User's Manual
Introduction to Enterprise User Security
Getting Started with Enterprise User Security 11-11
About Enterprise User Security Directory Entries
In a directory, each collection of information about an object is called an entry. For
Enterprise User Security, elements such as users, roles, and databases are directory
objects and information about these objects are stored as entries in the directory.
Each entry in the directory is uniquely identified by a distinguished name (DN).
The DN tells you exactly where the entry resides in the directory entry hierarchy,
which is commonly called the directory information tree (DIT).
The following sections describe directory entries related to Enterprise User Security:
Enterprise Users
An enterprise user is one that is defined and managed in a directory. Each
enterprise user has a unique identity across an enterprise. Enterprise user entries
can reside at any location within the identity management realm, except within the
realm Oracle Context.
Note: Enterprise User Security supports three-tier environments.
Oracle Database 10g proxy authentication features enable (i) proxy
of user names and passwords through multiple tiers, and (ii) proxy
of X.509 certificates and distinguished names through multiple
tiers.
See Also:
■ Chapter 12, "Enterprise User Security Configuration Tasks and
Troubleshooting" for information about configuring the various
authentication types for enterprise user security.
■ Oracle Database Security Guide, for information about using
proxy authentication.
Note: In the Oracle Database 10g release, databases must be
registered in a complete identity management realm of Oracle
Internet Directory.
See Also: Oracle Internet Directory Administrator's Guide for a
complete discussion of directory entries.