Oracle® Internet Directory Administrator's Guide 10g (9.0.4) Part Number B12118-01 |
|
This section provides a brief description of new features introduced with the latest releases of Oracle Internet Directory, and points you to more information about each one. It contains these topics:
See Also:
ldap_set_option
and the ldap_get_option
in Oracle Internet Directory Application Developer's Guide
ldap.ora
file on the client, that information is stored and managed in a central domain name server. The client, at request processing time, retrieves this information from the domain name server.
Oracle Internet Directory Self-Service Console also enables you to view your organization chart, and users to edit their own profiles.
This section describes an important new feature employing the capabilities of Oracle Internet Directory. It also explains changes in Oracle Internet Directory since Release 9.0.2.
This section describes the new features introduced with Oracle Internet Directory Release 9.0.2.
Enhanced Performance and High Availability
The Oracle Directory Provisioning Integration Service ensures that subscribing applications or business entities are alerted to updates in Oracle Internet Directory for keeping local repositories in synch. It enables you to synchronize local, application-specific information by using Oracle Internet Directory as a source of truth.
You can now use salted SHA as a hashing algorithm. This means that you can now select from these available hashing algorithms:
See Also:
uid=dlin,ou=people, o=oracle
, then the RDN dlin would be unique directly under ou=people,o=oracle
. However, you could have the same user identifier in another branch--for example, uid=dlin, ou=others, o=oracle
. In short, attribute uniqueness was guaranteed only under a given branch, and only within one level.
Attributes other than dn
can be used as unique keys of applications synchronizing with Oracle Internet Directory. The ability of Oracle Internet Directory to enforce attribute uniqueness enables all applications to have their own notions of "user," and to synchronize their user base with a user repository stored in an enterprise Oracle Internet Directory server.
In general, any directory-specific configuration or maintenance task not available at the high-level Oracle Enterprise Manager GUI can now be done through Oracle Directory Manager as well as command-line interfaces supplied with Oracle Internet Directory.
dc=server1, dc=us, dc=oracle, dc=com
. Oracle Internet Directory stores, parses, and chases all alias references for complete client-side transparency.
The Oracle Delegated Administration Services is a set of individual, pre-defined services--called Oracle Delegated Administration Services units--for performing directory operations on behalf of a user. It makes it easier to develop and deploy administration solutions for both Oracle directory-enabled applications and other directory-enabled applications that use Oracle Internet Directory.
Administrators can now use the Oracle Delegated Administration Services and its accompanying console to:
The Oracle Internet Directory Self-Service Console, a new component of the Oracle Delegated Administration Services, enables you to flexibly administer applications, realms, and end users either from a central team or through decentralization and delegation. It provides:
You can use the Oracle Internet Directory Self-Service Console to configure the object classes, user groups, permissions, and other elements of directory information metadata stored in Oracle Internet Directory.
These procedures enable you to upgrade from Oracle Internet Directory release 2.1.1. and release 3.0.1.
This section describes the new features introduced with Oracle Internet Directory Release 3.0.1.
This new feature enables you to increase high availability by using logical hosts--as opposed to physical hosts--in clustered environments.
Oracle9i Real Application Clusters is a computing environment that harnesses the processing power of multiple, interconnected computers. Along with a collection of hardware, called a cluster, it unites the processing power of each component to become a single, robust computing environment. A cluster comprises two or more computers, also called nodes.
You can run Oracle Internet Directory in an Oracle Real Application Clusters system.
In this paradigm, the directory server binds to the logical host, rather than the physical host. It maintains this connection even if the logical host fails over to a new physical host.
A client connects to the directory server by using the logical host name and address of the server. If the logical host fails over to a new physical host, then that failover is transparent to the client.
This new feature enables you to run more than one installation of Oracle Internet Directory on a single host. You can then replicate between them or use this new feature as part of a failover strategy.
This new feature enables you to synchronize various directories with Oracle Internet Directory. It also makes it easier for third party metadirectory vendors and developers to develop and deploy their own connectivity agents.
See Also:
Part VII: "Oracle Directory Integration and Provisioning Platform" |
Password policy management enables you to establish and enforce rules for how passwords are used.
See Also:
|
These procedures enable you to upgrade from Oracle Internet Directory release 2.1.1.
The Oracle directory server and database tools are no long restricted to run on a UTF8 database. However, there may be data loss during add, delete, modify, or modifydn operations if the character sets of the data contained in the client request and the directory server database repository are different and the client data cannot be mapped to the database character set. If the database underlying the Oracle directory server is neither AL32UTF8 nor UTF8, then be sure that all characters in the client character set are included in the database character set, with the same or different character codes.
This section describes the new features introduced with Oracle Internet Directory release 2.1.1.
Attribute options enable you to specify how the value for an attribute is made available in a search or a compare operation. For example, suppose that an employee has two addresses, one in London, the other in New York. Options for that employee's address
attribute could allow you to store both addresses. Users could then search for either address.
Attribute options can include language codes. For example, options for John Doe's givenName
attribute could enable you to store his given name in both French and Japanese. A user could then search for the name in either language.
These enhancements enable you to specify the type of change log purging to use: change number-based or time-based.
This enhanced support enables you to use one or more of these attributes in searches.
See Also:
|
This new feature enables you to migrate data from other LDAP v3-compatible directories into Oracle Internet Directory.
Object class explosion enables you to add or perform an operation on an entry without specifying the entire hierarchy of superclasses associated with that entry.
See Also:
"Guidelines for Adding Object Classes" for an explanation of how to use this feature when adding object classes |
This tool assists in capacity planning. It helps you analyze the various database schema objects so that you can estimate the statistics.
This new feature enhances the available password protection by storing passwords as hashed values. Storing passwords as one-way hashed values--rather than as encrypted values--more fully secures them because a malicious user can neither read nor decrypt them. You can select one of the following hashing algorithms:
See Also:
The following new replication tools are now added:
This tool enables you to move changes from the human intervention queue to either the retry queue or the purge queue.
This tool enables you to synchronize conflicting changes in a replicated environment.
See Also:
|
This new feature enables you to delete a node from a directory replication group.
If you are working in a metadirectory environment, then this new feature enables you to form a single virtual directory by synchronizing multiple directories with Oracle Internet Directory.
Note: This feature was replaced in Release 3.0.1 by the Oracle Directory Integration and Provisioning platform. See Chapter 32, "Oracle Directory Integration and Provisioning Platform Concepts and Components" for further information. |
|
![]() Copyright © 1999, 2003 Oracle Corporation. All Rights Reserved. |
|