The Oracle database permits the following types of users:
Local. Local users are fully managed by Oracle and require a password. Oracle manages these passwords as well. Therefore, the user name and password must fully comply with the standards set within the application.
External. External users must be authenticated by the operating system or a third-party application. Oracle relies on the login authentication to ensure that a specific operating system user has access to a specific database user.
Global. Global users must be authenticated by a directory service, such as LDAP or Active Directory. The user’s name must be specified as a full distinguished name (DN) or as a null string. If a null string is used, the directory service will map authenticated global users to the appropriate database features.
If you are managing external or global users, you should place the Oracle resource in a resource group that also includes the machine upon which it is installed or the directory service.