![]() Path "CN=Managed Service Accounts,DC=stagecoach,DC=net" ` Description "ServiceOracle Kerberos Service Principal." ` To add the necessary principal (aka “user”) to Active Directory we could use the “Active Directory Users and Computers” GUI or, once again, just use a simple PowerShell command run from the Domain Controller DC1 such as: New-ADUser ` The “service principal” is named in the format: kservice/ įor Oracle and CMU it is typically: therefore, for this example, the actual principal name will be: oracle/ įor the CMU setup, we could make service principals in Active Directory for each Oracle database server (typically) or one common one if preferred. In Kerberos, users are known as or referred to as “principals”. And generally, Active Directory and most Windows and Linux servers (including the Oracle Linux 7.7 images used in this testbed) should have Kerberos Version 5 already installed – if not, it needs to be added. In this test environment, Active Directory is the Kerberos Authentication server. ![]() Active Directory One-time Configuration Steps For testing, we’ll use SQLPlus so this won’t be an issue for this proof of concept. If the application throws an error if a NULL username or password is provided, then this will present a problem.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |