Oracle Target Account Configuration

The Oracle target connector can communicate with an Oracle database and Oracle Internet Directory (OID) server.
capam32
The Oracle target connector can communicate with an Oracle database and Oracle Internet Directory (OID) server.
If you create a target account for an Oracle target application, there are more settings that you must configure, as shown in the following screen:
Oracle_target_acct_tab.png
The configuration settings include:
Use OID
–Specifies whether
PAM
connects to an Oracle database or an Oracle Internet Directory (OID) server.  The options are:
  • JDBC Thin
    : To connect to an Oracle database, accept this default option
  • JDBC Thin using OID
    : To connect to an Oracle Internet Directory server, select this option and enter values for the following fields:
    • SID/Service 
      – Specifies the System Identifier (SID) of the Oracle Internet Directory database instance. Enter the SID specified during the installation of the OID software.
    • CN 
      – Specifies the Common Name (CN) of an Oracle context. The default value is cn=OracleContext.
Schema:
Enter the schema name for the database account.
Schema is a RAC Service Name
(for JDBC Thin only): If the target is an Oracle RAC, select this checkbox.
Change Process: 
 Select one of the options:
  • Account can change own password: Select this option when a user account can change the password. The assumption is that the user knows the original password.
  • Use the following account to change password: Select this option to use a
    master account.
    A master account has privileges to change any account password, such as an administrator with maximum privileges.
For more information about this setting, see Use an Alternate Account to Change Passwords (Optional).
This is a SYSDBA Account
: If the target account is a SYSDBA database administrator, select this checkbox.
Use REPLACE Syntax
: The Oracle REPLACE function lets you replace one text string with another. By default, this option is not enabled. Accept the default if the account that is specified to change an account password does not know the original password.
Follow these guidelines:
  • For a standard user who knows the original account password, select this checkbox. For this account, the
    Account can change own password
    option is also selected.
  • For an account with the ALTER USER privilege, such as an Oracle administrator, acting as a master account, keep this checkbox unselected. A master account can change any account password without knowing the original password for the target account. To use a master account, select the 
    Use the following account to change password
    setting and enter the privileged account.