Home » RDBMS Server » Security » Oracle User - Authentcation via an LDAP Server (Oracle, 12c, Windows )
icon1.gif  Oracle User - Authentcation via an LDAP Server [message #640334] Mon, 27 July 2015 07:05 Go to next message
Jumper512
Messages: 5
Registered: July 2015
Junior Member
Hello ,

i want to create an User on my Oracle Database , which authenticates via an LDAP Server. On the LDAP server is a user with the same data
My DB and the LDAP Server are both in a VPN Network. I can only connect with them when I'm logged in VPN.

CREATE USER user_k IDENTIFIED GLOBALLY AS 'LDAP-DN'
DEFAULT TABLESPACE USER_LDAP
TEMPORARY TABLESPACE TEMP
QUOTA 15M on USER_LDAP;


Here is my Tablespace and my Profile
CREATE TABLESPACE User_LDAP 
DATAFILE 'c:\oracle\oradata\ORA4LDAP\Benutzer.dbf' SIZE 100M
REUSE
AUTOEXTEND ON MAXSIZE UNLIMITED
MINIMUM EXTENT 15M
LOGGING
ONLINE
Default STORAGE (INITIAL 15M NEXT 30M MINEXTENTS 1 MAXEXTENTS 100) ;

CREATE PROFILE User_LDAP_F LIMIT 
SESSIONS_PER_USER 10
CPU_PER_SESSION UNLIMITED 
CPU_PER_CALL 30
CONNECT_TIME UNLIMITED 
IDLE_TIME 5
LOGICAL_READS_PER_SESSION DEFAULT
LOGICAL_READS_PER_CALL 1000
PRIVATE_SGA 1M
FAILED_LOGIN_ATTEMPTS 5
PASSWORD_LOCK_TIME 1
PASSWORD_GRACE_TIME 5;



I grant the User the "Connect" Privilege.
But is still got the Problem , that i cant login. Password or Username are wrong. Confused but i'm sure PW and Name are right..
I need help Laughing Any ideas?
Re: Oracle User - Authentcation via an LDAP Server [message #640337 is a reply to message #640334] Mon, 27 July 2015 07:21 Go to previous messageGo to next message
John Watson
Messages: 8922
Registered: January 2010
Location: Global Village
Senior Member
If you have done nothing more than you say above, you need to do a lot more. Did you register the database in te OID? Have you defined a mapping in the OID of your enterprise user to your database user? Are you, in fact, using an OID or is it some third party directory?
Re: Oracle User - Authentcation via an LDAP Server [message #640360 is a reply to message #640337] Mon, 27 July 2015 09:02 Go to previous messageGo to next message
Jumper512
Messages: 5
Registered: July 2015
Junior Member
okay, thx for your answer. I'm not sure, because i didnt set up the LDAP and the Database.
I have a Windows Server 2012 R2 with an Oracle DB 12c. My task now is to create multiple users who authenticate using the LDAP server.
I think it is some third party Directory.
Do you have any good Tutorials or Dokumentations from Oracle? I searched a long time,but i didnt find the most appropriate solution.

Re: Oracle User - Authentcation via an LDAP Server [message #640364 is a reply to message #640360] Mon, 27 July 2015 09:18 Go to previous messageGo to next message
gazzag
Messages: 1118
Registered: November 2010
Location: Bedwas, UK
Senior Member
Quote:

I think it is some third party Directory.

First you need to understand what you have between Windows Server 2012 R2 and Oracle DB 12c before you can proceed. Who set it up? Did they leave documentation?
Re: Oracle User - Authentcation via an LDAP Server [message #640365 is a reply to message #640364] Mon, 27 July 2015 09:20 Go to previous messageGo to next message
BlackSwan
Messages: 26766
Registered: January 2009
Location: SoCal
Senior Member
https://docs.oracle.com/cd/E12839_01/oid.1111/e10036/basics_02_oid_what.htm
Re: Oracle User - Authentcation via an LDAP Server [message #640377 is a reply to message #640365] Mon, 27 July 2015 10:46 Go to previous messageGo to next message
gazzag
Messages: 1118
Registered: November 2010
Location: Bedwas, UK
Senior Member
Quote:
I think it is some third party Directory.
Re: Oracle User - Authentcation via an LDAP Server [message #640379 is a reply to message #640377] Mon, 27 July 2015 12:23 Go to previous messageGo to next message
Jumper512
Messages: 5
Registered: July 2015
Junior Member
Yeah Laughing , I'm not so familiar with the database administration. ORACLE_12.1.0.2 was installed with the Oracle Universal Installer on the Windows Server R2.
http://www.bilder-upload.eu/thumb/98844e-1438018300.png

I do not really know much about the LDAP server. I only know the Host, Port, TheBaseDn and my user data .

[Updated on: Mon, 27 July 2015 12:26]

Report message to a moderator

Re: Oracle User - Authentcation via an LDAP Server [message #640380 is a reply to message #640379] Mon, 27 July 2015 12:45 Go to previous messageGo to next message
John Watson
Messages: 8922
Registered: January 2010
Location: Global Village
Senior Member
If that is all you have, you cannot proceed. You do need to know what type of LDAP directory it is. Furthermore, using LDAP for authentication is quite an advanced topic. Perhaps your predecessor resigned because he could not work out how to do it.
Re: Oracle User - Authentcation via an LDAP Server [message #640381 is a reply to message #640380] Mon, 27 July 2015 13:03 Go to previous messageGo to next message
Jumper512
Messages: 5
Registered: July 2015
Junior Member
What information is explicitly required ? Then I'll ask for it

[Updated on: Mon, 27 July 2015 13:04]

Report message to a moderator

Re: Oracle User - Authentcation via an LDAP Server [message #640382 is a reply to message #640381] Mon, 27 July 2015 13:11 Go to previous messageGo to next message
BlackSwan
Messages: 26766
Registered: January 2009
Location: SoCal
Senior Member
Start by Reading The Fine Manuals

https://www.google.com/webhp?hl=en&tab=ww#hl=en&q=oracle+ldap+authentication
Re: Oracle User - Authentcation via an LDAP Server [message #640627 is a reply to message #640382] Sat, 01 August 2015 11:16 Go to previous messageGo to next message
Jumper512
Messages: 5
Registered: July 2015
Junior Member
hey , its an http://opendj.forgerock.org/ LDAPV3 Server.
I just wanna know.Is there a way how I let the user authenticate through the LDAP server , without using the OID ?
Re: Oracle User - Authentcation via an LDAP Server [message #640628 is a reply to message #640627] Sat, 01 August 2015 11:38 Go to previous messageGo to next message
BlackSwan
Messages: 26766
Registered: January 2009
Location: SoCal
Senior Member
http://www.oracle.com/technetwork/developer-tools/apex/how-to-ldap-authenticate-099256.html
Re: Oracle User - Authentcation via an LDAP Server [message #640633 is a reply to message #640627] Sat, 01 August 2015 15:40 Go to previous message
John Watson
Messages: 8922
Registered: January 2010
Location: Global Village
Senior Member
If you are using individual schema logons, client-server architecture, I don't think so.

If you are using a three tier envronment where you have application users connecting to a shared schema, yes you can. You'll have to write it (look up DBMS_LDAP) unless you can find something already written for your directory. Ask your directory vendor, tey'll know.
Previous Topic: PRIVILEGES FOR TABLE FUNCTION
Next Topic: oracle listener
Goto Forum:
  


Current Time: Thu Mar 28 10:04:39 CDT 2024