Release 2.0.6
A77230-01
 Library |
 Product |
 Contents |
 Index |
| Oracle Internet Directory Administrator's Guide Release 2.0.6 A77230-01 |
|
This chapter introduces the various administration tools of Oracle Internet Directory. It discusses the online administration tool, called Oracle Directory Manager, and tells you how to launch it, navigate through it, and connect to directory servers by using it. It also introduces the command line and bulk tools.
This chapter discusses these topics in the following sections:
This section describes some of the basic features of Oracle Directory Manager. More specific instructions are found in sections explaining how to perform various tasks.
This section discusses the following tasks and features of Oracle Directory Manager:
Before you can launch Oracle Directory Manager, you must first have a directory server instance running.
If you do not already have a server instance running, follow the steps in Chapter 3 before attempting to start Oracle Directory Manager.
|
See Also:
"Oracle Internet Directory Architecture" for a conceptual explanation of Oracle Directory Server instances |
To start Oracle Directory Manager, follow the instructions for your platform:
| Platform | Instructions |
|---|---|
|
Windows NT or Windows 95 |
You can either: |
|
Sun Solaris |
|
When you start Oracle Directory Manager for the first time, an alert tells you that you must connect to a server. Click OK.
The default port is 389. You can change the port if you wish. However, if you have an Oracle Directory Server running on a non-default port, be sure that any clients that will use it are informed of the correct port to use. Click OK. The Oracle Directory Manager Connect dialog box appears:
Table 4-1 Credential Information
| Field | Description |
|---|---|
|
User |
The first time you log in, do so either as the super user or anonymously. If you intend to configure SSL features during this session, login as the super user.
If you are logging in as the super user, in the User box, type If you are logging in anonymously, leave the User box empty. If you have already set up the user's entry by using LDAP command line tools, you can enter that user's entry in one of two ways: |
|
Password |
If you are logging in as the super user and you specified a password for the super user during installation, in the Password box, type the password you specified. Otherwise, type the default password, namely, After you are logged into Oracle Directory Manager and have connected to a directory server, you should change this password to protect the directory. For instructions on how to do this, see "Managing Super, Guest, and Proxy Users". |
|
Server |
Select the host containing the directory server to which you want to connect by selecting it from the Server list. If you are already connected to a directory server, and you want to connect to a directory server on a different host, click the button to the right of the Server field. A dialog box presents you with a list of available servers. Select the one you want and click OK. If you want to add a directory server, click Add. The Directory Server Connection dialog box appears. Type the name of the directory server you want to add, then click OK. |
|
Port |
The default port (389) appears in this field. If there is more than one directory server instance on the same host, each directory server instance has a different port. |
|
SSL Enabled |
You can connect to a directory server either with or without SSL. If you connect by using Secure Sockets Layer (SSL), then Oracle Directory Manager becomes an SSL client. All commands you issue through Oracle Directory Manager are then sent over SSL. You can connect in this way if both of the following two conditions are met:
Selecting this check box causes all messages you issue by using Oracle Directory Manager to be sent over SSL. |
|
See Also:
|
Like the directory itself, the navigator pane (left side of the double window interface) has a tree-like structure. When Oracle Directory Manager first opens, the navigator pane shows only one tree item, "Oracle Internet Directory Servers." By clicking the plus sign(+) next to the tree item, subcomponents of that tree item appear. Tree items that have plus signs in front of them may have their own sub-tree items. The plus sign becomes a minus sign (-) when the entry is expanded. You can expand and contract the tree by clicking the plus signs and minus signs.
For example, if you click the plus sign next to Oracle Internet Directory Servers in the opening window navigator pane, the tree expands to show the connection information for the server to which you are connected:
By clicking the plus sign (+) next to the server information, you make a number of other choices appear in the navigator pane.
You can navigate around Oracle Directory Manager using one or a combination of the following options.
Table 4-3 lists the menus you can access by using the menu bar, and describes the items in each menu. Menu items become enabled or disabled depending on the pane or tab page you are displaying in Oracle Directory Manager.
| Menu | Menu Items |
|---|---|
|
File |
Create Like--Adds a new object by using the object selected in the navigator pane as a template Connect--Connects to a directory server selected in the navigator pane Disconnect--Disconnects from a directory server selected in the navigator pane Exit--Exits Oracle Directory Manager |
|
Edit |
Remove--Removes a selected object |
|
View |
Refresh--Updates data stored in memory to reflect changes in the database Tear-Off--Generates a secondary dialog containing the fields and values displayed in Oracle Directory Manager's right pane. Useful when comparing two pieces of information. |
|
Operations |
Create Object Class--Displays the New Object Class dialog box which you use to add a new object class Create Attribute--Displays the New Attribute Type dialog box that you use to add a new attribute to an entry Create Access Ctrl Point--Displays the New Access Control Point dialog box which you use to add a new Access Control Policy Point. For information on ACPs, see Chapter 9. Create Entry--Displays the New Entry dialog box which you use to add a new directory entry Configure Entry Management--Displays a dialog box with fields to set the maximum number of subentries and the maximum search time for entry management. |
|
Help |
Contents--Displays the Contents tab page of the Help navigator Search for Help On...--Displays the Help Search dialog box which you use to search for words in the online help guide About Oracle Internet Directory--Displays Oracle Internet Directory version information |
Figure 4-2 and the accompanying table illustrate and describe the Oracle Internet Directory toolbar. Buttons become enabled or disabled depending on the pane or tab page you are displaying in Oracle Directory Manager.
You can connect to more than one directory server at the same time. This allows you to view and modify the data, schema, and security for each directory server. If you do this, each server is listed underneath Oracle Internet Directory Servers in the navigator pane.
To connect to an additional directory server:
To disconnect from a directory server by using Oracle Directory Manager, choose File > Disconnect. Also, when you exit Oracle Directory Manager, connections between all directory servers and the directory are automatically disconnected.
All connection information is stored in the user's home directory in the file osdadmin.ini. For example, on a Solaris platform, the path name would be /$HOME/adsadmin.ini.
When you restart Oracle Directory Manager, all previously connected server connections appear in the Directory Server Login Window.
You can perform most of the Oracle Internet Directory administrative tasks through Oracle Directory Manager. Tasks that you cannot perform through Oracle Directory Manager involve running processes, such as starting and stopping the OID Monitor (oidmon) process and starting and stopping server instances. To perform tasks that you cannot perform with Oracle Directory Manager, use the appropriate LDAP command line tool.
The following table lists the task areas managed by Oracle Directory Manager and where to find instructions for using it in each area.
| Task Area | Instructions |
|---|---|
|
Schema administration |
|
|
Entries management |
|
|
ACP administration |
|
|
Partitioning and replication |
Oracle Internet Directory provides several command line tools for manipulating entries and attributes. This section explains the kind of task you can perform with each tool.
The command line tools act on entries that are in text files written in the LDAP Data Interchange Format (LDIF). An entry in the input file lists the DN, its attribute types (there may be many), and their values, with one attribute type per line.
The following table lists each command line tool, the task(s) you can perform with it, and where to find syntax and usage notes for it.
|
See Also:
|
Bulk tools enable you to create and manage large numbers of directory entries from data residing in, or created by, other applications.
|
Important Note:
To use these tools you must provide the Oracle Internet Directory password. The default password is See Also: "Using the OID Database Password Utility" |
The following table lists each bulk tool, the task(s) you can perform with it, and where to find syntax and usage notes for it.
OID Control Utility is a command line tool for issuing run-server and stop-server commands. The commands are interpreted and executed by the OID Monitor process.
|
See Also:
|
Oracle Internet Directory uses indexes to make attributes available for searches. When Oracle Internet Directory is installed, the entry cn=catalogs lists available attributes that can be used in a search. Only those attributes that have an equality matching rule can be indexed.
If you want to use additional attributes in search filters, you must add them to the catalog entry by using the Catalog Management tool.
The Oracle Internet Directory uses a password when connecting to an Oracle database. The default for this password when you install Oracle Internet Directory is ODS. You can change this password by using the OID Database Password Utility.
Oracle Internet Directory administration tasks are described throughout this manual. Table 4-4 points you to the information you need for some of the more common tasks.
| Task | Information |
|---|---|
|
Managing Attributes |
|
|
Add, modify, or delete an attribute by using command line tools |
|
|
Add, modify, or delete an attribute by using the Oracle Directory Manager |
|
|
Managing Entries |
|
|
Add, modify, or delete a directory entry by using command line tools |
|
|
Add, modify, or delete a directory entry by using Oracle Directory Manager |
|
|
Import bulk data files |
|
|
View Directory Information Tree (DIT) hierarchy of entries |
|
|
Managing Object Classes |
|
|
Add, modify, or delete object classes by using command line tools |
|
|
Add, modify, or delete object classes by using Oracle Directory Manager |
|
|
Managing Security |
|
|
Set up an Access Control Policy Point (ACP) |
|
|
Set up security |
|
|
Managing Servers |
|
|
Configure server instance parameters by using command line tools |
"Managing Server Configuration Set Entries by Using Command Line Tools" |
|
Configure server instance parameters by using the Oracle Directory Manager |
"Managing Server Configuration Set Entries by Using Oracle Directory Manager" |
|
Connect to a directory by using Oracle Directory Manager |
|
|
Run the directory server processes |
|
|
Stop the directory server processes |
|
|
View system operational attributes |
|
|
Managing Replication |
|
|
Set up replication |
|
 Copyright © 1999 Oracle Corporation. All Rights Reserved. |
|
