|
Oracle® Internet Directory Administrator's Guide,
10g Release 2 (10.1.2) Part No. B14082-01 |
|
 Previous |
 Next |
|
Oracle® Internet Directory Administrator's Guide,
10g Release 2 (10.1.2) Part No. B14082-01 |
|
|
Previous |
Next |
Before configuring and using Oracle Internet Directory, you must perform the tasks described in this chapter. This chapter also lists the locations of the log files of the various Oracle Internet Directory components.
This section contains these topics:
The OID Monitor must be running to process commands to start and stop the server. Before starting the OID Monitor, you should have an understanding of its role in process control of Oracle Internet Directory components, as described in "Process Control of Oracle Internet Directory Components".
Start the OID Monitor as follows:
Set the following environment variables:
ORACLE_HOME
ORACLE_SID or a proper TNS CONNECT string
NLS_LANG (APPROPRIATE_LANGUAGE.AL32UTF8). The default language set at installation is AMERICAN_AMERICA.
PATH. In the PATH environment variable, specify the Oracle LDAP binary—that is, ORACLE_HOME/bin—before the UNIX binary directory.
oidmon [connect=connect_string] [host=virtual/host_name][sleep=seconds] start
|
See Also: "OIDMON, OIDCTL, and OPMN" for information about the role of the OID Monitor in process control "The OID Monitor (oidmon) Syntax" for more information about starting and stopping the OID Monitor |
Once the OID Monitor is running, start a server instance by using either the Oracle Enterprise Manager 10g Application Server Control Console or the OID Control Utility.
|
Note: You can run multiple instances if the directory server is on the same computer. For example, you can run one instance in SSL mode and another in non-SSL mode. |
To meet the needs of your environment, you must customize the default security configuration. Table 3-1 lists and describes the tasks you must perform to do this.
Table 3-1 Tasks to Reset the Default Security Configuration
| Task Area | Description |
|---|---|
Protect the subSchemaSubEntry subentry and its children
|
Information about the directory is contained in the subentry subSchemaSubEntry and its children. Oracle recommends that you control access to these objects.
|
| Establish access to entries | When you load directory entries, you are creating a hierarchy of directory entries. You must therefore establish:
|
| Modify default access policies | Oracle Internet Directory is installed with a default security configuration described in Chapter 17, "Delegation of Privileges for an Oracle Technology Deployment". Before you begin using the directory, you can modify this default configuration to meet the needs of your environment and ensure that each user has the appropriate authorization. |
| Modify the default password policy | Password polices are sets of rules that govern how passwords are used. Oracle Internet Directory is installed with a default password policy that you can modify to meet the needs of your environment. |
| Modify the password of the super user | The super user has full access to directory information. The default user name of the super user is orcladmin; the default password is welcome. Modify this password immediately after installation.
|
|
See Also:
|
|
Caution: Be careful when modifying the default ACLs in any Oracle Context. Doing so can disable the security of Oracle components in your environment. See component-specific documentation for details on whether you can safely modify the default ACLs in an Oracle Context. |
Oracle Internet Directory uses a password when connecting to its desginated Oracle database. The default for this password is the same as that specified during installation for the Oracle Application Server administrator (ias_admin). Change this default password by using the OID Database Password Utility.
If you load data into the directory by any means other than the bulkload tool (bulkload.sh), then you must run the OID Database Statistics Collection tool after loading. This enables the Oracle Optimizer to choose an optimal plan for executing queries corresponding to LDAP operations. You can run OID Database Statistics Collection tool at any time without shutting down any of the OID daemons.
|
Note: To run shell script tools on the Windows operating system, you need one of the following UNIX emulation utilities:
|
Oracle Internet Directory components output their log and trace information to log files in the ORACLE_HOME environment. Table 3-2 lists each component and the location of its corresponding log file.
Table 3-2 Log File Locations
