What's New in Oracle Directory Integration Platform?

This preface introduces the new and changed features of Oracle Directory Integration Platform since the previous release, and provides pointers to additional information. It includes the following sections:

• What's New in Oracle Directory Integration Platform 11g Release 1 (11.1.1.9.0)

• What's New in Oracle Directory Integration Platform 11g Release 1 (11.1.1)

What's New in Oracle Directory Integration Platform 11g Release 1 (11.1.1.9.0)

This section provides a concise summary of the new features in this release of Oracle Directory Integration Platform, and covers the following topics:

• Extended Support for Oracle Unified Directory and Oracle Directory Server Enterprise Edition Back-End Directories

• New Features for Oracle Unified Directory and Oracle Directory Server Enterprise Edition Back-End Directories

Extended Support for Oracle Unified Directory and Oracle Directory Server Enterprise Edition Back-End Directories

Features that were only supported on Oracle Internet Directory back-end directory in previous releases are now supported on Oracle Unified Directory and Oracle Directory Server Enterprise Edition back-end directories. For 11g Release 1 (11.1.1.9.0), the following features are supported:

Note:

These features are only available for Oracle Unified Directory 11g Release 2 (11.1.2.3) and Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1.7.0) and later versions.

• On-Demand Non-Intrusive Password Synchronization for Microsoft Active Directory

• Support for Oracle Password Filter for Microsoft Active Directory

• Support for Oracle Unified Directory High Availability

• Support for Oracle Unified Directory Provisioning

On-Demand Non-Intrusive Password Synchronization for Microsoft Active Directory

Using the Oracle Directory Integration Platform password synchronization functionality, you can maintain a single password across the back-end directory and the connected directory. For more information, see Section 9.8, "Password Synchronization".

If you are using Oracle Identity Synchronization for Windows (Part of Oracle Directory Server Enterprise Edition) to synchronize data between Oracle Directory Server Enterprise Edition (Back-end directory) and Microsoft Active Directory (Connected directory), then you can transition from Oracle Identity Synchronization for Windows 6.0 SP1 to Oracle Directory Integration Platform 11g Release 1 (11.1.1.9.0), as described in the appendix ”Transitioning Synchronization Services" in Oracle Fusion Middleware Transitioning to Oracle Unified Directory.

Support for Oracle Password Filter for Microsoft Active Directory

The Oracle Password Filter for Microsoft Active Directory is now certified for use with Oracle Unified Directory or Oracle Directory Server Enterprise Edition. For more information, see Chapter 22, "Deploying the Oracle Password Filter for Microsoft Active Directory".

Support for Oracle Unified Directory High Availability

You can use Oracle Unified Directory 11g Release 2 (11.1.2.3) as your back-end directory server for a high availability environment. For more information, see the section ”Oracle Directory Integration Platform High Availability” in the Oracle Fusion Middleware High Availability Guide.

Support for Oracle Unified Directory Provisioning

You can use Oracle Unified Directory 11g Release 2 (11.1.2.3) as your back-end directory server to use the Oracle Directory Integration Platform provisioning functionality. For more information, see Part I, "Provisioning with the Oracle Directory Integration Platform".

Notes:

• Support for provisioning functionality is only available for Oracle Unified Directory 11g Release 2 PS3 (11.1.2.3.0).

• If you are using Oracle Unified Directory as your back-end directory for Oracle Directory Integration Platform provisioning functionality, then you must install Oracle Directory Integration Platform 11g Release 1 (11.1.1.9.0). Earlier versions of Oracle Directory Integration Platform or versions upgraded/patched to 11g Release 1 (11.1.1.9.0) do not support provisioning functionality for Oracle Unified Directory.

New Features for Oracle Unified Directory and Oracle Directory Server Enterprise Edition Back-End Directories

This section list new features for Oracle Unified Directory and Oracle Directory Server Enterprise Edition, in this release of Oracle Directory Integration Platform:

Note:

This features are only available for Oracle Unified Directory 11g Release 2 (11.1.2.3) and Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1.7.0) and later versions.

• Account Locking Synchronization

• Account Disabling Synchronization

Account Locking Synchronization

If the back-end directory and the associated connected directories are synchronized with Oracle Directory Integration Platform, and if an account on one directory is locked out, then Oracle Directory Integration Platform locks out the account for other directories. For more information, see Section 9.4.5, "Configuring Account Locking Synchronization".

Note:

Oracle Internet Directory does not support account locking synchronization.

Account Disabling Synchronization

You can use the back-end directory or the connected directory feature to temporarily disable a user's account and then enable it again. If the account is temporarily disabled or enabled in one directory then Oracle Directory Integration Platform will temporarily disable or enable the account in the associated directory. For more information, see Section 9.4.6, "Account Disabling Synchronization".

Note:

Oracle Internet Directory does not support account disabling synchronization.

What's New in Oracle Directory Integration Platform 11g Release 1 (11.1.1)

The following is a list of new features in Oracle Directory Integration Platform 11g Release 1 (11.1.1):

• Back-end Directory Support for Oracle Unified Directory and Oracle Directory Server Enterprise Edition—As of 11g Release 1 (11.1.1.5) you have three directories to choose from when establishing a back-end directory. In addition to Oracle Internet Directory (OID), which previously was the only back-end directory option available, you can now choose Oracle Unified Directory (OUD) or Oracle Directory Server Enterprise Edition (ODSEE) as your Oracle Directory Integration Platform back-end directory. Both OUD and ODSEE support directory synchronization, but not provisioning. (Oracle Internet Directory (OID) still supports both directory synchronization and provisioning.) See Section 1.4.1, "Oracle Back-End Directory" for additional information about the back-end directory.

• Oracle Directory Integration Platform as a J2EE Application—As of 11g Release 1 (11.1.1), Oracle Directory Integration Platform runs as a J2EE application. For more information, see "Oracle Directory Integration Platform".

• Integration with Fusion Middleware Control for Monitoring and Management—In 11g Release 1 (11.1.1), you can use Oracle Enterprise Manager Fusion Middleware Control to monitor and manage Oracle Directory Integration Platform. For more information, see "Managing Oracle Directory Integration Platform Using Fusion Middleware Control".

• Updated Command Line Tools Using WebLogic Scripting Tools (WLST)—Command line tools for Oracle Directory Integration Platform were updated in 11g Release 1 (11.1.1) to use the WebLogic Scripting Tool (WLST) framework. Although the command line tools use the WLST framework, you do not have to execute the commands using a wlst prefix. For more information, see "Command-Line Tools for Administering Oracle Directory Integration Platform".

• Custom Plug-in Support to Extend Data Transformation (Mapping)—Oracle Directory Integration Platform 11g Release 1 (11.1.1) provides custom plug-in support to extend data transformation (mapping) functionality. This feature allows you to create and implement custom plug-ins for situations such as when you need to support new mapping operations and multiple literal values. For more information, see "Extending Mappings Using Custom Plug-ins".

• Domain and Attribute Exclusion in Map Files—Oracle Directory Integration Platform 11g Release 1 (11.1.1) includes functionality that allows you to identify domains and attributes to be excluded during bootstrap and synchronization. See "Excluding Domains" and "Excluding Attributes" for more information.

• Custom Connector Support—Oracle Directory Integration Platform 11g Release 1 (11.1.1) provides support for custom synchronization connectors. For more information on writing custom inbound and outbound connectors for Oracle Directory Integration Platform, see "Writing Custom Synchronization Connectors".

• Integration with Fusion Middleware Infrastructure (Audit, Logging, Credential Store Framework)—Oracle Directory Integration Platform 11g Release 1 (11.1.1) utilizes the Oracle Fusion Middleware infrastructure for auditing, logging and credential storing. For more information, see:

  • "Managing Oracle Directory Integration Platform Logging Using Fusion Middleware Control"

  • "Auditing Oracle Directory Integration Platform Using Fusion Middleware Control"

  • "Credential Storing"

• New Title for this Document: For 11g Release 1 (11.1.1.2.0), this document was renamed from Oracle Fusion Middleware Integration Guide for Oracle Identity Management to its current title of Oracle Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform.