I need to connect to an enterprise Oracle DB (12c) in my local PHP application (XAMPP 7.2.7) on a WINDOWS 7 64 bit machine.
The DBAs have recently changed the connection type from standard autentication to OS autentication, so there's no more need to provide user/password.
I can connect from sql*plus using both:
C:\> sqlplus /@rioasssrv.server.esselunga.net
I can connect using (i.e.) TOAD using:
User: [empty]
Password: [empty]
TNS: rioasssrv.server.esselunga.net
But I can't connect from PHP. I tried:
$conn = oci_pconnect("", "", "rioasssrv.server.esselunga.net");
$conn = oci_pconnect("", "", "rioasssrv.server.esselunga.net/RIOASSSRV");
but it says: "Missing or null username."
I saw there's an OCI_CRED_EXT session mode which "...tells Oracle to use External or OS authentication...", but it seems not working on windows:
oci_pconnect("", "", "rioasssrv.server.esselunga.net/RIOASSSRV", null, OCI_CRED_EXT)
External Authentication is not supported on Windows
TNSPING results:
C:\> tnsping rioasssrv.server.esselunga.net
TNS Ping Utility for 64-bit Windows: Version 12.2.0.1.0 - Production on 30-NOV-2018 09:04:57
Copyright (c) 1997, 2016, Oracle. All rights reserved.
Used parameter files:
C:\app\client\product\12.2.0\client_1
etwork\admin\sqlnet.ora
Used LDAP adapter to resolve the alias
Attempting to contact (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=RIOASSSRV.mil.esselunga.net)(PORT=1521))(CONNECT_DATA=(S
ERVER=DEDICATED)(SERVICE_NAME=RIOASSSRV)))
OK (20 msec)
I don't have a TNSNAMES.ora
My sqlnet.ora is the following:
NAMES.DIRECTORY_PATH= (LDAP, TNSNAMES, EZCONNECT)
SQLNET.KERBEROS5_CONF=C:\app\client\product\12.2.0\client_1
etwork\admin\kerberos\krb5.conf
SQLNET.KERBEROS5_CONF_MIT=TRUE
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE=oracle
SQLNET.AUTHENTICATION_SERVICES=(KERBEROS5PRE,KERBEROS5)
#SQLNET.KERBEROS5_CC_NAME=C:\app\client\test\product\12.2.0\client_1
etwork\admin\kerberos\krbcache.cc
SQLNET.KERBEROS5_CC_NAME=OSMSFT://
# Diagnostic
#DIAG_ADR_ENABLED = OFF
#trace_level_client = 16
#trace_file_client = cli
#trace_directory_client = C:\app\client\test\product\12.2.0\client_1
etwork\admin\trace
My ldap.ora is the following:
DIRECTORY_SERVERS=(lxeus.mil.esselunga.net:389:636)
DEFAULT_ADMIN_CONTEXT = "dc=mil,dc=esselunga,dc=net"
DIRECTORY_SERVER_TYPE = OID
My kerberos\krb5.conf is the following:
[libdefaults]
default_realm = MIL.ESSELUNGA.NET
ticket_lifetime=600
kdc_timeout=5
kdc_timesync = 1
ccache_type = 4
udp_preference_limit = 1
[realms]
MIL.ESSELUNGA.NET = {
kdc = mildc3.mil.esselunga.net:88
kdc = mildc4.mil.esselunga.net:88
kdc = mildc0.mil.esselunga.net:88
admin_server=mildc4.mil.esselunga.net
default_domain=MIL.ESSELUNGA.NET
}
ESSELUNGA.NET = {
kdc = rootdc3.esselunga.net:88
kdc = rootdc4.esselunga.net:88
admin_server=rootdc4.esselunga.net
default_domain=ESSELUNGA.NET
}
NEG.ESSELUNGA.NET = {
kdc = negdc2.neg.esselunga.net:88
kdc = negdc3.neg.esselunga.net:88
kdc = negdc0.neg.esselunga.net:88
admin_server=negdc3.neg.esselunga.net
default_domain=NEG.ESSELUNGA.NET
}
Thanks in advice for any help.