Oracle Internet Directory Administrator's Guide
Release 2.1.1
Part Number A86101-01

Library
Product
Contents

Go to previous page

Index

A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X 

Numerics

389 port, 3-5, 3-7, A-33, A-35, E-5
636 port, 3-5, 3-7, A-33, A-35, E-5

A

abstract object class type, 2-9
abstract object classes, 2-9
superclasses of, 6-4
top, 2-9
access
granting
by using command line tools, 9-34
by using Oracle Directory Manager, 9-16
entry-level, by using command line tools
entry-level, by using Oracle Directory Manager, 9-33
to everyone, using Oracle Directory Manager, 9-23, 9-28
to specific groups, using Oracle Directory Manager, 9-23, 9-28
to subtrees, 9-23, 9-28
kinds, 9-8
level, required for LDAP operations, 9-16
object, 9-6
operations, 9-8
rights, setting by using Oracle Directory Manager, 9-23, 9-28
selecting, by DN, 9-37
subject, 9-7
unspecified, 9-10, 9-28
violation event, 5-28
access control, 1-8, 2-12, 2-16, 9-1
managing
by using command line tools, 9-34
by using Oracle Directory Manager, 9-16
no authentication, 9-23, 9-27
policies
conflicting, 9-3
inheriting, 9-3
setting, using wildcards, 9-36
simple, 9-23, 9-27
SSL no authentication, 9-23, 9-27
SSL one-way authentication, 9-23, 9-27
SSL two-way authentication, 9-23, 9-27
access control directive format. See ACI directive format.
Access Control Information Item (ACI)
attributes, 2-16
components, 9-6
format, D-1
object of directives, 9-6
subject of directives, 9-7
syntax, D-1
access control list processing, 5-24
Access Control Lists (ACLs), 2-16, 2-25
evaluation, 9-10
for groups, 9-15
precedence rules, 9-11
modification, 5-28
Access Control Policy Points (ACPs), 9-3, 9-21
adding
by using ldapmodify, 9-35
by using Oracle Directory Manager, 9-29
administering, using Oracle Directory Manager, 4-11
content access items, 9-20
creating, using Oracle Directory Manager, 4-8
multiple, 9-3
structural access items, 9-20
viewing, using Oracle Directory Manager, 9-19
access control, prescriptive, 9-2
access items
content, 9-20
structural, 9-20
ACI directive format, 2-16
ACI directives, 2-16
ACI Items. See Access Control Information Item (ACI).
ACIs. See Access Control Information Item (ACI).
ACL directives
within entries, 9-3
within subtrees, 9-2
ACLs. See Access Control Lists (ACLs).
ACPs. See Access Control Policy Points (ACPs).
active server instances
modifying configuration set entries in, 5-4
viewing, 5-4
adding
ACPs, 9-29
by using ldapmodify, 9-35
by using Oracle Directory Manager, 9-29
attributes
by copying an existing attribute, 6-23
by using Oracle Directory Manager, 6-20
guidelines for, 6-16
attributes to existing entries, A-4
audit log entries, 5-25
audit log event, 5-28
configuration set entries, 2-24, 5-10
by using command line tools, 2-24, 7-12
by using Oracle Directory Manager, 2-24
using Oracle Directory Manager, 5-4
configuration set entry, 5-2
DSA to replicating system, B-1
entries, 7-6
by copying an existing entry, 7-7
concurrently, 4-12, 7-12, A-6
requires write access to parent, 7-6
requires write access to parents, 7-7
using ldapadd, 4-12, 7-12, A-4
using ldapaddmt, A-6
using Oracle Directory Manager, 7-6
entry-level ACIs, by using ldapmodify, 9-36
group entries, by using Oracle Directory Manager, 7-9
input files, 5-11
mandatory attributes
to an existing object class, 6-5
to an object class in use, 7-10
object classes, 6-2, 6-3
using command line tools, 6-14
using Oracle Directory Manager, 6-10
objects
by using a template, 4-9
by using Oracle Directory Manager, 4-7, 4-9
replication nodes, 10-19
user entries, by using Oracle Directory Manager, 7-8
additional directory servers, connecting to, 4-10
add.log, A-6
administering schema objects, using Oracle Directory Manager, 4-11
administration tools, 4-12, 7-12
bulk tools, 4-13
bulkdelete, A-22
bulkload, A-23
bulkmodify, A-25
Catalog Management, 4-14
command line, 1-7, 4-11
ldapadd, 4-12, 7-12, A-4
ldapaddmt, A-6
ldapbind, A-8
ldapcompare, A-9
ldapdelete, 4-12, 7-12, A-10
ldapmoddn, 4-12, 7-12, A-11
ldapmodify, 4-12, 7-12, A-13
ldapmodifymt, 4-12, 7-12, A-16
ldapsearch, A-18
ldifwrite, A-27
OID Database Password Utility, 4-14
Oracle Directory Manager, 4-2
2-29
configuring, 10-6
using Oracle8i Replication Manager, 10-3
installed with Oracle 8i, 10-2
installing, 10-3
setting up, 10-3
agents, in metadirectories, 2-46
agreements, replication, 2-28
AlternateServers attribute, in failover, 16-4
ANALYZE, 15-6
ANALYZE function of DBMS_STATS package, 15-3
anonymous
authentication, 2-13, 4-4
in access control, 9-23, 9-27
login, 4-3
application information, in attributes, 2-5
Apply button, in Oracle Directory Manager, 4-7
architecture
Oracle Internet Directory, 2-1
ASR. See Advanced Symmetric Replication (ASR).
assigning object classes to entries, 6-3
attribute options, managing, 7-17
attribute-level conflicts, 2-32
attributes
adding, 6-16
by using ldapadd, A-4
by using ldapmodify, 6-28
by using Oracle Directory Manager, 6-20, 6-23
concurrently, using ldapaddmt, A-6
guidelines for, 6-16
to existing entries, A-4
AlternateServers, for failover, 16-4
as DNs, 7-6
as metadata in schema, 2-12
base schema
deleting, 6-17
modifying, 6-16
commonName, 2-6
deleting, 6-17, A-15
guidelines for, 6-17
values, using ldapmodify, A-15
determined by object classes, 6-3
dropping indexes from, 6-28
in base schema, 6-16
in LDIF files, A-2
in top, 2-10
indexed, 6-10, 6-27
indexes, created by bulkload, 7-16
indexing, 6-30
by using command line tools, 6-29
by using Oracle Directory Manager, 6-27
inheritance of, 6-3, 6-10
jpegPhotos, 2-6, 7-13
kinds of information in, 2-5
making available for searches, 6-27
managing
by using Oracle Directory Manager, 6-17
overview, 6-16
using command line tools, 6-28
mandatory, 2-8, 6-3, 7-10
matching rules, 2-7
modifying
guidelines for, 6-16
rules for, 6-16
using ldapmodify, 6-28
multi-valued, 2-6, 9-4
converting to single-valued, 6-16
null values in, 6-3
objectclass, 5-26
objects associated with an ACI, 9-6
operational, 5-13
optional, 2-8, 6-3
options, 2-7
language codes., 2-7
managing, 7-17
orclauditlevel, 5-28
orclauditmessage, 5-26
orclauditoc, 5-26
orcleventtime, 5-26
orcleventtype, 5-26
orclopresult, 5-26
orclsequence, 5-26, 5-27
orcluserdn, 5-26
organization, 2-6
organizationalUnitName, 2-6
redefining mandatory, 6-4
ref, 7-18
searching for, by using Oracle Directory Manager, 6-17
single-valued, 2-6
converting to multi-valued, 6-16
size of values, E-10
sn, 2-6
specifying as mandatory or optional, 6-3
surname, 2-6
syntax, 2-7
syntaxes
cannot modify, 6-16
selecting, 6-29
system operational, 5-13
tab page in Oracle Directory Manager, 6-9
types, 2-4
values, 2-4
rules for changing, 7-10
values, size of, E-10
viewing, 7-6
audit levels, 5-27
audit log, 5-25
container object, 5-30
default configuration, 5-25
entries
position in DIT, 5-27
searching, 5-25, 5-26
viewing, 5-25
queries, 5-25
sample, 5-27
schema elements, E-5
structure of entries, 5-26
using, 5-25
audit log events
access violation, 5-28
ACL modification, 5-28
add, 5-28
bind, 5-27
deleting, 5-28
DSE modification, 5-28
modify, 5-28
modifyDN, 5-28
replication login, 5-28
schema element
add/replace, 5-27
delete, 5-27
selected, 5-28
super user
login, 5-27
user password modification, 5-28
auditable events, 5-27
auditing selected events, 5-28
authenticated access, using SSL, 1-8
authentication, 2-12, 2-25
anonymous, 2-13, 4-4
in access control, 9-23, 9-27
certificate-based, 2-13
in Oracle Internet Directory, 1-8
Kerberos, A-5, A-7, A-10
no SSL, 4-6
none, in access control, 9-23, 9-27
one-way SSL, 2-13
options, 2-13
parameters, E-6
password-based, 2-13, 4-4
PKI, 2-17
simple, 1-8, 4-4
for access control subjects, 9-23, 9-27
specifying for access control subjects, 9-22, 9-27
specifying no SSL, E-6
SSL, 2-13, A-5, A-7, A-8, A-13, A-17
for Oracle Directory Manager, 4-6
one-way, E-6
server only, 4-6
strong, 2-13
two-way SSL, 2-13, E-6
authorization, 2-12, 2-16
authorization ID, 2-12
auxiliary
object class type, 2-10
object classes, 6-4
availability, high, 16-7
average latency, 15-2

B

backup and recovery strategies, 13-7
base schema
attributes, 6-16
deleting, 6-17
modifying, 6-16
object classes, 6-5
base search, 7-3
batching line-mode commands, 6-14
Begins With, Oracle Directory Manager filter, 6-8
bind event, 5-27
bind mode
specifying for access control subjects, 9-22, 9-27
binding, 2-25
BSTAT/ESTAT, 15-8
buffer cache size, 15-8
bulk tools, 4-13
syntax, A-22
bulkdelete, 4-13, 7-16, A-22
and NLS, 12-9
syntax, A-22
bulkload, 4-13, 7-15, 7-16, A-23
and NLS, 12-8
creating indexes, 7-16
.dat files, 7-15
generating input files, 7-15
-load option, 7-16
syntax, A-23
bulkmodify, 4-13
and NLS, 12-10
LDIF file-based modification, A-25
syntax, A-25

C

C API, 2-25
Cancel button, in Oracle Directory Manager, 4-7
capacity planning, 13-7, 13-8
I/O subsystem, 14-6
network requirements, 14-15
CAs. See certificate authorities.
Catalog Management tool, 4-14, 6-27, 6-30
cataloged attributes
orcleventtype, 5-26
orcluserdn, 5-26
catalog.sh. See Catalog Management tool.
certificate authorities, 2-13, 2-14
definition, 2-14
certificate-based authentication, 2-13
certificates, 2-13, E-6
definition, 2-14
managing, C-9
requests for, 2-14
trusted, 2-14
user, C-9
X.509 Version 3, 2-14
Chadwick, David, xxvii
change log
change number-based purging, 2-30
object store, and Oracle metadirectory solution, 11-2
processing thread, 2-33
purging
methods, 2-30
time-based purging, 2-30
change log processing thread, 2-33
change log purging
change number-based, 2-30, 10-11
time-based, 2-30, 10-11, 10-12
change logs, 2-27, 2-28, 2-33
in replication, 1-8, 2-34
change number-based purging, 2-30
change retry count, setting, 10-12
change status log, 2-33
change types, in ldapmodify input files, A-14
changeLog, E-4
change-log flag, 10-18
toggling, 10-18
changeLogEntry, E-4
change-logging, 3-4, A-32
changeNumber, E-4
changeStatus, E-4
changeStatusEntry, E-4
changetype, E-4
add, A-14
delete, A-16
modify, A-14
modrdn, A-16
changing
a configuration set entry, 3-7, A-36
attribute values, 7-10
audit level, 5-29
configuration set entry values, 5-2
location of Oracle wallet, 5-6, 5-8, 5-9, 8-4, E-6
passwords
to directory, 5-20
check mode, performing on LDIF files, F-4
cipher suites, 2-15
in SSL, 8-2
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, 8-2
SSL_RSA_EXPORT_WITH_RC4_40_MD5, 8-2
SSL_RSA_WITH_NULL_MD5, 8-2
SSL_RSA_WITH_NULL_SHA, 8-2
clients, failover options on, 16-4
cn attribute, 2-6
cold backup, B-1
command line tools, 1-7
adding
configuration set entries, 2-24, 7-12
catalog management, 6-27
comparing attribute values, 7-12
indexing, 6-27, 6-30
ldapadd, 4-12, 7-12, A-4
ldapaddmt, 4-12, 7-12, A-6
ldapbind, A-8
ldapcompare, A-9
ldapdelete, 4-12, 7-12, A-10
ldapmoddn, 4-12, 7-12, A-11
ldapmodify, 4-12, 7-12, A-13
ldapmodifymt, 4-12, 7-12, A-16
ldapsearch, A-18
managing
attributes, 6-28
entries, 7-11
modifying
configuration set entries, 7-12
overview, 4-11
setting NLS, 12-5
syntax, A-4
commonName attribute, 2-6
comparing
attribute values, 7-12
entries, 4-12, 7-12
two objects, 4-8
components, directory server, 2-20
components, SSL, 2-14
concepts, LDAP, 2-1
concurrent database connections, 15-11, E-5
configNLDAP.ora, B-9
configuration file processing, 5-24
configuration set entries, 2-24
adding, 2-24, 5-2
using command line tools, 7-12
using Oracle Directory Manager, 5-4
changing, 3-7, 5-12, A-36
database connections, E-5
debug level, E-5
deleting, 5-2
using Oracle Directory Manager, 5-4
directory server processes, E-5
disabling SSL, E-5
for replication server, 10-10
LDIF file, 5-10
managing, 4-16, 4-17, 5-2
using command line tools, 5-10
using Oracle Directory Manager, 5-4
modifying, 3-7, 5-2, A-36
in an active server instance, 5-4
using command line tools, 7-12
using Oracle Directory Manager, 5-4, 5-8
orcldebuglevel, E-5
orclmaxcc, E-5
orclserverprocs, E-5
orclssl authentication, E-6
orclsslenable, E-5
orclsslport, E-5
orclsslwalletpasswd, E-6
orclsslwalleturl, E-6
overriding user-specified, 3-8, A-36
SSL parameters in, 8-2
starting directory servers without using, 3-9
using different, 5-2
using multiple, 8-2
configuration set location, 5-14
configuration sets. See configuration set entries.
configuring
Advanced Symmetric Replication (ASR), 10-3
using Oracle8i Replication Manager, 10-3
Directory Replication Groups (DRGs), 10-2
replication, 10-9
agreements, 10-9, 10-14
server parameters
using command line tools, 4-16
using Oracle Directory Manager, 4-17
servers, using input files, 7-12
SSL, 4-3, 8-2
conflicting access control policies, 9-3
precedence rules for resolving, 9-3
conflicts, replication
attribute-level, 2-32
automated resolution of, 2-32
entry-level, 2-31
manual resolution of, 10-29
resolution, 2-31, 9-11
manual, 10-29
messages, 10-29
typical causes of, 2-32
Connect/Disconnect button in Oracle Directory Manager, 4-9
connected directories, 2-46
connecting
to a directory server, 2-25, 4-3, 4-4, 4-17
using Oracle Directory Manager, 4-9
to additional directory servers, 4-10
to multiple directory servers, 4-10
connection
management, 5-24
pooling, 1-8
redirection, 16-9
hardware-based, 16-7
network-level, 16-6
software-based, 16-7
constraints, object classes, 2-10
consumer servers, 2-26, 2-30, 2-33
content access items, 9-20
access control points, 9-20
control, access, 1-8, 9-1
converting
auxiliary object classes, 6-4
structural object classes, 6-5
CPUs
in capacity planning, 14-2
power required for various deployment scenarios, 13-9
processing power, 14-16
requirements
estimating, 14-17
in capacity planning, 14-16
tuning, 15-3
tuning for Oracle foreground processes, 15-6
usage, 13-11
when to tune, 15-3
Create button, in Oracle Directory Manager, 4-9
Create Entry menu item, in Oracle Directory Manager, 4-8
Create Like
adding entries using templates, 7-7
button, in Oracle Directory Manager, 4-9, 7-7
operation, using Oracle Directory Manager, 4-7
createTimestamp attribute, 2-5, F-4
optional in top, 2-10
creating
Access Control Policy Points, by using Oracle Directory Manager, 4-8
attributes
using ldapmodify, 4-12, 7-12
using Oracle Directory Manager, 4-8
LDIF input file, 5-11
new entries
using Oracle Directory Manager, 4-8, 7-6
object classes, using Oracle Directory Manager, 4-8
rollback segments, 10-4
similar entries through CreateLike operation, 7-7
tablespaces, 10-4
wallets, 5-6, 5-8, 5-9, 8-4, E-6
creatorsName attribute, 2-5, F-4
creatorsName, optional attribute in top, 2-10

D

daemons, 3-2
.dat files, generated by bulkload, 7-15
data
integrity, 2-12, 2-15, 2-17
privacy, 2-12, 2-17
data migration process, F-2
data privacy
using SSL, 1-8
data servers
changing password to, 5-31
database block buffers parameter, 15-10
database block size parameter, 15-10
database cache
size, 13-10
database connections, 2-24
concurrent, 15-11, E-5
pooling, 1-8
database server error, G-2
database, dedicated for directory, 2-22
DB_BLOCK_BUFFERS, 15-8
DBMS_STATS package, 15-3
debug level, E-5
debug logging levels, 5-24
setting, 5-23
by using OID Control Utility, 5-23
by using Oracle Directory Manager, 5-23
debug packet handling, 5-24
default knowledge references, 2-45
default knowledge references, configuring, 7-20
default port, 4-3
default port number, 3-5, 3-7, A-33, A-35
defining object classes, 2-8
Delete button, in Oracle Directory Manager, 4-9
deleting
attributes, 6-17
guidelines for, 6-17
using ldapmodify, A-15
audit log events, 5-28
base schema attributes, 6-17
configuration set entries, 5-2
using Oracle Directory Manager, 5-4
entries, 4-12, 7-12
using ldapdelete, A-10
using ldapmodify, A-16
object classes
from base schema, 6-5
not in base schema, 6-5
using Oracle Directory Manager, 6-13
values from attributes, using ldapmodify, A-15
deployment
considerations, 13-1
partitioning, 13-5
deployment considerations
CPU power, 13-9
failover, 13-7
replication, 13-6
tuning, 13-10
deployment examples, 16-9
DES40 encryption, 2-17
descriptions of object classes, 6-7
directories
conceptual overview, 1-2
distributed, 2-26
location-independent, 1-3
NOS, 13-2, 13-3
partitioned, 2-42
read-focused, 1-3
virtual, 2-46
directories,connected, 2-46
directory access control, 1-8, 9-1
directory contrasted to relational database, 1-3
directory database listener, 10-6
Directory Information Tree
hierarchy and structure, 13-3
organizing, 13-3
organizing to reflect data ownership boundaries., 13-3
Directory Information Tree (DIT), 2-2
audit log entries in, 5-27
directory password, changing, 5-20
Directory Replication Groups (DRGs), 2-28, 10-2
establishing, 10-2
installing and configuring, 10-2
directory schema, 2-12
managing, 6-1
directory server instances, 2-23
directory servers, 1-7
as both suppliers and consumers, 2-34
changing parameters in an active instance, 5-4
configuration set entries, 5-2
connecting to, 2-25, 4-3, 4-4, 4-10, 4-17
using Oracle Directory Manager, 4-7, 4-9
debug level, E-5
disconnecting, using Oracle Directory Manager, 4-7, 4-10
in multi-master replication, 2-34
in normal mode, E-5
in replicated environment, 2-34
in secure mode, E-5
modifying configuration set entries, 5-12
multimaster replication between, 1-8
multithreaded, 1-8
processes, E-5
restarting, 3-7, 5-4, A-35
running, 3-3
start failure, 3-9
starting, 3-5, 4-17, A-33
with default configuration, 3-8, A-36
without configuration sets, 3-9
stopping, 3-5, A-33
terminating, 4-17
using different configuration set entries, 5-2
directory tree, browsing, 7-3
directory usage patterns, learning, 14-3
DirectoryReplicationGroupDSAs, 10-14
disabling SSL, E-5
Disconnect
button, in Oracle Directory Manager, 4-7
menu item, in Oracle Directory Manager, 4-7
disconnecting from directory servers, 4-10
using Oracle Directory Manager, 4-7
disk space requirements, estimating, 14-8
disk tuning, 15-9
disk usage, 13-11
displaying a directory entry, 7-2
displaying a subtree, 7-2
distinguished names, 2-2
as attributes, 7-6
components of, 2-3
format, 2-3
in LDIF files, A-2
modifying, 4-12, 7-12
using command line tools, 7-12
using ldapmoddn, 4-12, 7-12
distributed directories, 2-26, 2-42
partitioned, 2-26
partitions and replicas, 13-4
replicated, 2-26
DIT. See Directory Information Tree (DIT)
DNS (Domain Name System), 13-3
DNs. See distinguished names.
Drop Index button, 4-9
Drop Index menu item, 4-8
dropping indexes from attributes, 5-26, 6-28
DSA, environment setting, B-3
DSE modification event, 5-28
duration of a search, specifying, 7-3

E

Edit button, in Oracle Directory Manager, 4-9
Edit menu item, in Oracle Directory Manager, 4-7
enabling all debugging, 5-24
enabling SSL, 8-2
encryption, 2-15
DES40, 2-17
levels available in Oracle Internet Directory, 2-17
options for passwords, 2-18
passwords, 2-18, 5-17
default, 2-18
MD4, 2-18
MD5, 2-18
SHA, 2-18
UNIX crypt, 2-18
RC4_40, 2-17
Ends With filter, in Oracle Directory Manager, 6-8
entities, granting access to, 9-23, 9-28
entries
adding
by copying an existing entry, 7-7
concurrently, 4-12, 7-12
from other applications, A-23
mandatory attributes, 7-7
optional attributes, 7-7
requires write access to parents, 7-6
using bulkload, A-23
using ldapadd, 4-12, 7-12, A-4
using ldapaddmt, 4-12, 7-12, A-6
using Oracle Directory Manager, 7-6
assigning object classes to, 6-3
attributes, viewing, 7-6
audit log, 5-25
searching, 5-26
comparing, using ldapcompare, 4-12, 7-12
conceptual discussion, 2-2
deleting
using ldapdelete, 4-12, 7-12, A-10
using ldapmodify, A-16
displaying, 7-2
distinguished names of, 2-2
filters, 9-21, 9-25
group, 2-6
inheriting attributes, 6-3
loading, 6-3
locating, 2-3
managing
using command line tools, 7-11
using Oracle Directory Manager, 4-11
modifying
concurrently, using ldapmodifymt, A-16
large numbers, A-25
LDAP conventions, 7-10
rules, 7-10
naming, 2-2, 13-3
objects associated with an ACI, 9-6
parent, 6-3
rules for changing, 7-10
searching
base level, 7-3
one-level, 7-3
specifying search depth, 7-3
subtree level, 7-3
using ldapsearch, A-18
using Oracle Directory Manager, 7-2
selecting by DN, 9-37
specific, granting access to, 9-23, 9-28
superclasses, selecting, 7-7
user
adding, by using ldapadd, 7-13
adding, by using Oracle Directory Manager, 7-8
modifying, by using ldapmodify, 7-13
modifying, by using Oracle Directory Manager, 7-11
entry-level conflicts, replication, 2-31
environment variables, NLS_LANG, 12-2
error messages
additional, G-6
standard, G-2
errors
database server, G-2
installation, G-2
estimating CPU requirements, 14-17
evaluation, ACL, 9-10
precedence rules, 9-11
events, auditable, 5-27
everyone, granting access to, 9-23, 9-28
Exact Match filter, in Oracle Directory Manager, 6-8, 7-4, 9-22, 9-26
Exit menu item, in Oracle Directory Manager, 4-7
extensibility, in LDAP Version 3, 1-6
extensibleObject object class, 7-18

F

failover, 1-8, 16-1
AlternateServers attribute, 16-4
capabilities in Oracle Internet Directory, 16-7
considerations in deployment, 13-7
options in private network infrastructure, 16-8
options in public network infrastructure, 16-5
options in the public network infrastructure, 16-5
options on clients, 16-4
failure recognition and recovery. See failover.
failure tolerance, and replication, 13-6
fault tolerance mechanisms, 16-3
features, new, xxix
Oracle Wallet Manager, C-1
File menu, in Oracle Directory Manager, 4-7
filters
Begins With, 6-8
Ends With, 6-8
Exact Match, 6-8, 7-4, 9-22, 9-26
Greater or Equal, 6-8, 7-4, 9-22, 9-26
IETF-compliant, A-18
in attribute searches, 6-19
in searches, 2-25
in Oracle Directory Manager, 6-8
ldapsearch, A-19
Less or Equal, 7-4, 9-22, 9-26
less or equal, 6-8
not null, 6-8
Present, Oracle Directory Manager, 7-4
Find Attributes button, in Oracle Directory Manager, 6-17
Find Objects button, in Oracle Directory Manager, 4-9, 6-6
formats, of distinguished names, 2-3
function calls, tracing, 5-24

G

garbage collection, 2-30
in replication, 10-11
granting
access, 9-23, 9-28
entry-level access
by using Oracle Directory Manager, 9-33
Greater or Equal filter, in Oracle Directory Manager, 6-8, 7-4, 9-22, 9-26
group entries, 2-6
adding, 7-9
creating
using ldapmodify, A-15
using Oracle Directory Manager, 7-9
groupOfNames object class, 7-9
groupOfUniqueNames, 7-9
groupOfUniqueNames object class, 7-9
groups
granting access to by using Oracle Directory Manager, 9-23, 9-28
privilege, 9-4
guest user
definition, 5-20
managing user name and password, 5-20
guidelines
for adding attributes, 6-16
for deleting attributes, 6-17
for modifying attributes, 6-16

H

hardware-based connection redirection, 16-7
heavy trace debugging, 5-24
Help button, in Oracle Directory Manager, 4-9
Help menu item, in Oracle Directory Manager, 4-8
high availability, 13-7
and multimaster replication, 16-7
capabilities in Oracle Internet Directory, 16-7
of Oracle Internet Directory, 16-1
Hodges, Jeff, xxvii
Howes, Tim and Mark Smith, xxvii
human intervention queue manipulation tool, 4-15, 10-30

I

IETF
drafts, enforced by Oracle Internet Directory, E-3
LDAP approval
RFCs enforced by Oracle Internet Directory, E-2
indexed attribute
locations, 5-14
indexed attributes, 6-27
displayed in Oracle Directory Manager, 6-10
orcleventtype, 5-26
orcluserdn, 5-26
indexes
created by bulkload, 7-16
dropping from attributes
using Oracle Directory Manager, 6-28
indexing
attributes, 6-27, 6-30
by using Catalog Management tool, 6-27
by using command line tools, 6-29
by using Oracle Directory Manager, 6-27
by using Catalog Management tool, 6-30
inheritance, 2-9
and access control policies, 9-3
from superclasses, 6-3, 6-10
of attributes, 6-10
initNLDAP.ora, B-9
input file, creating, 5-11
installation errors, G-2
installing
Advanced Symmetric Replication (ASR), 10-3
Directory Replication Groups (DRGs), 10-2
insufficient memory, 15-8
intelligent client failover, 13-7
intelligent network level failover, 13-7
internationalization, and LDAP, 12-1
Internet Engineering Task Force (IETF). See IETF.
I/O subsystem
in capacity planning, 14-2, 14-6
sizing, 14-6
I/O throughput, maximizing, 14-7
iostat utility, 15-2
IP address takeover (IPAT), 16-8

J

Java clients, NLS and, 2-19
Java Native Interface, 2-25
JPEG images, adding with ldapadd, A-6
jpegPhoto attribute, 2-6, 7-13

K

Kerberos authentication, A-5, A-7, A-10
knowledge references, 2-43, 13-4, 13-5
configuring, 7-18
default, 2-45
configuring, 7-20
kinds, 2-45
overview, 2-43
restricting permissions for managing, 2-44
smart, 2-45
configuring, 7-19
superior, 2-43
Kosiur, Dave, xxvii

L

launching Oracle Directory Manager, 4-2
LDAP
add or modify performance, 15-12
and internationalization, 2-18
conventions, for modifying entries, 7-10
extensibility, 1-6
IETF approval
search filters, IETF-compliant, A-18
security, 1-6
server instances, 2-22, 2-23
starting, 3-4, A-32
servers, multithreaded, 1-8
syntax, E-7
enforced by Oracle Internet Directory, E-7
recognized by Oracle Internet Directory, E-8
Transport Layer Security, 1-6
Version 3, 1-5, Glossary-10
LDAP Data Interchange Format (LDIF), A-2
when using bulkload, A-23
LDAP Interchange Format (LDIF), 4-11
LDAP search performance, 15-12
ldapadd, 4-12, 7-12, A-4
adding entries, A-4
adding JPEG images, A-6
and NLS, 12-6
syntax, A-4
ldapaddmt, 4-12, 7-12, A-6
adding entries concurrently, A-6
and NLS, 12-6
log, A-6
syntax, A-6
ldapbind, A-8
and NLS, 12-6
syntax, A-8
ldap-bind operation, 2-12
ldapcompare, 4-12, 7-12, A-9
and NLS, 12-7
syntax, A-9
ldapdelete, 4-12, 7-12, A-10
and NLS, 12-7
deleting entries, A-10
syntax, A-10
ldapmoddn, 4-12, 7-12, A-11
and NLS, 12-7
syntax, A-11
ldapmodify, 4-12, 7-12, A-13
adding ACPs, 9-35
adding attributes, 6-28
adding entry-level ACIs, 9-36
adding object classes, 6-14
adding values to multi-valued attributes, A-15
and NLS, 12-7
change types, A-14
changing audit level, 5-29
creating group entries, A-15
deleting entries, A-16
LDIF files in, A-4, A-6, A-13, A-16
modifying attributes, 6-28
modifying object classes, 6-14
replacing attribute values, A-15
syntax, A-13
ldapmodifymt, 4-12, 7-12, A-16
and NLS, 12-7
multithreaded processing, A-17
syntax, A-16
using, A-16
ldaprepl.sh, 10-7
ldapsearch, A-18
and NLS, 12-6
filters, A-19
querying audit log, 5-25
syntax, A-18
LDIF
file-based modification, not supported by bulkmodify, A-25
files, in ldapmodify commands, A-4, A-6, A-13, A-16
formatting notes, A-3
formatting rules, A-3
syntax, A-2
using, 4-11, A-2
LDIF file
for adding configuration set entries, 5-10
referencing in commands, 5-12
LDIF files
removing proprietary data from in migration, F-3
ldifwrite, 4-13, A-27
and NLS, 12-9
syntax, A-27
Less or Equal filter, 6-8, 7-4, 9-22, 9-26
line-mode commands, batching, 6-14
listener, for directory database, 2-22, 2-23
restarting, 10-6
stopping, 10-6
listener.ora, 10-6, B-7
load balancing, and replication, 13-6
load balancing, network level, 16-5
-load option, in bulkload, 7-16
locating
directory entries by using distinguished names, 2-3
location-independence, of directories, 1-3
logical disks, 15-9
login
anonymous, 4-3
superuser, 4-3
user, 4-3
loose consistency model of replication, 13-6
LSNRCTL utility, 10-6

M

managing
attributes
overview, 6-16
using command line tools, 6-28
using Oracle Directory Manager, 6-17
configuration set entries, 5-2
directory schema, 6-1
entries
using command line tools, 7-11
using Oracle Directory Manager, 4-11, 7-2
knowledge references, restricting permissions for, 2-44
object classes
using command line tools, 6-14
mandatory attributes, 2-8, 6-3
adding to existing object classes, 6-5
adding to object classes in use, 7-10
entering values for, 7-7
in object classes, 6-7
redefining, 6-4
manual resolution of conflicts, 10-29
Master Definition Site (MDS), 10-3
designating, 10-3
matching rules
as metadata in schema, 2-12
attribute, 2-7
cannot add to subSchemaSubentry, 2-12
recognized by Oracle Internet Directory, E-10
stored in schema, 2-12
tab in Oracle Directory Manager, 6-9
maxextents, 10-5
MD4, 5-14, 5-15, 5-17
for password encryption, 2-18
MD5, 5-14, 5-15, 5-17, F-4
for password encryption, 2-18
member attribute, 7-9
memory
in capacity planning, 14-2
insufficient, 15-8
physical, 14-13
required, 13-10
requirements, 14-13
tuning, 15-7
usage, 13-11
virtual, 14-13
menu bar, Oracle Directory Manager, 4-7
metadata, stored in schema, 2-12
metadirectories
agents, 2-46
overview, 2-46
metadirectory environments, synchronizing with Oracle Internet Directory, 2-46, 11-1
metadirectory solution, benefits, 2-47
Microsoft Active Directory, 13-2
middle tier
using proxy user with, 5-20
migrating data, from other LDAP directories, F-2
migration, from other LDAP directories, F-2
modifiersName, 2-5
modifiersName attribute, 2-5, F-4
modifyDN, audit log event, 5-28
modifying
a user entry, 7-11
ACI directives, by using Oracle Directory Manager, 9-21
ACPs, by using Oracle Directory Manager, 9-21
attribute syntaxes, 6-16
attributes
concurrently, 4-12, 7-12
guidelines for, 6-16
using ldapmodify, 4-12, 7-12
using ldapmodifymt, 4-12, 7-12
audit level, 5-29
audit log events, 5-28
base schema attributes, 6-16
configuration parameters, 2-24
configuration set entries, 2-24, 3-7, 5-2, A-36
using command line tools, 7-12
using ldapmodify, 5-12
using Oracle Directory Manager, 5-4, 5-8
DNs
using ldapmoddn, 4-12
DNs, using command line tools, 7-12
entries
by using ldapmodify, A-13
by using Oracle Directory Manager, 7-10
concurrently, using ldapmodifymt, A-16
LDAP conventions, 7-10
rules, 7-10
large numbers of entries, A-25
object classes, 6-4
in the base schema, 6-5
using command line tools, 6-14
using Oracle Directory Manager, 6-12
objects
by using ldapmodify, 4-12, 7-12
by using Oracle Directory Manager, 4-7
objects, using Oracle Directory Manager, 4-9
Oracle wallet parameter, 5-6, 5-8, 5-9, 8-4, E-6
parameters for an active instance, 8-3
parameters in an active server instance, 5-4
passwords, to Oracle data servers, 4-14
RDN, using command line tools, 7-12
replication agreement parameters, 10-15
SSL configuration parameters, 8-3
wallet passwords, 5-6, 5-8, 5-9, 8-4, E-6
modifying DNs
using ldapmoddn, 7-12
modifyTimestamp attribute, 2-5, F-4
mpstat utility, 15-2
multi-master flag, 10-18
multimaster flag, 10-18
toggling, 10-18
multimaster replication, 1-8, 2-28, 13-4, 13-6
and high availability, 16-7
multiple configuration set entries, 8-2
multiple directories, synchronizing with Oracle Internet Directory, 2-46
multiple server processes, 2-24
multiple threads, A-17
in ldapaddmt, A-6
increasing the number of, A-6
multithreaded command line tools
ldapaddmt, 4-12, 7-12, A-6
ldapmodifymt, 4-12, 7-12, A-17
multithreaded LDAP servers, 1-8
multi-valued attributes, 2-6
adding values to, using ldapmodify, A-15
converting to single-valued, 6-16
member, 7-9
orclEntryLevelACI, 9-4

N

names, of object classes, 6-7
naming contexts
definition, 2-11
in partitioned directories, 2-42
in replication, 2-27, 10-2
managing, 5-16
publishing, 2-11, 5-16
by using ldapmodify, 5-17
by using Oracle Directory Manager, 5-14, 5-17
searching for, 2-11
searching for published, 5-16
subordinate, 2-43
naming entries, 2-2, 13-3
namingContexts attribute, 5-15, 5-16
multi-valued, 5-16
National Language Support (NLS)
bulkdelete, 12-9
bulkload, 12-8
bulkmodify, 12-10
command line tools, 12-5
Java clients
ldapadd, 12-6
ldapaddmt, 12-6
ldapbind, 12-6
ldapcompare, 12-7
ldapdelete, 12-7
ldapmoddn, 12-7
ldapmodify, 12-7
ldapmodifymt, 12-7
ldapsearch, 12-6
ldifwrite, 12-9
settings for Oracle Internet Directory, 12-2
navigating Oracle Directory Manager, 4-7
navigator pane, in Oracle Directory Manager, 4-7
net service name, 3-2, 3-3, A-30, A-31
Net8, 2-23, 2-25
preparing for replication, 10-3
network
bandwidth, 14-15
capacity planning, 14-15
connectivity, in capacity planning, 14-2
requirements, 14-15
Network Interface Cards (NICs), failures of, 16-8
network-level connection redirection, 16-6
network-level failover, 16-6
new features, xxix
Oracle Wallet Manager, C-1
new syntaxes, adding, 2-7
newdb.sql, B-10
NLS. See National Language Support (NLS).
NLS_LANG environment variable, 12-2
settings, 12-2
specifying, 12-3
no authentication, in access control, 9-23, 9-27
no SSL authentication option, 4-6
node in Oracle Internet Directory, 2-20
non-default port, running on, 4-3
normal mode, running directory servers in, E-5
NOS directories, 13-2, 13-3
not null filter, in Oracle Directory Manager, 6-8
Novell's eDirectory solution, 13-2
null values, in attributes, 6-3

O

o attribute, 2-6
object class explosion, 6-3
object class types
abstract, 2-9
auxiliary, 2-10
structural, 2-9, 2-10
object classes, 2-8
adding, 6-2, 6-3
concurrently, using ldapaddmt, A-6
using command line tools, 6-14
using Oracle Directory Manager, 6-10
as metadata in schema, 2-12
assigning to entries, 6-2, 6-3
converting auxiliary, 6-4
creating, using Oracle Directory Manager, 4-8
defining, 2-8
deleting, using Oracle Directory Manager, 6-13
explosion, 6-3
extensibleObject, 7-18
groupOfNames, 7-9
in base schema, 6-5
in LDIF files, A-2
managing
using command line tools, 6-14
modifying, 6-4
using command line tools, 6-14
using Oracle Directory Manager, 6-12
orclauditoc, 5-26
redefining mandatory attributes in, 6-4
referral, 7-18
removing attributes from, 6-5
removing superclasses from, 6-5
rules, 2-10
searching for, 6-6
structural, converting, 6-5
subclasses, 2-9
defining, 2-8
superclasses, 2-9, 6-10
tab in Oracle Directory Manager, 6-9
top, 2-9
types of, 2-9
unique name of, 6-4
unique object identifier, 6-4
viewing, 6-9
object identifiers, of object classes, 6-7
objectclass attribute, 5-26
objects
adding, by using Oracle Directory Manager, 4-9
comparing, 4-8
of ACI directives, 9-6
searching for, using Oracle Directory Manager, 4-9
OCI. See Oracle Call Interface.
OFA. See Optimal Flexible Architecture (OFA).
OID Control Utility, 3-2, 4-14
restart command, 5-4
run-server command, 4-14
start and stop server instances, 3-3
stop-server command, 4-14
syntax, A-31
OID Database Password Utility, 4-14, 5-31
OID database statistics collection tool, 4-15
syntax, A-37
OID Monitor, 2-22, 4-14
sleep time, 3-2, A-30
starting, 3-2, 3-3, A-30
syntax, A-30
OID Password Utility, 4-14
OID reconciliation tool, 4-15, 10-33
oidctl. See OID Control Utility
OIDLDAPD, 3-5, A-33
oidmon. See OID Monitor.
OIDREPLD, 3-7, A-35
OLTS_ATTRSTORE tablespace, 14-13, 15-9
OLTS_CT_CN tablespace, 14-13
OLTS_CT_DN tablespace, 14-13, 15-9
OLTS_CT_OBJCL tablespace, 14-13
OLTS_CT_STORE tablespace, 14-13
OLTS_DEFAULT tablespace, 14-13
OLTS_IND_ATTRSTORE, 15-9
OLTS_IND_ATTRSTORE tablespace, 14-13
OLTS_IND_CT_DN, 15-9
OLTS_IND_CT_DN tablespace, 14-13
OLTS_IND_CT_STORE tablespace, 14-13
one-level search, 7-3
one-way authentication, SSL, 2-13, 4-6, E-6
online administration tool. See Oracle Directory Manager
open cursors parameter, 15-10
OPEN_CURSORS, 15-11
operational attributes, 5-13
ACI, 2-16
Operations menu item, in Oracle Directory Manager, 4-8
Optimal Flexible Architecture (OFA), B-2
optional attributes, 2-8, 6-3
adding to pre-defined object classes, 2-8
entering values for, 7-7
in object classes, 6-7
options
attribute, 2-7
Oracle background processes, 15-11
Oracle Call Interface, 2-25
Oracle data servers
changing password to, 4-14
error, G-2
Oracle database servers, changing password to, 5-31
Oracle Directory Manager, 1-7, 7-3
adding
ACPs, 9-29
attributes, 6-20
configuration set entries, 5-4
entries, 7-6
group entries, 7-9
object classes, 6-10
objects, 4-7
Apply button vs. OK button, 4-7
attributes, searching for, 6-17
Cancel button, 4-7
connecting to a directory server, 4-7, 4-9
create access control policy point menu, 4-8
Create button, 4-9
Create Entry menu item, 4-8
Create Like button, 4-9, 7-7
Create Like operation, 4-7
creating an attribute, 4-8
creating object classes, 4-8
Delete button, 4-9
deleting configuration set entries, 5-4
deleting objects, 4-9
disconnecting from a directory server, 4-7
displaying help navigator, 4-8
Edit button, 4-9
Edit menu, 4-7
Ends With filter, 6-8
entries management, 4-11
Exact Match filter, 6-8, 7-4, 9-22, 9-26
Exit menu item, 4-7
File menu, 4-7
Find Attributes button, 6-17
Find Objects button, 4-9, 6-6
granting access, 9-16
Greater or Equal filter, 6-8, 7-4, 9-22, 9-26
Help button, 4-9
Help menu item, 4-8
launching, 4-2
Less or Equal filter, 6-8, 7-4, 9-22, 9-26
listing attribute types, A-3
managing
ACPs, 4-11
configuration set entries, 5-4
entries, 4-11
object classes, 6-6
menu bar, 4-7
modifying
configuration set entries, 2-24
object classes, 6-12
objects, 4-7, 4-9
replication agreements, 10-15
modifying configuration set entries, 5-4
modifying entries, 7-10
navigating, 4-7
not null filter, 6-8
Operations menu, 4-8
overview, 4-2
Present filter, 7-4
purge schedule, setting, 10-12
Refresh button, 4-9
Refresh Entry button, 4-9
Refresh Subtree Entries button, 4-9
removing objects, 4-7
Revert button, 4-7
root of search, 7-2
running, 4-2
schema administration, 4-11
search criteria bar, 7-3
search filters, 6-8
searching
entries, 7-2
for an object, 4-9
for attributes, 6-17
selecting attribute syntax type, 6-29
starting, 4-2
starting on Sun Solaris, 4-2
tear-off menu item, 4-8
toolbar, 4-9
updating, 4-8
subtree entry data, 4-9
View menu, 4-8
viewing
entry attributes, 7-6
Oracle Directory Replication
server
starting, 10-18
Oracle Directory Replication Server, 1-7
starting, 3-6, A-34, A-35
stopping, 3-7, A-35
Oracle directory replication server, 2-22, 2-23
Oracle directory server, 1-7, 2-22, 2-23
Oracle directory server instances, 2-23
starting, 3-5, A-33
stopping, 3-5, A-33
Oracle directory version, 5-14
Oracle foreground processes
restricting, 15-7
tuning CPU for, 15-6
Oracle instances, 10-5
Oracle NLS, 2-18
Oracle SQL*Loader, used by bulkload, A-23
Oracle Wallet Manager, 2-14
Oracle wallets, E-6
changing location of, 5-6, 5-8, 5-9, 8-4, E-6
Oracle8i, 2-25
Advanced Symmetric Replication, 2-29
database, 2-22
Oracle8i Replication Manager, configuring Advanced Symmetric Replication (ASR), 10-3
orclACI, 9-2, E-3
access to, 9-2
optional attribute in top, 2-10
orclAgreementID, 10-14, 10-16
orclAgreementId, E-4
orclauditattribute, E-5
orclAuditLevel, E-5
orclauditlevel attribute, 5-28
orclauditlevel operational attribute, 5-24, 5-25
orclauditmessage, E-5
orclauditmessage attribute, 5-26
OrclAuditOC, E-5
orclauditoc attributes, 5-26
orclauditoc object class, 5-26
orclCatalogEntryDN, E-4
orclChangeLogLife, 10-11
orclChangeRetryCount, 10-10, 10-13, E-4
orclConfigSet, E-4
orclconfigsetnumber, E-4
orclConsumerReference, E-4
orclcontainerOC, E-4
orclCryptoScheme attribute, 5-15
orclDBType, E-4
orclDebugLevel, E-4
orcldebuglevel configuration set entry, E-5
orclDirReplGroupAgreement, 10-10, 10-11, E-4
orclDirReplGroupDSAs, 10-10, 10-16, 10-17, E-4
orclDITRoot, E-4
orclEntryLevelACI, 9-3, 9-4, E-3
optional attribute in top, 2-10
orcleventLog, E-4
orclEvents, E-4
orcleventtime, E-5
orcleventtime attribute, 5-26
orcleventtype, E-5
orcleventtype attribute, 5-26
orclExcludedNamingcontexts, 10-16, E-4
orclGuid, E-4
optional attribute in top, 2-10
orclGuName, E-4
orclguname attribute, 5-22
orclGuPassword, E-4
orclgupassword attribute, 5-22
orclhostname, E-4
orclIndexedAttribute, E-4
orclIndexOC, E-4
orclLDAPInstance, E-4
orclLDAPSubConfig, E-4
ORCLMAXCC, 15-4
orclMaxCC, E-4
orclmaxcc, 2-24
orclmaxcc configuration set entry, E-5
orclOpResult, E-5
orclopresult attribute, 5-26
orclParentGUID, E-4
orclPrivilegeGroup, 7-9
orclPrName, E-4
orclprname attribute, 5-22
orclPrPassword, E-4
orclprpassword attribute, 5-22
orclPurgeSchedule, 10-11, 10-12, E-4
orclReplAgreementEntry, E-4
orclReplBindDN, E-4
orclReplBindPassword, E-4
orclReplicationProtocol, 10-17, E-4
orclREPLInstance, E-4
orclREPLSubConfig, E-4
orclSequence, E-5
orclsequence attribute, 5-26, 5-27
orclServerEvent, E-5
orclServerMode, E-4
orclServerMode attribute, 5-15
ORCLSERVERPROCS, 15-4
orclServerProcs, E-4
orclserverprocs, 2-24
orclserverprocs configuration set entry, E-5
orclSizeLimit, E-4
orclSizeLimit attribute, 5-15
orclssl authentication configuration set entry, E-6
orclsslAuthentication, E-4
orclsslEnable, E-4
orclsslenable, E-5
orclsslenable configuration set entry, E-5
orclsslPort, E-4
orclsslport configuration set entry, E-5
orclsslVersion, E-4
orclsslWalletPasswd, E-4
orclsslwalletpasswd configuration set entry, E-6
orclsslWalletURL, E-4
orclsslwalleturl configuration set entry, E-6
orclSuffix, E-4
orclSuName, E-4
orclsuname attribute, 5-22
orclSuPassword, E-4
orclsupassword attribute, 5-22
orclSupplierReference, E-4
orclThreadsPerSupplier, 10-11
orclTimeLimit, E-4
orclTimeLimit attribute, 5-15
orclUpdateSchedule, 10-16, E-4
orclUseEncrypt, E-4
orcluserdn, E-5
orcluserdn attribute, 5-26
organization attribute, 2-6
organizationalUnitName, 2-6
overall throughput, 15-2
overriding user-specified configsets, 3-8, A-36

P

paging, 14-14
partitioning, 2-26, 2-42
deployment considerations, 13-5
password encryption, 2-12
changing by using ldapmodify, 5-18
changing by using Oracle Directory Manager, 5-17
changing scheme, 5-17
setting
by using Oralce Directory Manager, 5-14
password-based authentication, 2-13, 4-4
passwords
encryption, 2-18
default, 2-18
MD4, 2-18
MD5, 2-18
SHA, 2-18
UNIX crypt, 2-18
encryption options, 2-18
for shell tools, 4-13, 7-15
for SSL wallets, 4-6
modifying, 5-6, 5-8, 5-9, 8-4, E-6
setting, E-6
for using bulk tools, 4-13
to a directory, changing, 5-20
to Oracle data servers, 4-14
changing, 5-31
performance
add or modify, 15-12
metrics, 15-2
replication and, 2-26, 13-6
search, 15-12
troubleshooting, 15-12
using multiple threads, A-6
using orclEntryLevelACI, 9-3
permissions, 2-12, 2-16
granting
by using command line tools, 9-34
by using Oracle Directory Manager, 9-16
physical distribution
partitions and replicas, 13-4
physical memory, 14-13
PKI authentication, 2-17
policies
naming, exploiting existing, 13-3
pooling, connection, 1-8
port, 4-4
default, 3-5, 3-7, 4-3, A-33, A-35
port 389, 3-5, 3-7, A-33, A-35, E-5
port 636, 3-5, 3-7, A-33, A-35, E-5
precedence rules
ACL evaluation, 9-11
in conflicting access policies, 9-3
prescriptive access control, 9-2
Present filter, Oracle Directory Manager, 7-4
printing communication with the back-end, 5-24
printing out packets sent and received, 5-24
privacy, data, 2-12, 2-17
using SSL, 1-8
private key, 2-14
privilege groups, 9-4
privileges, 2-12, 2-14, 2-16
process instance location, 5-14
processes, 2-22
Oracle background, 15-11
Oracle foreground
restricting, 15-7
processing power of CPU, 14-16
processor affinity, on SMP systems, 15-6
proxy user
definition, 5-20
managing user name and password, 5-20
public key, 2-14
public key infrastructure, 2-17
purge schedule, setting using Oracle Directory Manager, 10-12
purging, change log, 2-30
change number-based, 2-30
purging,change log
time-based, 2-30

Q

query entry return limit, 5-14
querying
audit log, 5-25
critical events, 5-25

R

Radicati, Sara, xxvii
RAID, 15-10
RC4_40 encryption, 2-17
RDNs. See relative distinguished names (RDNs)
read-focused, directories as, 1-3
recovery features, in Oracle8i, 1-8
redefining mandatory attributes, 6-4
Redo Log Buffers parameter, 15-12
redundancy, 16-2
and failover, 13-4
redundant links, 16-8
ref attribute, 7-18
referral object class, 7-18
referrals
See knowledge references
Refresh button, in Oracle Directory Manager, 4-9
Refresh Entry button, in Oracle Directory Manager, 4-9
Refresh Entry menu item, 4-8
Refresh Subtree Entries button, in Oracle Directory Manager, 4-9
Refresh Subtree Entries menu item, 4-8
relational database contrasted to directory, 1-3
relative distinguished names (RDNs), 2-3
displaying for each entry, 7-2
modifying
using command line tools, 7-12
using ldapmodify, A-16
modifying, using ldapmoddn, 4-12, 7-12
reliability, and replication, 2-26
removing
attributes from an object class, 6-5
objects
using command line tools, A-10, A-13
using Oracle Directory Manager, 4-7, 4-9
replacing attribute values, using ldapmodify, A-15
replicas, 2-26
in deployment, 13-4
replicated directories, conceptual discussion, 2-26
replication, 2-26
adding a new node for, 10-19, 10-24
Advanced Symmetric Replication (ASR)
agreement parameters, 10-14
modifying, 10-15
viewing, 10-15
agreements, 2-28, 5-14, 10-15
adding nodes to, 10-17
configuring, 10-9
change logs, 1-8, 2-34
cold backup, B-1
configuring, 10-9
Advanced Symmetric Replication (ASR), 10-6
sqlnet.ora, 10-4
tnsnames.ora, 10-4
conflicts
resolving manually, 10-29
database copy procedure, B-1
deleting a node, 10-25
failure tolerance, 13-6
garbage collection, 10-11
in deployment, 13-6
installing, 10-2
load balancing, 13-6
log location, 5-14
login events, 5-28
loose consistency model, 13-6
multimaster, 1-8, 2-28, 13-4
naming contexts, 10-2
nodes
adding, 10-19
deleting, 10-25
overview, 2-33
performance and, 2-26
preparing Net8 environment, 10-3
process in deatil, 2-35
reasons to implement, 13-6
reliability and, 2-26
server, 1-7, 2-22, 2-23
configuration set entries, 10-10
starting, 3-6, A-34, A-35
stopping, 3-7, A-35
specifying number of worker threads, 10-12
sponsor node, B-3
status location, 5-15
transport mechanism, 2-29
replication-specific debugging, 5-24
restarting
a directory server, 3-7, 5-4, A-35
listener for directory database, 10-6
Revert button, in Oracle Directory Manager, 4-7
RFCs enforced by Oracle Internet Directory, E-2
rollback segments, 10-5
creating, 10-4
root of search
entering, 7-2
selecting, 7-3
rules, LDIF, A-3
run-server command, using OID Control Utility, 4-14

S

SASL. See Simple Authentication and Security Layer (SASL).
scalability, of Oracle Internet Directory, 1-8
schema
adding and changing object classes (online), 6-2
administration, 6-1
using Oracle Directory Manager, 4-11
definition location, 5-15
definitions in subSchemaSubentry, 2-12
distributed among several tablespaces, 15-9
elements, E-1
add/replace event, 5-27
delete event, 5-27
for specific Oracle products, E-3
Schema Management pane, in Oracle Directory Manager, 6-9
schema-related debugging, 5-24
scripts, batched line-mode commands, 6-14
Search ACPs button, 4-9
Search ACPs menu item, 4-8
search and compare operations, 2-7
search criteria bar, in Oracle Directory Manager, 7-3
search depth, specifying, 7-3
search filter processing, 5-24
search filters
IETF-compliant, A-18
ldapsearch, A-19
search results, specifying maximum number of entries, 7-3
searches
configuring
by using ldapmodify, 5-20
byuUsing Oracle Directory Manager, 5-19
setting maximum amount of time
by using ldapmodify, 5-20
setting maximum number of entries returned
by using ldapmodify, 5-20
by using Oracle Directory Manager, 5-19
setting maximum time
by using Oracle Directory Manager, 5-19
searching
audit log entries, 5-26
duration, 7-3
entries, 7-2
base level, 7-3
one-level, 7-3
root of search, 7-2
search depth, 7-3
subtree level, 7-3
using ldapsearch, A-18
for attributes
using Oracle Directory Manager, 6-17
for audit log entries, 5-25
for object classes, 6-6
for objects
using Oracle Directory Manager, 4-9
for objects, using Oracle Directory Manager, 4-9
making attributes available for, 6-27
specifying maximum number of entries, 7-3
using filters, 6-8
secure
mode
running directory servers in, E-5
running server instances in, 8-2
port 636, 8-2
Secure Hash Algorithm (SHA), 5-14, 5-15, 5-18
Secure Sockets Layer (SSL)
configuring, 4-3
enabling Oracle Directory Manager, 4-5
security, 2-12
for different clients, 8-2
in LDAP Version 3, 1-6
SSL parameters for different clients, 8-2
within Oracle Internet Directory environment, 2-12
selected audit log events, 5-28
selecting
an entry's superclass, 7-7
attribute syntax type, 6-29
selecting root of search, 7-3
server
replication, 1-7
server instances
running, 4-2
running in secure mode, 8-2
server mode, 5-15
server operation time limit, 5-15
server processes
number of, E-5
too many, 15-5
servers
configuring, using input files, 7-12
connecting to, 4-4
directory, 1-7
connecting to, 4-3
parameters, configuring, 4-17
processes, 2-24
multiple, 2-24
SESSIONS parameter, 15-10
session-specific user identity, 2-12
setting
debug logging levels, 5-23
using the OID Control Utility, 5-23
system operational attributes, 5-13
SGA. See System Global Area (SGA).
SHA, 5-14, 5-15, 5-18, F-4
SHA (Secure Hash Algorithm), for password encryption, 2-18
shared pool size, 15-8
parameter, 15-10
Siemens DirXMetahub, 2-47
simple authentication, 1-8, 2-13
for access control subjects, 9-23, 9-27
Simple Authentication and Security Layer (SASL), in LDAP Version 3, 1-6
single-valued attributes, 2-6
converting to multi-valued, 6-16
size
of attribute values, E-10
of database cache, 13-10
sizing, 13-7, 13-9
I/O subsystem, 14-6
sizing tablespaces, 14-10
sleep time, OID Monitor, 3-2, A-30
smart knowledge references, 2-45
smart knowledge references, configuring, 7-19
sn attribute, 2-6
software-based connection redirection, 16-7
sort area parameter, 15-12
specifying attributes, as mandatory or optional, 6-3
SPECint_rate95 baseline, 14-16
sponsor node, 10-21
cold backup procedures, B-3
sqlnet.ora, configuring for replication, 10-4
SSL, 4-5
attribute values, E-4
authenticated access, 1-8
authentication, 9-7
for Oracle Directory Manager, 4-6
one-way, 4-6
server only, 4-6
cipher suites, 8-2
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, 8-2
SSL_RSA_EXPORT_WITH_RC4_40_MD5, 8-2
SSL_RSA_WITH_NULL_MD5, 8-2
SSL_RSA_WITH_NULL_SHA, 8-2
supported in Oracle Internet Directory, 8-2
client scenarios, 8-2
components, 2-14
configuration parameters, 8-2
modifying, 8-3
configuring, 4-3
data privacy, 1-8
default port, 2-15, E-5
disabling, E-5
enabling, 8-2, A-5, A-7, A-8, A-13, A-17, E-5
handshake, 2-15, 8-2
how it works, 2-15
modifying orclsslwalleturl parameter, 5-6, 5-8, 5-9, 8-4, E-6
no authentication, 2-13, 4-6, E-6
for access control subject, 9-23, 9-27
one-way authentication, 2-13
for access control subjects, 9-23, 9-27
parameters, 8-2
password, 4-6
port 636, 8-2
strong authentication, 2-17
toggling on and off, E-5
two-way authentication, 2-13, E-6
for access control subjects, 9-23, 9-27
Version 2, 8-2
Version 3, 8-2
wallets, 2-14, E-6
changing location of, 5-6, 5-8, 5-9, 8-4, E-6
changing passwords, 5-6, 5-8, 5-9, 8-4, E-6
stack, technology, 16-2
starting
directory servers, 3-4, 4-17, A-32
using default configuration, 3-8, A-36
LDAP server instance, 3-4
OID Monitor, 3-2, 3-3, A-30
Oracle Directory Manager, 4-2
on Sun Solaris, 4-2
on UNIX, 4-2
on Windows 95, 4-2
on Windows NT, 4-2
Oracle Directory Replication Server, 3-6, 10-18, A-35
Oracle directory server instance, A-32
Oracle directory server instances, 10-9
Oracle directory servers, 3-4
replication server instances, A-34
start-server commands, 5-2
stats
log results, 5-24
stats log
connections, 5-24
entries sent, 5-24
operations, 5-24
stopping
listener for directory database, 10-6
Oracle Directory Replication Server, 3-7, A-35
replication server instances, 3-7, A-35
stop-server command, 4-14
store-and-forward transport, in Oracle8i, 2-29
striping, 15-9, 15-10
strong authentication, 2-13
structural access items, 9-20
access control points, 9-20
structural object class type, 2-9, 2-10
structural object classes, converting, 6-5
structure rules, not enforced by Oracle Internet Directory, 2-10
structure, audit log entries, 5-26
subclasses, 2-9
subconfig, E-4
subentries, definition, 2-12
subordinate naming contexts, 2-43
subregistry, E-4
subSchemaSubentry
adding object classes to, 2-12
holding schema definitions, 2-12
modifying, 2-12
subtree level search, 7-3
subtrees
granting access to, 9-23, 9-28
subtrees, displaying, 7-2
Sun Solaris, starting Oracle Directory Manager on, 4-2
super user
logging in as, 4-3
managing user name and password, 5-20
super user login event, 5-27
superclass selector, 7-7
superclasses, 2-9
and inheritance, 6-3
attributes in, 6-10
attributes of, 6-10
of object classes, 6-7
superior knowledge references, 2-43
superior referrals, 2-43
superuser
definition, 5-20
suppliers, 2-26, 2-33
surname attribute, 2-6
Symmetric Multi-Processor (SMP) systems, 15-6
synchronizing with other directories, 2-46, 11-1
syntax
bulk tools, A-22
bulkdelete, A-22
bulkload, A-23
bulkmodify, A-25
catalog management tool, A-28
command line tools, A-4
LDAP, E-7
ldapadd, A-4
ldapaddmt, A-6
ldapbind, A-8
ldapcompare, A-9
ldapdelete, A-10
ldapmoddn, A-11
ldapmodify, A-13
ldapmodifymt, A-16
ldapsearch, A-18
LDIF, A-2
ldifwrite, A-27
OID Control Utility, A-31
OID Monitor, A-30
oidctl, A-31
stored in schema, 2-12
syntax, attribute, 2-7
syntaxes
cannot add to subSchemaSubentry, 2-12
tab in Oracle Directory Manager, 6-9
System Global Area (SGA), 10-5, 14-14, 15-7
sizing, 15-8
tuning for Oracle8i, 15-8
tuning parameters, 15-12
system operational attributes, 5-13
setting
by using ldapmodify, 5-15
by using Oracle Directory Manager, 5-14
SYSTEM tablespace, 14-13

T

tablespaces, 14-9
balancing, 15-9
creating, 10-4
in replication, 10-5
OLTS_ATTRSTORE, 14-13
OLTS_CT_CN, 14-13
OLTS_CT_DN, 14-13
OLTS_CT_OBJCL, 14-13
OLTS_CT_STORE, 14-13
OLTS_DEFAULT, 14-13
OLTS_IND_ATTRSTORE, 14-13
OLTS_IND_CT_DN, 14-13
OLTS_IND_CT_STORE, 14-13
sizing, 14-10
SYSTEM, 14-13
targetDN, E-4
TCP/IP connections, 16-5, 16-8, E-5
tear-off, in Oracle Directory Manager, 4-8
technology stack, 16-2
templates, creating entries from, 7-7
terminating directory servers, 4-17
throughput, 14-6
time-based change log purging, 2-30
tnsnames.ora
configuring for replication, 10-4
in cold backup, B-7
tools, for tuning, 15-2
top object class, 2-9
optional attributes in, 2-10
top utility, 15-2
trace function calls, 5-24
tracing function calls, 5-24
Transport Layer Security (TLS), and LDAP Version 3, 1-6
tree view
browsing, 7-3
selecting root of search, 7-3
troubleshooting, G-1
directory servers, 3-9
performance, 15-12
trusted certificates, 2-14
tunables, database, 15-10
tuning, 13-7, 15-1
CPU usage, 15-3
deployment considerations, 13-10
disk, 15-9
memory, 15-7
SGA parameters, 15-12
tools, 15-2
two-way authentication, SSL, E-6
types
of attributes, 2-4
of object classes, 6-7
typographical conventions, xxvii

U

Unicode Transformation Format 8-bit (UTF-8), 2-18
UNIX Crypt, F-4
UNIX crypt, 5-14, 5-15, 5-18
UNIX crypt, for password encryption, 2-18
UNIX, starting Oracle Directory Manager on, 4-2
unspecified access, 9-10, 9-28
updating
attributes, using ldapmodify, 4-12, 7-12
data, 4-9
entry data, using Oracle Directory Manager, 4-9
in Oracle Directory Manager, 4-8
subtree entry data, using Oracle Directory Manager, 4-9
upgrading from an earlier release, 3-9
in a multi-node environment, 3-10
in a single node environment, 3-10
user entries
adding, by using ldapadd, 7-13
adding, by using Oracle Directory Manager, 7-8
modifying, by using ldapmodify, 7-13
modifying, by using Oracle Directory Manager, 7-11
User field, in Oracle Directory Manager, 4-3
user login, 4-3
user names and passwords
managing
by using ldapmodify, 5-22
by using Oracle Directory Manager, 5-21
user password modification event, 5-28
User Preferences button, 4-9
User Preferences menu item, 4-8
userPassword attribute, hash values, F-4
UTF-8. See Unicode Transformation Format 8-bit
UTLBSTAT.SQL, 15-3
UTLESTAT.SQL, 15-3

V

version
Oracle directory, 5-14
View menu, in Oracle Directory Manager, 4-8
viewing
an ACP, by using Oracle Directory Manager, 9-19
audit log entries, 5-25
entry attributes, 7-6
indexed attributes, 6-27
object classes, 6-9
system operational attributes, 5-13
virtual directories, 2-46
virtual memory, 14-13
vmstat utility, 15-2

W

wallets
auto login, C-8
changing a password, C-7
changing location of, 5-6, 5-8, 5-9, 8-4, E-6
closing, C-6
creating, 5-6, 5-8, 5-9, 8-4, C-4, E-6
definition, 2-14
deleting, C-7
location, E-6
managing, C-4
managing certificates, C-9
managing trusted certificates, C-12
opening, C-5
passwords, 4-6
changing, 5-6, 5-8, 5-9, 8-4, E-6
saving, C-6
SSL, E-6
wildcards, in setting access control policies, 9-36
Windows NT Performance Monitor, 15-2
Windows NT Task Manager, 15-2
Windows NT, starting Oracle Directory Manager on, 4-2
worker threads, 2-24, 15-11
specifying in replication, 10-12

X

X.509 Version 3, certificates, 2-14
Go to previous page
Oracle
Copyright © 1996-2000, Oracle Corporation.
All Rights Reserved.

Library
Product
Contents