Corporation Network Router User Manual
Configuring Oracle Database and Oracle Net Services for Oracle DCE Integration
Configuring Oracle DCE Integration 10-15
Task 4: Configure DCE for SYSDBA and SYSOPER Connections to Oracle Databases
To configure DCE so that you can connect to an Oracle database as SYSOPER or
SYSDBA with DCE credentials, do the following:
1. Create DCE groups that map to Oracle DBA and OPERATOR roles. DCE group
names should adhere to the syntax described by Task 3: Set up DCE Integration
External Roles on page 10-12. Add the externally authenticated user oracle as
a member of the group(s).
$ dce_login cell_admin cell_admin_password
$ rgy_edit
rgy_edit=> domain group
Domain changed to: group
rgy_edit=> add ora_dce222_dba_ad
rgy_edit=> add ora_dce222_operator_ad
rgy_edit=> member ora_dce222_dba_ad -a oracle
rgy_edit=> member ora_dce222_operator_ad -a oracle
2. Add the GLOBAL_NAME parameter to the DCE address or TNS service name
in the local configuration file tnsnames.ora.
ORADCE=
(ADDRESS=
(PROTOCOL=DCE)
(SERVER_PRINCIPAL=oracle)
(CELL_NAME=cell1)
(SERVICE=dce_svc))
(CONNECT_DATA=
(SID=ORASID)
(GLOBAL_NAME=dce222)))
3. Create the database user oracle as described by Task 2: Create and Name
Externally Authenticated Accounts on page 10-10.
4. Get DCE credentials for the externally authenticated user:
$ dce_login oracle oracle_password
$klist
DCE Identity Information:
Warning: Identity information is not certified
Global Principal: /.../dce.dlsun685.us.oracle.com/oracle
Cell: 00af8052-7e94-11d2-b261-9019b88baa77
/.../dce.dlsun685.us.ora
cle.com
Principal: 0000006d-88b9-21d2-9300-9019b88baa77 oracle