Oracle Database B10772-01 Administrator's Manual page 318

Preparing the Directory for Enterprise User Security
Task 3: Identity administrative users in the directory
Identify administrative users in the directory who are authorized to perform the
following tasks:
If administrative users do not already exist who can perform these tasks, then see
Chapter 13, "Administering Enterprise User Security"
Task 4: (Optional) Set the default database-to-directory authentication type for the identity
management realm
By default, the identity management realm database-to-directory authentication
type is set to passwords. If you do not want to use this default setting, then use
Enterprise Security Manager to change it. For example, if you are using a public key
infrastructure (PKI), then you would need to set this to SSL. See
Database-to-Directory Authentication Type for an Identity Management Realm"
page 13-6.
12-6 Oracle Database Advanced Security Administrator's Guide
By default in a version 9.0.4 identity management realm, the
Note:
user search base is set to cn=Users,cn=realm_name, the group
search base is set to cn=Groups,cn=realm_name, and the
attribute for login name is set to the user's id (uid). In previous
releases, this used to be cn.
Register databases
Administer database security
Create and manage enterprise domains
Although one administrator can perform all Enterprise User
Note:
Security administrative tasks, you can create many different kinds
of administrators so security tasks can be assigned to different
people. Separating security tasks in this way results in a more
secure enterprise environment, but requires coordination between
the different administrators.
to create them.
"Setting the Default
on