Oracle Advanced Networking Option Administrator's Guide | Library |
Product |
Contents |
Index |
Note: If you are already using SQL*Net DCE, you don't also have to use the DCE GSSAPI authentication adapter. The SQL*Net DCE Integration product described in Part II includes DCE authentication.
This chapter describes how to configure and use the DCE GSSAPI authentication adapter. It describes these four steps:
% su password: (root password is not echoed) # dce_login cell_admin <cell_admin_password> # rgy_edit Current site is: registry server at /.../<cellname>/subsys/dce/sec/master rgy_edit=> do p Domain changed to: principal rgy_edit=> add oracle_server rgy_edit=> do a Domain changed to: account rgy_edit=> add oracle_server -g none -o none -pw <oracle_server_password> -mp <cell_admin_password> rgy_edit=> ktadd -p oracle_server -pw <oracle_server_password> rgy_edit=> quit bye
Add the following lines to the SQLNET.ORA file. (This file is probably found in <ORACLE_HOME>/NETWORK/ADMIN.)
SQLNET.AUTHENTICATION_GSSAPI_SERVICE=/.../<cellname>/oracle_server SQLNET.AUTHENTICATION_SERVICES=(DCEGSSAPI)
Note: The Oracle Server principal name used above must be a fully qualified name, including the cell name.
% dce_login cell_admin <cell_admin_password> % rgy_edit Current site is : registry server at /.../<cellname>/subsys/dce/sec/master rgy_edit=> do p Domain changed to: principal rgy_edit=> add oracle rgy_edit=> do a Domain changed to: account rgy_edit=> add oracle -g none -o none -pw <oracle_client_password> -mp <cell_admin_password> rgy_edit=> quit bye
Create the Oracle database user account. These instructions show how to use Oracle Server Manager to do this.
% svrmgrl
Oracle Server Manager Release 2.3.3.0.0 -Production Copyright (c) Oracle Corporation 1994,1995. All rights reserved. Oracle7 Server Release 7.3.2.0.0 -Productin Release With the distributed, heterogeneous, replication, objects, parallel query, Parallel SErver and Spatial Data options PL/SQL Release 2.3.3.0.0 - Production
SVRMGR> connect internal Connected
SVRMGR> create user "/.../<CELLNAME>/ORACLE" identified externally; Statement processed.
SVRMGR> grant connect to "/.../<CELLNAME>/ORACLE"; Statement processed.
SVRMGR> exit Server Manager complete.
Note: The Oracle client principal name must be a fully qualified principal (including full cell designation), must be in uppercase, and must be enclosed within quotes.
% dce_login <oracle_client_principal> <oracle_client_password>
For example:
% dce_login oracle oraclnt
% sqlplus /@<database_service_name>
For example:
% sqlplus /@sales
Prev Next |
Copyright © 1996 Oracle Corporation. All Rights Reserved. |
Library |
Product |
Contents |
Index |