Exadata Database Machine X2-2 Hardware
 

PLA-Support>Eng Systems>Exadata/ODA/SSC>Oracle Exadata>DB: Exadata_EST
 

In this Document

Symptoms

Cause

Solution

References

Created from <SR 3-8822356319>

Applies to:

Symptoms

How to enable Kerberos LDAP Authentication in Exadata.

The module / files required for enabling Kerberos LDAP authentication in Exadata are missing / not installed by default

Cause

To enable Kerberos LDAP authentication In OEL on Exadata database machines the module must be installed / present
 
The module /lib/security/pam_krb5.so is missing.

 

Solution

Install the module package for PAM Kerberos 5.

This can be done either using yum or by installing the package individually using the rpm utility.

To verify the installation is complete and the package is installed, execute the following two commands:
-----------------------------------
Open a terminal window and enter:
1: rpm -qa | grep pam

pam_pkcs11-0.5.3-26.el5
pam_smb-1.1.7-7.2.1
pam_passwdqc-1.0.2-1.2.2
pam_krb5-2.2.14-22.el5                  <<< Example of RPM installed.
pam-devel-0.99.6.2-6.el5_5.2
pam-0.99.6.2-6.el5_5.2
pam_ccreds-3-5

If the system returns -x.xx-x , where x is the version of the package, it is installed.

2: cd to /lib/security and verify pam_krb5.so exists.

Please be aware that future updates of the OS on the DB Node may remove this package requiring re-installation.

For additional information, please review:

<Note: 1541428.1> - Is it acceptable / supported to install additional or 3rd party software on Exadata machines and how to check for conflicts?

References

This solution has no attachment