1.158 LDAP_DIRECTORY_SYSAUTH
LDAP_DIRECTORY_SYSAUTH
allows or disallows directory-based authorization for users granted administrative privileges, such as SYSDBA
, SYSOPER
, SYSASM
, SYSBACKUP
, SYSDG
, and SYSKM
.
[December 8, 2017 bert.rich] For 18.1/12.2.0.2, updated this topic based on Oracle Review comments from engineer yong.hu.
Property | Description |
---|---|
Parameter type |
String |
Syntax |
|
Default value |
|
Modifiable |
No |
Modifiable in a PDB |
No |
Basic |
Yes |
When LDAP_DIRECTORY_SYSAUTH
is set to yes
, directory users are allowed to connect to the database as SYSDBA
, SYSOPER
, SYSASM
, SYSBACKUP
, SYSDG
, or SYSKM
, if they have mapped database global users that are granted corresponding administrative privileges such as SYSDBA
, SYSOPER
, SYSASM
, SYSBACKUP
, SYSDG
, and SYSKM
.
When LDAP_DIRECTORY_SYSAUTH
is set to no, directory users are not allowed to connect to the database as SYSDBA
, SYSOPER
, SYSASM
, SYSBACKUP
, SYSDG
, or SYSKM
, even if they have mapped database global users that are granted corresponding administrative privileges such as SYSDBA
, SYSOPER
, SYSASM
, SYSBACKUP
, SYSDG
, and SYSKM
.