Manualshelf

User's Manual

ManualsBrandsOracle ManualsNetwork RouterOracle Database B10772-01
161162163164165166167168169170
Configuring Interoperability with a Windows 2000 Domain Controller KDC
Conguring Kerberos Authentication 6-15
Step 2: Specifying Oracle Configuration Parameters in the sqlnet.ora File
Configuring an Oracle client to interoperate with a Windows 2000 domain
controller KDC uses the same sqlnet.ora file parameters that are listed in "Step 1:
Configure Kerberos on the Client and on the Database Server" on page 6-5.
Set the following parameters in the sqlnet.ora file on the client:
SQLNET.KERBEROS5_CONF=pathname_to_Kerberos_configuration_file
SQLNET.KERBEROS5_CONF_MIT=TRUE
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE=Kerberos_service_name
SQLNET.AUTHENTICATION_SERVICES=(BEQ,KERBEROS5)
Step 3: Specifying the Listening Port Number
The Windows 2000 domain controller KDC listens on UDP/TCP port 88. Ensure
that the system file entry for kerberos5 is set to UDP/TCP port 88 as follows:
(UNIX)
Ensure that the kerberos5 entry in the /etc/services file is set to 88
Task 2: Configuring a Windows 2000 Domain Controller KDC to Interoperate with an
Oracle Client
The following steps must be performed on the Windows 2000 domain controller.
Step 1: Creating the User
Create a new user for the Oracle client in Microsoft Active Directory.
Step 2: Creating the Oracle Database Principal
1. Create a new user for the Oracle database in Microsoft Active Directory.
Note: Ensure that the SQLNET.KERBEROS5_CONF_MIT
parameter is set to TRUE because the Windows 2000 operating
system is designed to interoperate only with security services that
are based on MIT Kerberos version 5.
See Also: Microsoft documentation for information about how to
create users in Active Directory.