Skip Headers
Oracle® Application Server Administrator's Guide
10g Release 2 (10.1.2)
  Go To Documentation Library
Go To Product List
Solution Area
Go To Table Of Contents
Go To Index


H Supplementary Procedures for Configuring LDAP-Based Replicas

This appendix contains auxiliary procedures that are referred to in Chapter 9 and Chapter 12.

It contains the following topics:

H.1 About LDAP-Based Replicas

This section describes how to install and configure an LDAP-based replica. It contains the following topics:

H.1.1 What Is an LDAP-Based Replica?

Oracle Internet Directory replication is the process of copying and maintaining the same data (or naming context) on multiple directory servers. Simply put, replication is a means of having two identical directories that contain the same information. One directory is called the master (or supplier). This directory contains the master copy of the naming context. The other directory is called the replica (or consumer). The master supplies replication updates to the replica, which keeps the master and replica in sync.

There are different types of replicas. This procedure uses an LDAP-based replica, which means the protocol for transferring data between the master and the replica is LDAP.

See Also:

Oracle Internet Directory Administrator's Guide for more information on directory replication and LDAP-based replicas

For the purposes of this procedure, the master and replica directories are part of a larger environment that includes the Identity Management installations that contain the directories, and the Metadata Repositories that support them. This is called the LDAP-based Replica Environment, and it contains the following:

Master—The Identity Management installation containing the Oracle Internet Directory that holds the master copy of the naming context. It supplies replication updates to the replica.

Master Repository—The Metadata Repository that the master uses to store its Identity Management schemas.

Replica—The Identity Management installation containing the replicated Oracle Internet Directory.

Replica Repository—The Metadata Repository that the replica uses to store its Identity Management schemas.

Figure H-1 illustrates the LDAP-based replica environment.

Figure H-1 LDAP-Based Replica Environment

Diagram of an LDAP-based Replica Environment
Description of "Figure H-1 LDAP-Based Replica Environment"

H.1.2 How Is the LDAP-Based Replica Used for Changing Infrastructure Services?

Typically, an LDAP-based replica is used to provide high availability and improved performance for directory users. For the purposes of changing Infrastructure services, the LDAP-based Replica is used as follows:

  • For Section 9.4, "Moving Identity Management to a New Host", the LDAP-based replica is created as a way of moving Identity Management from one host to another. The Master is the original Identity Management installation, and the Replica is the new Identity Management installation. In this case, replication is used to create an identical copy of the original Identity Management on a new host. You can then change your middle tiers from the old Identity Management (Master) to the new Identity Management (Replica) and discard the Master.

  • For Chapter 12, the replica is used to create a test to production environment. The Master is the production Identity Management, and the Replica is the test Identity Management. When you are ready to merge your test environment into your production environment, you can migrate data from your test Identity Management (Replica) to your production Identity Management (Master) and change your middle-tiers from the test Identity Management to the production Identity Management. You can then discard the test Identity Management or continue to use it for testing.

H.2 Installing and Setting Up an LDAP-Based Replica

This section describes how to install and set up an LDAP-based replica environment.

H.2.1 Things to Know Before You Start

You should be aware of these important items before you start the procedure:

  • This procedure uses a single Infrastructure Oracle home that contains Identity Management and the Metadata Repository. However, you can split the Infrastructure installation so that Identity Management is in one Oracle home and the Metadata Repository is in another Oracle home. You can also distribute the Identity Management components (OracleAS Single Sign-On, Oracle Internet Directory, Delegated Administration Services, Directory Integration and Provisioning) across different hosts. If you do this, perform the operations on each component in their respective Oracle homes.

  • The replica always uses port 389 for the non-SSL Oracle Internet Directory port, and 636 for the SSL Oracle Internet Directory port, regardless of what is reported by Oracle Universal Installer, or printed in ORACLE_HOME/install/portlist.ini. Make sure no other processes are using ports 389 and 636 on the replica host before you start the procedure.

  • Make sure you use the ldapsearch and ldapmodify commands that are in ORACLE_HOME/bin. (Some operating systems ship their own version of these commands—do not use those.)

  • These procedures use the remtool and oidpasswd commands. The messages returned by these commands are in UTF-8 encoding and are unreadable in most non-English environments. To work around this, set the NLS_LANG environment variable to american_america.character_set before running these commands. Most character sets (for example, US7ASCII) will work.

  • Make sure the ORACLE_HOME and ORACLE_SID environment variables are set. This applies to all platforms.

H.2.2 Procedure

This section contains the procedure for setting up an LDAP-based replica. It contains the following tasks:

Task 1: Obtain the Master and Master Repository

Most likely, you already have your Master and Master Repository.

  • If you are following the procedure in Section 9.4, "Moving Identity Management to a New Host", the Master and Master Repository are the installations you would like to move to a new host, and the LDAP-based replica will be the relocated installations.

  • If you are following the procedure in Chapter 12, the Master and Master Repository are your production environment, and the replica will be your test environment.

If you are starting from scratch, you can install a Master and Master Repository as follows:

  1. Install Oracle Application Server using Oracle Universal Installer.

  2. Choose the Infrastructure Installation.

  3. Choose to install Identity Management and OracleAS Metadata Repository.

  4. Choose to configure the following components: Oracle Internet Directory, OracleAS Single Sign-On, Delegated Administration Services, and Directory Integration and Provisioning.

Task 2: Install Middle-Tier Instances (Optional)

Most likely, you already have middle-tier instances using the Master for Identity Management services. This is fine, and, if desired, you can install and configure additional instances to use the Master now, or at the end of this procedure after you have configured the Replica, or both.

These middle-tier instances can use the Master Repository for their product metadata, or they can use a different repository.

Task 3: Install and Configure the Replica

You can install and configure the Replica using Oracle Universal Installer. Be sure to install the Replica on a different host than the Master.

See Also:

Oracle Application Server Installation Guide for information on installing an Oracle Internet Directory replica

When the installation has finished, replication is configured and all components are up and running. You can return to the main procedure from where you started (either Section 9.4, "Moving Identity Management to a New Host" or Chapter 12).