3 Replies Latest reply: Nov 18, 2009 8:31 PM by Hans Forbrich RSS

    Oracle database authentication using ldap

    419196
      Hi,

      We're looking into using ldap (preferably Openldap) to authenticate users to the database. We're not looking to use it for tnsnames info. I've looked in the documentation and metalink and I'm a bit lost...

      Can someone point me to a link that will help get me started?

      Thanks.
        • 1. Re: Oracle database authentication using ldap
          Oded Raz
          You are right it's a bit complecated, Let me try and clear some things, you have three options to Authenticate Oracle users using LDAP :
          1. Using Oralcle Enterprise users, the users will reside on OID (not the database) that will be sync to your LDAP.
          2. Using Oralcle Enterprise users, the users will reside in the database and only authentiction will be done using OID that will be sync to your LDAP.
          3. You kerberous authenticated users, don't use LDAP to authenticate the users use kerberous instead.


          Some links :
          Metalink Doc ID: 185275.1
          [https://metalink2.oracle.com/metalink/plsql/f?p=130:14:5127173908153251366::::p14_database_id,p14_docid,p14_show_header,p14_show_help,p14_black_frame,p14_font:NOT,185275.1,1,1,1,helvetica]

          Metalink Doc ID: 577738.1
          [https://metalink2.oracle.com/metalink/plsql/f?p=130:14:5127173908153251366::::p14_database_id,p14_docid,p14_show_header,p14_show_help,p14_black_frame,p14_font:NOT,577738.1,1,1,1,helvetica]



          Oded
          [http://www.dbsnaps.com/articles/oracle-database-vault-af]
          [www.orbiumsoftware.com]
          • 2. Re: Oracle database authentication using ldap
            735531
            Hello,

            I want to authenticate to an oracle account using openldap too, but I need some details.
            Sorry for the stupidity of my questions :
            how can I install OID ? Where can I find informations on the price ?
            I already have an Oracle 10G database installed on linux.
            • 3. Re: Oracle database authentication using ldap
              Hans Forbrich
              user3581296 wrote:
              Hello,

              I want to authenticate to an oracle account using openldap too, but I need some details.
              Sorry for the stupidity of my questions :
              how can I install OID ? Where can I find informations on the price ?
              I already have an Oracle 10G database installed on linux.
              You are looking at the 'Enterprise User Security' capability, much of which is included in the Advanced Security Option.

              If you get that option, OR if you have EUS with LDAP/Password Authentication and you are using Oracle DB 10g or higher, then you get to use OID (which is officially part of the Oracle Application Server) with a restricted use license.

              Using OpenLDAP will be a challenge as EUS provides a custom schema with custom LDAP objects and attributes. You need to satisfy any EUS prerequisites first. (They are included in OID, which is Oracle's LDAP.)

              You have the opportunity to read a bit - go to http://tahiti.oracle.com and switch to the Book list or tab. Search for the 'Licensing' manual to give you some details of what is and is not included. Then search for the Enterprise User Security manual which gives you the details and steps on doing this, assuming OID is already installed.