Oracle® Internet Directory Administrator's Guide 10g (9.0.4) Part Number B12118-01 |
|
Integration with SunONE (iPlanet) Directory Server, 3 of 7
This section contains these topics:
Synchronization with SunONE Directory Server is based on reading incremental changes from the source directory to the destination directory. If changes are to be made in both directories, then both directories need to have change logging enabled. For complete synchronization, make sure that the change log and the tombstones are configured correctly in different release. The purging duration should be set long enough for all changes to be synchronized.
See Also:
|
If you want to synchronize passwords, then be sure that the hashing technique used by SunONE Directory Server is also supported by Oracle Internet Directory. The current hashing technique enabled in Oracle Internet Directory, can be obtained by doing a base search in Oracle Internet Directory as follows:
ldapsearch -h host -p port_number -b `' -s base `objectclass=*' orclcryptoscheme
Oracle components are clients of Oracle Internet Directory. However, in an integrated environment, you have the option of storing security credentials for those components in an external repository --in this case, SunONE Directory Server--rather than in Oracle Internet Directory. When security credentials are stored in an external repository, user authentication to an Oracle component happens in the external repository and not in Oracle Internet Directory.
To communicate with the external repository, the Oracle component relies on the Oracle directory server. The Oracle directory server, in turn, uses a plug-in that can access the external repository. The entire authentication process is transparent to the Oracle components, which perceive all the LDAP requests as being handled by the Oracle directory server.
To verify a user's security credentials, an Oracle component can, by way of the Oracle directory server, send to the external repository a simple bind with a request for one of the following:
When an Oracle directory server has the plug-in configured and enabled, the following process occurs to authenticate a user to an Oracle component.
|
![]() Copyright © 1999, 2003 Oracle Corporation. All Rights Reserved. |
|