Task 2: Configuring A Windows 2000 Domain Controller Kdc To Interoperate With An Oracle Client - Oracle Database B10772-01 Administrator's Manual

Step 2: Specifying Oracle Configuration Parameters in the sqlnet.ora File
Configuring an Oracle client to interoperate with a Windows 2000 domain
controller KDC uses the same sqlnet.ora file parameters that are listed in
Configure Kerberos on the Client and on the Database Server"
Set the following parameters in the sqlnet.ora file on the client:
SQLNET.KERBEROS5_CONF=pathname_to_Kerberos_configuration_file
SQLNET.KERBEROS5_CONF_MIT=TRUE
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE=Kerberos_service_name
SQLNET.AUTHENTICATION_SERVICES=(BEQ,KERBEROS5)
Step 3: Specifying the Listening Port Number
The Windows 2000 domain controller KDC listens on UDP/TCP port 88. Ensure
that the system file entry for kerberos5 is set to UDP/TCP port 88 as follows:
Task 2: Configuring a Windows 2000 Domain Controller KDC to Interoperate with an
Oracle Client
The following steps must be performed on the Windows 2000 domain controller.
Step 1: Creating the User
Create a new user for the Oracle client in Microsoft Active Directory.
Step 2: Creating the Oracle Database Principal
1.
Configuring Interoperability with a Windows 2000 Domain Controller KDC
Ensure that the SQLNET.KERBEROS5_CONF_MIT
Note:
parameter is set to TRUE because the Windows 2000 operating
system is designed to interoperate only with security services that
are based on MIT Kerberos version 5.
(UNIX)
Ensure that the kerberos5 entry in the /etc/services file is set to 88
Microsoft documentation for information about how to
See Also:
create users in Active Directory.
Create a new user for the Oracle database in Microsoft Active Directory.
on page 6-5.
Configuring Kerberos Authentication 6-15
"Step 1: