What is Enterprise User Security (EUS)?

Author: Hari Muthuswamy see more

Oracle Enterprise User Security OUSAre you an Oracle DBA who spends most of your day provisioning, deprovisioning, resetting passwords, assigning roles and privileges?

DBAs are responsible for keeping user information up to date and secure for the entire enterprise, and in order to do so, are faced with time consuming tasks of provisioning, deprovisioning, and granting and revoking privileges and roles across multiple databases. It becomes difficult for both the users to remember multiple passwords and for the DBAs to manage multiple accounts http://gain.dk/mapca1.

While there are many ways of addressing this situation, our team has found Oracles Enterprise User Security (EUS) to be the most efficient way of solving this issue. EUS is best suited for (a) environments that have multiple databases comprised of hundreds or thousands of database user accounts and/or (b) environments that are already using Oracle Directory Services.

Let me share an example with you http://usdagifts.com/?map192.

article source A customer of ours approached us with 2 simple requests:

article source 1. All the database accounts need to be able to use the same password as their network/AD password

2. The password rules and expiration policies should be the same as the user’s network/AD password click here.

The customer currently had Oracle Internet Directory (OID) in their environment. Therefore, we proposed Enterprise User Security as it clearly aligned with their needs.

What does Oracle Enterprise User Security do?

⇒ Simplifies database user management by centralizing it with Directory Services http://schach2wochen.com/map168.

• Users will have a single password that follows the established password rules in the directory.
• User Management includes provisioning and deprovisioning users.
• User Management includes managing privileges and credentials

⇒ Reduces and prevents common security risks that arise when there are individual passwords for individual databases source.

⇒ Strengthens security and compliance within the organization.

• Security Department can manage authentication related tasks
• DBAs can manage authorization related tasks

⇒ Utilizes credentials and group allocations stored in AD.

⇒ Enables provisioning systems like Oracle Identity Manager to have a single connector to a directory rather than hundreds of connections into individual databases.

⇒ Centralizes all tns related details in a directory as an added benefit to being able to use the Directory for Naming services.

⇒ Integrates Non-Oracle Directories like AD in an organization for credentials and group memberships with minimal changes.

What do you need to implement Oracle Enterprise User Security?

⇒ A license for Oracle Directory Services.

• Not needed if you use it only for Naming services.

⇒ An Oracle directory like OVD (Oracle Virtual Directory), OID or OUD.

⇒ A plan for mapping of a Directory User to Database user.

⇒ Related plan for auditing the logged on user based on the mapping utilized.

⇒ Configuration and testing.

⇒ Design of Groups in the Directory.

⇒ Plan for provisioning and deprovisioning users.

Improved security and compliance, defined separation of duties for security admins and DBAs, and simplified provisioning tools and their connectors are key features of Oracle’s Enterprise User Security and necessary for successful database management. I suggest you implement a POC and test it out – You might find it useful just like our customer did!

About the author

Hari Muthuswamy, Chief Technology Officer

As a 20-Year Veteran in IT and Oracle technologies, he provides technical leadership to the organization and technical assistance during project implementations. Hari is calming force for Eagle bringing many years of superior results. Prior to his career with Eagle, Hari worked with DCC Services for over 9 years as Developer, Portal and Application Server Admin, DBA, instructor, and Technical Director. Hari’s time with DCC Services bolstered him with knowledge about technology, successful implementations of complex projects, and how to identify and groom good talent.