Toad/Oracle has a mechanism where it can use LDAP to lookup a list of database endpoints. It uses a file called ldap.ora which looks like:
DIRECTORY_SERVERS= (server1.foo.bar.baz:1628:1629, server2.foo.bar.baz:1628:1629)
DEFAULT_ADMIN_CONTEXT = "dc=foo,dc=bar,dc=baz"
DIRECTORY_SERVER_TYPE = OID
I'd like to somehow invoke the LDAP lookup and export the list of database endpoints (including server, port, etc.) so that I can connect via JDBC/SQuirreL.
Is there a way that I can generate the list of database endpoints given the LDAP servers?
Or better yet is there some oracle / SQuirreL integration that does the LDAP lookup?
* Update *
I originally thought I needed the server/port for each database server to formulate a JDBC url. I have now found that I can connect to a database through the ldap directory server using a connection url like:
jdbc:oracle:thin:#ldap://server1.foo.bar.baz:1628/XXXX,cn=OracleContext,dc=foo,dc=bar,dc=baz
Where XXXX is the SID of a database. So, it now seems that all I need is a list of SID's. I'm hoping that I can do this in sqlplus.
Well, you can query LDAP for the data. (Do not know how SQuirreL can do this unless you modify the code).
You need to query your LDAP for (objectclass=orclDBServer) and the data you are looking for is in the attribute orclnetdescstring and will look some thing like:
orclnetdescstring: (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ordb0001.yourdomain.com)(PORT=1523))(CONNECT_DATA=(SERVICE_NAME=db.iss.com)))
-jim
Related
I'm currently working on a project connecting prestoDB to our DBtool to extract and load different types of data from different sources(json index from elasticsearch, json record from kafka etc).
it works on a DBeaver with a jdbc, however, our DBtool does not allow the connection without a username and password.
Is there any way to create an user and password in prestoDB that we could use like Oracle or MariaDB account connection
I currently have a connection for MySQL database and connected as:
spring.datasource.url = jdbc:mysql://${mysql.service.host}:${mysql.service.port}/${mysql.service.database}
If I were to change the database and used Oracle database instead then how would the datasource URL change?
jdbc:oracle:thin:#//server:port/service
or
jdbc:oracle:thin:#//server:port:SID
The server entry would be the IP address or network name where your Oracle Listener is handling connection requests. The port would be the port number being used for said listener requests.
Service would be the database service name, if you're connecting to an Oracle Pluggable Database, you'll always need this.
The SID is a unique ID for your database, you could use that, but you're encouraged to use the service instead.
If you wish to make a THICK connection, that is, use an Oracle Client to make a connection to your database, then things get a bit more complicated. I would suggest using THIN until you can't.
I have an Oracle connection using com.oracle:ojdbc14:10.2.0.2.0 and the URL jdbc:oracle:thin:#fooe2.company.intern:1529:odse but would like to leave away the hostname and port as it may change over time. Using sqlplus I can just say "odse" and it will look the name up via /etc/ldap.ora. I know that there is a syntax where I can specify the ldap server names in the JDBC URL but I don't want that either as it may change as well.
Is it possible to have JDBC make use of the existing /etc/ldap.ora configuration and just specify the SID?
I have a database that I can connect to using jdbc using the string "jdbc:oracle:thin#ldap://SERVER_NAME:1234/SERVICE,cn=OracleContext,dc-world".
However, when I use node-oracledb, this connection string does not work, presumably because Node doesn't use jdbc. What connection string could I use to connect to the database?
There is no "Easy Connect" syntax available for LDAP so you will need
to configure ldap.ora and sqlnet.ora files and use a non-Easy Connect
string alias in node-oracledb (or in other tools like SQL*Plus, PHP OCI8, Python cx_Oracle, Golang godror etc).
I'm told (!) the steps are:
Invoke netca -> Directory Usage
Configure naming to use LDAP by netca->Naming Methods Configuration. This sets up sqlnet.ora for name lookup.
run netmgr to setup the entry in ldap or Enterprise Manager to setup ldap.
Copy those files to a subdirectory on the machine where you run Node.js, and set TNS_ADMIN to the directory containing the files. With Instant Client you can put it in the network\admin subdirectory under the Instant Client libraries. See the manaul entry Optional Oracle Net Configuration
Set node-oracledb's connectString to the connect alias configured in 3, e.g. "orcl"
In order to get an ldap connection to work, I had to do the following:
In the network/admin folder of the oracle client add (These were provided by my db admin, but there are examples here:):
LDAP.ORA
sqlnet.ora
And then the connectString is just the service name and nothing else. So, using the original example jdbc:oracle:thin#ldap://SERVER_NAME:1234/SERVICE,cn=OracleContext,dc-world the connectString would just be SERVICE
We are trying to shape up an old, 2 tier, Delphi based application. It originally uses database authentication, we'd like to transform the db user accounts to global users, so an OID server could perform the authentication instead of the database.
The Delphi program can no longer log into the database if the account is a global user. I'm trying to understand the login protocol, so far without results.
Similar thing happens with SQLDeveloper, I can't connect as a global user. SQLPlus however works with both kinds of users. We checked the information flow with Wireshark. When the dbserver asks back for a password, the SQLPlus sends it, while the SQLDeveloper doesn't send a password when attempting to connect as a global user.
The client sends the application name too in the login request. Is it possible that we have to store the client app name in the LDAP itself?
To connect to Oracle using OID, application must properly configure OCI (Oracle Call Interface). The data access components (which one ?), you are using, must set OCI_ATTR_DISTINGUISHED_NAME session attribute. If that is not done, then you will be not able to connect to Oracle server using ODI and OCI.
You should check your components documentation for this feature. And if it is not implemented, then discuss this issue with the components vendor. Actually, there is not much work to implement, but some work to setup testing environment is required ...