Skip Navigation Links | |
Exit Print View | |
Oracle Fusion Middleware Administration Guide for Oracle Unified Directory 11g Release 1 (11.1.1) |
1. Starting and Stopping the Server
2. Configuring the Server Instance
3. Configuring the Proxy Components
4. Configuring Security Between Clients and Servers
5. Configuring Security Between the Proxy and the Data Source
6. Managing Oracle Unified Directory With Oracle Directory Services Manager
Populating a Stand-Alone Directory Server With Data
Importing Data Using import-ldif
To Import Data in Offline Mode
To Replace Existing Data During an Offline Import
To Append Imported Data to Existing Data
To Import Fractional Files by Using Filters
To Include or Exclude Attributes During Import
To Import a Compressed LDIF File
To Record Rejected or Skipped Entries During Import
To Import Data From a MakeLDIF Template
To Run an Import in Online Mode
Exporting Data Using export-ldif
To Export Part of a Back End by Using Filters
To Include or Exclude Attributes During Export
To Export to LDIF and Then Compress the File
To Run an Export in Online Mode
Creating MakeLDIF Template Files
Attribute Value Reference Tags
Tuning the JVM and Java Arguments
Overview of the Backup and Restore Process
To Back Up All Back Ends with Encryption and Signed Hashes
To Perform an Incremental Backup on All Back Ends
To Back Up a Specific Back End
To Perform an Incremental Backup on a Specific Back End
To Schedule a Backup as a Task
Backing Up the Server Configuration
Backing Up for Disaster Recovery
To Back Up the Directory Server For Disaster Recovery
Backing up and Restoring Data Using File System Snapshots
To Take a ZFS Snapshot On a Dedicated Backup Server
To Restore a Directory Server From a ZFS Snapshot
To Restore a Back End From Incremental Backups
To Schedule a Restore as a Task
To Restore the Configuration File
To Restore a Directory Server During Disaster Recovery
Restoring Replicated Directory Servers
Overview of the ldapsearch Command
ldapsearch Location and Format
Specifying Filter Types and Operators
Using UTF-8 Encoding in Search Filters
Using Special Characters in Search Filters
To Search for Specific User Attributes
To Perform a Search With Base Scope
To Perform a Search With One-Level Scope
To Perform a Search With Subtree Scope
To Return Attribute Names Only
To Return User Attributes Only
To Search For Specific Object Classes
To Return a Count of All Entries in the Directory
To Perform a Search With a Compound Filter
To Perform a Search Using a Filter File
To Limit the Number of Entries Returned in a Search
Searching Data With Oracle Directory Services Manager
Using Advanced Search Features
Searching for Special Entries and Attributes
To Search for Operational Attributes
To Search the Configuration Entry
To Search the Monitoring Entry
To Search Over SSL With Blind Trust
To Search Over SSL Using a Trust Store
To Search Over SSL With No Trust Store
To Search Over SSL Using a Keystore
To Search Using SASL With DIGEST-MD5 Client Authentication
To Search Using SASL With the GSSAPI Mechanism
To Search Using SASL With the PLAIN Mechanism
To View the Available Controls
To Search Using the Account Usability Request Control
To Search Using the Authorization Identity Request Control
To Search Using the Get Effective Rights Control
To Search Using the LDAP Assertion Control
To Search Using the LDAP Subentry Control
To Search Using the Manage DSA IT Control
To Search Using the Matched Values Filter Control
To Search Using the Password Policy Control
To Search Using the Persistent Search Control
To Search Using the Proxied Authorization Control
To Search Using the Server-Side Sort Control
To Search Using the Simple Paged Results Control
Searching Using the Virtual List View Control
To Search Using the Virtual List View Control
To Search Using Virtual List View With a Specific Target
To Search Using Virtual List View With a Known Total
Searching in Verbose Mode and With a Properties File
To Search Using a Properties File
Searching Internationalized Entries
Adding, Modifying, and Deleting Directory Data
To Add an Entry Using the --defaultAdd Option With ldapmodify
To Add Entries Using an LDIF Update Statement With ldapmodify
To Add an Attribute to an Entry
To Add an International Attribute
To Modify an Attribute With Before and After Snapshots
To Delete an Entry With ldapmodify
To Delete an Entry With ldapdelete
To Delete Multiple Entries by Using a DN File
Configuring Indexes on the Local DB Back End
To Create a New Local DB Index
To Enable or Disable Compact Encoding
To Enable or Disable Entry Compression
Ensuring Attribute Value Uniqueness
Overview of the Unique Attribute Plug-In
Configuring the Unique Attribute Plug-In Using dsconfig
To Ensure Uniqueness of the Value of the uid Attribute
To Ensure Uniqueness of the Value of Any Other Attribute
Replication and the Unique Attribute Plug-In
Configuring Virtual Attributes
To List the Existing Virtual Attributes
To Create a New Virtual Attribute
To Enable or Disable a Virtual Attribute
To Display the Configuration of a Virtual Attribute
To Change the Configuration of a Virtual Attribute
Extensions to the Collective Attributes Standard
Collective Attributes and Conflict Resolution
Excluding Collective Attributes From Specific Entries
Configuring Collective Attributes
To Create a New Collective Attribute
To Delete a Collective Attribute
To List the Collective Attributes That Apply to an Entry
Inherited Collective Attributes
Specifying Inherited Collective Attributes
Managing Data With Oracle Directory Services Manager
View the Attributes of an Entry
Add an Entry Based on an Existing Entry
10. Managing Users and Groups With dsconfig
11. Managing Password Policies
The Data Browser tab of each server instance in ODSM enables you to perform a basic search on the directory data, and to add, delete, and modify entries. The following sections describe how to manage data with ODSM.
To display directory entries by using the ODSM data browser, complete the following steps:
Connect to the directory server from ODSM, as described in Connecting to the Server From Oracle Directory Services Manager.
Select the Data Browser tab.
Select the appropriate network group from the Network Group list.
Expand the entries in the Entry pane to display all of the entries in the required subtree.
A maximum of 200 entries is displayed at a time.
To restrict the entries to a specific entry set, select the subtree (for example, ou=People) and click the Filter icon.
In the Filter field, type the required filter (for example, surname=a*) and click OK.
Select the entry that you want to view in the left hand pane.
The entry details are displayed in the tabs on the right.
See also View the Attributes of an Entry.
To view the attributes of an entry:
Display the entry as described in Display Entries.
Select the entry that you want to view in the left hand pane.
The entry details are displayed in the tabs on the right.
Every entry has a corresponding Properties tab, that displays all the possible attributes of the entry (mandatory and optional). In addition, the following types of entries have a customized tab that displays the mandatory attributes of the entry in a layout that is logical for the entry type:
inetorgperson entries have a corresponding User Page tab.
group entries have a corresponding Group Page tab.
country entries have a corresponding Country Page tab.
domain entries have a corresponding Domain Page tab.
organization entries have a corresponding Organization Page tab.
organization unit entries have a corresponding Organization Unit Page tab.
The basic search function on the Data Browser tab enables you to search for user or group entries. To perform a basic search on the directory data, complete the following steps:
Connect to the directory server from ODSM, as described in Connecting to the Server From Oracle Directory Services Manager.
Select the Data Browser tab.
Select the appropriate network group from the Network Group list.
Select the Search tab on the left hand pane.
From the For list, select whether you are searching for a user entry or a group entry.
Enter any part of the entry name and click the right arrow button. For example, to search for user John Smith, you might enter Smith, or Smi, or John, and so forth.
When the entry is displayed in the left pane, double-click on the entry to display its details in the right pane.
To add or delete entries with Oracle Directory Services Manager, you must have write access to the parent entry and you must know the DN to use for the new entry. To add an entry by using the ODSM data browser, complete the following steps:
Connect to the directory server from ODSM, as described in Connecting to the Server From Oracle Directory Services Manager.
Select the Data Browser tab.
Select the appropriate network group from the Network Group list.
Click the Add Entry icon and select the kind of entry that you want to add, for example User Entry.
Enter the DN of the parent entry. This is the entry beneath which the new entry will appear in the directory tree, for example, ou=people,dc=example,dc=com.
To select an existing entry as the parent entry, click Select.
In the Entry Picker window, select Tree View to navigate the directory tree and locate the entry, or Search View to search for the entry.
Enter any additional information for the new entry.
When the required details have been entered, click Create.
To add an entry that is based on an existing entry by using the ODSM data browser, complete the following steps:
Display the existing entries as described in Display Entries.
Select the entry on which you want to base the new entry and click the Create like entry icon.
The details of the existing entry are displayed in the right pane.
Provide a new Common Name and User Name for the entry.
Modify any other details of the entry.
Click Create.
To delete an entry by using the ODSM data browser, complete the following steps:
Display the existing entries as described in Display Entries.
Select the entry that you want to delete and click the Delete icon.
On the Delete Entry dialog, verify that you are deleting the correct entry and click OK.
To delete an entry and all entries beneath it in the directory tree, complete the following steps:
Display the existing entries as described in Display Entries.
Select the entry that you want to delete and click the Delete Entry and its Subtree icon.
On the Delete Subtree dialog, verify that you are deleting the correct entry and click OK.
To modify the RDN of an entry by using the ODSM data browser, complete the following steps:
Display the existing entries as described in Display Entries.
Select the entry whose RDN you want to modify on which you want to base the new entry and click the Edit RDN icon.
Provide a new RDN in the New RDN value field.
Select Delete Old RDN if you want the values that formed the old RDN to be deleted from the entry. If you do not select this checkbox, the values that formed the old RDN are retained as non-distinguished attribute values of the entry.
Optionally, click the Refresh subtree entries icon to verify the RDN change.
You can import entries from an LDIF file, as follows:
Connect to the directory server from ODSM, as described in Connecting to the Server From Oracle Directory Services Manager.
Select the Data Browser tab.
Select the appropriate network group from the Network Group list.
Click the Import LDIF icon.
On the Import Entry(ies) dialog, click Choose File.
Locate the LDIF file on your system and click OK.
On the LDIF Import Progress dialog, monitor the progress of the import and click OK when the export has completed.
The Data Browser tree refreshes to show the new entries.
You can export entries to an LDIF file, by using ODSM, as follows:
To export entries to an LDIF file, by using the ODSM data browser, complete the following steps:
Display the entries as described in Display Entries.
Navigate to the top level DN of the subtree you want to export and click the Export LDIF icon.
On the Export Entry dialog, select Export Operational Attributes if you want the operational attributes to be exported.
Click OK.
Click Click here to open the LDIF file.
The complete LDIF file is displayed in a separate tab of the browser window in which ODSM is running.
Save the LDIF file to a writable location.
Click OK on the Export Entry dialog to exit the export.