What's New in This Guide?

This preface introduces the new and changed features of Oracle Unified Directory and Oracle Directory Services Manager (ODSM) since the previous release, and provides pointers to additional information. The information includes the following sections:

What's New in Oracle Unified Directory

This section provides a concise summary of the new features in this release, and contains the following topics:

What's New in Oracle Unified Directory 11g Release 2 PS1 (11.1.2.1.0)

This section provides a concise summary of the new features in this release of Oracle Unified Directory, and covers the following topics:

Support for Macros in ACIs

Oracle Unified Directory now supports macro expressions to represent a DN in the target section of the ACI, in the bind rule section, or in both.

For more information, see Section 8.6, "Using Macro ACIs for Advanced Access Control."

Support for nsuniqueid Virtual Attribute

Oracle Unified Directory introduces nsuniqueid operational virtual attribute that is assigned to each entry in the directory server to resolve naming conflicts while migrating legacy applications using Oracle Directory Server Enterprise Edition as an LDAP database to Oracle Unified Directory.

For more information, see Section 17.10, "Configuring Virtual Attributes."

Support for Criticality in Workflows

You can now configure criticality at the workflow level by setting the criticality flag.

For more information, see Section 15.1.4.6, "Configuring Criticality in Workflows."

Support for Logging Administration Operations

Oracle Unified Directory enables you to log administration operations into a separate log file that provides logging information associated with administration traffic.

For more information, see Section 29.3.3, "Logging Operations to Access Log Publishers."

Introducing the Transformation Framework

Oracle Unified Directory supports transformation through creation of an instance of workflow element.

For more information, see Section 11.6, "Understanding the Transformation Framework."

Enhanced External Change Log Properties

Oracle Unified Directory provides additional properties, ecl-include-del-only and ecl-blacklist to configure attributes for external change log (ECL).

For more information, see Section 26.5.5, "Specifying the Attributes to be Included in the External Change Log" and Section 26.5.6, "Specifying the Attributes to be Excluded in the External Change Log."

Support for Integrating Oracle Unified Directory and Enterprise User Security with an External LDAP Repository

Oracle Unified Directory supports the following external directories:

For more information, see Section 25.4, "Integrating with Enterprise User Security and an External LDAP Directory."

Support for Relocating the Root DSE Entry

Oracle Unified Directory allows you to relocate Root DSE, which is a special entry that provides information about the server's name, version, naming contexts, and supported features.

For more information, see Section 14.1.6.5, "Relocating the Root DSE Entry for a Network Group."

Support for RDN Changing

Oracle Unified Directory enables you to rename or replace RDN values from the source directory to Oracle Unified Directory using the RDNChanging configuration.

For more information, see Section 11.5, "RDN Changing."

Support for Directory Plug-Ins

Oracle Unified Directory supports Directory plug-in API as a means to extend the existing Directory Server functionality.

For more information, see Oracle® Fusion Middleware Developer's Guide for Oracle Unified Directory.

What's New in Oracle Directory Services Manager 11g Release 2 PS1 (11.1.2.1.0)

This section provides a summary of the new features in this release of Oracle Directory Services Manager (ODSM), and covers the following topics:

Support for IBM WebSphere Application Server

You can install and configure IBM WebSphere Application Server - Network Deployment (ND) to work with Oracle Unified Directory. This is possible only if you are already managing Oracle Unified Directory using the graphical Oracle Directory Service Manager interface. For more information, see "Configuring IBM WebSphere for Oracle Directory Services Manager" in the Oracle Fusion Middleware Installation Guide for Oracle Unified Directory.

Enhanced Log Publisher Configuration

ODSM supports a new parameter to log administration operations in the access logs.

For more information, see Section 29.3.3.2, "Configuring Logged Operations in Access Log Publishers Using ODSM."

Integration with Macro ACIs

ODSM supports macro expressions to represent a DN in the target section of the ACI, in the bind rule section, or in both.

For more information, see Section 22.4, "Managing Macro ACIs With Oracle Directory Services Manager."

Support for Criticality Flag to Configure Workflows

ODSM supports a new parameter, the criticality flag to configure workflows.

For more information, see Section 15.2.3, "Configuring Criticality in Workflows With ODSM."

Support for Virtual Attributes

ODSM allows you to configure virtual attributes.

For more information, see Section 17.14, "Managing Virtual Attributes With Oracle Directory Services Manager."

Support for Transformations

ODSM allows you to define transformations through the creation of transformation workflow element.

For more information, see Section 15.2.4, "Configuring Transformations With ODSM."

Support for New Workflow Elements

ODSM now allows you to create the following workflow elements:

For more information, see Section 14.2.4, "Configuring Workflow Elements With ODSM."

Support for Configuring the Root DSE Entry

ODSM supports the ability to configure Enterprise User Security.

For more information, see Section 14.2.7, "Configuring Network Groups With ODSM."

Support for Configuring RDN Changing Workflow Element

ODSM allows you to configure the RDN Changing workflow element.

For more information, see Section 14.2.4, "Configuring Workflow Elements With ODSM."

What's New in Oracle Unified Directory 11g Release 2 (11.1.2)

This section provides a concise summary of the new features in this release, and contains the following topics:

What's New in Oracle Unified Directory 11g Release 2 (11.1.2)

This section provides a concise summary of the new features in this release of Oracle Unified Directory, and covers the following topics:

Support for Deterministic Identity Mapper Evaluation Order

It is imperative to define the order in which identity mappers are evaluated in the network group to avoid conflicts. You can now define priorities for the conflicting identity mappers.

For more information, see Section 12.6, "Ordering Identity Mappers."

Support for LDAP Referrals

When a server is unable to handle a client's request, it sends a list of referrals to the client, which point the client to other servers in the topology. The client then performs the operation again on one of the remote servers in the referral list.

For more information, see Section 17.13, "Configuring Referrals."

New Bind Mode Parameters

You can now configure proxy LDAP workflow elements with two additional parameters, such as the never-bind parameter, use-proxy-auth parameter, and the include and exclude lists to tweak the behavior of the server.

For more information, see Section 15.1.2, "Configuring the Bind Mode."

Support for Microsoft Active Directory Paging

Oracle Unified Directory now supports Active Directory range retrieval by providing support for Microsoft Active Directory paging.

For more information, see Section 15.1.8, "Configuring Microsoft Active Directory Paging."

Support for the Criticality Flag

Oracle Unified Directory now implements criticality configuration, which permits the Oracle Unified Directory proxy server to return partial data to a client if a search operation fails, due to a host error.

For more information, see Section 15.1.4.7, "Configuring Criticality in Workflow Elements."

Support for Oracle's Enterprise User Security (EUS)

Integrating Oracle Unified Directory with EUS enables you to store user identities in Oracle Unified Directory for Oracle Database authentication.

In this release, support for EUS is limited to password authentication (certificate authentication and integration with Kerberos are not supported at this stage).

For more information, see Chapter 25, "Integrating With Oracle's Enterprise User Security."

Enhanced Support for Social Networking Applications

Social networking applications are now supported with two new controls, the Join control and the Proximity control.

For more information, see Section 17.5.3.2, "Searching Using the Join Search Control" and Section 17.5.3.3, "Searching Using the Proximity Search Control."

Improved CLI for Configuring External ChangeLog

The External Change Log (ECL) functionality allows you to publish all changes that have occurred in a directory server database and is particularly useful for synchronizing the LDAP directory with other subsystems.

You now have a user-friendly CLI to configure external changelog using the dsreplication command.

For more information, see Section 26.5, "Using the External Change Log."

Support for Test to Production Environments

You can now install, configure, customize, and validate Oracle Unified Directory in a test environment. Once the system performs as expected, you can create the production environment by moving a copy of the server and its configuration from the test environment, instead of redoing all the changes that were incorporated into the test environment.

For more information, see Chapter 28, "Moving From a Test to a Production Environment."

Suppressing Password Display on CLI

Some commands had an option where the password was provided in a clear text format on the CLI. This resulted in security exposure, because one could retrieve the password using the ps command on a UNIX machine.

The clear text format is deprecated now and the commands are modified to use the file-based option to store the password by introducing the following option:

-j, --bindPasswordFile

For more information, see Appendix A, "Oracle Unified Directory Command Line Interface."

Ability to Encrypt the ADS Trust Store Pin

Oracle Unified Directory allows you to configure ADS trust store pin to determine whether to trust a certificate that is presented to it.

For more information, see Section 20.3, "Configuring Trust Manager Providers."

What's New in Oracle Directory Services Manager 11g Release 2 (11.1.2)

This section provides a concise summary of the new features in this release of Oracle Directory Services Manager (ODSM), and covers the following topics:

Suffix Configuration for EUS

ODSM enables you to create and configure suffixes to work with Oracle Enterprise User Security (EUS).

For more information, see Section 14.2.3, "Configuring Suffixes With ODSM."

New User Interface to Configure Root Users

ODSM now provides a new user interface (UI) to configure root users.

For more information, see Section 19.2.2, "Configuring Root Users by Using ODSM."

Key Manager and Trust Manager Configuration

You can now configure key manager providers and trust manager providers by using ODSM.

For more information, see Section 20.2.6, "Configuring Key Managers With ODSM" and Section 20.3.5, "Configuring Trust Managers With ODSM".

Auto-Suggest Feature

ODSM now implements an auto-suggest feature in different tabs that helps streamline configuration and operations.

For more information, see Section 17.15, "Managing Data With Oracle Directory Services Manager."

Support for Dynamic Groups

OSDM now enables you to create dynamic groups whose membership is determined by search criteria using an LDAP URL.

For more information, see Section 19.3.2, "Defining Dynamic Groups."

Support for Virtual Static Groups

ODSM enables you to create virtual static groups, where each entry behaves like a static group entry by using virtual attributes.

For more information, see Section 19.3.4, "Defining Nested Groups."

Simplified Tree Structure of the Configuration Tab

The default view of the configuration tree in the Configuration tab has been simplified to provide a user-friendly view of the naming context (or suffix) configuration. In addition, presence of a contextual menu to launch all the relevant operations for a selected node simplifies user interaction.

For more information, see Section 14.2, "Managing the Server Configuration With Oracle Directory Services Manager."