SAP is currently using local Operating System Groups to identify Oracle DBAs and Operators.
There are 4 local Groups:
ORA_DBA DBAs for all DBs on this computer
ORA_OPER operators for all DBs on this computer
ORA_SID_DBA DBAs for Instance SID
ORA_SID_OPER Operators for Instance SID
which control the access to the connect / as sysdba or connect / as sysoper.
Note: not every user which has access to the os has access to DBA or Oper functions of the database.
A user wihtout being member of these groups and without the right to maintain local groups is not able to access the database at all without using dbuser/password.
You can switch off OS based DBA/Oper Identification by
editing %ORACLE_HOME%\network\admin\sqlnet.ora.
Comment out sqlnet.authentification_services=NTS.
before doing so you have to create a passwordfile (which will implicitly set the password for oracles sys user) and changing the db parameter remote_login_passwordfile to exclusive.
If you are configuring the database to use password files you will no longer be able to startup the database during SAP Instance startup.
all other DB users password can be changed using brconnect.
regards
Peter
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.