Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Oracle, Windows KDC, Third Party KDC and cross realm
I'm brand new to Oracle and am having some problems getting things to
work.
This is my setup:
I have a MS 2000 KDC (Realm A) and a third party KDC (Realm B) setup.
I have an XP client in Realm A, with the Net8 software installed and
SQLPlus installed. The Oracle 8i server resides in Realm B. I have a
test database set up on the Oracle 8i server called Oracle. I created
the service principal on Realm B for
Oracle/servername_at_REALM B. I also created a service principal on Realm
A - Oracle_at_REALM A - and mapped it to the service principal on Realm
B.
I keep getting a 'failed to retrieve credentials' error. Has anyone done this before? Am I missing something in the configuration files? Any help would be appreciated.
I'm not even sure this will work.
My SQLNET.ORA file on the Oracle server in Realm B is setup as follows:
AUTOMATIC_IPC=OFF NAMES.DIRECTORY_PATH= (TNSNAMES) sqlnet.authentication_services=(beq, thirdparty) sqlnet.authentication_gssapi_service=oracle/servername_at_RealmB sqlnet.kerberos5_conf=/krb5/krb.conf sqlnet.kerberos5_realms=/krb5/krb.realms sqlnet.kerberos5_keytab=/krb5/v5srvtab
My TNSNAMES.ORA file on the Oracle server in Realm B is setup as follows:
ORACLE =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = servername)(PORT =number))
)
(CONNECT_DATA =
(SERVICE_NAME = oracle)
) ) INST1_HTTP =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = servername)(PORT = number))
)
(CONNECT_DATA =
(SERVER = SHARED)
(SERVICE_NAME =oracle)
(PRESENTATION = http://admin)
) ) EXTPROC_CONNECTION_DATA =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC))
)
(CONNECT_DATA =
(SID = PLSExtProc)
(PRESENTATION = RO)
) )
My SQLNET.ORA file on the client in Realm A is setup as follows:
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE=Kerberos NAMES.DEFAULT_DOMAIN=realma SQLNET.AUTHENTICATION_SERVICES=(beq, kerberos5, thirdparty) SQLNET.AUTHENTICATION_gssapi_SERVICE=oracle/servername_at_REALMB SQLNET.KERBEROS5_CLOCKSKEW=1200 SQLNET.KERBEROS5_CONF=c:\etc\krb5.conf SQLNET.KERBEROS5_REALMS=c:\etc\krb.realms My TNSNAMES.ORA file on the client in Realm A is setup asfollows:
INST1_HTTP.REALMA=Received on Thu Nov 07 2002 - 08:05:31 CST
(DESCRIPTION=
(ADDRESS_LIST=
(ADDRESS= (PROTOCOL = TCP)(HOST=servername)(PORT=number))
)
(CONNECT_DATA=
(SERVER=SHARED)
(SERVICE_NAME=oracle)
(PRESENTATION= http://admin) )
) ORACLE.REALMA=
(DESCRIPTION=
(ADDRESS_LIST=
(ADDRESS= (PROTOCOL=TCP)(HOST=servername)(PORT=number))
)
(CONNECT_DATA=
(SERVICE_NAME=oracle)
) )