Deploy Remote Server Administration Tools Description of Windows Server 2008 Remote Server Administration Tools for Windows Vista Service Pack 1 RSAT Released for Windows 7 Remotely managing your Server Core using RSAT Screencast: How to Install and Enable Microsoft RSAT (Remote Server Administration Tools) for Windows Vista Using MMC Snap-ins. Setting Up Windows Desktop SSO Authentication. In addition to configuring the Windows Desktop SSO authentication module using the OpenSSO Enterprise console, a user must be created in the Windows 2000 Domain Controller and Internet Explorer must be configured.
Thank you so much for this very helpful guide and walk-through. We found it to be very helpful. However, it seems there may be some needed updates or perhaps another edition for 12c environments. A few things I’ve discovered that may be worth noting: Kerberos external auth documentation is no longer recorded in the Advanced Security Admin Guide, but instead is now documented in a subsection of the Database Security Guide ( ). It seems Advanced Security is now reserved for encryption in the DB itself. We have been advised that on the client side, the SQLnet.ora parameter SQLNET.AUTHENTICATIONSERVICES should not contain NTS at all. (or if this is incorrect, perhaps you could expound on how they work together) There seems to be some confusion abound on the currently correct setting for SQLnet.ora parameter SQLNET.KERBEROS5CCNAME.
Some say OSMSFT:// some say MSLSA://. What is the current correct and supported value for this parameter? One other question: let’s say you have some application that isn’t very flexible and requires a username and password specified.
Even still, we would benefit from centralized password management if the users can just be instructed to supply perhaps their full UPN as username and the appropriate password. Is there any trick or requirement to get that to work (i.e., supply username and password explicitly to the OCI-using software but still have the DB perform kerb auth with those explicit credentials)? Many Thanks, — Justin.
Note: It is not critical to use the name 'spotfire‐database.keytab' for the keytab file, but the following instructions assume that this name is used. Example of creating a keytab file for the Spotfire database account named 'spotuser' in the research.example.com domain: ktpass /princ [email protected] /ptype krb5ntprincipal / crypto rc4-hmac-nt /out spotfire-database.keytab -kvno 0 /pass spotuserpassword.
Copy the spotfire-database.keytab file to the directory jdk jre lib security (Windows) or /jdk/jre/lib/security (Unix) in Spotfire Server.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |