𝔖 Scriptorium
✦   LIBER   ✦
πŸ“

Oracle Internet Directory Administrator's Guide

✍ Scribed by Smith R.

Year
2001
Tongue
English
Leaves
688
Edition
release 9.0.1
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

Oracle Internet Directory Administrator's Guide is intended for anyone who performs administration tasks for the Oracle Internet Directory. You should be familiar with either the UNIX operating system or the Microsoft Windows NT operating system in order to understand the line-mode commands and examples. You can perform all of the tasks through the line-mode commands, and you can perform most of the tasks through Oracle Directory Manager, which is operating system-independent.To use this document, you need some familiarity with the Lightweight Directory Access Protocol (LDAP).

✦ Table of Contents

Contents......Page 5
Send Us Your Comments......Page 29
Preface......Page 31
What’s New in Oracle Internet Directory?......Page 45
1 Introduction......Page 53
The Expanding Role of Online Directories......Page 54
LDAP and Simplified Directory Management......Page 56
LDAP Version 3......Page 57
Oracle Internet Directory Architecture......Page 58
Oracle Internet Directory Components......Page 59
The Advantages of Oracle Internet Directory......Page 60
2 Concepts and Architecture......Page 63
Entries......Page 64
Attributes......Page 65
Kinds of Attribute Information......Page 67
Attribute Syntax......Page 68
Attribute Options......Page 69
Object Classes......Page 70
Subclasses, Superclasses, and Inheritance......Page 71
Object Class Types......Page 72
Naming Contexts......Page 73
Security......Page 75
Globalization Support......Page 76
Oracle Internet Directory Architecture......Page 77
An Oracle Internet Directory Node......Page 78
An Oracle Directory Server Instance......Page 82
Example: How Oracle Internet Directory Works......Page 83
Replication......Page 84
Partitioning......Page 87
About Knowledge References (Referrals)......Page 88
Kinds of Knowledge References......Page 90
About Metadirectories......Page 91
About the Oracle Directory Integration Platform Environment......Page 92
3 General Deployment Considerations......Page 93
Logical Organization Of Directory Information......Page 94
DIT Hierarchy and Structure......Page 95
An Ideal Deployment......Page 96
Partitioning Considerations......Page 97
Replication Considerations......Page 98
Failover Considerations......Page 99
Capacity Planning......Page 100
Sizing Considerations......Page 101
Tuning Considerations......Page 103
Running Multiple Installations of Oracle Internet Directory on One Host......Page 104
4 Preliminary Tasks......Page 105
Starting the OID Monitor......Page 106
Task 2: Start a Server Instance......Page 107
Starting an Oracle Directory Server Instance......Page 108
Stopping an Oracle Directory Server Instance......Page 109
Starting an Oracle Directory Replication Server Instance......Page 110
Restarting Directory Server Instances......Page 111
Troubleshooting Directory Server Instance Startup......Page 112
Task 4: Reset the Default Password for the Database......Page 113
5 Using the Administration Tools......Page 115
Starting Oracle Directory Manager......Page 116
Connecting to a Directory Server......Page 117
Navigating Oracle Directory Manager......Page 121
Performing Administration Tasks by Using Oracle Directory Manager......Page 124
Using Command-Line Tools......Page 125
Using Bulk Tools......Page 127
Using the OID Database Password Utility......Page 128
Using the OID Database Statistics Collection Tool......Page 129
Administration Tasks at a Glance......Page 130
6 Managing the Oracle Directory Server......Page 135
Preliminary Considerations for Managing Configuration Set Entries......Page 136
Managing Server Configuration Set Entries by Using Oracle Directory Manager......Page 138
Managing Server Configuration Set Entries by Using Command-Line Tools......Page 144
Setting System Operational Attributes by Using Oracle Directory Manager......Page 147
Setting System Operational Attributes by Using ldapmodify......Page 149
Managing Naming Contexts......Page 150
Managing Password Policies......Page 151
Managing Password Protection......Page 155
Managing Super Users, Guest Users, and Proxy Users......Page 156
Managing Super, Guest, and Proxy Users by Using Oracle Directory Manager......Page 157
Managing Super, Guest, and Proxy Users by Using ldapmodify......Page 158
Configuring Searches by Using Oracle Directory Manager......Page 159
Configuring Searches by Using ldapmodify......Page 160
Setting Debug Logging Levels by Using the OID Control Utility......Page 161
Using Audit Log......Page 163
Structure of Audit Log Entries......Page 164
Auditable Events......Page 165
Setting the Audit Level......Page 166
Viewing Active Server Instance Information......Page 168
Changing the Password to an Oracle Database Server......Page 169
7 Managing the Directory Schema......Page 171
About Object Class Management......Page 172
Guidelines for Adding Object Classes......Page 173
Guidelines for Modifying Object Classes......Page 174
Guidelines for Deleting Object Classes......Page 175
Searching for Object Classes by Using Oracle Directory Manager......Page 176
Viewing Properties of Object Classes by Using Oracle Directory Manager......Page 179
Adding Object Classes by Using Oracle Directory Manager......Page 180
Modifying Object Classes by Using Oracle Directory Manager......Page 182
Deleting Object Classes by Using Oracle Directory Manager......Page 183
Example: Adding a New Object Class......Page 184
Example: Adding a New Attribute to an Auxiliary or User-Defined Object Class......Page 185
Rules for Modifying Attributes......Page 186
Managing Attributes by Using Oracle Directory Manager......Page 187
Viewing All Directory Attributes by Using Oracle Directory Manager......Page 188
Searching for Attributes by Using Oracle Directory Manager......Page 189
Adding an Attribute by Using Oracle Directory Manager......Page 191
Modifying an Attribute by Using Oracle Directory Manager......Page 196
Indexing an Attribute by Using Oracle Directory Manager......Page 198
Adding and Modifying Attributes by Using ldapmodify......Page 199
Indexing an Attribute by Using Command-Line Tools......Page 200
Viewing Matching Rules by Using Oracle Directory Manager......Page 201
Viewing Syntaxes by Using by Using ldapsearch......Page 202
8 Managing Directory Entries......Page 203
Searching for Entries by Using Oracle Directory Manager......Page 204
Searching for Audit Log Entries by Using Oracle Directory Manager......Page 208
Adding Entries by Using Oracle Directory Manager......Page 210
Modifying Entries by Using Oracle Directory Manager......Page 214
Managing Entries with Attribute Options by Using Oracle Directory Manager......Page 215
Command-Line Tools for Managing Entries......Page 217
Example: Modifying a User Entry by Using ldapmodify......Page 218
Managing Entries with Attribute Options by Using Command-Line Tools......Page 219
Importing an LDIF File by Using bulkload......Page 220
Deleting a Large Number of Entries......Page 222
Configuring Smart Knowledge References......Page 223
Configuring Default Knowledge References......Page 224
9 Managing Globalization Support in the Directory......Page 227
The NLS_LANG Environment Variable......Page 228
An LDIF file Containing Only ASCII Strings......Page 229
An LDIF file Containing UTF-8 Encoded Strings......Page 230
Specifying the -E Argument When Using Each Tool......Page 231
Examples: Using the -E Argument with Command-Line Tools......Page 232
Setting NLS_LANG in the Client Environment......Page 233
Using Globalization Support with bulkload......Page 234
Using Globalization Support with ldifwrite......Page 235
Using Globalization Support with bulkmodify......Page 236
10 Managing the Delegated Administration Service......Page 237
Concepts and Architecture......Page 238
Task 2: Configure the Delegated Administration Service......Page 239
Task 3: Verify that the Delegated Administration Service Is Running......Page 244
11 About Security in Oracle Internet Directory......Page 247
Data Privacy......Page 248
Authentication......Page 249
Authorization......Page 250
Password Protection......Page 252
Directory-Based Application Security......Page 253
12 Managing Secure Sockets Layer (SSL)......Page 259
Configuring SSL Parameters......Page 260
Configuring SSL Parameters by Using Oracle Directory Manager......Page 261
Issues Specific to This Release of Oracle Internet Directory......Page 263
13 Managing Directory Access Control......Page 265
Access Control Management Constructs......Page 266
Access Control Information Components......Page 270
How ACL Evaluation Works......Page 274
Managing Access Control by Using Oracle Directory Manager......Page 279
Configuring Searches for ACPs When Using Oracle Directory Manager......Page 280
Viewing an ACP by Using Oracle Directory Manager......Page 281
Adding an ACP and Creating Access Items by Using Oracle Directory Manager......Page 283
Adding an ACP by Using the ACP Creation Wizard of Oracle Directory Manager......Page 288
Modifying ACPs and their ACI Directives by Using Oracle Directory Manager......Page 297
Example: Managing ACPs by Using Oracle Directory Manager......Page 308
Granting Entry-Level Access by Using Oracle Directory Manager......Page 311
Example: Setting Up an Inheritable ACP by Using ldapmodify......Page 312
Example: Using Wild Cards......Page 313
Example: Using Attribute and Subject Selectors......Page 314
Example: Granting Selfwrite Access to Group Entries......Page 315
14 About Directory Replication......Page 319
Directory Replication Groups and Replication Agreements......Page 320
Replication Architecture......Page 321
Change Log Purging......Page 324
Levels at Which Replication Conflicts Occur......Page 325
Automated Resolution of Conflicts......Page 326
How the Replication Process Adds a New Entry to a Consumer......Page 327
How the Replication Process Deletes an Entry......Page 328
How the Replication Process Modifies an Entry......Page 329
How the Replication Process Modifies a Relative Distinguished Name......Page 330
How the Replication Process Modifies a Distinguished Name......Page 331
15 Managing Directory Replication......Page 335
Installing and Configuring Replication......Page 336
Task 3: At the MDS, Set Up Oracle9i Replication for a Directory Replication Group......Page 337
Task 6: Configure Replication......Page 344
Task 7: Start the Replication Servers on All the Nodes......Page 353
Adding a Replication Node......Page 354
Task 2: Configure the New Node into the LDAP Replication Group on All the Existing Nodes......Page 355
Task 4: Backup the Sponsor Node by Using ldifwrite......Page 356
Task 5: Perform Oracle9i Replication Add Node Setup......Page 357
Task 6: Switch the Sponsor Node to Updatable Mode......Page 358
Task 11: Start the Directory Replication Server on the New Node......Page 359
Task 1: Stop the Directory Replication Server on All Nodes......Page 360
Task 3: Delete the Node from the Master Definition Site......Page 361
Task 4: Start the Directory Replication Server on All Nodes......Page 362
Task 6: Restart the Directory Replication Server on the Remaining Nodes......Page 363
Examples of Conflict Resolution Messages......Page 364
Using the Human Intervention Queue Manipulation Tool......Page 365
Identifying a Node as Independent of Its Host......Page 366
16 Adding a Node to a DRG by Using the Database Copy Procedure......Page 369
New Directory Site Environment......Page 370
Tasks To Be Performed on the Sponsor Node......Page 371
Tasks To Be Performed on the New Node......Page 376
Verification Process......Page 379
17 Capacity Planning Considerations......Page 383
About Capacity Planning......Page 384
Getting to Know Directory Usage Patterns: A Case Study......Page 385
About the I/O Subsystem......Page 388
Rough Estimates of Disk Space Requirements......Page 389
Detailed Calculations of Disk Space Requirements......Page 390
Memory Requirements......Page 394
Network Requirements......Page 396
CPU Configuration......Page 397
Detailed Calculations of CPU Requirements......Page 398
Summary of Capacity Plan for Acme Corporation......Page 401
18 High Availability And Failover Considerations......Page 403
Oracle Internet Directory and Oracle9i Technology Stack......Page 404
Alternate Server List from the Oracle Internet Directory Server......Page 406
Failover Options in the Public Network Infrastructure......Page 407
Availability and Failover Capabilities in Oracle Internet Directory......Page 409
Redundant Links......Page 410
High Availability Deployment Examples......Page 411
19 Tuning Considerations......Page 413
Tools for Performance Tuning......Page 414
CPU Usage Tuning......Page 415
Tuning CPU for Oracle Internet Directory Processes......Page 416
Taking Advantage of Processor Affinity on SMP Systems......Page 418
Memory Tuning......Page 419
Other Alternatives for a Memory-Constrained System......Page 420
Balancing Tablespaces......Page 421
Database Tuning......Page 422
Parameters Dependent on Oracle Internet Directory Server Configuration......Page 423
Performance Troubleshooting......Page 424
20 Managing Failover in Cluster Configurations......Page 427
Introduction......Page 428
Configuring Failover in a Clustered Environment......Page 430
Step 2: Start a Directory Server or Directory Replication Server by Using the OID Control Utility......Page 431
Step 3: Stop, then Restart, the Directory Server and OID Monitor......Page 432
How Failover Works in a Clustered Environment......Page 433
21 Managing Directory Failover in an Oracle9i Real Application Clusters Environment......Page 435
Terminology......Page 436
Oracle Internet Directory with Basic High Availability Configuration......Page 437
Oracle Internet Directory with Default N-Node Configuration......Page 441
The Oracle Directory Replication Server in an Oracle9i Real Application Clusters Environment......Page 447
22 About the Oracle Directory Integration Platform......Page 451
About Metadirectories......Page 452
About the Oracle Directory Integration Platform Environment......Page 453
Architecture......Page 454
Connected Directories......Page 455
Directory Integration Agents......Page 456
Directory Integration Toolkit......Page 457
Agent Configuration Information......Page 458
Attribute Mapping Rules......Page 459
Oracle Directory Manager......Page 460
How the Oracle Directory Integration Platform Works......Page 461
A Scenario: Deploying Oracle Human Resources Agent......Page 462
23 Managing Directory Integration Agents and Profiles......Page 463
Import and Export Operations......Page 464
Synchronization Scenarios......Page 466
Types of Agents......Page 468
Change Log Interfaces......Page 469
Registration of Partner Agents into Oracle Directory Integration Platform......Page 470
Mapping Rules......Page 474
Location of Files......Page 478
Managing Partner Agents by Using Oracle Directory Manager......Page 479
Managing Partner Agents from the Command Line......Page 483
24 Managing the Oracle Directory Integration Server......Page 485
About the Oracle Directory Integration Server......Page 486
Configuration Data Refresh......Page 487
Registering the Oracle Directory Integration Server......Page 488
Managing Configuration Set Entries......Page 490
Starting the Oracle Directory Integration Server......Page 491
Stopping the Oracle Directory Integration Server......Page 493
Using the Oracle Directory Integration Server in SSL Mode......Page 494
Finding the Log File......Page 497
Setting the Debug Level......Page 498
Viewing Oracle Directory Integration Server Information......Page 499
Viewing Oracle Directory Integration Server Runtime Information by Using ldapsearch......Page 500
25 Managing Security in the Oracle Directory Integration Platform......Page 503
Oracle Directory Integration Server Authentication......Page 504
Access Controls for the Oracle Directory Integration Server......Page 506
Access Controls for Agents......Page 507
Tools Security......Page 508
26 Bootstrapping a Directory in the Oracle Directory Integration Platform......Page 509
Using External Tools to Import Data into Oracle Internet Directory......Page 510
Using an Agent to Import Data in Oracle Internet Directory......Page 511
Bootstrapping a Connected Directory from Oracle Internet Directory......Page 512
27 Synchronizing with Oracle Human Resources......Page 513
Data that You Can Import from Oracle Human Resources......Page 514
Configuring a Directory Integration Profile for the Oracle Human Resources Agent......Page 516
Customizing the List of Attributes to Be Synchronized with Oracle Internet Directory......Page 521
Customizing Mapping Rules for the Oracle Human Resources Agent......Page 524
Running Synchronization from Oracle Human Resources to Oracle Internet Directory......Page 527
Boostrapping Oracle Internet Directory from Oracle HR......Page 530
A Syntax for LDIF and Command-Line Tools......Page 533
LDAP Data Interchange Format (LDIF) Syntax......Page 534
ldapadd Syntax......Page 536
ldapaddmt Syntax......Page 538
ldapbind Syntax......Page 540
ldapcompare Syntax......Page 541
ldapdelete Syntax......Page 543
ldapmoddn Syntax......Page 545
ldapmodify Syntax......Page 547
ldapmodifymt Syntax......Page 552
ldapsearch Syntax......Page 554
bulkdelete Syntax......Page 559
bulkload Syntax......Page 560
bulkmodify Syntax......Page 561
ldifwrite Syntax......Page 563
Catalog Management Tool Syntax......Page 564
Starting the OID Monitor......Page 566
OID Control Utility Syntax......Page 567
Starting and Stopping an Oracle Directory Server Instance......Page 568
Starting and Stopping an Oracle Directory Replication Server Instance......Page 570
Restarting Directory Server Instances......Page 571
Troubleshooting Directory Server Instance Startup......Page 572
Human Intervention Queue Manipulation Tool Syntax......Page 573
Moving a Change from the Human Intervention Queue into the Purge Queue......Page 574
Examples: Using the Human Intervention Queue Manipulation Tool......Page 575
OID Reconciliation Tool Syntax......Page 576
How the OID Reconciliation Tool Works......Page 577
OID Database Statistics Collection Tool Syntax......Page 579
B Using Access Control Directive Format......Page 581
Schema for orclACI......Page 582
Schema for orclEntryLevelACI......Page 583
C Schema Elements......Page 585
IETF Requests for Comments (RFCs) Enforced by Oracle Internet Directory......Page 586
Proprietary Oracle Internet Directory Schema Elements......Page 587
LDAP Syntax Enforced by Oracle Internet Directory......Page 591
Commonly Used LDAP Syntax Recognized by Oracle Internet Directory......Page 592
Additional LDAP Syntax Recognized by Oracle Internet Directory......Page 593
Matching Rules......Page 594
D Using Oracle Wallet Manager......Page 597
Overview......Page 598
Creating a New Wallet......Page 600
Opening an Existing Wallet......Page 601
Saving the Open Wallet to a New Location......Page 602
Changing the Password......Page 603
Using Oracle Wallet Manager with Oracle Application Server......Page 604
Managing User Certificates......Page 605
Managing Trusted Certificates......Page 608
E Upgrading from Oracle Internet Directory Release 2.1.1......Page 613
Upgrading in a Multi-Node Environment......Page 614
Upgrading One Node at a Time......Page 615
Upgrading All the Nodes at the Same Time......Page 617
LDIF-Based Upgrading......Page 619
F Migrating Data from Other LDAP-Compliant Directories......Page 621
Migrating Data......Page 622
Task 4: Remove Any Proprietary Directory Data from the LDIF File......Page 623
Task 7: Run the bulkload.sh -check Mode and Determine Any Remaining Schema Violations or Duplicat.........Page 624
G Troubleshooting......Page 625
Standard Error Messages Returned from Oracle Directory Server......Page 626
Additional Error Messages......Page 630
Glossary......Page 635
Index......Page 659

πŸ“œ SIMILAR VOLUMES

Oracle Internet Directory Application De
πŸ“ Oracle Internet Directory Application Developer's Guide
✍ Smith R. πŸ“‚ Library πŸ“… 2001 🌐 English

Oracle Internet Directory Application Developer's Guide provides information for enabling applications to access Oracle Internet Directory by using the C API and the PL/SQL API.Oracle Internet Directory Application Developer's Guide is for application developers who wish to enable applications to st

Oracle Internet File System. Setup and A
πŸ“ Oracle Internet File System. Setup and Administration Guide
✍ Nicklin A. πŸ“‚ Library πŸ“… 2000 🌐 English

Oracle Internet File System (Oracle i'FS) is a file system and development platform that runs as part of the Oracle 8i database. From the perspective of an end user, Oracle iFS functions similarly to a standard file server, organizing files into hierarchies of folders.Oracle iFS combines file, Web,

Oracle Advanced Security Administrator's
πŸ“ Oracle Advanced Security Administrator's Guide
✍ Cowan M. πŸ“‚ Library πŸ“… 2001 🌐 English

Welcome to the Oracle Advanced Security Administrator's Guide for Release 9.0.1 of Oracle Advanced Security.Oracle Advanced Security contains a comprehensive suite of security features that protect enterprise networks and securely extend them to the Internet. It provides a single source of integrati

Oracle Label Security Administrator's Gu
πŸ“ Oracle Label Security Administrator's Guide
✍ Moran R. πŸ“‚ Library πŸ“… 2001 🌐 English

The Oracle Label Security Administrator's Guide describes how to use Oracle Label Security to protect sensitive data. It explains the basic concepts behind label-based security and provides examples to show how it is used.The Oracle Label Security Administrator's Guide is intended for database admin