行锋

未命名

发表于 2009-05-28

Microsoft Active Directory

An LDAP-compliant directory service included with the Windows 2000 Server. It stores information about objects on the network, and makes this information available to users and network administrators. Active Directory also provides users access to resources on the network using a single logon process.

Active Directory can be configured as a directory naming method to store service information that clients can access.

未命名

发表于 2009-05-28

Naming: External

The External tab enables you to configure the following external naming method:

Network Information Service (NIS)

Meta Map

Specify the map, a special file that contains the database service name.

未命名

发表于 2009-05-28

Naming: Methods

The Methods tab enables you to specify which naming methods this client computer is to use, as well as the priority order. The naming method at the top of the list is used first to resolve a given connect identifier, net service name, or database service. If it cannot resolve the name, then the next method specified in the list is used.

During a connection request, the client tries to contact the first naming method listed to resolve connect identifiers to a connect descriptor. The client request then forwards the request to the listener address specified in the connect descriptor.

Oracle Net provides support for the following naming methods:

Available Methods list

Displays the naming methods available for selection

Selected Methods list

Displays the naming methods selected. The order of the naming methods in the list determines the order in which Oracle Net tries the naming methods.

< button

Choose to move a selected naming method from the Available Methods list to the Selected Methods list.

> button

Choose to move a selected naming method from the Selected Methods to the Available Methods list.

Promote button

Choose to move a selected naming method up in the Selected Methods list. Oracle Net tries to use the first method to resolve a net service name or database service name. If it cannot use the first method, then it uses the second method, and so on.

Demote button

Choose to move a selected naming method down in the Selected Methods list.

Default Domain

Enter the name of the network domain from which most client request take place. The domain name can be the domain where the client resides, or it could be the domain from which the client requests network services often.

When set, the domain name is automatically be appended to any unqualified name.

未命名

发表于 2009-05-28

Oracle Net Configuration Assistant

A post-installation tool that configures basic network components after installation, including:

Listener names and protocol addresses
Naming methods the client will use to resolve connect identifiers
Net service names in a tnsnames.ora file
Directory server usage

Oracle Net Configuration Assistant runs automatically after software installation, as described in your Oracle installation guide. It can be used on either the client or database server.

It can also be run in stand-alone mode to configure naming methods usage, the listener, net service names in the tnsnames.ora file, and directory server usage.

To start the Oracle Net Configuration Assistant in stand-alone mode:

On UNIX, run netmgr at $ORACLE_HOME/bin.
On Windows operating systems, choose Start > Programs > Oracle - HOME_NAME > Configuration and Migration Tools > Net Configuration Assistant.

未命名

发表于 2009-05-28

Network Information Service (NIS)

Sun Microsystems' Yellow Pages (yp) client/server protocol for distributing system configuration data such as user and host names between computers on a network.

For information about configuring NDS as an external naming method, see Configure External Naming Methods and Prioritize Naming Method.

未命名

发表于 2009-05-28

Oracle Advanced Security

A product that provides a comprehensive suite of security features for the Oracle environment. This suite of security features protects enterprise networks and securely extends corporate networks to the Internet. It provides a single source of integration with network encryption and authentication solutions, single sign-on services, and security protocols. Oracle Advanced Security integrates industry standards and delivers unparalleled security to the Oracle network and beyond.

For more information, see Oracle Advanced Security Administrator's Guide.

未命名

发表于 2009-05-28

Oracle Advanced Security: Authentication

The Authentication tab enables you to select and prioritize authentication methods. Following is a list of authentication methods supported by Oracle Advanced Security.

KERBEROS5

Provides support for secure, single sign-on capabilities in a distributed environment with secret key cryptography. Passwords are stored in a central repository, making password theft from the network impossible. Kerberos also provides database link authentication and enhanced PC security.

CYBERSAFE

A Kerberos-based authentication server that provides secure authentication based on key management and shared secrets. The Challenger has password checking and authentication with token security cards.

NTS

Allows operating system authentication to be performed between a client and an Oracle server on Windows NT. The Windows NT Native authentication method enables database user authentication through Windows NT. This enables client computers to make secure connections to an Oracle database on a Windows NT server. A secure connection is when a Windows NT client user name is retrieved on a Windows NT server through the Windows NT Native authentication method. The Windows NT server then permits the user name to perform the database actions on the server.

RADIUS

Supports any authentication method that complies with the RADIUS standard, including token cards and smart cards. A RADIUS server passes information between the Oracle server and the designated authentication servers. From the user's perspective, the entire authentication process takes place seamlessly and transparently.

< button

Choose to move a selected authentication method from the Available Methods list to the Selected Methods list.

> button

Choose to move a selected authentication method from the Selected Methods to the Available Methods list.

Promote button

Choose to move a selected authentication method up in the Selected Methods list. Client/Server negotiation will attempt to use the authentication methods in the order in which they are listed. Oracle Net will first use the authentication at the top of the list. If it cannot use the first method, it uses the second method, and so on.

Demote button

Choose to move a selected authentication method down in the Selected Methods list.

Note: If you have configured the TCP/IP with SSL protocol, the Secure Sockets Layer (SSL) will be configured by default. Any authentication method you choose in this tab will override authentication features of SSL. Use the SSL tab to configure additional SSL options. If you are using the TCP/IP with SSL protocol, do not use any of the other authentication methods. The Selected Methods list must be empty.

For more information, see Windows NT documentation or Oracle Advanced Security Administrator's Guide.

未命名

发表于 2009-05-28

Oracle Advanced Security: Encryption

The Encryption tab enables you to configure encryption parameters for the selected authentication methods.

Note: Use the SSL tab to configure cipher suites for the Secure Sockets Layer (SSL).

Encryption

From the list, select the computer you are currently configuring: either Client or Server.

Encryption Type

Select a value to specify the client or server behavior when negotiating encryption and integrity. The four possible encryption types are:

Element	Description
accepted	Service will be active if the other side of the connection specifies either "required" or "requested", and there is a compatible algorithm available on the other side; it will otherwise be inactive.
rejected	Service must not be active, and the connection will fail if the other side specifies "required".
requested	Service will be active if the other side of the connection specifies either "accepted", "required", or "requested", and there is a compatible algorithm available on the other side; it will otherwise be inactive.
required	Service must be active, and the connection will fail if the other side specifies "rejected", or if there is no compatible algorithm on the other side.

Encryption Seed

Enter an encryption seed, a random string of up to 256 characters, in the Encryption Seed field. The encryption seed is used to generate cryptographic keys. This is required when either encryption or integrity is enabled.

Note: If you choose to use special characters such as a comma [,] or a right parenthesis [)] as a part of the Encryption Seed parameter, Oracle recommends that the value be enclosed within single quotes.

Available Methods/Selected Methods list

Displays the authentication methods available for selection and the encryption methods selected. The order of the methods in the list determines preferred order for negotiation.

Use the left-arrow button (<) and the right-arrow button (>) to move a selected encryption algorithm between lists. The following encryption algorithms are supported by Oracle Advanced Security:

Element	Description
AES256	AES 256-bit key
RC4_256	RC4 256-bit key
AES192	AES 192-bit key
3DES168	Triple DES with a three-key (168 bit) option
AES128	AES 128-bit key
RC4_128	RC4 128-bit key
3DES112	Triple DES with a two-key (112 bit) option
DES	DES 56-bit key
RC4_40	RC4 40-bit key
DES40	DES 40-bit key

未命名

发表于 2009-05-28

Oracle Advanced Security: Integrity

The Integrity tab enables you to configure data integrity for the authentication methods. Data integrity is the comparison of data sent over the connection as seen by both client and server.

Note: Use the SSL tab to configure Cipher Suites for the Secure Sockets Layer (SSL).

Integrity

Select either the Server or Client check box to indicate whether the computer you are currently configuring is a Client or a Server. The Server option does not apply to the servers to which this computer connects.

Checksum Level

Select a checksum level. The four possible checksum levels are:

Element	Description
accepted	Service will be active if the other side of the connection specifies either "required" or "requested", and there is a compatible algorithm available on the other side; it will otherwise be inactive.
rejected	Service must not be active, and the connection will fail if the other side specifies "required".
requested	Service will be active if the other side of the connection specifies either "accepted", "required", or "requested", and there is a compatible algorithm available on the other side; it will otherwise be inactive.
required	Service must be active, and the connection will fail if the other side specifies "rejected", or if there is no compatible algorithm on the other side.

Available Methods list

Displays the integrity algorithms, used to create checksums. There are two such methods:

Algorithm Name	Legal Values
Secure Hash Algorithm (SHA-1)	SHA1
Message Digest 5 (MD5)	MD5

Selected Methods list

Displays the algorithms selected. The order of the algorithms in the list determines the order in which they are used.

未命名

发表于 2009-05-28

Oracle Connection Manager

A router through which a client connection request may be sent either to its next hop or directly to the database server. Clients who route their connection requests through an Oracle Connection Manager can then take advantage of the access control, multiplexing, and protocol conversion features configured on that Oracle Connection Manager.

Oracle Connection provides connection routing for environments where:

A large numbers of users need to access a single service through a single protocol.
Different protocols are installed on the client and server, making a typical connection fail.
Typical Oracle Net connections require the client and server to have the same protocol installed.
Control of client access to designated servers in a TCP/IP environment is required.

For information about Oracle Connection Manager, see Chapter 1, Networking Challenges in the Internet Age, in the Oracle9i Net Services Administrator's Guide.

低头走路，抬头思考

未命名

Microsoft Active Directory

Related Topics

未命名

Naming: External

Related Topics

未命名

Naming: Methods

Related Topics

未命名

Oracle Net Configuration Assistant

Related Topics

未命名

Network Information Service (NIS)

Related Topics

未命名

Oracle Advanced Security

Related Topics

未命名

Oracle Advanced Security: Authentication

Related Topics

未命名

Oracle Advanced Security: Encryption

Related Topics

未命名

Oracle Advanced Security: Integrity

Related Topics

未命名

Oracle Connection Manager

Related Topics