Previous Topic: Password Consumer Example: JDBC DatabaseNext Topic: Configure an Endpoint to Use a Database (ODBC, OLEDB, OCI) Password Consumer


Additional Information for Oracle Databases

The tnsnames.ora file is an Oracle configuration file that defines database addresses that clients use to connect to an Oracle database. The tnsnames.ora file may contain multiple host names, ports, service names, instance names, or SIDs.

The SAM Agent resolves the $ORACLE_HOME and $TNS_ADMIN environment variables to resolve the full path of the tnsnames.ora file. The environment variables are defined in the following registry entry:

HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\Instrumentation\PlugIns\plugin\EnvironmentVariables
plugin

Specifies the name of the plug-in that intercepts the connection attempt.

Values: OCIPlg, ODBCPlg, OLEDBPlg

The SAM Agent parses the tnsnames.ora file each time it intercepts a connection attempt to an Oracle database. If the file contains multiple values for any of these attributes, the SAM Agent creates a separate network set for each possible attribute combination. The SAM Agent sends all the network sets to CA ControlMinder Enterprise Management, which gets the password for the privileged account that most closely matches the network set.

Example: Network Sets In a tnsnames.ora File

The following is an example of the tnsnames.ora file:

SAMPLE_INSTANCE=
 (DESCRIPTION= 
   (SOURCE_ROUTE=yes) 
   (ADDRESS=(PROTOCOL=tcp)(HOST=host1)(PORT=1630))    # hop 1 
   (ADDRESS_LIST=  
     (FAILOVER=on) 
     (LOAD_BALANCE=off)                                # hop 2 
     (ADDRESS=(PROTOCOL=tcp)(HOST=host2a)(PORT=1630)) 
     (ADDRESS=(PROTOCOL=tcp)(HOST=host2b)(PORT=1630)))
   (ADDRESS=(PROTOCOL=tcp)(HOST=host3)(PORT=1521))    # hop 3
   (CONNECT_DATA=(SERVICE_NAME=Sales.example.com)))

When the SAM Agent parses this tnsnames.ora file, it sends the following network sets to CA ControlMinder Enterprise Management: