Skip Headers
Oracle® Internet Directory Administrator's Guide
10
g
(9.0.4)
Part Number B12118-01
Home
Solution Area
Contents
Index
List of Tables
1-1 Comparison of Online Directories and Relational Databases
2-1 Common LDAP Attributes
2-2 Components of an Oracle Internet Directory Node
3-1 Tasks to Reset the Default Security Configuration
3-2 Log File Locations
4-1 Fields in the Credentials Tab Page
4-2 Fields in the SSL Tab Page
4-3 Oracle Directory Manager Menu Bar
4-4 Oracle Directory Manager Toolbar
4-5 Task Areas in Oracle Directory Manager
4-6 Tools for Starting, Stopping, and Monitoring Oracle Internet Directory Servers
4-7 Tools for Managing Entries
4-8 Command-Line Tools for Performing Bulk Operations
4-9 Command-Line Tools for Managing Replication
4-10 Command-Line Tools for Managing Directory Synchronization and Provisioning
4-11 Routine Administration Tasks
5-1 Names, Passwords, and Attributes for Super, Guest, and Proxy Users
5-2 Entry Alias Dereferencing Messages
5-3 Arguments in a Service Location Record (SRV)
6-1 Content Rule Parameters
7-1 Command-Line Tools for Managing Entries
8-1 Attribute Uniqueness Constraint Entry
9-1 orclDynamicGroup Attributes for "Connect By" Assertions
9-2 Static and Dynamic Group Considerations
10-1 Fields in Trace Messages
10-2 Debug Logging Levels
10-3 Debug Dimension Values for LDAP Operations
10-4 Attributes of the orclAuditoc Object Class
10-5 Auditable Events
10-6 Audit Mask Levels
10-7 Example: Setting the Audit Level
10-8 Critical Event Levels
10-9 Fields in the Start a New LDAP Server Instance Window
10-10 Fields in the Restart an LDAP Server Instance Window
13-1 SSL Cipher Suites Supported in Oracle Internet Directory
14-1 Types of Access
14-2 LDAP Operations and Access Needed to Perform Each One
14-3 Attribute States During ACL Evaluation
15-1 Tasks and Tools for Managing Password Polices
16-1 Attributes for Storing Password Verifiers in User Entries
17-1 Default Privileges Granted to Everyone and to Each User
17-2 Privileges for Administering the Oracle Technology Stack
17-3 Characteristics of the Subscriber DAS Create User Group
17-4 Characteristics of the Subscriber DAS Edit User Group
17-5 Characteristics of the DAS Delete User Group
17-6 Characteristics of the User Privilege Assignment Group
17-7 Characteristics of the Group Creation Group
17-8 Characteristics of the Group Edit Group
17-9 Characteristics of the Group Delete Group
17-10 Characteristics of the Group Privilege Assignment Group
17-11 Characteristics of the Oracle Application Server Administrators Group
17-12 Characteristics of the User Management Application Administrators Group
17-13 Characteristics of the Trusted Application Administrators Group
17-14 Characteristics of the User Security Administrators Group
17-15 Characteristics of the Authentication Services Group
17-16 Characteristics of the Verifier Services Group
17-17 Characteristics of the User Proxy Privilege Group
17-18 Characteristics of the Oracle Context Administrators Group
17-19 Characteristics of the Common User Attributes Group
17-20 Characteristics of the Common Group Attributes Group
18-1 CPU Power for Various Deployment Scenarios
18-2 Approximate Disk Space Requirements for Variously Sized DITs
18-3 estimates of the Memory Requirements for Various DIT Sizes
19-1 Oracle Identity Management Objects
19-2 Customizing an Existing Realm
20-1 Assumptions about Entry Types and Their Sizes
20-2 Overall Count of Entries
20-3 Directory Lookups in a Single Day
20-4 Working Hour Loads
20-5 Disk Space Requirements
20-6 Tablespaces Used to Store Oracle Internet Directory Data
20-7 Variables Used for Size Calculation
20-8 Size of Individual Tablespaces
20-9 Values for Variables Used for Sizing Calculations
20-10 Tablespace Sizes
20-11 Minimum Memory Requirements for Different Directory Configurations
20-12 Maximum Possible Throughput for Two Types of Operations
20-13 Rough Estimates of CPU Requirements
23-1 Mandatory Attributes in a User Entry
24-1 Comparison of Full and Partial Replication
24-2 Types of Data Transfer Between Nodes in a Directory Replication Group
24-3 Multimaster. Single-Master, and Fan-Out Replication Compared
24-4 Types of Replication Conflict
25-1 A Comparison of Backup and Automatic Bootstrapping
25-2 Nodes in Example of Partial Replication Deployment
30-1 Log Files for Components In Oracle Delegated Administration Services
Environment
30-2 DAS.PROPERTIES File Debug Arguments
31-1 Tasks of an End User
31-2 Tasks of an Administrator
32-1 Directory Synchronization and Provisioning Integration Distinctions
33-1 DomainRule Components
33-2 Components in Attribute Rules
33-3 Location and Names of Files
34-1 Entry-Level Privileges
34-2 Attribute Level Privileges Granted to Entities
34-3 Access Control for Secure Attributes
34-4 Access Control for All Other Attributes
34-5 Provisioning Error Messages
35-1 Oracle Directory Integration and Provisioning Server Threads
35-2 Entries in the odi.properties File
35-3 Debug Types for Server Debugging
38-1 Employee Table
38-2 Directory Integration Profile for TESTDBIMPORT
39-1 Tables in Oracle Human Resources Schema
39-2 Fields in the Oracle Human Resources User Interface
39-3 Attributes Specific to Oracle Human Resources Connector Integration Profile
42-1 Default Attribute Values in the SunONE Directory Server Integration Profile
43-1 Components for Integrating with Microsoft Active Directory
43-2 Comparing and Contrasting the DirSync Approach with the USNChanged
Approach
43-3 Default User and Group Attributes
43-4 Tools for Setting Up and Managing Integration with Microsoft Active Directory
43-5 Typical Requirements with Oracle Internet Directory as the Central Directory
43-6 Typical Requirements with Microsoft Active Directory as the Central Directory
43-7 Scenarios with Single-Domain Microsoft Active Directory Environments
43-8 Scenarios with Multiple-Domain Microsoft Active Directory Environments
43-9 Attribute Values Indicating Successful Synchronization
43-10 Attribute Values Indicating Successful Synchronization
43-11 Attribute Values Indicating Successful Synchronization
43-12 Attribute Values Indicating Successful Synchronization
43-13 Attribute Values Indicating Successful Synchronization
45-1 Types of Operation-Based Plug-ins
A-1 Arguments for Starting OID Monitor
A-2 Arguments for Stopping OID Monitor
A-3 Arguments for Starting a Directory Server by Using OIDCTL
A-4 Arguments for Starting a Directory Replication Server by Using OIDCTL
A-5 Description of Arguments for Starting the Oracle Directory Integration and Provisioning Server
A-6 Arguments for the Catalog Management Tool (catalog.sh)
A-7 Arguments for ldapadd
A-8 Arguments for ldapaddmt
A-9 Arguments for ldapbind
A-10 Arguments for ldapcompare
A-11 Arguments for ldapdelete
A-12 Arguments for ldapmoddn
A-13 Arguments for ldapmodify
A-14 Arguments for ldapmodifymt
A-15 Arguments for ldapsearch
A-16 Arguments for bulkdelete
A-17 Arguments for bulkload.sh
A-18 Arguments for bulkmodify
A-19 Arguments for ldifwrite
A-20 Arguments for Moving a Change from the Human Intervention Queue into
the Retry Queue
A-21 Arguments for Moving a Change from the Human Intervention Queue
into the Purge Queue
A-22 Arguments for Reconciling Inconsistent Data by Using the OID Reconciliation
Tool
A-23 Arguments for the Replication Environment Management Tool (remtool)
A-24 Options for Configuring and Managing an Oracle9i Advanced
Replication-Based DRG (remtool)
A-25 Options for Configuring and Managing an LDAP-Based Replication
DRG (remtool)
A-26 Summary of Functionality of the Directory Integration and Provisioning
Assistant
A-27 Parameters for Creating, Modifying, and Deleting Synchronization Profiles by Using the Directory Integration and Provisioning Assistant
A-28 Properties Expected by createprofile and modifyprofile Commands
A-29 Parameters of a deleteprofile Command
A-30 Bootstrapping Properties
A-31 Scenarios for Reassociating Directory Integration Profiles
A-32 Limitations of Bootstrapping in the Directory Integration and
Provisioning Assistant
A-33 Arguments for ldapUploadAgentFile.sh
A-34 Arguments for Registering a Partner Agent by Using ldapcreateConn.sh
A-35 Arguments for Stopping the Oracle Directory Integration and Provisioning
Server
A-36 Descriptions of ODISRVREG Arguments
A-37 Provisioning Subscription Tool Parameters
A-38 ldifmigrator Parameters
A-39 Predefined Substitution Variables
A-40 Substitution Variables for the subscriber "acme"
A-41 Different Modes for Use of -reconcile
A-42 -reconcile SAFE type LDIF records
A-43 -reconcile NORMAL type LDIF records
A-44 -reconcile SAFE_EXTENDED type LDIF records
A-45 Error Messages of OID Migration Tool
B-1 RFCs Enforced by Oracle Internet Directory
B-2 Access Control Schema Elements
B-3 Audit Log Schema Elements
B-4 Attribute Uniqueness Constraint Entry
B-5 Configuration Set Entry Attributes
B-6 Debug Logging Schema Elements
B-7 orclDynamicGroup Attributes for "Connect By" Assertions
B-8 Garbage Collection Configuration Parameters
B-9 Attributes for the Audit Log Garbage Collector
B-10 Attributes of the Change Log Garbage Collector
B-11 Attributes of the General Statistics Garbage Collector
B-12 Attributes of the Health Statistics Garbage Collector
B-13 Attributes of the Security and Refresh Events Garbage Collector
B-14 Attributes of the System Resource Events Garbage Collector
B-15 Attributes of the Tombstone Garbage Collector
B-16 Attribute Value Pairs for Creating a Garbage Collector
B-17 Attribute Value Pairs for Modifying a Garbage Collector
B-18 Attribute Value Pairs for Deleting a Garbage Collector
B-19 Attributes in the orclUserV2 Object Class
B-20 Attributes in Integration Profiles for Third-Party Directories
B-21 Oracle Internet Directory Configuration Parameters
B-22 Attributes for Oracle Internet Directory Server Manageability
B-23 Attributes of the
pwdPolicy
Object Class
B-24 Password Policy Operational Attributes of the
Top
Object Class
B-25 Attributes for Storing Password Verifiers in User Entries
B-26 Plug-in Attribute Names and Values
B-27 Resource Access Descriptor (RAD) Attributes
B-28 Attributes for Resource Type Information
B-29 Replication Schema Elements
B-30 Directory Replication Server Configuration Parameters
B-31 Attributes of the Replica Subentry
B-32 Attributes of the Replication Agreement Entry
B-33 Attributes of the Replication Naming Context Entry
B-34 Modifiable System Operational Attributes
B-35 User Attributes
C-1 Fields in the Access Control Management Pane
C-2 Fields in Authentication Choice List
C-3 Fields in Encryption Choice List
C-4 Entities to Whom You Are Granting Access in the By Whom Tab Page
C-5 Access Rights for Attributes
C-6 Fields in the New Constraint Dialog Box
C-7 Fields in the Garbage Collector Window
C-8 Fields in the Password Policies General Tab Page
C-9 Fields in the Password Policies Account Lockout Tab Page
C-10 Fields in the Password Policies IP Lockout Tab Page
C-11 Fields in the Password Policies Password Syntax Tab Page
C-12 Fields in the Password Verifier Profile Dialog Box
C-13 New Plug-in Dialog Box
C-14 Fields in the Replication Server Configuration Set: General Tab Page
C-15 Fields in the ASR Agreement Tab Page
C-16 Fields in the Replica Node: General Tab Page
C-17 Columns in the Replica Agreements Tab Page
C-18 Fields in the Replica Naming Context Tab Page
C-19 Fields in the Change Log Window
C-20 Object Class Properties Listed in Searches in Oracle Directory Manager
C-21 Search Filters for Object Classes
C-22 Buttons Used in Searches for Object Classes in Oracle Directory Manager
C-23 Fields in the New Object Class Dialog Box
C-24 Columns in the Attributes Tab Page in Oracle Directory Manager
C-25 Search Filters for Attributes
C-26 Buttons in Searches for Attributes in Oracle Directory Manager
C-27 Fields in the General Tab Page of the New Attribute Type Dialog
C-28 Fields in the Advanced Tab Page of the New Attribute Type Dialog
C-29 Fields in the Matching Rules Tab Page
C-30 Fields in the New Content Rule Dialog Box
C-31 Fields in the Content Rule Dialog Box
C-32 Fields in the Configuration Sets Dialog Box--General Tab Page
C-33 Fields in the Configuration Sets--SSL Settings Tab Page
C-34 System Operation Attributes Displayed in Oracle Directory Manager
C-35 Fields in the System Passwords Tab Page
C-36 Fields in the Query Optimization Tab Page
C-37 Search Filters for Entries
C-38 Buttons in Searches for Entries
C-39 Fields in the SSL Settings Tab Page
C-40 Fields on the General Tab Page for Synchronization in Oracle Directory Manager
C-41 Fields on the Execution Tab for Synchronization in Oracle Directory Manager
C-42 Fields on the Mapping Tab Page for Synchronization in Oracle Directory
Manager
C-43 Fields on the Status Tab Page for Synchronization in Oracle Directory Manager
C-44 Fields in the Add New Attributes Window
C-45 Fields in the Editing Attribute Window
C-46 Fields in the Assign Privileges Windows
C-47 Create Identity Management Realm Window for ASP Administrators
C-48 Fields in the Identity Management Realm Window
C-49 Fields in the Create Resource Type Window
I-1 Standard Error Messages
I-2 Additional Error Messages