Adding Users from a Directory Server

You can add directory servers to Exalogic Control. Users and roles are added to Exalogic Control from the directory server. Users that are added from a directory server begin with complete privileges for each of their roles.

You must configure the remote directory server before adding it to Oracle Exalogic Control as follows:

  1. Create the following user groups on the directory server:

    • EXALOGIC_ADMIN

    • CLOUD_ADMIN

    • CLOUD_USER

  2. Add users to these groups. The users within each group are given the role corresponding to the group.

Adding a Directory Server

To add a directory server in Exalogic Control, complete the following steps:

  1. Access the browser UI of Exalogic Control as described in Accessing the Exalogic Control Browser User Interface, and log in as a user with the Exalogic Systems Admin role.

  2. In the Navigation pane, select Administration.

  3. Select Directory Servers.

  4. In the Actions pane, click Add Directory Server icon.

    The Add Directory Server wizard is displayed, as shown in Figure 6-5.

    Figure 6-5 Add Directory Server Wizard

    Description of Figure 6-5 follows
    Description of "Figure 6-5 Add Directory Server Wizard"

  5. Enter the following connection settings:

    • Name - Enter the name of the directory server

    • Hostname - Enter the host name of the directory server

    • Port - Enter the port number to be used to access the directory server

    • Use SSL - Select this option to use SSL to connect to the directory server

    • Username - Enter the user name used to access the directory server

    • Password - Enter the password used to access the directory server

  6. Click Next. The Remote Directory Server Schema Settings page is displayed.

  7. Enter the following schema settings:

    • Root suffix - The root node of the directory tree for the user search

    • User search DN - The subnode in which to search for users

    • User search scope - The scope of the user search. Acceptable values are base, one, subtree, baseObject, singleLevel, wholeSubtree, or subordinateSubtree.

    • User search filter -An LDAP search filter which users must meet for inclusion

  8. Click Next. The Summary page is displayed.

  9. Review the summary, and click Add Directory Server.

Synchronizing Remote Users and Roles

You can synchronize Exalogic Control with one or all directory servers. This updates the list of users and roles to match the directory server's current information.

  1. Access the browser UI of Exalogic Control as described in Accessing the Exalogic Control Browser User Interface, and log in as a user with the Exalogic Systems Admin role.
  2. In the Navigation pane, select Administration.
  3. Click Directory Servers.

    The list of directory servers is displayed.

  4. To synchronize Exalogic Control with a single directory server, select the server and click the Sync Remote Users and Roles icon.

    To synchronize Exalogic Control with all the directory servers, click Sync all remote users and roles in the Actions pane.

    A confirmation window is displayed.

  5. Click OK.