1/43
Contents
List of Examples
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documentation
Conventions
What's New in Oracle Directory Integration Platform?
Part I Getting Started with Oracle Directory Integration Platform
1
Introduction to Oracle Identity Management Integration
1.1
Why Oracle Identity Management Integration?
1.2
Oracle Identity Management Installation Options
1.3
Synchronization, Provisioning, and the Differences Between Them
1.3.1
Synchronization
1.3.2
Provisioning
1.3.3
How Synchronization and Provisioning Differ
1.4
Components Involved in Oracle Identity Management Integration
1.4.1
Oracle Directory Integration Platform Back-End Directory
1.4.2
Oracle Directory Integration Platform
1.4.2.1
Understanding the Oracle Directory Integration Platform Server
1.4.2.2
Understanding the Oracle Directory Integration Platform Synchronization Service
1.4.2.3
Understanding the Oracle Directory Integration Platform Provisioning Service
1.4.3
Oracle Application Server Single Sign-On
2
Security Features in Oracle Directory Integration Platform
2.1
Authentication in Oracle Directory Integration Platform
2.1.1
Secure Sockets Layer and Oracle Directory Integration Platform
2.1.2
Oracle Directory Integration Platform Authentication in SSL Mode
2.1.3
Profile Authentication
2.2
Access Control and Authorization and Oracle Directory Integration Platform
2.2.1
Access Controls for the Oracle Directory Integration Platform
2.2.2
Access Controls for Profiles
2.3
Data Integrity and Oracle Directory Integration Platform
2.4
Data Privacy and Oracle Directory Integration Platform
2.5
Tools Security and Oracle Directory Integration Platform
2.6
Credential Storing
Part II General Administration of Oracle Directory Integration Platform
3
Administering Oracle Directory Integration Platform
3.1
Graphical Tools for Administering Oracle Directory Integration Platform
3.1.1
Using Fusion Middleware Control
3.1.1.1
The Oracle Directory Integration Platform Home Page
3.1.2
Using Oracle Internet Directory Self-Service Console
3.2
Command-Line Tools for Administering Oracle Directory Integration Platform
3.2.1
Using Standard LDAP Command-Line Tools
4
Managing the Oracle Directory Integration Platform
4.1
Operational Information About the Oracle Directory Integration Platform
4.1.1
Directory Integration Profiles
4.1.2
Oracle Directory Integration Platform Event Propagation in a Multimaster Oracle Back-end Directory Replication Environment
4.1.2.1
Directory Synchronization in an Oracle Back-end Directory Multimaster Replication Environment
4.1.2.2
Directory Provisioning in an Oracle Internet Directory Multimaster Replication Environment
4.2
Viewing Oracle Directory Integration Platform Status and Registration Information
4.2.1
Viewing the Status of Oracle Directory Integration Platform Using the dipStatus Utility
4.2.1.1
Syntax for dipStatus
4.2.1.2
Arguments for dipStatus
4.2.1.3
Examples for dipStatus
4.2.2
Viewing Oracle Directory Integration Platform Registration Information Using the ldapsearch Utility
4.3
Managing Oracle Directory Integration Platform Using Fusion Middleware Control
4.3.1
Viewing Oracle Directory Integration Platform Runtime Information Using Fusion Middleware Control
4.3.2
Starting Oracle Directory Integration Platform with Fusion Middleware Control
4.3.3
Stopping Oracle Directory Integration Platform with Fusion Middleware Control
4.3.4
Managing the Oracle Directory Integration Platform Server Configuration
4.3.5
Managing Oracle Directory Integration Platform Logging Using Fusion Middleware Control
4.3.6
Auditing Oracle Directory Integration Platform Using Fusion Middleware Control
4.4
Starting and Stopping Oracle Directory Integration Platform Using WLST
4.5
Managing Oracle Directory Integration Platform Using manageDIPServerConfig
4.5.1
Syntax for manageDIPServerConfig
4.5.2
Arguments for manageDIPServerConfig
4.5.3
Tasks and Examples for manageDIPServerConfig
4.6
Configuring Oracle Directory Integration Platform for SSL Mode 2 Server-Only Authentication
4.6.1
To Configure Oracle Internet Directory for SSL Server-Auth Authentication
4.6.2
To Configure the Oracle Directory Integration Platform for SSL Authentication
4.6.3
To Configure Oracle Directory Integration Platform for SSL Authentication With Directories Other Than OID
4.7
Managing the SSL Certificates of Back-End Directories and Connected Directories
4.7.1
Detecting and Removing an Expired Certificate
4.8
Oracle Directory Integration Platform in a High Availability Scenario
4.9
Managing Oracle Directory Integration Platform in a Replicated Environment
Part III Synchronization Using Oracle Directory Integration Platform
5
Understanding the Oracle Directory Synchronization Service
5.1
Components Involved in Oracle Directory Synchronization
5.1.1
Connectors for Directory Synchronization
5.1.1.1
Using Connectors with Supported Interfaces
5.1.1.2
Using Connectors Without Supported Interfaces
5.1.2
Directory Synchronization Profiles
5.2
How Synchronization Works
5.2.1
Synchronizing from the Back-end Directory to a Connected Directory
5.2.2
Synchronizing from a Connected Directory to the Back-end Directory
5.2.3
Synchronizing Directories with Interfaces Not Supported by the Back-end Directory
6
Configuring Directory Synchronization
6.1
Registering Connectors in Oracle Directory Integration Platform
6.2
Synchronization Profile Templates
6.3
Configuring Connection Details
6.4
Configuring Mapping Rules
6.4.1
Distinguished Name Mapping
6.4.1.1
Excluding Domains
6.4.2
Attribute-Level Mapping
6.4.2.1
Excluding Attributes
6.4.3
Manually Creating New Mapping Files
6.4.4
Supported Attribute Mapping Rules and Examples
6.4.5
Example: Mapping File for a Tagged-File Interface
6.4.6
Example: Mapping Files for an LDIF Interface
6.4.7
Updating Mapping Rules
6.4.7.1
Adding an Entry to the Mapping Rules File
6.4.7.2
Modifying an Entry in the Mapping Rules File
6.4.7.3
Deleting an Entry from the Mapping Rules File
6.5
Extending Mappings Using Custom Plug-ins
6.5.1
Writing Custom Plug-Ins
6.5.2
Mapping Plug-In Evaluation Constraints
6.5.3
Adding Mapping Plug-Ins
6.5.4
Applications of Mapping Plug-Ins
6.5.4.1
Support for New Mapping Operations
6.5.4.2
Support for Multiple Literal Values
6.5.5
Example Plug-In Usage
6.6
Configuring Matching Filters
6.6.1
Filtering Changes with an LDAP Search
6.6.2
Filtering Changes from a Change Log
6.7
Location and Naming of Files
7
Managing Directory Synchronization Profiles
7.1
Managing Synchronization Profiles Using Fusion Middleware Control
7.1.1
Creating Synchronization Profiles
7.1.2
Editing Synchronization Profiles
7.1.3
Enabling and Disabling Synchronization Profiles
7.1.4
Deleting Synchronization Profiles
7.1.5
Troubleshooting Synchronization Profiles Using DIP Tester
7.1.5.1
Running DIP Tester From the Enterprise Manager User Interface
7.1.5.2
Running DIP Tester From the WLST Command-Line Interface
7.2
Managing Synchronization Profiles Using manageSyncProfiles
7.2.1
Syntax for manageSyncProfiles
7.2.2
Arguments for manageSyncProfiles
7.2.3
Tasks and Examples for manageSyncProfiles
7.3
Modifying the Synchronization Status Attributes
7.4
Setting Null Values in Synchronization Profiles
8
Bootstrapping a Directory in Oracle Directory Integration Platform
8.1
Directory Bootstrapping Using syncProfileBootstrap
8.1.1
Syntax for syncProfileBootstrap
8.1.2
Arguments for syncProfileBootstrap
8.1.3
Tasks and Examples for syncProfileBootstrap
8.1.4
Recommended Bootstrapping Methodology
8.1.5
Bootstrapping Using a Parameter File
8.1.5.1
Bootstrapping Without Using an LDIF File
8.1.5.2
Bootstrapping Using an LDIF File
8.1.6
Bootstrapping Directly Using the Default Integration Profile
8.2
Bootstrapping in SSL Mode
8.2.1
Adding a Trusted Certificate to the DIP Keystore
8.2.1.1
To Add a Trusted Certificate to the DIP Keystore
9
Synchronizing with Tables in Oracle Database
9.1
Preparing the Additional Configuration Information File
9.2
Preparing the Mapping File
9.3
Preparing the Directory Integration Profile
9.4
Example: Synchronizing a Relational Database Table to the Back-end Directory
9.4.1
Configuring the Additional Configuration Information File
9.4.2
Configuring the Mapping File
9.4.3
Configuring the Directory Integration Profile
9.4.4
Uploading the Additional Configuration Information and Mapping Files
9.4.5
Synchronization Process
9.4.6
Observations About the Example
10
Synchronizing with Oracle Human Resources
10.1
Introduction to Synchronization with Oracle Human Resources
10.2
Data You Can Import from Oracle Human Resources
10.3
Managing Synchronization Between Oracle Human Resources and the Oracle Back-end Directory
10.3.1
Task 1: Configure a Directory Integration Profile for the Oracle Human Resources Connector
10.3.2
Task 2: Configure the List of Attributes to be Synchronized with the Oracle Back-end Directory
10.3.2.1
Modifying Additional Oracle Human Resources Attributes for Synchronization
10.3.2.2
Excluding Oracle Human Resources Attributes from Synchronization
10.3.2.3
Configuring a SQL SELECT Statement in the Configuration File to Support Complex Selection Criteria
10.3.3
Task 3: Configure Mapping Rules for the Oracle Human Resources Connector
10.3.4
Task 4: Prepare to Synchronize from Oracle Human Resources to the Oracle Back-end Directory
10.3.4.1
Preparing for Synchronization
10.4
The Synchronization Process
10.5
Bootstrapping the Oracle Back-end Directory from Oracle Human Resources
11
Synchronizing with Third-Party Metadirectory Solutions
11.1
About Change Logs
11.2
Enabling Third-Party Metadirectory Solutions to Synchronize with the Oracle Back-end Directory
11.2.1
Task 1: Perform Initial Bootstrapping
11.2.2
Task 2: Create a Change Subscription Object in the Oracle Back-end Directory for the Third-Party Metadirectory Solution
11.2.2.1
About the Change Subscription Object
11.2.2.2
Creating a Change Subscription Object
11.3
Synchronization Process
11.3.1
How a Connected Directory Retrieves Changes the First Time from the Oracle Back-end Directory
11.3.2
How a Connected Directory Updates the orclLastAppliedChangeNumber Attribute in the Oracle Back-end Directory
11.4
Disabling and Deleting Change Subscription Objects
11.4.1
Disabling a Change Subscription Object
11.4.2
Deleting a Change Subscription Object
Part IV Provisioning with the Oracle Directory Integration Platform
12
Understanding the Oracle Directory Integration Platform for Provisioning
12.1
What Is Provisioning?
12.2
Components of the Oracle Directory Integration Platform Service
12.3
Understanding Provisioning Concepts
12.3.1
Synchronous Provisioning
12.3.2
Asynchronous Provisioning
12.3.3
Provisioning Data Flow
12.4
Overview of Provisioning Methodologies
12.4.1
Provisioning Users that are Synchronized from an External Source
12.4.2
Provisioning Users Created with Command-Line LDAP Tools
12.4.3
Bulk Provisioning Using the provProfileBulkProv Tool
12.4.3.1
Syntax for provProfileBulkProv
12.4.3.2
Arguments for provProfileBulkProv
12.4.3.3
Tasks and Examples for provProfileBulkProv
12.4.4
On-Demand Provisioning
12.4.5
Application Bootstrapping
12.5
Organization of User Profiles in the Oracle Internet Directory Back-End Directory
12.5.1
Organization of Provisioning Entries in the Directory Information Tree
12.5.2
Understanding User Provisioning Statuses
12.5.2.1
Provisioning Status in Oracle Internet Directory
12.5.2.2
Provisioning Status Transitions
12.5.2.3
Upgrading and Coexistence Provisioning Statuses
12.5.2.4
Provisioning Statuses and Exception Handling
12.6
Understanding Provisioning Flow
12.6.1
Viewing and Editing Provisioning Profiles Using Fusion Middleware Control
12.6.2
User Provisioning from an External Source
12.7
How Are Administrative Privileges Delegated?
12.7.1
Provisioning Administration Model
13
Deploying Provisioning-Integrated Applications
13.1
Deployment Overview for Provisioning-Integrated Applications
13.2
Managing Provisioning Profiles Using oidprovtool
13.2.1
Syntax for oidprovtool
13.2.2
Arguments for oidprovtool
13.2.3
Tasks and Examples for oidprovtool
13.2.3.1
Creating a Provisioning Profile
13.2.3.2
Modifying a Provisioning Profile
13.2.3.3
Deleting a Provisioning Profile
13.2.3.4
Disabling a Provisioning Profile
13.3
Registering Applications for Provisioning
13.4
Configuring Application Provisioning Properties
14
Understanding the Oracle Provisioning Event Engine
14.1
What Are the Oracle Provisioning Events?
14.2
Working with the Oracle Provisioning Event Engine
14.2.1
Creating Custom Event Object Definitions
14.2.2
Defining Custom Event Generation Rules
15
Integration of Provisioning Data with Oracle E-Business Suite
Part V Integrating with Third-Party Directories
16
Connected Directory Integration Concepts and Considerations
16.1
Concepts and Architecture of Connected Directory Integration
16.1.1
Oracle Identity Management Components for Integrating with Other Directories
16.1.2
Oracle Back-end Directory Schema Elements for Synchronizing with Connected Directories
16.1.3
Directory Information Tree in an Integration with a Connected Directory
16.1.3.1
About Realms in Oracle Internet Directory
16.1.3.2
Planning the Deployment
16.1.3.3
Example: Integration with a Single Connected Directory Domain
16.2
Planning Your Integration Environment
16.2.1
Preliminary Considerations for Integrating with a Connected Directory
16.2.2
Choose the Directory for the Central Enterprise Directory
16.2.2.1
Scenario 1: Oracle Internet Directory as the Central Enterprise Directory
16.2.2.2
Scenario 2: A Directory Other Than Oracle Internet Directory is the Central Enterprise Directory
16.2.3
Customizing the LDAP Schema
16.2.4
Choose Where to Store Passwords
16.2.4.1
Advantages and Disadvantages of Storing the Password in One Directory
16.2.4.2
Advantages and Disadvantages of Storing Passwords in Both Directories
16.2.5
Choose the Structure of the Directory Information Tree
16.2.5.1
Create Identical DIT Structures on Both Directories
16.2.5.2
Distinguished Name Mapping and Limitations
16.2.6
Select the Attribute for the Login Name
16.2.7
Select the User Search Base
16.2.8
Select the Group Search Base
16.2.9
Decide How to Address Security Concerns
16.2.10
Administering Your Deployment with Oracle Access Manager
16.3
Microsoft Active Directory Integration Concepts
16.3.1
Synchronizing from Microsoft Active Directory to the Oracle Back-end Directory
16.3.2
Requirement for Using WebDAV Protocol
16.3.3
Windows Native Authentication
16.3.3.1
Understanding Windows Native Authentication
16.3.3.2
Authenticating Users Against Multiple Microsoft Active Directory Domains
16.3.3.3
Overriding an Application Authentication Mechanism with Windows Native Authentication
16.3.4
Oracle Back-end Directory Schema Elements for Microsoft Active Directory
16.3.5
Integration with Multiple Microsoft Active Directory Domain Controllers
16.3.6
Synchronizing with a Multiple-Domain Microsoft Active Directory Environment
16.3.6.1
Configuration Required for Importing from Microsoft Active Directory to the Oracle Back-end Directory
16.3.6.2
Configuration Required for Importing from Microsoft Active Directory Lightweight Directory Service to the Oracle Back-end Directory
16.3.6.3
Configuration Required for Exporting from the Oracle Back-end Directory to Microsoft Active Directory
16.3.6.4
Example: Integration with Multiple Connected Directory Domains
16.3.7
Foreign Security Principals
16.4
Oracle Directory Server Enterprise Edition (Sun Java System Directory Server) Integration Concepts
16.4.1
Synchronizing from Oracle Directory Server Enterprise Edition to Oracle Directory Integration Platform
16.4.2
Oracle Internet Directory Schema Elements for Oracle Directory Server Enterprise Edition (Sun Java System Directory Server)
16.5
IBM Tivoli Directory Server Integration Concepts
16.5.1
Changes to Directory Objects in IBM Tivoli Directory Server
16.5.2
Oracle Back-end Directory Schema Elements for IBM Tivoli Directory Server
16.6
Novell eDirectory and OpenLDAP Integration Concepts
16.6.1
Synchronizing from Novell eDirectory or OpenLDAP to the Oracle Back-end Directory
16.6.2
Oracle Back-end Directory Schema Elements for Novell eDirectory
16.6.3
Oracle Back-end Directory Schema Elements for OpenLDAP
16.7
Limitations of Connected Directory Integration in Oracle Directory Integration Platform 11
g
Release 1 (11.1.1)
17
Configuring Synchronization with a Connected Directory
17.1
Verifying Synchronization Requirements
17.2
Creating Import and Export Synchronization Profiles Using expressSyncSetup
17.2.1
Syntax for expressSyncSetup
17.2.2
Arguments for expressSyncSetup
17.2.3
Tasks and Examples for expressSyncSetup
17.2.4
Understanding the expressSyncSetup Command
17.3
Configuring Advanced Integration Options
17.3.1
Configuring the Realm
17.3.2
Customizing Access Control Lists
17.3.2.1
Customizing ACLs for Import Profiles
17.3.2.2
Customizing ACLs for Export Profiles
17.3.2.3
ACLs for Other Oracle Components
17.3.3
Customizing Mapping Rules
17.3.4
Configuring the Connected Directory Connector for Synchronization in SSL Mode
17.3.5
Enabling Password Synchronization from the Oracle Back-end Directory to a Connected Directory
17.3.6
Configuring External Authentication Plug-ins
17.3.6.1
Configuring External Authentication Against Multiple Domains
17.4
Writing Custom Synchronization Connectors
17.4.1
Inbound Connectors
17.4.1.1
Sample Reader
17.4.2
Outbound Connectors
17.4.2.1
Sample Writer
18
Integrating with Microsoft Active Directory
18.1
Verifying Synchronization Requirements for Microsoft Active Directory
18.2
Configuring Basic Synchronization with Microsoft Active Directory
18.3
Configuring Advanced Integration with Microsoft Active Directory
18.3.1
Step 1: Planning Your Integration
18.3.2
Step 2: Configuring the Realm
18.3.3
Step 3: Customizing the Search Filter to Retrieve Information from Microsoft Active Directory
18.3.4
Step 4: Customizing the ACLs
18.3.5
Step 5: Customizing Attribute Mappings
18.3.6
Step 6: Synchronizing with Multiple Microsoft Active Directory Domains
18.3.7
Step 7: Synchronizing Deletions from Microsoft Active Directory
18.3.8
Step 8: Synchronizing in SSL Mode
18.3.9
Step 9: Synchronizing Passwords
18.3.10
Step 10: Configuring the Microsoft Active Directory External Authentication Plug-in
18.3.11
Step 11: Performing Post-Configuration and Administrative Tasks
18.4
Using DirSync Change Tracking for Import Operations
18.5
Configuring Windows Native Authentication
18.5.1
What are the System Requirements for Windows Native Authentication?
18.5.2
Avoiding HTTP-401 Errors and Repeat Login Challenges for External Users
18.5.3
Configuring Windows Native Authentication with a Single Microsoft Active Directory Domain
18.5.4
Configuring Windows Native Authentication with Multiple Microsoft Active Directory Domains or Forests
18.5.5
Implementing Fallback Authentication
18.5.6
Understanding the Possible Login Scenarios
18.6
Configuring Synchronization of Oracle Internet Directory Foreign Security Principal References with Microsoft Active Directory
18.7
Switching to a Different Microsoft Active Directory Domain Controller in the Same Domain
18.8
Configuring the Microsoft Active Directory Connector for Microsoft Active Directory Lightweight Directory Service
18.9
Configuring the Microsoft Active Directory Connector for Microsoft Exchange Server
18.9.1
To Enable Microsoft Exchange User Synchronization From the User Interface
18.9.2
To Enable Microsoft Exchange User Synchronization From the Command Line
19
Deploying the Oracle Password Filter for Microsoft Active Directory
19.1
Overview of the Oracle Password Filter for Microsoft Active Directory
19.1.1
What is the Oracle Password Filter for Microsoft Active Directory?
19.1.2
How Does the Oracle Password Filter for Microsoft Active Directory Work?
19.1.2.1
How Clear Text Password Changes are Captured
19.1.2.2
Password Changes are Stored when the Oracle Back-end Directory is Unavailable
19.1.2.3
Password Synchronization is Delayed Until Microsoft Active Directory Users are Synchronized with Oracle Identity Management
19.1.2.4
Password Bootstrapping
19.1.3
How Do I Deploy the Oracle Password Filter for Microsoft Active Directory?
19.2
Configuring and Testing Oracle Internet Directory with SSL Server-Side Authentication
19.3
Importing a Trusted Certificate into a Microsoft Active Directory Domain Controller
19.4
Testing SSL Communication Between Oracle Internet Directory and Microsoft Active Directory
19.5
Installing and Reconfiguring the Oracle Password Filter for Microsoft Active Directory
19.5.1
Installing the Oracle Password Filter for Microsoft Active Directory
19.5.2
Reconfiguring the Oracle Password Filter for Microsoft Active Directory
19.6
Removing the Oracle Password Filter for Microsoft Active Directory
20
Integrating with Oracle Directory Server Enterprise Edition (Sun Java System Directory Server)
20.1
Verifying Synchronization Requirements for Oracle Directory Server Enterprise Edition
20.2
Configuring Basic Synchronization with Oracle Directory Server Enterprise Edition
20.3
Configuring Advanced Integration with Oracle Directory Server Enterprise Edition
20.3.1
Step 1: Plan Your Integration
20.3.2
Step 2: Configure the Realm
20.3.3
Step 3: Customize the ACLs
20.3.4
Step 4: Customize Attribute Mappings
20.3.5
Step 5: Customize the Oracle Directory Server Enterprise Edition (Sun Java System Directory Server) Connector to Synchronize Deletions
20.3.6
Step 6: Synchronize Passwords
20.3.7
Step 7: Synchronizing in SSL Mode
20.3.8
Step 8: Configure the Oracle Directory Server Enterprise Edition (Sun Java System Directory Server) External Authentication Plug-in
20.3.9
Step 9: Perform Post-Configuration and Administrative Tasks
21
Integrating with IBM Tivoli Directory Server
21.1
Verifying Synchronization Requirements for IBM Tivoli Directory Server
21.2
Configuring Basic Synchronization with IBM Tivoli Directory Server
21.3
Configuring Advanced Integration with IBM Tivoli Directory Server
21.3.1
Step 1: Plan Your Integration
21.3.2
Step 2: Configure the Realm
21.3.3
Step 3: Customize the ACLs
21.3.4
Step 4: Customize Attribute Mappings
21.3.5
Step 5: Customize the IBM Tivoli Directory Server Connector to Synchronize Deletions
21.3.6
Step 6: Synchronize Passwords
21.3.7
Step 7: Synchronize in SSL Mode
21.3.8
Step 8: Configure the IBM Tivoli Directory Server External Authentication Plug-in
21.3.9
Step 9: Perform Post-Configuration and Administrative Tasks
22
Integrating with Novell eDirectory or OpenLDAP
22.1
Verifying Synchronization Requirements for Novell eDirectory or OpenLDAP
22.2
Configuring Basic Synchronization with Novell eDirectory or OpenLDAP
22.2.1
Synchronizing Multiple Profiles from eDirectory or OpenLDAP to One Oracle Back-end Directory Container
22.3
Configuring Advanced Integration with Novell eDirectory or OpenLDAP
22.3.1
Step 1: Plan Your Integration
22.3.2
Step 2: Configure the Realm
22.3.3
Step 3: Customize the Search Filter to Retrieve Information from Novell eDirectory or OpenLDAP
22.3.4
Step 4: Customize the ACLs
22.3.5
Step 5: Customize Attribute Mappings
22.3.6
Step 6: Customize the Novell eDirectory or OpenLDAP Connector to Synchronize Deletions
22.3.6.1
How Do I Define a Reconciliation Rule?
22.3.6.2
How are Reconciliation Rules Used to Synchronize Deletions?
22.3.7
Step 7: Specify Synchronization Parameters for the Advanced Configuration Information Attribute
22.3.8
Step 8: Configure the OpenLDAP Connector to Synchronize Passwords
22.3.9
Step 9: Synchronize in SSL Mode
22.3.10
Step 10: Configure the Novell eDirectory or OpenLDAP External Authentication Plug-in
22.3.11
Step 11: Perform Post-Configuration and Administrative Tasks
23
Managing Integration with a Connected Directory
23.1
Tasks After Configuring with a Connected Directory
23.2
Typical Management of Integration with a Connected Directory
23.2.1
Bootstrapping Data Between Directories
23.2.2
Managing a Third-Party Directory External Authentication Plug-in
23.2.2.1
Deleting a Third-Party Directory External Authentication Plug-in
23.2.2.2
Disabling a Third-Party External Authentication Plug-in
23.2.2.3
Re-enabling a Third-Party External Authentication Plug-in
Part VI Appendixes
A
Comparing Oracle Directory Integration Platform 11g Release 1 (11.1.1) and 10g Releases (10.1.4.x)
A.1
Process Management
A.2
Configuration Files
A.3
Templates for Mapping, Configuration, and Properties Files
A.4
Log Files
A.5
Graphical User Interfaces
A.6
Command-Line Tools
A.7
Audit Configurables
A.8
Audit Log Location
B
Example Properties File for Synchronization Profiles
B.1
Example Properties File for Synchronization Profiles
C
Case Study: A Deployment of Oracle Directory Integration Platform
C.1
Components in the MyCompany Enterprise
C.2
Requirements of the MyCompany Enterprise
C.3
Overall Deployment in the MyCompany Enterprise
C.4
User Creation and Provisioning in the MyCompany Enterprise
C.5
Modification of User Properties in the MyCompany Enterprise
C.6
Deletion of Users in the MyCompany Enterprise
D
Starting and Stopping the Oracle Stack
D.1
Starting the Stack
D.2
Stopping the Stack
E
Troubleshooting the Oracle Directory Integration Platform
E.1
Checklist for Troubleshooting Oracle Directory Integration Platform
E.2
Problems and Solutions
E.2.1
Provisioning Errors and Problems
E.2.2
Synchronization Errors and Problems
E.2.3
Windows Native Authentication Errors and Problems
E.2.4
Novell eDirectory and OpenLDAP Synchronization Errors and Problems
E.2.5
Oracle Password Filter for Microsoft Active Directory Errors and Problems
E.3
Troubleshooting Synchronization
E.3.1
Oracle Directory Integration Platform Synchronization Process Flow
E.3.1.1
Oracle Directory Integration Platform Synchronization Process Flow for an Import Profile
E.3.1.2
Oracle Directory Integration Platform Synchronization Process Flow for an Export Profile
E.3.2
Understanding Synchronization Profile Registration
E.3.3
Understanding the diagnostic.log File
E.4
Troubleshooting Integration with Microsoft Active Directory
E.4.1
Debugging Windows Native Authentication
E.4.2
Synchronizing Changes Following a Period when the Oracle Back-end Directory is Unavailable
E.5
Need More Help?
Glossary
Index
Scripting on this page enhances content navigation, but does not change the content in any way.