For ldap tnsnames resolution I would use an open source or other LDAP tool
based on licensing whether it be OID or OUD.
For password centralization/integration for example with Microsoft AD I would
go with Oracle Unified Directory(OUD). We currently using this product and
once you get it installed and configured it’s really nice tool. The
Documentation I think is lacking we did get Oracle to produce some great
whitepapers on the configuration now which should really help with the
install/configuration.
Thanks, Matt
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On ;
Behalf Of Andy Klock
Sent: Thursday, October 6, 2016 12:40 PM
To: Niall Litchfield
Cc: fuzzy.graybeard@xxxxxxxxx; ORACLE-L
Subject: Re: OID Standalone
Indeed. Back in 9i, (long before the integration with Fusion Middleware) it was
nicely bundled right in the RDBMS stack. I've used OID for tnsnames resolution
which was pretty slick*, but for the OP I think you have to go all in with OUD
now a days.
I used the following to configure user authentication for a db security (POC).
http://www.oracle.com/technetwork/middleware/id-mgmt/overview/oud-433568.html
http://docs.oracle.com/cd/E49437_01/admin.111220/e22648/eus.htm#CJAFIHGC
Wasn't too bad to set up, but is definitely not free. Currently I have no
opinions on it being a more secure approach, so I'd be interested in the
motivation of going this route.
Andy K
www.checkyourlogsblog.com
* Off Topic Note: I wasn't a Fusion Middleware admin and when using the
authentication defaults, the admin password expired after 120 days and new
connections were blocked....so, be aware of that :)
On Thu, Oct 6, 2016 at 12:15 PM, Niall Litchfield <niall.litchfield@xxxxxxxxx>
wrote:
AFAIK there is no OUD equivalent of the "free" license for OID for naming
purposes only. It requires a DS+ license at some considerable cost.