5
Completing Directory Usage Configuration

This chapter describes how to configure access to a directory that is already installed. First it describes the configuration steps common to all Oracle products; then it directs you to resources that describe directory configuration tasks particular to each Oracle product.

The chapter covers the following topics:

• Completing Directory Usage Configuration

• Product-Specific Configuration Tasks

Completing Directory Usage Configuration

You can complete directory usage configuration during custom installation of a database or as part of a client installation, using Oracle Net Configuration Assistant. The first option performs the minimal, or baseline, directory configuration tasks required for all Oracle products. The second only enables you to choose a particular directory and to configure your Oracle home to access it.

A third option is to run Oracle Net Configuration Assistant in standalone mode after the database has already been installed. This option incorporates the two options described above, but it also enables you to upgrade an existing Oracle Context and Oracle Schema.

This section covers the following topics:

• Directory Usage Configuration During Custom Installation on the Server

• Directory Usage Configuration During a Client Installation

• Directory Usage Configuration After Installation

Directory Usage Configuration During Custom Installation on the Server

After installing database server software, Oracle Universal Installer launches Oracle Net Configuration Assistant, which gives you the option of completing directory usage configuration. Completing configuration consists of the following:

• Selecting a directory type

• Specifying the directory's host name and port

• Selecting a directory entry that contains an Oracle Context

If the required Oracle Schema is already installed, Oracle Net Configuration Assistant prompts you to select an Oracle Context from a drop-down list of directory entries. If it was created during directory setup, one of the entries in the list is a root Oracle Context. The root Oracle Context is at the root entry, or top entry, of a directory that is being configured for the first time.

If only the root context is present, you can either use this context or create a new context by running Oracle Net Configuration Assistant in standalone mode. If no root Oracle Context is present, you can create one by entering the words "root entry" in the context drop-down list box and clicking Next.

If the required Oracle Schema is not installed, Oracle Net Configuration Assistant gives you the option of installing the correct schema or deferring directory configuration until a later time.

Notes: Some directory enabled features, such as Oracle Advanced Security, require that the directory contain a root Oracle Context. To create an Oracle Context and to install or update the Oracle Schema, you must have the credentials of a directory administrator. If you installed the latest version of Oracle Internet Directory, the correct version of the Oracle Schema and the root Oracle Context are already installed.

If you create the Oracle Context successfully, Oracle Net Configuration Assistant adds you to four administrative groups:

• OracleContextAdmins

  This group has full privileges for the entire Oracle Context.

• OracleDBCreators

  This group enables you to use Oracle Database Configuration Assistant to register a database service entry in the directory together with its connect descriptor.

• OracleNetAdmins

  This group can use Oracle Net Manager to create, modify, and delete net service names and to modify Oracle Net attributes of database services.

• OracleDBSecurityAdmins

  Members of this group have full privileges over directory objects in the container OracleDBSecurity. These objects consist of enterprise domains, enterprise roles, and mappings between users and shared database schemas.

After directory usage configuration is complete, Oracle Database Configuration Assistant runs. It creates your database and registers the database and its connect descriptor under the chosen, or default, Oracle Context.

Notes: If, later, you choose a different Oracle Context or create a new one, remember to reregister your database under this context. To accomplish this task, you must run Oracle Database Configuration Assistant in standalone mode. You cannot complete directory usage configuration as part of an Enterprise Edition or Standard Edition installation on the server. If you choose these installation options, you must run Oracle Net Configuration Assistant in standalone mode.

Directory Usage Configuration During a Client Installation

During client installation, Oracle Net Configuration Assistant prompts you to configure use of a directory server. It prompts you to:

• Select a directory type

• Specify the directory's host name or port

• Select a directory entry that contains an Oracle Context

If the Oracle Schema is incorrect or was not installed or no Oracle Context is present, you cannot complete directory usage configuration on the client. To complete configuration, run Oracle Net Configuration Assistant in standalone mode after installation.

Directory Usage Configuration After Installation

You can use Oracle Net Configuration Assistant to complete directory usage configuration at any time.

To configure directory server usage:

1. Start Oracle Net Configuration Assistant.

   See Also: Chapter 5, "Oracle Net Configuration Assistant," in Oracle9i Net Services Administrator's Guide for information about how to run the tool

   The Welcome page appears.

2. Select Directory Service Usage Configuration, and then choose Next.

   The Directory Usage Configuration page appears.

   
   
   Text description of the illustration dirig023.gif

Table 5-1 describes the four options available on the Directory Usage Configuration page.

Table 5-1 Directory Usage Configuration Page in Oracle Net Configuration Assistant

Option	Description
Select the directory server you want to use	Select this option to enable your computer to use a directory server that is already configured to use directory-enabled features. Once configuration is complete, this option enables your computer to look up entries in the directory. This option prompts you to: Select the type of directory server Identify the host name and port of the directory server Select a directory entry that contains an Oracle Context from which this server can access and create Oracle entries Note: If no Oracle Context or Oracle Schema exists, you cannot complete usage configuration using this option. To create the Oracle Context and Oracle Schema, you must choose the option "Select the directory server you want to use, and configure the directory server for Oracle usage."
Select the directory server you want to use, and configure the directory server for Oracle usage	Select this option to configure a directory server for directory-enabled features and to enable your computer to use that directory. This option is designed for administrators who are configuring these features for the first time. Once configuration is complete, this computer can then look up entries in the directory server. This option prompts you to: Select the type of directory server Identify the host name and port of the directory server Select or enter a directory entry that contains an Oracle Context from which this server can access and create Oracle entries If the Oracle Schema does not exist or is an older version, you are prompted to create it or upgrade it. Having the correct schema version is a prerequisite for creating or designating an Oracle Context. There are three options for choosing an Oracle Context: Accept the root Oracle Context as your default. The root Oracle Context is at the root entry, or top entry, of a directory. Choose from a drop-down list of Oracle Contexts Create a new Oracle Context under a directory entry of your choice Note: If there is no root Oracle Context, you must create one. Use the option "Create additional or upgrade existing Oracle Context," and select "root entry." If the Oracle Context is created successfully, the authenticated user is added to the following administrative groups: OracleContextAdmins (cn=OracleContextAdmins,cn=Groups,cn=OracleContext) OracleDBCreators (cn=OracleDBCreators,cn=OracleContext) OracleNetAdmins (cn=OracleNetAdmins,cn=OracleContext) OracleDBSecurityAdmins (cn=OracleDBSecurityAdmins,cn=OracleContext)
Create additional or upgrade existing Oracle Context	Select this option to create an additional Oracle Context in the directory or to upgrade an old version of the Oracle Context to a new version. To create an Oracle Context, the following must exist in the directory server: A directory entry under which you want the Oracle Context to be created The Oracle Schema If the Oracle Context is created successfully, the authenticated user is added to the following administrative groups: OracleContextAdmins (cn=OracleContextAdmins,cn=Groups,cn=OracleContext) OracleDBCreators (cn=OracleDBCreators,cn=OracleContext) OracleNetAdmins (cn=OracleNetAdmins,cn=OracleContext) OracleDBSecurityAdmins (cn=OracleDBSecurityAdmins,cn=OracleContext) If the Oracle Context is an older version, you are prompted to upgrade it.
Create or upgrade the Oracle Schema	Select this option to create the Oracle Schema in the directory, or to upgrade the Oracle Schema to the current release.

3. Select the appropriate option, and then follow the prompts in the wizard and Help to complete directory usage configuration.

Product-Specific Configuration Tasks

Oracle Net Configuration Assistant performs only the minimal directory configuration tasks necessary for most Oracle products. As such, many directory-enabled Oracle products may require additional configuration. Table 5-2 lists each product described in this book and provides links to documents that describe product-specific configuration tasks.

Table 5-2 Links to Product-Specific Configuration Information

Product	Document
Oracle Net Services	Oracle9i Net Services Administrator's Guide, Chapter 8, "Setting Up Directory Server Usage"
Oracle Advanced Security	Oracle Advanced Security Administrator's Guide, Chapter 15, "Managing Enterprise User Security"
Application Context	Oracle9i Application Developer's Guide - Fundamentals, "Application Context Initialized Globally," in Chapter 12, "Policy-Based Security"
Oracle Advanced Queuing	Oracle9i Application Developer's Guide - Advanced Queuing, Chapter 12, "Creating Applications Using JMS"
Oracle Dynamic Services	Oracle Dynamic Services User's and Administrator's Guide, "Using Lightweight Directory Access Protocol (LDAP) as a Master Registry," in Chapter 4, "Advanced Installation Options"