A.1 Windows and Fields for Connecting to a Directory Server

This section lists and describes the windows and fields you use to connect to a directory server.

A.1.1 Credentials

Table A-1 Fields in the Credentials Tab Page


User	The default value for the user name is `dipadmin`. This is the nickname of the user whose entry is `cn=dipadmin,cn=odi,cn=oracle internet directory`. If you have already set up the user's entry by using LDAP command-line tools, then you can enter that user's entry in one of two ways: Browse and select that entry by using the button to the right of the User field Type the distinguished name (DN) for that user entry by using the correct format, for example, cn=Susie Brown,ou=HR,o=acme,c=us If you do not have the correct privileges, then access to the tool is denied. To use this tool, you must be a member of the following group: `cn=dipadmingrp,cn=odi,cn=oracle internet directory`.
Password	If you are logging in as the super user and you specified a password for the super user during installation, in the Password field, type the password you specified. Otherwise, type the default password, namely, `welcome`. After you are logged into Oracle Directory Integration and Provisioning Server Administration and have connected to a directory server, you should change this password to protect the directory. If you are logging in anonymously, leave the Password filed empty. If you want to login as a specific directory user, enter the corresponding password. See Also: The chapter on directory server administration in Oracle Internet Directory Administrator's Guide, for instructions on how to change the password
Server	The first time you log in, the Oracle Directory Integration and Provisioning Server Administration tool displays the name of default Oracle directory server you specified during the Oracle Application Server installation. It obtains the information for the directory server by checking first the value for the `oidhost` parameter in the `ias.properties` file in the $ORACLE_HOME/config directory. If no value is specified there, then it checks the value for the `host` parameter in the `osdadmin.ini` file. If no value is specifed there, then it displays the value `localhost` in the Server field. If you are want to connect to a server on a different host: Click the button to the right of the Server list. The Select Directory Server dialog box displays a list of available servers. Select a server. Choose OK. To add a directory server to the list: In the Select Directory Servers dialog box, choose Add. The Directory Server Connection dialog box appears. In the Server field, type the name of the directory server you want to add. In the Port field, type the port number for the server you want to add. Choose OK. The added directory appears in the list in the Select Directory Server dialog box. To modify a directory server on the list: Select the directory server you want to modify. Choose Edit. The Directory Server Connection dialog box appears. Modify the Server and Port fields, then choose OK. The modifications for that server appear in the list in the Select Directory Server dialog box.
Port	The first time you log in, the Oracle Directory Integration and Provisioning Server Administration tool displays the name of default Oracle directory server port you specified during the Oracle Application Server installation. It obtains this information by checking the value of the `oidport` parameter in the `ias.properties` file. If no value is specified there, then it checks the value for the `port` parameter in the `osdadmin.ini` file. If no value is specifed there, then it displays the value `389`. To change this port number: Choose the button to the right of the Server field. In the Select Directory Server dialog box, select the directory server. Choose Edit. The Directory Server Connection dialog box appears. In the Directory Server Connection dialog box, in the Port field, enter the new port number, then choose OK.

A.1.2 SSL

Table A-2 Fields in the SSL Tab Page

Field	Description
SSL Password	The password to open the user's wallet
SSL Authentication	Select the authentication level: No SSL Authentication—Neither the client nor the server authenticates itself to the other. No certificates are sent or exchanged. If you selected the SSL Enabled check box on the Credentials tab, and choose this option, then only SSL encryption/decryption will be used. SSL Client and Server Authentication—Two-way authentication. Both client and server send certificates to each other. SSL Server Authentication—One-way authentication. Only the directory server authenticates itself to the client by sending its certificate to the client.

Field

Description

SSL Password

The password to open the user's wallet

SSL Authentication

Select the authentication level:

No SSL Authentication—Neither the client nor the server authenticates itself to the other. No certificates are sent or exchanged. If you selected the SSL Enabled check box on the Credentials tab, and choose this option, then only SSL encryption/decryption will be used.
SSL Client and Server Authentication—Two-way authentication. Both client and server send certificates to each other.
SSL Server Authentication—One-way authentication. Only the directory server authenticates itself to the client by sending its certificate to the client.

A.1.3 Configure Entry Management

Use this window to specify:

The number of entries the Oracle Directory Integration and Provisioning Server Administration tool displays in a search result
The duration of searches

You can make these configurations in either this tool or the directory server or both.

If you make the configuration in both this tool and the directory server, and the two configurations do not match, then Oracle Internet Directory resolves the conflict as follows:

If the value you set in this tool is greater than that in the directory server, then the configuration of the server prevails. For example, if you set this tool to search for 2 minutes, and the directory server for 3 minutes, then the actual search duration will be 3 minutes.
If the value you set in this tool is less than that in the directory server, then the configuration of this tool prevails. For example, if you set this tool to search for 2 minutes, and the server for 3 minutes, then the actual search duration is 2 minutes.

A.1.4 Configure Access Control Policy Management

Use this tab page to determine whether the navigator pane displays all ACPs automatically or only as the result of a search. If you have a large number of ACPs, then you may want to display them only as the result of a search.

A.1.5 Directory Server Connection

Use this dialog box to add a directory server to the list in the Select Directory Server dialog box.

A.1.6 Select Distinguished Name (DN) Path: Tree View

Use this dialog box to display the hierarchy of entries in the Directory Information Tree (DIT).

Click the plus sign (+) next to the top level entry to expand the tree. Expand the tree by clicking plus signs to see the subordinate entries. When you click a plus sign to expand an entry, that plus sign becomes a minus sign (-).

Note:

Although an entry that does not have subordinate entries may appear with a plus sign, when you click that plus sign, it disappears. Entries that have no plus or minus sign next to them are leaf nodes on the tree.

Select the entry you want and choose OK. That entry appears in the Root of the Search field in the Search window.

A.1.7 Select Directory Server

This dialog box displays a list of all directory servers to which you have connected at any time in the past. You can select a directory server from the list, either to connect to it, delete it, edit it, or to use it as a template for another management connection. To add a server to this list, choose Add. The Directory Server Connection dialog box appears.