This chapter describes issues associated with Oracle Virtual Directory. It includes the following topics:
This section describes general issues and workarounds. It includes the following topics:
Oracle Directory Services Manager Browser Window is Not Usable
Identifying the DN Associated with an Access Control Point in Oracle Directory Services Manager
Issues With Oracle Virtual Directory Metrics in Fusion Middleware Control
In some circumstances, after you launch Oracle Directory Services Manager from Fusion Middleware Control, then select a new Oracle Directory Services Manager task, the browser window might become unusable. For example, the window might refresh repeatedly, appear as a blank page, fail to accept user input, or display a null pointer error.
As a work around, go to the URL: http://host:port/odsm, where host and port specify the location where Oracle Directory Services Manager is running, for example, http://myserver.example.com:7005/odsm. You can then use the Oracle Directory Services Manager window to log in to a server.
Data errors or failure may occur when importing LDIF files containing non-English data using Oracle Directory Services Manager's Data Browser.
To workaround this issue, import LDIF files containing non-English data using the ldapadd tool from the command line.
Under certain circumstances, when managing multiple Oracle Virtual Directory components from the same Oracle Directory Services Manager session, exception or error messages may appear if you stop one of the Oracle Virtual Directory components. For example, you are managing Oracle Virtual Directory components named ovd1 and ovd2 from the same Oracle Directory Services Manager session. Both ovd1 and ovd2 are configured and running. If you stop ovd1, an exception or Target Unreachable message may appear when you try to navigate Oracle Directory Services Manager.
To work around this issue, exit the current Oracle Directory Services Manager session, close the web browser, and then reconnect to Oracle Virtual Directory components in a new Oracle Directory Services Manager session.
When you create an Access Control Point (ACP) using Oracle Directory Services Manager, the Relative Distinguished Name (RDN) of the DN where you created the ACP appears in the navigation tree on the left side of the screen. For example, if you create an ACP at the DN of cn=ForExample,dc=us,dc=sales,dc=west, then cn=ForExample appears in the navigation tree. After clicking an ACP in the navigation tree, its settings appear in the right side of the screen and the RDN it is associated with appears at the top of the page.
To identify the DN associated with an ACP, move the cursor over ("mouse-over") the ACP entry in the navigation tree. The full DN associated with the ACP will be displayed in a tool-tip dialog box.
Mousing-over ACPs in the navigation tree is useful when you have multiple ACPs associated with DNs that have identical RDNs, such as:
ACP 1 = cn=ForExample,dc=us,dc=sales,dc=west
ACP 2 = cn=ForExample,dc=us,dc=sales,dc=east
This topic describes issues with Oracle Virtual Directory metrics in Fusion Middleware Control, including:
Included per bug 8603557.
In some circumstances, Oracle Virtual Directory metrics may not appear in Fusion Middleware Control—on the Oracle Virtual Directory Home page or the Performance Summary page—after installing Oracle Virtual Directory on Windows using the Extend Existing Domain option. This issue occurs when the incorrect Fusion Middleware Control agent is configured to monitor Oracle Virtual Directory.
To resolve this issue, perform the following steps to configure the correct Fusion Middleware Control agent to monitor Oracle Virtual Directory:
Identify the correct Fusion Middleware Control Agent to monitor Oracle Virtual Directory by performing the following steps:
Log in to Oracle Enterprise Manager Fusion Middleware Control and navigate to the Oracle Virtual Directory home page.
Click the Oracle Virtual Directory menu and select General Information. The General Information for the Oracle Virtual Directory component appears.
Identify the Oracle Instance location listed in the General Information.
From the command-line, execute the emctl status agent
command from the $ORACLE_INSTANCE/EMAGENT/EMAGENT/bin/ directory, where ORACLE_INSTANCE is the location you identified in the previous step c.
Identify the correct Fusion Middleware Control Agent to monitor Oracle Virtual Directory by searching the results from the emctl status agent
command for the Agent URL
setting.
Configure the Oracle Virtual Directory component to use the Fusion Middleware Control Agent URL you identified in step 1 by performing the following steps:
Click the Farm menu in the upper-left navigation of Fusion Middleware Control and select Agent-Monitored Targets. The Agent-Monitored Targets screen appears.
Click the Configure button for the appropriate Oracle Virtual Directory component in the Targets table. The Configure Target page appears.
Click the Change Agent button. The field that displays the current Agent URL monitoring Oracle Virtual Directory changes into a drop-down list.
Select the Agent URL that you identified in step 1 from the drop-down list and click the OK button.
If you upgraded an Oracle Virtual Directory Release 10g installation with plug-ins configured to execute on specific operations, such as add, bind, get, and so on, to 11g Release 1 (11.1.1), you may have to update those operation-specific plug-ins before you can use Fusion Middleware Control to view performance metrics.
After upgrading to 11g Release 1 (11.1.1) and performing some initial operations to verify the upgrade was successful, check the Oracle Virtual Directory home page in Fusion Middleware Control. You should see data for the Current Load and Average Response Time and Operations metrics.
If you do not see any data for these metrics, you must update the plug-ins configured to execute on specific operations. The work-around is to add the Performance Monitor plug-in to the operation-specific plug-in's configuration chain.
Perform the following steps to add the Performance Monitor plug-in to the operation-specific plug-in's configuration chain:
If the operation-specific plug-in is a Global-level plug-in, edit the server.os_xml file located in the ORACLE_INSTANCE/config/OVD/NAME_OF_OVD_COMPONENT/ directory.
If the operation-specific plug-in is an adapter-level plug-in, edit the adapters.os_xml file located in the ORACLE_INSTANCE/config/OVD/NAME_OF_OVD_COMPONENT/ directory.
Locate the pluginChains
element in the file. For example, if the Dump Transactions plug-in is configured to execute on the get operation, you will see something similar to the following:
Example 41-1 Dump Transactions Plug-In Configured for get Operation
<pluginChains xmlns="http://xmlns.oracle.com/iam/management/ovd/config/plugins"> <plugins> <plugin> <name>Dump Transactions</name> <class>com.octetstring.vde.chain.plugins.DumpTransactions.DumpTransactions</class> <initParams> <param name="loglevel" value="info"/> </initParams> </plugin> <plugin> <name>Performance Monitor</name> <class>com.octetstring.vde.chain.plugins.performance.MonitorPerformance</class> <initParams/> </plugin> </plugins> <default> <plugin name="Performance Monitor"/> </default> <get> <plugin name="Dump Transactions"> <namespace>ou=DB,dc=oracle,dc=com </namespace> </plugin> </get> </pluginChains>
Add the following Performance Monitor plug-in element within the operation-specific configuration chain:
<plugin name="Performance Monitor"/>
For example:
Example 41-2 Adding the Performance Monitor to the Operation-Specific Plug-In Configuration Chain
<pluginChains xmlns="http://xmlns.oracle.com/iam/management/ovd/config/plugins">
<plugins>
<plugin>
<name>Dump Transactions</name>
<class>com.octetstring.vde.chain.plugins.DumpTransactions.DumpTransactions</class>
<initParams>
<param name="loglevel" value="info"/>
</initParams>
</plugin>
<plugin>
<name>Performance Monitor</name>
<class>com.octetstring.vde.chain.plugins.performance.MonitorPerformance</class>
<initParams/>
</plugin>
</plugins>
<default>
<plugin name="Performance Monitor"/>
</default>
<get>
<plugin name="Dump Transactions">
<namespace>ou=DB,dc=oracle,dc=com </namespace>
</plugin>
<plugin name="Performance Monitor"/>
</get>
</pluginChains>
Save the file.
Restart Oracle Virtual Directory.
This section describes configuration issues and their workarounds. It includes the following topics:
In Oracle Virtual Directory Release 10g (10.1.4.2.0), the Enterprise User Security mappings for Microsoft Active Directory and Sun Java System Directory Server were deployed by default when you installed Oracle Virtual Directory. These mappings are not deployed by default in Oracle Virtual Directory 11g Release 1 (11.1.1).
You can deploy these mappings by referring to Chapter 14, "Managing Oracle Virtual Directory Mappings," in the Oracle Fusion Middleware Administrator's Guide for Oracle Virtual Directory.
When creating Database Adapters for Oracle databases in Oracle Virtual Directory 11g Release 1 (11.1.1), use only alphanumeric characters or the following special characters in database table and column names: Dollar sign ($), underscore (_), and pound/hash (#).
When you create a Database Adapter for Oracle databases, be sure you:
Do not use non-ASCII characters in database table and column names
Do not surround database table and column names with double quotation marks ("), for example, do not use "tablename" or "columnname"
If you do not following these character requirements for database table and column names when you create Database Adapters for Oracle databases, you will encounter an ORA-00904 or LocalLDAPException error if you try to use Oracle Directory Services Manager's Data Browser to view the data in the database.
Oracle Directory Services Manager incorrectly displays Full Outer Join as a configuration parameter for the ForkJoin plug-in. However, the ForkJoin plug-in supports only the SecondaryOnlyAttributes, PrimaryAndSecondaryAttributes, and JoinPolicy configuration parameters, with Full Outer Join as a supported value for the JoinPolicy configuration parameter.
Perform the following steps to set Full Outer Join as the value for the JoinPolicy configuration parameter:
Create a back-up copy of the ForkJoin plug-in manifest file:
ORACLE_INSTANCE/config/OVD/NAME_OF_OVD_COMPONENT/adapters.os_xml
Locate the following entry in the adapters.os_xml file:
<param name="FullOuterJoin" value="true"/>
Change the entry to the following:
<param name="JoinPolicy" value="FullOuterJoin"/>
Restart the Oracle Virtual Directory server.
This section describes documentation errata. It includes the following topics:
HideEntriesByFilter Plug-In Applies to All Users Except orcladmin
Additional Step for Creating Database Adapters for Oracle TimesTen In-Memory Database on Windows
Section 4.2.1 in the Administrator's Guide for Oracle Virtual Directory, which describes the HideEntriesByFilter plug-in, does not describe which users the plug-in applies to. The HideEntriesByFilter plug-in applies to all users—except orcladmin.
Section 12.2.2 in the Administrator's Guide for Oracle Virtual Directory, which describes "Creating Database Adapters for Oracle TimesTen In-Memory Database" does not include the following information required for Windows platforms:
The PATH environment variable you set in the opmn.xml file must include the Oracle TimesTen bin directory, such as, TIMESTEN_HOME/bin, where TIMESTEN_HOME represents the directory where you installed the Oracle TimesTen software.
Section 11.4.3.1.1 in the Administrator's Guide for Oracle Virtual Directory, which describes "Editing the Oracle Virtual Directory Administrative Listener Settings" using Oracle Enterprise Manager Fusion Middleware Control, is incomplete.
The following, additional step must be performed after completing the six steps that are documented in section 11.4.3.1.1:
7. Use the opmnctl updatecomponentregistration
command to update the registration of the Oracle Virtual Directory component that contains the Admin Listener you edited.
The syntax for opmnctl updatecomponentregistration
is:
$ORACLE_INSTANCE/bin/opmnctl updatecomponentregistration [-adminHost hostname] [-adminPort weblogic_port] [-adminUsername weblogic_admin] [-adminPasswordFile 'FILE_WITH_WEBLOGIC_ADMIN_PASSWORD'] [-componentType OVD] -componentName componentName [-Host OVD_HOST_NAME]
Notes:
If you do not use the -Host option, the value in listeners.os_xml will be used.
Both the componentName
and componentType
parameters are required.
For example:
$ORACLE_INSTANCE/bin/opmnctl updatecomponentregistration -adminHost myhost \
-adminPort 7001 -adminUsername weblogic -componentType OVD -componentName ovd1
The Administrator's Guide for Oracle Virtual Directory does not include information about when audit logs are created for search operations. Audit logs are created for search operations only when the search requests the userPassword attribute.