Access Oracle 11g through Kerberos Authentication

1. Configure Advanced Security Options and network services for Oracle databases through OUI

2. Configure kerberos Authentication

1. Execute the command netmgr and click the authentication label. In Available Methods, select KERBEROS5 and move it to the Selected Methods Column, as shown in figure

Create the/krb5 directory and grant the 777 permission to the directory. Create the configuration file krb. conf and click the Other Params tab, as shown in figure

Add the following content to the krb. conf file:

1. [Libdefaults]
2. Default_realm = DOMAIN. GE
3. Dns_lookup_realm = true
4. Dns_lookup_kdc = true
5. [Realms]
6. DOMAIN. GE = {
7. Kdc = KERBEROS. DOMAIN. GE: 88
8. }
9. [Domain_realm]
10. . Domain. ge = DOMAIN. GE
12. [Logging]
13. Default = FILE:/tmp/krb5-kdc.log
14. Kdc = FILE:/tmp/krb5-kdc.log

Modify the sqlnet. ora File

1. SQLNET. AUTHENTICATION_SERVICES = (KERBEROS5)
2. SQLNET. AUTHENTICATION_KERBEROS5_SERVICE = kservice
3. SQLNET. KERBEROS5_CONF_MIT = TRUE

Add the following content to the pfile parameter:

1. OS _AUTHENT_PREFIX = ""

3. Create an external authenticated user

1. Create user scott identified externally as 'Scott @ DOMAIN. Ge ';

4. Copy the Kerberos master database and key ing File
 
Copy the file to the/etc/v5srvtab directory as an administrator.
 
5. Obtain kerberos initial ticket for external users
 
% Okinit scott@DOMAIN.GE
 
Sqlplus/@ kservice
 
You can get the Kerberos ticket. You can log on to the database without entering the password.