Index
A
C
D
E
F
G
I
K
L
M
N
O
P
R
S
T
U
W
X
A
- Access Control Lists
- accessing security groups, 4-21
- adding or removing users in security groups, 4-23
- available security groups, 4-20
- changing user permissions in security groups, 4-24
- Active Directory
- accessing security groups, 4-21
- adding or removing users in security groups, 4-23
- automatic discovery of directory servers, 4-5
- changing permissions in security groups, 4-24
- connecting to a database, 4-16, 4-17
- creating security domains, 4-25
- defined, 4-2
- enhancement of directory object type descriptions, 4-7
- how Oracle directory objects appear, 4-9
- integration with directory servers, 4-5
- integration with Microsoft tools, 4-6
- integration with Windows login credentials, 4-8
- managing Access Control Lists, 4-20
- managing security groups directory server
- managing Access Control Lists, 4-20
- procedures for installing Oracle into, 4-16
- requirements for creating an Oracle Context, 4-13
- requirements for creating an Oracle schema, 4-12
- requirements for creating enterprise user security, 4-15
- requirements for creating Oracle Net directory naming, 4-13
- requirements for using Oracle, 4-11
- testing connectivity from client computers, 4-16
- testing connectivity with Microsoft tools, 4-17
- testing connectivity with SQL*Plus, 4-7, 4-19
- testing database connectivity, 4-7, 4-19
- user interface extensions, 4-7
- Active Directory Users and Computers
- accessing directory server objects, 4-18
- integration with Oracle objects in Active Directory, 4-6
- testing database connectivity from, 4-19
- Administering, 2-1, 3-1
- authentication
- automatically enabling during installation, 1-8
- creating an operating system-authenticated user, 2-31
- enhancements, 1-4
- overview, 1-2
- setting the OS_AUTHENT_PREFIX initialization parameter, 2-29
- setting the OSAUTH_PREFIX_DOMAIN registry parameter, 2-29
- using Windows native authentication methods, 1-2
- when to use enterprise users, 1-5
- when to use external users, 1-5
- Authentication Adapters
- using, A-4
- authentication parameter settings
- viewing, 2-13
- authentication protocols
- default protocol used, 1-3
- with Windows 2000, 1-2
- with Windows NT 4.0, 1-2
- authorization
- when to use enterprise roles, 1-5
- when to use external roles, 1-5
C
- configuration parameters
- LOCAL, A-3
- TNS_ADMIN, A-3
- USE_SHARED_SOCKET, A-4
- configuring
- Authentication Adapters, A-4
- Named Pipes Protocol Adapter, A-4
- CONNECT /AS SYSDBA
- connecting without a password, 1-8
- connecting
- LOCAL parameter, A-3
- contact name, 4-4
- CREATE USER command, 2-31
D
- database administrator privileges
- granting for a single database on a computer with Oracle Administration Assistant for Windows NT, 2-24, 2-25
- granting for all databases on a computer with Oracle Administration Assistant for Windows NT, 2-6, 2-7
- manually granting for all databases on a computer, 2-34
- database operator privileges
- granting for a single database on a computer with Oracle Administration Assistant for Windows NT, 2-24, 2-26
- granting for all databases on a computer with Oracle Administration Assistant for Windows NT, 2-6, 2-8
- manually granting for all databases on a computer, 2-34
- database privileges
- in Windows NT local groups, 2-34, 2-40, 2-42
- directory servers
- automatic discovery of directory servers, 4-5
- creating security domains, 4-25
- enhancement of directory object type descriptions, 4-7
- features integrated with Oracle9i, 4-3
- how Oracle directory objects display in Active Directory, 4-9
- installation tasks, 4-16
- integration with Active Directory, 4-5
- integration with Microsoft tools, 4-6
- integration with Windows login credentials, 4-8
- overview, 4-2
- requirements for creating an Oracle Context in Active Directory, 4-13
- requirements for creating an Oracle schema in Active Directory, 4-12
- requirements for creating enterprise user security in Active Directory, 4-15
- requirements for creating Oracle Net directory naming in Active Directory, 4-13
- requirements for using Oracle with Active Directory, 4-11
- user interface extensions, 4-7
- DisplayName parameter, A-2
- DNS-style naming convention, 4-16
E
- enterprise domains
- different from Windows domains, 4-4
- viewing in Active Directory, 4-10
- enterprise roles
- authorizing in Windows 2000 domains, 3-3
- environments in which to use, 1-5
- viewing in Active Directory, 4-10
- enterprise user security
- creation requirements, 4-15
- enterprise users
- environments in which to use, 1-5
- viewing in Active Directory, 4-10
- external OS roles
- defined, 2-10
- external roles
- administering, 2-2
- administering manually on Windows NT, 2-27
- administering with Oracle Administration Assistant for Windows NT, 2-2
- creating with Oracle Administration Assistant for Windows NT, 2-20
- defined, 2-10
- environments in which to use, 1-5
- external users
- administering, 2-2
- administering manually on Windows NT, 2-27
- administering with Oracle Administration Assistant for Windows NT, 2-2
- creating manually, 2-28
- creating with Oracle Administration Assistant for Windows NT, 2-14
- environments in which to use, 1-5
F
- Features
- new, xix
G
- generic documentation references
- OS_AUTHENT_PREFIX initialization parameter, 2-13
- OSDBA group, 2-43
- OSOPER group, 2-43
- Windows NT-specific authentication methods, 1-2
- Windows NT-specific local groups use, 2-34
- Windows NT-specific OS_AUTHENT_PREFIX case insensitivity, 2-29
- Windows NT-specific role syntax, 2-42
I
- ImagePath parameter, A-2
- initialization parameters
- OS_AUTHENT_PREFIX, 2-29
- OS_ROLES, 1-4, 2-13, 2-39, 3-3
K
- Kerberos, 3-2
- default use of, 1-3
- features, 1-2
L
- local database role
- creating with Oracle Administration Assistant for Windows NT, 2-18
- local groups
- with database privileges, 2-34, 2-40, 2-42
- LOCAL networking parameter, A-3
- local roles
- defined, 2-10
M
- Microsoft Certificate Services, 6-3
- Microsoft Certificate Stores, 6-2
- Microsoft Management Console
- requirements, 2-3
- running Oracle Administration Assistant for Windows NT from, 2-3
N
- Named Pipes Protocol Adapter
- with an Oracle Names Server, A-4
- networking parameters
- LOCAL, A-3
- TNS_ADMIN, A-3
- USE_SHARED_SOCKET, A-4
- new
- Features, xix
- nonprivileged database user
- creating manually, 2-28
- creating with Oracle Administration Assistant for Windows NT, 2-14
- NTLM, 3-2
- default use of, 1-3
- features, 1-2
- NTS. See Windows native authentication
O
- ObjectName parameter, A-2
- operating system authentication
- automatically enabling during installation, 1-8
- connecting as SYSDBA without a password, 1-8
- creating an authenticated user
- creating, 2-31
- setting the OS_AUTHENT_PREFIX initialization parameter, 2-29
- setting the OSAUTH_PREFIX_DOMAIN registry parameter, 2-29
- operating systems
- authentication overview, 1-2
- OPS$, 2-29
- ORA_DBA local group
- adding users to, 1-8, 2-34
- ORA_OPER local group
- adding users to, 2-34
- ORA_SID_DBA local group
- adding users to, 2-34
- ORA_SID_OPER local group
- adding users to, 2-34
- Oracle Administration Assistant for Windows NT
- adding a computer to the navigation tree, 2-5
- connecting to a database, 2-9
- creating a local database role, 2-18
- creating a nonprivileged database user, 2-14
- creating an external role, 2-20
- granting administrator privileges for a single database on a computer, 2-25
- granting administrator privileges for all databases on a computer, 2-7
- granting operator privileges for a single database on a computer, 2-26
- granting operator privileges for all databases on a computer, 2-8
- managing Oracle 7.x and Oracle 8.0.x computers, 2-4
- managing remote computers, 2-4
- saving a navigation tree configuration, 2-5
- setting the OS_AUTHENT_PREFIX initialization parameter, 2-13
- setting the OS_ROLES initialization parameter, 2-13
- troubleshooting database connection issues, 2-11
- using, 2-2
- viewing database authentication parameter settings, 2-13
- Oracle Context
- creating with Oracle Net Configuration Assistant, 4-13
- creation requirements, 4-13
- defined, 4-10
- Oracle Database Configuration Assistant
- registering a database object in a directory server, 4-8
- Oracle Enterprise Security Manager
- creating security domains, 4-25
- using, 1-7
- using simple authentication, 1-8
- using with Windows native authentication, 1-8
- Oracle Names
- Named Pipes Protocol Adapter, A-4
- Oracle Net Configuration Assistant
- automatically discovering directory server information, 4-10
- configuring Oracle software with a directory server, 4-5, 4-8
- creating the Oracle Context, 4-13
- creating the Oracle schema, 4-11
- Oracle Net directory naming
- connecting to a database through a directory server, 4-16
- creation requirements, 4-13
- testing connectivity from client computers, 4-17
- testing connectivity with Microsoft tools, 4-17
- Oracle Public Key Infrastructure, 6-2
- Oracle schema
- creating with Oracle Net Configuration Assistant, 4-11
- creation requirements, 4-12
- Oracle Wallet Manager, 5-3
- Oracle Wallets, 5-2
- Storing in the Windows Registry, 5-2
- storing private keys and trustpoints, 5-2
- Oracle9i, 2-18
- Oracle9i Database Administrator's Guide, 2-18
- OracleDBCreator security group
- defined, 4-20
- OracleDBSecurityAdmin security group
- defined, 4-20
- OracleDefaultDomain
- directory server security domain, 4-25
- OracleHOME_NAMEClientCache key, A-2
- OracleHOME_NAMECMAdminService key, A-2
- OracleHOME_NAMECManService key, A-2
- OracleHOME_NAMETNSListener key, A-2
- OracleHOME_NAMETNSListener service, A-4
- OracleNetAdmins security group
- defined, 4-20
- OS database administrators
- defined, 2-11
- OS database operators
- defined, 2-11
- OS_AUTHENT_PREFIX initialization parameter, 2-13, 2-28, 2-29
- OS_ROLES initialization parameter, 2-13
- OS_ROLES parameter
- not required in Windows 2000 domains, 3-3
- using with external roles, 1-4, 2-13, 2-39
- OSAUTH_PREFIX_DOMAIN registry parameter, 2-4, 2-29, 2-30
- OSAUTH_X509_NAME registry parameter, 3-2
- OSDBA group, 2-43
- OSOPER group, 2-43
P
- passwords
- connecting without a password with SYSDBA, 1-8
- privileges
- in Windows NT local groups, 2-34, 2-40, 2-42
R
- registry
- DisplayName, A-2
- ImagePath, A-2
- ObjectName, A-2
- OracleHOME_NAMEClientCache key, A-2
- OracleHOME_NAMECMAdminService key, A-2
- OracleHOME_NAMECManService key, A-2
- OracleHOME_NAMETNSListener key, A-2
- registry parameters
- OSAUTH_PREFIX_DOMAIN, 2-30
- remote computers
- managing with Oracle Administration Assistant for Windows NT, 2-4
- requirements
- for creating an Oracle Context in Active Directory, 4-13
- for creating an Oracle schema in Active Directory, 4-12
- for creating enterprise user security in Active Directory, 4-15
- for creating Oracle Net directory naming in Active Directory, 4-13
- for using Oracle with Active Directory, 4-11
- role authorization
- description, 1-4
- in Windows 2000 domains, 3-3
- roles
- authorization method enhancements, 1-4
- authorized in Windows 2000 domains, 3-3
- creating a local database role with Oracle Administration Assistant for Windows NT, 2-18
- creating an external role with Oracle Administration Assistant for Windows NT, 2-20
- when to use enterprise roles, 1-5
- when to use external roles, 1-5
S
- security groups
- accessing, 4-21
- adding or removing users, 4-23
- changing user permissions, 4-24
- SET INSTANCE command, 2-37, 2-43
- simple authentication
- using with Oracle Enterprise Security Manager, 1-8
- SQL*Plus
- connecting to a database through Active Directory, 4-7, 4-19
- sqlnet.ora file
- location of, 2-37, 2-39
- setting to enable Windows native authentication, 2-37, 2-39
- storing private keys and trustpoints
- Oracle Wallets, 5-2
- SYSDBA privileges
- connecting based on your NT local group, 2-38
- connecting without a password, 1-8
- granting for a single database on a computer with Oracle Administration Assistant for Windows NT, 2-24, 2-25
- granting for all databases on a computer with Oracle Administration Assistant for Windows NT, 2-6, 2-7
- manually granting for all databases on a computer, 2-34
- mapping to a local group, 2-34
- SYSOPER privileges
- connecting based on your NT local group, 2-38
- granting for a single database on a computer with Oracle Administration Assistant for Windows NT, 2-24, 2-26
- granting for all databases on a computer with Oracle Administration Assistant for Windows NT, 2-6, 2-8
- manually granting for all databases on a computer, 2-34
- mapping to a local group, 2-34
T
- TNS_ADMIN networking parameter, A-3
- troubleshooting
- Oracle Administration Assistant for Windows NT connection issues, 2-11
U
- USE_SHARED_SOCKET networking parameter, A-4
- user authentication
- description, 1-4
- users
- authentication enhancement methods, 1-4
- when to use enterprise users, 1-5
- when to use external users, 1-5
W
- Wallet Resource Locator, 6-3
- Windows 2000 domains
- administering external users and roles with Oracle Administration Assistant for Windows NT, 2-2
- required domains for Oracle clients and server to use directory server features, 4-11
- role authorization, 3-3
- Windows authentication protocols
- default protocol used, 1-3
- with Windows 2000, 1-2
- with Windows NT 4.0, 1-2
- Windows Explorer
- accessing directory server objects, 4-18
- integration with Oracle objects in Active Directory, 4-6
- testing database connectivity from, 4-19
- Windows native authentication
- benefits, 1-2
- enhancements, 1-4
- installation of, 1-2
- methods and use of, 1-2
- overview, 1-2
- role authorization enhancements, 1-4
- setting the sqlnet.ora file, 2-37, 2-39
- user and role requirements, 1-4
- user authentication enhancements, 1-4
- using with Oracle Enterprise Security Manager, 1-8
- Windows NT 4.0 domains
- administering external users and roles manually, 2-27
- administering external users and roles with Oracle Administration Assistant for Windows NT, 2-2
- basic features, 1-4
- Windows NT local groups
- with database privileges, 1-8, 2-34, 2-40, 2-42
X
- X.500 naming convention, 4-16
