Skip Headers
Oracle® Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform
11g Release 1 (11.1.1)

Part Number E10031-06
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

3 Administering Oracle Directory Integration Platform

This chapter describes tools you can use to administer Oracle Directory Integration Platform. It contains these topics:

3.1 Graphical Tools for Administering Oracle Directory Integration Platform

You can use the following graphical tools to administer Oracle Directory Integration Platform:

Note:

Prior to 11g Release 1 (11.1.1), the Oracle Directory Integration Platform was graphically administered by using the Oracle Directory Integration Server Administration tool. This tool is no longer available with the Oracle Directory Integration Platform. To graphically administer the Oracle Directory Integration Platform in 11g Release 1 (11.1.1) you must use Oracle Enterprise Manager Fusion Middleware Control.

3.1.1 Using Fusion Middleware Control

As of 11g Release 1 (11.1.1), you can graphically administer many Oracle Directory Integration Platform features from the Oracle Enterprise Manager Fusion Middleware Control. This console enables you to configure and manage all Oracle products from one user interface.

To use Oracle Enterprise Manager Fusion Middleware Control to administer Oracle Directory Integration Platform:

  1. Connect to Oracle Enterprise Manager Fusion Middleware Control. The URL is of the form:

    https://host:port/em
    
  2. In the left panel topology tree, expand the farm, then Identity and Access. Alternatively, from the farm home page, expand Fusion Middleware, then Identity and Access. Oracle Directory Integration Platform components are listed in both places.

    To distinguish one component from another, move the mouse over the component name and view the full name of the component in the tool tip.

  3. Select the Oracle Directory Integration Platform component you want to manage.

  4. Use the DIP Server menu to select tasks.

You can use the DIP Server menu to navigate to other Fusion Middleware Control pages for Oracle Directory Integration Platform.

3.1.1.1 The Oracle Directory Integration Platform Home Page

The Home Page for Oracle Directory Integration Platform in Oracle Enterprise Manager Fusion Middleware Control provides statistics and information about the component, including:

  • The status of Oracle Directory Integration Platform components, such as the Quartz Scheduler and MBeans.

  • The amount of CPU and memory being utilized.

  • Information about existing Synchronization Profiles, including name, status, average execution time, and successful and failed propagation of changes.

  • Information about existing Provisioning Profiles, including name, status, average execution time, and successful and failed propagation of changes.

3.1.2 Using Oracle Internet Directory Self-Service Console

The Oracle Internet Directory Self-Service Console enables you to delegate administrative privileges to various administrators and to users. It is a ready-to-use standalone application created with Oracle Delegated Administration Services that provides a single graphical interface for delegated administrators and users to manage data in the directory. The Oracle Internet Directory Self-Service Console enables both administrators and users, depending on their privileges, to perform various directory operations. In an integrated deployment, the Oracle Internet Directory Self-Service Console is primarily used for customizing realm parameters.

Note:

Oracle Directory Integration Platform 11g Release 1 (11.1.1) interoperates with and supports Oracle Delegated Administration Services release 10.1.4.3.0.

See Also:

Oracle Fusion Middleware Guide to Delegated Administration for Oracle Identity Management

3.2 Command-Line Tools for Administering Oracle Directory Integration Platform

The following command-line tools, located in the ORACLE_HOME/bin directory, are available for administering Oracle Directory Integration Platform:

Notes:

  • Best security practice is to provide a password only in response to a prompt from the command.

  • You must set the WLS_HOME and ORACLE_HOME environment variables before executing any of the Oracle Directory Integration Platform commands.

  • Refer to the command-specific sections throughout this document and the Oracle Identity Management User Reference for additional information on each of the tools described in the following list.

3.2.1 Using Standard LDAP Command-Line Tools

Oracle Directory Integration Platform supports the standard LDAP command-line utilities, including those listed in Table 3-1.

For security reasons, avoid supplying a password on the command-line whenever possible. A password typed on the command line is visible on your screen and might appear in log files or in the output from the ps command. When you supply a password at a prompt, it is not visible on the screen, in ps output, or in log files. Use the -q and -Q options, respectively, instead of the -P password and -w password options.

The LDAP tools have been modified to disable the options -w password and -P password when the environment variable LDAP_PASSWORD_PROMPTONLY is set to TRUE or 1. Use this feature whenever possible.

See Also:

"Using Passwords with Command-Line Tools" in Oracle Fusion Middleware Reference for Oracle Identity Management.

Table 3-1 Entry and Attribute Management Command-Line Tools

Tool Description

catalog

Indexes attributes. This tool is only supported if Oracle Internet Directory is your Oracle back-end directory.

ldapadd

Adds entries and their object classes, attributes, and values to the directory.

ldapaddmt

Supports multiple threads for concurrently adding entries and their object classes, attributes, and values to the directory. This tool is only supported if Oracle Internet Directory is your Oracle back-end directory.

ldapbind

Determines whether you can authenticate a client to a server.

ldapcompare

Matches specified attribute values with an entry's attribute values.

ldapdelete

Removes entries from the directory.

ldapmoddn

Modifies an entry's DN or RDN.

ldapmodify

Modifies an entry's attributes.

ldapmodifymt

Supports multiple threads to modify entries concurrently. This tool is only supported if Oracle Internet Directory is your Oracle back-end directory.

ldapsearch

Searches for entries in the directory


See Also:

Oracle Identity Management User Reference for the required syntax for each of the tools listed in Table 3-1.