Skip Navigation Links | |
Exit Print View | |
Oracle Directory Server Enterprise Edition Release Notes 11g Release 1 (11.1.1.5.0) |
1. New Features in Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1.5.0)
Hardware and Operating System Requirements
Directory Server Enterprise Edition Hardware and Operating System Requirements
Identity Synchronization for Windows Hardware Requirements
Identity Synchronization for Windows Operating System Requirements
Software Dependency Requirements
Directory Server Enterprise Edition Software Dependency Requirements
Identity Synchronization for Windows and ODSEE Plug-in Requirements in a Firewall Environment
Identity Synchronization for Windows Software Dependency Requirements
Identity Synchronization for Windows Requirements in a Firewall Environment
Installation Privileges and Credentials
Directory Server Enterprise Edition Privileges
Identity Synchronization for Windows Installation Privileges and Credentials
Installation Notes for Identity Synchronization for Windows
4. ODSEE Bugs Fixed and Known Problems
5. Directory Proxy Server Bugs Fixed and Known Problems
6. Directory Server Resource Kit Bugs Fixed and Known Problems
Directory Server Enterprise Edition Software Dependency Requirements
Identity Synchronization for Windows and ODSEE Plug-in Requirements in a Firewall Environment
Identity Synchronization for Windows Software Dependency Requirements
Identity Synchronization for Windows Requirements in a Firewall Environment
The key software dependency requirements are as follows:
Directory Server Enterprise Edition relies on the Network Security Services, NSS, layer for cryptographic algorithms. NSS has been validated to work with the Sun cryptographic framework provided on Solaris 10 systems, which supports cryptographic acceleration devices.
On Microsoft Windows systems, you must disable the pop-up blocker to make Directory Service Control Center work properly.
Directory Proxy Server will work with any LDAPv3–compliant directory server, but has been tested only with the directory server component of Directory Server Enterprise Edition.
In Solaris 10, rc.scripts are deprecated so commands like dsadm autostart are not supported. Instead use the Solaris 10 Service Management Facility (SMF) to handle these types of requests. For example, dsadm enable-service. For more information on SMF, see the Solaris operating system documentation.
Each Directory Server Enterprise Edition plug-in must be able to reach the ODSEE connector’s server port, which was chosen when the connector was installed. Plug-ins that run in ODSEE Master replicas must be able to connect to Active Directory’s LDAP, port 389, or LDAPS, port 636. The plug-ins that run in other ODSEE replicas must be able to reach the master ODSEE LDAP and LDAPS ports.
For detailed information, see Additional Installation Instructions for Oracle Identity Synchronization for Windows 6.0.
You can run Identity Synchronization for Windows in a firewall environment. The following sections list the server ports that you must expose through the firewall.
By default, Message Queue uses dynamic ports for all services except for its port mapper. To access the Message Queue broker through a firewall, the broker should use fixed ports for all services.
After installing the core, you must set the imq.<service_name>.<protocol_type>.port broker configuration properties. Specifically, you must set the imq.ssljms.tls.port option. Refer to the Message Queue documentation for more information.
The Identity Synchronization for Windows installer must be able to communicate with the ODSEE acting as the configuration directory.
If you are installing an Active Directory connector, the installer must be able to contact Active Directory’s LDAP port, 389.
If you are installing a ODSEE connector or a ODSEE plug-in (subcomponent), the installer must be able to contact the ODSEE LDAP port, default 389.
The Message Queue, system manager, and command line interface must be able to reach the ODSEE where the Identity Synchronization for Windows configuration is stored.
The Identity Synchronization for Windows console must be able to reach the following:
Active Directory over LDAP, port 389, or LDAPS, port 636
Active Directory Global Catalog over LDAP, port 3268, or LDAPS, port 3269
Each ODSEE over LDAP or LDAPS
Administration Server
Message Queue
All connectors must be able to communicate with Message Queue.
In addition, the following connector requirements must be met.
The Active Directory connector must be able to access the Active Directory Domain Controller over LDAP, port 389, or LDAPS, port 636.
The ODSEE connector must be able to access ODSEE instances over LDAP, default port 389, or LDAPS, default port 636.