A.1 Differences Between 11g and 12c

This following topics lists the major differences between Oracle Internet Directory Release 11g and 12c Release 2(12.2.1.3.0):

• Overview of Instance Creation and Process Management

• About Assigning SSL and non-SSL Ports

• Changed Path Names in 12c Configuration and Log Files

• About Configuring Audit Framework Using Oracle Enterprise Manager Fusion Middleware Control

• Updated Server Chaining

• About Setting Up and Managing LDAP-Based Replication

• About Java Containers

A.1.1 Overview of Instance Creation and Process Management

Understand about the differences in the instance creation between 11g and 12c Oracle Internet Directory.

This section contains the following topics:

• Creating 11g Oracle Internet Directory Instance

• Creating 12c Oracle Internet Directory Instance

• Starting and Stopping 11g Replication Server

• About Monitoring and Reporting the Status of Oracle Internet Directory Processes to OPMN by 11g OIDMON

See Also:

• Understanding Process Control of Oracle Internet Directory Components

• Managing Oracle Internet Directory Instances.

A.1.1.1 Creating 11g Oracle Internet Directory Instance

In 11g Release 1, the procedure for creating an instance has changed. Configuration information for an Oracle Internet Directory instance resides in an instance-specific configuration entry.

The instance-specific configuration entry, which has a DN of the form:

cn=componentname,cn=osdldapd,cn=subconfigsubentry

where componentname is the name of a Oracle Fusion Middleware system component of Type=OID, for example, oid1. You do not manually create an instance-specific configuration entry. Instead, you create a Oracle Fusion Middleware component of Type=OID. Creating the Oracle Internet Directory component automatically generates an instance-specific configuration entry.

Note:

The entry in configset0 still exists in 11g, but it is read-only and used to store default attribute values for seeding new instance-specific configuration entries.

The first Oracle Internet Directory system component is created during installation. The first Oracle Internet Directory system component, oid1 by default, is created during installation with the Oracle instance name asinst_1 by default. The corresponding configuration entry for this component is cn=oid1,cn=osdldapd,cn=subconfigsubentry. There are two ways to create an additional Oracle Internet Directory instance:

• Adding another component of Type=OID by using opmnctl createcomponent. For example:

  opmnctl createcomponent -componentType OID \
     -componentName componentName -Db_info "DBHostName:Port:DBSvcName" \
     -Namespace "dc=domain" 

• Adding an Oracle Internet Directory instance within an existing component of Type=OID by using oidctl add. See Creating and Starting an Oracle Internet Directory Server Instance by Using OIDCTL

The recommended method is to use opmnctl to add a system component. If you create an instance by adding a component with opmnctl, you must use opmnctl or Oracle Enterprise Manager Fusion Middleware Control, not oidctl, to stop and start the instance. See Section 8.3.7, "Starting the Oracle Internet Directory Server by Using opmnctl" and Section 8.2.2, "Starting the Oracle Internet Directory Server by Using Fusion Middleware Control."

You can update the configuration attributes of the instance by using Fusion Middleware Control, LDAP tools, or Oracle Directory Services Manager. See Chapter 9, "Managing System Configuration Attributes."

If you use opmnctl to add a system component with oid2 as the component name, then an additional instance with componentname=oid2 is configured within the given Oracle instance, which is asinst_1 by default. This instance of Oracle Internet Directory can be started and stopped by using the opmnctl command with ias-component=oid2 or by using Fusion Middleware Control. The instance-specific configuration entry for this instance is cn=oid2,cn=osdldapd,cn=subconfigsubentry and the configuration attributes in that entry can be updated to customize the instance. For more information about instance-specific configuration attributes, see Section 9.1.3, "Attributes of the Instance-Specific Configuration Entry."

Note:

You can use oidctl to create an instance if you are running Oracle Internet Directory as a standalone server, not part of a WebLogic domain. When you create an instance with oidctl, you must use oidmon and oidctl to stop and start the instance. An Oracle Internet Directory instance created with oidctl cannot be registered with a WebLogic server, so you cannot use Oracle Enterprise Manager Fusion Middleware Control to manage the instance. See Appendix B, "Managing Oracle Internet Directory Instances by Using OIDCTL."

11g Replication Server

Use oidctl or Oracle Enterprise Manager Fusion Middleware Control to start replication on an instance the first time. After that, opmnctl stops and starts replication when it stops and starts the component. If you must stop and start the Oracle Internet Directory Replication Server for administration purposes, use oidctl or Oracle Enterprise Manager Fusion Middleware Control.

11g OIDMON

In 11g Release 1, OIDMON monitors and reports the status of all Oracle Internet Directory processes (dispatcher, directory server, and replication server) to OPMN. This monitoring by OIDMON enables Fusion Middleware Control to report Oracle Internet Directory status accurately.

See Also:

• Understanding Process Control of Oracle Internet Directory Components

• Managing Oracle Internet Directory Instances

A.1.1.2 Creating 12c Oracle Internet Directory Instance

Since 11g Release 1 (11.1.1.0.0), the procedure for creating an instance has changed. Configuration information for an Oracle Internet Directory instance resides in an instance-specific configuration entry, which has a DN of the form

cn=componentname,cn=osdldapd,cn=subconfigsubentry

where componentname is the name of a Oracle Fusion Middleware system component of Type=OID, for example, oid1. You do not manually create an instance-specific configuration entry. Instead, you create a Oracle Fusion Middleware component of Type=OID. Creating the Oracle Internet Directory component automatically generates an instance-specific configuration entry.

Note:

The entry in configset0 is read-only and is used to store default attribute values for seeding new instance-specific configuration entries.

The first Oracle Internet Directory system component is created during installation. The first Oracle Internet Directory system component, oid1 by default, is created during installation with the Oracle instance name asinst_1 by default. The corresponding configuration entry for this component is cn=oid1,cn=osdldapd,cn=subconfigsubentry. There are two ways to create an additional Oracle Internet Directory instance:

• Adding another component of Type=OID by using oid_createInstance. For example:

  oid_createInstance(instanceName='instance-name', host='host', port='port')
    

  See Creating an Oracle Internet Directory Component by Using WLST Command — oid_createInstance for more information.

• Adding an Oracle Internet Directory instance within an existing component of Type=OID by using oidctl add. See Creating and Starting an Oracle Internet Directory Server Instance by Using OIDCTL for more information.

The recommended method is to use oid_createInstance to add a system component. If you create an instance by adding a component with WLST command, oid_createInstance, you must use WLST or Oracle Enterprise Manager Fusion Middleware Control, not oidctl, to stop and start the instance. See Starting the Oracle Internet Directory Server by Using WLST Command — start() and Starting the Oracle Internet Directory Server by Using Fusion Middleware Control.

You can update the configuration attributes of the instance by using Fusion Middleware Control, LDAP tools, or Oracle Directory Services Manager. See Managing System Configuration Attributes.

If you use oid_createInstance to add a system component with oid2 as the component name, then an additional instance with componentname=oid2 is configured within the given Oracle instance, which is asinst_1 by default. This instance of Oracle Internet Directory can be started and stopped by using the $DOMAIN_HOME/bin/startComponent.sh <instance-name> or $DOMAIN_HOME/bin/stopComponent.sh <instance-name> respective command, with ias-component=oid2 or by using Fusion Middleware Control. The instance-specific configuration entry for this instance is cn=oid2,cn=osdldapd,cn=subconfigsubentry and the configuration attributes in that entry can be updated to customize the instance. For more information about instance-specific configuration attributes, see Attributes of the Instance-Specific Configuration Entry.

Note:

You can use oidctl to create an instance if you are running Oracle Internet Directory as a standalone server, not part of a WebLogic domain. When you create an instance with oidctl, you must use oidmon and oidctl to stop and start the instance. An Oracle Internet Directory instance created with oidctl cannot be registered with a WebLogic server, so you cannot use Oracle Enterprise Manager Fusion Middleware Control to manage the instance. See Managing Oracle Internet Directory Instances by Using OIDCTL.

A.1.1.3 Starting and Stopping 11g Replication Server

Use oidctl or Oracle Enterprise Manager Fusion Middleware Control to start replication on an instance the first time. After that, Node Manager stops and starts replication when it stops and starts the component. If you must stop and start the Oracle Internet Directory Replication Server for administration purposes, use oidctl or Oracle Enterprise Manager Fusion Middleware Control.

A.1.1.4 About Monitoring and Reporting the Status of Oracle Internet Directory Processes to OPMN by 11g OIDMON

In 11g Release 1 (11.1.1.0.0), OIDMON monitors and reports the status of all Oracle Internet Directory processes (dispatcher, directory server, and replication server) to OPMN. This monitoring by OIDMON enables Fusion Middleware Control to report Oracle Internet Directory status accurately.

A.1.2 About Assigning SSL and non-SSL Ports

During installation of Oracle Internet Directory, Oracle Identity Management 11g Installer follows specific steps in assigning the SSL and non-SSL port. First, it attempts to use 3060 as the non-SSL port. If that port is unavailable, it tries ports in the range 3061 to 3070, then 13060 to 13070. Similarly, it attempts to use 3131 as its SSL port, then ports in the range 3132 to 3141, then 13131 to 13141.

If you want Oracle Internet Directory to use privileged ports, you can override the defaults during installation by using staticports.ini. (See Installing and Configuring Oracle Internet Directory.) You can also reset the port numbers after installation. See Enabling Oracle Internet Directory to run on Privileged Ports.

Note:

If you perform an upgrade from an earlier version of Oracle Internet Directory to 11g Release 1 (11.1.1.0.0), your port numbers from the earlier version are retained.

A.1.3 Changed Path Names in 12c Configuration and Log Files

In Oracle Fusion Middleware 12c Release 2, files that are updatable are installed under DOMAIN_HOME and most product binaries are stored under ORACLE_HOME. As a result, the path names of most configuration files and log files are different than in 11g.

Table A-1 lists some examples:

Table A-1 Some Path Names that Changed

Filename	11g Release 1 Location	12c Release 2 Location
Orclpwdlldap1 OidpwdrSID	ORACLE_INSTANCE/OID/admin	$DOMAIN_HOME/config/fmwconfig/components/OID/admin
Tnsnames.ora	ORACLE_HOME/config	$DOMAIN_HOME/config/fmwconfig/components/OID/config
Oidldapd*.log oidmon*.log	ORACLE_HOME/diagnostics/logs/OID/componentName	$DOMAIN_HOME/servers/OID/logs/componentInstance
bulkload.log bulkdelte.log catalog.log	ORACLE_HOME/diagnostics/logs/OID/tools	$DOMAIN_HOME/tools/OID
Bulkload intermediate files	ORACLE_INSTANCE/OID/load	$DOMAIN_HOME/tools/OID/load
opmnctl	ORACLE_INSTANCE/bin	opmnctl Not supported in 12c
opmn.xmll	ORACLE_INSTANCE/config/OPMN/opmn	opmn Not supported in 12c
wlst.sh	Not applicable	$ORACLE_HOME/oracle_common/common/bin
startWeblogic.sh	$DOMAIN_HOME/bin	$DOMAIN_HOME/bin
startNodeManager.sh	Not applicable	$DOMAIN_HOME/bin
startComponent.sh	Not applicable	$DOMAIN_HOME/bin
stopComponent.sh	Not applicable	$DOMAIN_HOME/bin

See Also:

Understanding Oracle Internet Directory in Oracle Fusion Middleware

A.1.4 About Configuring Audit Framework Using Oracle Enterprise Manager Fusion Middleware Control

As of release 11g Release 1 (11.1.1.0.0), Oracle Internet Directory uses an audit framework that is integrated with Oracle Fusion Middleware. You can configure auditing by using Oracle Enterprise Manager Fusion Middleware Control or the WebLogic Scripting Tool, wlst.

The attribute orclAudFilterPreset can be set to None, Low, Medium, All, or Custom.

See Managing Auditing

A.1.5 Updated Server Chaining

Beginning from 11g, server chaining supports Novell eDirectory, as well as Microsoft Active Directory and Sun Java System Directory Server, formerly known as SunONE iPlanet.

The attributes mapUIDtoADAttribute, showExternalGroupEntries, showExternalUserEntries, and addOrcluserv2ToADUsers have been added since Oracle Internet Directory 10g (10.1.4.0.1).

A.1.6 About Setting Up and Managing LDAP-Based Replication

You can set up and manage LDAP-based replication by using the command line.

You can use LDAP-based replication for multimaster directory replication groups.

See Also:

• Understanding Oracle Internet Directory Replication

• Advanced Administration: Directory Replication

A.1.7 About Java Containers

Oracle Directory Services Manager and Oracle Directory Integration Platform are Java components that run in WebLogic servers.

The Oracle Internet Directory LDAP and replication servers, as C programs, are system components and are not affected by this change. The Java server plug-ins run in a JVM within the oidldapd server itself. This is implemented using the Java Native Interface (JNI).

See Also:

• Product Overview in Understanding Oracle WebLogic Server guide

• Developing Plug-ins for the Oracle Internet Directory Server