Configure OTOBO with Oracle to use wallet, is it possible?

[Alvaro Cordero Retana]

Hello,

I have a request to change the way otobo connects to oracle DB to use encription of the otobo password via Oracle Wallet.

Is that possible, has anyone configure it that way?

Also when configuring a password policy for otobo user to lock after 3 failed logins, it gets locked inmediately, even if it connects (I meanm when the policy is not in place the system works fine, no failed connections are seen.

Regards

[bes]

Hi Alvaro,

this is the first time I heard of anybody running OTOBO with Oracle. What are your experiences? Did you have to make any adaptions? As a OTOBO developer I’m not aware of any hindrances of running OTOBO under Oracle, but I also know that we do not explictitly test that case.

I don’t use Oracle Wallet myself. But I have found https://www.freelists.org/post/oracle-l/perl-DBDOracle-and-external-password-store,4    According to that link, you only have specify the TNS service name in the database DSN and pass user and password as empty strings. This needs to be configured in the file _Kernel/Config.pm.

Something like:

$Self->{DatabaseUser} = '';

$Self->{DatabasePw} = 'some-pass';

$Self->{DatabaseDSN} = "DBI:Oracle://MY_SERVICE_NAME";

Of course it makes sense to test first with sqlplus whether connection with Oracle Wallet works in the first place.

Best regards.

Bernhard

 

[Alvaro Cordero Retana]

Hello Bernhard,

Thank you for your reply, I will look at that link and see how it goes.

In regards of running OTOBO with Oracle, we had couple of installations of OTRS running Oracle so we did the migration process. It was kind of tricky, we had to remove few empty registers and indexes, especially in article and article_data mime, but at the end it worked fine.. It tooks about 6 hours to complete the entire process on a DB 35 GB size, of course it was a development system.

After the migration it did not convert some sequences and triggers so those had to be converted manually by the DB Admin, those showed up while running the console CheckDB command.

Error: The following sequences with possible wrong names have been found. Please rename them manually.
se_article_data_otrs_chat
se_groups
Error: The following triggers with possible wrong names have been found. Please rename them manually.
se_article_data_otrs_chat_t
se_groups_t

It also becomes sensitive to some policies for example if it has a policy to lock the DB user after some failed login attempts, it actually locks it almost immediately, so we are still investigating that part, in the mean while that policy was disabled.

In regards to wallet configuration, we will have a test session tomorrow and I will let you know the outcome of it.

[Autor]

Beiträge