Databases
cancel
Showing results for 
Search instead for 
Did you mean: 

NT domain + HP-UX 11.00 + Oracle 8i

NT domain + HP-UX 11.00 + Oracle 8i

Hi All !
We use Oracle 8i on HP-UX 11.00 platform. Our users run their client (Forms 6i) software on Windows boxes and authorize in NT domain. I would combine NT domain and DBMS authorization. Is it possible ? As I see I have to use external user identification. But I'm concerned about necessary to set initialization parameter REMOTE_OS_AUTHENT to TRUE. It is too dangerous! People say this problem may by solved if Oracle runs under NT.
Any idea ?
Thanks in advance.
4 REPLIES
Yogeeraj_1
Honored Contributor

Re: NT domain + HP-UX 11.00 + Oracle 8i

hi,

When connecting over the network using OS authentication you MUST trust all of the servers on the network. Otherwise, anyone can come along, drop a machine into the network -- create an OS account named after your database account("system" or "sys") and they are in.

NEVER set remote_os_authent! Not unless you are in a 100% physically secured environment and can be sure no one will be attaching a machine to your network unless you want them to.


Attached a document about: Authenticating Database Users with Windows


hope this helps

regards
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
Yogeeraj_1
Honored Contributor

Re: NT domain + HP-UX 11.00 + Oracle 8i

Authenticating Database Users with Windows.htm
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
Steven E. Protter
Exalted Contributor

Re: NT domain + HP-UX 11.00 + Oracle 8i

There is a way to Integrate Oracle into and LDAP environment.

We are in the process of taking such a machine out of production accept we didn't do the LDAP part.

LDAP can validate OS users(except root) and Oracle with the doc in the prior post can accept this authorization as well.

You need to make sure the oracle user field is big enough in your security table, if you have one.

Docs on this are available at http://metalink.oracle.com

The LDAP/HP-UX part is:

A starting point.
http://us-support.external.hp.com/emse/bin/doc.pl/sid=7670840f0991c3e17f?todo=search&searchtext=LDAP+Configuration+HP-UX&x=31&y=6&searchcriteria=allwords&searchtype=SEARCH_TECH_DOCS&searchtype=SEARCH_MANUAL&searchtype=SEARCH_FORUMS&searchcategory=ALL&rn=25&presort=rank
You may wish to refine this search.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Re: NT domain + HP-UX 11.00 + Oracle 8i

Hi and thanks.
I see, I am not going to set REMOTE_OS_AUTHENT to TRUE. I trust our users are authenticated by domain. And we don't plan to use LDAP for network authorization. So may this problem be solved ?
NDS authorization is used in out network too. Is NDS authorization simplier to use in my tasks ?