Problem solve Get help with specific problems with your technologies, process and projects.

Controlling access to Oracle with LDAP

I have a query regarding Oracle Advanced Security. It's mentioned in the docs that we can use LDAP (on Win2k) to authenticate users connecting to Oracle. Normally in SQL Server + Windows, we would authenticate/restrict access to databases using an NT group. Is it possible to do the same kind of authentication with Oracle (say on Linux) and ADSI on Win2k. Our applications (mostly active server pages) are hosted on Win2k/IIS-5. Can we control the access to Oracle DB on Linux using the NT username and password the user provides from the browser?

What you are attempting to do is possible. In fact, Oracle has its own LDAP solution called Oracle Internet Directory (OiD). This product debuted with Oracle 8i. OiD is the replacement for Oracle Names Server. This is a centralized TNSNAMES.ORA configuration file for all client connections. Aside from resolving service names, OiD is a full LDAP directory service. And it can be used to authenticate users to a database. But to use authentication, you'll also need to couple OiD with Oracle Connection Manager. It doesn't make a difference what platform the user is connecting from either. So please investigate both OiD and Connection Manager.

For More Information

  • What do you think about this answer? E-mail the editors at editor@searchDatabase.com with your feedback.
  • The Best Oracle Web Links: tips, tutorials, scripts, and more.
  • Have an Oracle or SQL tip to offer your fellow DBAs and developers? The best tips submitted will receive a cool prize. Submit your tip today!
  • Ask your technical Oracle and SQL questions -- or help out your peers by answering them -- in our live discussion forums.
  • Ask the Experts yourself: Our SQL, database design, Oracle, SQL Server, DB2, metadata, object-oriented and data warehousing gurus are waiting to answer your toughest questions.

Dig Deeper on Oracle database design and architecture

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.