RE: authenticate from Windows network account to backend Oracle database

• From: "Grant Allen" <Grant.Allen@xxxxxxxxxxxxxxxx>
• To: <oracle-l@xxxxxxxxxxxxx>
• Date: Wed, 25 Aug 2004 09:16:03 +1000

Yes, you can just do it through the sqlnet layer.

You'll need

In client sqlnet.ora files

        SQLNET.AUTHENTICATION_SERVICES=3D (NTS)

Other authent options can follow NTS, just make sure it's first in the =
parentheses.

In instance configuration (spfile or init.ora)

Either

        OS_AUTHENT_PREFIX =3D ""

Place whatever value you wish to prefix the usernames between the =
quotes. Leave the quotes empty for a null prefix.  This will allow =
"loose" external validation, where any matching user name will be =
allowed access (i.e. allows spoofing by LOCALMACHINE\username of =
DOMAIN\username accounts).

Or

        OSAUTH_PREFIX_DOMAIN =3D true

When used in conjunction with 'CREATE USER "DOMAIN\username" identified =
externally' will enforce "strict" external validation (i.e. avoids the =
spoofing problem of the first method).

Ciao
Fuzzy
:-)

----------------------------------
"Everything you think, do, and say
 was in the pill you took today."
 -- Zager and Evans

> -----Original Message-----
> From: oracle-l-bounce@xxxxxxxxxxxxx
> [mailto:oracle-l-bounce@xxxxxxxxxxxxx]On Behalf Of
> Paula_Stankus@xxxxxxxxxxxxxxx
> Sent: Wednesday, 25 August 2004 05:33
> To: oracle-l@xxxxxxxxxxxxx
> Subject: RE: authenticate from Windows network account to=20
> backend Oracle
> database
>=20
>=20
> Guys,
>=20
> I have this new request to accomplish this and I haven't done this =3D
> before.  Would I need to setup oracle internet directory to active =3D
> service directory?  If the user is using client-server tools=20
> and is not =3D
> going through 9ias - can I do this just through Net9?
>=20
> ----------------------------------------------------------------
> Please see the official ORACLE-L FAQ: http://www.orafaq.com
> ----------------------------------------------------------------
> To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
> put 'unsubscribe' in the subject line.
> --
> Archives are at //www.freelists.org/archives/oracle-l/
> FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
> -----------------------------------------------------------------
>=20
----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------

Other related posts:

• » RE: authenticate from Windows network account to backend Oracle database
• » RE: authenticate from Windows network account to backend Oracle database
• » RE: authenticate from Windows network account to backend Oracle database
• » Re: authenticate from Windows network account to backend Oracle database

1. Home
2. oracle-l
3. Archive
4. 08-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---