|Oracle® Identity Management Infrastructure Administrator's Guide
Part Number B15994-01
This appendix describes the default settings that are available after you install Oracle Internet Directory.
The following is a summary of the operations performed during the Oracle Internet Directory installation:
A default DIT is created based on the domain name of the system on which Oracle Internet Directory is installed. For example, if Oracle Internet Directory is installed on a machine named
oidhost.us.acme.com, the default DIT is
A default identity management realm is created, whose base corresponds to the domain name of the system. Following the preceding example, the root of the default identity management realm is
Associated with this realm is an entity called Oracle Context, that stores all the realm-specific policies and metadata. For example, Oracle Context might be created with the distinguished name
cn=OracleContext,dc=us,dc=acme,dc=com. This entry, and the nodes under it, serves as the basis for Oracle software to detect realm specific policies and settings.
Directory structure and naming policies created in the default identity management realm enable Oracle components to locate various identities. Following are the default values for these policies:
All users are located in the
cn=users container under the base of the identity management realm. In this scenario, the distinguished name is
Any new users created in the identity management realm using Fusion Middleware Identity Infrastructure are also created under the
All new users created in the identity management realm using Fusion Middleware Identity Infrastructure belong to the object classes
All groups are located in the
cn=groups container under the base of the identity management realm. In this scenario, the distinguished name is
A bootstrap user (realm administrator) is created under the
cn=users container. In this scenario, the fully-qualified distinguished name of the bootstrap user is
Default authentication policies are created that enable the authentication services to perform appropriate actions, including the default directory password policy (such as password length, number of tries before being locked out, and number of days before password expiration) and additional password verifiers that must be automatically generated when provisioning users.
Identity management privileges are created and granted to the bootstrap user who can further delegate these authorizations through the Oracle Delegated Administration Services self-service console. Some of these privileges include: