Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
R
S
T
U
W
A
- abandoning an operation, 3-42
- access control, 2-6, 2-8
- and authorization, 2-8
- access control information (ACI), 2-9
- attributes, 2-8
- directives
- format, 2-9
- Access Control List (ACL), 2-8
- access control lists (ACLs), 2-8
- ACI. See access control information (ACI)
- ACLs. See Access Control List (ACL)
- add.log, 9-7
- administration tools
- ldapadd, 9-5
- ldapaddmt, 9-7
- ldapbind, 9-9
- ldapcompare, 9-10
- ldapdelete, 9-11
- ldapmoddn, 9-13
- ldapmodify, 9-15
- ldapmodifymt, 9-20
- anonymous authentication, 2-7
- applications, building
- with PL/SQL LDAP API, 4-2
- with the C API, 3-63
- attribute options
- searching for by using ldapsearch, 9-26
- attributes
- adding
- by using ldapadd, 9-5
- concurrently, by using ldapaddmt, 9-7
- to existing entries, 9-5
- attribute options
- searching for by using ldapsearch, 9-26
- deleting
- by using ldapmodify, 9-18
- values, by using ldapmodify, 9-18
- in LDIF files, 9-2
- types, 2-5
- values, 2-5
- replacing, by using ldapmodify, 9-18
- authentication, 2-6, 2-7
- anonymous, 2-7
- certificate-based, 2-7
- Kerberos, 9-6, 9-8, 9-12
- modes, SSL, 3-2
- one-way SSL, 2-8
- options, 2-7
- password-based, 2-7
- PKI, 2-9
- SSL, 2-7, 2-8, 3-2, 9-6, 9-8, 9-9, 9-16, 9-21
- none, 3-2
- one-way, 3-2
- two-way, 3-2
- strong, 2-7
- to a directory server
- enabling, 2-16
- enabling, by using DBMS_LDAP, 2-17
- enabling, by using the C API, 2-16
- to the directory, 3-17
- two-way SSL, 2-8
- authorization, 2-6, 2-8
- authorization ID, 2-7
B
- bulk tools, 1-2
C
- C API, 3-1
- functions
- abandon, 3-42
- abandon_ext, 3-42
- add, 3-36
- add_ext, 3-36
- add_ext_s, 3-36
- add_s, 3-36
- compare, 3-27
- compare_ext, 3-27
- compare_ext_s, 3-27
- compare_s, 3-27
- count_entries, 3-51
- count_references, 3-51
- count_values, 3-55
- count_values_len, 3-55
- delete, 3-38
- delete_ext, 3-38
- delete_ext_s, 3-38
- delete_s, 3-38
- dn2ufn, 3-57
- err2string, 3-46
- explode_dn, 3-57
- explode_rdn, 3-57
- extended_operation, 3-40
- extended_operation_s, 3-40
- first_attribute, 3-53
- first_entry, 3-51
- first_message, 3-49
- first_reference, 3-51
- get_dn, 3-57
- get_entry_controls, 3-59
- get_option, 3-10
- get_values, 3-55
- get_values_len, 3-55
- init, 3-9
- init_ssl call, 3-3
- modify, 3-30
- modify_ext, 3-30
- modify_ext_s, 3-30
- modify_s, 3-30
- msgfree, 3-43
- msgid, 3-43
- msgtype, 3-43
- next_attribute, 3-53
- next_entry, 3-51
- next_message, 3-49
- next_reference, 3-51
- open, 3-9
- parse_extended_result, 3-46
- parse_reference, 3-60
- parse_result, 3-46
- parse_sasl_bind_result, 3-46
- rename, 3-33
- rename_s, 3-33
- result, 3-43
- sasl_bind, 3-17
- sasl_bind_s, 3-17
- search, 3-21
- search_ext, 3-21
- search_ext_s, 3-21
- search_s, 3-21
- search_st, 3-21
- set_option, 3-10
- simple_bind, 3-17
- simple_bind_s, 3-17
- unbind, 3-20
- unbind_ext, 3-20
- unbind_s, 3-20
- value_free, 3-55
- value_free_len, 3-55
- reference, 3-4
- sample search tool, 3-63
- sample usage, 3-61
- summary, 3-4
- usage with SSL, 3-61
- usage without SSL, 3-62
- Catalog Management Tool
- syntax, 9-28
- catldap.sql, 4-2
- certificate authority, 2-7
- certificate-based authentication, 2-7
- certificates, 2-7
- change types, in ldapmodify input files, 9-17
- changetype
- add, 9-17
- delete, 9-18
- modify, 9-17
- modrdn, 9-18
- children of an entry, listing, 3-26
- command line tools
- ldapadd, 9-5
- ldapaddmt, 9-7
- ldapbind, 9-9
- ldapcompare, 9-10
- ldapdelete, 9-11
- ldapmoddn, 9-13
- ldapmodify, 9-15
- ldapmodifymt, 9-20
- ldapsearch, 9-22
- syntax, 9-4
- components
- Oracle Internet Directory SDK, 1-2
- controls, working with, 3-15
D
- data
- integrity, 2-7, 2-9
- privacy, 2-7, 2-9
- data-type summary, 4-8
- DBMS_LDAP
- about, 4-1
- building applications with, 4-2
- sample usage
- about, A-1
- for a search, A-10
- from a database trigger, A-2
- Java sample code, A-13
- DBMS_LDAP package, 2-11, 4-1
- searching by using, 2-18
- DBMS_LDAP_UTL
- about, 7-1
- data-types, 7-41
- function return codes, 7-39
- group-related subprograms
- about, 7-3
- function create_group_handle, 7-19
- function get_group_dn, 7-23
- function get_group_properties, 7-22
- function set_group_handle_properties, 7-20
- miscellaneous subprograms
- about, 7-4
- function check_interface_version, 7-38
- function create_mod_propertyset, 7-35
- function get_property_names, 7-30
- function get_property_values, 7-31
- function get_property_values_len, 7-33
- function normalize_dn_with_case, 7-29
- function populate_mod_propertyset, 7-36
- procedure free_handle, 7-37
- procedure free_mod_propertyset, 7-37
- procedure free_propertyset_collection, 7-34
- reference, 7-2
- subscriber-related subprograms
- about, 7-3
- function create_subscriber_handle, 7-25
- function get_subscriber_dn, 7-28
- function get_subscriber_properties, 7-26
- user-related subprograms
- about, 7-3
- function authenticate_user, 7-4
- function check_group_membership, 7-15
- function create_user_handle, 7-6
- function get_group_membership, 7-18
- function get_user_dn, 7-14
- function get_user_extended_properties, 7-12
- function get_user_properties, 7-8
- function locate_subscriber_for_user, 7-16
- function set_user_handle_properties, 7-7
- function set_user_properties, 7-10
- deleting values from attributes, 9-18
- dependencies and limitations, 3-76, 4-2
- C API, 3-76
- PL/SQL API, 4-2
- DES40 encryption, 2-9
- directives, 2-9
- directory information tree (DIT), 2-2
- distinguished names, 2-2
- components of, 2-3
- format, 2-3
- in LDIF files, 9-2
- DNs. see distinguished names.
- documentation, related, xvii
E
- encryption
- DES40, 2-9
- levels available in Oracle Internet Directory, 2-9
- options for passwords, 2-10
- passwords, 2-10
- default, 2-10
- MD4, 2-10
- MD5, 2-10
- SHA, 2-10
- UNIX crypt, 2-10
- RC4_40, 2-9
- entries
- adding
- by using ldapadd, 9-5
- by using ldapaddmt, 9-7
- concurrently, 9-7
- deleting
- by using ldapdelete, 9-11
- by using ldapmodify, 9-18
- distinguished names of, 2-2
- locating by using distinguished names, 2-3
- modifying
- by using ldapmodify, 9-15
- concurrently by using ldapmodifymt, 9-20
- naming, 2-2
- reading, 3-26
- errors
- handling and parsing results, 3-46
- examples of ldapsearch filters, 9-25
- exception summary, 4-6
F
- filters, 2-23
- IETF-compliant, 9-22
- ldapsearch, 9-25
- formats, of distinguished names, 2-3
G
- group entries, creating by using ldapmodify, 9-17
H
- header files and libraries, required, 3-63
- history of LDAP, 2-2
I
- integrity, data, 2-9
- interface calls, SSL, 3-3
J
- Java, 1-2
- Java API reference
- about, 6-1
- class descriptions, 6-2
- group class, 6-4
- Property class, 6-4
- PropertySet class, 6-4
- PropertySetCollection class, 6-4
- subscriber class, 6-3
- user class, 6-2
- classes, 6-6
- exceptions, 6-69
- JNDI, 1-2
- jpeg images, adding with ldapadd, 9-7
K
- Kerberos authentication, 9-6, 9-8, 9-12
L
- LDAP
- data interchange format (LDIF), 9-2
- syntax, 9-2
- functional model, 2-6
- history, 2-2
- information model, 2-4
- messages, obtaining results and peeking inside, 3-43
- naming model, 2-2
- operations, performing, 3-21
- search filters, IETF-compliant, 9-22
- security model, 2-6
- session handle options, 3-10
- in the C API, 2-16
- sessions
- initializing, 2-14, 3-9
- version 2 C API, 3-2
- ldapadd, 9-5
- adding entries, 9-5
- adding jpeg images, 9-7
- syntax, 9-5
- ldapaddmt, 9-7
- adding entries concurrently, 9-7
- log, 9-7
- syntax, 9-7
- ldapbind, 9-9
- syntax, 9-9
- ldap-bind operation, 2-7
- ldapcompare, 9-10
- syntax, 9-10
- ldapdelete, 9-11
- deleting entries, 9-11
- syntax, 9-11
- ldapmoddn, 9-13
- syntax, 9-13
- ldapmodify, 9-15
- adding values to multivalued attributes, 9-17
- change types, 9-17
- creating group entries, 9-17
- deleting entries, 9-18
- LDIF files in, 9-5, 9-7, 9-15, 9-20
- replacing attribute values, 9-18
- syntax, 9-15
- ldapmodifymt, 9-20
- by using, 9-20
- multithreaded processing, 9-21
- syntax, 9-20
- ldapsearch, 3-63
- filters, 9-25
- syntax, 9-22
- LDIF
- by using, 9-2
- files, in ldapmodify commands, 9-5, 9-7, 9-15, 9-20
- formatting notes, 9-3
- formatting rules, 9-3
- syntax, 9-2
M
- MD4, for password encryption, 2-10
- MD5, for password encryption, 2-10
- multiple threads, 9-21
- in ldapaddmt, 9-7
- increasing the number of, 9-7
- multithreaded command line tools
- ldapaddmt, 9-7
- ldapmodifymt, 9-21
- multivalued attributes, adding values to, 9-17
N
- naming entries, 2-2
O
- object classes
- adding concurrently by using ldapaddmt, 9-7
- in LDIF files, 9-2
- objects, removing, 9-11, 9-15
- one-way SSL authentication, 2-8, 3-2
- OpenLDAP Community, xviii
- operating systems supported by Oracle Internet Directory, 1-3
- operational attributes
- ACI, 2-8
- Oracle Directory Manager, 1-2
- listing attribute types, 9-3
- Oracle directory replication server, 1-2
- Oracle directory server, 1-2
- Oracle Extensions
- LDAP access model, 5-2
- Oracle extensions
- about, 5-1
- API enhancements
- assumptions, 5-6
- functional categorization, 5-7
- overview and usage model, 5-6
- usage model, 5-8
- application
- deinstallation logic, 5-4
- installation logic, 5-3
- runtime logic, 5-3
- shutdown logic, 5-4
- startup and bootstrap logic, 5-3
- entities modeled in LDAP
- about, 5-4
- groups, 5-5
- subscribers, 5-5
- users, 5-4
- programming abstractions
- for Java language, 5-10
- for PL/SQL language, 5-9
- user management functionality, 5-10, 5-11
- Oracle extensions to support SSL, 3-2
- Oracle instances, Glossary-22
- Oracle Internet Directory, components, 1-2
- Oracle SSL call interface, 3-2, 4-2
- Oracle SSL extensions, 3-2
- Oracle SSL-related libraries, 3-77
- Oracle system libraries, 3-77
- Oracle wallet, 3-3
- Oracle Wallet Manager, 3-3
- required for creating wallets, 3-76
- Oracle wallet parameter
- modifying, 9-6, 9-8, 9-9, 9-11, 9-13, 9-14, 9-16, 9-21, 9-23
- Oracle wallets, changing location of, 9-6, 9-8, 9-9, 9-11, 9-13, 9-14, 9-16, 9-21, 9-23
- overview of LDAP models, 2-2
P
- password-based authentication, 2-7
- passwords
- encryption, 2-7, 2-10
- default, 2-10
- MD4, 2-10
- MD5, 2-10
- SHA, 2-10
- UNIX crypt, 2-10
- encryption options, 2-10
- policies, 2-10
- performance
- increasing, by using multiple threads, 9-7
- permissions, 2-6, 2-8
- PKI authentication, 2-9
- PL/SQL API, 4-1, 4-2
- contains subset of C API, 2-11
- data-type summary, 4-8
- dependencies and limitations, 4-2
- exception summary, 4-6
- functions
- add_s, 4-54
- ber_free, 4-67
- bind_s, 4-13
- compare_s, 4-17
- count_entries, 4-29
- count_values, 4-57
- count_values_len, 4-58
- create_mod_array, 4-46
- dbms_ldap.init, 4-10
- delete_s, 4-41
- err2string, 4-45
- explode_dn, 4-61
- first_attribute, 4-31
- first_entry, 4-25
- get_dn, 4-35
- get_values, 4-37
- get_values_len, 4-39
- init, 4-9
- modify_s, 4-52
- modrdn2_s, 4-43
- msgfree, 4-65
- next_attribute, 4-33
- next_entry, 4-27
- open_ssl, 4-63, 4-65, 4-67
- rename_s, 4-59
- search_s, 4-19
- search_st, 4-22
- simple_bind_s, 4-11
- unbind_s, 4-15
- loading into database, 4-2
- procedures
- free_mod_array, 4-56
- populate_mod_array (binary version), 4-50
- populate_mod_array (string version), 4-48
- reference, 4-3
- subprograms, 4-9
- summary, 4-3
- using for a search, A-10
- using from a database trigger, A-2
- privacy, data, 2-7, 2-9
- privileges, 2-6, 2-8
- procedures, PL/SQL
- free_mod_array, 4-56
- populate_mod_array (binary version), 4-50
- populate_mod_array (string version), 4-48
- provisioning tool
- syntax, 9-29
- public key
- infrastructure, 2-9
R
- RC4_40 encryption, 2-9
- RDNs. see relative distinguished names (RDNs)
- related documentation, xvii
- relative distinguished names (RDNs), 2-3
- modifying by using ldapmodify, 9-18
- results, stepping through a list of, 3-49
- RFC 1823, 3-77
- rules, LDIF, 9-3
S
- sample C API usage, 3-61
- sample PL/SQL usage, 4-2
- sample search tool, building with C API, 3-63
- SDK components, 1-2
- search
- filters
- IETF-compliant, 9-22
- ldapsearch, 9-25
- results
- parsing, 3-50
- scope, 2-22
- search-related operations, flow of, 2-19
- security, within Oracle Internet Directory environment, 2-7
- sessions
- closing, 3-20
- enabling termination by using DBMS_LDAP, 2-24
- initializing
- by using DBMS_LDAP, 2-15
- by using the C API, 2-14
- session-specific user identity, 2-7
- SHA (Secure Hash Algorithm), for password encryption, 2-10
- simple authentication, 2-7
- Smith, Mark, xviii
- SQL*Plus, 4-2
- SSL
- authentication modes, 3-2
- default port, 2-8
- enabling, 9-6, 9-8, 9-9, 9-16, 9-21
- handshake, 3-3
- interface calls, 3-3
- modifying orclsslwalleturl parameter, 9-6, 9-8, 9-9, 9-11, 9-13, 9-14, 9-16, 9-21, 9-23
- no authentication, 2-8
- one-way authentication, 2-8
- Oracle extensions, 3-2
- provide encryption and decryption, 3-2
- strong authentication, 2-9
- two-way authentication, 2-8
- wallets, 3-3
- changing location of, 9-6, 9-8, 9-9, 9-11, 9-13, 9-14, 9-16, 9-21, 9-23
- strong authentication, 2-7
- syntax
- Catalog Management Tool, 9-28
- command line tools, 9-4
- ldapadd, 9-5
- ldapaddmt, 9-7
- ldapbind, 9-9
- ldapcompare, 9-10
- ldapdelete, 9-11
- ldapmoddn, 9-13
- ldapmodify, 9-15
- ldapmodifymt, 9-20
- ldapsearch, 9-22
- LDIF, 9-2
- LDIF and command-line tools, A-1
- provisioning tool, 9-29
T
- TCP/IP socket library, 3-76
- two-way authentication, SSL, 3-2
- types of attributes, 2-5
U
- UNIX crypt, for password encryption, 2-10
W
- wallets
- changing location of, 9-6, 9-8, 9-9, 9-11, 9-13, 9-14, 9-16, 9-21, 9-23
- SSL, 3-3
- support, 3-3