JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Directory Server Enterprise Edition Administration Guide 11g Release 1 (
search filter icon
search icon

Document Information


Part I Directory Server Administration

1.  Directory Server Tools

2.  Directory Server Instances and Suffixes

3.  Directory Server Configuration

4.  Directory Server Entries

Managing Entries

Managing Entries Using DSCC

Extending Entries Using DSCC

To Extend Entries Using DSCC

Managing Entries Using ldapmodify and ldapdelete

Adding Entries Using ldapmodify

Modifying Entries Using ldapmodify

Deleting Entries Using ldapdelete

Deleting Entries Using ldapmodify

Searching Entries Using ldapsearch

To Move or Rename an Entry Using ldapmodify

Guidelines and Limitations for Using the Modify DN Operation

General Guidelines for Using the Modify DN Operation

Guidelines for Using the Modify DN Operation With Replication

Grouping Entries for Simplified Management

Compressing Entries

To Compress the Size of Entries in Database

Setting Referrals

Setting the Default Referrals

To Set a Default Referral

Setting Smart Referrals

To Create and Modify a Smart Referral

Checking Valid Attribute Syntax

To Turn On Automatic Syntax Checking

Tracking Modifications to Directory Entries

To Turn Off Entry Modification Tracking

Encrypting Attribute Values

Attribute Encryption and Performance

Attribute Encryption Usage Considerations

To Configure Attribute Encryption

5.  Directory Server Security

6.  Directory Server Access Control

7.  Directory Server Password Policy

8.  Directory Server Backup and Restore

9.  Directory Server Groups, Roles, and CoS

10.  Directory Server Replication

11.  Directory Server Schema

12.  Directory Server Indexing

13.  Directory Server Attribute Value Uniqueness

14.  Directory Server Logging

15.  Directory Server Monitoring

Part II Directory Proxy Server Administration

16.  Directory Proxy Server Tools

17.  Directory Proxy Server Instances

18.  LDAP Data Views

19.  Directory Proxy Server Certificates

20.  Directory Proxy Server Load Balancing and Client Affinity

21.  Directory Proxy Server Distribution

22.  Directory Proxy Server Virtualization

23.  Virtual Data Transformations

24.  Connections Between Directory Proxy Server and Back-End LDAP Servers

25.  Connections Between Clients and Directory Proxy Server

26.  Directory Proxy Server Client Authentication

27.  Directory Proxy Server Logging

28.  Directory Proxy Server Monitoring and Alerts

Part III Directory Service Control Center Administration

29.  Directory Service Control Center Configuration


Grouping Entries for Simplified Management

You can simplify entry management by associating related entries in groups. The group mechanism makes it easy to retrieve a list of entries that are members of a given group and set access permissions for a whole group.

Entries can be managed as members of dynamic and static groups. Static groups are suitable for groups with few members, such as a group of directory administrators. A dynamic group specifies one or more URL search filters, so the dynamic group membership is defined each time these search filters are evaluated.

You can retrieve a list of all the static groups a given user is a member of by using the dynamic isMemberOf attribute. This attribute is located in the user entry and in nested group entries and holds the DNs of the static groups to which the member belongs. For example, Kirsten Vaughan is a new system administrator in the human resources department. Her entry shows that she is a member of both the System Administrators group and the HR Managers group.

$ ldapsearch -b "dc=example,dc=com" uid=kvaughan isMemberOf

uid=kvaughan, ou=People, dc=example,dc=com
isMemberOf: cn=System Administrators, ou=Groups, dc=example,dc=com 
isMemberOf: cn=HR Managers,ou=groups,dc=example,dc=com

Membership testing for group entries has been improved. These improvements remove some of the previous restrictions on static groups, specifically the restriction on group size. This performance improvement is only effective after the group entry has been loaded into the entry cache.