Re: Database authentication and Active Directory

From: <Laimutis.Nedzinskas_at_seb.lt>
Date: Tue, 21 Dec 2010 12:47:49 +0200
Message-ID: <OF7609C607.7FDD3074-ONC2257800.003A77DA-C2257800.003B4F9C_at_seb.lt>

Kerberos is your answer.

Metalink and oracle has notes. And yes, it even works, done that myself. You login like that in SQLNav, Oracle Forms, sqlplus:

connect /

That's it.

Then oracle works just "like MS SQL server" as one PM asked Oracle consultant after he(consultant) talked for 1h or so about Oracle acquisitions (this keyword was by far the TOP1 word during his otherwise clever speech) regarding "Identity Management", about 3 or 5 separate "acquired" products needed for that (and licensed separately too)

Truly speaking, Oracle does not work exactly like MS SQL Server: you still have to create users, privileges, roles, etc, etc. But authentication burden is taken off, that;'s true.

Please consider the environment before printing this e-mail

                                                                           
             Stefano Cislaghi                                              
             <s.cislaghi_at_gmail                                             
             .com>                                                      To 
             Sent by:                  Oracle L <oracle-l_at_freelists.org>   
             oracle-l-bounce_at_f                                          cc 
             reelists.org                                                  
                                                                   Subject 
                                       Database authentication and Active  
             2010.12.20 23:22          Directory                           
                                                                           
                                                                           
             Please respond to                                             
             s.cislaghi_at_gmail.                                             
                    com

Hi all,

I'm looking around to check if there's a solution that does not force me to buy Oracle Internet Directory. Problem is rather simple, I want to authenticate my database user against active directory. This want to say that user are phisically present in database and only password verification is done in active directory. Grants, roles and other properties are stored in database server.

Users should be able to connect to database either from their own workstation with applications similar to SQLDeveloper and from third parties applications that does not reside on user workstation (maybe oracle BI).
Metalink has no valid solution and also administrator guide does not provide any interesting hint. Database is 11.2 .

OID is another expensive product I'm not able to buy today.

Thanks
Ste

--

http://www.stefanocislaghi.eu
--

http://www.freelists.org/webpage/oracle-l

--

http://www.freelists.org/webpage/oracle-l Received on Tue Dec 21 2010 - 04:47:49 CST

This message: [ Message body ]
Next message: Niall Litchfield: "Re: Database authentication and Active Directory"
Previous message: Laimutis.Nedzinskas_at_seb.lt: "Re: EMC storage replication"
Next in thread: Niall Litchfield: "Re: Database authentication and Active Directory"
Reply: Niall Litchfield: "Re: Database authentication and Active Directory"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message