Re: Database authentication and Active Directory

Kerberos authentication of users requires the Advanced Security Option which
in turn requires EE.

On Tue, Dec 21, 2010 at 10:47 AM, <Laimutis.Nedzinskas@xxxxxx> wrote:

> Kerberos is your answer.
>
> Metalink and oracle has notes. And yes, it even works, done that myself.
> You login like that in SQLNav, Oracle Forms, sqlplus:
>
>            connect /
>
> That's it.
>
> Then oracle works just "like MS SQL server" as one PM asked Oracle
> consultant after he(consultant) talked for 1h or so about Oracle
> acquisitions (this keyword was by far the TOP1 word during his otherwise
> clever speech) regarding "Identity Management", about 3 or 5 separate
> "acquired" products needed for that (and licensed separately too)
>
> Truly speaking, Oracle does not work exactly like MS SQL Server: you still
> have to create users, privileges, roles, etc, etc. But authentication
> burden is taken off, that;'s true.
>
>
>
>
>
> ---------------------------------------------------------------------------------
>
> Please consider the environment before printing this e-mail
>
>
>
>             Stefano Cislaghi
>             <s.cislaghi@gmail
>             .com>                                                      To
>             Sent by:                  Oracle L <oracle-l@xxxxxxxxxxxxx>
>             oracle-l-bounce@f                                          cc
>             reelists.org
>                                                                   Subject
>                                       Database authentication and Active
>             2010.12.20 23:22          Directory
>
>
>             Please respond to
>             s.cislaghi@gmail.
>                    com
>
>
>
>
>
>
> Hi all,
>
> I'm looking around to check if there's a solution that does not force
> me to buy Oracle Internet Directory. Problem is rather simple, I want
> to authenticate my database user against active directory.
> This want to say that user are phisically present in database and only
> password verification is done in active directory. Grants, roles and
> other properties are stored in database server.
>
> Users should be able to connect to database either from their own
> workstation with applications similar to SQLDeveloper and from third
> parties applications that does not reside on user workstation (maybe
> oracle BI).
> Metalink has no valid solution and also administrator guide does not
> provide any interesting hint. Database is 11.2 .
>
> OID is another expensive product I'm not able to buy today.
>
>
> Thanks
> Ste
>
> --
> http://www.stefanocislaghi.eu
> --
> http://www.freelists.org/webpage/oracle-l
>
>
>
>
> --
> http://www.freelists.org/webpage/oracle-l
>
>
>


-- 
Niall Litchfield
Oracle DBA
http://www.orawin.info

Other related posts: