Task 4: Install An Oracle Database Server And An Oracle Client - Oracle Database B10772-01 Administrator's Manual

Enabling Kerberos Authentication
1.
2.
3.
4.

Task 4: Install an Oracle Database Server and an Oracle Client

Install the Oracle database server and client software.
6-4 Oracle Database Advanced Security Administrator's Guide
Enter the following to extract the service table:
kadmin.local: ktadd -k /tmp/keytab oracle/dbserver.someco.com
Entry for principal oracle/dbserver.someco.com with kvno 2, encryption
DES-CBC-CRC added to the keytab WRFILE: 'WRFILE:/tmp/keytab
kadmin.local: exit
oklist -k -t /tmp/keytab
After the service table has been extracted, verify that the new entries are in the
table in addition to the old ones. If they are not, or you need to add more, use
to append to them.
kadmin.local
If you do not enter a realm when using
host and displays it in the command output, as shown in Step 1.
If the Kerberos service table is on the same system as the Kerberos client, you
can move it. If the service table is on a different system from the Kerberos client,
you must transfer the file with a program such as FTP. If using FTP, transfer the
file in binary mode.
The following example shows how to move the service table on a UNIX
platform:
# mv /tmp/keytab /etc/v5srvtab
The default name of the service file is
Verify that the owner of the Oracle database server executable can read the
service table (
/etc/v5srvtab
owner to the Oracle user, or make the file readable by the group to which
Oracle belongs.
Do not make the file readable to all users. This can cause
Caution:
a security breach.
Oracle Database operating system-specific installation
See Also:
documentation
, it uses the realm of the current
ktadd
/etc/v5srvtab
in the previous example). To do so, set the file
.