Home » RDBMS Server » Security » active directory authentication for oracle 10g database running on solaris (oracle 10g, solaris 10)
active directory authentication for oracle 10g database running on solaris [message #517298] Mon, 25 July 2011 04:53 Go to next message
syed19812008
Messages: 2
Registered: July 2011
Junior Member
Hi,

I have oracle 10g up and running on Solaris 10, from windows I would like to connect to sql plus through windows authentication, for that I have already made sure that remote_auth = true and have created user in oracle with OPS$.
But still I cannot connect.

I have the same setup but with oracle on windows server, the os authentication from windows clients works just fine.

any tips or tricks and does oracle 10g on solaris 10 supports windows os authentication?

Any help would be appreciated.

Thanks in advance.
Re: active directory authentication for oracle 10g database running on solaris [message #517301 is a reply to message #517298] Mon, 25 July 2011 05:24 Go to previous messageGo to next message
Michel Cadot
Messages: 68625
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
Show us what you did and got.

In addition, "remote_auth = true" is a very very bad setup, it means you rely on remote OS to authentify your user.
So, for instance, with my laptop I can connect to your databases using any such account as I can create any account on my laptop.

Regards
Michel
Re: active directory authentication for oracle 10g database running on solaris [message #517304 is a reply to message #517301] Mon, 25 July 2011 05:30 Go to previous messageGo to next message
Michel Cadot
Messages: 68625
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
Have a look at Using Oracle Database with Microsoft Active Directory

Regards
Michel
Re: active directory authentication for oracle 10g database running on solaris [message #517331 is a reply to message #517298] Mon, 25 July 2011 07:27 Go to previous messageGo to next message
syed19812008
Messages: 2
Registered: July 2011
Junior Member
Thanks for the reply.
Our current setup is Windows 2003 x64 Server with Oracle 10g x64. No issues on that.
We have created AD users in the oracle database with connect role.
Now, we have a scheme wherein our erp data resides, we are using oracle discoverer for custom reports. Oracle discoverer administrator is used to define custom folders and EUL.
We have many roles defined , sales role with access only to the sales tables, purchase role with access only to the purchase tables, etc...
We have defined the above roles to AD users, so this way sales reports works only for sales users, purchase report for purchase users, etc.....
Now, when the user opens oracle discoverer from his client XP machine, it asks for password, as his AD user is already configured in the oracle database, the user will keep the user id and password blank and the SID is there by default and the report opens for him.


We are planning to migrate from Windows to Solaris, for testing purpose we have installed Solaris with oracle 10g on a different server and imported the entire database, the erp works fine, now the problem is with the oracle discoverer, it just doesn't work, we are troubleshooting it so that our tests are ok, then we can schedule a switchover.

Re: active directory authentication for oracle 10g database running on solaris [message #517334 is a reply to message #517331] Mon, 25 July 2011 07:52 Go to previous message
Michel Cadot
Messages: 68625
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
As I said, I can start a SQL*Plus and take any account you defined like that and has access to your tables. I was just a warning you do what you want with it.

And I posted you the link to use appropriately AD to authenticate your user in the database.
Unfortunately, this means you buy ASO (Advanced Security Option) which is quite expensive.
The cheap way, is to ask your user to enter a password for the database.

Regards
Michel
Previous Topic: Unable to log on as sysdba
Next Topic: Restrict DML on table
Goto Forum:
  


Current Time: Thu Mar 28 11:30:09 CDT 2024