JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Directory Server Enterprise Edition Administration Guide 11g Release 1 (11.1.1.5.0)
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Part I Directory Server Administration

1.  Directory Server Tools

2.  Directory Server Instances and Suffixes

3.  Directory Server Configuration

4.  Directory Server Entries

5.  Directory Server Security

6.  Directory Server Access Control

7.  Directory Server Password Policy

8.  Directory Server Backup and Restore

9.  Directory Server Groups, Roles, and CoS

10.  Directory Server Replication

11.  Directory Server Schema

12.  Directory Server Indexing

13.  Directory Server Attribute Value Uniqueness

14.  Directory Server Logging

15.  Directory Server Monitoring

Part II Directory Proxy Server Administration

16.  Directory Proxy Server Tools

17.  Directory Proxy Server Instances

18.  LDAP Data Views

Creating LDAP Data Views

Creating and Configuring LDAP Data Sources

To Create an LDAP Data Source

To Configure an LDAP Data Source

Creating and Configuring LDAP Data Source Pools

To Create an LDAP Data Source Pool

To Configure an LDAP Data Source Pool

Attaching LDAP Data Sources to a Data Source Pool

To Attach an LDAP Data Source to a Data Source Pool

Working with LDAP Data Views

To Create an LDAP Data View

To Configure an LDAP Data View

Accessing Configuration Entries for a Directory Server by Using Directory Proxy Server

To Access the Configuration Entries of a Directory Server by Using Directory Proxy Server

Renaming Attributes and DNs

To Configure Attribute Renaming

To Configure DN Renaming

Configuring View Exclusion Base and Alternate Search Base

To Manually Configure the excluded-subtrees and alternate-search-base-dn Properties

Creating and Configuring Data Views for Example Use Cases

Default Data View

Data Views That Route All Requests, Irrespective of the Target DN of the Request

Data Views That Route Requests When a List of Subtrees Is Stored on Multiple, Data-Equivalent Data Sources

To Configure Data Views That Route Requests When a List of Subtrees Is Stored on Multiple, Data-Equivalent Data Sources

Data Views That Provide a Single Point of Access When Different Subtrees Are Stored in Different Data Sources

To Configure Data Views That Provide a Single Point of Access When Different Subtrees Are Stored on Different Data Sources

Data Views That Provide a Single Point of Access When Superior and Subordinate Subtrees Are Stored in Different Data Sources

To Configure Data Views That Provide a Single Point of Access When Superior and Subordinate Subtrees Are Stored in Different Data Sources

19.  Directory Proxy Server Certificates

20.  Directory Proxy Server Load Balancing and Client Affinity

21.  Directory Proxy Server Distribution

22.  Directory Proxy Server Virtualization

23.  Virtual Data Transformations

24.  Connections Between Directory Proxy Server and Back-End LDAP Servers

25.  Connections Between Clients and Directory Proxy Server

26.  Directory Proxy Server Client Authentication

27.  Directory Proxy Server Logging

28.  Directory Proxy Server Monitoring and Alerts

Part III Directory Service Control Center Administration

29.  Directory Service Control Center Configuration

Index

Renaming Attributes and DNs

Each entry in a directory is identified by a DN and a set of attributes and their values. Often, the DNs and the attributes defined on the client side do not map to the DNs and the attributes defined on the server side. Data views can be defined to rename DNs and attributes. When a client makes a request, the DNs and attributes are renamed to match the server side. When the result is returned to a client, the DNs and attributes are changed back to match the client side.

For information about attribute renaming and DN renaming, see Attribute Renaming and DN Renaming in Oracle Directory Server Enterprise Edition Reference. For information about how to rename attributes and DNs, see the following procedures:

To Configure Attribute Renaming

You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.

To Configure DN Renaming

You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.

  1. View the base-dn property and the DN mapping properties of the data view for which you want to rename DNs.
    $ dpconf get-ldap-data-view-prop -h host -p port view-name base-dn \
 dn-mapping-source-base-dn dn-mapping-attrs

    The properties have the following meanings:

    • base-dn is the DN of the subtree on the client side, which is equivalent to the base DN of the data view.

    • dn-mapping-source-base-dn is the DN of the subtree on the server side.

    • dn-mapping-attrs defines a list of attributes that contain DNs of entries.

    For example, the data view for the dc=example,dc=com database on the client side has the following values when DN renaming is not defined:

    $ dpconf get-ldap-data-view-prop myDataView base-dn \
 dn-mapping-source-base-dn dn-mapping-attrs
 base-dn                    :  dc=example,dc=com
 dn-mapping-attrs           :  none
 dn-mapping-source-base-dn  :  none
  2. Map a DN on the client side to a DN on the server side.
    $ dpconf set-ldap-data-view-prop -h host -p port view-name \
  dn-mapping-source-base-dn:server-side-dn

    For example, map the dc=example,dc=com database on the client side to dc=example,dc=org on the server side.

    $ dpconf set-ldap-data-view-prop -h host1 -p 1389 myDataView \
 dn-mapping-source-base-dn:dc=example,dc=org
  3. Rename attributes in the portion of the DIT that is affected by Step 2, if those attributes contain DNs.
    $ dpconf set-ldap-data-view-prop -h host -p port view-name \
  dn-mapping-attrs:attribute-name [dn-mapping-attrs:attribute-name ...]

    For example, if the group attribute contains DNs in the namespace affected by the rename operation in Step 2, rename the attribute as follows:

    $ dpconf set-ldap-data-view-prop -h host1 -p 1389 myDataView dn-mapping-attrs:group

    To add a DN mapping to an existing list of mappings, use this command:

    $ dpconf set-ldap-data-view-prop -h host -p port \
view-name dn-mapping-attrs+:attribute-name

    To remove a DN mapping from an existing list of mappings, use this command:

    $ dpconf set-ldap-data-view-prop -h host -p port \
view-name dn-mapping-attrs-:attribute-name
  4. View the base-dn property and the DN mapping properties of the data view for which you have renamed DNs.
    $ dpconf get-ldap-data-view-prop -h host -p port view-name base-dn \
 dn-mapping-source-base-dn dn-mapping-attrs

    For example, the data view for the dc=example,dc=com database on the client side has the following values after DN renaming:

    $ dpconf get-ldap-data-view-prop -h host1 -p 1389 myDataView base-dn \
 dn-mapping-source-base-dn dn-mapping-attrs
 base-dn                    :  dc=example,dc=com
 dn-mapping-attrs           :  group
 dn-mapping-source-base-dn  :  dc=example,dc=org
Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next