Re: oracle-l Digest V7 #366
From: Simon Palmer <si_g_palmer_at_yahoo.com>
Date: Fri, 7 Jan 2011 10:33:01 -0800 (PST)
Message-ID: <42807.33973.qm_at_web55605.mail.re4.yahoo.com>
Date: Fri, 7 Jan 2011 10:33:01 -0800 (PST)
Message-ID: <42807.33973.qm_at_web55605.mail.re4.yahoo.com>
Hi Ste, I'm assuming you've googled/MOS for this so I guess you might have already come across this, but isn't this what you're looking for? http://download.oracle.com/docs/html/B13831_01/active_dir.htm#CDECHCBC The link is for 10.1 but I guess it could work in 11.2...? Unless in 11.2 Oracle no longer support it to force you down the OID route? Also: Creating an OracleContext in Microsoft Windows 2003 Active Directory [ID 361192.1] How to Manually Create an Oracle Context in Active Directory [ID 820134.1] Briefly: Ensure that Administrator can modify Schema in Active Directory Register Schema using NetCA (one time for the entire AD forest) Create Naming Context using NetCA (once per domain) Register Database in AD using DBCA or Net Manager Configure Directory Naming and Directory Usage (AD) using NetCA (on systems that want to use AD) Set NAMES.LDAP_AUTHENTICATE_BIND= Yes in SQLNET.ORA on all 11g client systems To support pre-11g clients Enable anonymous bind in AD Change ACLs for Oracle Naming Context and Database/Net Services objects to allow anonymous access I worked on a site to try and get this working with AD 2008 and we hit a bug. The client I was working for raised an SR with MOS....and I'm still waiting to hear back to go finish off... Hope this is of help, although being slightly old now, I guess it could be out of date somewhat. Thanks, Simon http://dual101.wordpress.com Stefano Cislaghi <s.cislaghi_at_gmail .com> To Sent by: Oracle L <oracle-l_at_freelists.org> oracle-l-bounce_at_f cc reelists.org Subject Database authentication and Active 2010.12.20 23:22 Directory Please respond to s.cislaghi_at_gmail. com Hi all, I'm looking around to check if there's a solution that does not force me to buy Oracle Internet Directory. Problem is rather simple, I want to authenticate my database user against active directory. This want to say that user are phisically present in database and only password verification is done in active directory. Grants, roles and other properties are stored in database server. Users should be able to connect to database either from their own workstation with applications similar to SQLDeveloper and from third parties applications that does not reside on user workstation (maybe oracle BI). Metalink has no valid solution and also administrator guide does not provide any interesting hint. Database is 11.2 . OID is another expensive product I'm not able to buy today. Thanks Ste -- http://www.stefanocislaghi.eu -- http://www.freelists.org/webpage/oracle-l
-- http://www.freelists.org/webpage/oracle-lReceived on Fri Jan 07 2011 - 12:33:01 CST