Resource Configuration Notes

The LDAP adapter supports Active Sync for the Sun Java System Directory Server resource using the resource's Retro change log. On the Waveset side, use either the LDAPActiveSyncForm.xml or LDAPPasswordActiveSyncForm.xml as input forms for synchronization. See the Chapter 4, Dataloading Scenario, in Oracle Waveset 8.1.1 Deployment Guide and Chapter 52, Synchronizing LDAP Passwordsfor details on configuring Waveset.

To configure the Sun Java System Directory Server to enable the change log and tracking of modifier information, use the following instructions as guide (the actual procedure depends on the Directory Server version).

Configuring Directory Server for Use with the LDAP Adapter

1. From the directory server configuration tab, click on the Replication folder, then select the “Enable change log” box. For 5.0 and later servers, you must also enable the RetroChangelog Snapin. On the configuration tab go to the plugin object, select the Retro change log plugin and enable it.

2. To verify that the server is configured to maintain special attributes for newly created or modified entries, in the Directory Server console, click the Configuration tab, then select the root entry in the navigation tree in the left pane.

3. Click the Settings subtab and verify that the Track Entry Modification Times box is checked.

   The server adds the following attributes to a newly created or modified entry to determine if an event was initiated from Waveset.

   • creatorsName: The DN of the person who initially created the entry.

   • modifiersName: The DN of the person who last modified the entry.

4. Connect to a directory server through SSL in which a self-signed certificate has been implemented by performing the following procedure:

   • Export the CA certificate from the directory server to a temporary file. For example, on Sun Java System Directory Server, enter the following command:

     certutil -L -d DB_Directory -P slapd-HostName- -n Nickname -a > ds-cert.txt

   • Import this certificate into your keystore.

     cd $JAVA_HOME/jre/lib/security keytool -import -file PathTo/ ds-cert.txt -keystore ./cacerts -storepass changeit -trustcacerts