Oracle Internet Directory Administrator's Guide
Release 3.0.1
Part Number A90151-01
Go To Documentation Library
Home		 Go To Product List
Book List		 Go To Index
Index
Master Index
Feedback

Go to next page

Contents

Title and Copyright Information

Send Us Your Comments

Preface

What's New in Oracle Internet Directory?

Part I Getting Started

1 Introduction

What Is a Directory?
The Expanding Role of Online Directories
The Problem: Too Many Special Purpose Directories
What Is LDAP?
LDAP and Simplified Directory Management
LDAP Version 3
What Is Oracle Internet Directory?
Oracle Internet Directory Architecture
Oracle Internet Directory Components
The Advantages of Oracle Internet Directory
Scalability
High Availability
Security

2 Concepts and Architecture

Entries
Attributes
Kinds of Attribute Information
Single-Valued and Multivalued Attributes
Common LDAP Attributes
Attribute Syntax
Attribute Matching Rules
Attribute Options
Object Classes
Subclasses, Superclasses, and Inheritance
Object Class Types
Abstract Object Classes
Structural Object Classes
Auxiliary Object Classes
Naming Contexts
The Directory Schema
Security
Globalization Support
Oracle Internet Directory Architecture
An Oracle Internet Directory Node
An Oracle Directory Server Instance
Configuration Set Entries
Example: How Oracle Internet Directory Works
Distributed Directories
Replication
Partitioning
About Knowledge References (Referrals)
Kinds of Knowledge References
The Delegated Administration Service
The Oracle Directory Integration Platform
About Metadirectories
About the Oracle Directory Integration Platform Environment

3 General Deployment Considerations

The Expanding Role of Directories
Logical Organization Of Directory Information
Directory Entry Naming
DIT Hierarchy and Structure
Physical Distribution: Partitions and Replicas
An Ideal Deployment
Partitioning Considerations
Replication Considerations
Failover Considerations
About Capacity Planning, Sizing, and Tuning
Capacity Planning
Sizing Considerations
Tuning Considerations
Running Multiple Installations of Oracle Internet Directory on One Host

4 Preliminary Tasks

Task 1: Start the OID Monitor
Starting the OID Monitor
Stopping the OID Monitor
Task 2: Start a Server Instance
Starting an Oracle Directory Server Instance
Stopping an Oracle Directory Server Instance
Starting an Oracle Directory Replication Server Instance
Stopping an Oracle Directory Replication Server Instance
Restarting Directory Server Instances
Troubleshooting Directory Server Instance Startup
Task 3: Reset the Default Security Configuration
Task 4: Reset the Default Password for the Database

5 Using the Administration Tools

Using Oracle Directory Manager
Starting Oracle Directory Manager
Connecting to a Directory Server
Navigating Oracle Directory Manager
Overview of Oracle Directory Manager
The Oracle Directory Manager Menu Bar
The Oracle Directory Manager Toolbar
Connecting to Additional Directory Servers
Disconnecting from a Directory Server
Performing Administration Tasks by Using Oracle Directory Manager
Using Command-Line Tools
Using Bulk Tools
Using OID Control Utility
Using the Catalog Management Tool
Using the OID Database Password Utility
Using the Replication Tools
Using the OID Database Statistics Collection Tool
Administration Tasks at a Glance

Part II Basic Directory Administration

6 Managing the Oracle Directory Server

Managing Server Configuration Set Entries
Preliminary Considerations for Managing Configuration Set Entries
Managing Server Configuration Set Entries by Using Oracle Directory Manager
Viewing Configuration Set Entries by Using Oracle Directory Manager
Adding Configuration Set Entries by Using Oracle Directory Manager
Modifying Configuration Set Entries by Using Oracle Directory Manager
Deleting Configuration Set Entries by Using Oracle Directory Manager
Managing Server Configuration Set Entries by Using Command-Line Tools
Adding Configuration Set Entries by Using ldapadd
Modifying and Deleting Configuration Set Entries by Using ldapmodify
Setting System Operational Attributes
Setting System Operational Attributes by Using Oracle Directory Manager
Setting System Operational Attributes by Using ldapmodify
Managing Naming Contexts
Publishing Naming Contexts by Using Oracle Directory Manager
Publishing Naming Contexts by Using ldapmodify
Managing Passwords
Managing Password Policies
Setting Password Policies by Using Oracle Directory Manager
Setting Password Policies by Using Command-Line Tools
Managing Password Protection
Managing Password Protection by Using Oracle Directory Manager
Managing Password Protection by Using ldapmodify
Managing Super Users, Guest Users, and Proxy Users
Managing Super, Guest, and Proxy Users by Using Oracle Directory Manager
Managing Super, Guest, and Proxy Users by Using ldapmodify
Configuring Searches
Configuring Searches by Using Oracle Directory Manager
Setting the Maximum Number of Entries Returned in Searches by Using Oracle Directory Manager
Setting the Maximum Amount of Time For Searches by Using Oracle Directory Manager
Configuring Searches by Using ldapmodify
Setting Debug Logging Levels
Setting Debug Logging Levels by Using Oracle Directory Manager
Setting Debug Logging Levels by Using the OID Control Utility
Using Audit Log
Structure of Audit Log Entries
Position of Audit Log Entries in the DIT
Auditable Events
Setting the Audit Level
Setting the Audit Level by Using Oracle Directory Manager
Setting the Audit Level by Using ldapmodify
Searching for Audit Log Entries
Searching for Audit Log Entries by Using Oracle Directory Manager
Searching for Audit Log Entries by Using ldapsearch
Purging the Audit Log
Viewing Active Server Instance Information
Changing the Password to an Oracle Database Server

7 Managing the Directory Schema

About the Directory Schema
About Object Class Management
Guidelines for Adding Object Classes
Guidelines for Modifying Object Classes
Guidelines for Deleting Object Classes
Managing Object Classes by Using Oracle Directory Manager
Searching for Object Classes by Using Oracle Directory Manager
Viewing Properties of Object Classes by Using Oracle Directory Manager
Adding Object Classes by Using Oracle Directory Manager
Modifying Object Classes by Using Oracle Directory Manager
Deleting Object Classes by Using Oracle Directory Manager
Managing Object Classes by Using Command-Line Tools
Example: Adding a New Object Class
Example: Adding a New Attribute to an Auxiliary or User-Defined Object Class
About Attribute Management
Rules for Adding Attributes
Rules for Modifying Attributes
Rules for Deleting Attributes
Managing Attributes by Using Oracle Directory Manager
Viewing All Directory Attributes by Using Oracle Directory Manager
Searching for Attributes by Using Oracle Directory Manager
Adding an Attribute by Using Oracle Directory Manager
Adding a New Attribute by Using Oracle Directory Manager
Creating a New Attribute from an Existing One by Using Oracle Directory
Manager
Modifying an Attribute by Using Oracle Directory Manager
Deleting an Attribute by Using Oracle Directory Manager
Indexing an Attribute by Using Oracle Directory Manager
Viewing Indexed Attributes by Using Oracle Directory Manager
Adding an Index to an Attribute by Using Oracle Directory Manager
Dropping an Index from an Attribute by Using Oracle Directory Manager
Managing Attributes by Using Command-Line Tools
Adding and Modifying Attributes by Using ldapmodify
Indexing an Attribute by Using Command-Line Tools
Indexing an Attribute for Which No Data Exists by Using ldapmodify
Indexing an Attribute for Which Data Exists by Using the Catalog Management
Tool
Viewing Matching Rules
Viewing Matching Rules by Using Oracle Directory Manager
Viewing Matching Rules by Using ldapsearch
Viewing Syntaxes
Viewing Syntaxes by Using Oracle Directory Manager
Viewing Syntaxes by Using by Using ldapsearch

8 Managing Directory Entries

Managing Entries by Using Oracle Directory Manager
Searching for Entries by Using Oracle Directory Manager
Searching for Audit Log Entries by Using Oracle Directory Manager
Viewing Attributes for a Specific Entry by Using Oracle Directory Manager
Adding Entries by Using Oracle Directory Manager
Adding a New Entry by Using Oracle Directory Manager
Adding an Entry by Copying an Existing Entry in Oracle Directory Manager
Example: Adding a User Entry by Using Oracle Directory Manager
Adding Group Entries by Using Oracle Directory Manager
Modifying Entries by Using Oracle Directory Manager
Example: Modifying a User Entry by Using Oracle Directory Manager
Managing Entries with Attribute Options by Using Oracle Directory Manager
Adding an Attribute Option to an Existing Entry by Using Oracle Directory
Manager
Modifying an Attribute Option by Using Oracle Directory Manager
Deleting an Attribute Option by Using Oracle Directory Manager
Managing Entries by Using Command-Line Tools
Command-Line Tools for Managing Entries
Example: Adding a User Entry by Using ldapadd
Example: Modifying a User Entry by Using ldapmodify
Managing Entries with Attribute Options by Using Command-Line Tools
Example: Adding an Attribute Option by Using ldapmodify
Example: Deleting an Attribute Option by Using ldapmodify
Example: Searching for Entries with Attribute Options by Using ldapsearch
Managing Entries by Using Bulk Tools
Importing an LDIF File by Using bulkload
Task 1: Back Up the Oracle Server
Task 2: Find Out the Oracle Internet Directory Password
Task 3: Check Input for Schema and Data Consistency Violations
Task 4: Generate the Input Files for SQL*Loader
Task 5: Load the Input Files
If Bulk Loading Fails
Converting Directory Data to LDIF
Modifying a Large Number of Entries
Deleting a Large Number of Entries
Managing Knowledge References (Referrals)
Configuring Smart Knowledge References
Configuring Default Knowledge References

9 Managing Globalization Support in the Directory

The NLS_LANG Environment Variable
Using Globalization Support with LDIF Files
An LDIF file Containing Only ASCII Strings
An LDIF file Containing UTF-8 Encoded Strings
CASE 1: Native Strings (Non-UTF-8)
CASE 2: UTF-8 Strings
CASE 3: BASE64 Encoded UTF-8 Strings
CASE 4: BASE64 Encoded Native Strings
Using Globalization Support with Command-Line Tools
Specifying the -E Argument When Using Each Tool
Examples: Using the -E Argument with Command-Line Tools
Setting NLS_LANG in the Client Environment
Using Globalization Support with Bulk Tools
Using Globalization Support with bulkload
Using Globalization Support with ldifwrite
Using Globalization Support with bulkdelete
Using Globalization Support with bulkmodify

10 Managing the Delegated Administration Service

Concepts and Architecture
Starting and Stopping the Apache Server
Installing and Configuring the Delegated Administration Service
Task 1: Install the Delegated Administration Service
Task 2: Configure the Delegated Administration Service
General Parameters
Parameters for Registering and Resetting Passwords
Parameters for Integrating with Single Sign-On
Task 3: Verify that the Delegated Administration Service Is Running
Step 1: Verify that the Apache Server Is Running
Step 2: Verify that the Delegated Administration Service Is Running

Part III Directory Security

11 About Security in Oracle Internet Directory

Security Features of Oracle Internet Directory
Data Integrity
Data Privacy
Authentication
Anonymous Authentication
Simple Authentication
Secure Sockets Layer (SSL) Authentication
Authentication Through a Middle Tier
Authorization
Password Protection
Password Policies
Directory-Based Application Security

12 Managing Secure Sockets Layer (SSL)

Supported Cipher Suites
SSL Client Scenarios
Configuring SSL Parameters
Configuring SSL Parameters by Using Oracle Directory Manager
Configuring SSL Parameters by Using Command-Line Tools
Issues Specific to This Release of Oracle Internet Directory

13 Managing Directory Access Control

Overview of Access Control Policy Administration
Access Control Management Constructs
Access Control Policy Points (ACPs)
orclACI
orclEntryLevelACI
Privilege Groups
Access Control Information Components
Object: To What Are You Granting Access?
Subject: To Whom Are You Granting Access?
Operations: What Access Are You Granting?
How ACL Evaluation Works
ACL Evaluation Precedence Rules
Assigning More Than One ACI to the Same Object
Granting Exclusionary Access to Objects
ACL Evaluation For Groups
Access Level Requirements for LDAP Operations
Managing Access Control by Using Oracle Directory Manager
Configuring the Display of ACPs in Oracle Directory Manager
Configuring Searches for ACPs When Using Oracle Directory Manager
Viewing an ACP by Using Oracle Directory Manager
Adding an ACP and Creating Access Items by Using Oracle Directory Manager
Adding an ACP by Using the ACP Creation Wizard of Oracle Directory Manager
Specifying Prescriptive Structural Access Items
Specifying Structural Access Items for a Specific Entry
Specifying Prescriptive Content Access Items
Specifying Content Access Items for a Specific Entry
Modifying ACPs and their ACI Directives by Using Oracle Directory Manager
Adding Structural Access Items to an ACP by Using Oracle Directory Manager
Adding Content Access Items to an ACP by Using Oracle Directory Manager
Modifying Structural Access Items of an ACP by Using Oracle Directory
Manager
Modifying Content Access Items of an ACP by Using Oracle Directory Manager
Example: Managing ACPs by Using Oracle Directory Manager
Create a New ACP
Create Another ACI
Create a Third ACI
Create a Fourth ACI
Granting Entry-Level Access by Using Oracle Directory Manager
Managing Access Control by Using Command-Line Tools
Example: Setting Up an Inheritable ACP by Using ldapmodify
Example: Setting Up Entry-Level ACIs by Using ldapmodify
Example: Using Wild Cards
Example: Selecting Entries by DN
Example: Using Attribute and Subject Selectors
Example: Granting Read-Only Access
Example: Granting Selfwrite Access to Group Entries

Part IV Directory Replication

14 About Directory Replication

Directory Replication Groups and Replication Agreements
Oracle9i Replication
Replication Architecture
The Replication Process on the Supplier Side
The Replication Process on the Consumer Side
Change Log Purging
Conflict Resolution in Replication
Levels at Which Replication Conflicts Occur
Entry-Level Conflicts
Attribute-Level Conflicts
Typical Causes of Conflicts
Automated Resolution of Conflicts
The Replication Process
How the Replication Process Adds a New Entry to a Consumer
How the Replication Process Deletes an Entry
How the Replication Process Modifies an Entry
How the Replication Process Modifies a Relative Distinguished Name
How the Replication Process Modifies a Distinguished Name

15 Managing Directory Replication

Installing and Configuring Replication
Task 1: Install Oracle Internet Directory on All Nodes in the DRG
Task 2: Decide Which Node Will Serve as the Oracle9i Replication Master Definition Site (MDS)
Task 3: At the MDS, Set Up Oracle9i Replication for a Directory Replication Group
Prepare the Oracle Net Services Environment for Replication
Configure Oracle9i Replication For Directory Replication
Task 4: Load Data into the Directory
Task 5: Start Oracle Directory Server Instances on All the Nodes
Task 6: Configure Replication
Location of Directory Replication Server Configuration Parameters
Directory Replication Server Parameters
Viewing and Modifying Replication Configuration Parameters by Using Oracle Directory Manager
Modifying Replication Configuration Parameters by Using Command-Line
Tools
Replication Agreement Parameters
Location of Replication Agreement Parameters
Viewing and Modifying Replication Agreement Parameters by Using Oracle Directory Manager
Modifying Replication Agreement Parameters by Using ldapmodify
Task 7: Start the Replication Servers on All the Nodes
Using the Change Log Flag
Using the Multimaster Flag
Adding a Replication Node
Task 1: Stop the Directory Replication Server on All Nodes
Task 2: Configure the New Node into the LDAP Replication Group on All the Existing Nodes
Task 3: Identify a Sponsor Node and Switch the Sponsor Node to Read-Only Mode
Task 4: Backup the Sponsor Node by Using ldifwrite
Task 5: Perform Oracle9i Replication Add Node Setup
Task 6: Switch the Sponsor Node to Updatable Mode
Task 7: Start the Directory Replication Server on All Nodes Except the New Node
Task 8: Load Data into the New Node by Using bulkload
Task 9: Start LDAP Server on the New Node
Task 10: Configure the LDAP Replication Agreement on the New Node
Task 11: Start the Directory Replication Server on the New Node
Deleting a Replication Node
Task 1: Stop the Directory Replication Server on All Nodes
Task 2: Stop All Processes in the Node to be Deleted
Task 3: Delete the Node from the Master Definition Site
Task 4: Start the Directory Replication Server on All Nodes
Task 5: Delete the Node from the Replication Group
Task 6: Restart the Directory Replication Server on the Remaining Nodes
Resolving Conflicts Manually
Monitoring Replication Change Conflicts
Examples of Conflict Resolution Messages
Example 1: An Attempt to Modify a Non-Existent Entry
Example 2: An Attempt to Add an Existing Entry
Example 3: An Attempt to Delete a Non-Existent Entry
Using the Human Intervention Queue Manipulation Tool
Using the OID Reconciliation Tool
Identifying a Node as Independent of Its Host

16 Adding a Node to a DRG by Using the Database Copy Procedure

Assumptions
Sponsor Directory Site Environment
New Directory Site Environment
Tasks To Be Performed on the Sponsor Node
Tasks To Be Performed on the New Node
Verification Process

Part V Directory Deployment

17 Capacity Planning Considerations

About Capacity Planning
Getting to Know Directory Usage Patterns: A Case Study
I/O Subsystem Requirements
About the I/O Subsystem
Rough Estimates of Disk Space Requirements
Detailed Calculations of Disk Space Requirements
Memory Requirements
Network Requirements
CPU Requirements
CPU Configuration
Rough Estimates of CPU Requirements
Detailed Calculations of CPU Requirements
Summary of Capacity Plan for Acme Corporation

18 High Availability And Failover Considerations

About High Availability and Failover for Oracle Internet Directory
Oracle Internet Directory and Oracle9i Technology Stack
Failover Options on Clients
Alternate Server List from User Input
Alternate Server List from the Oracle Internet Directory Server
Failover Options in the Public Network Infrastructure
Hardware-Based Connection Redirection
Software-Based Connection Redirection
Availability and Failover Capabilities in Oracle Internet Directory
Failover Options in the Private Network Infrastructure
IP Address Takeover (IPAT)
Redundant Links
High Availability Deployment Examples

19 Tuning Considerations

About Tuning
Tools for Performance Tuning
CPU Usage Tuning
Tuning CPU for Oracle Internet Directory Processes
Tuning Oracle Internet Directory Processes When CPU Is 100 Percent Utilized
Tuning Oracle Internet Directory Processes When CPU Is Under-Utilized
Tuning CPU for Oracle Foreground Processes
Taking Advantage of Processor Affinity on SMP Systems
Other Alternatives for a CPU Constrained System
Memory Tuning
Tuning the System Global Area (SGA) for Oracle9i
Other Alternatives for a Memory-Constrained System
Disk Tuning
Balancing Tablespaces
RAID
Database Tuning
Required Parameter
Parameters Dependent on Oracle Internet Directory Server Configuration
Using Shared Server Process
SGA Parameters Dependent on Hardware Resources
Performance Troubleshooting

Part VI The Directory and Clusters

20 Managing Failover in Cluster Configurations

Introduction
Configuring Failover in a Clustered Environment
Step 1: Start OID Monitor
Step 2: Start a Directory Server or Directory Replication Server by Using the OID Control Utility
Step 3: Stop, then Restart, the Directory Server and OID Monitor
How Failover Works in a Clustered Environment

21 Managing Directory Failover in an Oracle9i Real Application Clusters Environment

Terminology
The Oracle Directory Server in an Oracle9i Real Application Clusters Environment
Oracle Internet Directory with Basic High Availability Configuration
Oracle Internet Directory with Default N-Node Configuration
The Oracle Directory Replication Server in an Oracle9i Real Application Clusters Environment

Part VII The Oracle Directory Integration Platform

22 About the Oracle Directory Integration Platform

What Is the Oracle Directory Integration Platform?
About Metadirectories
About the Oracle Directory Integration Platform Environment
Architecture
Components of the Oracle Directory Integration Platform Architecture
Oracle Internet Directory
Connected Directories
Oracle Directory Integration Server
Directory Integration Agents
Import and Export Files
Directory Integration Toolkit
Directory Integration Profiles
Agent Configuration Information
Attribute Mapping Rules
Administration and Monitoring Tools
Oracle Directory Manager
OID Control and OID Monitor
How the Oracle Directory Integration Platform Works
A Scenario: Deploying Oracle Human Resources Agent

23 Managing Directory Integration Agents and Profiles

About Directory Integration Agents
Import and Export Operations
Oracle Internet Directory Export Operation
Connected Directory Import Operation
Connected Directory Export Operation
Oracle Internet Directory Import Operation
Synchronization Scenarios
Synchronizing from a Connected Directory to Oracle Internet Directory
Synchronizing from Oracle Internet Directory to a Connected Directory
Types of Agents
Partner Agents
External Agents
Change Log Interfaces
Registration of Partner Agents into Oracle Directory Integration Platform
Agent Configuration Information
Mapping Rules
Mapping Rules Format
Import and Export Files
File Naming Conventions
Location of Files
Managing Partner Agents
Managing Partner Agents by Using Oracle Directory Manager
Registering a Partner Agent by Using Oracle Directory Manager
Deregistering a Partner Agent by Using Oracle Directory Manager
Managing Partner Agents from the Command Line
Registering a Partner Agent by Using ldapcreateConn.sh
Deregistering a Partner Agent Using ldapdeleteConn.sh

24 Managing the Oracle Directory Integration Server

About the Oracle Directory Integration Server
The Oracle Directory Integration Server and Configuration Set Entries
Configuration Data Refresh
LDAP Connections Used by the Oracle Directory Integration Server
Registering the Oracle Directory Integration Server
Managing Configuration Set Entries
Managing the Oracle Directory Integration Server
Starting the Oracle Directory Integration Server
Starting the Oracle Directory Integration Server by Using OID Monitor and the OID Control Utility
Starting the Oracle Directory Integration Server Without Using OID Monitor and the OID Control Utility
Stopping the Oracle Directory Integration Server
Stopping the Oracle Directory Integration Server by Using OID Monitor and the OID Control Utility
Stopping the Directory Integration Server Without Using OID Monitor and the OID Control Utility
Using the Restart Command
Using the Oracle Directory Integration Server in SSL Mode
Starting the Oracle Directory Integration Server in SSL Mode by Using OID Monitor and OID Control
Starting the Oracle Directory Integration Server in SSL Mode Without Using OID Monitor and OID Control
Finding the Log File
Setting the Debug Level
Changing the Synchronization Status Attribute
Viewing Oracle Directory Integration Server Information
Viewing Oracle Directory Integration Server Runtime Information by Using Oracle Directory Manager
Viewing Oracle Directory Integration Server Runtime Information by Using
ldapsearch

25 Managing Security in the Oracle Directory Integration Platform

Authentication
Secure Sockets Layer (SSL) and the Oracle Directory Integration Platform
Oracle Directory Integration Server Authentication
Non-SSL Authentication
Authentication in SSL Mode
Agent Authentication
Access Control and Authorization
Access Controls for the Oracle Directory Integration Server
Access Controls for Agents
Data Integrity
Data Privacy
Tools Security

26 Bootstrapping a Directory in the Oracle Directory Integration Platform

Bootstrapping Oracle Internet Directory from a Connected Directory
Using External Tools to Import Data into Oracle Internet Directory
Using an Agent to Import Data in Oracle Internet Directory
Bootstrapping a Connected Directory from Oracle Internet Directory

27 Synchronizing with Oracle Human Resources

Introduction
Data that You Can Import from Oracle Human Resources
Managing Synchronization with Oracle Human Resources
Configuring a Directory Integration Profile for the Oracle Human Resources Agent
Customizing the List of Attributes to Be Synchronized with Oracle Internet Directory
Including Additional Oracle Human Resources Attributes for Synchronization
Excluding Oracle Human Resources Attributes from Synchronization
Customizing Mapping Rules for the Oracle Human Resources Agent
Default Oracle Human Resources Agent Mapping Rules
Creating Oracle Human Resources Attribute Mapping Rules
Modifying Oracle Human Resources Attribute Mapping Rules
Deleting Oracle Human Resources Attribute Mapping Rules
Running Synchronization from Oracle Human Resources to Oracle Internet
Directory
Preparing for Synchronization
The Synchronization Process
Boostrapping Oracle Internet Directory from Oracle HR

Part VIII Appendixes

A Syntax for LDIF and Command-Line Tools

LDAP Data Interchange Format (LDIF) Syntax
Command-Line Tools Syntax
ldapadd Syntax
ldapaddmt Syntax
ldapbind Syntax
ldapcompare Syntax
ldapdelete Syntax
ldapmoddn Syntax
ldapmodify Syntax
ldapmodifymt Syntax
ldapsearch Syntax
Examples of ldapsearch Filters
Bulk Tools Syntax
bulkdelete Syntax
bulkload Syntax
bulkmodify Syntax
ldifwrite Syntax
Catalog Management Tool Syntax
OID Monitor Syntax
Starting the OID Monitor
Stopping the OID Monitor
OID Control Utility Syntax
Starting and Stopping an Oracle Directory Server Instance
Starting an Oracle Directory Server Instance
Stopping an Oracle Directory Server Instance
Starting and Stopping an Oracle Directory Replication Server Instance
Starting an Oracle Directory Replication Server Instance
Stopping an Oracle Directory Replication Server Instance
Restarting Directory Server Instances
Troubleshooting Directory Server Instance Startup
OID Database Password Utility Syntax
Human Intervention Queue Manipulation Tool Syntax
Moving a Change from the Human Intervention Queue into the Retry Queue
Moving a Change from the Human Intervention Queue into the Purge Queue
Examples: Using the Human Intervention Queue Manipulation Tool
Example: Retrying and Discarding Changes
Example: Moving a Single Change from the Human Intervention Queue to the Retry Queue
Example: Moving a Group of Changes from the Human Intervention Queue to the Retry Queue
Example: Moving All Changes from the Human Intervention Queue to the Retry Queue
OID Reconciliation Tool Syntax
Reconciling Inconsistent Data by Using the OID Reconciliation Tool
How the OID Reconciliation Tool Works
OID Database Statistics Collection Tool Syntax

B Using Access Control Directive Format

Schema for orclACI
Schema for orclEntryLevelACI

C Schema Elements

IETF Requests for Comments (RFCs) Enforced by Oracle Internet Directory
IETF Drafts Enforced by Oracle Internet Directory
Proprietary Oracle Internet Directory Schema Elements
LDAP Syntax
LDAP Syntax Enforced by Oracle Internet Directory
Commonly Used LDAP Syntax Recognized by Oracle Internet Directory
Additional LDAP Syntax Recognized by Oracle Internet Directory
Size of Attribute Values
Matching Rules

D Using Oracle Wallet Manager

Overview
Managing Wallets
Starting Oracle Wallet Manager
Creating a New Wallet
Opening an Existing Wallet
Closing a Wallet
Saving Changes
Saving the Open Wallet to a New Location
Saving in System Default
Deleting the Wallet
Changing the Password
Using Auto Login
Enabling Auto Login
Disabling Auto Login
Using Oracle Wallet Manager with Oracle Application Server
Managing Certificates
Managing User Certificates
Creating a Certificate Request
Exporting a User Certificate Request
Importing the User Certificate into the Wallet
Removing a User Certificate from a Wallet
Managing Trusted Certificates
Importing a Trusted Certificate
Removing a Trusted Certificate
Exporting a Trusted Certificate
Exporting All Trusted Certificates
Exporting a Wallet

E Upgrading from Oracle Internet Directory Release 2.1.1

Tasks Before Upgrading
Upgrading in a Single Node Environment
Upgrading in a Multi-Node Environment
Upgrading One Node at a Time
Task 1: Verify that You Have Stopped the Oracle Internet Directory Processes
Task 2: Delete Jobs on Other Nodes
Task 3: Shutdown Database and Listener on the Node to be Upgraded
Task 4: Upgrade the Node to Oracle Internet Directory Release 3.0.1
Task 5: Verify that the Database and Listener Are Running
Task 6: Create Push Jobs on Other Nodes
Task 7: Verify that the Oracle Internet Directory Processes Are Running
Task 8: Upgrade Other Master Sites
Upgrading All the Nodes at the Same Time
Task 1: Set All the Nodes in the Network to Read-Only Mode
Task 2: Wait Until All the Changes in the Change Log Queue Have Been Applied
Task 3: Verify that You Have Stopped the Oracle Internet Directory Processes
Task 4: Shutdown the Database and the Listener on All Nodes
Task 5: Upgrade All the Nodes to Oracle Internet Directory Release 3.0.1
Task 6: Start the Database and Listener on All Nodes
Task 7: Verify that the Oracle Internet Directory Processes Are Running
LDIF-Based Upgrading
Task 1: Backup the Older Version of Oracle Internet Directory
Task 2: Perform a Fresh Installation of Oracle Internet Directory Release 3.0.1
Task 3: Restore the User-Defined Schema and Data from the Previous Version of Oracle Internet Directory
Task 4: Start Oracle Internet Directory Processes

F Migrating Data from Other LDAP-Compliant Directories

About the Data Migration Process
Migrating Data
Task 1: Export Data from the Non-Oracle Internet Directory Server into LDIF File
Format
Task 2: Analyze the LDIF User Data for Any Required Schema Additions Referenced in the LDIF Data
Task 3: Extend the Schema in Oracle Internet Directory
Task 4: Remove Any Proprietary Directory Data from the LDIF File
Task 5: Remove Operational Attributes from the LDIF File
Task 6: Remove Incompatible userPassword Attribute Values from the LDIF File
Task 7: Run the bulkload.sh -check Mode and Determine Any Remaining Schema Violations or Duplication Errors

G Troubleshooting

Installation Errors
Administration Error Messages and Causes
Oracle Database Server Error Due to Schema Modifications
Standard Error Messages Returned from Oracle Directory Server
Additional Error Messages

Glossary

Index

Go to next page
Oracle
Copyright © 1996-2001, Oracle Corporation.
All Rights Reserved.
Go To Documentation Library
Home		 Go To Product List
Book List		 Go To Index
Index
Master Index
Feedback