Oracle Internet Directory Administrator's Guide Release 9.0.2 Part Number A95192-01 |
|
Oracle Internet Directory Administrator's Guide describes the features, architecture, and administration of Oracle Internet Directory. For information about installation, see the installation documentation for your operating system.
This preface contains these topics:
Oracle Internet Directory Administrator's Guide is intended for anyone who performs administration tasks for the Oracle Internet Directory. You should be familiar with either the UNIX operating system or the Microsoft Windows NT operating system in order to understand the line-mode commands and examples. You can perform all of the tasks through the line-mode commands, and you can perform most of the tasks through Oracle Directory Manager, which is operating system-independent.
To use this document, you need some familiarity with the Lightweight Directory Access Protocol (LDAP).
This document contains the chapters and appendixes listed in this section. Oracle Corporation encourages you to read the conceptual and other introductory material presented in Part I before performing installation and maintenance.
Depending on your administrative role, you may find some parts of this guide more pertinent to the tasks you perform.
Part I provides an overview of the product and its features, a conceptual foundation necessary to configure and manage a directory.
This chapter provides an introduction to directories, LDAP, and Oracle Internet Directory features.
This chapter gives an overview of online directories and Lightweight Directory Access Protocol (LDAP). Provides conceptual descriptions of directory entries, attributes, object classes, naming contexts, schemas, distributed directories, security, and National Language Support. It also discusses Oracle Internet Directory architecture.
This chapter discusses how to prepare your directory for configuration and use. It tells you how to start and stop OID Monitor and instances of Oracle directory server and Oracle directory replication server. It discusses the need to reset the default security configuration, how to upgrade from earlier releases of Oracle Internet Directory, and how to migrate data from other LDAP-compliant directories.
This chapter explains how to use the various administration tools: Oracle Directory Manager, command-line tools, bulk tools, Catalog Management tool, OID Database Password Utility, replication tools, and Database Statistics Collection tool.
Part II guides you through the tasks required to configure and maintain Oracle Internet Directory.
This chapter provides instructions for managing server configuration set entries; setting system operational attributes; managing naming contexts and password encryption; configuring searches; managing super, guest, and proxy users; setting debug logging levels; using audit log; viewing active server instance information; and changing the password to an Oracle database server.
This chapter explains what a directory schema is, what an object class is, and what an attribute is. It tells you how to manage the Oracle Internet Directory schema by using Oracle Directory Manager and the command-line tools.
This chapter explains how to search, view, add, modify and manage entries by using Oracle Directory Manager and the command-line tools.
This chapter discusses Globalization Support as used by Oracle Internet Directory.
This chapter explains the Delegated Administration Service, which enables directory users to modify their own personal data--such as addresses, phone numbers, and photos--without the intervention of an administrator. It also enables users to search other parts of the directory to which they have access. This frees directory administrators for other tasks in the enterprise.
This chapter explains the attribute uniqueness feature that enables applications synchronizing with Oracle Internet Directory to use attributes other than distinguished names as their unique keys.
Part III tells how to secure data within the directory itself and within an enterprise deployment of a directory.
This chapter describes the security features available with Oracle Internet Directory, and explains how to deploy the directory for administrative delegation.
This chapter introduces and explains how to configure the features of Secure Sockets Layer (SSL).
This chapter provides an overview of access control policies and describes how to administer directory access.
Part IV discusses important deployment considerations, including capacity planning, high availability, and tuning.
This chapter discusses general issues to consider when deploying Oracle Internet Directory. This chapter helps you assess the requirements of a directory in an enterprise and make effective deployment choices.
Many Oracle components use Oracle Internet Directory for a variety of purposes. In doing this, they rely on a consolidated Oracle Internet Directory schema and a default Directory Information Tree (DIT). This chapter:
This chapter discusses how you can exploit the way Oracle Internet Directory stores access control policies to secure applications in a large enterprise and in hosted environments.
This chapter explains how Oracle components store application security credentials in Oracle Internet Directory to make their administration easy for both end users and administrators and to address a major security threat to any enterprise.
This chapter discusses password policies--that is, sets of rules that govern how passwords are used. When a user attempts to bind to the directory, the directory server uses the password policy to ensure that the password meets the requirements set in that policy.
This chapter tells you how to assess applications' directory access requirements and ensure that the Oracle Internet Directory has adequate computer resources to service requests at an acceptable rate.
This chapter gives guidelines for ensuring that the combined hardware and software are yielding the desired levels of performance.
This chapter describes the availability and failover features of various components in the Oracle Internet Directory technology stack, and provides guidelines for exploiting them optimally for typical directory deployment.
Part IV provides a detailed discussion of replication and how to manage it.
This chapter expands on the discussion about replication in Chapter 2, "Concepts and Architecture".
This chapter explains how to install and initialize Oracle directory replication server software the first time, and how to install new nodes into an environment where that software is already installed.
This chapter describes an alternate method of adding a node to a replicated directory system if the directory is very large.
Part VI discusses cluster support in Oracle Internet Directory.
This chapter explains how to increase high availability by using logical hosts--as opposed to physical hosts--in clustered environments.
This chapter discusses the ways you can run Oracle Internet Directory in an Oracle Real Application Clusters system.
This chapter describes how you can extend the capabilities of the Oracle directory server by using plug-ins developed by either Oracle Corporation or third-party vendors.
Part VII explains the concepts, architecture, and components of the Oracle Directory Integration platform, and tells you how to configure and use it to synchronize multiple directories with Oracle Internet Directory.
This chapter introduces the Oracle Directory Integration platform, its components, architecture, and administration tools.
This chapter discusses directory integration agents and the operations they perform in the Oracle Directory Integration platform. It explains how to manage partner agents by using either Oracle Directory Manager of command-line tools.
This chapter discusses the Oracle directory integration server and tells you how to configure and manage it.
This chapter discusses the most important aspects of security in the Oracle Directory Integration platform.
This chapter explains some of the initial setup tasks you may need to perform as you begin using the Oracle Directory Integration platform.
If you store employee data in Oracle Internet Directory, and if you use Oracle Human Resources to create, modify, and delete that data, then you must ensure that the data is synchronized between the two. This chapter explains the Oracle Human Resources agent, which enables you to do this.
This chapter explains how you can synchronize between Oracle Internet Directory and an iPlanet Directory Server by using the Oracle Internet Directory integration solution for the iPlanet Directory Server.
Oracle Internet Directory uses change logs to enable synchronization with supported third party metadirectory solutions. This chapter describes how change log information is generated and how supporting solutions use that information. It tells you how to enable the directory integration agents of third-party metadirectory solutions so that they can synchronize with Oracle Internet Directory.
This chapter describes the Oracle Directory Provisioning Integration Service, which enables your applications to receive provisioning information from Oracle Internet Directory.
This appendix provides syntax, usage notes, and examples for LDAP Data Interchange Format and LDAP command-line tools.
This appendix describes the format (syntax) of Access Control Information Items(ACIs).
This appendix lists schema elements supported in Oracle Internet Directory.
This appendix describes and explains how to use Oracle Wallet Manager to create and manage wallets and certificates.
This appendix tells you how to upgrade to Oracle Internet Directory Release 9.0.2 from Oracle Internet Directory release 2.1.1.
This appendix explains the steps to migrate data from LDAP v3-compatible directories into Oracle Internet Directory.
This appendix, copied with permission from the Internet Engineering Task Force (IETF), describes a directory access protocol that provides both read and update access.
This appendix lists possible failures and error codes and their probable causes.
This appendix explains how to migrate data from application-specific repositories by first creating an intermediate template file, and then running the OID Migration Tool.
For more information, see:
http://otn.oracle.com
In North America, printed documentation is available for sale in the Oracle Store at
http://oraclestore.oracle.com/
Customers in Europe, the Middle East, and Africa (EMEA) can purchase documentation from
http://www.oraclebookshop.com/
Other customers can contact their Oracle representative to purchase printed documentation.
To download free release notes, installation documentation, white papers, or other collateral, please visit the Oracle Technology Network (OTN). You must register online before using OTN; registration is free and can be done at
http://technet.oracle.com/membership/index.htm
If you already have a username and password for OTN, then you can go directly to the documentation section of the OTN Web site at
http://technet.oracle.com/docs/index.htm
For additional information, see:
http://www.iana.org
, for information about object identifiers
http://www.ietf.org
for the IETF home page
http://www.ietf.org/html.charters/ldapext-charter.html
for the ldapext charter and LDAP drafts)
http://www.ietf.org/html.charters/ldup-charter.html
for the LDUP charter and drafts
http://www.ietf.org/rfc/rfc2254.txt
, "The String Representation of LDAP Search Filters"
http://www.ietf.org/rfc/rfc1823.txt
, "The LDAP Application Program Interface"
http://www.openldap.org
This section describes the conventions used in the text and code examples of this documentation set. It describes:
We use various conventions in text to help you more quickly identify special terms. The following table describes those conventions and provides examples of their use.
Code examples illustrate SQL, PL/SQL, SQL*Plus, or other command-line statements. They are displayed in a monospace (fixed-width) font and separated from normal text as shown in this example:
SELECT username FROM dba_users WHERE username = 'MIGRATE';
The following table describes typographic conventions used in code examples and provides examples of their use.
The following table describes conventions for Windows operating systems and provides examples of their use.
Our goal is to make Oracle products, services, and supporting documentation accessible, with good usability, to the disabled community. To that end, our documentation includes features that make information available to users of assistive technology. This documentation is available in HTML format, and contains markup to facilitate access by the disabled community. Standards will continue to evolve over time, and Oracle Corporation is actively engaged with other market-leading technology vendors to address technical obstacles so that our documentation can be accessible to all of our customers. For additional information, visit the Oracle Accessibility Program Web site at http://www.oracle.com/accessibility.
JAWS, a Windows screen reader, may not always correctly read the code examples in this document. The conventions for writing code require that closing braces should appear on an otherwise empty line; however, JAWS may not always read a line of text that consists solely of a bracket or brace.
|
Copyright © 1999, 2002 Oracle Corporation. All Rights Reserved. |
|