Oracle context and MS Active Directory

Similar Messages

• Oracle account and microsoft active directory password synchronisation

  Hi
  We are migrating our application to use windows active directory authentication. We have separate oracle account for
  each logged in user in the application, and these oracle credentials have to be the same as the windows active directory
  credentials.
  Also, a password change on windows Active directory should change the oracle account password.
  Is there a tool available to manage and synchronize the microsoft active directory and oracle account.
  We use oracle 10g and application is hosted on Windows 2008 server.
  Thanks
  Karthik

  There's an OOTB connector for Password Synch between AD -> OIM. Please use that.
  http://www.oracle.com/technetwork/middleware/id-mgmt/downloads/connectors-101674.html
  For password synch, OIM- AD/Oracle, you can use triggers.
  Enabling update for provisioned user in OIM11g

• Oracle database and Windows Active directory authentication

  Hello,
  Our developers have created a couple of web apps which look at our oracle database. Presently they use the APPS user and the user/password is hard coded into the config files.
  Is it possible to authenticate these using Windows Active Directory instead? Is it possible to use AD authentication for all developer access to the database?
  I'm trying to research this on the web but getting very confused. Would a lot of work be involved to get this up and running?
  Is anyone able to offer and advise?
  Thank you very much
  Sarah

  I don't have experience in joining a Linux system with Windows AD, and it generally does not sound like the best idea to me, but since Oracle Enterprise Linux is a clone of Red Hat Enterprise Linux, the solution you are looking for could be called Winbind.
  Perhaps the following links are useful:
  http://spiralbound.net/blog/2007/04/11/rhel-winbind-authentication-against-active-directory
  http://www.linuxmail.info/active-directory-integration-samba-centos-5/
  http://magazine.redhat.com/2007/11/12/tips-and-tricks-how-can-i-configure-winbind-to-synchronize-user-and-group-ids-across-multiple-red-hat-enterprise-linux-hosts-on-active-directory-accounts/

• Oracle Linux and Windows Active Directory

  I am looking for a good article on joining an Oracle Linux server to a Windows Active directory domain.
  We are primarily a Windows shop but need to bring up a couple of Oracle Linux servers (VM Server and VM Manager). I would like to use the existing Windows domain controller for user authentication.

  I don't have experience in joining a Linux system with Windows AD, and it generally does not sound like the best idea to me, but since Oracle Enterprise Linux is a clone of Red Hat Enterprise Linux, the solution you are looking for could be called Winbind.
  Perhaps the following links are useful:
  http://spiralbound.net/blog/2007/04/11/rhel-winbind-authentication-against-active-directory
  http://www.linuxmail.info/active-directory-integration-samba-centos-5/
  http://magazine.redhat.com/2007/11/12/tips-and-tricks-how-can-i-configure-winbind-to-synchronize-user-and-group-ids-across-multiple-red-hat-enterprise-linux-hosts-on-active-directory-accounts/

• Oracle Enterprise User, OVD and MS Active Directory (AD)

  Hi,
  I need to authenticate Oracle Users from MS Active Directory.
  If I create an Oracle Enterprise User, can I just use OVD or do I need also OID ?
  If the answer is YES, I just need OVD do I need just to install OVD or do I need any other installation from OIM in order for it to work?
  Thanks in advance for answering this post : )
  CMT

  Hi,
  I am not sure that you are correct.
  In the meantime, some one mentioned a white paper to read: "Directory Services Integration with Database Enterprise User Secuirty. In page 10 it mentions a scenario: EUS deployment using Active Directory and OVD
  (without OID).
  The cons mentioned are: Need to extend AD schema to include EUS meta-data (which I am not sure how its done).

• Integration of sap R/3 (4.7) and Microsoft active directory (2003)

  Hi All,
  I would like to know integration of sap R/3 (4.7) and Microsoft active directory (2003) and also SAP EP and Microsoft active directory. I have been working as a ep consultant with a local bank. I am new for this integration work, So please kindly provide me the steps for integrating these both directories.
  Pls help me with this issue.
  Thanks in advance,
  Regards,
  Raghav.

  Hi,
  First You should read:
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/bc72b890-0201-0010-3a8d-e31e3e266893
  Regards,
  Jarek

• SCCM report to show last logged on user and the Active Directory department attribute of that user.

  I need to create an SCCM report to show last logged on user on all machines and the Active Directory department attribute of that last logged on user.

  You problem is here.
  right
  join v_R_User USR on USR.ResourceID
  = CS.ResourceID
  USR.ResourceID != CS.ResourceID, you need to map the username to the user logon to the PC. By using the user’s department information you will
  end up with unreliable results.
  Anyways you need to make these changes to your query.
  left
  join v_R_User USR on USR.Unique_User_Name0
  = CS.UserName0
  http://www.enhansoft.com/

• User base Synchronization between SAP and MS Active Directory Server

  Dear all!
  I'm using Web AS 6.20 ABAP and MS Active Directory Server based on Win 2003 Server.
  i successfully implemented the synchronization of user data between SAP and the ADS.
  My question: Is there a way to customize the users on Active Directory Server in regard to their SAP authorization (roles auth. objects etc.)?
  Currently I don't have a clue how to do this.
  Regards,
  Christoph

  Have you searched on SDN for "Active Directory"? That turns up a number of results. I think your expectation might be backwards though, it's not how ADS exposes SAP specific data but how SAP uses ADS to store SAP specific data. My understanding (from quite some time ago so I am fuzzy on this) is that SAP can use ADS in much the same way it can use LDAP as an external user store.
  The Security Newsletter from November 04 [https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/sap security newsletter november 2004.pdf] mentions that a webinar is hosted on SDN about this exact topic, unfortunately I was unable to find a direct link.
  Regards,
  Marc g

• OID and MS Active Directory  LDAP information Synchronization

  Do you know have to do the integration between OID and MS active Directory? How to synchronize the LDAP information between two?

  Hi, I have the same question.
  Thanks,
  Malin

• Oracle Discoverer 10G and mapping Active Directory to use SSO/OID

  Could anybody point me please to the right direction?
  1. I've setup Oracle 10gIAS but turned off SSO and my users running discoverer /portals with no SSO.
  2. My goal is to turn on SSO and synchronize it with Active directory on the windows box.
  Thanks you in advance

  Hi Randy;
  As you mention all notes refer to SSO&OID for Active Directory integration.AFAIK there is no way to do it, please log a Sr and confirm this wiht oracle support
  Regard
  Helios

• Oracle Non-Windows DB and MS Active Directory

  Question:
  How can one configure a Microsoft Active Directory (LDAP-compliant directory
  service) with an Oracle Database when the Database resides on a unix server
  without the need of the Oracle LDAP? Is it possible ? If yes, please explain.

  Question: I have been looking at examples of using the LDAP packages but I am not sure if the examples are explaining the ldap_base and groups for MS AD OR an example for Oracle OID.
  Can you explain is this Oracle OID
  GC$ldap_user VARCHAR2(256) := 'cn=orcladmin';
  GC$ldap_passwd VARCHAR2(256) := 'welcome1';
  GC$ldap_base VARCHAR2(256) := 'cn=my_cn,dc=my_dc,dc=fr';
  Can you give an example for MS AD?

• Problem with Oracle external procedures and Microsoft Active Directory

  Hi,
  Our server was recently updated to use Microsoft Active Directory. However, we noticed that all external procedure calls keeps on failing with ORA-28575: unable to open RPC connection external procedure agent. Everything was working fine before we migrated to Active Directory which is why we can say that the listener is configured correctly.
  Any idea on how we can make extproc calls with Active Directory?
  thanks.

  Michael,
  Oracle Forms does support Single Sign-On (SSO). Take a look at Oracle Containers for J2EE Security Guide: OC4J Java Single Sing-On. Also take a look at the Oracle Forms 10g Sample Code and scroll to the SSO demo under the Forms Services Demo section. There are also, numerous other documents available via Google. ;-)
  Craig B-)
  If someone's response is helpful or correct, please mark it accordingly.

• What are the Oracle Home and GRID home directory locations for Oracle 12c (12.1.0.5) release

  Hello All,
  I plan to install and configure Oracle 12c Cloud Control console on a single standalone server and the version is Oracle 12.1.0.5. All the databases which are installed across in the entire farm/landscape are these versions:
  Oracle 10.2.0.3 Enterprise Edition
  Oracle 10.2.0.4 Enterprise Edition
  Oracle 10.2.0.4 Active DataGuard Enterprise Edition
  Oracle 10.2.0.5 Enterprise Edition
  Oracle 11.2.0.1 Enterprise Edition
  Oracle 11.2.0.1 Active DataGuard Enterprise Edition
  Oracle 11.2.0.3 RAC Enterprise Edition
  All Oracle databases across these versions will use the same version of Oracle Grid since ASM is used for all the Oracle database across Production/Test/Development databases. The OS is RHEL 5.8, RHEL 6.3, OEL 6.3 versions.
  When installing the Oracle 12c Cloud Control what is the Oracle and Grid Home directory location need to set to. Please let me know if there are any other additional configurations needed?
  Looking forward to hearing from you soon.
  Regards,
  Abhijit

  First off, the only EM CC release out right now is 12.1.0.2, not sure where you got 12.1.0.5 (DB Plugin maybe?).   
  Second, you're confusing EM CC homes with DB/Grid homes. 
  EM CC will need it's own Oracle Home (i.e. /opt/oracle/product/em_12.1.0.2).   You will need to provide repository database connection information, but EM does not care what home the db or grid is installed in.
  I would recommend reviewing the documentation as well as the references on OTN -
  http://www.oracle.com/technetwork/oem/install-upgrade/index.html

• Enable SSO APEX 4 and MS Active Directory

  Hi,
  I want enable SSO on my APEX applications. Actually, we use Microsoft Active Directory and Windows 2003 (tomorrow maybe Windows 2008).
  Regarding your experiences, what is the best solution that I can us in order to implement SSO ?
  Thanks for your help,
  I have forget to give this informations :
  - Our Oracle Server is under Linux.
  - We use Oracle Database 11GR2.
  - Our domain controller is under Windows 2003 (we will probably upgrade to 2008 this year).
  - Our APEX version is 4.1.0.00.32.
  Edited by: user7224400 on 3 févr. 2012 16:23

  Morten -- Interesting. I wish we had found that before we implemented WebLogic and the APEX listener, it may have been an interesting other option to consider. I'm not sure it would have made it past our change control folks as they might bark at the supportability/security, but it is a intriguing option.
  Patrick -- (You have a great blog by the way.). We are talking about upgrading our APEX 3.1 instances this year so I am very interested in the new authentication type. Is it doing anything other than simply retrieving the logon_user? i.e., is it actually authenticating against anything or would it just read the logon_user and let them in if they matched a known username?
  AJ -- We just converted from Oracle Portal last year. When I had Oracle Portal, I had it setup to use Windows Native Authentication following the supported solution for that and then had APEX set up as a partner application for portal. So if someone hit portal first, they'd automatically logon as their active directory user through WNA and would be dropped into portal. If they then hit a link for APEX in portal, it would (in rapid succession) go to APEX, redirect back to the portal SSO server, see they were authenticated in app server, and drop them into APEX with barely a visible screen flicker. It worked flawlessly UNTIL we started upgrading to Windows 7. Then a number of changes and patches are required to get WNA to work with app server 10g and Windows 7. If you are using portal in your 10g IAS, you may want to consider that route.
  Pardon me while I hop on my soapbox briefly -- I think if our friends in Oracle land could come out with a fully supported method of using NTLM or similar technologies to automatically login to APEX applicaitons, it would help considerably in the adoption of APEX and the APEX listener in customers that have Oracle databases and Active Directory which is a pretty decent size market.
  Ok, soapbox moment ended. :-)
  Rgds/Mark M.

• JNDI and MS ACTIVE DIRECTORY

  i am Emanuele,an young italian programmer,i have a question
  for you on
  ldap & MS active directory.
  How can i permit to an simple user (NOT an administrator) to
  access and
  modify his data with JNDI.
  Only with userid and password of an administrator i can do this WHY?
  When i try to access i receive this error :
  javax.naming.AuthenticationException: [LDAP: error code 49 -
  80090308:
  LdapErr: DSID-0C090290, comment: AcceptSecurityContext error,
  data 531,
  v893
  thanks in advance Emanuele                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    

  OK!
  I think I found a solution for this Error. Seems to be a BUG in a protocol Win 2000! With service pack 2 or 3 it works! :-o
  They(MS) wrote that you maybe could not connect to the ADS with SUN because, SP1 could not handle organisational and pure date in one packeage... what ever this mean...
  Another thing is, that ADS needs the principal in this way
  env.put( Context.SECURITY_PRINCIPAL, "[email protected]" );
  not like IPlanet
  env.put( Context.SECURITY_PRINCIPAL, "uid=THEUSER, ou=People o=domain.com" );
  now it works fine