Databases Reference
In-Depth Information
The prior output indicates that the
oracle
user is included in several groups, one of which is
dba
. Any user who
belongs to the
dba
group can connect to the database with
sysdba
privileges. A user with
sysdba
privileges can start
and stop the database. This example uses OS authentication to connect to your database as the user
sys
:
$ sqlplus / as sysdba
No username or password is required when using OS authentication (hence just the slash without a user/
password) because Oracle first checks to see if the OS user is a member of a privileged OS group, and if so, connects
without checking the username/password. You can verify that you have connected as
sys
by issuing the following:
SQL> show user
USER is "SYS"
Using a Password File
You can also connect to your database by providing the username and password of a database user who has been
granted proper privileges. When you provide a username/password and attempt to connect to the database with
sys*
level (
sysdba
,
sysoper
,
sysbackup
, and so on) privileges, Oracle will check to see if the username and password
provided are within the password file associated with your database. The password file must be manually created with
the
orapwd
utility and is populated via the SQL
grant
command (see the How It Works section of this recipe for details
on creating a password file).
This example shows the syntax for using a password file to connect to a database:
$ sqlplus <username>/<password>[@<db conn string>] as sys[dba|oper|backup]
For example, if you wanted to connect to a local database with a user named
chaya
with a password of
heera
with
sysdba
privileges, you would do as follows:
$ sqlplus chaya/heera as sysdba
Because you are providing a username/password and attempting to connect with a
sys*
level privilege, Oracle will
verify that a password file is in place (for the local database) and that the username/password is in the password file.
One key aspect about using a password file is that this is the mechanism that allows you to use SQL*Plus or RMAN to
connect to a remote database over the network with
sys*
privileges. For example, if you want to connect to a user named
chaya
with a password of
heera
to a remote database named
HATHI
with
sysdba
privileges, you would do as follows:
$ sqlplus chaya/heera@HATHI as sysdba
Oracle will verify that the username/password combination exists in a password file on the remote server that is
associated with the database defined by the
HATHI
net service name. In this example, Oracle uses the information in a
local tnsnames.ora file to determine the location of the database on the network (host, port, and database).
■
using a local tnsnames.ora file is known as the
local naming
connection method. There are other remote
database name resolution methods, such as easy connect, directory naming, and external naming. See the
Oracle Database
Net Services Administrator's Guide
for details on how to implement these.
Tip
