How To Configure Non-Anonymous Secure Bind for LDAP Net Service Name Resolution when Usercertificate DN does not Match with the Entry DN in OID
Last updated on JULY 03, 2017
Applies to:Oracle Net Services - Version 22.214.171.124.0 to 126.96.36.199 [Release 11.1 to 11.2]
Oracle Security Service - Version 10.1.2.0 and later
Information in this document applies to any platform.
You would like to secure TNS net service names stored in Oracle Internet Directory (OID) by disabling anonymous bind.
Non-anonymous bind uses SSL to bind with the OID for net service name resolution. You have the restriction that the DN in the client wallet should match the user entry DN in OID. This article explains on how to configure non-anonymous bind if your user certificate DN does not match with the entry DN in OID.
■ This feature is useful if your Public Key Infrastructure (PKI) certificate authority does not support the use of two common names (cn) in the DN.
■ This also enables you to restructure your Directory without requiring new certificates for users or databases.
■ You no longer have to bother if the DN in user certificate matches with DN in OID or not.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms