The Directory Integration Platform Extension defines an extension that will be used by Directory Integration Platform (DIP) to synchronize user passwords between OUD and one or more directories.
This extension defines the synchronization settings between OUD and one or more external directories. When enabled, it captures the clear-text passwords of the user entries and also performs on-demand authentication, whenever required.
The Directory Integration Platform Extension component inherits from the Extension
The following components have a direct AGGREGATION relation FROM Directory Integration Platform Extensions :
A description of each property follows.
| Basic Properties: | Advanced Properties: |
|---|---|
| ↓ base-dn | ↓ java-class |
| ↓ enabled | ↓ on-demand-local-update-delay |
| ↓ passwdtranslate-enabled | ↓ password-encryption-attribute |
| ↓ trust-manager-provider |
| Description | Specifies the base DN of the DIP meta-data container. Describes the suffix that has DIP configuration information that will be used by this Directory Integration Platform Extension to read and monitor the connection details for performing external authentication. |
|---|---|
| Default Value | dc=oracle,dc=com |
| Allowed Values | A valid DN. |
| Multi-valued | No |
| Required | No |
| Admin Action Required | None |
| Advanced Property | No |
| Read-only | No |
| Description | Indicates whether the Extension is enabled. |
|---|---|
| Default Value | None |
| Allowed Values | true false |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | None |
| Advanced Property | No |
| Read-only | No |
| Description | Enables the encoding of the password into the orclODIPTranslatePassword attribute. |
|---|---|
| Default Value | false |
| Allowed Values | true false |
| Multi-valued | No |
| Required | No |
| Admin Action Required | None |
| Advanced Property | No |
| Read-only | No |
| Description | Specifies the fully-qualified name of the Java class that provides the Directory Integration Platform Extension implementation. |
|---|---|
| Default Value | com.oracle.dip.DirectoryIntegrationPlatform |
| Allowed Values | A java class that implements or extends the class(es) : org.opends.server.api.Extension |
| Multi-valued | No |
| Required | Yes |
| Admin Action Required | The Directory Integration Platform Extension must be disabled and re-enabled for changes to this setting to take effect |
| Advanced Property | Yes |
| Read-only | No |
| Description | Specifies how long the ondemand feature will wait before storing a successful password into the local storage. The value must be aligned with the one configured into Active Directory regarding the validity of an old password once a new one got applied. The default value is 1 hour, same as Active Directory default value. That value is not used at all if the remote server is not Active Directory. |
|---|---|
| Default Value | 60m |
| Allowed Values | A duration Syntax. Lower limit is 0 minutes. Upper limit is 10080 minutes. |
| Multi-valued | No |
| Required | No |
| Admin Action Required | None |
| Advanced Property | Yes |
| Read-only | No |
| Description | Specifies the password encryption key that the Directory Integration Platform Extension will use to encrypt the user passwords. |
|---|---|
| Default Value | None |
| Allowed Values | Unknown |
| Multi-valued | No |
| Required | No |
| Admin Action Required | None |
| Advanced Property | Yes |
| Read-only | No |
| Description | Specifies trust manager provider to use for the Directory Integration Platform Extension. The referenced trust manager provider must be enabled. |
|---|---|
| Default Value | JKS |
| Allowed Values | The DN of any Trust Manager Provider. |
| Multi-valued | No |
| Required | No |
| Admin Action Required | None |
| Advanced Property | Yes |
| Read-only | No |