?
Solved

oracle automated login script

Posted on 2013-02-04
11
Medium Priority
?
486 Views
Last Modified: 2013-02-04
I have always used a unix script to pass my oracle ID/PASSWORD.
Now we cannot have and script on the system that contains a password.
We also are not supposed to use / as sysdba

On oracle 10g - aix and Linux.

Is there a way to set up and environment variable that you can do a

sqlplus $LOGIN_ID

run a script - say -
select * from v$instance;
alter user userid identified by newpassword;

Thanks
0
Comment
Question by:bkreynolds48
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
11 Comments
 
LVL 77

Expert Comment

by:slightwv (䄆 Netminder)
ID: 38851478
Can you use OS Authentication?

This allows you to use sqplplus / (without the 'as sysdba').

If not, I don't think you can connect to the database without the credentials coming from somewhere.

>>run a script - say -

I don't understand what you are thinking about here.  Can you explain what your proposed script will do?
0
 
LVL 1

Author Comment

by:bkreynolds48
ID: 38851524
just want to connect to a database

sqlplus $oracle_login
select * from v$instance;
alter user USERID identified by NEWPASSWORD;
exit;

or run some other command - I just need a way to enter the ID/PASSWD for oracle without putting it in a file

file name
oracle.login

in the oracle.login file I had

userid/password


so I would just do

sqlplus <oracle.login
0
 
LVL 77

Expert Comment

by:slightwv (䄆 Netminder)
ID: 38851537
You didn't answer this:  Can you use OS Authentication?
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 1

Author Comment

by:bkreynolds48
ID: 38851547
here is an example of what I have done in the past

#
#!/bin/ksh
#
ORACLE_HOME=/export/home/oracle/product/10_2;export ORACLE_HOME
LD_LIBRARY_PATH=$ORACLE_HOME/lib/;export LD_LIBRARY_PATH
ORACLE_SID=PROD;export ORACLE_SID
PATH=$PATH:$ORACLE_HOME/bin:/usr/local:/usr/ucb:/usr/ccs/bin:/export/home/oracle/oradba:/usr/local/bin;export PATH

/export/home/oracle/product/10_2/bin/sqlplus -s @/export/home/oracle/myid/sql/oracle.login << EOF  
@/export/home/oracle/myid/sql/rbsoffline.sql
exit
EOF
#


Now I cannot store my oracle ID/PASSED in a file like oracle.login
0
 
LVL 77

Expert Comment

by:slightwv (䄆 Netminder)
ID: 38851570
>>Now I cannot store my oracle ID/PASSED in a file like oracle.login

I understand this.  You are not answering my questions.
0
 
LVL 77

Accepted Solution

by:
slightwv (䄆 Netminder) earned 2000 total points
ID: 38851586
Check out this option:
Secure External Password Store

http://www.oracle-base.com/articles/10g/secure-external-password-store-10gr2.php
0
 
LVL 35

Expert Comment

by:johnsone
ID: 38851613
What you are thinking of doing is possible.  You could so something like:

oracle_login="user/pass"
export oracle_login

Then run your script.

However, I'm pretty sure that your security people would have just as much of an issue with doing it this way because a privileged username and password would still be visible to ps because it would be passed via command line.

To appease the security people, you should look at something like what slightwv is suggesting.  Passwords secured in a secured and encrypted file somehow.  Then having a script that accesses the passwords.  Be careful not to pass that to a command line though as you will still have the same visible via ps command problem.
0
 
LVL 1

Author Comment

by:bkreynolds48
ID: 38851641
I am reading the do that slightwv recommend

If I do this

oracle_login="user/pass"
export oracle_login


do you just do

sqlplus $oracle_login
0
 
LVL 77

Expert Comment

by:slightwv (䄆 Netminder)
ID: 38851665
>>sqlplus $oracle_login

As johnsone stated:  DO NOT do this.  If you provide the username and password as a command line argument this way, anyone on the Unix machine with a command prompt can see your password with a simple 'ps' command.

>>oracle_login="user/pass"

You 'can' do this but what does it do for you?  You still have to have the password stored somewhere or you need to type it in.

If you are willing to type it in, then there is no need to do this in the first place.
0
 
LVL 1

Author Closing Comment

by:bkreynolds48
ID: 38851670
Thanks
0
 
LVL 35

Expert Comment

by:johnsone
ID: 38851699
If you wanted to use the environment variable and have it not show up on the command line, you would have to do something like this:

sqlplus /nolog << EOF
connect $oracle_login
....
exit
EOF

That should keep it off the command line.  But, as has been pointed out, you still need to set that variable before you can run that script.  You would have to do it through commands and couldn't keep it in the profile scripts as that would be keeping it in a human readable file.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background In several of the companies I have worked for, I noticed that corporate reporting is off loaded from the production database and done mainly on a clone database which needs to be kept up to date daily by various means, be it a logical…
This post first appeared at Oracleinaction  (http://oracleinaction.com/undo-and-redo-in-oracle/)by Anju Garg (Myself). I  will demonstrate that undo for DML’s is stored both in undo tablespace and online redo logs. Then, we will analyze the reaso…
This video shows syntax for various backup options while discussing how the different basic backup types work.  It explains how to take full backups, incremental level 0 backups, incremental level 1 backups in both differential and cumulative mode a…
Via a live example, show how to take different types of Oracle backups using RMAN.
Suggested Courses
Course of the Month12 days, 12 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question