Kerberos auth in Oracle, sys user and dba group
alpMar 2 2009 — edited Mar 3 2009Hello.
I've set up kerbros auth in test oracle 10g r2 database on 64-bit linux according to Oracle® Database Advanced Security Administrator's Guide. I have the following issue: kerberos user can login to the test server (from this server) and normal database user can login to database server from other hosts. However, oracle system user, members of dba group and normal users can't longer login to this server from it. So, when oracle system user runs sqlplus "/as sysdba" , he gets ORA-12638: Credential retrieval failed.
sqlnet.ora looks the following way:
SQLNET.KERBEROS5_CC_NAME = /tmp/krb5cc
SQLNET.KERBEROS5_CONF_MIT=TRUE
SQLNET.AUTHENTICATION_SERVICES= (KERBEROS5)
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
SQLNET.KERBEROS5_CONF = /etc/krb5.conf
SQLNET.KERBEROS5_REALMS = /etc/krb5.realms
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE = oracle
What should I do to enable login to this server for members of dba group and normal users from the database server?