Configuring Distribution With the Command Line Interface

The following is a step by step procedure that defines all the different elements needed to set up a deployment using simple distribution. The following example shows a distribution split on two partitions. For more information on the different types of distribution available, see Data Distribution Using the Proxy.

The following figure illustrates all the objects that need to be created to configure a Oracle Unified Directory proxy using a simple distribution deployment. The objects must be created in the order indicated.

All the commands in this procedure specify the proxy hostname (-h), the proxy admin port (-p), the bind DN for the initial root user (-D) and the proxy password you want to configure (-w). You must also indicate the authentication; if none is indicated and the client and the server are running in the same instance, the local authentication configuration is used.

To Configure Simple Distribution

1. Create a proxy LDAP server extension:

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -w password \
   create-extension \
   --extension-name proxy_extension1 \
   --type ldap-server \
   --set enabled:true \
   --set remote-ldap-server-address:DS1_hostname \
   --set remote-ldap-server-port:2389

   The LDAP server extension is a link to the remote LDAP server. For this use case, you will need two remote LDAP server instances. Go through this step again, making sure to use a different LDAP hostname and port.

2. Create a proxy workflow element for each LDAP server extension:

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -w password \
   create-workflow-element \
   --element-name proxy-we1 \
   --type proxy-ldap\ 
   --set enabled:true \
   --set client-cred-mode:use-client-identity \
   --set ldap-server-extension:proxy_extension1

   You will need at least two remote LDAP servers for a distribution architecture. Go through this step again. The LDAP server extension name should be the same as those created in step 1.

   The property client-cred-mode indicates the type of authentication used between the proxy and remote LDAP server. The client credential mode can be: use-client-identity, use-specific-identity, or use-proxy-auth.

3. Set up distribution by creating a distribution workflow element:

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -w password \
   create-workflow-element \
   --element-name distrib-we \
   --type distribution \ 
   --set base-dn:dc=example,dc=com \
   --set enabled:true 

4. Set the distribution algorithm:

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -w password \
   create-distribution-algorithm \
   --element-name distrib-we \
   --type numeric \ 
   --set distribution-attribute:uid

   The type of distribution algorithm can be capacity, numeric, lexico, or dnpattern. The properties of the algorithm are defined when you create the distribution partitions, in the next step.

5. Define the distribution partitions:

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -w password \
   create-distribution-partition \
   --element-name distrib-we \
   --partition-name distrib-part1\
   --type numeric \ 
   --set lower-bound:0 \
   --set upper-bound:1000 \
   --set partition-id:1 \
   --set workflow-element:proxy-we1

   For this use case, you will need to create two partitions. Make sure that the partition ID and the partition name are unique for each workflow element. You must specify the same type when defining the partitions as you did when defining the distribution algorithm.

   ---

   Note - The upper boundary indicated is exclusive. This means that if you indicate 1000 as the upper boundary, the partition will only include values from 0 to 999, inclusive.

   ---

6. (Optional) If you created a capacity algorithm, you must create a global index:

   For lexico, numeric, and dnpattern, a global index is optional.

   1. Create a global index catalog:

      $ gicadm -p 4444 -h localhost -D"cn=Directory Manager" -w password \
      create-catalog \
      --catalogName gi-catalog

   2. Add a global index which indexes the dn attribute to the catalog:

      $ gicadm -p 4444 -h localhost -D"cn=Directory Manager" -w password \
      add-index \
      --catalogName gi-catalog \
      --attributeName dn 

   3. Associate the global index catalog to the distribution:

      $ gicadm -p 4444 -h localhost -D"cn=Directory Manager" -w password \
      associate \
      --catalogName gi-catalog \
      --distributionWorkflowElement distrib-we

7. Create a workflow:

   This workflow associates the distribution workflow element with the distribution partition.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -w password \
   create-workflow \
   --workflow-name distrib-workflow \
   --set enabled:true \
   --set base-dn:dc=example,dc=com \
   --set workflow-element:distrib-we

8. Create the network group:

   The network group handles all the requests between the client and the proxy.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -w password \
   create-network-group \
   --group-name network-group1 \
   --set enabled:true \
   --set workflow:distrib-workflow \
   --set priority:1