Re: LDAP/RADIUS and Oracle

Jay Hostetter wrote:
>
> Is anybody out there storing LDAP "data" in an Oracle database? We
> are trying to configure a Network Access Server to authenticate against
> a RADIUS server. RADIUS servers can authenticate various ways. We
> would like to use LDAP, with the directory/authentication data stored in
> Oracle. We have not chosen a RADIUS product at this point. Our network
> admin wants to use LDAP so that it can be used for additional
> authentication (like mail servers, etc.).

You're right, OiD is the way to go. It works, but it's temperamental at best. The installation process is particularly broken: if you tell it to use an existing database for the OiD schema, it will create a bunch of new tablespaces (14 in all), and just place them all on the same filesystem, so if you want to optimize access, you have to move them yourself. And the startup process is kinda broken also: tell it to start, and it will - might be a second later, might be 30, it appears to be completely non deterministic (which is a *real* pain if you're starting it at boot and you have a dependent application that you want to start then too). And if you try to install the .04 revision on 8.1.6, it will try to downgrade the Java components to 8.1.5, and Oracle Support have no idea why (their advice is simply to upgrade to .06, which fixes it). And don't get me started on their joke of a schema, they must have hired Damien Hirst to normalize it... or maybe HR Giger.

Other than that, it's a reasonably fast LDAP 3.0 compliant service, and you've got all the scalability that Oracle include in everything they do - 3M users, no problem. It's extendable to your own record types, and once you get it up and running, it's reliable.

Cheers,

g

-- 
guy ruth hammond <grh_at_agency.com> | One is punished for being
Technology Analysis & Consulting  | weak, not for being cruel.
07879607148 http://www.agency.com |       -- Baudelaire