provider for OLE DB / omitted (if specified, it will be ignored)
Microsoft OLE DB Provider for Oracle / omitted (if specified, it will be ignored)
Oracle Data Provider for .NET / omitted (if specified, it will be ignored)
Microsoft .NET Managed Provider for Oracle / omitted (if specified, it will be ignored)

 

 

 

 

 

 

 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms