|
|
|
The tnsnames.ora file is an Oracle configuration file that defines database addresses that clients use to connect to an Oracle database. The tnsnames.ora file may contain multiple host names, ports, service names, instance names, or SIDs.
The PUPM Agent resolves the $ORACLE_HOME and $TNS_ADMIN environment variables to resolve the full path of the tnsnames.ora file. The environment variables are defined in the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\Instrumentation\PlugIns\plugin\EnvironmentVariables
Specifies the name of the plug-in that intercepts the connection attempt.
Values: OCIPlg, ODBCPlg, OLEDBPlg
The PUPM Agent parses the tnsnames.ora file each time it intercepts a connection attempt to an Oracle database. If the file contains multiple values for any of these attributes, the PUPM Agent creates a separate network set for each possible attribute combination. The PUPM Agent sends all the network sets to CA Access Control Enterprise Management, which gets the password for the privileged account that most closely matches the network set.
Example: Network Sets In a tnsnames.ora File
The following is an example of the tnsnames.ora file:
SAMPLE_INSTANCE=
(DESCRIPTION=
(SOURCE_ROUTE=yes)
(ADDRESS=(PROTOCOL=tcp)(HOST=host1)(PORT=1630)) # hop 1
(ADDRESS_LIST=
(FAILOVER=on)
(LOAD_BALANCE=off) # hop 2
(ADDRESS=(PROTOCOL=tcp)(HOST=host2a)(PORT=1630))
(ADDRESS=(PROTOCOL=tcp)(HOST=host2b)(PORT=1630)))
(ADDRESS=(PROTOCOL=tcp)(HOST=host3)(PORT=1521)) # hop 3
(CONNECT_DATA=(SERVICE_NAME=Sales.example.com)))
When the PUPM Agent parses this tnsnames.ora file, it sends the following network sets to CA Access Control Enterprise Management:
| Copyright © 2012 CA. All rights reserved. |
|