SlideShare uma empresa Scribd logo

Trivadis TechEvent 2017 Kerberos and Databases a Success by Stefan Oehrli

Trivadis
Trivadis

Or how to mess up the day. Strong authentication is state of the art. With Kerberos, strong authentication and SSO can fairly easily be setup and configured with the Oracle database. But unfortunately, the devil is in the details. Different client / server releases, complex architectures as well as one or the other bug makes life difficult. The aim of this presentation is to show how strong authentication with Kerberos can be successfully configured. Beside we will discuss special topics like standard vs. enterprise edition, DB links, proxy user and more.

Tecnologia
1 de 48
Baixar para ler offline
BASEL BERN BRUGG DÜSSELDORF FRANKFURT A.M. FREIBURG I.BR. GENF HAMBURG KOPENHAGEN LAUSANNE MÜNCHEN STUTTGART WIEN ZÜRICH Kerberos and Databases a Success… … or the History of a Varied Journey Stefan Oehrli
Our company. TechEvent – Kerberos and databases a success2 15.09.2017 Trivadis is a market leader in IT consulting, system integration, solution engineering and the provision of IT services focusing on and technologies in Switzerland, Germany, Austria and Denmark. We offer our services in the following strategic business fields: Trivadis Services takes over the interacting operation of your IT systems. O P E R A T I O N
COPENHAGEN MUNICH LAUSANNE BERN ZURICH BRUGG GENEVA HAMBURG DÜSSELDORF FRANKFURT STUTTGART FREIBURG BASEL VIENNA With over 600 specialists and IT experts in your region. TechEvent – Kerberos and databases a success3 15.09.2017 14 Trivadis branches and more than 600 employees 200 Service Level Agreements Over 4,000 training participants Research and development budget: CHF 5.0 million Financially self-supporting and sustainably profitable Experience from more than 1,900 projects per year at over 800 customers
15.09.2017 TechEvent – Kerberos and databases a success4 Technology on its own won't help you. You need to know how to use it properly.
Stefan Oehrli TechEvent – Kerberos and databases a success15.09.2017 Solution Manager BDS SEC / Trivadis Partner Working since 1997 in IT Since 2008 with Trivadis AG Since 2010 Discipline Manager SEC INFR Since 2014 Solution Manager BDS Security 5 IT Experience Database Administration and Database security solutions Administration complex, heterogeneous Environments Team leader of a team of database administrators Skills Backup & Recovery Oracle Advanced Security Oracle AVDF and DB Vault Oracle Directory Services Team / Project Management Lector for Trivadis Database Security (O-SEC) and Backup & Recovery (O- BR/O-BR-Pract) Training Specialization Database Security und Operation Security Concepts and Implementations Security Reviews Oracle Backup & Recovery Enterprise User Security and Oracle Unified Directory
Agenda TechEvent – Kerberos and databases a success6 15.09.2017 1. Introduction 2. Kerberos: The Network Authentication Protocol 3. Setup and Configure 4. First Steps 5. Advanced Use Cases 6. Oracle Net Services and Kerberos Troubleshooting 7. Round Up
TechEvent – Kerberos and databases a success7 15.09.2017 Introduction
Introduction TechEvent – Kerberos and databases a success8 15.09.2017 Greek Κέρβερος Latinisiert Cerberus, German Zerberus A moon of Pluto "Dämon der Grube" In Greek mythology it is the hell hound and gatekeeper who guards the entrance to the underworld.. "Auch den Kerberos sah ich, mit bissigen Zähnen bewaffnet Böse rollt er die Augen, den Schlund des Hades bewachend. Wagt es einer der Toten an ihm vorbei sich zu schleichen, So schlägt er die Zähne tief und schmerzhaft ins Fleisch der Entfliehenden Und schleppt sie zurück unter Qualen, Der böse, der bissige Wächter." (Quelle: Odyssee von Homer)
But why do we need a gatekeeper from hell? TechEvent – Kerberos and databases a success9 15.09.2017 Avoid unsecure logins Start using strong authentication Increased security requirements – Compliance requirements – Legal requirements eg. GDPR Improve user experience – SSO Single Sign On / Logon It is Friday and the DBA has nothing to do... 
But it's gonna cost... TechEvent – Kerberos and databases a success10 15.09.2017 A small update to the Oracle documentation… – …which is overlooked quickly  Oracle® Database Licensing Information, Oracle Advanced Security Network encryption (native network encryption and SSL/TLS) and strong authentication services (Kerberos, PKI, and RADIUS) are no longer part of Oracle Advanced Security and are available in all licensed editions of all supported releases of the Oracle database. Introduced with Oracle 12c Release 1 Adjusted with Oracle 11.2.0.4 for any licensed Oracle Database – Require a valid Oracle License for 11g, 12g etc. – Valid for Standard and Enterprise Editions
TechEvent – Kerberos and databases a success11 15.09.2017 Kerberos: The Network Authentication Protocol
Kerberos in a Nutshell TechEvent – Kerberos and databases a success12 15.09.2017 Network Authentication Protocol developed by MIT Uses a trusted third-party Authentication System KDC (not KGB…) – “strong” Authentication Basis for a couple of Services and Tools Windows Servers Requires three parties – KDC with Authentication Service and Ticket Granting Service – Service or Service Principle who provide a Service – Client who request access Has been around for some time now
Kerberos Authentication Workflow TechEvent – Kerberos and databases a success13 15.09.2017 Keytab file Service Ticket Acknowledge session
Terms TechEvent – Kerberos and databases a success14 15.09.2017 KDC Key Distribution Center AS Authentication Service TGS Ticket Granting Service TGT Ticket Granting Ticket Key Table keytab stores long-term keys for one or more principals Credential Cache / “ccache” holds the Kerberos credentials while they remain valid
More Information on Kerberos TechEvent – Kerberos and databases a success15 15.09.2017 Massachusetts Institute of Technology (MIT), Kerberos: The Network Authentication Protocol https://web.mit.edu/kerberos Master Note For Kerberos Authentication (Doc ID 1375853.1) https://support.oracle.com/epmos/faces/DocumentDisplay?id=1375853.1 Configuring ASO Kerberos Authentication with a MS Windows 2008 R2 AD KDC https://support.oracle.com/epmos/faces/DocumentDisplay?id=1304004.1 Explain like I’m 5: Kerberos http://www.roguelynn.com/words/explain-like-im-5-kerberos Microsoft Developer Network, Kerberos Explained https://msdn.microsoft.com/en-us/library/bb742516.aspx Kerberos explained in pictures http://danlebrero.com/2017/03/26/Kerberos-explained-in-pictures
TechEvent – Kerberos and databases a success16 15.09.2017 Setup and Configure
Architecture TechEvent – Kerberos and databases a success17 15.09.2017 MS Active Directory 2012 R2 Server Database Server with Oracle 11g, 12c – Enterprise and Standard Edition Client with Oracle Client (Full or Instant Client) – Mac OS or VM Host – MS Active Directory VM as “Client”
KDC / MS Active Directory TechEvent – Kerberos and databases a success18 15.09.2017 Setup of a simple Windows 2012 R2 Server with Active Directory Role – Including AD, DNS, CS Services Create Containers for User, Groups etc Create a bunch of Test Users
KDC / MS Active Directory TechEvent – Kerberos and databases a success19 15.09.2017 C:>ktpass.exe -princ oracle/urania.postgasse.org@POSTGASSE.ORG -mapuser urania.postgasse.org -crypto all -pass <PWD> -out c:urania.keytab Create a Service Principle for the Database Service – One keytab file per DB Server – Usable Key Types / Crypto’s highly depended AD and Oracle Version
Database Server Configuration TechEvent – Kerberos and databases a success20 15.09.2017 Kerberos adaptors are part of any Oracle Enterprise Edition installation Configured with sqlnet.ora and krb5.conf Keytab file has to be copied to Database Server DNS lookup and revers lookup has to work Servers have to have the same time (NTP, time synchronization)
Database Server Configuration (1) TechEvent – Kerberos and databases a success21 15.09.2017 SQLNET.AUTHENTICATION_SERVICES = (BEQ, KERBEROS5) # KERBEROS5PRE SQLNET.KERBEROS5_KEYTAB = /u00/app/oracle/network/admin/urania.keytab SQLNET.KERBEROS5_CC_NAME = /u00/app/oracle/network/admin/krbcache SQLNET.KERBEROS5_CONF = /u00/app/oracle/network/admin/krb5.conf SQLNET.KERBEROS5_CONF_MIT = TRUE SQLNET.FALLBACK_AUTHENTICATION = TRUE SQLNET.AUTHENTICATION_KERBEROS5_SERVICE = oracle Configured with sqlnet.ora
Database Server Configuration (2) TechEvent – Kerberos and databases a success22 15.09.2017 ####krb5.conf DB Server [realms] POSTGASSE.ORG = { kdc = mneme.postgasse.org admin_server = mneme.postgasse.org } [domain_realm] .postgasse.org = POSTGASSE.ORG postgasse.org = POSTGASSE.ORG And a krb5.conf File
Database Server Configuration (3) TechEvent – Kerberos and databases a success23 15.09.2017 ####krb5.conf DB Server [logging] default = FILE:/u00/app/oracle/network/log/krb5lib.log Kdc. = FILE:/u00/app/oracle/network/log/krb5kdc.log admin_server = FILE:/u00/app/oracle/network/log/kadmind.log [libdefaults] default_tgs_enctypes = aes128-cts-hmac-sha1-96 arcfour-hmac arcfour-hmac-md5 default_tkt_enctypes = aes128-cts-hmac-sha1-96 arcfour-hmac arcfour-hmac-md5 permitted_enctypes = aes128-cts-hmac-sha1-96 arcfour-hmac arcfour-hmac-md5 default_realm = POSTGASSE.ORG clockskew=300 ticket_lifetime = 24h renew_lifetime = 7d forwardable = true More krb5.conf options but in general not used in Oracle Kerberos
What about Standard Edition? TechEvent – Kerberos and databases a success24 15.09.2017 adapters Installed Oracle Net transport protocols are: IPC BEQ ... AES 256-bit encryption MD5 crypto-checksumming SHA-1 crypto-checksumming By default Oracle Standard Edition does not support Kerberos Authentication – No dependence on ASO anymore How To Enable Radius and Kerberos Adapters in Oracle Database 11g Standard Edition https://support.oracle.com/epmos/faces/DocumentDisplay?id=2145731.1 Current status can be checked with adapters
What about Standard Edition? TechEvent – Kerberos and databases a success25 15.09.2017 adapters Installed Oracle Net transport protocols are: IPC BEQ ... SHA-1 crypto-checksumming Kerberos v5 authentication RADIUS authentication New adapters for Radius and Kerberos cd $cdh/lib cp nautab.o nautab_se.o.dbl cp nautab_ee.o.dbl nautab.o relink all Solution requires relink of binaries
Database Users TechEvent – Kerberos and databases a success26 15.09.2017 ALTER USER scott IDENTIFIED EXTERNALLY AS 'scott@POSTGASSE.ORG'; ALTER USER "soe@POSTGASSE.ORG" IDENTIFIED EXTERNALLY; Alter existing users CREATE USER "soe@POSTGASSE.ORG" IDENTIFIED EXTERNALLY; CREATE USER joe IDENTIFIED EXTERNALLY AS 'joe@POSTGASSE.ORG'; Create Kerberos enabled database users
Client Configuration (1) TechEvent – Kerberos and databases a success27 15.09.2017 SQLNET.AUTHENTICATION_SERVICES=(BEQ, KERBEROS5PRE, KERBEROS5) SQLNET.KERBEROS5_CONF=C:u00apporaclenetworkadminkrb5.conf SQLNET.KERBEROS5_CONF_MIT=TRUE SQLNET.KERBEROS5_CC_NAME = OSMSFT:// #SQLNET.KERBEROS5_CC_NAME = MSLSA: Install at least an Oracle Instant Client – Full client offers more comfort for engineering  Wisely choose the right version and patch level – Mixed Clients and Oracle Version 11.2.0.3, 11.2.0.4, 12.1.0.1, 12.2.0.1,… Adjust sqlnet.ora and krb5.conf
Client Configuration (2) TechEvent – Kerberos and databases a success28 15.09.2017 ####krb5.conf Client [libdefaults] default_realm = POSTGASSE.ORG clockskew=300 [realms] POSTGASSE.ORG = { kdc = mneme.postgasse.org admin_server = mneme.postgasse.org } [domain_realm] .postgasse.org = POSTGASSE.ORG postgasse.org = POSTGASSE.ORG Create a krb5.conf File
Authentication – Kerberos TechEvent 2016 - Oracle 12c New Security Features29 26.10.2017 oracle@urania:/u00/app/oracle/network/admin/ [TDB122A] sqlplus /@TDB122A SQL*Plus: Release 12.2.0.1.0 Production on Thu Sep 14 06:23:10 2017 Copyright (c) 1982, 2016, Oracle. All rights reserved. Connected to: Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production SQL> select sys_context('userenv','authentication_method') from dual; SYS_CONTEXT('USERENV','AUTHENTICATION_METHOD') -------------------------------------------------------------------------------- KERBEROS SQL> exit Disconnected from Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit ProductionORA-24550: signal received: [si_signo=7] [si_errno=0] [si_code=128] [si_int=-98422784] [si_ptr=0x7f9ffa223000] [si_addr=(nil)]kpedbg_dmp_stack()+400<-kpeDbgCrash()+210<-kpeDbgSignalHandler()+121<-skgesig_sigaction Handler()+272<-__sighandler()<-_int_free()+734<-nauztk5adisconnect()+3744<-snau_dis()+1436<-nadisc()+324<- nsnadisc()+339<-nsclose()+727<-nioqds()+417<-upidhs()+210<-kpudtch()+513<-aficntdta()+107<-aficexf()+43<- aficex()+366<-afiexi()+1086<-aficmd()+2914<-aficfd()+3053<-aficdr()+151<-afidrv()+5950<-main()+105<- __libc_start_main()+245 Bus error (core dumped) Oracle 12.2.0.1 introduced automatic krb5.conf discovery from DNS
TechEvent – Kerberos and databases a success30 15.09.2017 First Steps
Kerberos Client Tools TechEvent – Kerberos and databases a success31 15.09.2017 Oracle does provide a bunch of client tools – Mainly the “Oracle” version of the regular MIT Kerberos Tools Client tools are only part of the Database Binaries or Full Clients okinit / kinit obtains and caches Kerberos tickets oklist / klist display the list of tickets held okdstry / kdestroy remove credentials from the credentials cache file okcreate automates the creation of keytabs from the KDC or a service endpoint – Introduced with Oracle 12.2 but intend to be used on a real KDC
Windows Client TechEvent – Kerberos and databases a success32 15.09.2017 soe@MNEME:C:u00apporaclenetworkadmin [rdbms11204] sqlplus /@TDB122A SQL*Plus: Release 11.2.0.4.0 Production on Fr Sep 15 10:53:44 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. Verbunden mit: Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production SQL> SELECT sys_context('userenv','authentication_method') FROM dual; SYS_CONTEXT('USERENV','AUTHENTICATION_METHOD') -------------------------------------------------------------------------------- KERBEROS Steps to use Kerberos authentication – Just login then you have a TGT – Start SQLPlus
Unix Clients TechEvent – Kerberos and databases a success33 15.09.2017 oracle@urania:~/ [TDB122A] sqlplus /@TDB112A ... SQL> SELECT sys_context('userenv','authentication_method') FROM dual; SYS_CONTEXT('USERENV','AUTHENTICATION_METHOD') -------------------------------------------------------------------------------- KERBEROS Use SQLPlus oracle Urania:~/ [TDB122A] okinit soe Kerberos Utilities for Linux: Version 12.2.0.1.0 - Production on 15-SEP-2017 10:57:34 Copyright (c) 1996, 2016 Oracle. All rights reserved. Configuration file : /u00/app/oracle/network/admin/krb5.conf. Password for soe@POSTGASSE.ORG: Manually get a Ticket Granting Ticket
Mac OS TechEvent – Kerberos and databases a success34 15.09.2017 kinit -c /tmp/soe soe@POSTGASSE.ORG Password for soe@POSTGASSE.ORG: soe@gaia:~/local/dev/tvdsecdb/local/bin/ [ic12102] sqlplus /@TDB122A ... SQL> SELECT sys_context('userenv','authentication_method') FROM dual; SYS_CONTEXT('USERENV','AUTHENTICATION_METHOD') -------------------------------------------------------------------------------- KERBEROS Does work even on MacOS
TechEvent – Kerberos and databases a success35 15.09.2017 Advanced Use Cases
Advanced Use Cases TechEvent – Kerberos and databases a success36 15.09.2017 Client Typ jdbc thin, jdbc thick, OCI? – All of them do work just depends on key type, OS, ccache etc Enterprise User Security – Well does work independently of Kerberos DB Links – Do not work or just limited possibilities – Require forward able ccache e.g. okinit –f – User CURRENT_USER database Links
TechEvent – Kerberos and databases a success37 15.09.2017 Oracle Net Services and Kerberos Troubleshooting
Kerberos Troubleshooting (1) TechEvent – Kerberos and databases a success38 15.09.2017 SQLNet Trace on Client SQLNet Trace on Server Use Network Tracing like WireShark TRACE_LEVEL_OKINIT = SUPPORT TRACE_UNIQUE_OKINIT = on TRACE_DIRECTORY_OKINIT = /u00/app/oracle/network/log Kerberos Troubleshooting can be is quite cumbersome – Only via SQLNet Trace Dedicated trace file for okinit possible
Kerberos Troubleshooting (2) TechEvent – Kerberos and databases a success39 15.09.2017 java -Dsun.security.krb5.debug=true -Dsun.security.spnego.debug=true -Djavax.net.debug=all LoginTestKerberos >>>DEBUG <CCacheInputStream> client principal is soe@POSTGASSE.ORG >>>DEBUG <CCacheInputStream> server principal is krbtgt/POSTGASSE.ORG@POSTGASSE.ORG >>>DEBUG <CCacheInputStream> key type: 17 >>>DEBUG <CCacheInputStream> auth time: Fri Sep 15 11:01:27 CEST 2017 >>>DEBUG <CCacheInputStream> start time: Fri Sep 15 11:01:27 CEST 2017 >>>DEBUG <CCacheInputStream> end time: Fri Sep 15 21:01:27 CEST 2017 >>>DEBUG <CCacheInputStream> renew_till time: Sat Sep 16 11:01:27 CEST 2017 >>> CCacheInputStream: readFlags() RENEWABLE; INITIAL; >>>DEBUG <CCacheInputStream> client principal is soe@POSTGASSE.ORG Java config name: /etc/krb5.conf Loaded from Java config ... Java Trace on Command line
Kerberos Trace Files TechEvent 2016 - Oracle 12c New Security Features40 26.10.2017 [654] 1505467906.511077: Getting credentials hmu@POSTGASSE.ORG -> oracle/urania.postgasse.org@POSTGASSE.ORG using ccache FILE:/u00/app/oracle/network/admin/krbcache [654] 1505467906.511223: Retrieving hmu@POSTGASSE.ORG -> oracle/urania.postgasse.org@POSTGASSE.ORG from FILE:/u00/app/oracle/network/admin/krbcache with result: 0/Success [654] 1505467906.511553: Creating authenticator for hmu@POSTGASSE.ORG -> oracle/urania.postgasse.org@POSTGASSE.ORG, seqnum 0, subkey (null), session key aes256-cts/B93C [654] 1505467906.514169: Getting credentials hmu@POSTGASSE.ORG -> oracle/urania.postgasse.org@POSTGASSE.ORG using ccache FILE:/u00/app/oracle/network/admin/krbcache ... [654] 1505467906.517510: Response was not from master KDC [654] 1505467906.517546: Decoding FAST response [654] 1505467906.517688: FAST reply key: aes256-cts/21CF [654] 1505467906.517725: TGS reply is for hmu@POSTGASSE.ORG -> krbtgt/POSTGASSE.ORG@POSTGASSE.ORG with session key aes256-cts/2E01 [654] 1505467906.517740: Got cred; 0/Success Oracle 12c R2 has a reworked Kerberos stack (again… 🤔 ) – Supports the environment variable KRB5_TRACE ➡ finally some kind of a Kerberos Trace file
Kerberos Troubleshooting Steps TechEvent – Kerberos and databases a success41 15.09.2017 Check DNS lookup and revers lookup. Check System time. Do all system have the same time? Or within clockskew Is the account locked? Is an okinit possible? Is Kerberos Authentication used at all? Start to Trace if possible with Oracle 12c sqlplus and KRB5_TRACE Start SQLNet Tracing Use alternative SQLNet or Listener configuration – static listener with ENV defining alternative TNSADMIN directory – if possible have different configuration for different use ase
Usual issues TechEvent 2016 - Oracle 12c New Security Features42 26.10.2017 Time shift DNS does not work Configuration file Issues (tabs, wrong parameter, case of username, ticket size etc) Wrong service name Wrong kvno, version of the keytab Wrong or not Supported Krypto Type – Old Krypto’s like DES are blocked, new like AES 256 require JCE Kerberos Bugs Oracle or Microsoft bad hair day…
MOS Notes and other links TechEvent – Kerberos and databases a success43 15.09.2017 Master Note For Kerberos Authentication https://support.oracle.com/epmos/faces/DocumentDisplay?id=1375853.1 How To Configure Kerberos Authentication In A 12c Database https://support.oracle.com/epmos/faces/DocumentDisplay?id=1996329.1 Configuring ASO Kerberos Authentication with a MS Windows 2008 R2 AD KDC https://support.oracle.com/epmos/faces/DocumentDisplay?id=1304004.1 ORA-12518 / TNS-12518 Troubleshooting https://support.oracle.com/epmos/faces/DocumentDisplay?id=556428.1 How To Enable Radius and Kerberos Adapters In Oracle Database 11g Standard Edition https://support.oracle.com/epmos/faces/DocumentDisplay?id=2145731.1 Java Kerberos Troubleshooting http://docs.oracle.com/javase/7/docs/technotes/guides/security/jgss/tutorials/Troubleshooting.html
TechEvent – Kerberos and databases a success44 15.09.2017 Round Up
Round Up TechEvent – Kerberos and databases a success45 15.09.2017 Oracle has done the homework and fixed a couple of bugs – but there is still some room for improvements The fault is not only with Oracle – although Kerberos is standardized it does not mean that every implementation is similar and without bugs, Kerberos MIT, Microsoft, OS etc does the rest Simple architectures can be implemented quickly, but … – … complex KDC or Active Directory structures – … version diversity – ... application and client types – … are challenging Quote: Kerberos is hell, but as soon as it works, it's nice and comfortable... …and now a bit cosier
Round Up TechEvent – Kerberos and databases a success46 15.09.2017 We are happy to support you: With Security Reviews and Risk Assessments In the creation of security concepts and their implementation Provide comprehensive advice in data security
Session Feedback – now TechEvent – Kerberos and databases a success47 15.09.2017 Please use the Trivadis Events mobile app to give feedback on each session Use "My schedule" if you have registered for a session Otherwise use "Agenda" and the search function If the mobile app does not work (or if you have a Windows smartphone), use your smartphone browser – URL: http://trivadis.quickmobileplatform.eu/ – User name: <your_loginname> (such as “svv”) – Password: sent by e-mail...
Stefan Oehrli Solution Manager / Trivadis Partner Tel.: +41 58 459 55 55 stefan.oehrli@trivadis.com http://www.trivadis.com/security http://www.oradba.ch @stefanoehrli 15.09.2017 TechEvent – Kerberos and databases a success48

Recomendados

MySQL Document Store - How to replace a NoSQL database by MySQL without effor...
MySQL Document Store - How to replace a NoSQL database by MySQL without effor...MySQL Document Store - How to replace a NoSQL database by MySQL without effor...
MySQL Document Store - How to replace a NoSQL database by MySQL without effor...Frederic Descamps
 
Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with Terraform
Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with TerraformOracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with Terraform
Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with TerraformFrederic Descamps
 
MySQL InnoDB Cluster and Group Replication in a Nutshell
MySQL InnoDB Cluster and Group Replication in a NutshellMySQL InnoDB Cluster and Group Replication in a Nutshell
MySQL InnoDB Cluster and Group Replication in a NutshellFrederic Descamps
 
Oracle made it easy: Cloud DB Vergleich
Oracle made it easy: Cloud DB VergleichOracle made it easy: Cloud DB Vergleich
Oracle made it easy: Cloud DB VergleichOPITZ CONSULTING Deutschland
 
Cloud native - Why to use MySQL 8.0 and how to use it on oci with MDS
Cloud native - Why to use MySQL 8.0 and how to use it on oci with MDSCloud native - Why to use MySQL 8.0 and how to use it on oci with MDS
Cloud native - Why to use MySQL 8.0 and how to use it on oci with MDSFrederic Descamps
 
Les nouveautés de MySQL 8.0
Les nouveautés de MySQL 8.0Les nouveautés de MySQL 8.0
Les nouveautés de MySQL 8.0Frederic Descamps
 
Introduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterIntroduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterFrederic Descamps
 
Introduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterIntroduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterFrederic Descamps
 

Recomendados

MySQL Document Store - How to replace a NoSQL database by MySQL without effor...
MySQL Document Store - How to replace a NoSQL database by MySQL without effor...MySQL Document Store - How to replace a NoSQL database by MySQL without effor...
MySQL Document Store - How to replace a NoSQL database by MySQL without effor...Frederic Descamps
 
Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with Terraform
Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with TerraformOracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with Terraform
Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with TerraformFrederic Descamps
 
MySQL InnoDB Cluster and Group Replication in a Nutshell
MySQL InnoDB Cluster and Group Replication in a NutshellMySQL InnoDB Cluster and Group Replication in a Nutshell
MySQL InnoDB Cluster and Group Replication in a NutshellFrederic Descamps
 
Oracle made it easy: Cloud DB Vergleich
Oracle made it easy: Cloud DB VergleichOracle made it easy: Cloud DB Vergleich
Oracle made it easy: Cloud DB VergleichOPITZ CONSULTING Deutschland
 
Cloud native - Why to use MySQL 8.0 and how to use it on oci with MDS
Cloud native - Why to use MySQL 8.0 and how to use it on oci with MDSCloud native - Why to use MySQL 8.0 and how to use it on oci with MDS
Cloud native - Why to use MySQL 8.0 and how to use it on oci with MDSFrederic Descamps
 
Les nouveautés de MySQL 8.0
Les nouveautés de MySQL 8.0Les nouveautés de MySQL 8.0
Les nouveautés de MySQL 8.0Frederic Descamps
 
Introduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterIntroduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterFrederic Descamps
 
Introduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterIntroduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterFrederic Descamps
 
MySQL Community Meetup in China : Innovation driven by the Community
MySQL Community Meetup in China : Innovation driven by the CommunityMySQL Community Meetup in China : Innovation driven by the Community
MySQL Community Meetup in China : Innovation driven by the CommunityFrederic Descamps
 
MySQL Database Service Webinar: Installing Drupal in oci with mds
MySQL Database Service Webinar: Installing Drupal in oci with mdsMySQL Database Service Webinar: Installing Drupal in oci with mds
MySQL Database Service Webinar: Installing Drupal in oci with mdsFrederic Descamps
 
Introduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterIntroduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterFrederic Descamps
 
HNazarianRes_Current_19Feb2015
HNazarianRes_Current_19Feb2015HNazarianRes_Current_19Feb2015
HNazarianRes_Current_19Feb2015Harry Nazarian
 
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...Michael Noel
 
Deploying Magento on OCI with MDS
Deploying Magento on OCI with MDSDeploying Magento on OCI with MDS
Deploying Magento on OCI with MDSFrederic Descamps
 
Introduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterIntroduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterFrederic Descamps
 
the State of the Dolphin - October 2020
the State of the Dolphin - October 2020the State of the Dolphin - October 2020
the State of the Dolphin - October 2020Frederic Descamps
 
MySQL Database Service Webinar: Upgrading from on-premise MySQL to MDS
MySQL Database Service Webinar: Upgrading from on-premise MySQL to MDSMySQL Database Service Webinar: Upgrading from on-premise MySQL to MDS
MySQL Database Service Webinar: Upgrading from on-premise MySQL to MDSFrederic Descamps
 
What is mod_perl?
What is mod_perl?What is mod_perl?
What is mod_perl?webhostingguy
 
Introduction to MySQL Document Store
Introduction to MySQL Document StoreIntroduction to MySQL Document Store
Introduction to MySQL Document StoreFrederic Descamps
 
Boston meetup : MySQL Innodb Cluster - May 1st 2017
Boston meetup : MySQL Innodb Cluster - May 1st 2017Boston meetup : MySQL Innodb Cluster - May 1st 2017
Boston meetup : MySQL Innodb Cluster - May 1st 2017Frederic Descamps
 
Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...
Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...
Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...Frederic Descamps
 
Presentation Template - NCOAUG Conference Presentation - 16 9
Presentation Template - NCOAUG Conference Presentation - 16 9Presentation Template - NCOAUG Conference Presentation - 16 9
Presentation Template - NCOAUG Conference Presentation - 16 9Mohamed Sadek
 
Melbourne Chef Meetup: Automating Azure Compliance with InSpec
Melbourne Chef Meetup: Automating Azure Compliance with InSpecMelbourne Chef Meetup: Automating Azure Compliance with InSpec
Melbourne Chef Meetup: Automating Azure Compliance with InSpecMatt Ray
 
Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?
Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?
Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?M. Fevzi Korkutata
 
Pi Day 2022 - from IoT to MySQL HeatWave Database Service
Pi Day 2022 - from IoT to MySQL HeatWave Database ServicePi Day 2022 - from IoT to MySQL HeatWave Database Service
Pi Day 2022 - from IoT to MySQL HeatWave Database ServiceFrederic Descamps
 
MySQL Group Replication: Handling Network Glitches - Best Practices
MySQL Group Replication: Handling Network Glitches - Best PracticesMySQL Group Replication: Handling Network Glitches - Best Practices
MySQL Group Replication: Handling Network Glitches - Best PracticesFrederic Descamps
 
TechEvent EUS, Kerberos, SSL and OUD
TechEvent EUS, Kerberos, SSL and OUDTechEvent EUS, Kerberos, SSL and OUD
TechEvent EUS, Kerberos, SSL and OUDTrivadis
 
Trivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael SchwarzgornTrivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael SchwarzgornTrivadis
 
Oracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection IssuesOracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection IssuesMarkus Flechtner
 
Oracle E-Business Suite On Oracle Cloud
Oracle E-Business Suite On Oracle CloudOracle E-Business Suite On Oracle Cloud
Oracle E-Business Suite On Oracle Cloudpasalapudi
 

Mais conteúdo relacionado

Mais procurados

MySQL Community Meetup in China : Innovation driven by the Community
MySQL Community Meetup in China : Innovation driven by the CommunityMySQL Community Meetup in China : Innovation driven by the Community
MySQL Community Meetup in China : Innovation driven by the CommunityFrederic Descamps
 
MySQL Database Service Webinar: Installing Drupal in oci with mds
MySQL Database Service Webinar: Installing Drupal in oci with mdsMySQL Database Service Webinar: Installing Drupal in oci with mds
MySQL Database Service Webinar: Installing Drupal in oci with mdsFrederic Descamps
 
Introduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterIntroduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterFrederic Descamps
 
HNazarianRes_Current_19Feb2015
HNazarianRes_Current_19Feb2015HNazarianRes_Current_19Feb2015
HNazarianRes_Current_19Feb2015Harry Nazarian
 
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...Michael Noel
 
Deploying Magento on OCI with MDS
Deploying Magento on OCI with MDSDeploying Magento on OCI with MDS
Deploying Magento on OCI with MDSFrederic Descamps
 
Introduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterIntroduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterFrederic Descamps
 
the State of the Dolphin - October 2020
the State of the Dolphin - October 2020the State of the Dolphin - October 2020
the State of the Dolphin - October 2020Frederic Descamps
 
MySQL Database Service Webinar: Upgrading from on-premise MySQL to MDS
MySQL Database Service Webinar: Upgrading from on-premise MySQL to MDSMySQL Database Service Webinar: Upgrading from on-premise MySQL to MDS
MySQL Database Service Webinar: Upgrading from on-premise MySQL to MDSFrederic Descamps
 
Introduction to MySQL Document Store
Introduction to MySQL Document StoreIntroduction to MySQL Document Store
Introduction to MySQL Document StoreFrederic Descamps
 
Boston meetup : MySQL Innodb Cluster - May 1st 2017
Boston meetup : MySQL Innodb Cluster - May 1st 2017Boston meetup : MySQL Innodb Cluster - May 1st 2017
Boston meetup : MySQL Innodb Cluster - May 1st 2017Frederic Descamps
 
Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...
Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...
Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...Frederic Descamps
 
Presentation Template - NCOAUG Conference Presentation - 16 9
Presentation Template - NCOAUG Conference Presentation - 16 9Presentation Template - NCOAUG Conference Presentation - 16 9
Presentation Template - NCOAUG Conference Presentation - 16 9Mohamed Sadek
 
Melbourne Chef Meetup: Automating Azure Compliance with InSpec
Melbourne Chef Meetup: Automating Azure Compliance with InSpecMelbourne Chef Meetup: Automating Azure Compliance with InSpec
Melbourne Chef Meetup: Automating Azure Compliance with InSpecMatt Ray
 
Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?
Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?
Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?M. Fevzi Korkutata
 
Pi Day 2022 - from IoT to MySQL HeatWave Database Service
Pi Day 2022 - from IoT to MySQL HeatWave Database ServicePi Day 2022 - from IoT to MySQL HeatWave Database Service
Pi Day 2022 - from IoT to MySQL HeatWave Database ServiceFrederic Descamps
 
MySQL Group Replication: Handling Network Glitches - Best Practices
MySQL Group Replication: Handling Network Glitches - Best PracticesMySQL Group Replication: Handling Network Glitches - Best Practices
MySQL Group Replication: Handling Network Glitches - Best PracticesFrederic Descamps
 

Mais procurados (18)

MySQL Community Meetup in China : Innovation driven by the Community
MySQL Community Meetup in China : Innovation driven by the CommunityMySQL Community Meetup in China : Innovation driven by the Community
MySQL Community Meetup in China : Innovation driven by the Community
 
MySQL Database Service Webinar: Installing Drupal in oci with mds
MySQL Database Service Webinar: Installing Drupal in oci with mdsMySQL Database Service Webinar: Installing Drupal in oci with mds
MySQL Database Service Webinar: Installing Drupal in oci with mds
 
Introduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterIntroduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB Cluster
 
HNazarianRes_Current_19Feb2015
HNazarianRes_Current_19Feb2015HNazarianRes_Current_19Feb2015
HNazarianRes_Current_19Feb2015
 
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
 
Deploying Magento on OCI with MDS
Deploying Magento on OCI with MDSDeploying Magento on OCI with MDS
Deploying Magento on OCI with MDS
 
Introduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB ClusterIntroduction to MySQL InnoDB Cluster
Introduction to MySQL InnoDB Cluster
 
the State of the Dolphin - October 2020
the State of the Dolphin - October 2020the State of the Dolphin - October 2020
the State of the Dolphin - October 2020
 
MySQL Database Service Webinar: Upgrading from on-premise MySQL to MDS
MySQL Database Service Webinar: Upgrading from on-premise MySQL to MDSMySQL Database Service Webinar: Upgrading from on-premise MySQL to MDS
MySQL Database Service Webinar: Upgrading from on-premise MySQL to MDS
 
What is mod_perl?
What is mod_perl?What is mod_perl?
What is mod_perl?
 
Introduction to MySQL Document Store
Introduction to MySQL Document StoreIntroduction to MySQL Document Store
Introduction to MySQL Document Store
 
Boston meetup : MySQL Innodb Cluster - May 1st 2017
Boston meetup : MySQL Innodb Cluster - May 1st 2017Boston meetup : MySQL Innodb Cluster - May 1st 2017
Boston meetup : MySQL Innodb Cluster - May 1st 2017
 
Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...
Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...
Another MySQL HA Solution for ProxySQL Users, Easy and All Integrated: MySQL ...
 
Presentation Template - NCOAUG Conference Presentation - 16 9
Presentation Template - NCOAUG Conference Presentation - 16 9Presentation Template - NCOAUG Conference Presentation - 16 9
Presentation Template - NCOAUG Conference Presentation - 16 9
 
Melbourne Chef Meetup: Automating Azure Compliance with InSpec
Melbourne Chef Meetup: Automating Azure Compliance with InSpecMelbourne Chef Meetup: Automating Azure Compliance with InSpec
Melbourne Chef Meetup: Automating Azure Compliance with InSpec
 
Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?
Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?
Oracle WebLogic Multitenancy, Partitions and Resource Sharing... How it works?
 
Pi Day 2022 - from IoT to MySQL HeatWave Database Service
Pi Day 2022 - from IoT to MySQL HeatWave Database ServicePi Day 2022 - from IoT to MySQL HeatWave Database Service
Pi Day 2022 - from IoT to MySQL HeatWave Database Service
 
MySQL Group Replication: Handling Network Glitches - Best Practices
MySQL Group Replication: Handling Network Glitches - Best PracticesMySQL Group Replication: Handling Network Glitches - Best Practices
MySQL Group Replication: Handling Network Glitches - Best Practices
 

Semelhante a Trivadis TechEvent 2017 Kerberos and Databases a Success by Stefan Oehrli

TechEvent EUS, Kerberos, SSL and OUD
TechEvent EUS, Kerberos, SSL and OUDTechEvent EUS, Kerberos, SSL and OUD
TechEvent EUS, Kerberos, SSL and OUDTrivadis
 
Trivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael SchwarzgornTrivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael SchwarzgornTrivadis
 
Oracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection IssuesOracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection IssuesMarkus Flechtner
 
Oracle E-Business Suite On Oracle Cloud
Oracle E-Business Suite On Oracle CloudOracle E-Business Suite On Oracle Cloud
Oracle E-Business Suite On Oracle Cloudpasalapudi
 
Get the most out of Oracle Data Guard - OOW version
Get the most out of Oracle Data Guard - OOW versionGet the most out of Oracle Data Guard - OOW version
Get the most out of Oracle Data Guard - OOW versionLudovico Caldara
 
Perfsystems- Consulting Services
Perfsystems- Consulting ServicesPerfsystems- Consulting Services
Perfsystems- Consulting ServicesPerfsys Tems
 
Data relay introduction to big data clusters
Data relay introduction to big data clustersData relay introduction to big data clusters
Data relay introduction to big data clustersChris Adkin
 
It's a Dangerous World
It's a Dangerous World It's a Dangerous World
It's a Dangerous World MongoDB
 
DevOps with Kubernetes and Helm - OSCON 2018
DevOps with Kubernetes and Helm - OSCON 2018DevOps with Kubernetes and Helm - OSCON 2018
DevOps with Kubernetes and Helm - OSCON 2018Jessica Deen
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureKarim Vaes
 
TechEd Africa 2011 - OFC308: SharePoint Security in an Insecure World: Unders...
TechEd Africa 2011 - OFC308: SharePoint Security in an Insecure World: Unders...TechEd Africa 2011 - OFC308: SharePoint Security in an Insecure World: Unders...
TechEd Africa 2011 - OFC308: SharePoint Security in an Insecure World: Unders...Michael Noel
 
DevOps with Kubernetes and Helm - Jenkins World Edition
DevOps with Kubernetes and Helm - Jenkins World EditionDevOps with Kubernetes and Helm - Jenkins World Edition
DevOps with Kubernetes and Helm - Jenkins World EditionJessica Deen
 
AWS Solution Architect Professional
AWS Solution Architect ProfessionalAWS Solution Architect Professional
AWS Solution Architect ProfessionalSuman Jha
 
Engineer Suman Chandra Jha Resume
Engineer Suman Chandra Jha ResumeEngineer Suman Chandra Jha Resume
Engineer Suman Chandra Jha ResumeSuman Jha
 
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nubeavanttic Consultoría Tecnológica
 
TechEvent PostgreSQL Best Practices
TechEvent PostgreSQL Best PracticesTechEvent PostgreSQL Best Practices
TechEvent PostgreSQL Best PracticesTrivadis
 
CV - Database Administrator ( English )
CV - Database Administrator ( English )CV - Database Administrator ( English )
CV - Database Administrator ( English )Franck VICTORIA
 

Semelhante a Trivadis TechEvent 2017 Kerberos and Databases a Success by Stefan Oehrli (20)

TechEvent EUS, Kerberos, SSL and OUD
TechEvent EUS, Kerberos, SSL and OUDTechEvent EUS, Kerberos, SSL and OUD
TechEvent EUS, Kerberos, SSL and OUD
 
Trivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael SchwarzgornTrivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
 
Oracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection IssuesOracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection Issues
 
Oracle E-Business Suite On Oracle Cloud
Oracle E-Business Suite On Oracle CloudOracle E-Business Suite On Oracle Cloud
Oracle E-Business Suite On Oracle Cloud
 
Get the most out of Oracle Data Guard - OOW version
Get the most out of Oracle Data Guard - OOW versionGet the most out of Oracle Data Guard - OOW version
Get the most out of Oracle Data Guard - OOW version
 
Perfsystems- Consulting Services
Perfsystems- Consulting ServicesPerfsystems- Consulting Services
Perfsystems- Consulting Services
 
Data relay introduction to big data clusters
Data relay introduction to big data clustersData relay introduction to big data clusters
Data relay introduction to big data clusters
 
It's a Dangerous World
It's a Dangerous World It's a Dangerous World
It's a Dangerous World
 
DevOps with Kubernetes and Helm - OSCON 2018
DevOps with Kubernetes and Helm - OSCON 2018DevOps with Kubernetes and Helm - OSCON 2018
DevOps with Kubernetes and Helm - OSCON 2018
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
 
emc world keynote gelsinger
emc world keynote gelsinger emc world keynote gelsinger
emc world keynote gelsinger
 
TechEd Africa 2011 - OFC308: SharePoint Security in an Insecure World: Unders...
TechEd Africa 2011 - OFC308: SharePoint Security in an Insecure World: Unders...TechEd Africa 2011 - OFC308: SharePoint Security in an Insecure World: Unders...
TechEd Africa 2011 - OFC308: SharePoint Security in an Insecure World: Unders...
 
DevOps with Kubernetes and Helm - Jenkins World Edition
DevOps with Kubernetes and Helm - Jenkins World EditionDevOps with Kubernetes and Helm - Jenkins World Edition
DevOps with Kubernetes and Helm - Jenkins World Edition
 
AWS Solution Architect Professional
AWS Solution Architect ProfessionalAWS Solution Architect Professional
AWS Solution Architect Professional
 
Engineer Suman Chandra Jha Resume
Engineer Suman Chandra Jha ResumeEngineer Suman Chandra Jha Resume
Engineer Suman Chandra Jha Resume
 
Michael_Dickens
Michael_DickensMichael_Dickens
Michael_Dickens
 
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube
 
TechEvent PostgreSQL Best Practices
TechEvent PostgreSQL Best PracticesTechEvent PostgreSQL Best Practices
TechEvent PostgreSQL Best Practices
 
CV - Database Administrator ( English )
CV - Database Administrator ( English )CV - Database Administrator ( English )
CV - Database Administrator ( English )
 
Aplicaciones distribuidas con Dapr
Aplicaciones distribuidas con DaprAplicaciones distribuidas con Dapr
Aplicaciones distribuidas con Dapr
 

Mais de Trivadis

Azure Days 2019: Azure Chatbot Development for Airline Irregularities (Remco ...
Azure Days 2019: Azure Chatbot Development for Airline Irregularities (Remco ...Azure Days 2019: Azure Chatbot Development for Airline Irregularities (Remco ...
Azure Days 2019: Azure Chatbot Development for Airline Irregularities (Remco ...Trivadis
 
Azure Days 2019: Trivadis Azure Foundation – Das Fundament für den ... (Nisan...
Azure Days 2019: Trivadis Azure Foundation – Das Fundament für den ... (Nisan...Azure Days 2019: Trivadis Azure Foundation – Das Fundament für den ... (Nisan...
Azure Days 2019: Trivadis Azure Foundation – Das Fundament für den ... (Nisan...Trivadis
 
Azure Days 2019: Business Intelligence auf Azure (Marco Amhof & Yves Mauron)
Azure Days 2019: Business Intelligence auf Azure (Marco Amhof & Yves Mauron)Azure Days 2019: Business Intelligence auf Azure (Marco Amhof & Yves Mauron)
Azure Days 2019: Business Intelligence auf Azure (Marco Amhof & Yves Mauron)Trivadis
 
Azure Days 2019: Master the Move to Azure (Konrad Brunner)
Azure Days 2019: Master the Move to Azure (Konrad Brunner)Azure Days 2019: Master the Move to Azure (Konrad Brunner)
Azure Days 2019: Master the Move to Azure (Konrad Brunner)Trivadis
 
Azure Days 2019: Keynote Azure Switzerland – Status Quo und Ausblick (Primo A...
Azure Days 2019: Keynote Azure Switzerland – Status Quo und Ausblick (Primo A...Azure Days 2019: Keynote Azure Switzerland – Status Quo und Ausblick (Primo A...
Azure Days 2019: Keynote Azure Switzerland – Status Quo und Ausblick (Primo A...Trivadis
 
Azure Days 2019: Grösser und Komplexer ist nicht immer besser (Meinrad Weiss)
Azure Days 2019: Grösser und Komplexer ist nicht immer besser (Meinrad Weiss)Azure Days 2019: Grösser und Komplexer ist nicht immer besser (Meinrad Weiss)
Azure Days 2019: Grösser und Komplexer ist nicht immer besser (Meinrad Weiss)Trivadis
 
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...Trivadis
 
Azure Days 2019: Infrastructure as Code auf Azure (Jonas Wanninger & Daniel H...
Azure Days 2019: Infrastructure as Code auf Azure (Jonas Wanninger & Daniel H...Azure Days 2019: Infrastructure as Code auf Azure (Jonas Wanninger & Daniel H...
Azure Days 2019: Infrastructure as Code auf Azure (Jonas Wanninger & Daniel H...Trivadis
 
Azure Days 2019: Wie bringt man eine Data Analytics Plattform in die Cloud? (...
Azure Days 2019: Wie bringt man eine Data Analytics Plattform in die Cloud? (...Azure Days 2019: Wie bringt man eine Data Analytics Plattform in die Cloud? (...
Azure Days 2019: Wie bringt man eine Data Analytics Plattform in die Cloud? (...Trivadis
 
Azure Days 2019: Azure@Helsana: Die Erweiterung von Dynamics CRM mit Azure Po...
Azure Days 2019: Azure@Helsana: Die Erweiterung von Dynamics CRM mit Azure Po...Azure Days 2019: Azure@Helsana: Die Erweiterung von Dynamics CRM mit Azure Po...
Azure Days 2019: Azure@Helsana: Die Erweiterung von Dynamics CRM mit Azure Po...Trivadis
 
TechEvent 2019: Kundenstory - Kein Angebot, kein Auftrag – Wie Du ein individ...
TechEvent 2019: Kundenstory - Kein Angebot, kein Auftrag – Wie Du ein individ...TechEvent 2019: Kundenstory - Kein Angebot, kein Auftrag – Wie Du ein individ...
TechEvent 2019: Kundenstory - Kein Angebot, kein Auftrag – Wie Du ein individ...Trivadis
 
TechEvent 2019: Oracle Database Appliance M/L - Erfahrungen und Erfolgsmethod...
TechEvent 2019: Oracle Database Appliance M/L - Erfahrungen und Erfolgsmethod...TechEvent 2019: Oracle Database Appliance M/L - Erfahrungen und Erfolgsmethod...
TechEvent 2019: Oracle Database Appliance M/L - Erfahrungen und Erfolgsmethod...Trivadis
 
TechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - Trivadis
TechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - TrivadisTechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - Trivadis
TechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - TrivadisTrivadis
 
TechEvent 2019: Trivadis & Swisscom Partner Angebote; Konrad Häfeli, Markus O...
TechEvent 2019: Trivadis & Swisscom Partner Angebote; Konrad Häfeli, Markus O...TechEvent 2019: Trivadis & Swisscom Partner Angebote; Konrad Häfeli, Markus O...
TechEvent 2019: Trivadis & Swisscom Partner Angebote; Konrad Häfeli, Markus O...Trivadis
 
TechEvent 2019: DBaaS from Swisscom Cloud powered by Trivadis; Konrad Häfeli ...
TechEvent 2019: DBaaS from Swisscom Cloud powered by Trivadis; Konrad Häfeli ...TechEvent 2019: DBaaS from Swisscom Cloud powered by Trivadis; Konrad Häfeli ...
TechEvent 2019: DBaaS from Swisscom Cloud powered by Trivadis; Konrad Häfeli ...Trivadis
 
TechEvent 2019: Status of the partnership Trivadis and EDB - Comparing Postgr...
TechEvent 2019: Status of the partnership Trivadis and EDB - Comparing Postgr...TechEvent 2019: Status of the partnership Trivadis and EDB - Comparing Postgr...
TechEvent 2019: Status of the partnership Trivadis and EDB - Comparing Postgr...Trivadis
 
TechEvent 2019: More Agile, More AI, More Cloud! Less Work?!; Oliver Dörr - T...
TechEvent 2019: More Agile, More AI, More Cloud! Less Work?!; Oliver Dörr - T...TechEvent 2019: More Agile, More AI, More Cloud! Less Work?!; Oliver Dörr - T...
TechEvent 2019: More Agile, More AI, More Cloud! Less Work?!; Oliver Dörr - T...Trivadis
 
TechEvent 2019: Kundenstory - Vom Hauptmann zu Köpenick zum Polizisten 2020 -...
TechEvent 2019: Kundenstory - Vom Hauptmann zu Köpenick zum Polizisten 2020 -...TechEvent 2019: Kundenstory - Vom Hauptmann zu Köpenick zum Polizisten 2020 -...
TechEvent 2019: Kundenstory - Vom Hauptmann zu Köpenick zum Polizisten 2020 -...Trivadis
 
TechEvent 2019: Vom Rechenzentrum in die Oracle Cloud - Übertragungsmethoden;...
TechEvent 2019: Vom Rechenzentrum in die Oracle Cloud - Übertragungsmethoden;...TechEvent 2019: Vom Rechenzentrum in die Oracle Cloud - Übertragungsmethoden;...
TechEvent 2019: Vom Rechenzentrum in die Oracle Cloud - Übertragungsmethoden;...Trivadis
 
TechEvent 2019: The sleeping Power of Data; Eberhard Lösch - Trivadis
TechEvent 2019: The sleeping Power of Data; Eberhard Lösch - TrivadisTechEvent 2019: The sleeping Power of Data; Eberhard Lösch - Trivadis
TechEvent 2019: The sleeping Power of Data; Eberhard Lösch - TrivadisTrivadis
 

Mais de Trivadis (20)

Azure Days 2019: Azure Chatbot Development for Airline Irregularities (Remco ...
Azure Days 2019: Azure Chatbot Development for Airline Irregularities (Remco ...Azure Days 2019: Azure Chatbot Development for Airline Irregularities (Remco ...
Azure Days 2019: Azure Chatbot Development for Airline Irregularities (Remco ...
 
Azure Days 2019: Trivadis Azure Foundation – Das Fundament für den ... (Nisan...
Azure Days 2019: Trivadis Azure Foundation – Das Fundament für den ... (Nisan...Azure Days 2019: Trivadis Azure Foundation – Das Fundament für den ... (Nisan...
Azure Days 2019: Trivadis Azure Foundation – Das Fundament für den ... (Nisan...
 
Azure Days 2019: Business Intelligence auf Azure (Marco Amhof & Yves Mauron)
Azure Days 2019: Business Intelligence auf Azure (Marco Amhof & Yves Mauron)Azure Days 2019: Business Intelligence auf Azure (Marco Amhof & Yves Mauron)
Azure Days 2019: Business Intelligence auf Azure (Marco Amhof & Yves Mauron)
 
Azure Days 2019: Master the Move to Azure (Konrad Brunner)
Azure Days 2019: Master the Move to Azure (Konrad Brunner)Azure Days 2019: Master the Move to Azure (Konrad Brunner)
Azure Days 2019: Master the Move to Azure (Konrad Brunner)
 
Azure Days 2019: Keynote Azure Switzerland – Status Quo und Ausblick (Primo A...
Azure Days 2019: Keynote Azure Switzerland – Status Quo und Ausblick (Primo A...Azure Days 2019: Keynote Azure Switzerland – Status Quo und Ausblick (Primo A...
Azure Days 2019: Keynote Azure Switzerland – Status Quo und Ausblick (Primo A...
 
Azure Days 2019: Grösser und Komplexer ist nicht immer besser (Meinrad Weiss)
Azure Days 2019: Grösser und Komplexer ist nicht immer besser (Meinrad Weiss)Azure Days 2019: Grösser und Komplexer ist nicht immer besser (Meinrad Weiss)
Azure Days 2019: Grösser und Komplexer ist nicht immer besser (Meinrad Weiss)
 
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
 
Azure Days 2019: Infrastructure as Code auf Azure (Jonas Wanninger & Daniel H...
Azure Days 2019: Infrastructure as Code auf Azure (Jonas Wanninger & Daniel H...Azure Days 2019: Infrastructure as Code auf Azure (Jonas Wanninger & Daniel H...
Azure Days 2019: Infrastructure as Code auf Azure (Jonas Wanninger & Daniel H...
 
Azure Days 2019: Wie bringt man eine Data Analytics Plattform in die Cloud? (...
Azure Days 2019: Wie bringt man eine Data Analytics Plattform in die Cloud? (...Azure Days 2019: Wie bringt man eine Data Analytics Plattform in die Cloud? (...
Azure Days 2019: Wie bringt man eine Data Analytics Plattform in die Cloud? (...
 
Azure Days 2019: Azure@Helsana: Die Erweiterung von Dynamics CRM mit Azure Po...
Azure Days 2019: Azure@Helsana: Die Erweiterung von Dynamics CRM mit Azure Po...Azure Days 2019: Azure@Helsana: Die Erweiterung von Dynamics CRM mit Azure Po...
Azure Days 2019: Azure@Helsana: Die Erweiterung von Dynamics CRM mit Azure Po...
 
TechEvent 2019: Kundenstory - Kein Angebot, kein Auftrag – Wie Du ein individ...
TechEvent 2019: Kundenstory - Kein Angebot, kein Auftrag – Wie Du ein individ...TechEvent 2019: Kundenstory - Kein Angebot, kein Auftrag – Wie Du ein individ...
TechEvent 2019: Kundenstory - Kein Angebot, kein Auftrag – Wie Du ein individ...
 
TechEvent 2019: Oracle Database Appliance M/L - Erfahrungen und Erfolgsmethod...
TechEvent 2019: Oracle Database Appliance M/L - Erfahrungen und Erfolgsmethod...TechEvent 2019: Oracle Database Appliance M/L - Erfahrungen und Erfolgsmethod...
TechEvent 2019: Oracle Database Appliance M/L - Erfahrungen und Erfolgsmethod...
 
TechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - Trivadis
TechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - TrivadisTechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - Trivadis
TechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - Trivadis
 
TechEvent 2019: Trivadis & Swisscom Partner Angebote; Konrad Häfeli, Markus O...
TechEvent 2019: Trivadis & Swisscom Partner Angebote; Konrad Häfeli, Markus O...TechEvent 2019: Trivadis & Swisscom Partner Angebote; Konrad Häfeli, Markus O...
TechEvent 2019: Trivadis & Swisscom Partner Angebote; Konrad Häfeli, Markus O...
 
TechEvent 2019: DBaaS from Swisscom Cloud powered by Trivadis; Konrad Häfeli ...
TechEvent 2019: DBaaS from Swisscom Cloud powered by Trivadis; Konrad Häfeli ...TechEvent 2019: DBaaS from Swisscom Cloud powered by Trivadis; Konrad Häfeli ...
TechEvent 2019: DBaaS from Swisscom Cloud powered by Trivadis; Konrad Häfeli ...
 
TechEvent 2019: Status of the partnership Trivadis and EDB - Comparing Postgr...
TechEvent 2019: Status of the partnership Trivadis and EDB - Comparing Postgr...TechEvent 2019: Status of the partnership Trivadis and EDB - Comparing Postgr...
TechEvent 2019: Status of the partnership Trivadis and EDB - Comparing Postgr...
 
TechEvent 2019: More Agile, More AI, More Cloud! Less Work?!; Oliver Dörr - T...
TechEvent 2019: More Agile, More AI, More Cloud! Less Work?!; Oliver Dörr - T...TechEvent 2019: More Agile, More AI, More Cloud! Less Work?!; Oliver Dörr - T...
TechEvent 2019: More Agile, More AI, More Cloud! Less Work?!; Oliver Dörr - T...
 
TechEvent 2019: Kundenstory - Vom Hauptmann zu Köpenick zum Polizisten 2020 -...
TechEvent 2019: Kundenstory - Vom Hauptmann zu Köpenick zum Polizisten 2020 -...TechEvent 2019: Kundenstory - Vom Hauptmann zu Köpenick zum Polizisten 2020 -...
TechEvent 2019: Kundenstory - Vom Hauptmann zu Köpenick zum Polizisten 2020 -...
 
TechEvent 2019: Vom Rechenzentrum in die Oracle Cloud - Übertragungsmethoden;...
TechEvent 2019: Vom Rechenzentrum in die Oracle Cloud - Übertragungsmethoden;...TechEvent 2019: Vom Rechenzentrum in die Oracle Cloud - Übertragungsmethoden;...
TechEvent 2019: Vom Rechenzentrum in die Oracle Cloud - Übertragungsmethoden;...
 
TechEvent 2019: The sleeping Power of Data; Eberhard Lösch - Trivadis
TechEvent 2019: The sleeping Power of Data; Eberhard Lösch - TrivadisTechEvent 2019: The sleeping Power of Data; Eberhard Lösch - Trivadis
TechEvent 2019: The sleeping Power of Data; Eberhard Lösch - Trivadis
 

Último

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 

Último (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 

Trivadis TechEvent 2017 Kerberos and Databases a Success by Stefan Oehrli

  • 1. BASEL BERN BRUGG DÜSSELDORF FRANKFURT A.M. FREIBURG I.BR. GENF HAMBURG KOPENHAGEN LAUSANNE MÜNCHEN STUTTGART WIEN ZÜRICH Kerberos and Databases a Success… … or the History of a Varied Journey Stefan Oehrli
  • 2. Our company. TechEvent – Kerberos and databases a success2 15.09.2017 Trivadis is a market leader in IT consulting, system integration, solution engineering and the provision of IT services focusing on and technologies in Switzerland, Germany, Austria and Denmark. We offer our services in the following strategic business fields: Trivadis Services takes over the interacting operation of your IT systems. O P E R A T I O N
  • 3. COPENHAGEN MUNICH LAUSANNE BERN ZURICH BRUGG GENEVA HAMBURG DÜSSELDORF FRANKFURT STUTTGART FREIBURG BASEL VIENNA With over 600 specialists and IT experts in your region. TechEvent – Kerberos and databases a success3 15.09.2017 14 Trivadis branches and more than 600 employees 200 Service Level Agreements Over 4,000 training participants Research and development budget: CHF 5.0 million Financially self-supporting and sustainably profitable Experience from more than 1,900 projects per year at over 800 customers
  • 4. 15.09.2017 TechEvent – Kerberos and databases a success4 Technology on its own won't help you. You need to know how to use it properly.
  • 5. Stefan Oehrli TechEvent – Kerberos and databases a success15.09.2017 Solution Manager BDS SEC / Trivadis Partner Working since 1997 in IT Since 2008 with Trivadis AG Since 2010 Discipline Manager SEC INFR Since 2014 Solution Manager BDS Security 5 IT Experience Database Administration and Database security solutions Administration complex, heterogeneous Environments Team leader of a team of database administrators Skills Backup & Recovery Oracle Advanced Security Oracle AVDF and DB Vault Oracle Directory Services Team / Project Management Lector for Trivadis Database Security (O-SEC) and Backup & Recovery (O- BR/O-BR-Pract) Training Specialization Database Security und Operation Security Concepts and Implementations Security Reviews Oracle Backup & Recovery Enterprise User Security and Oracle Unified Directory
  • 6. Agenda TechEvent – Kerberos and databases a success6 15.09.2017 1. Introduction 2. Kerberos: The Network Authentication Protocol 3. Setup and Configure 4. First Steps 5. Advanced Use Cases 6. Oracle Net Services and Kerberos Troubleshooting 7. Round Up
  • 7. TechEvent – Kerberos and databases a success7 15.09.2017 Introduction
  • 8. Introduction TechEvent – Kerberos and databases a success8 15.09.2017 Greek Κέρβερος Latinisiert Cerberus, German Zerberus A moon of Pluto "Dämon der Grube" In Greek mythology it is the hell hound and gatekeeper who guards the entrance to the underworld.. "Auch den Kerberos sah ich, mit bissigen Zähnen bewaffnet Böse rollt er die Augen, den Schlund des Hades bewachend. Wagt es einer der Toten an ihm vorbei sich zu schleichen, So schlägt er die Zähne tief und schmerzhaft ins Fleisch der Entfliehenden Und schleppt sie zurück unter Qualen, Der böse, der bissige Wächter." (Quelle: Odyssee von Homer)
  • 9. But why do we need a gatekeeper from hell? TechEvent – Kerberos and databases a success9 15.09.2017 Avoid unsecure logins Start using strong authentication Increased security requirements – Compliance requirements – Legal requirements eg. GDPR Improve user experience – SSO Single Sign On / Logon It is Friday and the DBA has nothing to do... 
  • 10. But it's gonna cost... TechEvent – Kerberos and databases a success10 15.09.2017 A small update to the Oracle documentation… – …which is overlooked quickly  Oracle® Database Licensing Information, Oracle Advanced Security Network encryption (native network encryption and SSL/TLS) and strong authentication services (Kerberos, PKI, and RADIUS) are no longer part of Oracle Advanced Security and are available in all licensed editions of all supported releases of the Oracle database. Introduced with Oracle 12c Release 1 Adjusted with Oracle 11.2.0.4 for any licensed Oracle Database – Require a valid Oracle License for 11g, 12g etc. – Valid for Standard and Enterprise Editions
  • 11. TechEvent – Kerberos and databases a success11 15.09.2017 Kerberos: The Network Authentication Protocol
  • 12. Kerberos in a Nutshell TechEvent – Kerberos and databases a success12 15.09.2017 Network Authentication Protocol developed by MIT Uses a trusted third-party Authentication System KDC (not KGB…) – “strong” Authentication Basis for a couple of Services and Tools Windows Servers Requires three parties – KDC with Authentication Service and Ticket Granting Service – Service or Service Principle who provide a Service – Client who request access Has been around for some time now
  • 13. Kerberos Authentication Workflow TechEvent – Kerberos and databases a success13 15.09.2017 Keytab file Service Ticket Acknowledge session
  • 14. Terms TechEvent – Kerberos and databases a success14 15.09.2017 KDC Key Distribution Center AS Authentication Service TGS Ticket Granting Service TGT Ticket Granting Ticket Key Table keytab stores long-term keys for one or more principals Credential Cache / “ccache” holds the Kerberos credentials while they remain valid
  • 15. More Information on Kerberos TechEvent – Kerberos and databases a success15 15.09.2017 Massachusetts Institute of Technology (MIT), Kerberos: The Network Authentication Protocol https://web.mit.edu/kerberos Master Note For Kerberos Authentication (Doc ID 1375853.1) https://support.oracle.com/epmos/faces/DocumentDisplay?id=1375853.1 Configuring ASO Kerberos Authentication with a MS Windows 2008 R2 AD KDC https://support.oracle.com/epmos/faces/DocumentDisplay?id=1304004.1 Explain like I’m 5: Kerberos http://www.roguelynn.com/words/explain-like-im-5-kerberos Microsoft Developer Network, Kerberos Explained https://msdn.microsoft.com/en-us/library/bb742516.aspx Kerberos explained in pictures http://danlebrero.com/2017/03/26/Kerberos-explained-in-pictures
  • 16. TechEvent – Kerberos and databases a success16 15.09.2017 Setup and Configure
  • 17. Architecture TechEvent – Kerberos and databases a success17 15.09.2017 MS Active Directory 2012 R2 Server Database Server with Oracle 11g, 12c – Enterprise and Standard Edition Client with Oracle Client (Full or Instant Client) – Mac OS or VM Host – MS Active Directory VM as “Client”
  • 18. KDC / MS Active Directory TechEvent – Kerberos and databases a success18 15.09.2017 Setup of a simple Windows 2012 R2 Server with Active Directory Role – Including AD, DNS, CS Services Create Containers for User, Groups etc Create a bunch of Test Users
  • 19. KDC / MS Active Directory TechEvent – Kerberos and databases a success19 15.09.2017 C:>ktpass.exe -princ oracle/urania.postgasse.org@POSTGASSE.ORG -mapuser urania.postgasse.org -crypto all -pass <PWD> -out c:urania.keytab Create a Service Principle for the Database Service – One keytab file per DB Server – Usable Key Types / Crypto’s highly depended AD and Oracle Version
  • 20. Database Server Configuration TechEvent – Kerberos and databases a success20 15.09.2017 Kerberos adaptors are part of any Oracle Enterprise Edition installation Configured with sqlnet.ora and krb5.conf Keytab file has to be copied to Database Server DNS lookup and revers lookup has to work Servers have to have the same time (NTP, time synchronization)
  • 21. Database Server Configuration (1) TechEvent – Kerberos and databases a success21 15.09.2017 SQLNET.AUTHENTICATION_SERVICES = (BEQ, KERBEROS5) # KERBEROS5PRE SQLNET.KERBEROS5_KEYTAB = /u00/app/oracle/network/admin/urania.keytab SQLNET.KERBEROS5_CC_NAME = /u00/app/oracle/network/admin/krbcache SQLNET.KERBEROS5_CONF = /u00/app/oracle/network/admin/krb5.conf SQLNET.KERBEROS5_CONF_MIT = TRUE SQLNET.FALLBACK_AUTHENTICATION = TRUE SQLNET.AUTHENTICATION_KERBEROS5_SERVICE = oracle Configured with sqlnet.ora
  • 22. Database Server Configuration (2) TechEvent – Kerberos and databases a success22 15.09.2017 ####krb5.conf DB Server [realms] POSTGASSE.ORG = { kdc = mneme.postgasse.org admin_server = mneme.postgasse.org } [domain_realm] .postgasse.org = POSTGASSE.ORG postgasse.org = POSTGASSE.ORG And a krb5.conf File
  • 23. Database Server Configuration (3) TechEvent – Kerberos and databases a success23 15.09.2017 ####krb5.conf DB Server [logging] default = FILE:/u00/app/oracle/network/log/krb5lib.log Kdc. = FILE:/u00/app/oracle/network/log/krb5kdc.log admin_server = FILE:/u00/app/oracle/network/log/kadmind.log [libdefaults] default_tgs_enctypes = aes128-cts-hmac-sha1-96 arcfour-hmac arcfour-hmac-md5 default_tkt_enctypes = aes128-cts-hmac-sha1-96 arcfour-hmac arcfour-hmac-md5 permitted_enctypes = aes128-cts-hmac-sha1-96 arcfour-hmac arcfour-hmac-md5 default_realm = POSTGASSE.ORG clockskew=300 ticket_lifetime = 24h renew_lifetime = 7d forwardable = true More krb5.conf options but in general not used in Oracle Kerberos
  • 24. What about Standard Edition? TechEvent – Kerberos and databases a success24 15.09.2017 adapters Installed Oracle Net transport protocols are: IPC BEQ ... AES 256-bit encryption MD5 crypto-checksumming SHA-1 crypto-checksumming By default Oracle Standard Edition does not support Kerberos Authentication – No dependence on ASO anymore How To Enable Radius and Kerberos Adapters in Oracle Database 11g Standard Edition https://support.oracle.com/epmos/faces/DocumentDisplay?id=2145731.1 Current status can be checked with adapters
  • 25. What about Standard Edition? TechEvent – Kerberos and databases a success25 15.09.2017 adapters Installed Oracle Net transport protocols are: IPC BEQ ... SHA-1 crypto-checksumming Kerberos v5 authentication RADIUS authentication New adapters for Radius and Kerberos cd $cdh/lib cp nautab.o nautab_se.o.dbl cp nautab_ee.o.dbl nautab.o relink all Solution requires relink of binaries
  • 26. Database Users TechEvent – Kerberos and databases a success26 15.09.2017 ALTER USER scott IDENTIFIED EXTERNALLY AS 'scott@POSTGASSE.ORG'; ALTER USER "soe@POSTGASSE.ORG" IDENTIFIED EXTERNALLY; Alter existing users CREATE USER "soe@POSTGASSE.ORG" IDENTIFIED EXTERNALLY; CREATE USER joe IDENTIFIED EXTERNALLY AS 'joe@POSTGASSE.ORG'; Create Kerberos enabled database users
  • 27. Client Configuration (1) TechEvent – Kerberos and databases a success27 15.09.2017 SQLNET.AUTHENTICATION_SERVICES=(BEQ, KERBEROS5PRE, KERBEROS5) SQLNET.KERBEROS5_CONF=C:u00apporaclenetworkadminkrb5.conf SQLNET.KERBEROS5_CONF_MIT=TRUE SQLNET.KERBEROS5_CC_NAME = OSMSFT:// #SQLNET.KERBEROS5_CC_NAME = MSLSA: Install at least an Oracle Instant Client – Full client offers more comfort for engineering  Wisely choose the right version and patch level – Mixed Clients and Oracle Version 11.2.0.3, 11.2.0.4, 12.1.0.1, 12.2.0.1,… Adjust sqlnet.ora and krb5.conf
  • 28. Client Configuration (2) TechEvent – Kerberos and databases a success28 15.09.2017 ####krb5.conf Client [libdefaults] default_realm = POSTGASSE.ORG clockskew=300 [realms] POSTGASSE.ORG = { kdc = mneme.postgasse.org admin_server = mneme.postgasse.org } [domain_realm] .postgasse.org = POSTGASSE.ORG postgasse.org = POSTGASSE.ORG Create a krb5.conf File
  • 29. Authentication – Kerberos TechEvent 2016 - Oracle 12c New Security Features29 26.10.2017 oracle@urania:/u00/app/oracle/network/admin/ [TDB122A] sqlplus /@TDB122A SQL*Plus: Release 12.2.0.1.0 Production on Thu Sep 14 06:23:10 2017 Copyright (c) 1982, 2016, Oracle. All rights reserved. Connected to: Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production SQL> select sys_context('userenv','authentication_method') from dual; SYS_CONTEXT('USERENV','AUTHENTICATION_METHOD') -------------------------------------------------------------------------------- KERBEROS SQL> exit Disconnected from Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit ProductionORA-24550: signal received: [si_signo=7] [si_errno=0] [si_code=128] [si_int=-98422784] [si_ptr=0x7f9ffa223000] [si_addr=(nil)]kpedbg_dmp_stack()+400<-kpeDbgCrash()+210<-kpeDbgSignalHandler()+121<-skgesig_sigaction Handler()+272<-__sighandler()<-_int_free()+734<-nauztk5adisconnect()+3744<-snau_dis()+1436<-nadisc()+324<- nsnadisc()+339<-nsclose()+727<-nioqds()+417<-upidhs()+210<-kpudtch()+513<-aficntdta()+107<-aficexf()+43<- aficex()+366<-afiexi()+1086<-aficmd()+2914<-aficfd()+3053<-aficdr()+151<-afidrv()+5950<-main()+105<- __libc_start_main()+245 Bus error (core dumped) Oracle 12.2.0.1 introduced automatic krb5.conf discovery from DNS
  • 30. TechEvent – Kerberos and databases a success30 15.09.2017 First Steps
  • 31. Kerberos Client Tools TechEvent – Kerberos and databases a success31 15.09.2017 Oracle does provide a bunch of client tools – Mainly the “Oracle” version of the regular MIT Kerberos Tools Client tools are only part of the Database Binaries or Full Clients okinit / kinit obtains and caches Kerberos tickets oklist / klist display the list of tickets held okdstry / kdestroy remove credentials from the credentials cache file okcreate automates the creation of keytabs from the KDC or a service endpoint – Introduced with Oracle 12.2 but intend to be used on a real KDC
  • 32. Windows Client TechEvent – Kerberos and databases a success32 15.09.2017 soe@MNEME:C:u00apporaclenetworkadmin [rdbms11204] sqlplus /@TDB122A SQL*Plus: Release 11.2.0.4.0 Production on Fr Sep 15 10:53:44 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. Verbunden mit: Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production SQL> SELECT sys_context('userenv','authentication_method') FROM dual; SYS_CONTEXT('USERENV','AUTHENTICATION_METHOD') -------------------------------------------------------------------------------- KERBEROS Steps to use Kerberos authentication – Just login then you have a TGT – Start SQLPlus
  • 33. Unix Clients TechEvent – Kerberos and databases a success33 15.09.2017 oracle@urania:~/ [TDB122A] sqlplus /@TDB112A ... SQL> SELECT sys_context('userenv','authentication_method') FROM dual; SYS_CONTEXT('USERENV','AUTHENTICATION_METHOD') -------------------------------------------------------------------------------- KERBEROS Use SQLPlus oracle Urania:~/ [TDB122A] okinit soe Kerberos Utilities for Linux: Version 12.2.0.1.0 - Production on 15-SEP-2017 10:57:34 Copyright (c) 1996, 2016 Oracle. All rights reserved. Configuration file : /u00/app/oracle/network/admin/krb5.conf. Password for soe@POSTGASSE.ORG: Manually get a Ticket Granting Ticket
  • 34. Mac OS TechEvent – Kerberos and databases a success34 15.09.2017 kinit -c /tmp/soe soe@POSTGASSE.ORG Password for soe@POSTGASSE.ORG: soe@gaia:~/local/dev/tvdsecdb/local/bin/ [ic12102] sqlplus /@TDB122A ... SQL> SELECT sys_context('userenv','authentication_method') FROM dual; SYS_CONTEXT('USERENV','AUTHENTICATION_METHOD') -------------------------------------------------------------------------------- KERBEROS Does work even on MacOS
  • 35. TechEvent – Kerberos and databases a success35 15.09.2017 Advanced Use Cases
  • 36. Advanced Use Cases TechEvent – Kerberos and databases a success36 15.09.2017 Client Typ jdbc thin, jdbc thick, OCI? – All of them do work just depends on key type, OS, ccache etc Enterprise User Security – Well does work independently of Kerberos DB Links – Do not work or just limited possibilities – Require forward able ccache e.g. okinit –f – User CURRENT_USER database Links
  • 37. TechEvent – Kerberos and databases a success37 15.09.2017 Oracle Net Services and Kerberos Troubleshooting
  • 38. Kerberos Troubleshooting (1) TechEvent – Kerberos and databases a success38 15.09.2017 SQLNet Trace on Client SQLNet Trace on Server Use Network Tracing like WireShark TRACE_LEVEL_OKINIT = SUPPORT TRACE_UNIQUE_OKINIT = on TRACE_DIRECTORY_OKINIT = /u00/app/oracle/network/log Kerberos Troubleshooting can be is quite cumbersome – Only via SQLNet Trace Dedicated trace file for okinit possible
  • 39. Kerberos Troubleshooting (2) TechEvent – Kerberos and databases a success39 15.09.2017 java -Dsun.security.krb5.debug=true -Dsun.security.spnego.debug=true -Djavax.net.debug=all LoginTestKerberos >>>DEBUG <CCacheInputStream> client principal is soe@POSTGASSE.ORG >>>DEBUG <CCacheInputStream> server principal is krbtgt/POSTGASSE.ORG@POSTGASSE.ORG >>>DEBUG <CCacheInputStream> key type: 17 >>>DEBUG <CCacheInputStream> auth time: Fri Sep 15 11:01:27 CEST 2017 >>>DEBUG <CCacheInputStream> start time: Fri Sep 15 11:01:27 CEST 2017 >>>DEBUG <CCacheInputStream> end time: Fri Sep 15 21:01:27 CEST 2017 >>>DEBUG <CCacheInputStream> renew_till time: Sat Sep 16 11:01:27 CEST 2017 >>> CCacheInputStream: readFlags() RENEWABLE; INITIAL; >>>DEBUG <CCacheInputStream> client principal is soe@POSTGASSE.ORG Java config name: /etc/krb5.conf Loaded from Java config ... Java Trace on Command line
  • 40. Kerberos Trace Files TechEvent 2016 - Oracle 12c New Security Features40 26.10.2017 [654] 1505467906.511077: Getting credentials hmu@POSTGASSE.ORG -> oracle/urania.postgasse.org@POSTGASSE.ORG using ccache FILE:/u00/app/oracle/network/admin/krbcache [654] 1505467906.511223: Retrieving hmu@POSTGASSE.ORG -> oracle/urania.postgasse.org@POSTGASSE.ORG from FILE:/u00/app/oracle/network/admin/krbcache with result: 0/Success [654] 1505467906.511553: Creating authenticator for hmu@POSTGASSE.ORG -> oracle/urania.postgasse.org@POSTGASSE.ORG, seqnum 0, subkey (null), session key aes256-cts/B93C [654] 1505467906.514169: Getting credentials hmu@POSTGASSE.ORG -> oracle/urania.postgasse.org@POSTGASSE.ORG using ccache FILE:/u00/app/oracle/network/admin/krbcache ... [654] 1505467906.517510: Response was not from master KDC [654] 1505467906.517546: Decoding FAST response [654] 1505467906.517688: FAST reply key: aes256-cts/21CF [654] 1505467906.517725: TGS reply is for hmu@POSTGASSE.ORG -> krbtgt/POSTGASSE.ORG@POSTGASSE.ORG with session key aes256-cts/2E01 [654] 1505467906.517740: Got cred; 0/Success Oracle 12c R2 has a reworked Kerberos stack (again… 🤔 ) – Supports the environment variable KRB5_TRACE ➡ finally some kind of a Kerberos Trace file
  • 41. Kerberos Troubleshooting Steps TechEvent – Kerberos and databases a success41 15.09.2017 Check DNS lookup and revers lookup. Check System time. Do all system have the same time? Or within clockskew Is the account locked? Is an okinit possible? Is Kerberos Authentication used at all? Start to Trace if possible with Oracle 12c sqlplus and KRB5_TRACE Start SQLNet Tracing Use alternative SQLNet or Listener configuration – static listener with ENV defining alternative TNSADMIN directory – if possible have different configuration for different use ase
  • 42. Usual issues TechEvent 2016 - Oracle 12c New Security Features42 26.10.2017 Time shift DNS does not work Configuration file Issues (tabs, wrong parameter, case of username, ticket size etc) Wrong service name Wrong kvno, version of the keytab Wrong or not Supported Krypto Type – Old Krypto’s like DES are blocked, new like AES 256 require JCE Kerberos Bugs Oracle or Microsoft bad hair day…
  • 43. MOS Notes and other links TechEvent – Kerberos and databases a success43 15.09.2017 Master Note For Kerberos Authentication https://support.oracle.com/epmos/faces/DocumentDisplay?id=1375853.1 How To Configure Kerberos Authentication In A 12c Database https://support.oracle.com/epmos/faces/DocumentDisplay?id=1996329.1 Configuring ASO Kerberos Authentication with a MS Windows 2008 R2 AD KDC https://support.oracle.com/epmos/faces/DocumentDisplay?id=1304004.1 ORA-12518 / TNS-12518 Troubleshooting https://support.oracle.com/epmos/faces/DocumentDisplay?id=556428.1 How To Enable Radius and Kerberos Adapters In Oracle Database 11g Standard Edition https://support.oracle.com/epmos/faces/DocumentDisplay?id=2145731.1 Java Kerberos Troubleshooting http://docs.oracle.com/javase/7/docs/technotes/guides/security/jgss/tutorials/Troubleshooting.html
  • 44. TechEvent – Kerberos and databases a success44 15.09.2017 Round Up
  • 45. Round Up TechEvent – Kerberos and databases a success45 15.09.2017 Oracle has done the homework and fixed a couple of bugs – but there is still some room for improvements The fault is not only with Oracle – although Kerberos is standardized it does not mean that every implementation is similar and without bugs, Kerberos MIT, Microsoft, OS etc does the rest Simple architectures can be implemented quickly, but … – … complex KDC or Active Directory structures – … version diversity – ... application and client types – … are challenging Quote: Kerberos is hell, but as soon as it works, it's nice and comfortable... …and now a bit cosier
  • 46. Round Up TechEvent – Kerberos and databases a success46 15.09.2017 We are happy to support you: With Security Reviews and Risk Assessments In the creation of security concepts and their implementation Provide comprehensive advice in data security
  • 47. Session Feedback – now TechEvent – Kerberos and databases a success47 15.09.2017 Please use the Trivadis Events mobile app to give feedback on each session Use "My schedule" if you have registered for a session Otherwise use "Agenda" and the search function If the mobile app does not work (or if you have a Windows smartphone), use your smartphone browser – URL: http://trivadis.quickmobileplatform.eu/ – User name: <your_loginname> (such as “svv”) – Password: sent by e-mail...
  • 48. Stefan Oehrli Solution Manager / Trivadis Partner Tel.: +41 58 459 55 55 stefan.oehrli@trivadis.com http://www.trivadis.com/security http://www.oradba.ch @stefanoehrli 15.09.2017 TechEvent – Kerberos and databases a success48