Index

A  B  C  D  E  F  G  H  I  K  L  M  N  O  P  R  S  T  U  V  W 

A

access control
for agents, 2.2.2
for directory integration server, 2.2.1
for profiles, 2.2.2
in Oracle Directory Integration Platform, 2.2
in the Oracle Directory Integration Platform, 2.2
access control lists (ACLs)
customizing, 17.3.2
for export profiles, 17.3.2.2
for import profiles, 17.3.2.1
sample files, 17.3.2.3
Active Directory
trust relationships between domains, 16.3.7
ActiveChgImp profile, 18.3
ActiveExport profile
synchronization profiles
ActiveExport, 18.3
ActiveImport profile, 18.3
administering Oracle Access Manager, 16.2.10
administrative privileges, provisioning, 12.7
advanced integration options, configuring, 17.3
application bootstrapping, provisioning, 12.4.6
asynchronous provisioning, 12.3.2
attribute mapping rules and examples, 6.4.4
attribute mappings
for Microsoft Active Directory, 18.3.5
for Novell eDirectory and OpenLDAP, 22.3.5
for Sun Java System Directory, 20.3.4
attribute-level mapping, 6.4.2
attributes
for login name, 16.2.6
for user login name, 17.3.1
authentication
in the Oracle Directory Integration Platform, 2.1
profile, 2.1.3
SSL
mode, 2.1.2
authentication dynamics
Windows Native Authentication, 16.3.3.1
authorization
in the Oracle Directory Integration Platform, 2.2

B

bootstrapping
application, 12.4.6
in integrated environments
by using default integration profiles, 8.1.6
by using the parameter file, 8.1.5
in SSL mode, 8.2
recommended methdology, 8.1.4
with an LDIF file, 8.1.5.2
without an LDIF file, 8.1.5.1
in integration with third-party directories, 23.2.1
in Oracle Directory Integration platform, 8
Oracle Internet Directory from Oracle Human Resources, 10.5
syncProfileBootstrap, 8.1
browser settings, Windows Native Authentication, 18.5.3

C

central enterprise directory
Oracle Internet Directory as, 16.2.2.1
third-party directory as, 16.2.2.2
change logs
in synchronization process, 1.4.2.2
object store, and integration with third-party metadirectory solutions, 11.1
command-line administration tools for Oracle Directory Integration Platform, 3.2
command-line tools, 3.2
dipStatus, 4.2.1
expressSyncSetup, 17.2
manageDIPServerConfig, 4.5
manageSyncProfiles, 7.2
oidprovtool, 13.2, 13.2
provProfileBulkProv, 12.4.4
syncProfileBootstrap, 8.1
configuring
advanced integration options, 17.3
connection details, 6.3
external authentication plug-ins, 17.3.6
mapping rules, 6.4
matching filters, 6.6
properties, 13.4
Windows Native Authentication, 18.5
configuring the Microsoft Active Directory external authentication plug-in, 18.3.10
connected directories
described, 1.4.2.2
SSL certificates for, 4.7
connection details, configuring, 6.3
connectors, 5
connectors for Directory Synchronization, described, 5.1.1
connectors, registering, 6.1
creating
custom event object definitions, 14.2.1
synchronization profiles, 7.1.1
custom event object definitions, creating, 14.2.1
customizing mapping rules, 17.3.3

D

Data Access Java plug-in, 12.3.1
data flow, provisioning, 12.3.3
data integrity, 2.3
data integrity in Oracle Directory Integration Platform, 2.3
data privacy in Oracle Directory Integration Platform, 2.4
Debugging Windows Native Authentication, E.6.1
defining custom event generation rules, 14.2.2
deleting synchronization profiles, 7.1.4
deploying provisioning-integrated applications, 13.1
deregistering a directory, 11.4.2
DIP Server
configuring with Fusion Middleware Control, 4.3.4
configuring with manageDIPServerConfig, 4.5
SSL mode 2, 4.6
DIP Tester utility, E.2
dipStatus, 4.2.1
directory
information tree (DIT)
structure of, in integrated environments, 16.2.5
registration, 11.2.2.1
directory information tree (DIT), default, 16.2.5
directory information tree provisioning entries, 12.5.1
directory integration profiles, 6.1
directory provisioning profile, 4.1.1
directory synchronization profile, 4.1.1
directory provisioning in a multimaster Oracle Internet Directory replication environment, 4.1.2.2
Directory synchronization connectors, described, 5.1.1
directory synchronization in a multimaster Oracle Internet Directory replication environment, 4.1.2.1
Directory Synchronization Profiles, described, 5.1.2
DirSync, 16.3.1, 18.4
distinguished name mapping, 6.4.1

E

enabling password synchronization from Oracle Internet Directory to a third-party directory, 17.3.5
event generation rules, defining, 14.2.2
event object definitions, creating, 14.2.1
event propagation, Oracle Directory Integration Platform in a multimaster Oracle Internet Directory replication environment, 4.1.2
export profile
expressSyncSetup, 17.2
expressSyncSetup, 17.2
external authentication plug-in
for integration with third-party directories, 16.1.1
Microsoft Active Directory, 18.3.10
external authentication plug-ins
configuring, 17.3.6

F

features, new, Preface
file naming conventions, 6.7
files
location, 6.7
foreign security principals
defined, 16.3.7
in Oracle Internet Directory
synchronzing with Microsoft Active Directory, 18.6
Fusion Middleware Control
accessing, 3.1.1
creating synchronization profiles, 7.1.1
DIP Home Page, 3.1.1.1
DIP Server configuration, 4.3.4
DIP statistics, 4.3.1
editing synchronization profiles, 7.1.2
managing DIP, 4.3
provisioning profiles, 12.6.3
starting DIP, 4.3.2
stopping DIP, 4.3.3
synchronization profile mapping, 7.1.1

G

graphical administration tools for Oracle Directory Integration Platform, 3.1
group search context, 16.2.8
groupcreatebase, configuring in integration with Microsoft Active Directory, 17.3.1
groupsearchbase, configuring in integration with Active Directory, 17.3.1

H

high availability, 4.8

I

identity management realms
about, 16.1.3.1
access control policies in, 16.1.3.1
default, 16.1.3.1
multiple, 16.1.3.1
import profile
expressSyncSetup, 17.2
installation options for Oracle Identity Management, 1.2
integrated environments
bootstrapping in, 8
recommended bootstrapping methodology, 8.1.4
security concerns, 16.2.9
integration
with a relational database, 9
with a single third-party directory, 16.1.3.3
with Active Directory
setting the user login name attribute, 17.3.1
setting user and group search bases, 17.3.1
with Microsoft Active Directory, 18
customizing search filter, 18.3.3
setting the user login name attribute, 17.3.1
with Multiple Microsoft Active Directory domain controllers, 16.3.5
with Novell eDirectory and OpenLDAP
customizing search filter, 22.3.3
with Oracle E-Business Suite, 15
with Oracle Human Resources, 10
with Sun Java System Directory, 20
with third-party directories
choosing the central enterprise directory, 16.2.2
components, 16.1.1
concepts and architecture, 16.1
concepts and considerations, 16
directory information tree (DIT) structure, 16.2.5
in SSL mode, 17.3.4
LDAP schema, customizing, 16.2.3
passwords, where to store, 16.2.4
planning, 16.1.3.2
preliminary considerations, 16.2.1
integration concepts
for Novell eDirectory and OpenLDAP, 16.6
Microsoft Active Directory, 16.3
Sun Java System Directory, 16.4
integration profiles
authentication, 2.1.3
default, 8.1.6
for synchronization, 5
relational database, 9.3

K

Kerberos protocol, 16.3.3.1

L

LDAP schema, customizing, 16.2.3
login
name, attribute for, 16.2.6

M

manageDIPServerConfig, 4.5
manageSyncProfiles, 7.2
managing
synchronization profiles, 7.1
third-party directories
integration, 23.1
mapping
attribute-level, 6.4.2
distinguished name, 6.4.1
mapping rules, 5.1.2
configuring, 6.4
customizing, 17.3.3
for group entries, 16.2.5.2.2
for user entries, 16.2.5.2.1
format, 5.1.2
updating, 6.4.7
matching filters
change log, 6.6.2
LDAP search, 6.6.1
matching filters, configuring, 6.6
Microsoft Active Directory
attribute mappings, 18.3.5
connector, configuring for Microsoft Exchange Server, 18.9
domain controller
switching to different in same domain, 18.7
foreign security principals, 16.3.7, 16.3.7
integration concepts, 16.3
integration with, 18
integration with multiple domain controllers, 16.3.5
multiple domain
synchronizing with, 16.3.6, 16.3.6
multiple domains, synchronizing with, 18.3.6
synchronizing deletions from, 18.3.7, 18.3.7
synchronizing passwords from, 18.3.9, 18.3.9
trust relationships between domains, 16.3.7
Microsoft Active Directory, external authentication plug-in, configuring, 18.3.10
Microsoft Exchange Server, configuring the Microsoft Active Directory Connector for, 18.9
modifying
synchronization status attributes, 7.3
multimaster Oracle Internet Directory replication environment
directory provisioning, 4.1.2.2
directory synchronization, 4.1.2.1
Oracle Directory Integration Platform event propagation, 4.1.2
multiple-domain Microsoft Active Directory, synchronizing with, 16.3.6

N

new features, Preface
nontransitive trust relationship in Microsoft Active Directory, 16.3.7
Novell eDirectory and OpenLDAP
attribute mappings, 22.3.5
synchronizing deletions from, 22.3.6, 22.3.6
synchronizing passwords from, 22.3.8, 22.3.8
Novell eDirectory and OpenLDAP integration concepts, 16.6

O

oidprovtool, 13.2
OpenLDAP Community, Preface
Oracle Access Manager, administering, 16.2.10
Oracle Application Server Single Sign-On, 16.1.1
and Windows native authentication, 16.1.1
described, 1.4.3
Oracle Delegated Administration Services, 16.1.1
Oracle Directory Integration
problems and solutions, E.3
what it is, 1.1
Oracle Directory Integration Platform, 12, 16.1.1
access control and authorization in, 2.2
administration, 4
command-line administration tools, 3.2
data integrity, 2.3
data privacy, 2.4
deletion of users, D.6
deployment example, D
event propagation in a multimaster Oracle Internet Directory replication environment, 4.1.2
graphical administration tools, 3.1
in a replicated environment, 4.9
in high availability scenario, 4.8
modification of user properties, D.5
operational information about, 4.1
structure, 1.4.2
user creation and provisioning, D.4
what it is, 1.1
Oracle Directory Integration Platform Service, described, 1.4.2.3
Oracle Directory Synchronization Service
interaction between components, 1.4.2.2, 1.4.2.2
Oracle E-Business Suite, integrating with, 15
Oracle Human Resources
agent, 10
configuring, 10.3.1
mapping rules for, 10.3.3
importing from, 10.2
running synchronization, 10.3.4
synchronizing with, 10
Oracle Identity Management installation options, 1.2
Oracle Identity Management Integration, benefits of, 1.1
Oracle Identity Manager, 12
Oracle Internet Directory, 16.1.1
as the central directory in a synchronized environment, 1.4.2.2
described, 1.4.1
event propagation in a multimaster replication environment, 4.1.2
schema elements for integration with third-party directories, 16.1.2
Oracle Internet Directory Provisioning Console, 3.1.3, 12.2
Oracle Internet Directory schema elements
for Microsoft Active Directory, 16.3.4
Oracle Internet Directory schema elements for Novell eDirectory, 16.6.2
Oracle Internet Directory schema elements for OpenLDAP, 16.6.3
Oracle Internet Directory schema elements for Sun Java System Directory, 16.4.2
Oracle Internet Directory Self-Service Console, 3.1.2
Oracle Password Filter for Microsoft Active Directory, deploying, 19
Oracle provisioning events, explained, 14.1
orclChangeSubscriber, 6.1
orclLastAppliedChangeNumber attribute, 11.3.2
orclodiplastappliedchangenumber, 6.1
orclodiProfile, 6.1

P

password synchronization, enabling, from Oracle Internet Directory to a third-party directory, 17.3.5
passwords
where to store in an integrated environment, 16.2.4
planning the third-party directory integration, 16.1.3.2
PL/SQL plug-in, 12.3.2
plug-in
Data Access Java, 12.3.1
PL/SQL, 12.3.2
Pre-Data Entry, 12.3.3
plug-in Post-Data Entry, 12.3.3
Post-Data Entry plug-in, 12.3.3
Pre-Data Entry plug-in, 12.3.3
problems and solutions
Oracle Directory Integration, E.3
profiles
access controls for, 2.2.2
directory integration, 6.1
creating, 7.1.1
deleting, 7.1.4
directory synchronization, 5.1.2
managing, 7.1
sample synchronization profiles, 6.2
provisioning
administration model, 12.7.1
administrative privileges, 12.7
agent, 1.4.2.3
agents, for legacy applications, 1.4.2.3
application bootstrapping, 12.4.6
asynchronous, 12.3.2
compared with synchronization, 1.3
contrasted with synchronization, 1.3.3
described, 1.3.2
entries in the directory information tree, 12.5.1
explained, 12.1
flow, 12.6
goal of, 1.3.2
on-demand, 12.4.5
Oracle Internet Directory Provisioning Console, 12.2
provisioning integration profile, 12.2
synchronous, 12.3.1
user statuses, 12.5.2
provisioning administration model, 12.7.1
provisioning concepts, understanding, 12.3
provisioning data flow, 12.3.3
provisioning events, explained, 14.1
provisioning profile
creating, 13.2.3.1
deleting, 13.2.3.3
disabling, 13.2.3.4
modifying, 13.2.3.2
provisioning profiles
managing with Fusion Middleware Control, 12.6.3
provisioning service
Oracle Directory Integration Platform Service, described, 1.4.2.3
provisioning users
created with command-line LDAP tools, 12.4.3
from the Provisioning Console, 12.4.1
on-demand, 12.4.5
statuses, 12.5.2
that are synchronized from an external source, 12.4.2
provisioning, troubleshooting, E.4
provisioning-integrated application, 13.4
provisioning-integrated applications
deploying, 13.1
registering, 13.3
provProfileBulkProv, 12.4.4

R

realms
about, 16.1.3.1
access control policies in, 16.1.3.1
configuring in third-party integrations, 17.3.1
default, 16.1.3.1
multiple, 16.1.3.1
recommended bootstrapping methodology in integrated environments, 8.1.4
registering a directory, 11.2.2.2
registering applications for provisioning, 13.3
registration, directory, 11.2.2.1
replication
and Oracle Directory Integration Platform, 4.9
rules and examples of attribute mappings, 6.4.4

S

sample synchronization profiles, 6.2
schema elements, Oracle Internet Directory
for Microsoft Active Directory, 16.3.4
for Novell eDirectory, 16.6.2
for OpenLDAP, 16.6.3
for Sun Java System Directory, 16.4.2
search filter, customizing in Microsoft Active Directory integration, 18.3.3
search filter, customizing in Novell eDirectory and OpenLDAP integration, 22.3.3
SearchDeltaSize parameter, E.6.2
security
in integrated environments, 16.2.9
in the Oracle Directory Integration Platform, 2
tools in Oracle Directory Integration Platform, 2.5
Simple and Protected GSS-API Negotiation Mechanism (SPNEGO), 16.3.3.1
single third-party directory, integration with, 16.1.3.3
SPNEGO protocol, 16.3.3.1
SSL, 2.1.1
and third-party directory integration, 17.3.4
certificates for connected directories, 4.7
SSL mode, bootstrapping in integrated environments, 8.2
starting and stopping the Oracle stack, C
starting DIP
Fusion Middleware Control, 4.3.2
WLST, 4.4
starting the Oracle stack, C.1
statuses
provisioning users, 12.5.2
stopping DIP
Fusion Middleware Control, 4.3.3
WLST, 4.4
stopping the Oracle stack, C.2
Sun Java System Directory
attribute mappings, 20.3.4
integration with, 20
synchronizing deletions from, 20.3.5, 20.3.5
synchronizing passwords from, 20.3.6, 20.3.6
Sun Java System Directory integration concepts, 16.4
synchronization
compared with provisioning, 1.3
contrasted with provisioning, 1.3.3
decisions to make before, 16.1.3.2
deletions from Microsoft Active Directory, 18.3.7
deletions from Novell eDirectory and OpenLDAP, 22.3.6
deletions from Sun Java System Directory, 20.3.5
described, 1.3.1
from a connected directory to Oracle Internet Directory, 5.2.2
from directories with interfaces not supported by Oracle Internet Directory, 5.2.3
from Oracle Internet Directory to a connected directory, 5.2.1
one-way, 1.4.2.2
passwords from Microsoft Active Directory, 18.3.9
passwords from Novell eDirectory and OpenLDAP, 22.3.8
passwords from Sun Java System Directory, 20.3.6
process, 11.3
profiles, 1.3.1, 5
scenarios, 5.2
status attributes, modifying, 7.3
two-way, 1.4.2.2
use of the change log, 1.4.2.2
USNChange-based, 16.3.1
with Oracle Human Resources, 10
with other directories, 11, 11.2
synchronization profile mappings
Fusion Middleware Control, 7.1.1
synchronization profiles
ActiveChgImp, 18.3
ActiveImport, 18.3
creating with Fusion Middleware Control, 7.1.1
deleting with Fusion Middleware Control, 7.1.4
disabling with Fusion Middleware Control, 7.1.3
editing with Fusion Middleware Control, 7.1.2
enabling with Fusion Middleware Control, 7.1.3
managing with manageSyncProfiles, 7.2
synchronization requirements, verifying, 17.1
synchronization, troubleshooting, E.5
synchronizing
from Microsoft Active Directory to Oracle Internet Directory, 16.3.1
from Novell eDirectory or OpenLDAP to Oracle Internet Directory, 16.6.1
from Sun Java System Directory to Oracle Directory Integration Platform, 16.4.1
with multiple Microsoft Active Directory domains, 18.3.6
synchronous provisioning, 12.3.1
syncProfileBootstrap, 8.1

T

third-party directories
concepts and architecture for integration with, 16.1, 16.1
external authentication with, 16.1.1
integration
post-configuration tasks, 23.1
typical management tasks, 23.2, 23.2
integration with
choosing the central enterprise directory, 16.2.2
components, 16.1.1
concepts and considerations, 16
directory information tree (DIT) structure, 16.2.5
LDAP schema, customizing, 16.2.3
passwords, where to store, 16.2.4
planning, 16.1.3.2
preliminary considerations, 16.2.1
third-party directory
single, integration with, 16.1.3.3
tools
command-line administration, 3.2
Oracle Internet Directory Provisioning Console, 3.1.3
Oracle Internet Directory Self-Service Console, 3.1.2
transitive trust relationships in Active Directory, 16.3.7
troubleshooting
DIP Tester utility, E.2
provisioning, E.4
synchronization, E.5

U

understanding provisioning concepts, 12.3
updating mapping rules, 6.4.7
user
search context, 16.2.7
usercreatebase
configuring in integration with Active Directory, 17.3.1
usersearchbase
configuring in integration with Active Directory, 17.3.1
USNChange-based synchronization, 16.3.1

V

verifying synchronization requirements, 17.1

W

Windows Native Authentication, 16.3.3
authentication dynamics, 16.3.3.1
browser settings, 18.5.3
configuring, 18.5
debugging, E.6.1
how it works, 16.3.3.1
Windows native authentication
system requirements, 18.5.1
WLST
starting and stopping DIP, 4.4