P
Paul Koufalis
Guest
PROBLEM: When adding a remote container in OE Management 11.3, you must provide the username and password of the user that started the AdminServer on the remote host. BUT...if it is NOT root, the password cannot be authentication against the /etc/shadow password file. ENHANCEMENT REQUEST: Since OE Mgmt still authenticates against $OEMDIR/etc/fathomRealm.properties, then so should the Remote Admin connection. Or better yet, allow Active Directory authentication. CURRENT WORKAROUND: 1. Start the AdminServer as root. Since OEM can run jobs, we would effectively be giving root access to the DBAs. 2. Adjust security on /etc/shadow. Create a new "security" group, add the dba account and give the group read access to the shadow passwd file. No security hole there....none at all...
Continue reading...
Continue reading...