1.161 LDAP_DIRECTORY_SYSAUTH

LDAP_DIRECTORY_SYSAUTH allows or disallows directory-based authorization for users granted administrative privileges, such as SYSDBA, SYSOPER, SYSASM, SYSBACKUP, SYSDG, and SYSKM.

Property Description

Parameter type

String

Syntax

LDAP_DIRECTORY_SYSAUTH = { yes | no }

Default value

no

Modifiable

No

Modifiable in a PDB

No

Basic

Yes

When LDAP_DIRECTORY_SYSAUTH is set to yes, directory users are allowed to connect to the database as SYSDBA, SYSOPER, SYSASM, SYSBACKUP, SYSDG, or SYSKM, if they have mapped database global users that are granted corresponding administrative privileges such as SYSDBA, SYSOPER, SYSASM, SYSBACKUP, SYSDG, and SYSKM.

When LDAP_DIRECTORY_SYSAUTH is set to no, directory users are not allowed to connect to the database as SYSDBA, SYSOPER, SYSASM, SYSBACKUP, SYSDG, or SYSKM, even if they have mapped database global users that are granted corresponding administrative privileges such as SYSDBA, SYSOPER, SYSASM, SYSBACKUP, SYSDG, and SYSKM.