Oracle Advanced Networking Option Administrator's Guide

Library

Product

Contents

Index

Info

The Oracle Advanced Networking Option is an optional product that provides enhanced functionality to SQL*Net. Its set of features provides enhanced security and authentication to your network, enables integration with a Distributed Computing Environment (DCE), and provides access to native directory services through Native Naming Adapters. This guide provides generic information on all these features of the Advanced Networking Option.

For information about installation of the Oracle Advanced Networking Option and platform-specific details of the configuration and use of its features, refer also to your Oracle platform-specific documentation.

How This Manual Is Organized

This manual is divided into three parts. Each part describes a different set of Advanced Networking Option features.

Part I Security and Single Sign-On

Chapter 1 Overview of Network Security and Single Sign-On

This chapter provides an overview of the security and single sign-on features of Advanced Networking Option. These features include:

network security

data encryption

data intergrity checking

token authentication

single sign-on

Note: These features were previously packaged as the Secure Network Services product.

Chapter 2 Configuring Encryption and Checksumming

This chapter tells you how to install the encryption and checksumming software, and tells you how to configure encryption and checksumming into your existing SQL*Net release 2.3 network using Oracle Network Manager 3.1.

Chapter 3 Choosing and Combining Authentication Adapters

This chapter provides a brief overview of the authentication adapters available with this release. It describes how to disable the use of the authentication adapters when you want to use username/password authentication instead. It also describes how to configure multiple authentication adapters on clients and servers.

Chapter 4 Configuring the CyberSAFE Authentication Adapter

This chapter discusses how to configure Oracle for use with CyberSAFE, and provides a brief overview of steps to configure CyberSAFE to authenticate Oracle users.

Chapter 5 Configuring the Kerberos Authentication Adapter

This chapter discusses how to configure Oracle for use with MIT Kerberos, and provides a brief overview of steps to configure Kerberos to authenticate Oracle users.

Chapter 6 Configuring Oracle for Use with the SecurID Adapter

This chapter discusses how to configure the SecurID authentication adapter in combination with the Oracle server and Oracle clients. It includes system requirements and known limitations. It also contains troubleshooting information if you experience problems while configuring the SecurID authentication adapter.

Note: For a complete list of Advanced Networking Option error messages see the Oracle Network Products Troubleshooting Guide.

Chapter 7 Using the SecurID Authentication Adapter

This chapter discusses how to use the SecurID authentication adapter in combination with the Oracle client tools.

Chapter 8 Configuring and Using the Oracle Biometric Authentication Adapter

This chapter describes how to configure and use the the Oracle Biometric authentication adapter, which enable the use of the Identix fingerprint authentication device.

Chapter 9 Configuring the Oracle DCE GSSAPI Authentication Adapter

This chapter describes how to configure the Oracle DCE GSSAPI authentication adapter, to provide DCE authentication even if you are not using other DCE services in your network.

Part II DCE Integration

Chapter 10 Overview of DCE Integration

This chapter provides a brief discussion of OSF's DCE and Oracle's DCE Integration.

Chapter 11 Configuring DCE for Oracle and DCE Integration

This chapter describes what you need to do to configure DCE to use Oracle DCE Integration.

It also describes how to configure the DCE CDS naming adapter.

Chapter 12 Configuring Oracle for DCE Integration

This chapter describes the DCE parameters that you need to add to the SQL*Net configuration files to enable clients and servers to access Oracle7 servers in the DCE environment. It also describes some Oracle database server configuration that you need to perform, such as setting up DCE groups to map to external roles.

Additionally, it describes how to configure clients to use the DCE CDS naming adapter.

Chapter 13 Connecting to an Oracle Database in DCE

This chapter discusses how to connect to an Oracle database in a DCE environment.

Chapter 14 Clients Outside DCE Can Connect to Servers in DCE

This chapter discusses how clients outside of DCE can access Oracle databases over another protocol such as TCP/IP.

Part III Oracle Native Naming Adapters

Chapter 15 Overview of Native Naming Adapters

This chapter provides an overview of Oracle Native Naming Adapters. It describes their benefits, and explains how they can be used in combination with other names services.

Chapter 16 Configuring the DCE CDS Naming Adapter

This chapter briefly describes the DCE CDS Native Naming Adapter. For configuration information, it refers back to Chapters 11 and 12.

Chapter 17 Configuring the NIS Naming Adapter

This chapter describes the NIS Native Naming Adapter. It describes how to configure NIS and how to use it to access Oracle Servers.

Chapter 18 Configuring the NDS Naming Adapter

This chapter describes the Novell NDS Native Naming Adapter. It describes how to configure NDS and how to use it to access Oracle Servers.

Appendices

Appendix A Encryption and Checksum Parameters

This appendix shows examples of the Advanced Networking Option encryption and checksumming configuration parameters. You set these parameters by selecting fields on the various pages of the Client Profile property sheet in Network Manager. When the configuration files are generated, the parameters appear in the SQLNET.ORA files. These parameters are described in Chapter 2.

Appendix B Encryption Enhancements

This appendix contains information on two encryption enhancements that are included in the Advanced Networking Option release 2.3.2: site-specific Diffie-Hellman and authentication key fold-in.

Appendix C Authentication Parameters

This appendix shows examples of the Advanced Networking Option authentication configuration file parameters. You should configure the Advanced Networking Option with Network Manager 3.1 or above.

Notational Conventions

The following syntax conventions are used in this guide:

italic Italic characters indicate that the parameter, variable, or expression in the command syntax must be replaced by a value that you provide. Italics may also indicate emphasis or the first mention of a technical term.
Monospace Text Monospace font indicates something the computer displays. Note: In some cases, brackets surround certain words (for example, <pin><passcode>) to more clearly separate words in a command.
Monospace Text Bolded monospace font indicates text you need to enter exactly as shown. Note: In some cases, angle brackets surround certain words (for example, <pin><passcode>) to more clearly separate words in a command.
Punctuation Punctuation other than brackets and vertical bars must be entered as shown.
[ ] Brackets enclose optional items. Do not enter the brackets.
( ) Parentheses enclose all SQL*Net Keyword-Value pairs in connect descriptors. They must be entered as part of the connect descriptor pair; as in (KEYWORD=value).
| A vertical bar represents a choice of two or more options. You must enter one of the options separated by the vertical bar. Do not enter the vertical bar.
UPPERCASE Uppercase characters within the text represent command names, filenames, and directory names.

Related Publications

To install and configure Advanced Networking Option software on your particular platform, refer to the Oracle platform-specific documentation.

In addition, see the following documents for detailed information about Oracle network products that applies across platforms:

Understanding SQL*Net

Oracle7 Server Messages

Oracle Network Products Troubleshooting Guide

Oracle7 Server Distributed Systems, Volume I

For more detailed information on how to use Oracle Network Manager to create configuration files for SQL*Net version 2 and for the Advanced Networking Option, see

Oracle Network Manager Administrator's Guide

For information on roles and privileges, see

Oracle7 Server Administrator's Guide

For third-party vendor documentation on security and single sign-on features see:

Security Dynamics' ACE/Server Installation Manual, release 1.3

Security Dynamics' ACE/Server Version 1.3 Administration Manual

ACE/Server Version 2.0 Client for UNIX

CyberSAFE Challenger Release Notes, release 5.2.6

CyberSAFE Challenger Administrator's Guide, release 5.2.6

CyberSAFE Challenger Navigator Administrator's Guide, release 5.2.6

CyberSAFE Challenger UNIX User's Guide, release 5.2.6

CyberSAFE Challenger Windows and Windows NT User's Guide, release 5.2.6

For information on MIT Kerberos see:

CyberSAFE Challenger documentation

Notes on building and installing Kerberos from Kerberos V5 source distribution

CNS (Cygnus Network Security) documentation from http://www.cygnus.com/library-dir.html

For additional information about the OSF Distributed Computing Environment (DCE), refer to the following OSF documents published by Prentice Hall, Inc.:

OSF DCE User's Guide and Reference

OSF DCE Application Development Guide

OSF DCE Application Development Reference

OSF DCE Administration Guide

OSF DCE Administration Reference

OSF DCE Porting and Testing Guide

Application Environment Specification/Distributed Computing

OSF DCE Technical Supplement

Your Comments Are Welcome

We value and appreciate your comments. As we write, revise, and evaluate our documentation, your opinions are the most important input we receive. At the back of our printed manuals is a Reader's Comment Form, which we encourage you to use to tell us what you like and dislike about this manual or other Oracle manuals. If the form is not available, please use the following address or FAX number, or call us at 415-506-7000.

Prev Next

Library

Product

Contents

Index

italic	Italic characters indicate that the parameter, variable, or expression in the command syntax must be replaced by a value that you provide. Italics may also indicate emphasis or the first mention of a technical term.
`Monospace Text`	Monospace font indicates something the computer displays. Note: In some cases, brackets surround certain words (for example, `<pin><passcode>`) to more clearly separate words in a command.
`Monospace Text`	Bolded monospace font indicates text you need to enter exactly as shown. Note: In some cases, angle brackets surround certain words (for example, *`<pin><passcode>`*) to more clearly separate words in a command.
Punctuation	Punctuation other than brackets and vertical bars must be entered as shown.
[ ]	Brackets enclose optional items. Do not enter the brackets.
( )	Parentheses enclose all SQL*Net Keyword-Value pairs in connect descriptors. They must be entered as part of the connect descriptor pair; as in (KEYWORD=value).
\|	A vertical bar represents a choice of two or more options. You must enter one of the options separated by the vertical bar. Do not enter the vertical bar.
UPPERCASE	Uppercase characters within the text represent command names, filenames, and directory names.