How To Configure Non-Anonymous Secure Bind for LDAP Net Service Name Resolution when Usercertificate DN does not Match with the Entry DN in OID
(Doc ID 456766.1)
Last updated on FEBRUARY 26, 2020
Oracle Net Services - Version 22.214.171.124.0 to 126.96.36.199 [Release 11.1 to 11.2] Oracle Security Service - Version 10.1.2.0 and later Information in this document applies to any platform.
You would like to secure TNS net service names stored in Oracle Internet Directory (OID) by disabling anonymous bind.
Non-anonymous bind uses SSL to bind with the OID for net service name resolution. You have the restriction that the DN in the client wallet should match the user entry DN in OID. This article explains on how to configure non-anonymous bind if your user certificate DN does not match with the entry DN in OID.
■ This feature is useful if your Public Key Infrastructure (PKI) certificate authority does not support the use of two common names (cn) in the DN. ■ This also enables you to restructure your Directory without requiring new certificates for users or databases. ■ You no longer have to bother if the DN in user certificate matches with DN in OID or not.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!