Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
Numerics
- 389 port, A-8, A-11, B-5
- 636 port, A-8, A-11, B-5
A
- A control information (ACI)
- more than one for the same subject, 14-16
- abstract object classes, 2-10
- superclasses of, 6-4
- top, 2-9
- access
- exclusionary, 14-17
- granting
- by using command-line tools, 14-48
- by using Oracle Directory Manager, 14-18
- entry-level, by using command-line tools, 14-50
- entry-level, by using Oracle Directory Manager, 14-32
- kinds, 14-11
- level requirements for LDAP operations, 14-12
- object, 14-7
- operations, 14-11
- rights, setting by using Oracle Directory Manager, 14-22, 14-30
- selecting, by DN, 14-51
- subject, 14-8
- unspecified, 14-12, 14-30
- violation event, 10-13
- access control
- and authorization, 2-12
- conceptual discussion, 12-3
- default, 17-4
- defined, 2-12
- directive format. See ACI directive format
- for agents, 36-5
- for directory integration and provisioning server, 36-5
- in Oracle Directory Integration and Provisioning platform, 36-4
- in the Oracle Directory Integration and Provisioning platform, 36-4
- management constructs, 14-2
- managing, 14-1
- by using command-line tools, 14-48
- by using Oracle Directory Manager, 14-18
- overview, 1-9
- policies
- conflicting, 14-2
- inheriting, 14-2
- policy administration, overview, 14-2
- prescriptive, 14-3
- schema elements, B-4
- setting, by using wildcards, 14-50
- to provisioning profiles, 34-11
- access control information (ACI)
- attributes, 12-3
- components, 14-7
- directives, format, 12-3
- items
- format, E-1
- syntax, E-1
- object of directives, 14-7
- subject of directives, 14-8
- access control lists (ACLs), 2-22, 12-3
- and integration with SunONE Directory Server, 42-9
- directives, within entries, 14-3
- evaluation
- for groups, 14-17
- precedence rules, 14-14
- for groups, 14-17
- how it works, 14-13
- modification, 10-13
- precedence
- rules, 14-14
- within subtrees, 14-3
- Access Control Management pane, in Oracle Directory Manager, C-2
- access control policy points (ACPs), 14-2, 14-20
- adding
- by using ldapmodify, 14-49
- by using Oracle Directory Manager, 4-9, 14-20
- by using the ACP Creation Wizard of Oracle Directory Manager, 14-24
- administering, by using Oracle Directory Manager, 4-13
- configuring display of, in Oracle Directory Manager, 14-18
- creating by using ACP Creation Wizard, 14-24
- Creation Wizard, 14-24
- defined
- groups, 14-4
- multiple, 14-2
- viewing, 14-20
- by using Oracle Directory Manager, 14-20
- viewing, by using Oracle Directory Manager, 14-20
- accessDirectiveMatch matching rule, B-46
- accounts
- enabling and disabling
- by using command-line tools, 15-9
- by using Oracle Internet Directory Self-Service Console, 15-10
- unlocking
- by using command-line tools, 15-9
- by using Oracle Internet Directory Self-Service Console, 15-10
- ACI. See access control information (ACI)
- ACL. See access control lists (ACLs)
- ACP groups, 14-4
- ACP. See access control policy points (ACPs)
- ACPs. See access control policy points (ACPs)
- Active Directory
- Microsoft
- integration with, 43-1
- active server instances
- modifying configuration set entries in, 5-4
- viewing, 5-4, 5-13
- Add New Attributes window, OID Self-Service Console, C-42
- added_object_constraint filter, 14-49
- added-object-constraint, in access control, 14-11
- add.log, A-23
- -ADDNODE option, in Replication Environment Management Tool, A-65
- administration tools, 7-10
- bulkdelete, A-44
- bulkload, A-45
- bulkmodify, A-51
- Catalog Management Tool (catalog.sh), 4-17
- command-line, 1-8, 4-14
- Human Intervention Queue Manipulation Tool, 4-19
- ldapadd, 7-10, A-21
- ldapaddmt, A-23
- ldapbind, A-25
- ldapcompare, A-26
- ldapdelete, 7-10, A-28
- ldapmoddn, 7-11, A-30
- ldapmodify, 7-11, A-31
- ldapmodifymt, 7-11, A-37
- ldapsearch, A-39
- ldifwrite, A-53
- OID Database Password Utility (oidpasswd), 4-21
- OID Database Statistics Tool (oidstats.sh), 4-21
- OID Migration Tool, 4-20
- OID Reconciliation Tool, 4-19
- Oracle Directory Manager, 4-2
- Oracle Internet Directory Self-Service Console, 31-1
- Replication Environment Management Tool, 4-19
- agent tools, A-107
- agents
- access controls for, 36-5
- log file location, 3-5
- uploading agent file, A-120
- alias entries
- adding, 5-16
- dereferencing, 5-14, 5-16
- messages, 5-19
- modifying, 5-19
- searching directory with, 5-17
- alternate server list
- from the Oracle directory server, 26-4
- from user input, 26-4
- AlternateServers attribute, in failover, 26-4
- ANALYZE function of DBMS_STATS package, 21-3
- anonymous authentication, 4-4, 12-4
- anonymous login, 4-4
- Application Server Control
- starting directory server instance, 10-23
- stopping directory server instance, 10-24
- viewing user logon session information, 10-25
- applications
- enrollment in, for provisioning, 34-3
- automatic, 34-3
- manual, 34-3
- registering with the Oracle Directory Provisioning Integration Service, 34-6
- unsubscribing from Oracle Directory Provisioning Integration Service, 34-9
- application-specific repositories
- migrating data from, 23-5
- Apply button, in Oracle Directory Manager, 4-8
- architecture
- Oracle Internet Directory, 1-6, 2-1, 2-14
- Oracle Internet Directory Server Manageability framework, 10-19
- rack-mounted directory server configurations, 27-2
- ASR Agreement tab page, in Oracle Directory Manager, C-13
- ASR. See Oracle9i Advanced Replication
- -ASRCLEANUP option, Replication Environment Management Tool, A-77
- -ASRRECTIFY option, in Replication Environment Management Tool, A-78
- -ASRSETUP option, in Replication Environment Management Tool, A-68
- -ASRVERIFY option, in Replication Environment Management Tool, A-82
- Assign Privileges window, in Oracle Directory Manager, C-45
- attribute options, 2-7
- adding
- by using ldapmodify, 7-12
- by using Oracle Directory Manager, 7-8
- conceptual discussion, 2-7
- deleting by using Oracle Directory Manager, 7-9, 7-13
- language codes, 2-7
- managing
- by using command line tools, 7-12
- by using Oracle Directory Manager, 7-8
- modifying by using Oracle Directory Manager, 7-9
- searching for by using ldapsearch, 7-13, A-42
- attribute uniqueness
- about, 8-2
- constraint entries, 8-2
- entries
- location of, 8-7
- known limitations, 8-12
- managing, 8-7
- managing by suing command-line tools, 8-9
- managing, by using Oracle Directory Manager, 8-7
- rules for creating, 8-3
- schema elements, B-4
- attribute values, replacing, A-35
- attributes
- adding, 6-12
- by using ldapadd, A-21
- by using ldapmodify, 6-17, 6-18
- by using Oracle Directory Manager, 6-14
- concurrently, by using ldapaddmt, A-23
- guidelines for, 6-12
- to existing entries, A-21
- AlternateServers, for failover, 26-4
- as DNs, 7-4
- as metadata in schema, 6-2
- attribute options, 7-13
- adding by using ldapmodify, 7-12
- adding by using Oracle Directory Manager, 7-8
- conceptual discussion, 2-7
- deleting by using Oracle Directory Manager, 7-9, 7-13
- managing by using command line tools, 7-12
- managing by using Oracle Directory Manager, 7-8
- modifying by using Oracle Directory Manager, 7-9
- searching for by using ldapsearch, A-42
- base schema
- deleting, 6-12
- modifying, 6-12
- commonName, 2-6
- creating by using Oracle Directory Manager, 4-9
- deleting, 6-12
- by using ldapmodify, A-35
- guidelines for, 6-12
- determined by object classes, 6-3
- ditcontentrule, 6-22
- dropping indexes, 6-17
- extending number of
- by using auxiliary object classes, 6-21
- by using content rules, 6-22
- for existing entries, 6-21
- prior to creating entries, 6-21
- for a specific entry
- viewing by using Oracle Directory Manager, 7-4
- for which data exists
- indexing, 6-20
- for which no directory data exists
- indexing, 6-19
- in base schema, 6-11
- in LDIF files, A-2
- in top, 2-10
- indexed
- viewing, 6-17
- indexes, created by bulkload, 7-16
- indexing, 6-16, 6-20
- by using Catalog Management tool, 6-16
- by using command-line tools, 6-19
- by using Oracle Directory Manager, 6-16
- when you create them, 6-16
- information, kinds of, 2-5
- inheritance of, 6-3
- jpegPhotos, 2-6, 7-11
- kinds of information in, 2-5
- labeledURI, 9-4, 9-13
- loginID, 41-11
- making available for searches, 6-16
- managing, 6-11
- by using command-line tools, 6-17
- by using Oracle Directory Manager, 6-11, 6-12
- overview, 6-11
- managing by using command-line tools, 6-17
- mandatory, 2-8, 6-3, 7-7
- in a user entry, 23-8
- matching rules, 2-7
- modifying
- by using ldapmodify, 7-11
- by using ldapmodifymt, 7-11
- by using Oracle Directory Manager, 6-15, 7-9
- concurrently, 7-11
- guidelines for, 6-12
- rules for, 6-12
- using ldapmodify, 6-17, 6-18
- multivalued, 2-5, 14-3
- converting to single-valued, 6-12
- null values in, 6-3
- objectclass, 10-11
- objects associated with an ACI, 14-7
- operational, 5-9
- optional, 2-8, 6-3
- options, 2-7
- language codes., 2-7
- orclauditlevel, 10-13
- orclauditmessage, 10-11
- orclauditoc, 10-11
- orcleventtime, 10-11
- orcleventtype, 10-11
- orclopresult, 10-11
- orclsequence, 10-11, 10-12
- orclskewedattribute, 21-12
- orcluserdn, 10-11
- organization, 2-6
- organizationalUnitName, 2-6
- redefining mandatory, 6-4
- ref, 7-17
- removing from object classes, 6-5
- rules
- for adding, 6-12
- for deleting, 6-12
- for modifying, 6-12
- searching for, by using Oracle Directory Manager, 6-13
- single-valued, 2-5
- converting to multivalued, 6-12
- size of values, B-46
- skewed, optimizing searches for, 21-12
- sn, 2-6
- specifying as mandatory or optional, 6-3
- surname, 2-6
- syntax, 2-6
- modifying, 6-12
- syntax type
- selecting, 6-27
- syntaxes
- cannot modify, 6-12
- selecting, 6-27
- system operational, 5-9
- types, 2-4
- values, 2-4
- deleting, A-34
- size of, B-46
- viewing, 7-4
- Attributes tab page, in Oracle Directory Manager, C-20
- audit level, 10-12
- modifying, 10-15
- setting, 10-13
- by using ldapmodify, 10-14
- by using Oracle Directory Manager, 10-13
- audit log, 10-10
- container object, 10-16
- default configuration, 10-10
- entries
- in the DIT, position of, 10-12
- position in DIT, 10-12
- searching, 10-11
- searching for, 10-15
- searching for by using ldapsearch, 10-16
- searching for by using Oracle Directory Manager, 10-15
- structure, 10-11
- viewing, 10-10
- events
- access violation, 10-13
- ACL modification, 10-13
- add, 10-13
- adding, 10-13
- bind, 10-12
- deleting, 10-13
- DSE modification, 10-13
- modify, 10-13
- modifyDN, 10-13
- modifying, 10-13
- replication login, 10-13
- schema element, add/replace, 10-12
- schema element, delete, 10-12
- selected, 10-13
- super user login, 10-12
- user password modification, 10-13
- garbage collector, 22-3
- purging, 10-16
- queries, 10-10
- sample, 10-12
- schema elements, B-4
- structure of entries, 10-11
- using, 10-10
- auditable events, 10-12
- auditing selected events, 10-13
- authenticated access, by using SSL, 1-9
- authentication, 12-4
- and Oracle directory integration and provisioning server, 36-3
- anonymous, 4-4, 12-4, 12-5
- conceptual discussion, 12-4
- defined, 2-12
- direct
- options, 12-4
- external, 12-8, 47-2
- how it works, 42-4
- SASL, 12-5
- in a typical directory operation, 2-22
- in the Oracle Directory Integration and Provisioning platform, 36-2
- indirect, 12-5
- through a RADIUS server, 12-5
- Kerberos, A-22, A-24, A-29
- native, 47-2
- non-SSL, 36-3
- Oracle directory replication server, 24-18
- parameters, B-6
- password-based, 4-4, 12-5
- PKI, 12-2
- profile, 36-4
- SASL, 12-5
- SASL mechanism
- external authentication, 12-5
- MD5Digest, 12-5
- simple, 1-9, 4-4, 12-5
- Simple Authentication and Security Layer (SASL), 12-5
- specifying
- no SSL, B-6
- SSL
- defined, 12-5
- for Oracle Directory Manager, 4-7
- mode, 36-4
- no, 4-7
- one-way, B-6
- server only, 4-7
- with ldapadd, A-22
- with ldapaddmt, A-25
- with ldapbind, A-26
- with ldapmodify, A-32
- with ldapmodifymt, A-38
- three levels, 1-9
- through a middle tier, 12-5
- two-way SSL, B-6
- Authentication Choice list, in Oracle Directory Manager, C-2
- Authentication Services Group, 17-17
- authorization, 2-12, 12-2
- in the Oracle Directory Integration and Provisioning platform, 36-4
- automated resolution of conflicts, 24-26
- auto-provisioning plug-ins
- for integration with Microsoft Windows NT, 43-58
- auxiliary object classes, 2-10, 6-5
- extending number of attributes by using, 6-21
- availability, high, 26-7
- average latency, 21-2
B
- backup and recovery strategies, failover, 18-6
- backup and restore, 11-1
- base schema
- attributes, 6-11
- deleting, 6-12
- modifying, 6-12
- object classes
- modifying, 6-5
- base search, 7-3, A-39
- batching line-mode commands, 6-9
- Begins With filter, in Oracle Directory Manager, C-18
- bind event, 10-12
- bind mode, 14-10
- binding, 2-22
- bitStringMatch matching rule, B-46
- bootstrap command, in Directory Integration and Provisioning Assistant, A-111
- bootstrapping
- in integrated environments
- by using default integration profiles, 37-5
- by using the parameter file, 37-2
- in Oracle Directory Integration and Provisioning platform, 37-1
- Oracle Internet Directory from Oracle Human Resources, 39-14
- BSTAT/ESTAT scripts, 21-8
- buffer caches, size, 21-8
- bulk loading failure, 7-16
- bulk tools
- syntax, A-44
- bulkdelete, 4-18, 7-16, A-44
- and Globalization Support, G-10
- syntax, A-44
- bulkload, 4-18, 7-15, 7-16, A-45
- and Globalization Support, G-9
- check mode, performing on LDIF files, 23-4
- creating indexes, 7-16
- .dat files, 7-16
- generating input files, 7-16
- -load option, 7-16
- log file location, 3-5
- syntax, A-45
- bulkmodify, 4-18
- and Globalization Support, G-10
- LDIF file-based modification, A-52
- syntax, A-51
- By Whom tab page, in Oracle Directory Manager, C-3
C
- C API, 2-22
- cache, entry, 21-11
- cache, metadata, 2-19
- caching
- client-side referral, 7-19
- Cancel button, in Oracle Directory Manager, 4-8
- capacity planning, 18-8, 20-1
- I/O subsystem, 20-6
- network requirements, 20-13
- overview, 20-2
- caseExactIA5Match matching rule, B-47
- caseExactMatch matching rule, B-47
- caseIgnoreIA5Match matching rule, B-47
- caseIgnoreListMatch matching rule, B-47
- caseIgnoreMatch matching rule, B-47
- caseIgnoreOrderingMatch matching rule, B-47
- catalog entry, 2-20
- Catalog Management Tool
- syntax, A-19
- Catalog Management tool
- syntax, A-19
- Catalog Management Tool (catalog.sh), 4-17, 6-16, 6-20
- log file location, 3-5
- cataloged attributes
- orcleventtype, 10-11
- orcluserdn, 10-11
- catalog.sh
- syntax, A-19
- catalog.sh. See Catalog Management tool.
- central enterprise directory, 41-3
- Oracle Internet Directory as, 41-3
- third-party directory as, 41-4
- change log
- purging, in multimaster replication, 22-7
- Change Log window, in Oracle Directory Manager, C-17
- change logging, A-8
- change logs, 2-24, 24-6
- and directory replication, 24-19
- change number-based purging, 22-7
- flag, A-7
- toggling, A-7
- garbage collector, 22-3
- in replication, 1-8, 24-19, 24-24
- in synchronization process, 32-7
- interface
- IETF, 32-10
- Oracle proprietary, 32-10
- object store, and integration with third-party metadirectory solutions, 44-2
- purging, 22-7
- methods, 22-7
- time-based purging, 22-7
- used by Oracle Directory Provisioning Integration Service, 34-4
- change number-based purging, 22-7
- change retry count, setting, C-13
- change types, in ldapmodify input files, A-34
- changeLog attribute, B-35
- changeLogEntry attribute, B-35
- changeNumber attribute, B-35
- changes
- moving from the human intervention queue into the purge queue, A-57
- moving from the human intervention queue into the retry queue, A-56
- changeStatus attribute, B-35
- changeStatusEntry attribute, B-35
- changetype attribute, B-35
- add, A-34
- delete, A-35
- modify, A-34
- modrdn, A-35
- -CHGPWD option, in Replication Environment Management Tool, A-72
- cipher suites
- SSL, 13-2
- SSL, supported, 13-2
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, 13-2
- SSL_RSA_WITH_NULL_MD5, 13-2
- SSL_RSA_WITH_NULL_SHA, 13-2
- SSL_RSA_WITH_RC4_128_SHA, 13-2
- clients, failover options on, 26-3
- client-side referral caching, how it works, 7-19
- cluster manager, 29-2
- clusters
- definition, 29-2
- cn attribute, 2-6
- cn=replication namecontext, 24-14
- cold backups, F-1
- command line tools
- described, 4-14
- command-line tools, 1-8
- adding configuration set entries, 2-21, 7-10
- Catalog Management Tool, 6-16
- comparing attribute values, 7-10
- Directory Integration and Provisioning Assistant, A-107
- for managing entries, 7-10
- indexing, 6-16, 6-20
- ldapadd, 7-10, A-21
- ldapaddmt, 7-10, A-23
- ldapbind, A-25
- ldapcompare, A-26
- ldapcreateconn.sh, A-121
- ldapdelete, 7-10, A-28
- ldapmoddn, 7-11, A-30
- ldapmodify, 7-11, A-31
- ldapmodifymt, 7-11, A-37
- ldapsearch, A-39
- ldapUploadAgentFile.sh, A-120
- managing
- attributes, 6-17
- entries, 7-10
- modifying configuration set entries, 7-11
- overview, 4-14
- Replication Environment Management Tool, A-62
- schemasync, A-125
- setting Globalization Support, G-5
- stopodiserver.sh, A-124
- syntax, A-18
- common entry, defined, 2-20
- Common Group Attributes Group, 17-20
- Common User Attributes Group, 17-19
- commonName attribute, 2-6
- comparing
- attribute values, 7-10
- entries, 7-10
- two objects, 4-9
- component deployment and administration
- delegation, 17-11
- components
- of a directory server, 2-15
- of Oracle Internet Directory, 1-7
- concurrent database connections, 21-10, B-5
- configNLDAP.ora, F-9
- configsets, 2-21
- configuration parameters
- modifying, 2-21
- Oracle directory replication server
- location, 25-36
- configuration set entries, 2-21
- adding, 2-21, 5-2, 5-7
- by using command line tools, 7-10
- by using command-line tools, 2-21
- by using Oracle Directory Manager, 5-4
- changing, 5-8
- database connections, B-5
- debug level, B-5
- deleting, 5-2
- by using ldapmodify, 5-8
- by using Oracle Directory Manager, 5-4, 5-6
- directory integration and provisioning server, 35-3
- directory server processes, B-5
- for replication server, 25-36
- LDIF files, 5-7
- managing, 4-23, 5-2
- by using command-line tools, 5-7
- by using Oracle Directory Manager, 5-4
- preliminary considerations, 5-2
- modifying, 2-21, 5-2, A-17
- by using command line tools, 7-11
- by using ldapmodify, 5-8
- by using Oracle Directory Manager, 5-4, 5-6
- in an active server instance, 5-4
- multiple, 13-3
- Oracle directory integration and provisioning server, 35-3, 35-8
- orcldebuglevel, B-5
- orclmaxcc, B-5
- orclserverprocs, B-5
- orclssl authentication, B-6
- orclsslenable, B-6
- orclsslport, B-5
- orclsslwalleturl, B-6
- overriding user-specified, A-9
- schema elements, B-5
- SSL parameters in, 13-3
- using different, 5-2
- viewing, 5-4
- configuration set location, C-29
- Configuration Sets General tab page, in Oracle Directory Manager, C-27
- conflict resolution, in replication, 24-24
- conflicting access control policies, 14-2
- precedence, rules for resolving, 14-2
- conflicts, replication
- automated resolution of, 24-26
- manual resolution of, 25-20
- resolution, 14-14, 24-24
- resolving manually, 25-20
- typical causes of, 24-26
- CONNECT BY assertions, in dynamic groups, 9-4
- Connect/Disconnect button in Oracle Directory Manager, 4-10
- connected directories
- described, 32-6
- SSL certificates for, 35-8
- connecting
- to a directory server, 4-3, 4-23
- in a typical directory operation, 2-22
- to additional directory servers, 4-11
- to multiple directory servers, 4-11
- connection
- pooling, 1-8
- redirection, 26-9
- hardware-based, 26-7
- network-level, 26-6
- software-based, 26-7
- connections, LDAP, specifying maximum idle time for, 5-14
- connectors, 33-1
- managing from the command line, 33-22
- registering, 33-7
- scheduling, 35-2
- SunONE, 42-2
- connect-time failover, 29-2
- constraints, object classes, 2-10
- consumers
- defined, 2-23, 24-2
- containment
- of groups, planning, 19-8
- of users, planning, 19-8
- content access items, 14-36
- of an existing ACP, 14-30
- Content Rule dialog box, in Oracle Directory Manager, C-25
- content rules
- defined, 6-22
- defined as values of ditcontentrule attribute, 6-22
- extending number of attributes by using, 6-22
- managing
- by using command-line tools, 6-25
- by using Oracle Directory Manager, 6-24
- rules for creating and modifying, 6-22
- schema enforcement when using, 6-23
- control, access, 1-9, 14-1
- converting
- auxiliary object classes, 6-5
- directory data to LDIF, 7-16
- structural object classes, 6-5
- CPUs
- configuration, 20-15
- in capacity planning, 20-2
- power required for various deployment scenarios, 18-9
- processing power, 20-15
- requirements, 20-14, 20-16
- detailed calculations, 20-16
- in capacity planning, 20-14
- tuning, 21-4
- tuning for Oracle foreground processes, 21-6
- usage, 18-11
- usage tuning, 21-4
- when to tune, 21-4
- Create button, in Oracle Directory Manager, 4-10
- Create Entry menu item, in Oracle Directory Manager, 4-9
- Create Identity Management Realm window, in Oracle Directory Manager, C-46
- Create Like
- adding entries using templates, 7-5
- button, in Oracle Directory Manager, 4-10, 7-6
- operation, by using Oracle Directory Manager, 4-8
- Create Resource Type window, in Oracle Directory Manager, C-49
- createTimestamp attribute, 2-5, 23-4
- optional in top, 2-10
- creating an integration profile, A-121
- creatorsName attribute, 2-5, 23-4
- optional attribute in top, 2-10
- critical events
- in Oracle Internet Directory Server Manageability framework, 10-22
- levels, 10-22
D
- daemons, 3-2
- .dat files, generated by bulkload, 7-16
- data integrity, 2-12, 2-13, 12-2, 36-6
- in Oracle Directory Integration and Provisioning platform, 36-6
- data migration process, 23-2
- data privacy, 2-12, 12-2
- by using SSL, 1-9
- in Oracle Directory Integration and Provisioning platform, 36-6
- data, updating by using Oracle Directory Manager, 4-11
- database
- block buffers parameter, 21-9
- block size parameter, 21-9
- cache size, 18-10
- connections, 2-19
- concurrent, 21-10, B-5
- pooling, 1-8
- dedicated for directory, 2-17
- password, changing, 5-14
- queries, optimization of, 21-12
- server, 1-6
- server error, I-2
- tuning, 21-9
- DB_BLOCK_BUFFERS, 21-8
- DBMS_STATS package, 21-3
- debug
- log files, viewing, A-9
- debug dimension, 10-8
- debug logging
- levels, 10-6, 10-7, B-5
- about, 10-2
- setting, 10-6
- setting by using OID Control Utility, 10-6
- setting by using Oracle Directory Manager, 10-6
- setting for directory integration and provisioning server, 35-12
- levels, setting
- by using OID Control Utility, 10-6
- by using Oracle Directory Manager, 10-6
- log files, viewing, 10-7
- schema elements, B-7
- debugging the external authentication plug-in, 47-4
- debugging, limiting to specific operations, 10-8
- default
- identity management realm, 2-35, 19-12
- default configuration
- access controls, 17-4
- default directory structure, 23-9
- default knowledge references (referrals)
- configuring, 7-18
- default knowledge references (referrals), configuring, 7-18
- default port, 4-3
- number, A-8, A-11
- Delegated Administration Services
- and secure directory access, 30-5
- architecture, 30-4
- centralized proxy user, 30-5
- components, 30-4
- creating applications by using, 30-10
- defined, 2-30
- definition, 30-2
- for user entries, 30-11, 30-12
- how it works, 30-3
- installation, 30-7
- installing and configuring, 30-6
- Java servlets, 30-3
- log file location, 30-7
- location of log files, 30-6
- log file location, 30-7
- manually deploying, 30-13
- OC4J, 30-3
- Oracle HTTP Server
- log file location, 30-7
- overview, 2-36
- starting and stopping, 30-10
- verifying that it is running, 30-8
- delegation
- component deployment and administration, 17-11
- how it works, 17-2
- in an Oracle Application Server environment, 17-3
- of privileges for user and group management, 17-5
- Delete button, in Oracle Directory Manager, 4-11
- -DELNODE option, in Replication Environment Management Tool, A-73
- deployment
- considerations, 18-1
- CPU power, 18-9
- failover, 18-6
- replication, 18-5
- tuning, 18-11
- examples, 26-9
- partitioning, 18-4
- deployment considerations
- metadirectory, 18-7
- dereferencing alias entries, 5-16
- deregistering a directory, 44-7
- DES40 encryption, 12-2
- descriptions of object classes, C-18, C-20
- directories
- access control, 1-9, 14-1
- application, migrating data from, 23-5
- as read-focused, 1-3
- backup and restore, 11-1
- central enterprise, 41-3
- contrasted to relational databases, 1-2
- database listener, 25-8
- defined, 1-2
- distributed, 2-22
- existing, migrating into the default directory structure, 23-9
- expanding role of, 1-2, 18-2
- location-independent, 1-3
- multimaster replication groups (DRGs)
- installing, 25-2
- online
- expanding role of, 1-2
- partitioned, 2-26
- password, changing, 5-11
- planning structure of, 19-7
- read-focused, 1-3
- replication groups (DRGs), 24-20, 25-2
- and replication agreements, 24-20
- configuring, 25-2
- schema
- managing, 6-1
- overview, 6-2
- small
- backing up and restoring, 11-2
- special purpose, 1-4
- directory
- configuration
- schema elements, B-23
- information tree (DIT)
- structure of, in integrated environments, 41-9
- registration, 44-3
- servers
- processes, B-5
- directory information tree (DIT), 2-2
- audit log entries in, 10-12
- browsing, 7-3
- default, 19-12, 41-9
- in integrated environments
- identical on both directories, 41-9
- planning for identity management, 19-5
- Directory Integration and Provisioning Assistant
- bootstrap command, A-111
- what it does, A-107
- directory integration and provisioning server
- about, 35-2
- authentication, 36-3
- configuration set entries, 35-3
- managing, 35-8
- described, 32-10
- log file location, 3-5
- managing, 35-6
- registration tool, 35-14, A-126
- runtime information, 35-6
- sequence of events, 35-4
- starting, A-11
- starting, stopping restarting, 35-9
- stopping, 35-10, A-15
- viewing information, 35-6
- directory integration profiles, 33-7
- directory integration toolkit, 32-10
- directory metadata
- defined, 2-19
- directory replication server, 1-7, 2-16, 2-17
- authentication, 24-18
- configuration set entries, 25-36
- log file location, 3-5
- starting, A-9, A-10
- stopping, A-11
- directory schema, 6-2
- defined, 2-19
- managing, 6-1
- directory servers, 1-7, 2-18
- adding, 4-5
- as both suppliers and consumers, 24-24
- changing parameters in an active instance, 5-4
- configuration set entries, 5-2
- connecting to, 4-3, 4-5, 4-11, 4-23
- by using Oracle Directory Manager, 4-10
- in a typical directory operation, 2-22
- connecting to additional, 4-11
- connecting to one on a different host, 4-5
- connecting to, by using Oracle Directory Manager, 4-8
- debug level, B-5
- disconnecting from, using Oracle Directory Manager, 4-11
- disconnecting, by using Oracle Directory Manager, 4-8, 4-11
- discovery by using the Domain Name System (DNS), 5-21
- in multi-master replication, 24-24
- in normal mode, B-5
- in replicated environment, 24-24
- in secure mode, B-5
- locating in a distributed environment, 5-20
- log file location, 3-5
- modifying, 4-5
- modifying configuration set entries, 5-8
- multimaster replication between, 1-8
- parameters
- configuring, 4-23
- configuring by using command-line tools, 4-23
- processes, 2-18
- multiple, 2-18
- rack-mounted, i-liii, 27-1
- architecture, 27-2
- benefits, 27-2
- how failover works, 27-7
- metadata synchronization, 27-6
- rules for managing, 27-9
- restarting, 5-4, A-16
- restarting, by using the Application Server Control, 10-24
- running, 3-2
- shared server, 1-8
- specifying host, 4-5
- starting
- by using Application Server Control, 10-23
- mandatory arguments, A-8
- syntax, A-7
- with default configuration, A-9
- static discovery by using ldap.ora, 5-21
- stopping, A-8
- by using Application Server Control, 10-24
- terminating, 4-23
- user logon session information
- viewing by using Application Server Control, 10-25
- using different configuration set entries, 5-2
- viewing information, 5-13
- directory structure, default, 23-9
- directory usage patterns, learning, 20-3
- DirectoryReplicationGroupDSAs, 25-41
- Disconnect
- button, in Oracle Directory Manager, 4-8
- menu item, in Oracle Directory Manager, 4-8
- disconnecting from directory servers, 4-11
- disk space requirements, 20-7
- detailed calculations of, 20-8
- estimating, 20-7
- disk tuning, 21-8
- disk usage, 18-12
- -DISPASRERR option, in Replication Environment Management Tool, A-85
- displaying
- a directory entry, 7-2
- a subtree, 7-2
- -DISPQSTAT option, in Replication Environment Management Tool, A-86
- distinguished names, 2-2
- as attributes, 7-4
- components of, 2-3
- format, 2-3
- in LDIF files, A-2
- modifying, 7-11
- by using command line tools, 7-11
- by using ldapmoddn, 7-11
- distinguishedNameMatch matching rule, B-47
- distributed directories, 2-22, 2-26
- locating directory servers in, 5-20
- partitioned, 2-22
- partitions and replicas, 18-3
- partitions, replicas, and high availability, 18-3
- replicated, 2-22
- DIT. See directory information tree (DIT)
- ditcontentrule attribute, 6-22
- DNs. See distinguished names.
- Domain Name System (DNS)
- registering a directory server with, 5-23
- server discovery by using, 5-21
- Drop Index
- button, 4-11
- menu item, 4-9
- DSA, environment setting, F-2
- DSE modification event, 10-13
- duration of a search, specifying, 7-3, 10-15
- Dynamic, 9-13
- dynamic directory server discovery, 5-21
- dynamic groups, 9-3
- entries
- managing by using command-line tools, 9-13
- managing by using Oracle Directory Manager, 9-11
- schema elements, B-7
- schema elements for creating, 9-3
E
- -E argument in Globalization Support, G-6
- Edit
- button, in Oracle Directory Manager, 4-10
- menu item, in Oracle Directory Manager, 4-9
- Editing Attribute window, OID Self-Service Console, C-43
- encryption
- DES40, 12-2
- levels available in Oracle Internet Directory, 12-2
- password, 12-8
- passwords
- UNIX crypt, 16-3, 16-5
- RC4_40, 12-2
- Encryption Choice list, in Oracle Directory Manager, C-3
- Ends With filter, in Oracle Directory Manager, C-18
- entity component, in access control, 14-9
- entries
- adding
- by copying an existing entry, 7-5
- by using ldapadd, 7-10, A-21
- by using ldapaddmt, 7-10, A-23
- by using Oracle Directory Manager, 7-4, 7-5
- concurrently, 7-10
- mandatory attributes, 7-5
- optional attributes, 7-5
- requires write access to parents, 7-5
- alias, dereferencing, 5-14
- attributes, viewing, 7-4
- audit log, 10-10
- searching, 10-11
- command-line tools for managing, 7-10
- comparing, by using ldapcompare, 7-10
- conceptual discussion, 2-2
- configuration set, 2-21
- creating by using Oracle Directory Manager, 4-9
- deleting
- by using ldapdelete, 7-10, A-28
- by using ldapmodify, A-35
- large numbers, 7-16
- displaying, 7-2
- distinguished names of, 2-2
- garbage collector, 22-6
- group, 2-5
- inheriting attributes, 6-3
- loading, 6-4
- locating by using distinguished names, 2-3
- managing, 7-1
- by using bulk tools, 7-13
- by using command line tools, 7-10
- by using Oracle Directory Manager, 4-14, 7-2
- managing by using command-line tools, 7-10
- many, modifying, 7-16
- modifying
- by using ldapmodify, A-31
- by using Oracle Directory Manager, 7-7
- concurrently, by using ldapmodifymt, A-37
- large numbers, A-51
- naming, 2-2
- objects associated with an ACI, 14-7
- parent, 6-4
- replication naming context container, 24-14
- restricting the kinds users can add, 14-22, 14-25, 14-29, 14-33, 14-49
- root of search, 7-2
- searching
- base level, 7-3, A-39
- by using ldapsearch, A-39, A-120, A-121
- by using Oracle Directory Manager, 7-2
- one-level, 7-3, A-39
- specifying search depth, 7-3
- subtree level, 7-3, A-39
- selecting by DN, 14-51
- selecting superclass, 7-5
- specific, granting access to, C-3
- static group
- modifying, by using ldapmodify, 9-10, 9-14
- superclasses, selecting, 7-5
- user
- adding, by using ldapadd, 7-11
- adding, by using Oracle Directory Manager, 7-6
- modifying, 7-12
- modifying, by using ldapmodify, 7-12
- modifying, by using Oracle Directory Manager, 7-8
- with attribute options
- adding by using ldapmodify, 7-12
- adding by using Oracle Directory Manager, 7-8
- deleting by using Oracle Directory Manager, 7-9, 7-13
- managing by using command line tools, 7-12
- managing by using Oracle Directory Manager, 7-8
- modifying by using Oracle Directory Manager, 7-9
- searching for by using ldapsearch, 7-13
- entry
- caching, 21-11
- enabling, B-41, C-30
- catalog, defined, 2-20
- common, defined, 2-20
- password policy, defined, 2-21
- password verifier, defined, 2-20
- plug-in, defined, 2-20
- entry-level access, granting by using Oracle Directory Manager, 14-32
- environment variables, NLS_LANG, G-2
- error messages, I-6
- additional, I-6
- administration, I-2
- database server, I-2
- directory server, due to schema modifications, I-2
- installation, I-2
- provisioning, 34-16
- returned from Oracle directory server, I-2
- standard, I-2
- events, auditable, 10-12
- Exact Match filter, in Oracle Directory Manager, C-19, C-35
- exclusionary access to objects, granting, 14-17
- existing ACPs and their ACI directives, modifying, 14-28
- Exit menu item, in Oracle Directory Manager, 4-8
- explicit hierarchies, 9-5
- extensibility, in LDAP Version 3, 1-5
- extensibleObject object class, 7-17
- external authentication, 12-8
- contrasted with native authentication, 47-2
- defined, 47-2
- plug-in, 47-1, 47-2
- debugging, 47-4
- for integration with Microsoft Windows NT, 43-58
- for SunONE Directory Server, 42-11
- installing, 47-2, 47-5
- installing, configuring, and enabling, 47-2
- SASL authentication mechanism, 12-5
- types, 42-4
- external repository, storing security credentials in, 47-1
F
- failover, 1-9, 26-1, 26-2
- AlternateServers attribute, 26-4
- capabilities in Oracle Internet Directory, 26-7
- connect-time, 29-2
- considerations in deployment, 18-6
- in Real Application Clusters environment, 29-1
- network-level, 26-6
- options in private network infrastructure, 26-8
- options in public network infrastructure, 26-5
- options on clients, 26-3
- failure recognition and recovery. See failover.
- failure to apply changes, 24-24
- failure tolerance, and replication, 18-6
- fan-out replication, 2-23, 24-2, 24-33
- groups, 2-23, 24-2, 24-7
- in conjunction with multimaster replication groups, 24-9
- LDAP-based, 2-23
- process, 24-34
- fault tolerance mechanisms, 26-3
- features, new, i-lxv
- in Oracle Internet Directory, Release 3.0.1, i-lxxix
- release 10g (9.0.4), i-lxvi
- release 2.1.1, i-lxxxi
- release 3.0.1, i-lxxix
- release 9.0.2, i-lxxiii
- File menu, in Oracle Directory Manager, 4-8
- file naming conventions, 33-19
- files
- location, 33-19
- filters
- Begins With, C-18
- Ends With, C-18
- Exact Match, C-19, C-35
- Greater or Equal, C-19, C-35
- IETF-compliant, A-39
- in attribute searches, 6-13
- in searches, 2-22, 6-7
- in Oracle Directory Manager, 6-7
- ldapsearch, A-41
- Less or Equal, C-19, C-36
- not null, C-19
- Present, Oracle Directory Manager, C-36
- Find Attributes button, in Oracle Directory Manager, 6-13
- Find Objects button, in Oracle Directory Manager, 4-10, 6-7
- formats, of distinguished names, 2-3
- full replication, 2-23, 24-2
- function calls, tracing, 10-7
G
- garbage collection
- framework
- about, 22-2
- components of, 22-2
- how it works, 22-5
- in replication, 22-7
- plug-in, 22-2
- schema elements, B-8
- Garbage Collector window, in Oracle Directory Manager, C-5
- garbage collectors
- audit log, 22-3
- change log, 22-3
- definition, 22-3
- entries for, 22-6
- general statistics, 22-3
- health statistics, 22-4
- managing, 22-8
- modifying
- by using command-line tools, 22-8
- by using Oracle Directory Manager, 22-8
- predefined, 22-3
- security and refresh events, 22-4
- system resource events, 22-4
- tombstone, 22-4
- general statistics garbage collector, 22-3
- generalizedTimeMatch matching rule, B-47
- generalizedTimeOrderingMatch matching rule, B-47
- Globalization Support, 2-13
- bulkdelete, G-10
- bulkload, G-9
- bulkmodify, G-10
- command-line tools, G-5
- Java clients, 2-14
- ldapadd, G-7
- ldapaddmt, G-7
- ldapbind, G-7
- ldapcompare, G-7
- ldapdelete, G-7
- ldapmoddn, G-7
- ldapmodify, G-7
- ldapmodifymt, G-7
- ldapsearch, G-7
- ldifwrite, G-9
- managing, G-1
- settings for Oracle Internet Directory, G-2
- using with Bulk Tools, G-8
- with bulkdelete, G-10
- with bulkload, G-9
- with bulkmodify, G-10
- with command-line tools, G-5
- with LDIF Files, G-3
- with ldifwrite, G-9
- Greater or Equal filter, in Oracle Directory Manager, C-19, C-35
- group entries, 2-5
- adding, 7-7, 9-8
- creating
- by using ldapmodify, A-34
- by using Oracle Directory Manager, 9-8, 9-11
- group search context, 41-13
- groupOfNames object class, 9-8, 9-9, 9-11, 9-12
- groupOfUniqueNames object class, 9-8, 9-11
- groups
- ACL evaluation for, 14-17
- ACP, 14-4
- dynamic, 9-3
- managing by using command-line tools, 9-13
- managing by using Oracle Directory Manager, 9-11
- schema elements for creating, 9-3
- dynamic and static, administration of, 9-1
- granting access rights to, 14-5
- hierarchical, 9-5
- membership
- how directory server computes, 14-5
- names and containment, planning, 19-8
- privilege, 14-3, 14-4
- defined, 2-20
- static, 9-2
- managing by using command-line tools, 9-10
- managing by using Oracle Directory Manager, 9-8
- schema elements for creating, 9-2
- when to use static or dynamic, 9-6
- guest users
- definition, 5-11
- managing, 5-11
- by using ldapmodify, 5-13
- by using Oracle Directory Manager, 5-12
- user name and password, 5-11
- guidelines
- for adding attributes, 6-12
- for adding object classes, 6-3
- for deleting attributes, 6-12
- for deleting object classes, 6-6
- for modifying attributes, 6-12
- for modifying object classes, 6-5
H
- hardware-based connection redirection, 26-7
- hashing
- passwords to the directory, 16-2
- protection
- MD4, 16-3
- health statistics garbage collector, 22-4
- Help
- button, in Oracle Directory Manager, 4-11
- menu item, in Oracle Directory Manager, 4-10
- hierarchical groups, 9-5
- hierarchies
- explicit, 9-5
- implicit, 9-5
- high availability, 1-8, 18-3, 18-6, 26-2
- and multimaster replication, 26-7
- capabilities in Oracle Internet Directory, 26-7
- considerations, 18-6
- deployment, examples, 26-9
- load balancing through network re-director, 27-4
- of Oracle Internet Directory, 26-1
- human intervention queue, A-56
- Human Intervention Queue Manipulation Tool, 4-19, 25-21, A-56
- syntax, A-56
I
- identity management, 19-12
- defined, 2-31
- Oracle Identity Management infrastructure, 19-1
- planning DIT for, 19-5
- policies, 2-35
- realms
- configuring, 19-14
- customizing, 19-14
- default, 2-35
- defined, 2-34
- entry in default DIT, 19-4
- implementation in Oracle Internet Directory, 19-4
- in enterprise deployments, 19-2
- in hosted deployments, 19-3
- multiple in enterprise deployments, 19-2
- planning, 19-10
- single in enterprise deployments, 19-2
- realm-specific Oracle Context, 19-5
- Identity Management Realm window, in Oracle Directory Manager, C-47
- identity management realms, 2-34, 19-2
- creating additional, 19-16
- multiple, 19-2
- single, 19-2
- idle time, specifying maximum for LDAP connections, 5-14
- IETF
- drafts, enforced by Oracle Internet Directory, B-3
- LDAP approval
- RFCs enforced by Oracle Internet Directory, B-2
- standard change log interface, 32-10
- implicit hierarchies, 9-5
- index
- StopOdiServer.sh, A-124
- indexed attributes
- locations, C-30
- orcleventtype, 10-11
- orcluserdn, 10-11
- viewing, 6-17
- indexes
- created by bulkload, 7-16
- dropping from attributes, 6-17, 10-11
- by using Oracle Directory Manager, 6-17
- inheritance, 2-8, 2-9
- and access control policies, 14-2
- from superclasses, 6-3
- initNLDAP.ora, F-9
- input file, creating, 5-7
- installation errors, I-2
- installation types
- in multimaster replication group installation, 25-3, 25-23, 27-9
- insufficient memory, 21-8
- IntegerMatch matching rule, B-46, B-47
- integrated environments
- bootstrapping in, 37-1
- security concerns, 41-13
- integration
- with a relational database, 38-1
- managing, 38-2
- with Microsoft Windows NT 4.0, 43-56
- with Oracle E-Business Suite, 40-1
- with Oracle Human Resources, 39-1
- with SunONE Directory Server, 42-1
- with third-party directories
- considerations, 41-1
- integration profiles
- authentication, 36-4
- creating, A-121
- default, 37-5
- for synchronization, 33-1
- relational database, 38-5
- SunONE connector, configuring, 42-5
- intelligent client failover, 18-6
- intelligent network level failover, 18-6
- intermediate template file
- in migration from application-specific repositories, 23-5
- internationalization, and LDAP, G-1
- Internet Engineering Task Force (IETF). See IETF.
- introduction to LDAP and Oracle Internet Directory, 1-1
- I/O subsystem, 20-6
- in capacity planning, 20-2, 20-6
- requirements, 20-6
- sizing, 20-6
- throughput, maximizing, 20-6
- iostat utility, 21-2
- IP address takeover (IPAT), 26-8
- iplconfig.sh, 42-5
J
- Java clients, Globalization Support and, 2-14
- Java Native Interface, 2-22
- Java servlets, used by Delegated Administration Services, 30-3
- log file location, 30-7
- JPEG images, adding with ldapadd, A-23
- jpegPhoto attribute, 2-6, 7-11
K
- Kerberos authentication, A-22, A-24, A-29
- knowledge references, 2-27, 18-3, 18-4
- configuring, 7-17
- default
- configuring, 7-18
- defined, 2-27
- managing, 7-17
- overview, 2-27
- restricting permissions for managing, 2-28
- smart
- configuring, 7-17
- superior, 2-27
L
- labeledURI attribute, 9-4, 9-13
- language codes, as attribute options, 2-7
- latency, average, 21-2
- LDAP
- add or modify performance, 21-15
- and internationalization, 2-13
- and simplified directory management, 1-4
- attributes, common, 2-6
- extensibility, 1-5
- IETF approval, 1-5
- search filters, IETF-compliant, A-39
- search performance, 21-14
- security, 1-5
- server instances, 2-16, 2-17, 2-18
- starting, A-7
- servers, 2-18
- managing, 5-1
- multithreaded, 1-8
- syntax, B-43
- enforced by Oracle Internet Directory, B-43
- recognized by Oracle Internet Directory, B-44
- Version 3, 1-5
- LDAP connections, specifying maximum idle time for, 5-14
- LDAP Data Interchange Format (LDIF), 4-14, A-2
- syntax, A-2
- LDAP dispatcher
- log file location, 3-5
- ldapadd, 7-10, A-21
- adding entries, A-21
- adding JPEG images, A-23
- and Globalization Support, G-7
- LDIF files in, A-21
- syntax, A-21
- ldapaddmt, 7-10, A-23
- adding entries concurrently, A-23
- and Globalization Support, G-7
- LDIF files in, A-23
- log, A-23
- syntax, A-23
- LDAP-based partial replication
- determining what is to be replicated, 25-31
- LDAP-based replica
- configuring, 25-24
- deleting, 25-30
- installing, 25-23
- LDAP-based replication, 2-23, 24-2
- agreements, 24-12
- configuring, 25-23
- options for configuring, A-64
- ldapbind, A-25
- and Globalization Support, G-7
- syntax, A-25
- ldapbind operation, 12-4
- ldapcompare, 7-10, A-26
- and Globalization Support, G-7
- syntax, A-26, A-27
- LDAP-compliant directories, migrating data from, 23-2
- ldapcreateConn.sh
- syntax, A-121
- ldapdelete, 7-10, A-28
- and Globalization Support, G-7
- deleting entries, A-28
- syntax, A-28
- ldapmoddn, 7-11, A-30
- and Globalization Support, G-7
- syntax, A-30
- ldapmodify, 7-11, A-31
- adding ACPs, 14-49
- adding attributes, 6-17, 6-18
- adding entry-level ACIs, 14-50
- adding object classes, 6-9
- adding values to multivalued attributes, A-34
- and Globalization Support, G-7
- change types, A-34
- changing audit level, 10-15
- creating group entries, A-34
- deleting entries, A-35
- LDIF files in, A-31
- modifying attributes, 6-17, 6-18
- modifying object classes, 6-9
- replacing attribute values, A-35
- syntax, A-31
- ldapmodifymt, 7-11, A-37
- and Globalization Support, G-7
- by using, A-37
- LDIF files in, A-37
- multithreaded processing, A-38
- syntax, A-37
- ldap.ora, 5-21
- server discovery by using, 5-21
- ldapsearch, A-39, A-120, A-121
- and Globalization Support, G-7
- filters, A-41
- querying audit log, 10-10
- syntax, A-39
- ldapUploadAgentFile.sh
- syntax, A-120, A-121
- LDIF
- converting directory data to, 7-16
- file-based modification, not supported by bulkmodify, A-52
- files
- creating, 5-7
- for adding configuration set entries, 5-7
- importing by using bulkload, 7-14
- importing, by using bulkload, 7-14
- in ldapadd commands, A-21
- in ldapaddmt commands, A-23
- in ldapmodify commands, A-31
- in ldapmodifymt commands, A-37
- referencing in commands, 5-9
- removing proprietary data from in migration, 23-3
- formatting notes, A-3
- formatting rules, A-3
- syntax, A-2
- using, 4-14, A-2
- ldifmigrator, 4-20
- load capability, A-140
- reconcile capability, A-140
- ldifwrite, 4-18, A-53
- and Globalization Support, G-9
- syntax, A-53
- Less or Equal filter, C-19, C-36
- line-mode commands, batching, 6-9
- listener, for directory database, 2-16, 2-18
- restarting, 25-8
- stopping, 25-8
- listener.ora, 25-8, F-7
- load balancing
- and replication, 18-5
- network level, 26-5
- load capability, in OID Migration Tool (ldifmigrator), A-140
- -load option, in bulkload, 7-16
- location-independence, of directories, 1-3
- log files
- debug, viewing, 10-7, A-9
- Delegated Administration Services, 30-7
- locations, 3-5
- Oracle Directory Integration and Provisioning platform, 35-13
- logging
- for garbage collectors, enabling and disabling, 22-9
- login
- anonymous, 4-4
- super user, 4-4
- user, 4-4
- loginID attribute, 41-11
- loose consistency model of replication, 18-5
- LSNRCTL utility, 25-8
M
- managing
- directory schema, 6-1
- mandatory attributes, 2-8, 6-3
- adding to existing object classes, 6-5
- adding to object classes in use, 7-7
- entering values for, 7-5
- in a user entry, 23-8
- in object classes, C-18, C-20
- redefining, 6-4
- manual resolution of conflicts, 25-20
- mapping rules, 33-5
- for group entries, 41-11
- for integration with SunONE Directory Server, 42-7
- for user entries, 41-10
- Mapping Rules Format, 33-5
- matching rules, B-46
- accessDirectiveMatch, B-46
- as metadata in schema, 6-2
- attribute, 2-7
- bitStringMatch, B-46
- cannot add to subSchemaSubentry, 6-2
- caseExactIA5Match, B-47
- caseExactMatch, B-47
- caseIgnoreIA5Match, B-47
- caseIgnoreListMatch, B-47
- caseIgnoreMatch, B-47
- caseIgnoreOrderingMatch, B-47
- distinguishedNameMatch, B-47
- generalizedTimeMatch, B-47
- generalizedTimeOrderingMatch, B-47
- IntegerMatch, B-46, B-47
- numericStringMatch, B-46, B-47
- objectIdentifierFirstComponentMatch, B-47
- ObjectIdentifierMatch, B-47
- OctetStringMatch, B-47
- presentationAddressMatch, B-47
- protocolInformationMatch, B-47
- recognized by Oracle Internet Directory, B-46
- stored in schema, 6-2
- telephoneNumberMatch, B-47
- uniqueMemberMatch, B-47
- Matching Rules tab page, in Oracle Directory Manager, C-24
- maxextents, 25-8
- MD4, 16-4, 23-4, B-40
- MD5, 16-4, 23-4, B-40
- for password encryption, 16-3, 16-5
- MD5Digest, SASL authentication mechanism, 12-5
- member attribute, 9-8, 9-11
- memory
- in capacity planning, 20-2
- insufficient, 21-8
- physical, 20-12
- required, 18-10
- requirements in capacity planning, 20-12
- tuning, 21-7
- usage, 18-12
- virtual, 20-12
- menu bar, Oracle Directory Manager, 4-8
- metadata
- cache, 2-19
- directory, defined, 2-19
- stored in schema, 6-2
- metadirectory
- deployment considerations, 18-7
- Microsoft Active Directory
- integration with, 43-1
- Microsoft Windows, 43-1
- integration with, 43-1
- Microsoft Windows NT
- integration with, 43-56
- external authentication plug-in, 43-58
- middle tier
- using proxy user with, 5-11, 12-5
- migrating data, 23-2
- from other LDAP directories, 23-2
- from other LDAP-compliant directories, 23-1
- migration
- from application-specific repositories, 23-5
- intermediate template file, 23-5
- from other LDAP directories, 23-2
- modifiersName attribute, 2-5, 23-4
- optional in top, 2-10
- modifyDN, audit log event, 10-13
- modifyTimestamp attribute, 2-5, 23-4
- optional in top, 2-10
- monitoring servers, 10-17
- mpstat utility, 21-2
- multimaster flag
- toggling, 25-12
- multimaster replication, 1-8, 2-23, 18-3, 18-5, 24-2
- agreements, 24-12
- and high availability, 26-7
- architecture, 24-21
- conflict resolution, 24-24
- groups, 24-6
- in conjunction with fan-out replication groups, 24-9
- installation types, 25-3, 25-23, 27-9
- installing, 25-2
- on the consumer side, 24-23
- on the supplier side, 24-22
- multiple configuration set entries, 13-3
- multiple server processes, 2-18
- multiple threads, A-38
- in ldapaddmt, A-23
- increasing the number of, A-23
- multithreaded command-line tools
- ldapaddmt, 7-10, A-23
- ldapmodifymt, 7-11, A-38
- multithreaded LDAP servers, 1-8
- multivalued attributes, 2-5
- adding values to, by using ldapmodify, A-34
- converting to single-valued, 6-12
- member, 9-8, 9-11
- orclEntryLevelACI, 14-3
N
- names
- of groups, planning, 19-8
- of users, planning, 19-8
- names, of object classes, C-18, C-20
- naming contexts, 2-11
- backing up and restoring, 11-2
- definition, 2-11
- discovering, 2-11
- in partitioned directories, 2-26
- in replication, 2-24
- managing, 5-10
- publishing, 2-11, 5-10
- by using ldapmodify, 5-11
- by using Oracle Directory Manager, 5-11
- searching for published, 5-10
- subordinate, 2-27
- namingContexts attribute, 5-10, B-40
- multivalued, 5-10
- native authentication
- contrasted with external authentication, 47-2
- defined, 47-2
- navigator pane, in Oracle Directory Manager, 4-8
- net service name, A-5
- network
- bandwidth, 20-13
- capacity planning, 20-13
- connectivity, in capacity planning, 20-2
- requirements, 20-13
- Network Interface Cards (NICs), failures of, 26-8
- network-level
- connection redirection, 26-6
- failover, 26-6
- New Attribute Type Advanced tab page, in Oracle Directory Manager, C-23
- New Attribute Type General tab page, in Oracle Directory Manager, C-22
- New Constraint dialog box, in Oracle Directory Manager, C-4
- New Content Rule dialog box, in Oracle Directory Manager, C-24
- new features, i-lxv
- release 10g (9.0.4), i-lxvi
- release 2.1.1, i-lxxxi
- release 3.0.1, i-lxxix
- release 9.0.2, i-lxxiii
- New Plug-in dialog box, in Oracle Directory Manager, C-10
- new syntaxes, adding, 2-7
- newdb.sql, F-10
- NLS_LANG environment variable, G-2
- setting, G-3
- in the client environment, G-7
- settings, G-2
- no SSL authentication option, 4-7
- nodes, Oracle Internet Directory, 2-15
- non-default port, running on, 4-3
- non-SSL authentication, 36-3
- normal mode, running directory servers in, B-5
- not null filter, in Oracle Directory Manager, C-19
- null values, in attributes, 6-3
- number of retries, modifying, 25-37
- number of worker threads used in change log processing, modifying, 25-38
- numericStringMatch matching rule, B-46, B-47
O
- o attribute, 2-6
- O3LOGON algorithm, 16-5
- object
- adding, by using Oracle Directory Manager, 4-8
- object class types
- structural, 2-9
- object classes, 2-8
- adding, 6-3
- by using command-line tools, 6-9
- by using Oracle Directory Manager, 6-8
- concurrently, by using ldapaddmt, A-23
- as metadata in schema, 6-2
- assigning to entries, 6-3
- auxiliary, 2-10
- converting auxiliary, 6-5
- creating, by using Oracle Directory Manager, 4-9
- defining, 6-21
- deleting
- by using Oracle Directory Manager, 6-9
- from base schema, 6-22
- not in base schema, 6-6
- explosion, 6-4
- extensibleObject, 7-17
- groupOfNames, 9-8, 9-9, 9-11, 9-12
- guidelines
- for adding, 6-3
- for deleting, 6-22
- for modifying, 6-5
- in LDIF files, A-2
- in the base schema, modifying, 6-5
- managing
- by using command-line tools, 6-9
- by using Oracle Directory Manager, 6-3
- modifying, 6-5
- by using command-line tools, 6-9
- by using Oracle Directory Manager, 6-8
- orclacpgroup, 14-4
- orclauditoc, 10-11
- orclprivilegegroup, 2-20
- and dynamic groups, 9-7
- redefining mandatory attributes in, 6-4
- referral, 7-17
- removing attributes from, 6-5
- removing superclasses from, 6-5
- rules, 2-10
- searching for, 6-6
- searching for, by using Oracle Directory Manager, 6-6
- structural, 2-9
- structural, converting, 6-5
- subclasses, 2-8
- defining, 6-21
- superclasses, 2-8
- top, 2-9
- types, 2-9
- abstract, 2-10
- auxiliary, 2-10
- structural, 2-9
- types of, 2-9
- unique name of, 6-4
- unique object identifier, 6-4
- viewing, 6-7
- viewing properties, 6-7
- object identifiers, of object classes, C-18, C-20
- objectclass attribute, 10-11
- objectIdentifierFirstComponentMatch matching rule, B-47
- ObjectIdentifierMatch matching rule, B-47
- objects
- adding, by using a template, 4-10
- adding, by using Oracle Directory Manager, 4-10
- comparing, 4-9
- modifying
- by using ldapmodify, 7-11
- by using Oracle Directory Manager, 4-9, 4-10
- of ACI directives, 14-7
- removing
- by using command-line tools, A-28
- by using Oracle Directory Manager, 4-9, 4-11
- removing by using command-line tools, A-31
- searching for
- by using Oracle Directory Manager, 4-9, 4-10
- searching for, by using Oracle Directory Manager, 4-10
- OC4J
- used by Delegated Administration Services, 30-3
- OCI. See Oracle Call Interface.
- OctetStringMatch matching rule, B-47
- odisrvreg, 35-14, A-126
- OFA. See Optimal Flexible Architecture (OFA).
- OID Control Utility, 3-2, 4-16, A-6
- and the Oracle Directory Integration Platform, 32-12
- restart command, 5-4
- run-server command, A-6
- start and stop server instances, 3-2
- stop-server command, A-6
- syntax, A-6
- viewing debug log files, 10-7, A-9
- OID Database Password Utility, 5-14
- syntax, A-131
- OID Database Password Utility (oidpasswd), 4-21
- OID Database Statistics Collection Tool, A-133
- syntax, A-133
- OID Database Statistics Tool, 4-21
- OID Migration Tool, 4-20
- load capability, A-140
- reconcile capability, A-140
- OID Monitor, 2-17, 4-16, A-6
- and the Oracle Directory Integration Platform, 32-12
- log file location, 3-5
- sleep time, A-5
- starting, 3-2, A-4, A-5
- stopping, A-5
- syntax, A-4
- OID Password Utility, 3-4
- OID Reconciliation Tool, 4-19, 25-22, A-56
- syntax, A-59
- OID Self-Service Console
- Add New Attributes window, C-42
- Editing Attribute window, C-43
- oidctl
- viewing debug log files, 10-7, A-9
- oidctl. See OID Control Utility
- oidexaup.sql
- contents of, 47-5
- for installing external authentication plug-in, 47-2
- OIDEXTAUTH PL/SQL package for external authentication, 47-2
- OIDLDAPD, 25-19, A-9
- oidldapd
- log file location, 3-5
- oidmon. See OID Monitor.
- oidpasswd
- syntax, A-131
- OIDREPLD, A-11
- oidstats.sh, 4-21
- oidstats.sh utility, A-133
- OLTS_ATTRSTORE tablespace, 20-11
- OLTS_CT_STORE tablespace, 20-11
- OLTS_DEFAULT tablespace, 20-11
- one-level search, 7-3, A-39
- one-way authentication, SSL, 4-7, B-6
- online administration tool. See Oracle Directory Manager
- online directories, 1-2
- open cursors parameter, 21-9
- OPEN_CURSORS, 21-9
- OpenLDAP Community, i-lviii
- operation debug dimension, 10-8
- operational attributes, 5-9
- ACI, 12-3
- operation-based plug-ins, 45-3
- Operations menu item, in Oracle Directory Manager, 4-9
- operations, limiting debugging to specific, 10-8
- Optimal Flexible Architecture (OFA), F-2
- optional attributes, 2-8, 6-3
- adding to pre-defined object classes, 6-21
- entering values for, 7-5
- in object classes, C-18, C-20
- options, attribute, 2-7
- Oracle Advanced Security, use of Oracle Internet Directory, 1-11
- Oracle Application Server Administrators Group, 17-13
- Oracle Application Server Certificate Authority
- part of Oracle Identity Management, 1-10
- Oracle Application Server Portal, use of Oracle Internet Directory, 1-11
- Oracle Application Server Single Sign-On
- use of Oracle Internet Directory, 1-11
- Oracle background processes, 21-10
- Oracle Call Interface, 2-22
- Oracle Collaboration Suite, use of Oracle Internet Directory, 1-11
- Oracle components
- privileges for administering, 17-5
- Oracle components, use of Oracle Internet Directory, 1-10
- Oracle Context
- root, 19-4
- Oracle Context Administrators Group, 17-19
- Oracle data servers
- changing password to, 5-14
- error messages, I-2
- Oracle Delegated Administration Services
- overview, 2-36
- part of Oracle Identity Management, 1-9
- Oracle Directory Integration and Provisioning platform, 1-12
- access control and authorization in, 36-4
- data integrity, 36-6
- data privacy, 36-6
- deletion of users, 32-19
- deployment example, 32-13
- in a replicated environment, 35-13
- log files, 35-13
- modification of user properties, 32-17
- part of Oracle Identity Management, 1-9
- schema elements, B-18
- structure, 32-2
- user creation and provisioning, 32-16
- what it is, 2-30, 18-7, 32-2
- Oracle directory integration and provisioning server
- about, 35-2
- administration, 35-1
- authentication, 36-3
- configuration set entries, 35-3
- managing, 35-8
- data import and export, 35-2
- described, 32-10
- in high availability scenario, 35-10
- managing, 35-6
- mapping, 35-2
- operational information about, 35-2
- scheduling connectors, 35-2
- sequence of events, 35-4
- starting, stopping, and restarting, 35-9
- Oracle Directory Manager, 7-3
- Access Control Management pane, C-2
- adding
- ACPs, 14-20
- attributes, 6-14
- configuration set entries, 5-4
- entries, 7-4, 7-5
- group entries, 7-7, 9-8
- object classes, 6-8
- objects, 4-8
- and the Oracle Directory Integration Platform, 32-11
- Apply button vs. OK button, 4-8
- ASR Agreement tab page, C-13
- Assign Privileges window, C-45
- Attributes tab page, C-20
- attributes, searching for, 6-13
- Authentication Choice list, C-2
- By Whom tab page, C-3
- Cancel button, 4-8
- Change Log window, C-17
- Configuration Sets General tab page, C-27
- connecting to a directory server, 4-8, 4-10
- Content Rule dialog box, C-25
- create access control policy point menu, 4-9
- Create button, 4-10
- Create Entry menu item, 4-9
- Create Identity Management Realm window, C-46
- Create Like button, 4-10, 7-6
- Create Like operation, 4-8
- Create Resource Type window, C-49
- creating an attribute, 4-9
- creating object classes, 4-9
- defined, 1-8
- Delete button, 4-11
- deleting
- configuration set entries, 5-4
- objects, 4-11
- disconnecting from a directory server, 4-8
- displaying help navigator, 4-10
- Edit button, 4-10
- Edit menu, 4-9
- Encryption Choice list, C-3
- Ends With filter, C-18
- entries management, 4-14
- Exact Match filter, C-19, C-35
- Exit menu item, 4-8
- File menu, 4-8
- Find Attributes button, 6-13
- Find Objects button, 4-10, 6-7
- for registering directory integration agents, 32-11
- Garbage Collector window, C-5
- granting access, 14-18
- Greater or Equal filter, C-19, C-35
- Help button, 4-11
- Help menu item, 4-10
- Identity Management Realm window, C-47
- launching, 4-2
- Less or Equal filter, C-19, C-36
- listing attribute types, A-3
- managing
- ACPs, 4-13
- configuration set entries, 5-4
- entries, 4-14
- object classes, 6-3
- Matching Rules tab page, C-24
- menu bar, 4-8
- modifying
- configuration set entries, 2-21, 5-4
- entries, 7-7
- object classes, 6-8
- objects, 4-9, 4-10
- replication agreements, 25-42
- navigating, 4-8
- New Attribute Type Advanced tab page, C-23
- New Attribute Type General tab page, C-22
- New Constraint dialog box, C-4
- New Content Rule dialog box, C-24
- New Plug-in dialog box, C-10
- not null filter, C-19
- on UNIX, starting, 4-3
- on Windows 95, starting, 4-3
- on Windows NT, starting, 4-3
- Operations menu, 4-9
- overview, 4-2, 4-8
- Password Policies Account Lockout tab page, C-8
- Password Policies General tab page, C-6
- Password Policies IP Lockout tab page, C-8
- Password Policies Password Syntax tab page, C-8
- Password Verifier Profile dialog box, C-9
- Present filter, C-36
- Query Optimization tab page, C-34
- Refresh button, 4-10
- Refresh Entry button, 4-11
- Refresh Subtree Entries button, 4-11
- removing objects, 4-9
- Replica Agreements tab page, C-15
- Replica Naming Context tab page, C-16
- Replica Node General tab page, C-14
- Replication Server Configuration Set General tab page, C-13
- Revert button, 4-8
- root of search, 7-2
- running, 4-3
- schema administration, 4-14
- search criteria bar, 7-3, 10-16
- search filters, 6-7
- searching
- entries, 7-2
- for an object, 4-10
- for attributes, 6-13
- selecting attribute syntax type, 6-27
- SSL Settings tab page, C-37
- starting, 4-2
- on UNIX, 4-3
- on Windows NT, 4-3
- Synchronization Execution tab page, C-39
- Synchronization General tab page, C-38
- Synchronization Mapping tab page, C-41
- Synchronization Status tab page, C-41
- system operation attributes displayed, C-27
- System Passwords tab page, C-33
- tear-off menu item, 4-9
- toolbar, 4-10
- updating, 4-9
- subtree entry data, 4-11
- used by Oracle Directory Integration Platform, 32-11
- View menu, 4-9
- viewing attributes, 7-4
- Oracle Directory Provisioning Integration Service, 34-1
- about, 34-2
- de-installation, 34-9
- deploying, 34-9
- managing, 34-9
- registering applications with, 34-6
- retrieving changes from Oracle Internet Directory, 34-4
- security and, 34-11
- subscription to, 34-6
- troubleshooting, 34-16
- unsubscribing applications from, 34-9
- Oracle directory replication server
- authentication, 24-18
- component of Oracle Internet Directory, 1-7
- component of Oracle Internet Directory node, 2-16
- configuration parameters, location, 25-36
- starting, 25-12
- uses LDAP to communicate to directory server, 2-17
- Oracle directory replication server instances
- starting, A-9, A-10
- stopping, A-9, A-11
- Oracle directory server instance, 2-18
- Oracle directory server instances, 1-7, 2-16, 2-17, 2-18
- managing, 5-1
- starting, 25-11, A-6, A-7
- stopping, 3-2, A-6, A-8, A-9
- Oracle Directory Synchronization Service
- interaction between components, 32-7
- Oracle directory version field, in Oracle Directory Manager, C-29
- Oracle E-Business Suite, integrating with, 40-1
- Oracle Enterprise Manager-Application Server Control
- and the Oracle Directory Integration Platform, 32-13
- Oracle foreground processes
- tuning CPU for, 21-6
- Oracle Globalization Support, 2-13
- Oracle HTTP Server
- used by Delegated Administration Services
- log file location, 30-7
- verifying that it is running, 30-7
- Oracle Human Resources
- agent, 39-1
- configuring an integration profile, 39-4
- mapping rules for, 39-11
- importing from, 39-2
- running synchronization, 39-12
- synchronizing with, 39-1
- Oracle Identity Management, 2-32
- and Oracle Internet Directory, 1-9, 19-1
- components, 2-33
- configuring Oracle Delegated Administration Services in, 30-12
- delegation in, 17-2
- group information, 19-9
- in application deployments, 1-10
- infrastructure, 2-32
- what it does, 2-31
- management policies, 2-35
- objects, 19-4
- planning, 19-5
- realms, planning, 19-10
- user information, 19-8, 19-13
- Oracle Internet Directory
- advantages of, 1-8
- and Oracle Identity Management, 1-9
- architecture, 1-6, 2-14
- as the central directory in a synchronized environment, 32-6
- components, 1-7
- how Oracle components use it, 1-10
- multiple installations on same host, 18-6
- nodes, 2-15
- used by Oracle Advanced Security, 1-11
- used by Oracle Application Server Single Sign-On, 1-11
- Oracle Internet Directory Self-Service Console, 2-30, 31-1
- description of, 31-2
- in indirect authentication of end users, 12-5
- managing accounts, 15-10
- Oracle Internet Directory Server Manageability
- architecture and components, 10-19
- capabilties, 10-17
- configuring, 10-21
- framework, 10-17
- configuring critical events, 10-22
- location of configuration information, 10-21
- managing, 10-23
- Oracle Net Services, 2-17, 2-22
- preparing for replication, 25-6
- use of Oracle Internet Directory, 1-11
- Oracle wallet parameter
- modifying, B-6
- Oracle wallets, B-6
- changing location of, B-6
- with ldapadd, A-23
- with ldapaddmt, A-25
- with ldapbind, A-26
- with ldapcompare, A-28
- with ldapdelete, A-29
- with ldapmoddn, A-31
- with ldapmodify, A-33
- with ldapmodifymt, A-38
- with ldapsearch, A-41
- Oracle9i, 2-22
- database, 2-17
- Replication Manager, configuring, 25-6
- Oracle9i Advanced Replication, 24-20, 25-9
- configuring, 25-6, 25-9
- by using Oracle9i Advanced Replication Manager, 25-6
- by using Oracle9i Replication Manager, 25-6
- for directory replication, 25-9
- directory replication based on, 2-23, 24-2
- installed with Oracle 9i, 25-3
- installing, 25-6
- setting up, 25-6
- Oracle9i Advanced Replication-based replication
- options for configuring, A-63
- Oracle9i Real Application Clusters, i-lxxix, 29-1
- OracleApplication Server Single Sign-On
- part of Oracle Identity Management, 1-9
- orclACI, 14-3, B-4
- access to, 14-3
- optional attribute in top, 2-10
- orclacpgroup object class, 14-4
- orclAgreementID, 25-41
- orclAgreementId, B-35
- Orclanonymousbindsflag attribute, B-42
- orclauditattribute, B-4
- orclAuditLevel, B-4
- orclauditlevel attribute, 10-13
- orclauditlevel operational attribute, 10-10
- orclauditmessage, B-4
- orclauditmessage attribute, 10-11
- OrclAuditOC, B-4
- orclauditoc attributes, 10-11
- orclauditoc object class, 10-11
- orclCatalogEntryDN, B-23
- orclChangeRetryCount, 25-37, B-35, B-36
- orclChangeSubscriber, 33-7
- orclConfigSet, B-23
- orclconfigsetnumber, B-23
- orclcontainerOC, B-23
- orclCryptoScheme attribute, B-40
- orclDBType, B-23
- orcldebugflag, 10-7
- orclDebugLevel, B-23
- orcldebuglevel configuration set entry, B-5
- orclDIPRepository attribute, B-41
- orclDirReplGroupDSAs, 25-43, B-35
- orclDITRoot, B-23
- orclecachemaxentries attribute, B-41
- orclecachemaxsize attribute, B-41
- orclEnableGroupCache attribute, B-41
- orclEntryLevelACI, 14-3, B-4
- optional attribute in top, 2-10
- orcleventLog, B-23
- orclEvents, B-23
- orcleventtime, B-4
- orcleventtime attribute, 10-11
- orcleventtype, B-4
- orcleventtype attribute, 10-11
- orclExcludedAttributes, B-35
- orclexcludedattributes, 24-15
- orclExcludedNamingcontexts, B-35
- orclexcludednamingcontexts, 24-14
- orclGuid, B-35
- optional attribute in top, 2-10
- orclGuName, B-23
- orclguname attribute, 5-13
- orclGuPassword, B-23
- orclgupassword attribute, 5-13
- orclhostname, B-23
- orclIncludedNamingcontexts, B-35
- orclincludednamingcontexts, 24-14
- orclIndexedAttribute, B-23
- orclIndexOC, B-23
- orclLastAppliedChangeNumber attribute, 44-5
- orclLDAPInstance, B-23
- orclLDAPSubConfig, B-23
- ORCLLM algorithm, 16-6
- orclMatchDNEnabled attribute, B-42
- ORCLMAXCC, 21-5
- orclMaxCC, B-23
- orclmaxcc, 2-19
- orclmaxcc configuration set entry, B-5
- ORCLNT algorithm, 16-6
- orclOdipAgentConfigInfo, 33-7
- orclodiplastappliedchangenumber, 33-7
- orclOdipLastAppliedChgNum, 38-4
- orclodiProfile, 33-7
- orclOpResult, B-4
- orclopresult attribute, 10-11
- orclParentGUID, B-35
- orclPluginConfig object class, B-31
- orclprivilegegroup object class, 2-20
- and dynamic groups, 9-7
- orclPrName, B-23
- orclprname attribute, 5-13
- orclPrPassword, B-23
- orclprpassword attribute, 5-13
- orclpwdAlphaNumeric attribute, B-25
- orclpwdIllegalValues attribute, B-25
- orclpwdpolicyenable attribute, B-26
- orclpwdToggle attribute, B-25
- orclReplAgreementEntry, B-35
- orclreplicaDN, B-35
- orclReplicationProtocol, B-35
- orclREPLInstance, B-23
- orclREPLSubConfig, B-23
- orclSequence, B-4
- orclsequence attribute, 10-11, 10-12
- orclServerEvent, B-4
- orclServerMode, B-23
- orclServerMode attribute, B-40
- ORCLSERVERPROCS, 21-5
- orclServerProcs, B-23
- orclserverprocs configuration set entry, B-5
- orclSizeLimit, B-23
- orclSizeLimit attribute, B-40
- orclskewedattribute attribute, 21-12
- orclssl authentication configuration set entry, B-6
- orclsslAuthentication, B-40
- orclsslEnable, B-40
- orclsslenable, B-6
- orclsslenable configuration set entry, B-6
- orclsslPort, B-40
- orclsslport configuration set entry, B-5
- orclsslVersion, B-40
- orclsslWalletURL, B-40
- orclsslwalleturl configuration set entry, B-6
- orclStatsFlag attribute, B-42
- orclStatsPeriodicity attribute, B-42
- orclSuffix, B-23
- orclSuName, B-23
- orclsuname attribute, 5-13
- orclSuPassword, B-23
- orclsupassword attribute, 5-13
- orclThreadsPerSupplier, B-36
- orclTimeLimit, B-23
- orclTimeLimit attribute, B-41
- orcluniqueattrname, 8-2, B-4
- orcluniqueenable, 8-3, B-5
- orcluniqueobjectclass, 8-3, B-5
- orcluniquescope, 8-2, B-4
- orcluniquesubtree, 8-3, B-5
- orclUpdateSchedule, B-35
- orclUseEncrypt, B-23
- orcluserdn, B-4
- orcluserdn attribute, 10-11
- orclUserV2 attribute, 23-8
- orclUserV2 object class, B-17
- ORCLWEBDAV algorithm, 16-5
- organization attribute, 2-6
- organizationalUnitName, 2-6
- overall throughput, 21-2
P
- -PADDNODE option, in Replication Environment Management Tool, A-89
- paging, 20-12
- parameters
- configuration, for Oracle directory replication server, 25-36
- dependent on Oracle directory server configuration, 21-10
- for an active instance, modifying, 13-3
- in an active server instance
- modifying, 5-4
- OID Database Statistics Collection Tool, A-134
- replication agreement, 25-40
- required for tuning, 21-9
- SGA, 21-11
- partial replication, 2-23, 24-2
- partitioning, 2-22, 2-26
- deployment considerations, 18-4
- partitions, 18-3
- password policies, 12-8
- about, 15-2
- conceptual discussion, 12-8
- default, 15-2
- definition, 15-2
- entry
- defined, 2-21
- establishing, 15-4
- for realms
- modifying by using command-line tools, 15-9
- viewing by using command-line tools, 15-8
- management, 2-12
- managing by using command-line tools, 15-8
- plug-in, 46-1
- how it works, 46-2
- realms, managing by using command-line tools, 15-8
- realm-specific
- modifying by using Oracle Directory Manager, 15-7
- viewing by using Oracle Directory Manager, 15-6
- setting by using command-line tools, 15-8
- setting by using Oracle Directory Manager, 15-5
- setting, by using command-line tools, 15-8
- verification of, 15-4
- Password Policies Account Lockout tab page, in Oracle Directory Manager, C-8
- Password Policies General tab page, in Oracle Directory Manager, C-6
- Password Policies IP Lockout tab page, in Oracle Directory Manager, C-8
- Password Policies Password Syntax tab page, in Oracle Directory Manager, C-8
- password policy
- schema elements, B-24
- password verifier
- schema elements, B-29
- password verifier entry, defined, 2-20
- Password Verifier Profile dialog box, in Oracle Directory Manager, C-9
- password verifiers
- default. for Oracle components, 16-9
- password-based authentication, 4-4, 12-5
- passwords
- database, 5-14
- expiration warning, B-26
- expiry time, B-27
- failure count interval, B-26
- for guest users, 5-11
- for proxy users, 5-11
- for shell tools, 7-15
- for SSL wallets, 4-7
- for super user, 5-11
- for super users, 5-11
- forcing changes by using command-line tools, 15-10
- integrity
- MD4, 16-3
- lockout, B-27
- lockout duration, B-27
- maximum failure, B-28
- policies, 12-8
- setting by using command-line tools, 15-8
- setting by using Oracle Directory Manager, 15-5
- protection, 2-12, 12-8
- changing by using ldapmodify, 16-4
- changing by using Oracle Directory Manager, 16-3
- changing scheme, 16-2
- default verifiers for Oracle components, 16-9
- managing by using ldapmodify, 16-4
- managing by using Oracle Directory Manager, 16-3
- MD5, 16-3, 16-5
- O3LOGON, 16-5
- ORCLLM, 16-6
- ORCLNT, 16-6
- ORCLWEBDAV, 16-5
- SASL/MD5, 16-5
- setting by using Oracle Directory Manager, C-31
- SHA, 16-3, 16-5
- UNIX Crypt, 16-3, 16-5
- to a directory, changing, 5-11
- to Oracle data servers, changing, 5-14
- where to store in an integrated environment, 41-6
- -PCHGPWD option, in Replication Environment Management Tool, A-99
- -PCHGWALPWD option, in Replication Environment Management Tool, A-106
- -PCLEANUP option, in Replication Environment Management Tool, A-101
- -PDELNODE option, in Replication Environment Management Tool, A-96
- peer-to-peer replication, 2-23, 24-2
- performance
- add or modify, 21-15
- by using multiple threads, A-23
- by using orclEntryLevelACI, 14-3
- metrics, 21-2
- replication and, 18-5
- search, 21-14
- troubleshooting, 21-14
- tuning, tools for, 21-2
- permissions, 2-12, 12-2
- granting
- by using command-line tools, 14-48
- by using Oracle Directory Manager, 14-18
- physical distribution, partitions and replicas, 18-3
- physical memory, 20-12
- PKI authentication, 12-2
- plug-in
- schema elements
- , B-31
- plug-ins
- adding, 45-5, 45-6
- deleting, 45-8
- entry, 2-20
- external authentication, 47-1
- for integration with SunONE Directory Server, 42-11
- SunONE Directory Server, 42-3
- for password policies, 46-1
- framework, 45-1
- garbage collection, 22-2
- modifying, 45-7
- operation-based, 45-3
- password policy
- how it works, 46-2
- post-operation, 45-4
- pre-operation, 45-3
- registering
- by using command-line tools, 45-6
- by using Oracle Directory Manager, 45-5
- when-operation, 45-4
- point-to-point replication, 2-23, 24-2
- policies
- identity management, 2-35
- pooling, connection, 1-8
- port, 4-5
- 389, B-5
- 636, B-5
- default, 4-3, A-8, A-11
- port 389, A-8, A-11
- port 636, A-8, A-11
- precedence
- at the attribute level, 14-15
- at the entry level, 14-15
- rules
- ACL evaluation, 14-14
- in conflicting access policies, 14-2
- prescriptive access control, 14-3
- Present filter, Oracle Directory Manager, C-36
- presentationAddressMatch matching rule, B-47
- -PRESETPWD option, in Replication Environment Management Tool, A-105
- privacy, data, 2-12, 12-2
- by using SSL, 1-9
- privilege groups, 14-3, 14-4
- associated with orclPrivilegeGroup object class, 14-5
- defined, 2-20
- privileges, 2-12, 12-2
- privileges for user and group management
- delegation of, 17-5
- process instance location, C-31
- processes, 2-17
- Oracle background, 21-10
- processing power of CPU, 20-15
- processor affinity on SMP systems, 21-7
- profile tools, A-107
- profiles
- deregistering, A-123
- directory integration, 33-7
- deregistering, 33-21, 33-22
- managing, 33-20
- registering, 33-20
- protocolInformationMatch matching rule, B-47
- provisioning
- agent, 32-8
- agents, for legacy applications, 32-8
- compared with synchronization, 32-4
- contrasted with synchronization, 32-5
- defined, 34-2
- described, 32-5
- enrollment in applications, 34-3
- automatic, 34-3
- manual, 34-3
- error messages, 34-16
- goal of, 32-5
- how applications obtain information, 34-7
- information
- received by an application, 34-7
- received by Oracle Internet Directory, 34-8
- kinds of information required, 34-4
- procedures, 34-3
- profiles
- access control to, 34-11
- managing, 34-10
- monitoring, 34-11
- relation between components, 34-5
- tool
- syntax, A-127
- typical deployment, 34-5
- Provisioning Subscription Tool, A-127
- subscribing applications with, 34-6
- proxy users, 12-5
- centralized in Delegated Administration Services, 30-5
- definition, 5-11
- managing, 5-11
- by using ldapmodify, 5-13
- by using Oracle Directory Manager, 5-12
- user name and password, 5-11
- public key infrastructure, 12-2
- pwdAllowUserChange attribute, B-25
- pwdCheckSyntax attribute, B-26
- pwdExpireWarning attribute, B-26, I-10
- pwdFailureCountInterval attribute, B-26
- pwdGraceLoginLimit attribute, B-26
- pwdInHistory attribute, B-27
- pwdLockout attribute, B-27
- pwdLockoutDuration attribute, B-27
- pwdMaxAge attribute, B-27
- pwdMaxFailure attribute, B-28
- pwdMinLength attribute, B-28
- pwdMustChange attribute, B-28
- pwdPolicy object class, 15-5
Q
- queries, database
- optimizing, 21-12
- query entry return limit, C-31
- Query Optimization tab page, in Oracle Directory Manager, C-34
- querying
- audit log, 10-10
- critical events, 10-10
R
- rack-mounted directory server configurations, i-liii, 27-1
- architecture, 27-2
- benefits, 27-2
- how failover works, 27-7
- load balancing, 27-4
- metadata synchronization, 27-6
- rules for managing, 27-9
- RC4_40 encryption, 12-2
- RDNs. See relative distinguished names (RDNs)
- Real Application Clusters, directory failover in, 29-1
- realms, 19-2
- identity management
- configuring, 19-14
- customizing, 19-14
- default, 2-35, 19-12
- defined, 2-34
- implementation in Oracle Internet Directory, 19-4
- in enterprise deployments, 19-2
- in hosted deployments, 19-3
- multiple in enterprise deployments, 19-2
- planning, 19-10
- single in enterprise, 19-2
- realm-specific Oracle Context, 19-5
- reconcile capability, in OID Migration Tool (ldifmigrator), A-140
- recovery features, in Oracle9i, 1-9
- redefining mandatory attributes, 6-4
- redo log buffers parameter, 21-11
- redundancy, 26-2
- and failover, 18-3
- redundant links, 26-8
- ref attribute, 7-17
- referral caching, client-side, 7-19
- how it works, 7-19
- referral object class, 7-17
- referrals, 2-27
- client-side referral caching, 7-19
- defined, 2-27
- kinds, 2-29
- Refresh button, in Oracle Directory Manager, 4-10
- Refresh Entry button, in Oracle Directory Manager, 4-11
- Refresh Entry menu item, 4-9
- Refresh Subtree Entries button, in Oracle Directory Manager, 4-11
- Refresh Subtree Entries menu item, 4-9
- registering a directory, 44-4
- registration, directory, 44-3
- relational databases contrasted to directories, 1-2
- relative distinguished names (RDNs), 2-3
- displaying for each entry, 7-2
- modifying
- by using command line tools, 7-11
- by using ldapmodify, A-35
- modifying, by using ldapmoddn, 7-11
- remtool, 25-10, A-62
- replica
- LDAP-based
- installing, 25-23
- subentry, 24-14
- Replica Agreements tab page, in Oracle Directory Manager, C-15
- Replica Naming Context tab page, in Oracle Directory Manager, C-16
- Replica Node General tab page, in Oracle Directory Manager, C-14
- replicas, 2-23, 18-3, 24-2
- in deployment, 18-3
- replicated directories, conceptual discussion, 2-22
- replication, 2-23, 3-5, 24-24
- adding a new entry to a consumer, 24-27
- adding a new node for, 25-13, 25-18
- agreement entry, 24-14
- agreement parameters, 25-40
- modifying, 25-42
- viewing and modifying, 25-42
- agreements, 2-23, 24-2, 24-12, 25-42, C-31
- adding nodes to, 25-42
- configuring, 25-40
- example of, 24-15
- LDAP-based, 24-12
- multimaster, 24-12
- and Oracle Directory Integration and Provisioning platform, 35-13
- and SSL, 24-19
- architecture, 24-21
- authentication, 24-18
- change conflicts
- monitoring, 25-20
- change logs, 1-8, 24-24
- change logs in, 24-19
- cold backup, F-1
- comparison of full and partial, 24-4
- configuration parameters
- modifying, 25-37
- configuring, 25-35
- Oracle9i Advanced Replication, 25-9
- sqlnet.ora, 25-7
- tnsnames.ora, 25-7
- conflicts
- levels of occurrence, 24-25
- resolving manually, 25-20
- typical causes of, 24-26
- considerations, 18-5
- database copy procedure, F-1
- deleting a node, 25-18
- deleting an entry, 24-28
- failure tolerance, 18-6
- fan-out, 2-23, 24-2, 24-7, 24-33
- process, 24-34
- full, 2-23, 24-2, 24-3
- groups, 24-5
- fan-out, 24-7
- multimaster, 2-23, 24-6
- single-master, 24-6
- in deployment, 18-5
- installing and configuring, 25-2
- LDAP-based, 2-23, 24-2
- configuring, 25-23, 25-24
- deleting, 25-30
- determining what is to be replicated, 25-31
- installing and configuring, 25-22
- options for configuring, A-64
- load balancing, 18-5
- log location, C-31
- login events, 10-13
- loose consistency model, 18-5
- managing, 25-1
- managing naming contexts and attributes, 24-37
- modifying a DN, 24-31
- modifying an RDN, 24-30
- multimaster, 1-8, 2-23, 18-3, 24-2
- architecture, 24-21
- conflict resolution, 24-24
- installing and configuring, 25-2
- on the consumer side, 24-23
- on the supplier side, 24-22
- multimaster with fan-out, 24-9
- multimaster, single-master, fan-out, 24-9
- naming context container entry, 24-14
- naming contexts
- included and excluded, 24-11
- nodes
- adding, 25-13
- deleting, 25-18
- Oracle9i, 24-20
- Oracle9i Advanced Replication-based, 2-23, 24-2
- options for configuring, A-63
- overview, 24-1
- partial, 2-23, 24-2, 24-3
- filtering, 24-35
- optimization, 24-38
- peer-to-peer, 2-23, 24-2
- point-to-point, 2-23, 24-2
- preparing the Oracle Net Services environment for, 25-6
- process, 24-27, 24-28, 24-29, 24-30, 24-31
- on the consumer side, 24-23
- on the supplier side, 24-22
- reasons to implement, 18-5
- retries
- applying changes, 24-24
- modifying number of, 25-37
- schema elements, B-35
- security, 24-18
- server
- log file location, 3-5
- single-master, 2-23
- specifying number of worker threads, C-13
- sponsor node, F-3
- status location, C-31
- transport mechanism, 24-20
- Replication Environment Management Tool, 4-19
- -ADDNODE option, A-65
- -ASRCLEANUP option, A-77
- -ASRRECTIFY option, A-78
- -ASRSETUP option, A-68
- -ASRVERIFY option, A-82
- -CHGPWD option, A-72
- -DELNODE option, A-73
- -DISPASRERR option, A-85
- -DISPQSTAT option, A-86
- -PADDNODE option, A-89
- -PCHGPWD option, A-99
- -PCHGWALPWD option, A-106
- -PCLEANUP option, A-101
- -PDELNODE option, A-96
- -PRESETPWD option, A-105
- -RESUMEASR option, A-88
- -SUSPENDASR option, A-87
- syntax, A-62
- what it does, A-62
- Replication Server Configuration Set General tab page, in Oracle Directory Manager, C-13
- resource access information, 2-36
- resource information, 2-36
- location in DIT, 2-36
- schema elements, B-33
- resource type information, 2-36
- -RESUMEASR option, in Replication Environment Management Tool, A-88
- retry queue, A-55
- Revert button, in Oracle Directory Manager, 4-8
- RFCs enforced by Oracle Internet Directory, B-2
- rollback segments, 25-8
- creating, 25-7, 25-8, 25-9
- Root DSE entry
- defined, 2-19
- root of search
- entering, 7-2
- selecting, 7-3
- root Oracle Context, 19-4
- rules, LDIF, A-3
- run-server command, by using OID Control Utility, A-6
S
- SASL
- clients enabled with
- Digest-MD5 authentication to directory server, 12-9
- external authentication, 12-9
- SASL/MD5, for generating password verifier, 16-5
- scalability, of Oracle Internet Directory, 1-8
- Scheduler Process Sequence, 35-5
- schema
- adding and changing object classes (online), 6-3
- administration, 6-1
- by using Oracle Directory Manager, 4-14
- definition location, C-31
- definitions in subSchemaSubentry, 6-2
- directory, defined, 2-19
- elements, B-1
- add/replace event, 10-12
- delete event, 10-12
- for specific Oracle products, B-4
- Oracle proprietary, B-3
- for orclACI, E-2
- for orclEntryLevelACI, E-3
- objects, administering by using Oracle Directory Manager, 4-14
- schema elements
- access control, B-4
- attribute uniqueness, B-4
- audit log, B-4
- configuration set entries, B-5
- debug logging, B-7
- directory configuration, B-23
- dynamic groups, B-7
- garbage collection, B-8
- Oracle Directory Integration and Provisioning platform, B-18
- password policy, B-24
- password verifier, B-29
- plug-in, B-31
- replication, B-35
- resource information, B-33
- server manageability, B-24
- SSL, B-40
- scripts, batched line-mode commands, 6-9
- search
- and compare operations, 2-7
- criteria bar, in Oracle Directory Manager, 7-3, 10-16
- depth, specifying, 7-3
- filters
- IETF-compliant, A-39
- ldapsearch, A-41
- results, specifying maximum number of entries returned, 7-3, 10-15
- Search ACPs
- button, 4-11
- menu item, 4-9
- searches
- configuring, 5-13
- for ACPs when using Oracle Directory Manager, 14-19
- configuring display and duration of, 4-12
- duration, 10-15
- specifying maximum number of entries returned, 7-3, 10-15
- using filters, 6-7
- secure
- port 636, 13-2, 13-3
- Secure Hash Algorithm (SHA), 16-4, B-40, C-31
- secure mode
- running directory servers in, B-5
- running server instances in, 13-3
- security, 1-9, 2-11
- credentials, stored in an external repository, 47-1
- for different clients, 13-3
- in integrated environments, 41-13
- in LDAP Version 3, 1-5
- in replication, 24-18
- in the Oracle Directory Integration Platform, 36-1
- SSL parameters for different clients, 13-3
- tools in Oracle Directory Integration and Provisioning platform, 36-7
- within Oracle Internet Directory environment, 2-12
- Security Administrators Group, 17-16
- security and refresh events garbage collector, 22-4
- selected audit log events, 10-13
- server
- instances
- running, 4-2
- running in secure mode, 13-3
- mode, C-31
- operation time limit, C-32
- processes
- number of, B-5
- server manageability
- schema elements, B-24
- servers
- monitoring, 10-17
- servers. See also directory servers, directory replication servers, or directory integration and provisioning servers
- servers, configuring
- by using input files, 7-10
- SESSIONS parameter, 21-9
- setup process (ldaprepl.sh)
- log file location, 3-5
- SGA. See System Global Area (SGA).
- SHA, 16-4, 23-4, B-40, C-31
- for password encryption, 16-3, 16-5
- shared pool size, 21-8
- parameter, 21-9
- shared server, 21-10
- simple authentication, 1-9, 12-5
- Simple Authentication and Security Layer (SASL)
- authentication, 12-5
- clients enabled with
- Digest-MD5 authentication to directory, 12-9
- external authentication, 12-9
- how it works, 12-9
- in LDAP Version 3, 1-5
- single-master replication groups, 24-6
- single-valued attributes, 2-5
- converting to multivalued, 6-12
- size
- attribute values, B-46
- size, B-46
- of database cache, 18-10
- sizing, 18-8, 18-9
- considerations in deployment, 18-9
- I/O subsystem, 20-6
- tablespaces, 20-8
- skewed attributes, 21-12
- sleep time, OID Monitor, A-5
- smart knowledge references (referrals)
- configuring, 7-17
- sn attribute, 2-6
- software-based connection redirection, 26-7
- sort area parameter, 21-11
- special purpose directories, 1-4
- SPECint_rate95 baseline, 20-15
- sponsor node, 25-15
- cold backup procedures, F-3
- sqlnet.ora, configuring for replication, 25-7
- SRV records
- OID-specific format for, 5-24
- standard format for, 5-24
- SSHA, B-40
- SSL, 4-6, 13-3, 13-5, 36-2
- attribute values, B-40
- authenticated access, 1-9
- authentication
- for Oracle Directory Manager, 4-7
- one-way, 4-7
- server only, 4-7
- certificates for connected directories, 35-8
- cipher suites, 13-2
- SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, 13-2
- SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, 13-2
- SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, 13-2
- SSL_DH_anon_WITH_DES_CBC_SHA, 13-2
- SSL_DH_anon_WITH_RC4_128_MD5, 13-2
- SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, 13-2
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, 13-2
- SSL_RSA_WITH_DES_CBC_SHA, 13-2
- SSL_RSA_WITH_NULL_SHA, 13-2
- SSL_RSA_WITH_RC4_128_MD5, 13-2
- supported in Oracle Internet Directory, 13-2
- client scenarios, 13-2
- configuration parameters, 13-3
- modifying, 13-3
- configuring, 4-4, 13-3
- data privacy, 1-9
- default port, B-5
- enabling, 13-3, B-6
- with ldapadd, A-22
- with ldapaddmt, A-25
- with ldapbind, A-26
- with ldapmodify, A-32
- with ldapmodifymt, A-38
- enabling Oracle Directory Manager to use, 4-6
- handshake, 13-2
- issues specific to this release, 13-6
- managing, 13-1
- modifying orclsslwalleturl parameter, B-6
- no authentication, 4-7, B-6
- parameters, 13-3
- configuring, 13-3
- configuring by using command-line tools, 13-5
- configuring by using Oracle Directory Manager, 13-3
- password to user wallet, 4-7
- port 636, 13-3
- replication and, 24-19
- schema elements, B-40
- starting directory server with, 13-6
- strong authentication, 12-2
- toggling on and off, B-6
- two-way authentication, B-6
- Version 2, 13-2
- Version 3, 13-2
- wallets, B-6
- changing location of, B-6
- SSL Settings tab page, in Oracle Directory Manager, C-37
- SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, 13-2
- stack, technology, 26-2
- start-server commands, 5-2
- static directory server discovery, 5-21
- static groups, 9-2
- entries
- managing by using command-line tools, 9-10
- managing by using Oracle Directory Manager, 9-8
- modifying by using ldapmodify, 9-10, 9-14
- schema elements for creating, 9-2
- stopodiserver.sh, A-124
- stop-server command, A-6
- store-and-forward transport, in Oracle9i, 24-20
- striping, 21-8
- strong authentication, 12-5
- structural access items, 14-33
- structural object class type, 2-9
- structural object classes, 2-9
- converting, 6-5
- structure rules, not enforced by Oracle Internet Directory, 2-10
- structure, audit log entries, 10-11
- subclasses, 2-8
- subconfig, B-23
- subentries, definition, 6-2
- subordinate naming contexts, 2-27
- subregistry, B-23
- subSchemaSubentry
- adding object classes to, 6-2
- holding schema definitions, 6-2
- modifying, 6-2
- subtree entry data, updating by using Oracle Directory Manager, 4-11
- subtree level search, 7-3, A-39
- subtrees
- displaying, 7-2
- SunONE
- connector
- about, 42-2
- configuring, 42-4
- integration profile for, 42-5
- Directory Server
- external authentication plug-in, 42-3, 42-11
- integration, 42-1, 42-2
- mapping rules for integration with, 42-7
- supported configurations for integration, 42-17
- synchronization with, troubleshooting, 42-16
- SunONE Directory Server
- integration profile, 42-8
- super users
- definition, 5-11
- logging in as, 4-4
- login events, 10-12
- managing, 5-11
- by using ldapmodify, 5-13
- by using Oracle Directory Manager, 5-12
- user name and password, 5-11
- superclass selector, 7-5
- superclasses, 2-8
- and inheritance, 6-3
- of object classes, C-18, C-20
- superior knowledge references (referrals), 2-27
- suppliers
- defined, 2-23, 24-2
- surname attribute, 2-6
- -SUSPENDASR option, in Replication Environment Management Tool, A-87
- Symmetric Multi-Processor (SMP) systems, 21-7
- synchronization
- contrasted with provisioning, 32-5
- described, 32-4
- from a connected directory to Oracle Internet Directory, 33-4
- from Oracle Internet Directory to a connected directory, 33-3
- one-way, 32-6
- process, 44-5
- profile
- creating with the command-line tool, 33-22
- deregistering by using the command-line tool, 33-22
- profiles, 32-4, 33-1
- scenarios, 33-3
- status attribute, 33-21
- two-way, 32-6
- use of the change log, 32-7
- with Oracle Human Resources, 39-1
- with other directories, 44-1, 44-2
- Synchronization Execution tab page, in Oracle Directory Manager, C-39
- Synchronization General tab page, in Oracle Directory Manager, C-38
- Synchronization Mapping tab page, in Oracle Directory Manager, C-41
- Synchronization Status tab page, in Oracle Directory Manager, C-41
- syntax
- attribute, 2-6
- bulk tools, A-44
- bulkdelete, A-44
- bulkload, A-45
- bulkmodify, A-51
- Catalog Management Tool, A-19
- catalog management tool, A-20
- catalog.sh, A-19
- command-line tools, A-18
- Directory Integration and Provisioning Assistant, A-107
- directory integration and provisioning server registration tool, A-126
- Human Intervention Queue Manipulation Tool, A-56
- LDAP, B-43
- ldapadd, A-21
- ldapaddmt, A-23
- ldapbind, A-25
- ldapcompare, A-26, A-27
- ldapcreateconn.sh, A-121
- ldapdelete, A-28
- ldapDeleteConn.sh, A-123
- ldapmoddn, A-30
- ldapmodify, A-31
- ldapmodifymt, A-37
- ldapsearch, A-39
- ldapUploadAgentFile.sh, A-120, A-121
- LDIF, A-2
- LDIF and command-line tools, A-1
- ldifwrite, A-53
- odisrvreg, A-126
- OID Control Utility, A-6
- OID Database Password Utility, A-131
- OID Database Statistics Collection Tool, A-134
- OID Monitor, A-4
- OID Reconciliation Tool, A-59
- oidctl, A-6
- oidpasswd, A-131
- oidprovtool, A-127
- Oracle Directory Integration and Provisioning Platform command-line tools, A-107
- Provisioning Subscription Tool, A-127
- provisioning tool, A-127
- remtool, A-62
- replication conflict resolution tools, A-55
- Replication Environment Management Tool, A-62
- schemasync, A-125
- stored in schema, 6-2
- syntaxes
- cannot add to subSchemaSubentry, 6-2
- new, adding, 2-7
- viewing
- by using by using ldapsearch, 6-27
- by using Oracle Directory Manager, 6-27
- System Global Area (SGA), 21-7, 25-8
- parameters, 21-11
- sizing, 21-7
- tuning for Oracle9i, 21-7
- tuning parameters, 21-11
- system operation attributes
- displayed in Oracle Directory Manager, C-27
- system operational attributes, 5-9
- setting, 5-9
- by using ldapmodify, 5-10
- by using Oracle Directory Manager, 5-9
- viewing, 5-9
- System Passwords tab page, in Oracle Directory Manager, C-33
- system resource events garbage collector, 22-4
- SYSTEM tablespace, 20-12
T
- tablespaces, 20-8
- creating, 25-7, 25-8, 25-9
- in replication, 25-8
- OLTS_ATTRSTORE, 20-11
- OLTS_CT_STORE, 20-11
- OLTS_DEFAULT, 20-11
- sizing, 20-8
- SYSTEM, 20-12
- targetDN, B-35
- TCP/IP connections, 26-5, 26-8, B-5
- tear-off, in Oracle Directory Manager, 4-9
- technology stack, 26-2
- telephoneNumberMatch matching rule, B-47
- templates, creating entries from, 7-5
- third-party directories
- integration with
- considerations, 41-1
- throughput, 20-6
- overall, 21-2
- time-based change log purging, 22-7
- tnsnames.ora
- configuring for replication, 25-7
- in cold backup, F-7
- tombstone garbage collector, 22-4
- tools
- for tuning, 21-2
- top object class, 2-9, 2-10
- optional attributes in, 2-10
- top utility, 21-2
- tracing function calls, 10-7
- Transparent Application Failover (TAF), 29-2
- tree view
- browsing, 7-3
- selecting root of search, 7-3
- troubleshooting, I-1
- directory server instance startup, A-9
- performance, 21-14
- Trusted Application Administrators Group, 17-14
- tunables, database, 21-9
- tuning, 18-8, 21-1
- considerations, 18-11
- CPU for Oracle foreground processes, 21-6
- CPU for Oracle Internet Directory processes, 21-5
- CPU usage, 21-4
- deployment considerations, 18-11
- disk, 21-8
- memory, 21-7
- overview, 21-2
- SGA parameters, 21-11
- System Global Area (SGA) for Oracle9i, 21-7
- tools, 21-2
- two-way authentication, SSL, B-6
- types
- of attributes, 2-4
- of object classes, C-18, C-20
- types of external authentication, 42-4
U
- Unicode Transformation Format 8-bit (UTF-8), 2-13
- uniqueMemberMatch matching rule, B-47
- UNIX crypt
- for password encryption, 16-3, 16-5, 23-4, B-40, C-31
- for password hashing, 16-4
- UNIX, starting Oracle Directory Manager on, 4-3
- unspecified access, 14-12, 14-30
- user
- login, 4-4
- names and passwords, managing
- by using ldapmodify, 5-13
- by using Oracle Directory Manager, 5-12
- password modification event, 10-13
- search context, 41-12
- User field, in Oracle Directory Manager, 4-4
- User Management Application Administrators Group, 17-14
- User Preferences
- button, 4-11
- menu item, 4-9
- User Proxy Privilege Group, 17-18
- userPassword attribute, hash values, 23-4
- users
- entries
- adding by using ldapadd, 7-11
- adding by using Oracle Directory Manager, 7-6
- modifying by using ldapmodify, 7-12
- modifying by using Oracle Directory Manager, 7-8
- guest, 5-11
- names and containment, planning, 19-8
- proxy, 5-11, 12-5
- super, 5-11
- UTF-8. See Unicode Transformation Format 8-bit
- UTLBSTAT.SQL, 21-3
- UTLESTAT.SQL, 21-3
V
- values, deleting attribute, A-34
- Verifier Services Group, 17-18
- View menu, in Oracle Directory Manager, 4-9
- virtual memory, 20-12
- vmstat utility, 21-2
W
- wallets
- changing location of, B-6
- location, B-6
- passwords, 4-7
- SSL, B-6
- wildcards, in setting access control policies, 14-50
- Windows NT
- Performance Monitor, 21-2
- starting Oracle Directory Manager on, 4-3
- Task Manager, 21-2
- worker threads, 21-10
- specifying in replication, C-13