Oracle® Internet Directory Administrator's Guide 10g (9.0.4) Part Number B12118-01 |
|
Elements in Oracle Internet Directory Graphical User Interfaces , 2 of 3
This section contains these topics:
Field | Description |
---|---|
Path to the Subtree Control Point |
Contains the path defined by the ACP. |
Subtree Control Point |
Contains the ACP |
Table C-2 lists and describes the authentication choices--that is, the methods by which users can be authenticated to the directory.
Table C-3 lists and describes the encryption choices--that is, the method by which data is encrypted.
Field | Description |
---|---|
Mandatory Properties Tab Page |
|
Plug-in Entry Name |
For example, cn=my_plugin. This field is mandatory. |
Plug-in Kind |
PL/SQL. This field is mandatory. |
Plug-in LDAP Operation |
One of the following values: This field is mandatory. |
Plug-in Package Name |
This field is mandatory. |
Plug-in Type |
One of the following values:
See Also: Chapter 45, "Oracle Internet Directory Plug-in Framework" |
Optional Properties Tab Page |
|
Plug-in Enable |
Acceptable values are: This attribute is optional. |
Plug-in Entry Properties |
An LDAP search filter type. For example, if you specify |
Plug-in Replacement |
For WHEN timing plug-in only. Possible values are: This property can be enabled only if the Plug-in LDAP Operation property is ldapbind, ldapcompare, or ldapmodify. This attribute is optional. |
Plug-in Request Group |
A group list that controls if the plug-in takes effect. You can use this group to specify who can actually invoke the plug-in.
For example, if you specify |
Plug-in Result Code |
An integer value to specify the LDAP result code. If this value is specified, then plug-in will be invoked only if the LDAP operation is in that result code scenario. This is only for the POST plug-in type. |
Plug-in Subscriber DN List |
A semicolon separated DN list that controls if the plug-in takes effect. For example: orclPluginSubscriberDNList=dc=COM,c=us; The target DN of an LDAP operation is included in the list, then the plug-in is invoked. |
Plug-in Timing |
One of the following values:
This attribute is optional. |
Plug-in Version |
Supported plug-in version number. This attribute is optional. |
This section contains these topics:
Field | Description |
---|---|
Name |
Name for this attribute |
Object ID |
Object ID for this attribute. The Object ID is a standardized numerical sequence based on IETF standards. It must be unique. Normally this is derived from the identifier assigned by registration agencies, such as ANSI or ISO.
For an explanation of the standard identifiers, see the current LDAP standards available through the IETF Web site at |
Description |
Optional field for your information only |
Syntax |
Standardized rules for data entry applicable to this attribute type |
Size |
Maximum size allowed for this object |
Single Value |
Indicator that this attribute type contains a maximum of one value. |
This section contains these topics:
Field | Description | Default Value | Modifiable? |
---|---|---|---|
Allow Anonymous Binds |
Indicator of whether anonymous binds are allowed or not. If set to |
1 |
Yes |
Alternate Server |
When connectivity to the local server is lost, clients have the option of accessing one of the servers listed in this attribute. Specify other Oracle directory servers in the system that have the same set of naming contexts as that of the local server. The format is: See Also: "Setting the Alternate Server List by Using Oracle Directory Manager" |
None |
Yes |
Configuration Set Location |
DN of the entry holding the top of the naming context in this server |
|
No |
Critical Event Level |
Specify critical events related to security and system resources that you want recorded.
Please note that for events other than super user, proxy and replication login, the value of the See Also: "Configuring Critical Events" for a list of critical events that can be monitored |
0 |
Yes |
DIP Repository |
Used by the directory replication server, and indicates whether change logs are to be generated in the consumer node for the Oracle directory integration and provisioning server to consume. |
FALSE |
Yes |
Directory Version |
The version or release of Oracle Internet Directory that you are using |
9.0.4.0.0 |
No |
Enable Entry Cache |
Specify whether entry caching, described in "Entry Caching", is enabled. The value for enabled is 1; the value for disabled is |
1 |
Yes |
Enable Group Cache |
The cache of privilege groups and ACL groups in the directory server. Using this cache improves the performance of access control evaluation for users when privilege and ACP groups are used in ACI. Use the group cache when a privilege group membership does not change frequently. If a privilege group membership does change frequently, then it is best to turn off the group cache. This is because, in such a case, computing a group cache increases overhead. |
1 |
Yes |
Enable Match DN Processing |
If the base DN of a search request is not found, then the directory server returns the nearest DN that matches the specified base DN. Whether the directory server tries to find the nearest match DN is controlled by this attribute. If set to 1, then match DN processing is enabled. If set to |
1 |
Yes |
Enable Statistics Gathering |
Indicator of whether you want to enable or disable the Oracle Internet Directory Server Manageability framework. To enable, set this to |
0 |
Yes |
Entry Cache Size in Bytes |
The maximum number of bytes of RAM that the entry cache can use. |
100M |
Yes |
Indexed Attribute Locations |
Specify the DN for the file containing all indexed attributes |
|
No |
Maximum Entries in Entry Cache |
Specify the maximum number of entries that can be present in the entry cache. |
25,000 |
Yes |
Maximum TCP Connection Idle Time |
Specify how long the server should keep an idle connection open before closing it. |
120 |
|
Naming Contexts |
Specify the topmost DNs of naming contexts in this server that you want to publish. You must have super user privileges to publish a DN as a naming context. |
None |
Yes |
Password Encryption |
Hash algorithm for encrypting the password. Options are: |
MD4 |
Yes |
Process Instance Location |
DN of the entry holding the Instance Registry in this server |
|
No |
Query Entry Return Limit |
Maximum number of entries to be returned by a search |
1000 |
Yes |
Replica ID |
Unique identifier of a node in a replication agreement |
|
|
Replication Agreements |
DN of the entry holding the replication agreement |
|
No |
Replication Log Location |
DN of the entry holding the change log in this server |
|
No |
Replication Status Location |
DN of the entry holding the change status in this server |
|
No |
Schema Definition Location |
DN of the schema |
|
No |
Server Mode |
Indicator of whether data can be written to the server. You can change this value to either read-write or read-only. Change the default to read-only during replication process. |
read-write |
Choices are Read/Write, Read/Modify and Read-Only |
Server Operation Time Limit |
Maximum amount of time, in seconds, allowed for a search to be completed |
3600 |
Yes |
Simple Modify Changelog Attribute |
In a multimaster replication group, resolving conflicts for changes in some attribute values can require considerable resources. You can avoid this performance degradation by specifying those attributes in this field. When you specify attributes in this field, any changes to the values of those attributes are reflected in the change log. However, in a multimaster replication group, conflict resolution for those attributes is turned off. |
member |
Yes |
Statistics Collection Interval |
Specify how often you want to gather sample statistics--that is, the number of minutes in the interval. Set this to 1 or more minutes. |
|
Yes |
Statistics Level |
Specify whether you want to enable or disable the Oracle Internet Directory Server Manageability framework. To enable, set this to |
0 |
Yes |
Supported Control List |
Enter extension information for any LDAP operation. The control types supported by Oracle Internet Directory are listed as values of the |
|
No |
Supported Extension |
The unique identifiers of proprietary extensions to LDAP operations that are supported in this release of Oracle Internet Directory. In Release 9.0.4, there is one extended operation. It enables a plug-in using a PL/SQL package in the database to bind to the directory server. |
2.16.840.1.113894.1.9.1 |
No |
Supported LDAP Version |
LDAP version that Oracle Internet Directory supports |
|
No |
Supported SASL Mechanisms |
Some clients can use the Simple Authentication and Security Layer (SASL). This field indicates the authentication mechanisms supported by the directory server. See Also: |
|
No |
Upgrade in Progress |
Reserved for upgrade |
FALSE |
No |
Field | Description |
---|---|
Attributes with Low Cardinality |
Enter the attributes you want to designate as skewed. See Also: "Optimizing Searches" for a discussion of skewed attributes |
Common Name |
The common name of the entry containing information about skewed attributes, namely, |
Distinguished Name |
The DN of the entry containing information about skewed attributes. You cannot modify this field. |
LDAP Connection Timeout |
Enter the maximum number of seconds that the directory client can remain idle before the connection is terminated. The default is |
Maximum Entry Size in Cache |
Specify the upper size limit of entries stored in the cache. The default is |
Object Class |
The object classes associated with the |
Time limit mode |
When you set the server operation time limit as described in "Setting System Operational Attributes", you specified the maximum number of seconds allowed for a search to be completed. In this field, to adjust server performance, set the search time limit to be either accurate or approximate. If you specify it as accurate, then searches end precisely at the specified number of seconds. If you specify it as approximate, then searches end within a few seconds of the specified number of seconds. In smaller workloads, the latter provides better performance. |
Field | Description |
---|---|
Mapping Rules |
This field displays the mapping rules for converting data between a connected directory and Oracle Internet Directory. There is no default.
Note: You cannot edit the mapping rules file by using Oracle Directory Manager. You edit the mapping rules in a file manually and then upload it to the profile by using the provided script, |
Connected Directory Matching Filter |
Specify the attribute that uniquely identifies an entry in the connected directory. |
OID Matching Filter |
Specify the attribute that uniquely identifies records in Oracle Internet Directory. This attribute is used as a key to synchronize Oracle Internet Directory and the connected directory. This field is optional. |
|
![]() Copyright © 1999, 2003 Oracle Corporation. All Rights Reserved. |
|