Re: Database authentication and Active Directory

  • From: Laimutis.Nedzinskas@xxxxxx
  • To: s.cislaghi@xxxxxxxxx
  • Date: Tue, 21 Dec 2010 12:47:49 +0200

Kerberos is your answer.

Metalink and oracle has notes. And yes, it even works, done that myself.
You login like that in SQLNav, Oracle Forms, sqlplus:

            connect /

That's it.

Then oracle works just "like MS SQL server" as one PM asked Oracle
consultant after he(consultant) talked for 1h or so about Oracle
acquisitions (this keyword was by far the TOP1 word during his otherwise
clever speech) regarding "Identity Management", about 3 or 5 separate
"acquired" products needed for that (and licensed separately too)

Truly speaking, Oracle does not work exactly like MS SQL Server: you still
have to create users, privileges, roles, etc, etc. But authentication
burden is taken off, that;'s true.




---------------------------------------------------------------------------------

Please consider the environment before printing this e-mail


                                                                           
             Stefano Cislaghi                                              
             <s.cislaghi@gmail                                             
             .com>                                                      To 
             Sent by:                  Oracle L <oracle-l@xxxxxxxxxxxxx>   
             oracle-l-bounce@f                                          cc 
             reelists.org                                                  
                                                                   Subject 
                                       Database authentication and Active  
             2010.12.20 23:22          Directory                           
                                                                           
                                                                           
             Please respond to                                             
             s.cislaghi@gmail.                                             
                    com                                                    
                                                                           
                                                                           




Hi all,

I'm looking around to check if there's a solution that does not force
me to buy Oracle Internet Directory. Problem is rather simple, I want
to authenticate my database user against active directory.
This want to say that user are phisically present in database and only
password verification is done in active directory. Grants, roles and
other properties are stored in database server.

Users should be able to connect to database either from their own
workstation with applications similar to SQLDeveloper and from third
parties applications that does not reside on user workstation (maybe
oracle BI).
Metalink has no valid solution and also administrator guide does not
provide any interesting hint. Database is 11.2 .

OID is another expensive product I'm not able to buy today.


Thanks
Ste

--
http://www.stefanocislaghi.eu
--
//www.freelists.org/webpage/oracle-l




--
//www.freelists.org/webpage/oracle-l

Other related posts:

  1. Home
  2. oracle-l
  3. Archive
  4. 12-2010