cancel
Showing results for 
Search instead for 
Did you mean: 

SQLNET.AUTHENTICATION_SERVICES=NONE

Former Member
0 Kudos

Hello Oracle experts,

we are trying to integrate SAP system with Oracle on Windows into DBACOCKIT of other SAP system.

The both SAP systems reside in different domains and there are to trusted relationship.

The parameter SQLNET.AUTHENTICATION_SERVICES is currently set to NTS.

Are there any securtiy problems if we change this paramter SQLNET.AUTHENTICATION_SERVICES to NONE?

Thank's

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member207186
Contributor
0 Kudos

Hi Alex,

Regarding your question/issue, you can also check the below SAP KBA

1948090 - "Remote oracle database in a different not trusted windows domain"

Regards,

Bíborka

thiago_cavalheiro
Active Participant
0 Kudos

Hello Alex,

Basically OPS$ authentication will be disabled, so if you are using this method you should not set AUTHENTICATION_SERVICES to NONE. Check out the Oracle documentation regarding this parameter here.

You may also want to check the following notes:

614036 - Composite SAP Note: ORA-12631/ORA-12638

400241 - Problems with ops$ or sapr3 connect to Oracle

480266 - Problems with SYSDBA/SYSOPER/INTERNAL connect

Cheers,

Thiago

Former Member
0 Kudos

Hello Thiago/oracle experts,

the question is whether or not SQLNET.AUTHENTICATION_SERVICES = NONE a security vialotion comparing with SQLNET.AUTHENTICATION_SERVICES = NTS?

thiago_cavalheiro
Active Participant
0 Kudos

Hello Alex,

In the documentation you see that NONE will disable all authentication methods other than username/password. So as long as you have a good password policy this will not present any threat. There are no security issues reported for this option as far as I am aware.

Regards,

Thiago

Former Member
0 Kudos

Hello Thiago,

I went through the oracle documentation.

How complex is it to implement one of the authentication Methods Available with Oracle Advanced Security?

  • kerberos5 for Kerberos authentication
  • radius for RADIUS authentication
  • dcegssapi for DCE GSSAPI authentication
thiago_cavalheiro
Active Participant
0 Kudos

Hi Alex,

Here's the Oracle documentation about the secure authentication methods:

https://docs.oracle.com/cd/E11882_01/network.112/e40393/asopart3.htm#BABJGAAJ

Any of them will require some dedication and an infrastructure to be implemented, but following the guides you shouldn't face any major issue.

You may also want to check the whole Advanced Security guide, and spend some time reading the options to understand them. This will give you the required background to make the best choice for your scenario.

Regards,

Thiago

Former Member
0 Kudos

Hi Thiago,

is it in case of SQLNET.AUTHENTICATION_SERVICES = NONE possible to restrict only special remote servers that are allowed from other (Windows) Domain to connect to other SAP System for DBACOCKPIT integration?


Thank you!