for what it's worth,
I've tried
<user>/<Password>@<Schema>
<user>/<Password>@<Sid>
<user>/<Password>@<databasename>
none of these work.
that said, this practice is frowned upon.
Any user can look at the task manager and see the command line parameters with which the application was launched... and see the password.
This would be a security loophole as the user can take the credentials and connect outside of PAM while their "Service" session is still on-going.
The only secure way to do this, as I understand it, is to use a Microsoft Remote Desktop Services Server, publish the apps and use Transparent login scripts with (PAM) Remote Apps.