Skip Headers
Oracle® Fusion Middleware Administrator's Guide for Oracle Unified Directory
11g Release 2 (11.1.2)

Part Number E22648-02
Go to Documentation Home
Go to Table of Contents
Go to Feedback page
Contact Us

Go to previous page
Go to next page
PDF · Mobi · ePub

What's New in This Guide?

This preface introduces the new and changed features of Oracle Unified Directory and Oracle Directory Services Manager (ODSM) since the previous release, and provides pointers to additional information. The information includes the following sections:

What's New in Oracle Unified Directory 11g Release 2 (11.1.2)

This section provides a concise summary of the new features in this release of Oracle Unified Directory, and covers the following topics:

Support for Deterministic Identity Mapper Evaluation Order

It is imperative to define the order in which identity mappers are evaluated in the network group to avoid conflicts. You can now define priorities for the conflicting identity mappers.

See Section 11.6, "Ordering Identity Mappers."

Support for LDAP Referrals

When a server is unable to handle a client's request, it sends a list of referrals to the client, which point the client to other servers in the topology. The client then performs the operation again on one of the remote servers in the referral list.

See Section 16.13, "Configuring Referrals."

New Bind Mode Parameters

You can now configure proxy LDAP workflow elements with two additional parameters, such as the never-bind parameter, use-proxy-auth parameter, and the include and exclude lists to tweak the behavior of the server.

See Section 14.1.2, "Configuring the Bind Mode."

Support for Microsoft Active Directory Paging

Oracle Unified Directory now supports Active Directory range retrieval by providing support for Microsoft Active Directory paging.

See Section 14.1.7, "Configuring Microsoft Active Directory Paging."

Support for the Criticality Flag

Oracle Unified Directory now implements criticality configuration, which permits the Oracle Unified Directory proxy server to return partial data to a client if a search operation fails, due to a host error.

See Section, "Configuring Criticality."

Support for Oracle's Enterprise User Security (EUS)

Integrating Oracle Unified Directory with EUS enables you to store user identities in Oracle Unified Directory for Oracle Database authentication.

In this release, support for EUS is limited to password authentication (certificate authentication and integration with Kerberos are not supported at this stage).

See Chapter 24, "Integrating With Oracle's Enterprise User Security."

Identity Store Support for Fusion Applications

Oracle Unified Directory can be configured to function as an identity store for Oracle Fusion Applications, either during setup, or later by using the dsconfig command or Oracle Directory Services Manager (ODSM).

See Section 16.15, "Using Oracle Unified Directory as a Data Store for Fusion Applications."

Enhanced Support for Social Networking Applications

Social networking applications are now supported with two new controls, the Join control and the Proximity control.

See Section, "Searching Using the Join Search Control" and Section, "Searching Using the Proximity Search Control."

Improved CLI for Configuring External ChangeLog

The External Change Log (ECL) functionality allows you to publish all changes that have occurred in a directory server database and is particularly useful for synchronizing the LDAP directory with other subsystems.

You now have a user-friendly CLI to configure external changelog using the dsreplication command.

See Section 25.5, "Using the External Change Log."

Support for Test to Production Environments

You can now install, configure, customize, and validate Oracle Unified Directory in a test environment. Once the system performs as expected, you can create the production environment by moving a copy of the server and its configuration from the test environment, instead of redoing all the changes that were incorporated into the test environment.

See Chapter 27, "Moving From a Test to a Production Environment."

Suppressing Password Display on CLI

Some commands had an option where the password was provided in a clear text format on the CLI. This resulted in security exposure, because one could retrieve the password using the ps command on a UNIX machine.

The clear text format is deprecated now and the commands are modified to use the file-based option to store the password by introducing the following option:

-j, --bindPasswordFile

See Appendix A, "Oracle Unified Directory Command Line Interface."

Ability to Encrypt the ADS Trust Store Pin

Oracle Unified Directory allows you to configure ADS trust store pin to determine whether to trust a certificate that is presented to it.

See Section 19.3, "Configuring Trust Manager Providers."

What's New in Oracle Directory Services Manager 11g Release 2 (11.1.2)

This section provides a concise summary of the new features in this release of Oracle Directory Services Manager (ODSM), and covers the following topics:

Suffix Configuration for EUS

ODSM enables you to create and configure suffixes to work with Oracle Enterprise User Security (EUS).

See Section 13.2.3, "Configuring Suffixes With ODSM."

Fusion Applications Configuration

ODSM enables you to create suffixes that can be configured to work with Fusion Applications.

See Section 16.15.2, "To Enable Fusion Applications by Using ODSM."

New User Interface to Configure Root Users

ODSM now provides a new user interface (UI) to configure root users.

See Section 18.2.2, "Configuring Root Users by Using ODSM."

Key Manager and Trust Manager Configuration

You can now configure key manager providers and trust manager providers by using ODSM.

See Section 19.2.6, "Configuring Key Managers With ODSM" and Section 19.3.5, "Configuring Trust Managers With ODSM".

Auto-Suggest Feature

ODSM now implements an auto-suggest feature in different tabs that helps streamline configuration and operations.

See Section 16.14, "Managing Data With Oracle Directory Services Manager."

Support for Dynamic Groups

OSDM now enables you to create dynamic groups whose membership is determined by search criteria using an LDAP URL.

See Section 18.3.2, "Defining Dynamic Groups."

Support for Virtual Static Groups

ODSM enables you to create virtual static groups, where each entry behaves like a static group entry by using virtual attributes.

See Section 18.3.4, "Defining Nested Groups."

Simplified Tree Structure of the Configuration Tab

The default view of the configuration tree in the Configuration tab has been simplified to provide a user-friendly view of the naming context (or suffix) configuration. In addition, presence of a contextual menu to launch all the relevant operations for a selected node simplifies user interaction.

See Section 13.2, "Managing the Server Configuration With Oracle Directory Services Manager."