Can I do an autologin with sqlplus?
My client wants to make an autologin to the databases using sqlplus the options that occur to me are:
1. Make an autologin to a linux server and then run the sqlplus command.2. From the end-user machine run the sqlplus.
What is the easiest way to do it?How do I do it?
Hello Juan, You should be able to do this by configuring transparent login using the Command String method, see e.g. https://docops.ca.com/ca-privileged-access-manager/3-0-2/EN/implementing/provision-your-server/provisioning-devices/device-setup . The command string option needs to be enabled in the security configuration as discussed on the page. Otherwise you won't see the option when you edit a device. Once you have it enabled, you can define transparent login on the device page and an account to use in the user/device policy. I added a few pictures on how this would look like in 3.0. This assumes that you use a command syntax like the following, taken from http://blog.oracle48.nl/wordpress/sqlplus-and-easy-connect-without-password-on-the-command-line/, which should prompt for the password:
$> sqlplus system@\"db_machine:1521/db_servicename\" Enter password: Connected to: (...) SQL>
I already have the following configurations:
1.- Command String - Enabled.
2. Modify the device with sqlplus DEVICE
3. Activate the credencial to enter with sqlplus on POLICY
4. Test the sqlplus
However, the credentials are not sent automatically. They could tell me if I'm missing something.
Hi Juan, Yes, I missed to check on the arguments. You actually have to configure the full command string, not just sqlplus. Given that you have to configure a specific target account for TL, it should not be a restriction to use a specific user name in the argument. The following works for me with a mock sqlplus executable. I added a second command string to cover the case where there could be different access policies with different target accounts defined for transparent login. Also make sure that you use the correct authentication prompt string, there appears to be a case mismatch between what you configured and what the application uses.
Thanks for the tips, the transparent login works correctly.Greetings.