Home » RDBMS Server » Security » Use Oracle Database on AIX with Active Directory (Oracle database 10.2 0.4, AIX5L 5.3)
Use Oracle Database on AIX with Active Directory [message #504892] Thu, 28 April 2011 06:56 Go to next message
Cowon_d3
Messages: 6
Registered: August 2008
Location: Norway
Junior Member
Hi

I'm checking the possibility to use Active Directory to log on the our Oracle databases. But only for dba's and developers, not application users.
We use Oracle 10.2.0.4 (and soon 11g)
As OS on the databaseserver we use AIX5L 5.3

Is it possible to implement Active Directory on databases running on AIX ? If it is possible, what must be done to get it to work, software ... etc ?

Couldn't find exact answer anywhere else. I might be blind :-/


Thanks.

Regards,
Petter
Re: Use Oracle Database on AIX with Active Directory [message #504906 is a reply to message #504892] Thu, 28 April 2011 07:14 Go to previous messageGo to next message
Michel Cadot
Messages: 59405
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
Yes it is possible but you must purchase Advanced Security Option and use "Entreprise User" (search for this in the documentation).

Regards
Michel
Re: Use Oracle Database on AIX with Active Directory [message #505009 is a reply to message #504906] Thu, 28 April 2011 15:23 Go to previous messageGo to next message
John Watson
Messages: 4672
Registered: January 2010
Location: Global Village
Senior Member
Quote:
Yes it is possible
Are you sure? I may be wrong, but I thought that with 11g you can't use AD directly, you have to go through Kerberos? Worth checking, Petter - it would be annoying to use 10g/AD and then have to change after upgrading to 11g.

Re: Use Oracle Database on AIX with Active Directory [message #505057 is a reply to message #505009] Fri, 29 April 2011 01:05 Go to previous message
Michel Cadot
Messages: 59405
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
OP version is 10.2.0.4 and in this version AD is still directly accessible.
For 11g I didn't check but when we did it in 10.2 Oracle actually told us that their goal was to support only 2 interfaces: OID and OVD (Oracle Virtual Directory).
OVD was not really reliable in 10.2 (although I didn't check with 10.2.0.5), so maybe OP could work with AD in 10.2 and study a migration to OVD with his migration to 11g (I hope 11.2).

OVD is just an interface between Oracle RDBMS and other stuff that makes this other stuff looks like OID. Other stuff can be an AD or a LDAP or a RDBMS or a simple file or... There are many connectors and you can add yours.

Regards
Michel
Previous Topic: How to use secure external password store in dot net
Next Topic: Populating CLIENT_ID column in DBA_AUDIT_SESSION
Goto Forum:
  


Current Time: Mon Oct 20 16:42:34 CDT 2014

Total time taken to generate the page: 0.10948 seconds