Skip Headers
Oracle® Authentication Services for Operating Systems Administrator's Guide
10
g
(10.1.4.0.1-OAS4OS)
E12023-01
Home
Book List
Index
Master Index
Contact Us
Next
View PDF
Contents
List of Figures
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Product Overview
1.1
Introduction to Oracle Internet Directory
1.2
Features of Oracle Authentication Services for Operating Systems
1.3
Components of Oracle Authentication Services for Operating Systems
1.4
How User Authentication Works With Oracle Internet Directory
1.5
Installation and Configuration Overview
1.6
Management Overview
1.7
Additional Documentation
2
Before You Install
2.1
Verify Your Client and Server Operating Systems
2.2
Install Oracle Internet Directory and Oracle Directory Integration Platform
2.3
Upgrade Oracle Internet Directory to 10
g
(10.1.4.2.0)
2.4
Apply the Oracle Internet Directory StartTLS and MD5 Crypt Library Patch
2.5
Determine Which Product Features You Will Use
2.6
Download NIS Migration Scripts
2.7
Download and Apply DIPASSISTANT Patch
2.8
Download SUDO Package
2.9
Create and Index New Custom Attributes (Optional)
3
Installing and Configuring Oracle Authentication Services for Operating Systems
3.1
Introduction
3.1.1
SSL Support
3.1.1.1
Self Signed Certificates
3.1.1.2
Certificate Authority Signed Certificates
3.1.2
Password Policy Enforcement
3.1.3
Active Directory Integration
3.1.4
Directory Plug-ins
3.1.5
Tools Used During Configuration
3.2
Configuring Oracle Authentication Services for Operating Systems on the Server
3.3
Configuring Oracle Authentication Services for Operating Systems on the Client
3.4
Replacing Self-Signed Certificates with CA-Signed Certificates
3.5
Configuring Oracle Internet Directory for Centralized Password Policies
3.5.1
Disabling Value Policies Local to the Operating System
3.5.2
Disabling State Policies Local to the Operating System
3.6
Switching Between SSL Authentication and Non-SSL Configurations
3.7
Rerunning the Configuration Scripts
3.8
Restoring the Client and Server to Their Pre-Configuration State
3.8.1
Restoring the Client
3.8.2
Restoring the Server
4
Migrating Entries to Oracle Internet Directory
4.1
Migrating Entries
4.1.1
Migrating from NIS to Oracle Internet Directory
4.1.2
Migrating from Operating System Files to Oracle Internet Directory
4.1.3
Migrating from Another LDAP Directory to Oracle Internet Directory
4.1.3.1
Schema Migration
4.1.3.2
Data Migration
4.2
Setting Access Control on User Entry Attributes
4.3
Using Custom Attributes in Oracle Internet Directory
4.4
Migrating SUDO
4.4.1
Migrating SUDO Entries to Oracle Internet Directory on the Server
4.4.2
Configuring a Client to Use LDAP for SUDO Information
4.4.3
Reconfiguring a Client to Use /etc/sudoers
5
Configuring Active Directory Integration
5.1
Setting up a Plug-in to Augment Active Directory Entries for Linux Authentication
5.2
Configuring Oracle Directory Integration Platform
5.3
Configuring SSL Between Oracle Directory Integration Platform and Active Directory
5.4
Configuring SSL Between Oracle Directory Integration Platform and Oracle Internet Directory
5.5
Setting Up the External Authentication Plug-in
6
Managing Oracle Authentication Services for Operating Systems
6.1
Creating Home Directories
6.2
Managing Users and Groups With libuser Tools
6.3
Managing Oracle Internet Directory With Oracle Directory Manager and Command-Line Utilities
6.3.1
Testing Whether a User Has Been Added
6.3.2
Changing a User's Password by Using ldapmodify
6.3.3
Adding a User by Using ldapadd
6.3.4
Adding a Group by Using ldapadd
6.4
Managing Password Policies
A
Troubleshooting
A.1
Data Migration Errors
A.1.1
Sudo Conversion Script Errors
A.2
Management Tool Problems
A.2.1
Error in system-config-users
A.2.2
The libuser Tools Fail with Python Errors
A.2.3
Linux Management Tools Cause Inconsistencies
A.2.4
ldapsearch Error
A.3
Testing and Log File Messages
A.3.1
Enabling Log Messages for All Operations
A.3.2
Testing StartTLS
A.3.3
Password Syntax Errors
A.4
User Login Errors
A.4.1
Users Cannot Log In
A.4.2
User's Home Directory Does Not Exist
A.4.3
User's Shell Does Not Exist
A.4.4
Password Policy Not Consistently Enforced
B
Properties File for LDAP Migration
C
Sample Mapfiles
C.1
Template Mapfile
C.2
Sample Mapfile 1
C.3
Sample Mapfile 2
C.4
Sample Mapfile 3
C.5
Sun Java System Directory Server Mapfile 1
C.6
Sun Java System Directory Server Mapfile 2
C.7
eDirectory Mapfile
D
Synchronization Profile for Active Directory Integration
Index