Controls the use of integrated logins for the database.
Allowed Values
- Standard – the default setting, which does not permit
integrated logins. An error occurs if an integrated login connection is
attempted.
- Mixed – both integrated logins and standard logins are
allowed.
- Integrated – all logins to the database must be made using
integrated logins.
- Kerberos – all logins to the database must be made using
Kerberos logins.
- LDPAUA – all logins to the database must be made using LDAP
logins.
Note: Mixed is equivalent to "Standard,Integrated".
Scope
Option can be set at the database (PUBLIC) level
only.
Requires the SET ANY SECURITY OPTION system privilege to set this option. Takes
effect immediately.
Remarks
Values are case-insensitive:
Warning!
- Restricting the LOGIN_MODE to a single
mode in a mixed environment (for example, Integrated only or LDAPUA only)
restricts connections to only those users who have been granted the
corresponding login mapping. Attempting to connect using other methods
generates an error. The only exceptions to this are users with
full
administrative rights (SYS_AUTH_DBA_ROLE or SYS_AUTH_SSO_ROLE).
- Restricting the LOGIN_MODE to LDAPUA only
may result in a configuration where no users can connect to the server if no
user or login policy exists that permits LDAPUA. Use the command line switch
-al
user-id-list with the start_iq utility to recover from this
situation.