RE: How to setup LDAP
- From: <krish.hariharan@xxxxxxxxxxxx>
- To: <Mayen.Shah@xxxxxxxxxx>
- Date: Mon, 14 Jan 2008 10:41:09 -0700
Oracle OID has the identity management framework and that had two parts the
database naming (tnsnames/onames functionality) and the external/global user
administration and authentication functionality. When I
converted/complemented ONAMES with OID I found from Oracle Sales and
Metalink that the database naming partition of OID was free since Oracle 10g
treats ONAMES as "He who shall not be named", pun not intended. The user
administration and global authentication portion WAS NOT FREE.
The database naming (tnsnames functionality) can be done with sqlnet.ora
directory path including LDAP and an ldap.ora or using DNS entries that
advertise a well known ldap host.
You should clarify with your account representative on the use of the OID
identity management framework for external/global user administration since
that part is a separately licensed ($$) component. I believe this is
mentioned in Rich's and Jared's responses.
I haven't been following the entire thread, but I also found out that in 10g
the distribution of OID coming through the RBDMS install is not production
and one through IAS app distribution is. I discovered that when I was
looking for the onamesproxy which we tested in 9.2 OID and not available in
10g OID.
Please feel free to correct if your experience and information is current
and different.
Regards,
-Krish
Krish Hariharan
President/Executive Architect, Quasar Database Technologies, LLC
(303) 808-5172
http://www.linkedin.com/in/quasardb
_____
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx]
On Behalf Of Mayen.Shah@xxxxxxxxxx
Sent: Monday, January 14, 2008 9:53 AM
To: Jared Still
Cc: oracle-l@xxxxxxxxxxxxx
Subject: Re: How to setup LDAP
Hi Jared and all,
We want to use local tnsnames and use LDAP for user authentication only. As
always money is an issue here so I am not a liberty to consider solution
that requires additional money.
Here is what I did.
update sqlnet.ora on database server
NAMES.DIRECTORY_PATH= (TNSNAMES,LDAP)
On database :
create user LDAPTEST identified globally as 'CN=LDAPTEST,ou=Service
Accounts,ou=Users,ou=Administrative,ou=.Lazard,dc=lazard,dc=com';
Specification sting was given to me by LDAP admin.
I am sure I need to do more then this as above is not working.
I apologize for my lack of knowledge in this matter and really appreciate
help from you all.
Regards
Mayen
"Jared Still" <jkstill@xxxxxxxxx>
Jan 11 2008 07:00 PM
To
Mayen Shah/ITS/Lazard@Lazard NYC
cc
oracle-l@xxxxxxxxxxxxx
Subject
Re: How to setup LDAP
Our management has decided to have all authentication done through
(existing) LDAP. Please forgive my ignorance, but I do not have any idea how
to set/test in test environment.
If it is just for database authentication, it's a simple entry in
sqlnet.ora.
Most of search directs me to OID. I am not sure I need to use OID. Do we
need license to use LDAP?
You can use OID for database authentication without any extra licensing
fees.
See the Oracle Software Investment Guide for details.
(sorry, you'll have to google for that yourself)
--
Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist
Other related posts:
