Skip Headers
Oracle® Fusion Middleware Administrator's Guide for Oracle Virtual Directory
11g Release 1 (11.1.1)

Part Number E10046-10
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

9 Configuring and Managing the Oracle Virtual Directory Server

This chapter explains how to configure Oracle Virtual Directory server settings and includes the following sections:

9.1 Configuring Oracle Virtual Directory Server Properties Using Fusion Middleware Control

Oracle Virtual Directory provides the ability to regulate items such as the number of entries the server can return for an anonymous user or for an authenticated user. You can also limit inbound transaction traffic to protect proxied sources from Denial Of Service attacks or to limit LDAP traffic to control access to a limited directory infrastructure resource. You can configure these properties and others on the Oracle Virtual Directory Server Properties page in Oracle Enterprise Manager Fusion Middleware Control.

There are two tabs on the Server Properties screen: General and Change SuperUser Password. The General tab contains options to configure general server properties, such as quotas on activity limits, search settings, and schema and access control checks. You can use the Change SuperUser Password tab to change the password for the Oracle Virtual Directory superuser.

The following are the procedures to configure the properties on each tab:

  1. Log in to Oracle Enterprise Manager Fusion Middleware Control and navigate to the Oracle Virtual Directory target on which you want to configure the server settings.

  2. Select Administration and then Server Properties from the Oracle Virtual Directory menu. The Server Properties screen appears.

To configure general Oracle Virtual Directory server properties:

  1. Click the General tab on the Server Properties screen.

  2. Enable quota enforcement on the server by selecting the Enable Quota Enforcement option and entering the following information:

    Note:

    You must select the Enable Quota Enforcement option to configure the Activity Limits parameters.

    • Enter the maximum number of client connections to allow in the Maximum Client Connections field.

    • Enter the maximum number of operations to allow for each connection in the Maximum Operations per Connection field.

    • Enter the maximum number of connections to allow for each authenticated subject in the Maximum Connections per Authenticated Subject field.

    • Enter the maximum number of connections to allow for each IP address connected to Oracle Virtual Directory in the Maximum Connections per IP Address field.

    • Enter the maximum length of time (in minutes) that a client connection can remain inactive before Oracle Virtual Directory closes the connection in the Maximum time period (minutes) field.

    • Add or delete IP addresses that are exempt from the quota checking in the Exempt IP addresses field. To add an IP address, enter the IP address in the Exempt IP Addresses field. To delete an IP address, select the IP address in the Exempt IP Addresses field and delete it.

      Note:

      Oracle Virtual Directory 11g Release 1 (11.1.1) supports IPv6. If your network supports IPv6 you can use literal IPv6 addresses in the Exempt IP Addresses field to identify IP addresses that are exempt from quota enforcement.

    • Add or delete subjects that are exempt from the quota checking in the Exempt Subjects field. To add a subject, enter the subject in the Exempt IP Subjects field. To delete a subject, select the subject in the Exempt IP Subjects field and delete it.

      Note:

      By default, users who have Oracle Directory Services Manager Administrator access (typically cn=orcladmin) are exempt from quota checking.

  3. Enter the maximum number of entries to return for an anonymous client search in the Anonymous Search field. The default setting is 1000.

  4. Enter the maximum number of entries to return for an authenticated user in the Authenticated User Search field. An authenticated user is defined as a user bound to Oracle Virtual Directory. The Oracle Virtual Directory root account is exempt from this quota and the default setting is 10,000.

  5. Select the Enable Access Control Check option to enable Oracle Virtual Directory to enforce access controls as defined in the access control file.

  6. Select the Enable Persistent Search option to enable Oracle Virtual Directory to support the persistent search control regardless of the adapters configured.

  7. Select the Enable Schema Check option to enable Oracle Virtual Directory to check LDAP entries for conformance against the schema definitions contained in the files listed in the Schema Locations field.

    Oracle suggests disabling the Enable Schema Check option only when an external method for schema checking will be used.

  8. If the Enable Schema Check option is selected, Oracle Virtual Directory uses the files that are listed in the Schema Locations field to verify that LDAP entries conform to schema definitions. Use this field to identify the files Oracle Virtual Directory uses to define its schema.

    Each file is applied in descending order from top to bottom, with each file overriding the previous one when conflicts occur. Typically, the last file identified is schema.user.xml. Any and all changes to schema are applied to the schema.user.xml file to ensure standard files, such as schema.core.xml, remain unchanged between releases, but can also be virtually modified by having the changes in schema.user.xml override default-shipped schema in schema.core.xml.

    If you are installing a manufacturer supplied schema (in DSML form), identify this file in the second to last file in the list of schema files. This protects the distributed manufacturer file from modification while allowing local customization, which is then stored in schema.user.xml.

    The following is a list of the default schema files:

    • schema.core.xml

    • schema.cosine.xml

    • schema.inetorgperson.xml

    • schema.nis.xml

    • schema.dyngroup.xml

    • schema.java.xml

    • schema.diameter.xml

    • schema.eus.xml

    • schema.user.xml

  9. Use the TLS Configuration section to:

    • Read the names of the adapter keystore and truststore. You cannot configure these values using Oracle Enterprise Manager Fusion Middleware Control.

    • Set the password for the adapter keystore and truststore.

  10. Click Apply on the Server Configuration screen to apply your settings.

To change the password for the Oracle Virtual Directory superuser:

  1. Click the Change SuperUser Password tab on the Server Properties screen.

  2. Enter the existing superuser password in the Old Password field.

  3. Enter the new superuser password in the New Password field.

  4. Reenter the new superuser password in the Confirm Password field.

  5. Click Apply.

To Reset a Lost Oracle Virtual Directory Superuser Password

If you lose the superuser password, you can run the ovdcred.pl script to reset the password. You can also change the Oracle Virtual Directory root username using this script.

Note:

You must set ORACLE_HOME before running this script.

  1. Locate ovdcred.pl in $ORACLE_HOME/ovd/bin/directory.

  2. Run the ovdcred.pl script using the following syntax:

    ovdcred.pl -componentName  ovd-component-name -instancePath ovd-instance-path  -option username/password option
    

    Where

    • componentName (Required) is the Oracle Virtual Directory component name

    • instancePath (Optional) is the ORACLE_INSTANCE value. If you already set the ORACLE_INSTANCE value then you do not have to provide this option.

    • option (Required) Specify a password or username for the value you want to edit or reset.

    For example:

    ovdcred.pl –componentName ovd1 –instancePath /scratch/aime1/asinst_1 –option Password
    ovdcred.pl –componentName ovd1 –instancePath /scratch/aime1/asinst_1 –option Username
    

9.2 Configuring Oracle Virtual Directory Server Settings Using Oracle Directory Services Manager

You can use Oracle Directory Services Manager to configure some Oracle Virtual Directory server settings, including settings related to the following:

Perform the following steps to configure Oracle Virtual Directory server settings using Oracle Directory Services Manager:

  1. Log in to Oracle Directory Services Manager.

  2. Select Advanced from the task selection bar. The Advanced navigation tree appears.

  3. Click the Server Settings entry in the Advanced navigation tree. The Server Settings entry expands and the Settings, Quotas, and Adapter SSL Settings groups appear in the navigation tree.

  4. Click the group you want to configure. The following tables describe each setting in each group.

    Note:

    After configuring the appropriate setting, click Apply in the main Oracle Directory Services Manager screen to save the settings to the Oracle Virtual Directory server.

Table 9-1 Configuration Parameters for Settings Group in ODSM

Category Setting Description

Schema

Schema Files

Use the Schema Files section to identify the files Oracle Virtual Directory uses to define its schema. The Available Files field lists all available schema files that contain schema definitions. The Selected Files field lists the files that Oracle Virtual Directory uses to verify that LDAP entries conform to schema definitions. Oracle Virtual Directory verifies LDAP entries against the files listed in the Selected Files field only when the Enable Schema Checking option is selected. To move files between the Available Files and Selected Files fields, select one or more files, then use the appropriate Move or Remove arrow buttons to move the file.

Oracle Virtual Directory verifies LDAP entries against the files in the Selected Files field in the sequence, or order, in which they appear in the field. Each file is used for verification in descending order from top to bottom, with each file overriding the previous one when conflicts occur. You can change the sequence, or order, in which the files are used for verification by selecting a file name in the Selected Files field and then using the up and down arrow buttons to the right of the Selected Files field to change the order.

Typically, the last file identified is schema.user.xml. Any and all changes to schema are applied to the schema.user.xml file to ensure standard files, such as schema.core.xml, remain unchanged between releases, but can also be virtually modified by having the changes in schema.user.xml override default-shipped schema in schema.core.xml.

If you are installing a manufacturer supplied schema (in DSML form), identify this file in the second to last file in the list of schema files. This protects the distributed manufacturer file from modification while allowing local customization, which is then stored in schema.user.xml.

The following is a list of the default schema files:

  • schema.core.xml

  • schema.cosine.xml

  • schema.inetorgperson.xml

  • schema.nis.xml

  • schema.dyngroup.xml

  • schema.java.xml

  • schema.diameter.xml

  • schema.eus.xml

  • schema.user.xml

Enable Schema Checking

Select the Enable Schema Check option to enable Oracle Virtual Directory to check LDAP entries for conformance against the schema definitions contained in the files listed in the Schema Files section. Oracle suggests disabling the Enable Schema Check option only when an external method of schema checking will be used.

Access Control

Enable Access Control

Select the Enable Access Control option to enable Oracle Virtual Directory to enforce access controls as defined in the access control file.

Access Control File

Identify the file that stores Oracle Virtual Directory's Access Control Lists (ACL).

Server Root Adapter

Root DN

Enables you to relocate the Oracle Virtual Directory Root DSE entry (base="") to another location in the virtual directory tree.

Relocating the DSE is most commonly performed when you must proxy another server's root entry to replace Oracle Virtual Directory's root entry, usually when you want to make Oracle Virtual Directory appear to be another directory server. This can be useful when the application is making assumptions about the directory.

After Oracle Virtual Directory's root entry is renamed from "", you can replace it by creating an LDAP Adapter with a remote base of "" and setting the local root as "". If you do this, you should also set Routing Levels to 0 for the LDAP Adapter so that Oracle Virtual Directory only tries to query the Root Entry of the remote server specifically when its root is queried. If you do not set Routing Levels to 0, the remote server receives queries for all requests received by Oracle Virtual Directory.

Control

Persistent Search Control

Enables or disables Oracle Virtual Directory to support the persistent search control regardless of the adapters configured.

Server Security

Admin Group URL

Enter the valid LDAP Admin Group URL used to connect to the Oracle Directory Services Manager Admin port. All users who match this URL can connect to the Admin port to manage Oracle Virtual Directory. configuration after restarting the Oracle Virtual Directory server.


Table 9-2 Configuration Parameters for Quotas Group in ODSM

Category Setting Description

Search Limits

Anonymous

Enter the maximum number of entries to return for an anonymous client search. The default setting is 1000.

Authenticated

Enter the maximum number of entries to return for an authenticated user. An authenticated user is defined as a user bound to Oracle Virtual Directory. The Oracle Virtual Directory root account is exempt from this quota and the default setting is 10,000.

Activity Limits

Enforce Quotas

Enables or disables quota enforcement on the Oracle Virtual Directory server. You must enable the Enforce Quota option to configure the Activity Limits parameters.

Rate

Determines the time durations (in milliseconds) of quota enforcement. For example, if you set Rate to 50000, the quotas are enforced for 50 seconds. After 50 seconds expires, the "count" of quota settings starts over at 0 and the quotas are enforced for another 50 second duration. The default value is 30000, or 30 seconds.

Max Connections

Enter the maximum number of client connections to allow.

Max Ops/Con

Enter the maximum number of operations to allow for each connection.

Max Cons/Subject

Enter the maximum number of connections to allow for each authenticated subject.

Max Cons/IP Address

Enter the maximum number of connections to allow for each IP address connected to Oracle Virtual Directory.

Inactive Connection Timeout

Enter the maximum length of time (in minutes) that a client connection can remain inactive before Oracle Virtual Directory closes the connection.

Exempt Subjects

Add or delete subjects that are exempt from the quota enforcement. By default, users who have Oracle Directory Services Manager Administrator access (typically cn=orcladmin) are exempt from quota enforcement.

Exempt IP Address

Add or delete IP addresses that are exempt from the quota enforcement.


Table 9-3 Configuration Parameters for Adapter SSL Settings Group in ODSM

Setting Description

Keystore

Lists the names and locations of existing SSL keystores.

Keystore Password

Password for the keystore selected in the Keystore list.

Trust Store

Lists the names and locations of existing SSL trust stores.

Trust Store Password

Password for the trust store selected in the Trust Store list.

Adapters Key Alias

Lists the existing Java certificate aliases. Select an alias from the list to see its certificate details in the Selected Certificate Details table. This Adapter Key Alias control is for informational purposes only—it does not write any data.

Selected Certificate Details

Displays details about the Java certificate for the alias identified in the Adapter Key Alias list.


9.3 Configuring Oracle Virtual Directory Server Settings Using WLST

You can use the WebLogic Scripting Tool (WLST) at ORACLE_COMMON_HOME/common/bin/wlst.sh to set Oracle Virtual Directory server settings as follows:

  1. Connect to the WebLogic Admin Server. For example:

    connect('username', 'password','t3://host_name:Admin_Server_Port')
    
  2. Move to the Oracle Virtual Directory Root Proxy MBean node and initialize the MBean. For example:

    custom()
    cd('oracle.as.management.mbeans.register')
    cd('oracle.as.management.mbeans.register:type=component,name=OVD_COMPONENT_NAME,instance=INSTANCE_NAME')
    invoke('load',jarray.array([],java.lang.Object),jarray.array([],java.lang.Strin
    g)) 
    
  3. Move to the Oracle Virtual Directory Server configuration MBean. For example:

    cd('../..')
    cd('oracle.as.ovd/oracle.as.ovd:type=component.serverconfig,name=serverconfig,i
    nstance=INSTANCE_NAME,component=OVD_COMPONENT_NAME')
    
  4. Using the WLST ls() command, you can see a list of attributes for the Oracle Virtual Directory server configuration MBean. Use the get('ATTRIBUTE_NAME') command to retrieve the current value for an attribute. For example, to retrieve the current value for MaxConnections, which is the maximum number of client connections to allow, execute the following:

    get('MaxConnections')
    

    Use the set() command to update an attribute. For example, to update the value for the MaxConnections setting, execute the following:

    set('MaxConnections', 3000)
    

    Note:

    Using the set() command as shown in the preceding example saves the attribute setting to the MBean—you must perform step 5 in this procedure to save the changes to the Oracle Virtual Directory server.

    The following is a list of each Oracle Virtual Directory server configuration MBean attribute and an example command for setting them:

    • ACLCheck: set('ACLCheck',true)

    • Anonymous: set('Anonymous',2000)

    • Authenticated: set('Authenticated',20000)

    • DoSActive: set('DoSActive',true)

    • DoSRatePeriod: set('DoSRatePeriod',20000)

    • ExemptIPAddresses:

      First (on one command-line):

      invoke('addExemptIPAddress',jarray.array([java.lang.String('127.0.0.1')],
      java.lang.Object),jarray.array(['java.lang.String'],java.lang.String))
      

      Then (on one command-line):

      invoke('deleteExemptIPAddress',jarray.array([java.lang.String('127.0.0.1')]
      ,java.lang.Object),jarray.array(['java.lang.String'],java.lang.String))
      
    • ExemptSubjects:

      First (on one command-line):

      invoke('addExemptSubjects',jarray.array([java.lang.String('cn=myuser')],
      java.lang.Object),jarray.array(['java.lang.String'],java.lang.String))
      

      Then (on one command-line):

      invoke('deleteExemptSubjects',jarray.array([java.lang.String('cn=myuser')],
      java.lang.Object),jarray.array(['java.lang.String'],java.lang.String))
      
    • InactiveConnectionTimeout: set('InactiveConnectionTimeout',50)

    • MaxConnections: set('MaxConnections',50)

    • MaxConnectionsPerIP: set('MaxConnectionsPerIP',20)

    • MaxConnectionsPerSubject: set('MaxConnectionsPerSubject',20)

    • MaxOperationsPerConnection:

      set('MaxOperationsPerConnection',10)

    • PersistentSearch: set('PersistentSearch',false)

    • TLSKeyStore: Read-only attribute

    • TLSTrustStore: Read-only attribute

    • TLSKeyStorePassword:

      set('TLSKeyStorePassword',java.lang.String('PASSWORD').toCharArray())
      
    • TLSTrustStorePassword:

      set('TLSTrustStorePassword',java.lang.String('welcome1').toCharArray())
      
    • SchemaCheck: set('SchemaCheck',true)

    • SchemaLocations:

      Add (on one command-line):

      invoke('addSchemaLocation',jarray.array([java.lang.String('schema.myschema.
      xml')],java.lang.Object),jarray.array(['java.lang.String'],java.lang.String
      ))
      

      Delete (on one command-line):

      invoke('deleteSchemaLocation',jarray.array([java.lang.String('schema.mysche
      ma.xml')],java.lang.Object),jarray.array(['java.lang.String'],java.lang.Str
      ing))
      
  5. Save the changes to the Oracle Virtual Directory server and then refresh the MBean. For example:

    cd('../..')
    cd('oracle.as.management.mbeans.register')
    cd('oracle.as.management.mbeans.register:type=component,name=OVD_COMPONENT_NAME,instance=asinst1')
    invoke('save',jarray.array([],java.lang.Object),jarray.array([],java.lang.Strin
    g))
    invoke('load',jarray.array([],java.lang.Object),jarray.array([],java.lang.Strin
    g))
    

9.4 Controlling the Maximum Heap Size Allocated to the Oracle Virtual Directory Server

The -Xmx parameter in the opmn.xml file controls the maximum heap size allocated to the Oracle Virtual Directory server. The default value is -Xmx256m. Edit this parameter as needed to increase or decrease the maximum heap size allocated to the Oracle Virtual Directory server. The opmn.xml file is located in the ORACLE_INSTANCE/config/OPMN/opmn/ directory.

The following example shows the -Xmx parameter set to -Xmx2048m, which allocates 2 GB of heap size to the Oracle Virtual Directory Server:

<ias-component id="OVD_COMPONENT_NAME">
            <process-type id="OVD" module-id="OVD">
               <module-data>
                  <category id="start-options">
                     <data id="java-options" value="-server -Xms512m -Xmx2048m                               
-Doracle.security.jps.config=$ORACLE_INSTANCE/config/JPS/jps-config-jse.xml 
-Dvde.soTimeoutBackend=120"/>
                     <data id="java-classpath" value="$ORACLE_
HOME/ovd/jlib/vde.jar$:$ORACLE_HOME/jdbc/lib/ojdbc6.jar"/>
                  </category>
               </module-data>
               <stop timeout="120"/>
            </process-type>
         </ias-component>

9.5 Controlling Orphan Connections Caused by Remote Client or Server Failure

Oracle Virtual Directory supports two parameters that help detect and safely close orphan socket connections caused by remote client or server failure. These parameters help if applications or directory sources are on different networks—in particular, outside of the same data-center—than Oracle Virtual Directory and the network is unstable.

Set each parameter to the amount of time in seconds that TCP should wait for a response from the client or server. The status and stability of your network influence which parameters you set and also the amount of time you set. In an unstable network, you may want to set these parameters to a greater number of seconds than you would in a stable network environment.

Note:

If your operating system is reporting several connections in TIME_WAIT status and they do not close for an extended length of time, such as, five minutes or more, it is a good indication to use these parameters to control the orphan connections.

Controlling Orphan Client Connections:

You can use the LDAP Listener's SocketOptionsReadTimeout parameter to control orphan client connections. Use the WLST set() command to set the SocketOptionsReadTimeout parameter. For example:

set('SocketOptionsReadTimeout', 120)

Note:

You must specify the SocketOptionsReadTimeout parameter value in milliseconds.

Refer to "Updating Listener Settings" for the complete procedure on updating Listener settings using WLST.

Note:

You can also use Oracle Enterprise Manager Fusion Middleware Control to set this parameter for the LDAP Listener. Refer to the Read Timeout parameter described in "Creating LDAP Listeners" for more information.

Controlling Orphan Server Connections:

You can use the vde.soTimeoutBackend Java Virtual Machine parameter located in the ORACLE_INSTANCE/config/OPMN/opmn/opmn.xml file to control orphan server connections.

To set the vde.soTimeoutBackend parameter, edit opmn.xml and then restart Oracle Virtual Directory.

Note:

You must specify the soTimeoutBackend parameter value in seconds.

The following is an example of the vde.soTimeoutBackend parameter set in the opmn.xml file:

<ias-component id="OVD_COMPONENT_NAME">
            <process-type id="OVD" module-id="OVD">
               <module-data>
                  <category id="start-options">
                     <data id="java-options" value="-server -Xms512m -Xmx512m                               
-Doracle.security.jps.config=$ORACLE_INSTANCE/config/JPS/jps-config-jse.xml 
-Dvde.soTimeoutBackend=120"/>
                     <data id="java-classpath" value="$ORACLE_
HOME/ovd/jlib/vde.jar$:$ORACLE_HOME/jdbc/lib/ojdbc6.jar"/>
                  </category>
               </module-data>
               <stop timeout="120"/>
            </process-type>
         </ias-component>

9.6 Managing Oracle Virtual Directory Libraries Using Oracle Directory Services Manager

This section describes how to manage libraries used for Oracle Virtual Directory plug-ins and Join View Adapters. It contains the following sections:

9.6.1 Viewing Oracle Virtual Directory Server Libraries

Perform the following steps to view the libraries, including plug-ins and Join View adapters, that reside on the Oracle Virtual Directory server:

  1. Log in to Oracle Directory Services Manager.

  2. Select Advanced from the task selection bar. The Advanced navigation tree appears.

  3. Expand the Libraries entry in the Advanced tree. A list of the library files that reside on the Oracle Virtual Directory server appears in the Libraries entry of the Advanced tree.

9.6.2 Loading Libraries into the Oracle Virtual Directory Server

Perform the following steps to load libraries into Oracle Virtual Directory using Oracle Directory Services Manager:

  1. Log in to Oracle Directory Services Manager.

  2. Select Advanced from the task selection bar. The Advanced navigation tree appears.

  3. Expand the Libraries entry in the Advanced tree.

  4. Click the Upload New Library button at the top of the Advanced tree. The Upload New Library dialog box appears.

  5. Enter the path to the library you want to load into Oracle Virtual Directory or click Browse, navigate to the library and select it. Click OK on the Upload New Library dialog box to load the library into Oracle Virtual Directory. The library appears in the Libraries entry of the Advanced tree.

9.7 Copying Configuration Files Between Oracle Virtual Directory Servers Using syncovdconfig

The syncovdconfig command enables you to copy the following Oracle Virtual Directory configuration files between multiple Oracle Virtual Directory components:

Using this command helps you avoid performing the same configuration steps (such as creating adapters) on a second Oracle Virtual Directory server.

The syncovdconfig command does not copy the content of the Local Store Adapter; it only duplicates your Oracle Virtual Directory configuration.

Note:

You can use the oidcmprec tool to copy the data inside the Local Store Adapter to a second server, but doing so is a one-time operation. The oidcmprec tool cannot keep the Local Store Adapter's content in-sync, so you must call it whenever the Local Store Adapter content gets modified.

With Enterprise User Security (EUS), the content of the Local Store Adapter gets modified only when

  • You register or remove a new database using DBCA

  • You perform any EUS configuration tasks from ESM or EM

Though oidcmprec supports synchronization, it is not a frequent operation. Consequently, Oracle recommends using the oidcmprec tool to synchronize with the second Oracle Virtual Directory server every time you use DBCA.

For more detailed information about the oidcmprec tool, including synchronization limitations, refer to Section 2.4.1, "Migrating Local Store Adapter Data."

The syncovdconfig command (.pl for UNIX/Linux and.bat for Windows) is located in the $ORACLE_HOME/ovd/bin/ directory.

Notes:

  • You will be prompted for the passwords for both the source and destination users.

  • You must set the $ORACLE_HOME variable before using the syncovdconfig command.

The following example shows the syntax for syncovdconfig:

syncovdconfig -srcHost source_host_name -srcPort source_port_number
-srcUserName source_user_name -dstHost destination_host_name
-dstPort destination_port_number -dstUserName destination_user_name
-configFile name_of_configuration_file -adapterName name_of_adapter
-isSrcAdminSSL [true |false] -isDstAdminSSL [true |false]

9.7.1 Options

The following is a list of the options for syncovdconfig:

srcHost

Required. String format. The host name of the source Oracle Virtual Directory server—that is, the Oracle Virtual Directory server that contains the configuration files you want to copy to a different Oracle Virtual Directory server.

srcPort

Required. Integer format. The listening port number of the source Oracle Virtual Directory server—that is, the Oracle Virtual Directory server that contains the configuration files you want to copy to a different Oracle Virtual Directory server.

srcUserName

Optional. String format. The user who has Oracle Directory Services Manager Administrator access to the source Oracle Virtual Directory server—that is, the Oracle Virtual Directory server that contains the configuration files you want to copy to a different Oracle Virtual Directory server. If the srcUserName option is not specified, the default value of cn=orcladmin is used.

dstHost

Required. String format. The host name of the destination Oracle Virtual Directory server—that is, the Oracle Virtual Directory server where you want to copy the configuration files to.

dstPort

Required. Integer format. The listening port number of the destination Oracle Virtual Directory server—that is, the Oracle Virtual Directory server where you want to copy the configuration files to.

dstUserName

Optional. String format. The user with Oracle Directory Services Manager Administrator access to the destination Oracle Virtual Directory server—that is, the Oracle Virtual Directory server where you want to copy the configuration files to. If the dstUserName option is not specified, the default value of cn=orcladmin is used.

configFile

Optional. String format. The name of the configuration file on the source Oracle Virtual Directory server to copy to the destination Oracle Virtual Directory server. You can use the configFile option multiple times in the same command to copy multiple configuration files.

If you do not include the configFile option, the server.os_xml, adapters.os_xml, acls.os_xml, and schema.user.xml files on the source Oracle Virtual Directory server are copied to the destination Oracle Virtual Directory server.

adapterName

Optional. String format. The name of the adapter on the source Oracle Virtual Directory server to copy to the destination Oracle Virtual Directory server. You can use the adapterName option multiple times in the same command to copy multiple adapters.

If you do not include the adapterName option—but you include the configFile option and specify an adapters.os.xml file, you overwrite the adapters.os.xml file on the destination Oracle Virtual Directory server.

Surround adapter names that contain space characters with quotation marks ("). For example:

ORACLE_HOME/ovd/bin/syncovdconfig.pl -srcHost sales.west.com -srcPort 8888 \
-dstHost sales.east.com -dstPort 8899 -configFile adapters.os_xml \
-adapterName "Sales Organizations"
isSrcAdminSSL

Optional. Boolean format. Indicates whether the administrative Listener on the source Oracle Virtual Directory component is SSL enabled. Supported values are true and false. If the isSrcAdminSSL option is not specified, the default value of true is used.

isDstAdminSSL

Optional. Boolean format. Indicates whether the administrative Listener on the destination Oracle Virtual Directory component is SSL enabled. Supported values are true and false. If the isDstAdminSSL option is not specified, the default value of true is used.

9.7.2 Examples

The following are examples of the syncovdconfig command:

  • To synchronize the server.os_xml, adapters.os_xml, acls.os_xml, and schema.user.xml files between two Oracle Virtual Directory components:

    ORACLE_HOME/ovd/bin/syncovdconfig.pl –srcHost  sales.west.com –srcPort 8899 \
    –srcUserName cn=orcladmin  –dstHost sales.west.com –dstPort 8888 –dstUserName \
    cn=orcladmin  -isSrcAdminSSl true –isDstAdminSSL false
    
  • To synchronize only the server.os_xml file between two Oracle Virtual Directory components:

    ORACLE_HOME/ovd/bin/syncovdconfig.pl –srcHost  sales.west.com –srcPort 8899 \
    –srcUserName cn=orcladmin –dstHost sales.west.com –dstPort 8888 \
    –dstUserName cn=orcladmin -configFile server.os_xml
    
  • To synchronize multiple files between two Oracle Virtual Directory components:

    ORACLE_HOME/ovd/bin/syncovdconfig.pl –srcHost  sales.west.com –srcPort 8899 \
    –srcUserName cn=orcladmin –dstHost sales.west.com –dstPort 8888 \
    –dstUserName cn=orcladmin -configFile server.os_xml –configFile adapters.os_xml
    
  • To synchronize a specific adapter between two Oracle Virtual Directory components:

    ORACLE_HOME/ovd/bin/syncovdconfig.pl –srcHost  sales.west.com –srcPort 8899 \
    –srcUserName cn=orcladmin –dstHost sales.west.com –dstPort 8888 \
    –dstUserName cn=orcladmin -configFile server.os_xml \
    -configFile adapters.os_xml –adapterName Sales