I am using Kerbose authentication, its working fine on SQLPLUS and SQL Developer but not in TOAD, its giving error “ORA-01017: invalid username/password; logon denied”
Toad Version: 12.8 and Oracle : 11.2.0.4
SQLNET.ora
SQLNET.KERBEROS5_CC_NAME=OSMSFT:// /* When I enable this I am getting “okdstry: OSD error” */
SQLNET.KERBEROS5_CONF=c:\kerberos\krb5.conf
SQLNET.KERBEROS5_CONF_MIT=TRUE
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE=oracle
SQLNET.AUTHENTICATION_SERVICES=(kerberos5pre,kerberos5,beq,none) # Allow Kerberos5 as authentication method
Sorry for the delay. I think it will work if you put the username in brackets like [USERNAME]. Leave the password blank. If that doesn’t work in 12.8, it should work in the beta. Edit: That will work only in the beta. It was added at the very beginning of the 12.9 beta cycle.
I don’t think this is related to your password problem. Judging by the messages on the other thread, it looks like you got it straightened out. Let me know if not.
I have tried putting the username in brackets like [USERNAME] on 12.8 and 12.9 Beta version, both times its saying Invalid User name or password. Same error I use to get when I don’t use EXTERNAL.
For testing I have also tried logged in user name putting brackets, this time also I got same error. This user able to login if I use only EXTERNAL.
if it is your windows user id then blank or EXTERNAL is what you want. [USERNAME] or EXTERNAL[USERNAME] has worked for others when they want to log in as a proxy user through Kerberos. You will need to have at least an Oracle client and server version of 10.2 or newer for that to work. Is this a proxy connection that you are trying to make or something else?
A is my windows account, so when I use only EXTERNAL in Toad with blank pass I am able to login.
My requirement is to Login with B, so I used EXTERNAL[B] with blank pass, its asking for password, after typing password its saying Invalid Username or password.
I don’t have Kerberos here, but to test it I use OS Authentication, which seems to work the same way as far as the database goes. I’ll describe my set up and hopefully it will help you understand what’s going on.
So my windows user in the database ends up being “OPS$PROD\JDORLON” (and I can log in as blank or EXTERNAL with this, without knowing the password). This is your user A.
Now, if I go into the Schema Browser, change object type to USERS, and click on user B in the list, then on the right, on the Proxies tab, I’ll see OPS$PROD\JDORLON. That was set up with this command:
ALTER USER B grant connect through “OPS$PROD\JDORLON”;
WIth Toad 12.8, if I try to connect EXTERNAL[B] (with a blank password), then what happens is exactly as you describe above - it prompts for password, and whatever I type in, I get an “invalid password” message.
But with Toad 12.9, logging in with EXTERNAL[B] (with blank password) works. I don’t get any prompt at all - it just connects. I don’t need to know B’s password because of the proxy grant.