Task 3: Configuring An Oracle Database To Interoperate With A Windows 2000 Domain Controller Kdc; Task 4: Getting An Initial Ticket For The Kerberos/Oracle User - Oracle Database B10772-01 Administrator's Manual

Task 3: Configuring an Oracle Database to Interoperate with a Windows 2000 Domain
Controller KDC
The following steps must be performed on the host computer where the Oracle
database is installed.
Step 1: Setting Configuration Parameters in the sqlnet.ora File
Specify values for the following parameters in the sqlnet.ora file for the database
server:
SQLNET.KERBEROS5_CONF=pathname_to_Kerberos_configuration_file
SQLNET.KERBEROS5_KEYTAB=pathname_to_Kerberos_principal/key_table
SQLNET.KERBEROS5_CONF_MIT=TRUE
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE=Kerberos_service_name
SQLNET.AUTHENTICATION_SERVICES=(BEQ,KERBEROS5)
Step 2: Creating an Externally Authenticated Oracle User
Follow the task information for
User"
username is created in all uppercase characters. For example,
ORAKRB@SALES.US.ACME.COM.

Task 4: Getting an Initial Ticket for the Kerberos/Oracle User

Before a client can connect to the database, the client must request an
To request an initial ticket, follow the task information for
Ticket for the Kerberos/Oracle User"
Configuring Interoperability with a Windows 2000 Domain Controller KDC
Ensure that the SQLNET.KERBEROS5_CONF_MIT
Note:
parameter is set to TRUE because the Windows 2000 operating
system is designed to interoperate only with security services that
are based on MIT Kerberos version 5.
on page 6-10 to create an externally authenticated Oracle user. Ensure that the
"Task 7: Configure Kerberos Authentication"
See Also:
page 6-5 for information about using Oracle Net Manager to set
the sqlnet.ora file parameters.
"Task 9: Create an Externally Authenticated Oracle
on page 6-11.
Configuring Kerberos Authentication 6-17
on
initial ticket.
"Task 10: Get an Initial