Can anyone share there knowledge/experience on how to approach a centralized authentication procedure to accomadate thousands of users logging into one or more instances? We'd rather not employ several security administrators to create and delete users for every instance they wish to access.

I work for a large organization that has implemented many Oracle instances on many HP-UX, Solaris and Win2000 servers. The need for a centralized repository of Oracle user accounts and their application access rights is becomming an increasing need. Most of the database applications have a browser front-end.

One of our ideas is to consoladate instances and separate projects by placing their objects into their own schema. However, we've proven one instance not to be a good solution due to downtime and tuning requirements.

Thanks in Advance