User's Manual
Enabling RADIUS Authentication, Authorization, and Accounting
Configuring RADIUS Authentication 5-21
Task 9: Configure Mapping Roles
If the RADIUS server supports vendor type attributes, you can manage roles by
storing them in the RADIUS server. The Oracle database server downloads the roles
when there is a CONNECT request using RADIUS.
To use this feature, configure roles on both the Oracle database server and the
RADIUS server.
Perform these steps to configure roles on the Oracle database server:
1. Use a text editor to set the OS_ROLES parameter in the initialization parameters
file on the Oracle database server.
2. Stop and restart the Oracle database server.
3. Create each role the RADIUS server is to manage on the Oracle database server
with IDENTIFIED EXTERNALLY.
To configure roles on the RADIUS server, refer to Table 5–1 and use the
following syntax:
ORA_DatabaseName.DatabaseDomainName_RoleName
Example:
ORA_USERDB.US.ORACLE.COM_MANAGER
4. Configure RADIUS challenge-response mode.
Table 5–2 RADIUS Configuration Parameters
Parameter Description
DatabaseName The name of the Oracle database server for which the role is
being created. This is the same as the value of the DB_NAME
initialization parameter.
DatabaseDomainName The name of the domain to which the Oracle database server
belongs. The value is the same as the value of the DB_
DOMAIN initialization parameter.
RoleName The name of the role created in the Oracle database server.