|Oracle9i Supplied PL/SQL Packages and Types Reference
Release 2 (9.2)
Part Number A96612-01
DBMS_DISTRIBUTED_TRUST_ADMIN procedures maintain the Trusted Servers List. Use these procedures to define whether a server is trusted. If a database is not trusted, Oracle refuses current user database links from the database.
Oracle uses local Trusted Servers Lists, along with enterprise domain membership lists stored in the enterprise LDAP directory service, to determine if another database is trusted. The LDAP directory service entries are managed with the Enterprise Security Manager Tool in Oracle Enterprise Manager.
Oracle considers another database to be "trusted" if it meets the following criteria:
You can list a database server locally in the Trusted Servers List regardless of what is listed in the directory service. However, if you list a database that is not in the same domain as the local database, or if that domain is untrusted, the entry will have no effect.
This functionality is part of the Enterprise User Security feature of the Oracle Advanced Security Option.
This chapter discusses the following topics:
EXECUTE_CATALOG_ROLE role must be granted to the DBA. To select from the view
SELECT_CATALOG_ROLE role must be granted to the DBA.
It is important to know whether all servers are trusted or not trusted. Trusting a particular server with the
ALLOW_SERVER procedure does not have any effect if the database already trusts all databases, or if that database is already trusted. Similarly, denying a particular server with the
DENY_SERVER procedure does not have any effect if the database already does not trust any database or if that database is already untrusted.
ALLOW_ALL delete all entries (in other words, server names) that are explicitly allowed or denied using the
ALLOW_SERVER procedure or
DENY_SERVER procedure respectively.