I'm using externally because I am not using a directory service.
Ian
-Original Message-
Sent: Friday, August 22, 2003 12:42 PM
To: Multiple recipients of list ORACLE-L
With kerberos, you shouldn't do identified externally, you should do identified
globally. And yes, gooey tools are just for wimps. Real programmers use ed.
--
Mladen Gogala
Oracle DBA
-Original Message-
MacGregor, Ian A.
Sent: Friday, August 22, 2003 3:14 PM
To: Multiple recipients of list ORACLE-L
I'm trying to get Kerberos authentication to work. I am not using LDAP at all. I
just want to authenticate with Kerberos.
Kerberos itself is working fine. kinit and klist work as expected. I had our
security admin create a service principle. Does there have to be one per machine or
one per database? Does the service principle need to match the sql*net service name?
When one issues okinit username what is the format of the username? No matter what
I use okinit does not request a password and oklist shows no credentials.
After configuring sqlnet.ora. I am testing now on the database machine itself any
connects which employ that version fail with ora-12699 whether or not they are
identified externally or via the database.
Being old school, I don't like using aids such as netmgr. Nearly all these types of
tools are awful when they first come out. But I tried to use them to setup Kerberos
authentication. I save the network configuration, but when I go back into the tool
nothing appears to be saved. Is this normal?
Ian MacGregor
Stanford Linear Accelerator Center
[EMAIL PROTECTED]
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author: MacGregor, Ian A.
INET: [EMAIL PROTECTED]
Fat City Network Services-- 858-538-5051 http://www.fatcity.com
San Diego, California-- Mailing list and web hosting services
-
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY,
include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be
removed from). You may also send the HELP command for other information (like
subscribing).
Note:
This message is for the named person's use only. It may contain confidential,
proprietary or legally privileged information. No confidentiality or privilege is
waived or lost by any mistransmission. If you receive this message in error, please
immediately delete it and all copies of it from your system, destroy any hard copies
of it and notify the sender. You must not, directly or indirectly, use, disclose,
distribute, print, or copy any part of this message if you are not the intended
recipient. Wang Trading LLC and any of its subsidiaries each reserve the right to
monitor all e-mail communications through its networks. Any views expressed in this
message are those of the individual sender, except where the message states otherwise
and the sender is authorized to state them to be the views of any such entity.
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author: Mladen Gogala
INET: [EMAIL PROTECTED]
Fat City Network Services-- 858-538-5051 http://www.fatcity.com
San Diego, California-- Mailing list and web hosting services
-
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY,
include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be
removed from). You may also send the HELP command for other information (like
subscribing).
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author: MacGregor, Ian A.
INET: [EMAIL PROTECTED]
Fat City Network Services-- 858-538-5051 http://www.fatcity.com
San Diego, California-- Mailing list and web hosting services
-
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
