Oracle® Fusion Middleware Administrator's Guide for Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1.7.0) Part Number E28972-01 |
|
|
PDF · Mobi · ePub |
Directory Proxy Server provides a browser interface and command-line tools to register and manage instances of Directory Proxy Server. The browser interface is called Directory Service Control Center (DSCC). This chapter describes basic tasks that are required to administer Directory Proxy Server by using DSCC or the command line.
To decide whether to use DSCC or the command line to perform a specific task, see Deciding When to Use DSCC and When to Use the Command Line.
For more information about the administration framework, see Directory Server Enterprise Edition Administration Model in Deployment Planning Guide for Oracle Directory Server Enterprise Edition.
This chapter covers the following topics:
This section describes how to access DSCC for Directory Proxy Server.
Access DSCC in the same way as you would for Directory Server.
See Accessing DSCC.
Click on the Proxy Server tab to view and manage Directory Proxy Server.
Click a Directory Proxy Server instance to view or to manage that server.
Note:
For more information about using DSCC, see the online help.
The commands-line tools that you use to work with Directory Proxy Server are called dpadm
and dpconf
. For information about how to use these commands, see the dpadm and dpconf man pages.
The dpconf
is an LDAP based command so you must specify the user bind DN and password for the command to authenticate. While the dpadm
command operates on the instance files.
This section describes the location of the dpadm
and dpconf
commands. It also provides information on environment variables, comparisons between the commands, and where to find help for using the commands.
The Directory Proxy Server command-line tools are located in the following directory by default:
install-path/bin
Your installation path depends on your operating system. Installation paths for all operating systems are listed in Default Paths and Command Locations.
dpconf
The dpconf
command requires some options that you can preset by using environment variables. If you do not specify an option when using the command, or do not set the environment variable, the default setting will be used. You can configure environment variables for the following options:
-D
userDNUser bind DN. Environment variable: LDAP_ADMIN_USER
. Default: cn=Proxy Manager
.
-w
password-filePassword file for the user bind DN. Environment variable: LDAP_ADMIN_PWF
. Default: Prompt for password.
-h
hostHost name or IP address. Environment variable: DIR_PROXY_HOST
. Default: localhost
.
-p
LDAP-portLDAP port number. Environment variable: DIR_PROXY_PORT
. Default: 389
if the server instance is running as root
, and 1389
if the server instance is running as a regular user.
-e
, --unsecured
Specifies that dpconf
should open a clear connection by default. Environment variable: DIR_PROXY_UNSECURED
. If this variable is not set, dpconf
opens a secure connection by default.
For more details, see the dpconf man page.
dpadm
and dpconf
The following table shows a comparison of the dpadm
and dpconf
commands.
Table 15-1 Comparison of the dpadm
and dpconf
Commands
dpadm Command |
dpconf Command |
|
---|---|---|
Purpose |
To manage the process or the files on a local instance of Directory Proxy Server |
To configure a local or remote instance of Directory Proxy Server |
User |
Operating system user |
LDAP user |
Local or remote |
The command must be local to the instance, that is, the command must be run on the host on which the server is running. |
The command can be local to the instance but can also be run from anywhere on the network. |
Example uses of the command |
Create an instance of Directory Proxy Server. Start and stop an instance of Directory Proxy Server. Manage the certificate database. |
Modify the configuration of an instance of Directory Proxy Server. Create a data view. Configure load balancing in a data source pool. |
Server state |
The server can be running or stopped. |
The server must be running. |
How the command identifies the server instance |
By specifying the instance path. The instance path can be relative or absolute. |
By specifying the host name or IP address and the port number. The command uses the LDAP port ( |
dpconf
Certain Directory Proxy Server properties can take multiple values. Use the following syntax to specify the following values:
$ dpconf set-container-prop -h host -p port \ property:value [property:value]
For example, to set multiple writable attributes for an LDAP data view named my-view
, type the following command:
$ dpconf set-ldap-data-view-prop -h host1 -p 1389 view-name\
writable-attr:uid writable-attr:cn writable-attr:userPassword
To add a value to a multi-valued property that already contains values, type the following command:
$ dpconf set-container-prop -h host -p port \ property+:value
To remove a value from a multi-valued property that already contains values, type the following command:
$ dpconf set-container-prop -h host -p port\ property-:value
For example, in the scenario described previously, to add sn
to the list of writable attributes, type the following command:
$ dpconf set-ldap-data-view-prop -h host1 -p 1389 view-name\
writable-attr+:sn
To remove cn
from the list of writable attributes, type the following command:
$ dpconf set-ldap-data-view-prop -h host1 -p 1389 view-name\
writable-attr-:cn
dpadm
and dpconf
For information about how to use the dpadm
and dpconf
commands, see the dpadm and dpconf man pages.
To obtain a list of subcommands, type the appropriate command:
$ dpadm --help $ dpconf --help
To obtain information about how to use a subcommand, type the appropriate command:
$ dpadm subcommand --help $ dpconf subcommand --help
To obtain information about the configuration properties used in the dpconf
command, type:
$ dpconf help-properties
To obtain information about the configuration properties for a subcommand, use this command:
$ dpconf help-properties subcommand-entity
For example, to find information about the access log properties, type:
$ dpconf help-properties access-log
To obtain information about a property used in a subcommand, use this command:
$ dpconf help-properties subcommand-entity property
For example, to find information about the log-search-filters
property of the set-access-log-prop
subcommand, type:
$ dpconf help-properties access-log log-search-filters
To list the key properties of a group of entities, such as data views or connection handlers, use the verbose option -v
with the list
subcommand.
For example, to view the key properties and relative priorities of all of the connection handlers, use this command:
$ dpconf list-connection-handlers -h host -p port -v Name is-enabled priority description -------------------------- ---------- -------- --------------------------- anonymous false 99 unauthenticated connections default connection handler true 100 default connection handler dscc administrators true 1 Administrators connection handler
For more information about an individual property, see the man page corresponding to that property.