Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: User / Shared Shame precedence

...

Configure EUS schema mappings

Group / Shared authentication

You will need al least a User/Schema mapping to access the database as a local user. You may also configure Enterprise Roles later.

...

[oracle@linux11 ~]$ eusm listMappings domain_name="OracleDefaultDomain" realm_dn="dc=loopback,dc=org" ldap_port=3060 ldap_host=linux4 ldap_user_dn="cn=orcladmin" ldap_user_password="XXX" 
LIST OF DATABASE SCHEMA MAPPINGS::
------------------------------------
Mapping Name: MAPPING0
Mapping Type: SUBTREE
Mapping DN: cn=users, dc=loopback,dc=org
Mapping schema:GLOBAL_IDENT
Mapping Level :DOMAIN

Confirm wallet location is in sqlnet.ora

In some cases, dbca does not enter the location of the wallet it created to sqlnet.ora. The wallet is necessary even if SSL is not used.

...

Panel

WALLET_LOCATION=
(SOURCE=
(METHOD=file)
(METHOD_DATA=
(DIRECTORY=/u01/app/oracle/admin/loopds/wallet)))

Test the connection

Panel

oracle@linux10 ~]$ sqlplus test/
SQL*Plus: Release 11.2.0.3.0 Production on Sun Oct 14 11:53:38 2012
Copyright (c) 1982, 2011, Oracle. All rights reserved.
Enter password:
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
GLOBAL_IDENT@loopds1> show user
USER is "GLOBAL_IDENT"

Single user authentication

Alternative, you can define any LDAP user to have his own database schema:

SQL> alter user AKIRA identified globally as 'uid=akira,cn=Users,dc=loopback,dc=org';
User altered.
[oracle@linux11 ~]$ sqlplus AKIRA@LOOPDS
SQL> show user;
USER is "AKIRA"

This takes precedence over a group mapping.

 

...

See [Oracle® Database Enterprise User Security Administrator's Guide

11g Release 2 (11.2)|http://docs.oracle.com/cd/E18283_01/network.112/e10744/getstrtd.htm#CBHBHADG]