How do I go about replacing client-side tnsnames.ora with an ldap query?
I'm not interested in running Oracle LDAP, we have an existing LDAP infrastructure.
I need:
format of LDAP entry
how client is configured to fetch the LDAP connection information. Is this automatic in the OCI runtime?
Oracle 10.2 or 11.x if versions matter.
-
Oracle can "officially" only use OID or AD as LDAP servers. In LDAP.ORA (in $ORACLE_HOME/network/admin or $TNS_ADMIN) put:
DEFAULT_ADMIN_CONTEXT = “ou=ora,dc=company,dc=com” DIRECTORY_SERVERS = (ldap1.company.com:389, ldap2.company.com:389) DIRECTORY_SERVER_TYPE = OIDThe type can be OID or AD. The multiple servers are for redundancy; it will not try each one in turn. Then in SQLNET.ORA:
NAMES.DIRECTORY_PATH=(LDAP, TNSNAMES)The means try LDAP first, then try TNSNAMES.ORA, then give up.
If you want to use a third-party LDAP server, Oracle has a product called Virtual Directory that will act as a proxy between them.
From Gaius
0 comments:
Post a Comment