Go to main content
1/9
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Understanding the Transition to Oracle Unified Directory
1.1
Supported Transition Paths
1.2
Using This Transition Guide
1.3
Transitioning to OUD
1.4
Transitioning to OUD Proxy
1.5
Transitioning Synchronization Services
2
Choosing a Transition Strategy
2.1
Analyze Your Requirements
2.1.1
Coexistence of the (O)DSEE and OUD topologies in production
2.1.2
Coexistence and data consistency between (O)DSEE and OUD
2.1.3
Impact of the Transition on the (O)DSEE Infrastructure
2.1.4
Transition With or Without Write Service Interruption
2.1.5
User Data Structure Change
2.2
Supported Transition Strategies
2.2.1
Coexistence Using the Replication Gateway
2.2.2
Coexistence Using Oracle Directory Integration Platform (DIP)
2.2.3
Direct Transition Strategy
2.2.4
Decision Matrix
3
Validating Your Transition Strategy
3.1
Validate the Selected Strategy
3.2
Considering DSEE Versions
3.3
Adapting (O)DSEE Legacy Features
3.3.1
Role-based ACIs
3.3.2
Roles and Class of Services (CoS)
3.3.3
Custom Password Policies
3.3.4
Managing Data Inconsistencies
3.4
Review: Impact of Technical (O)DSEE Characteristics
3.4.1
Using ds2oud to Identify Relevant (O)DSEE Features
4
Executing the Transition
4.1
Starting Your Transition to OUD
4.2
Step 1: Creating a Reference OUD Instance
4.3
Step 2: Using ds2oud to Diagnose the (O)DSEE Directory Server, Configuration, Schema and Data
4.3.1
Diagnose the (O)DSEE Directory Server, Configuration and Schema
4.3.2
Diagnose the Directory Server Data
4.3.3
Known Errors During Diagnosing
4.4
Step 3: Transitioning Directory Schema
4.5
Step 4: Transitioning Directory Configuration
4.5.1
Using the ds2oud Command to Migrate the Configuration Settings
4.5.1.1
Migrating SSL Certificates
4.5.1.2
Configuring the PKCS#12 Keystore
4.5.1.3
Configuring the LDAPS Connection Handler to use the PKCS#12 keystore
4.5.1.4
Importing the Directory Server Certificate Key Pair
4.5.1.5
Migrating Encrypted Attributes
4.5.2
Changing Password Storage Scheme for Coexistence
4.5.3
Applying Configuration Changes
4.6
Step 5: Transitioning User Data and Directory Metadata
4.6.1
Exporting User Data from (O)DSEE to OUD
4.6.2
Importing Data to OUD
4.6.3
Transitioning Directory Metadata
4.6.4
Managing ACIs in Replication Topologies
4.6.5
Managing Class of Service (CoS)
4.6.5.1
Collective vs. Virtual Attributes
4.6.5.2
Pointer CoS
4.6.5.3
Indirect CoS
4.6.5.4
Classic CoS
4.6.6
Transitioning Roles to OUD
4.6.6.1
Roles and ACIs
4.6.6.1.1
Roles and Password Policies
4.6.6.1.2
Roles Exposed to Client Applications
4.6.6.1.3
Transitioning Roles Securely
4.6.7
Managing Password Policies Transition to OUD
4.6.7.1
Password Policy Assignments
4.6.7.2
Password Policy Inheritance
4.6.7.3
Password Policy and Replication Gateway
4.6.7.4
Replication Gateway and Upgrading (O)DSEE Password Policy
4.6.7.5
Account Lockout
4.6.7.6
Custom Resource Limits
4.7
Step 6: Deploying Replication Gateway or DIP
4.7.1
Deploying The Replication Gateway
4.7.2
Deploying DIP
4.8
Step 7: Deploying Replicated Topology
4.9
Step 8: Redirecting Traffic to the OUD Topology
4.10
Step 9: Stopping Coexistence
5
After the Transition to OUD
5.1
Your New OUD Environment
5.2
Additional OUD Information
A
Transitioning Synchronization Services
A.1
Understanding the Transition to Oracle Directory Integration Platform
A.1.1
Transition Components
A.1.2
Using This Documentation
A.1.3
Transition Process
A.1.4
Where to Find More Information
A.2
Planning the Transition to Oracle Directory Integration Platform
A.2.1
Checking Compliance with the DIP Certification Matrix
A.2.2
Comparing the ISW and DIP Functionality
A.2.2.1
ISW Functionality Available in DIP
A.2.2.2
ISW Functionalities Not Available in DIP
A.2.2.3
DIP Functionalities Not Available in ISW
A.2.2.4
DIP Functionality That Requires a Plug-in
A.2.3
ISW Parameters to Consider in Planning the Transition
A.2.3.1
ISW Deployment Considerations
A.2.3.2
Planning the Transition
A.3
Components Involved in the Different Transition Steps
A.4
Executing the Transition to Oracle Directory Integration Platform
A.4.1
Step 1: Collect Identity Synchronization for Windows Information
A.4.1.1
Using the Identity Synchronization for Windows Console
A.4.1.2
ISW Servers Connection Information
A.4.1.3
Synchronization User Lists
A.4.1.4
ISW Configuration: Mapping User Attributes
A.4.1.4.1
Map Attributes for Synchronization
A.4.1.4.2
Synchronization Flow
A.4.1.4.3
Attributes Modification
A.4.1.4.4
Groups Synchronization
A.4.1.5
Account Disabling
A.4.1.6
Synchronization Flow
A.4.1.7
Synthesis of ISW Configuration Data
A.4.2
Step 2: Backing Up the Backend Directory Data
A.4.3
Step 3: Install Oracle Directory Integration Platform
A.4.4
Step 4: Configure Oracle Directory Integration Platform
A.4.5
Step 5: Create Synchronization Profiles
A.4.5.1
Export Profile Creation
A.4.5.2
Import Profile Creation
A.4.5.3
General Remarks About DIP Profiles
A.4.6
Step 6: Create a Profile for Metadata Creation in Existing ODSEE Entries
A.4.7
Step 7: Stop the Synchronization on Identity Synchronization for Windows
A.4.8
Step 8: Uninstall the Identity Synchronization for Windows Plug-in in ODSEE
A.4.9
Step 9: Update the Metadata in ODSEE by Running the DIP Tester Utility
A.4.10
Step 10: Enable the Profiles in DIP
A.4.11
Step 11: Check for Any Remaining Changes in Identity Synchronization for Windows
A.4.12
Step 12: Check the Synchronization
A.5
Basic Administration Tasks
A.6
After the Transition to Oracle Directory Integration Platform
Scripting on this page enhances content navigation, but does not change the content in any way.