Skip Navigation Links | |
Exit Print View | |
Oracle Fusion Middleware Deployment Planning Guide for Oracle Unified Directory 11g Release 1 (11.1.1) |
1. Overview of Oracle Unified Directory
2. Overview of the Directory Server
3. Overview of the Proxy Server
4. Overview of the Replication Gateway
5. Building Blocks of the Proxy Server
Load Balancing Using the Proxy
Data Distribution Using the Proxy
6. Example Deployments Using the Directory Server
7. Example Deployments Using the Proxy Server
8. Simple Proxy Deployments Using the Command Line Interface
Each entry in a directory is identified by a DN and a set of attributes and their values. Sometimes, the DN and the attributes defined on the client side does not map with the DN and the attributes defined on the server side. For instance, an organization, Example A contains dc=parentcompany, dc=com entries. It acquires another organization, Example B. Example B contains dc=newcompany, dc=com entries. Therefore, dc=newcompany, dc=com must be renamed into dc=parentcompany, dc=com for the existing client application to work accurately.
The DN renaming workflow elements can be defined to rename DNs to values that match the server side. When a client makes a request, the DNs and attributes are renamed to match the server side. When the result is returned to a client, the DN and attributes are changed back to match the client side.
Oracle Unified Directory proxy offers DN renaming workflow element that allows you to transform the content of a Directory Information Tree (DIT) into another DIT with a different base DN. When an operation (Add, Bind, Delete, Modify, and so on) goes through a DN renaming workflow element, its parameters are transformed according to the DN renaming configuration to transform the virtual entries into real entries.
Figure 5-12 illustrates how DN renaming is performed using the Oracle Unified Directory proxy.
Figure 5-12 DN Renaming
The client expects ou=myorg, dc=server, dc=com entries. However, the LDAP server contains ou=people, dc=server, dc=com entries. The Oracle Unified Directory proxy renames the DNs by making use of the DN renaming workflow element.
In this example, the real entries ou=people, dc=server, dc=com are seen as ou=myorg, dc=server, dc=com entries from the client side.
The DN renaming transformation is applicable to the following objects:
DN of the entry: For instance, the real entry on the LDAP server dn:uid=user, ou=people, dc=server, dc=com is transformed into a virtual entry dn:uid=user, ou=myorg, dc=server, dc=com from the client perspective.
Attributes of the entry that contain DNs: For instance, the server-side value of the manager attribute of an entry with an objectclass inetorgpersonmanager: manager:uid=mgr, ou=people, dc=server, dc=com is transformed into the value manager:uid=mgr, ou=myorg, dc=server, dc=com on the client side.
Note - You can apply the transformation to all the user attributes of the entries, define a restricted list of attributes to which the operation applies, or define a restricted list of attributes to which the operation does not apply.