TOAD and Oracle EUS

We are implementing Oracle Enterprise User Security (EUS) using Oracle Virtual Directory (OVD). Database users will be authenticated against Active Directory. They log into the database using TOAD and their OS user ID and Password. There are no physical user ids in the database, just a GLOBAL_USER. All permissions are managed using Global roles, enterprise roles and AD groups.

The issue I am experiencing is that when the user logs into the database, TOAD appears to be saving the connection information (user id and password) from the database as GLOBAL_USER and the password instead of the user id that was used to actually log in. Older versionof TOAD do not do this. Some users around here still have 9.7.2 and it seems to save the login information correctly.

Here is an explaination of what is happening.

Database=ORCL, userid = u01234, password=abc123

Oracle EUS verifies in AD/OVD that the account can access the database what roles/access it has.

Database login appears as: username=GLOBAL_USER, osuser=u01234 - which is as it should look

Toad saves the connection as GLOBAL_USER ORCL, instead of u01234 ORCL

I can manually fix it by editing the login record in the login pop up window and save it, but I want to know is there a way to get TOAD to save the right information in the first place, so I don’t have to manually edit everytime I connect to a new database.

Thanks,

Craig.

Hi Craig,

You said that it works in 9.7.2, but you didn’t specifically mention which version it doesn’t work in. I remember working on this problem a year or two ago with another user, so I believe that it should work correctly in Toad 12.1, and maybe also Toad 12.0.

-John

I was using 11.6.1, but just upgraded to 12.1 and it appears to have the same behavior. I login using my windows account/password. Session saved in login widow as GLOBAL_USER instead of my user id.

Hmmmm…Ah! I think I remember what’s going on now. Try logging in with your username in double-quotes. I believe it will behave as you’re asking when you do that.

That did it…Interesting solution. Thanks

For “normal” logins, we uppercase the username before we store it in the login screen. That way if you log in one day as SCOTT and the next day as scott, we don’t get two separate entries in the login screen. But we can’t do that with mixed-case usernames, so when we see the double-quotes around the username, we just leave it alone and store whatever you type in.

There is also a “select user from dual” in there somewhere to account for other login types, and some other details that I’d have to dig through the code to describe correctly, but this is the jist of it.