Oracle Internet Directory Administrator's Guide Release 2.0.6 A77230-01 |
|
This appendix briefly lists different schema elements supported in the Oracle Internet Directory. Most of these elements are used as defined by the ldapext and ASID working groups of the Internet Engineering Task Force.
This appendix covers topics in the following sections:
Oracle Internet Directory enforces the following Requests for Comments (RFCs) of the Internet Engineering Task Force (IETF):
RFC 2256 |
A Summary of the X.500(96) User Schema for use with LDAPv3 |
URL: |
http://www.ietf.org/rfc/rfc2256.txt |
RFC 2079 |
Definition of an X.500 Attribute Type and an Object Class to Hold Uniform Resource Identifiers (URIs) |
URL: |
http://www.ietf.org/rfc/rfc2079.txt |
RFC 2247 |
Using Domains in LDAP/X.500 Distinguished Names |
URL: |
http://www.ietf.org/rfc/rfc2247.txt |
RFC 2252 |
Lightweight Directory Access Protocol (v3): Attribute Syntax Definitions |
URL: |
http://www.ietf.org/rfc/rfc2252.txt |
Oracle Internet Directory enforces the following two drafts of the IETF:
Draft: |
"Definition of the inetOrgPerson LDAP Object Class" |
URL: |
http://ietf.org/internet-drafts/draft-smith-ldap-inetorgperson-03.txt |
Draft: |
"Referrals and Knowledge References in LDAP Directories" |
URL: |
http://www.ietf.org/internet-drafts/draft-ietf-ldapext-referral-00.txt |
Oracle Internet Directory's proprietary schema includes attributes and object classes in the following categories:
In addition, Oracle Internet Directory installation includes schema elements that enable specific Oracle products to use Oracle Internet Directory. For information about these schema elements, see the documentation for the specific Oracle product.
Attributes |
orclEntryLevelACI, orclACI |
Object Class |
orclPrivilegeGroup |
Attributes |
orclsslAuthentication, orclsslEnable, 'orclsslWalletURL, orclsslWalletPasswd, orclsslPort, orclsslVersion |
Attributes |
orclServerEvent, orcleventtype, orclauditattribute, orclauditmessage, orcleventtime, orcluserdn, orclSequence, orclAuditLevel, orclOpResult |
Object class |
OrclAuditOC |
Table F-1 lists and describes the entire set of configuration set entry attributes that are used to configure an instance of a directory server.
Parameter | Description |
---|---|
orcldebuglevel |
Debug level associated with this instance of the server. The default for configset0 is 0. The range is 0 to 65535. See Also: "Setting Debug Logging Levels by Using the OID Control Utility" for information on debug levels. |
orclmaxcc |
Maximum number of concurrent database connections. The default for configset0 is 10. You cannot use a negative value for this attribute. |
orclserverprocs |
Number of server processes to start. The default for configset0 is 1. You cannot use a negative value for this attribute. |
orclsslport |
SSL mode default port (default 636). When you run the directory in the secure mode, it listens at default port 636 and accepts only SSL-based TCP/IP connections. (When you run the directory in the normal mode, it listens at default port 389, accepting normal TCP/IP connections.) You might want to change this port when you add multiple LDAP server instances. |
orclsslenable |
Flag for toggling SSL on and off. You would want to toggle this flag when you use different instances of the same server for either SSL or non-SSL. You may use either of the following two values: The default is 0. |
orclsslauthentication |
Flag, with values of 1, 32, or 64, for specifying the type of authentication you elect to use for each instance of the Oracle Directory Server. The default value, 1, specifies no authentication. You can run different values concurrently for different instances. Values of one-way and two-way authentication require wallets. You may use one of the following three values: |
orclsslwalleturl |
Sets the location of the Oracle wallet. You initially set this value when you create the wallet. If you elect to change the location of the Oracle wallet, you must change this parameter. You must set the wallet location on both the client and the server. For example, on Solaris, you could set this parameter as follows: orclsslwalleturl=file:/Home/my_dir/my_wallet On Windows NT, you could set this parameter as follows: file:C:\my_dir\my_wallet For information on setting the location of the Oracle Wallet and the Oracle Wallet password, see Appendix D. |
orclsslwalletpasswd |
Password used by the server to open its wallet. You initially set this value when you create the wallet. If you elect to change the wallet password, you must change this parameter. You must set the wallet password on both the client and the server. |
orclsslversion |
SSL version. The default is 3. |
Syntax defines the type of values that an attribute can hold. Oracle Internet Directory recognizes most of the syntax specified in RFC 2252, that is, it allows you to associate most of the syntax described in that document with an attribute. In addition to recognizing most LDAP syntax, Oracle Internet Directory enforces some LDAP syntax.
This section covers topics in the following subsections:
Oracle Internet Directory enforces LDAP syntax for the following:
The following LDAP syntax is more commonly used:
In addition to the commonly used LDAP syntax defined above, Oracle Internet Directory recognizes LDAP syntax for the following:
Syntax does not put any specific size constraint on attribute values. You can, however, use syntax to specify the size of the attribute value. Oracle Internet Directory does not enforce the 'len' characteristics on the attribute.
For example, to limit an attribute foo to a size of 64, you would define the attribute as follows:
(object_identifier_of_attribute NAME 'foo' EQUALITY caseIgnoreMatch SYNTAX 'object_identifier_of_syntax{64}')
Oracle Internet Directory recognizes the following matching rules definitions in the schema.
Of the matching rules in the above list, Oracle Internet Directory actually enforces the following when it compares attribute values:
DistinguishedNameMatch |
caseExactMatch |
caseIgnoreMatch |
numericStringMatch |
IntegerMatch |
telephoneNumberMatch |
|
Copyright © 1999 Oracle Corporation. All Rights Reserved. |
|