Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

REMOTE_OS_AUTHENT

Hi,

I'm an Oracle database security consultant, and I have a question regarding SAP installs on Oracle.

I've seen on a couple customers sites (who are running SAP) that they have the REMOTE_OS_AUTHENT parameter set to TRUE with an externally identified account "OPS$<sapsid>ADM".

Now this is a known Oracle security issue. It leaves all the data in the database vulnerable to query and update. I recommend to our clients that they change it, however they always respond with "but SAP requires it".

I've tried to googling for a solution, with little success. The only half solution I can find is from some SAP online documentation. See link below

http://help.sap.com/saphelp_nwmobile71/helpdata/en/8b/2488392020b625e10000000a114084/content.htm

The problem is that I don't know of many sites that would restrict database access by IP address as most sites run client software that accesses the database directly.

Has anyone seen a better solution to for this?

Former Member
Not what you were looking for? View more on this topic or Ask a question