Ldap BIND trough virtual directory.

Hello,
I'm guessing if I could use DS6 virtual directory proxy to enable the "Access Manager Ldap Authentication Module" to authenticate users both on a DS and on AD backends.
In my scenario some users are registered on DS backend while other users are registered on AD.
AD and DS root-suffix are different and also accounId (uid and samaccountname) are different.
So every account/password can be found in just only one backend repository.
Could I use DPS to let Access Manager (Ldap Auth Module) to authenticate all users referring always and only to DPS?
(I know AM has chaining authentication but it pops the login form for each backend repository).
Many thanks in advance.

Is there a way (a regular expression maybe?) to tell where the user is stored from the dn ?
if yes, you could use the distribution feature in DPS.
if not, then you may be out of luck.
Are both back-ends active (i.e. being updated ?) or is one of them pretty much static ?
One restriction with the DPS join feature is that entries are only visible at the join level if they exist at least one the pimary source. So in your case it may or may not work.
Another solution (yes, what's nice about virtualization is that there are a number of ways to do things) would be to have two separate views, one pointing your DS and the other pointing to your AD. You would then use dn and attibute transformations to rewrite the data from both backends in a consistent way. The issue would then be to handle the case where you have a user with the same (rewritten) dn on both backends.
hth
-=arnaud=-

Similar Messages

Setting adapter Ldap in Oracle Virtual Directory

I'm setting up a new adapter in Oracle Virtual Directory for a OpenLDAP, something curious happens does not enable me finish the button, another detail is when I click on SSL I get the following message:
could not load certificate chain: java.lang.exception: Could not retrieve certificate

After inspecting the OVD's RootDSE, I noticed that it does not support LDAPv3 controls. There is no supportedControl attribute present in RootDSE even if the Persistent Search Control flag is enabled from OVM.
Is there any way to point to the backend SunOne server's RootDSE through OVD so the SunOne's persistent search control could be used?
Thanks,
Smita Raut

Problem while creating an OU from LDAP client, in Oracle Virtual Directory

Hi,
1. I have created a Custom Adapter with root (i.e. dc=mycompany,dc=co,dc=in)
2. Trying to create an "OU" under these above root (i.e. ou=test,dc=mycompany,dc=co,dc=in) using the LDAP client.
I have given following inputs for the second step:
Dn: ou=test,dc=mycompany,dc=co,dc=in
ou=test
objectClass: top
objectClass: organizationalunit
When I try to perform second step with above inputs its gives following error
"LDAP Error 32 : No Such Object"
Same inputs is valid for SunONE directory server.
Is the above approach is valid for Oracle Virtual Directory?
Does any one faced same problem before?
Regards,
Hardew

You're going to have to install the Oracle client on the Win2000 box before doing anything else. Once you've done that, simply add a TNS name that points to the database on the Solaris box (the Net8 Configuration Assistant) can walk you through this. Finally, you'll go to the ODBC Data Source Administrator and create a new DSN.
Note that if you install the latest ODBC driver, the 'service name' text box that you have to fill in when you actually create the DSN has been replaced with a combo box, which should make the process a little easier.
Justin

Oracle Virtual Directory - Local Store Adapter Creation

Hi All,
I had an Oracle Virtual Directory Server integrated with three different Active Directory Server.
Active Directory1: ou=group1,dc=company,dc=com
Active Directory2: ou=group2,dc=company,dc=com
Active Directory3: ou=group3,dc=company,dc=com
I had created three different LDAP Adapter for three Active Directory servers.
LDAP Adapter_AD1 : ou=group1,dc=company,dc=com
LDAP Adapter_AD2 : ou=group2,dc=company,dc=com
LDAP Adapter_AD3 : ou=group3,dc=company,dc=com
Now i had created a Local Store Adapter for all the three Adapters. During creation it is fine. Doesn't throwed any exception. But when i see the data from the Browser window, I was not able to navigate and check the data.
Even Oracle Access Manager is not able to bind with user credentials.
Solution needed very urgently. Please help
Thanks in Advance,
Sandeep D

Hi Saggu,
You are absolutely right. It's working fine now. I need to know one more like performance.
If i have three adapters in the adapter configuration, and 21 adapters in the adapter configuration.
Which kind of configuration will help to improve the performance?
Two Scenarios:
1. Three Adapters
2. 21 Adapters.
Explanation:
1. Adapters are mapped at Root DN level.
Example: dc=company,dc=groups,dc=com
2. Adapters are mapped to interior level.
Example: ou=Firstgroup,o=initialemp,dc=company,dc=group,dc=com
Based on the above two scenarios which mapping is the best regarding the performance level.
Can you please suggest me on this performance issue.
Thanks in Advance,
Sandeep D

OVD Custom LDAP Bind Plugin

I need to build a java plug-in for ovd in order to implement a custom ldap bind operation. In my case I am using ovd database adapter to expose a legacy hr application as a ldap directory but the legacy hr application uses the php crypto() function to store a DES hash based version of the end user password into a database table. Any help is more than appreciated.

i was abe to implement the custom bind plug-in using the following documentation
http://www.oracle.com/technetwork/middleware/id-mgmt/virtual-directory-custom-plugins-wp-188785.pdf
http://docs.oracle.com/cd/E21764_01/oid.1111/e10046/adv_cust.htm#CEGJCFGE
Custom Plug-in Code
package br.gov.funasa.siarh.vde;
import com.asn1c.core.Bool;
import com.octetstring.vde.Credentials;
import com.octetstring.vde.chain.Chain;
import com.octetstring.vde.chain.ChainException;
import com.octetstring.vde.syntax.BinarySyntax;
import com.octetstring.vde.syntax.DirectoryString;
import com.octetstring.vde.util.DirectoryException;
public class CustomBindPlugin extends com.octetstring.vde.chain.BasePlugin {
public CustomBindPlugin() {
super();
public void bind(Chain chain, Credentials creds, DirectoryString dn,
BinarySyntax password, Bool result) throws DirectoryException,
ChainException {
//TO DO: Add equivalent code to check the password using the legacy hr application custom hash algorithm
result.setValue(true);
vde-properties.txt file that must be appended in MANIFEST.MF Jar file
vde-package-classname: br.gov.funasa.siarh.vde.CustomBindPlugin
vde-package-type: 0
vde-package-version: 1
vde-package-description: Custom bind for Siarh tha uses DES to check the user password
vde-package-name: SiarhCustomBindPlugin
vde-package-ops-add: false
vde-package-ops-delete: false
vde-package-ops-bind: true
vde-package-ops-modify: false
vde-package-ops-rename: false
vde-package-ops-get: false

Problem register Oracle Virtual Directory to WebLogic - urgent ... pls help

Hi,
I'm a new to Oracle product and would like to install and run Oracle Virtual Directory for the following purpose:
Using LDAP client that connects to OVD and to issue ldapsearch command line based on the attrbiutes and filters of each one of the two Directories behind the OVD..
|-- Tivoli LDAP directory
LDAP client -> OVD ---|
|-- MS AD
I have downloaded the identity management package 11g and install only the OVD on Windows 2003 standard machine.
I then realized that I have to install the WebLogic package to have WEB UI to the OVD admin.
So I downloaded the WebLogic 10.3.1.0 package and install it.
I followed the installation instructions of
'Installing and Configuring Only Oracle Virtual Directory Without a WebLogic Administration Domain' at http://download.oracle.com/docs/cd/E12839_01/install.1111/e12002/ovd.htm#CIHFFAFH
and complete the installation.
Notice that the OVD and the WeblOgic SW are installed on the same Windows machine.
After that I had to register Oracle Virtual Directory with the WebLogic Administration Server.
Running the command-line I got the following error:
Deploying NonJ2EEManagement Application...Done
Command failed: Exception while registering the instance
Details are logged in C:\....\provision.log
opmnctl registerintance: failed
The provision.log file has the following exception call stack:
Aug 18, 2009 4:08:05 PM oracle.as.config.provisioner.InstallerCmdLine logInitialCommand
INFO: Start of command: [registerinstance, -adminHost, 127.0.0.1, -adminPort, 7001, -adminUsername, weblogic, -oracleHome, C:\oracle\product\11.1.1\OracleIDM_1, -oracleInstance, C:\as_admin\asinst_1]
Aug 18, 2009 4:08:14 PM oracle.as.config.provisioner.InstallerCmdLine handleRunFailure
SEVERE: Command failed:
oracle.as.config.ProvisionException: Exception while registering the instance
     at oracle.as.config.impl.OracleASInstanceImpl.register(OracleASInstanceImpl.java:239)
     at oracle.as.config.provisioner.commands.RegisterInstanceCommand.execute(RegisterInstanceCommand.java:11)
     at oracle.as.config.provisioner.InstallerCmdLine.run(InstallerCmdLine.java:86)
     at oracle.as.config.provisioner.InstallerCmdLine.main(InstallerCmdLine.java:44)
Caused by: oracle.as.config.ProvisionException: Unable to validate NonJ2EEManagement Application deployment on admin server.
     at oracle.as.config.impl.RuntimeServiceConnection.validateNonj2eeApplication(RuntimeServiceConnection.java:595)
     at oracle.as.config.impl.OracleASInstanceImpl.register(OracleASInstanceImpl.java:219)
     ... 3 more
Caused by: oracle.as.config.ProvisionException: The AdminServer is not enabled for NonJ2ee applications.
     at oracle.as.config.impl.RuntimeServiceConnection.isValidJrfInstall(RuntimeServiceConnection.java:547)
     at oracle.as.config.impl.RuntimeServiceConnection.deployNonj2eeApplication(RuntimeServiceConnection.java:201)
     at oracle.as.config.impl.RuntimeServiceConnection.validateNonj2eeApplication(RuntimeServiceConnection.java:587)
     ... 4 more
Any thoughts ?

Hi,
I am also facing the same problem. I have oracle internet directory 11.1.1 installed without domain. I then installed weblogic 32bit exe on same windows server.
while registering getting the same error. I think it is because of bit compatibility. OID is 64bit and weblogic is 32bit. Not sure.
thanks

CA / NDES Virtual Directory Structure Missing in IIS 7 unable to implement SSL for ADMIN sites

We've recently finiallized both an Enterprice 2008 R2 CA and NDES service installtion configuration. All services are running, to include web enrollment for both. CA sits on a DC, as required, and the NDES roll sits on a standalone machine.
All service generated certificates / templates are in place and or issued including SSL certificates for service web front ends.
I'm trying to take the next step in hardening both of the web front ends by requiring SSL web validation and client SSL authentication.
Problem: When examining the site structures, CA and NDES, within the IIS7 configuration manager the following inconsistancies are present:
     Enterprise CA:
               o No virtual directory is configured or listed under the Certsrv or Enrollment sub-sites, however as previously stated all servies are up and operational.
    2.        NDES:
               o IIS7 configuration manager doesn't list any Certsrv sub-site, but once again all services are up and runniing. I can process SCEP requests via the web.
                   The following 2 items are listed under the default site on the NDES service machine: Rpc and RpcWithCert
                   In past experience I would expect those items to be associated with Exchange, but since NDES is new to me they may be standard.
Not to state the obvious but all Sys32 files and folders are correct as both services are running properly. Can anyone tell me if I've missed some critical article on AD CS or IIS7 that tells me why these 2 conditions are present.
Since the Certsrv sub-site exists on the CA I would assume a normal SSL bind will work, but with critical items missing from within IIS7 (at least from my view) i don't want to compound the problem.. Since there is no Certsrv
structure on the NDES machines I'm not sure what the best way to proceed is. Any help would be greatly appreicated.
V/R BE

CA / NDES all function properly. I'm still reseaching proper IIS 7 SSL implementation, when the virtual directory and sub-site structer is either missing or imcomplete when viewed from within the IIS7 manager.
These services where put into production without a thurough configuration check prior to implementation, so I don't have a test environment setup at the moment to just start playing. I'm thinking this weekend I'm going to have to VSS the current
machines and throw them on the Dev network and see how badly I can break them.
V/R BE

Oracle Virtual Directory vs. Oracle External Authentication Plug-in

I am working in Windows 2003 Server platform and I have Oracle Portal 10g R2 with Oracle Single Sign On 10g R2 setup. I also have Microsoft Active Directory setup. I want to use Microsoft Active Directory users from Oracle Portal and as per my understanding I could use Oracle External Authentication Plug-in or Oracle Virtual Directory for this purpose. I would like to use Oracle Virtual Directory if possible. Could someone please tell me if I could use Oracle Virtual Directory or not?
Thanks.

Yeah, I could use Oracle External Authentication Plug-in, but I am having issues with running the oidspadi.sh script on my Windows 2003 server environment. I am running this script using Cygwin's latest software, but for some reason I get the following error message.
: command not found8:
: command not found8:
: command not found3:
: command not found7:
: command not found1:
: command not found8:
: command not found9:
: command not found0: clear
OID Active Directory Plug-in Configuration
Please make sure Database and OID are up and running.
: command not found7:
: command not found0:
oidspadi.sh: line 103: syntax error near unexpected token 'fi'
'idspadi.sh: line 103:' fi
Therefore, I was trying to find an alternative solution, which will be using Virtual Directory. Right now, I have installed Oracle Virtual Directory on my testing system and I have both Active Directory server and OID server part of LDAP Browser. My goal is to using Oracle Portal to log-in and first look for the user in OID if not found then look in Active Directory. Can this be accomplished using Oracle Virtual Directory?
Please let me know.

Error while accessing Oracle Virtual Directory 11g client view.

Hi everyone,
I'm a beginner in Oracle IDAM suite 11g.
I'm facing an issue while configuring LDAP adapter in Oracle Virtual Directory.
LDAP adapter is configured for ODSEE instances. Currently I've configured two instances.
For these adapters, the entries from ODSEE instances are getting populated under Adapter browser but under Client View while expanding the root we're getting the following error:
LDAPException: malformedRequest (2) Protocol Error LDAPException: Server Message: Protocol Error
In the diagnostic.log file I'm getting the following error:
[2012-02-28T11:38:55.255+05:30] [octetstring] [ERROR] [OVD-60335] [com.octetstring.vde.dsmlv2.ImportExportVDE] [tid: 20] [ecid: 0000JMcs_zPEWNppSO1Fic1FHBss000083,0] Failure in getting LDAP 1.[[
com.octetstring.vde.util.DirectoryException: LDAP Error 2 : localhost:1489
     at com.octetstring.vde.backend.jndi.BackendJNDI.getInternalConnection(BackendJNDI.java:1023)
     at com.octetstring.vde.backend.jndi.BackendJNDI.getConnection(BackendJNDI.java:920)
     at com.octetstring.vde.backend.jndi.ConnectionHandle.getHolder(ConnectionHandle.java:382)
     at com.octetstring.vde.backend.jndi.ConnectionHandle.search(ConnectionHandle.java:233)
     at com.octetstring.vde.backend.jndi.JNDIEntrySet.initialize(JNDIEntrySet.java:203)
     at com.octetstring.vde.backend.jndi.BackendJNDI.get(BackendJNDI.java:723)
     at com.octetstring.vde.chain.Chain.nextGet(Chain.java:297)
     at com.octetstring.vde.chain.plugins.performance.MonitorPerformance.monitorSearch(MonitorPerformance.java:506)
     at com.octetstring.vde.chain.plugins.performance.MonitorPerformance.get(MonitorPerformance.java:444)
     at com.octetstring.vde.chain.Chain.nextGet(Chain.java:308)
     at com.octetstring.vde.chain.PluginChain.runGet(PluginChain.java:234)
     at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:489)
     at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:427)
     at com.octetstring.vde.backend.AdapterServiceInterface.getByAdapter(AdapterServiceInterface.java:649)
     at com.octetstring.vde.backend.AdapterServiceInterface.get(AdapterServiceInterface.java:514)
     at com.octetstring.vde.backend.BackendHandler.get(BackendHandler.java:592)
     at com.octetstring.vde.chain.Chain.nextGet(Chain.java:289)
     at com.octetstring.vde.chain.plugins.performance.MonitorPerformance.monitorSearch(MonitorPerformance.java:506)
     at com.octetstring.vde.chain.plugins.performance.MonitorPerformance.get(MonitorPerformance.java:450)
     at com.octetstring.vde.chain.Chain.nextGet(Chain.java:308)
     at com.octetstring.vde.chain.plugins.AclCheckerPlugin.get(AclCheckerPlugin.java:398)
     at com.octetstring.vde.chain.Chain.nextGet(Chain.java:308)
     at com.octetstring.vde.chain.PluginChain.runGet(PluginChain.java:234)
     at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:489)
     at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:427)
     at com.octetstring.vde.chain.GlobalServicesInterface.runGet(GlobalServicesInterface.java:207)
     at com.octetstring.vde.dsmlv2.ImportExportVDE.doGet(ImportExportVDE.java:428)
     at com.octetstring.vde.dsmlv2.ImportExportVDE.process(ImportExportVDE.java:171)
     at com.octetstring.vde.dsmlv2.DsmlService.doPost(DsmlService.java:186)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:358)
     at org.mortbay.jetty.servlet.WebApplicationHandler$Chain.doFilter(WebApplicationHandler.java:342)
     at com.octetstring.vde.admin.AuthFilter.doFilter(AuthFilter.java:259)
     at org.mortbay.jetty.servlet.WebApplicationHandler$Chain.doFilter(WebApplicationHandler.java:334)
     at com.octetstring.webgateway.filters.DOSFilter.doFilter(DOSFilter.java:67)
     at org.mortbay.jetty.servlet.WebApplicationHandler$Chain.doFilter(WebApplicationHandler.java:334)
     at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:286)
     at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:567)
     at org.mortbay.http.HttpContext.handle(HttpContext.java:1807)
     at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:526)
     at org.mortbay.http.HttpContext.handle(HttpContext.java:1757)
     at org.mortbay.http.HttpServer.service(HttpServer.java:879)
     at org.mortbay.http.HttpConnection.service(HttpConnection.java:789)
     at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:960)
     at org.mortbay.http.HttpConnection.handle(HttpConnection.java:806)
     at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:218)
     at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:331)
     at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:520)
Caused by: javax.naming.CommunicationException: localhost:1489 [Root exception is java.lang.NullPointerException]
     at com.sun.jndi.ldap.Connection.<init>(Connection.java:207)
     at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
     at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1580)
     at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2652)
     at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
     at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
     at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
     at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
     at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
     at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
     at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
     at javax.naming.InitialContext.init(InitialContext.java:223)
     at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
     at com.octetstring.vde.backend.jndi.JNDIConnectionPool.createCtx(JNDIConnectionPool.java:422)
     at com.octetstring.vde.backend.jndi.JNDIConnectionPool.create(JNDIConnectionPool.java:453)
     at com.octetstring.vde.backend.jndi.JNDIConnectionPool.getLdapContext(JNDIConnectionPool.java:276)
     at com.octetstring.vde.backend.jndi.JNDIConnectionPool.checkOutContext(JNDIConnectionPool.java:167)
     at com.octetstring.vde.backend.jndi.BackendJNDI.getInternalConnection(BackendJNDI.java:1009)
     ... 48 more
Caused by: java.lang.NullPointerException
     at com.octetstring.vde.backend.jndi.OvdJndiWorkerCoordinator.register(OvdJndiWorkerCoordinator.java:100)
     at com.octetstring.vde.backend.jndi.OvdJndiSocket.getInputStream(OvdJndiSocket.java:95)
     at com.sun.jndi.ldap.Connection.<init>(Connection.java:190)
     ... 65 more
Kindly help me resolving this issue.

Did you ever fixed or resolved the issue ? If yes, could you please share the reason for issue ?
Getting following errors in OVD logs :-
[ERROR] [OVD-60335] [com.octetstring.vde.dsmlv2.ImportExportVDE] [tid: 25] [ecid: 0000J_Gc3Qu0ZrqawLicMG1G6Pz^00000J,0] Failure in getting LDAP 1.[[
com.octetstring.vde.util.DirectoryException: LDAP Error 32 : No Such Object
[OVD-40066] [com.octetstring.vde.backend.jndi.ConnectionHandle] [tid: 25] [ecid: 0000J_Gc3Qu0ZrqawLicMG1G6Pz^00000J,0] Remote Server Failure:l120814vaps2013:21389.[[
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'ou=int,ou=people,dc=domain,dc=com',dc=com'

Virtual Directory and CoreID

Can anyone tell me how Virtual Directory and CoreID play together? I heard that Virtual Directory was read-only. If that's the case, it doesn't seem like CoreID Identity can connect directly, cause it needs to be able to update. I currently have CoreID using ADAM as datastore. If I want to integrate other LDAP instances in the picture using Virtual Directory, what would be the scheme?
Thanks,
mike

Hi Mike,
I haven't tired it, but I have defenitely heard about it.
This is a quote from the Oracle Website - " Oracle COREid also supports multi-directory and relational database integration via Oracle Virtual Directory.".
Also, a similar scenario is discussed here ( Slide 8 ) :-
http://conference.digitalidworld.com/2005/attendees/slides/Grand_0510_1600d.pdf
It would be good if Oracle publishes ( has published ? ) a WhitePaper about this....
Regards,
Sandeep

Problem removing LDAP binding

Hello,
When we set up our 10.6 server we did not know about the message it broadcasts offering to give "services" to clients, ie bind them to LDAP. Last fall several of our boarding students chose this option on their personal macs and they got our school login window and got restricted access to their computer. I showed them how to option-login and deselect management and remember the choice. I then went to the login options and unjoined them from the server.
On at least one machine, this has not reverted the machine to the usual, unmanaged login box. I have trashed all mcx preferences to no avail. How can I remove all traces of the LDAP binding from this machine?
Thank you,
Kevin Kopchynski

OK, I think I have gotten this done.
The student actually used their full name on their computer account, which of course we also have on our Open Directory setup. I changed this on his computer so that there will be no conflict.
I have also determined that the network information such as the green light will show up on a computer that has never been bound to LDAP.
But it will NOT, as this student's had been, offer the local admin to bypass management or even respond to the option key at login.
After changing the account I ran through all of the deletions mentioned by Antonio, still got the option to bypass management, but I hit "remember" and refresh preferences. That seemed to be the finishing touch. The machine no longer responds to the option key at login.
By the time I did this mcxquery showed "no information available"
Thanks again for the help.
Kevin Kopchynski

LDAP Bind Failure

Hi All,
We are facing the issue "LDAP bind failure:Cant contact LDAP server".
We are facing for now and then....Can you guys tell me the corrective action to correct this?
Our LDAP server is Novel e-directory.
RMD

Try referring http://rnm1978.wordpress.com/2010/12/02/troubleshooting-obiee-ldap-adsi-authentication/
Hope it helps

Issue in ldap-sync with active directory - OIM11gR2

Hi Expert,
I have enabled the ldap-sync with Active Directory in OIM11gR2. I followed the below document to enable the ldap-sync.
Enabling LDAP Synchronization in Oracle Identity Manager - 11g Release 2 (11.1.2)
For testing if ldap sync is working on not . I run the LDAPSync Post Enable Provision Users to LDAP schedule job. While running the job i encounter below exception in log. Please provide me some pointer to solve my issue. How we can sure ldap sync is configure properly? Please provide me some steps to test it out?
<Jul 31, 2013 9:51:25 AM PDT> <Warning> <JMS> <BEA-040442> <While attempting to bind JNDI name jms/b2b/B2BEventQueue for destination SOAJMSModule!dist_B2BEventQueue_auto_1_auto in module null a JNDI name conflict was found. This destination has not been bound into JNDI.>
<Jul 31, 2013 9:51:25 AM PDT> <Error> <oracle.iam.platform.entitymgr.provider.ldap> <BEA-000000> <An error occurred while searching the entity in LDAP, and the corresponding error is - {0}
javax.naming.NameNotFoundException: Error: NO_SUCH_OBJECT
LDAP Error 32 : No Such Object [Root exception is oracle.ods.virtualization.service.VirtualizationException: oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 32 : No Such Object]
at oracle.ods.virtualization.jndi.OVDUtil.mapErrorCode(OVDUtil.java:151)
at oracle.ods.virtualization.jndi.OVDContext.search(OVDContext.java:439)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:257)
at oracle.iam.platform.entitymgr.provider.ldap.LDAPUtil.search(LDAPUtil.java:1073)
at oracle.iam.platform.entitymgr.provider.ldap.LDAPDataProvider.search(LDAPDataProvider.java:1218)
at oracle.iam.ldapsync.impl.util.CommonNamePolicyUtil.isUserExists(CommonNamePolicyUtil.java:84)
at oracle.iam.ldapsync.impl.util.CommonNameGenerationUtil.isCommonNameExistingOrReserved(CommonNameGenerationUtil.java:192)
at oracle.iam.ldapsync.impl.plugins.FirstNameLastNamePolicy.getCommonNameFromPolicy(FirstNameLastNamePolicy.java:157)
at oracle.iam.ldapsync.impl.util.CommonNameGenerationUtil.generateCommonName(CommonNameGenerationUtil.java:116)
at oracle.iam.ldapsync.impl.util.CommonNameGenerationUtil.generateCommonName(CommonNameGenerationUtil.java:82)
at oracle.iam.oimtoldap.impl.SeedOIMDataInLDAPImpl.createUserInLDAP(SeedOIMDataInLDAPImpl.java:182)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:25)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy710.createUserInLDAP(Unknown Source)
at oracle.iam.oimtoldap.api.SeedOIMDataInLDAPEJB.createUserInLDAPx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy709.createUserInLDAPx(Unknown Source)
at oracle.iam.oimtoldap.api.SeedOIMDataInLDAP_8d8qil_SeedOIMDataInLDAPRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
at oracle.iam.oimtoldap.api.SeedOIMDataInLDAP_8d8qil_SeedOIMDataInLDAPRemoteImpl.createUserInLDAPx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
at $Proxy163.createUserInLDAPx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:198)
at $Proxy707.createUserInLDAPx(Unknown Source)
at oracle.iam.oimtoldap.api.SeedOIMDataInLDAPDelegate.createUserInLDAP(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:25)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy708.createUserInLDAP(Unknown Source)
at oracle.iam.oimtoldap.scheduletasks.user.SeedOIMUsersInLDAP.execute(SeedOIMUsersInLDAP.java:59)
at oracle.iam.scheduler.vo.TaskSupport$1.processWithoutResult(TaskSupport.java:135)
at oracle.iam.platform.tx.OIMTransactionCallbackWithoutResult.process(OIMTransactionCallbackWithoutResult.java:9)
at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:13)
at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:6)
at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:128)
at oracle.iam.platform.tx.OIMTransactionManager.execute(OIMTransactionManager.java:22)
at oracle.iam.scheduler.vo.TaskSupport.executeJob(TaskSupport.java:116)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.iam.scheduler.impl.quartz.QuartzJob$TaskExecutionAction.run(QuartzJob.java:266)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.security.Security.runAs(Security.java:41)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
at oracle.iam.scheduler.impl.quartz.QuartzJob.execute(QuartzJob.java:75)
at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:529)
Caused By: oracle.ods.virtualization.service.VirtualizationException: oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 32 : No Such Object
at oracle.ods.virtualization.operation.SearchOperation.process(SearchOperation.java:209)
at oracle.ods.virtualization.operation.SearchOperation.process(SearchOperation.java:47)

I have checked the OIM vs AD attribute mapping. now I am getting below error. I have also attached the LDAPUsers.xml file . I don't know what went wrong .. How to test ldap-sync is configure properly? I created the user in OIM but in AD user is not getting created. I am not able to see any thing log file liek (dignostic and nohup log) .. Any idea where I can see the log to identify the issue??
g 1, 2013 8:15:15 AM PDT> <Warning> <JMS> <BEA-040442> <While attempting to bind JNDI name jms/b2b/B2BEventQueue for destination SOAJMSModule!dist_B2BEventQueue_auto_1_auto in module null a JNDI name conflict was found. This destination has not been bound into JNDI.>
<Aug 1, 2013 8:15:15 AM PDT> <Warning> <oracle.ods.virtualization.engine.backend.jndi.LDAP1.ConnectionHandle> <OVD-40082> <Could not modify entry.
javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0
<?xml version='1.0' encoding='UTF-8'?>
<tns:entity-definition xmlns:tns="http://www.oracle.com/schema/oim/entity" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.oracle.com/schema/oim/entity ../entity.xsd ">
<entity-type child-entity="false">LDAPUser</entity-type>
<provider-instance>
<repository-instance>Directory Server</repository-instance>
<provider-type>LDAPDataProvider</provider-type>
<parameters>
<parameter name="base">
<value>dc=cgtest,dc=adtest,dc=com</value>
</parameter>
<parameter name="rdnattribute">
<value>cn</value>
</parameter>
<parameter name="objectclass">
<value>orclIDXPerson</value>
</parameter>
<parameter name="idattribute">
<value>objectGUID</value>
</parameter>
<parameter name="entityIdentifierObjectclass">
<value>inetorgperson</value>
</parameter>
<parameter name="excludeObjectclass">
<value>orclappiduser</value>
</parameter>
</parameters>
</provider-instance>
<container-capability>
<enabled>false</enabled>
</container-capability>
<entity-attributes>
<attribute name="User Login">
<type>string</type>
<required>true</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="First Name">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
</attribute>
<attribute name="Last Name">
<type>string</type>
<required>true</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
</attribute>
<attribute name="Middle Name">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
</attribute>
<attribute name="Display Name">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
<multi-represented>true</multi-represented>
</attribute>
<attribute name="usr_password">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>false</searchable>
</attribute>
<attribute name="LDAP GUID">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="LDAP DN">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Role">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Email">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Start Date">
<type>date</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="End Date">
<type>date</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="usr_timezone">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="usr_manager_key">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Country">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Department Number">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Description">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Common Name">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
</attribute>
<attribute name="Employee Number">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Fax">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Generation Qualifier">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
</attribute>
<attribute name="Hire Date">
<type>date</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Home Phone">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Home Postal Address">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Locality Name">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Mobile">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Pager">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Postal Address">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
</attribute>
<attribute name="Postal Code">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="PO Box">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="usr_locale">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="State">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
</attribute>
<attribute name="Street">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Telephone Number">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Title">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
</attribute>
<attribute name="Initials">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="LDAP Organization">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
</attribute>
<attribute name="LDAP Organization Unit">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
<MLS>false</MLS>
</attribute>
<attribute name="User Status">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Lock Status">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Accessibility Mode">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Color Contrast">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Font Size">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Number Format">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Currency">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Date Format">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Time Format">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="Embedded Help">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="FA Language">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="FA Territory">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
<attribute name="User Name Preferred Language">
<type>string</type>
<required>false</required>
<attribute-group>Basic</attribute-group>
<searchable>true</searchable>
</attribute>
</entity-attributes>
<target-fields>
<field name="uid">
<type>string</type>
<required>true</required>
</field>
<field name="givenname">
<type>string</type>
<required>false</required>
</field>
<field name="sn">
<type>string</type>
<required>true</required>
</field>
<field name="middleName">
<type>string</type>
<required>false</required>
</field>
<field name="cn">
<type>string</type>
<required>true</required>
</field>
<field name="userPassword">
<type>string</type>
<required>false</required>
</field>
<field name="objectGUID">
<type>string</type>
<required>false</required>
</field>
<field name="dn">
<type>string</type>
<required>false</required>
</field>
<field name="employeeType">
<type>string</type>
<required>false</required>
</field>
<field name="mail">
<type>string</type>
<required>false</required>
</field>
<field name="orclActiveStartDate">
<type>date</type>
<required>false</required>
</field>
<field name="orclActiveEndDate">
<type>date</type>
<required>false</required>
</field>
<field name="orclTimeZone">
<type>string</type>
<required>false</required>
</field>
<field name="manager">
<type>string</type>
<required>false</required>
</field>
<field name="c">
<type>string</type>
<required>false</required>
</field>
<field name="departmentNumber">
<type>string</type>
<required>false</required>
</field>
<field name="description">
<type>string</type>
<required>false</required>
</field>
<field name="employeeNumber">
<type>string</type>
<required>false</required>
</field>
<field name="facsimileTelephoneNumber">
<type>string</type>
<required>false</required>
</field>
<field name="orclGenerationQualifier">
<type>string</type>
<required>false</required>
</field>
<field name="orclHireDate">
<type>date</type>
<required>false</required>
</field>
<field name="homePhone">
<type>string</type>
<required>false</required>
</field>
<field name="homePostalAddress">
<type>string</type>
<required>false</required>
</field>
<field name="l">
<type>string</type>
<required>false</required>
</field>
<field name="mobile">
<type>string</type>
<required>false</required>
</field>
<field name="pager">
<type>string</type>
<required>false</required>
</field>
<field name="postalAddress">
<type>string</type>
<required>false</required>
</field>
<field name="postalCode">
<type>string</type>
<required>false</required>
</field>
<field name="postOfficeBox">
<type>string</type>
<required>false</required>
</field>
<field name="preferredLanguage">
<type>string</type>
<required>false</required>
</field>
<field name="st">
<type>string</type>
<required>false</required>
</field>
<field name="street">
<type>string</type>
<required>false</required>
</field>
<field name="telephoneNumber">
<type>string</type>
<required>false</required>
</field>
<field name="title">
<type>string</type>
<required>false</required>
</field>
<field name="initials">
<type>string</type>
<required>false</required>
</field>
<field name="o">
<type>string</type>
<required>false</required>
</field>
<field name="ou">
<type>string</type>
<required>false</required>
</field>
<field name="displayName">
<type>string</type>
<required>false</required>
</field>
<field name="orclAccountEnabled">
<type>string</type>
<required>false</required>
</field>
<field name="orclAccountLocked">
<type>string</type>
<required>false</required>
</field>
<field name="orclAccessibilityMode">
<type>string</type>
<required>false</required>
</field>
<field name="orclColorContrast">
<type>string</type>
<required>false</required>
</field>
<field name="orclFontSize">
<type>string</type>
<required>false</required>
</field>
<field name="orclNumberFormat">
<type>string</type>
<required>false</required>
</field>
<field name="orclCurrency">
<type>string</type>
<required>false</required>
</field>
<field name="orclDateFormat">
<type>string</type>
<required>false</required>
</field>
<field name="orclTimeFormat">
<type>string</type>
<required>false</required>
</field>
<field name="orclEmbeddedHelp">
<type>string</type>
<required>false</required>
</field>
<field name="orclFALanguage">
<type>string</type>
<required>false</required>
</field>
<field name="orclFATerritory">
<type>string</type>
<required>false</required>
</field>
<field name="orclDisplayNameLanguagePreference">
<type>string</type>
<required>false</required>
</field>
</target-fields>
<attribute-maps>
<attribute-map>
<entity-attribute>User Login</entity-attribute>
<target-field>uid</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>First Name</entity-attribute>
<target-field>givenname</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Last Name</entity-attribute>
<target-field>sn</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Middle Name</entity-attribute>
<target-field>middleName</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Common Name</entity-attribute>
<target-field>cn</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>usr_password</entity-attribute>
<target-field>userPassword</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>LDAP GUID</entity-attribute>
<target-field>objectGUID</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>LDAP DN</entity-attribute>
<target-field>dn</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Role</entity-attribute>
<target-field>employeeType</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Email</entity-attribute>
<target-field>mail</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Start Date</entity-attribute>
<target-field>orclActiveStartDate</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>End Date</entity-attribute>
<target-field>orclActiveEndDate</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>usr_timezone</entity-attribute>
<target-field>orclTimeZone</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>usr_manager_key</entity-attribute>
<target-field>manager</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Country</entity-attribute>
<target-field>c</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Department Number</entity-attribute>
<target-field>departmentNumber</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Description</entity-attribute>
<target-field>description</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Employee Number</entity-attribute>
<target-field>employeeNumber</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Fax</entity-attribute>
<target-field>facsimileTelephoneNumber</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Generation Qualifier</entity-attribute>
<target-field>orclGenerationQualifier</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Hire Date</entity-attribute>
<target-field>orclHireDate</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Home Phone</entity-attribute>
<target-field>homePhone</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Home Postal Address</entity-attribute>
<target-field>homePostalAddress</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Locality Name</entity-attribute>
<target-field>l</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Mobile</entity-attribute>
<target-field>mobile</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Pager</entity-attribute>
<target-field>pager</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Postal Address</entity-attribute>
<target-field>postalAddress</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Postal Code</entity-attribute>
<target-field>postalCode</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>PO Box</entity-attribute>
<target-field>postOfficeBox</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>State</entity-attribute>
<target-field>st</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Street</entity-attribute>
<target-field>street</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Telephone Number</entity-attribute>
<target-field>telephoneNumber</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Title</entity-attribute>
<target-field>title</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Initials</entity-attribute>
<target-field>initials</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>LDAP Organization</entity-attribute>
<target-field>o</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>LDAP Organization Unit</entity-attribute>
<target-field>ou</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Display Name</entity-attribute>
<target-field>displayName</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>User Status</entity-attribute>
<target-field>orclAccountEnabled</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Lock Status</entity-attribute>
<target-field>orclAccountLocked</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Accessibility Mode</entity-attribute>
<target-field>orclAccessibilityMode</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Color Contrast</entity-attribute>
<target-field>orclColorContrast</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Font Size</entity-attribute>
<target-field>orclFontSize</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Number Format</entity-attribute>
<target-field>orclNumberFormat</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Currency</entity-attribute>
<target-field>orclCurrency</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Date Format</entity-attribute>
<target-field>orclDateFormat</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Time Format</entity-attribute>
<target-field>orclTimeFormat</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>Embedded Help</entity-attribute>
<target-field>orclEmbeddedHelp</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>FA Language</entity-attribute>
<target-field>orclFALanguage</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>FA Territory</entity-attribute>
<target-field>orclFATerritory</target-field>
</attribute-map>
<attribute-map>
<entity-attribute>User Name Preferred Language</entity-attribute>
<target-field>orclDisplayNameLanguagePreference</target-field>
</attribute-map>
</attribute-maps>
<control-attributes>
<attribute name="container">
<type>LDAPContainer</type>
<required>false</required>
</attribute>
</control-attributes>
</tns:entity-definition>

Ldap bind mechanism in java

Hello all,
Im facing find solution for ldap bind similar to [ldap_bind|http://php.net/manual/en/function.ldap-bind.php] function in php.
it seems easy and nice.
I had look around the web and some forums and got direction to use this
But this is not similar solution as in php.
ldap_bind use only conection, userName and password dont know nothing about password hash method and will verify credentials as valid or invalid.
Anyone have informaiton or ideas how to do it in java?
Petr, cz
Edited by: PetrCZ on May 19, 2010 11:22 PM
Edited by: PetrCZ on May 19, 2010 11:23 PM

You don't need to know the LDAP hash at all to do a bind and user password check. That's against security - why would a administrator let anyone know what hashing he uses - thats letting an important piece of your security out (even though thesemodern hashes are pretty much ir-reversible)
All you need is use Sun JNDI code to do a bind , use authentication method Simple and then gives user's id and password in clear-text. Directory server will itself take care of converting clear text password passed by you and comparing it with hashed user password in LDAP.
From your code perspective if you get a DirContext back - your bind was successful otherwise you will get a NamingEnumeration exception.
try reading through DirContext InitialDirContext ... just do a random search and you should get numerous helper code over internet.

How Create Virtual Directory On Oracle Application Server 10g on RHEL 5

Dear Sir
i have deployed my application on OAS 10g on RHEL 5 ,,now since my application is calling some pro*c programs and then they generate some text based reports on fixed folder named
/treas/temp
now i simply have to open these text based reports on web browser
WEB.SHOW_DOCUMENT('/forms/pcreport/'||v_filename);
but for that i need to create virtual directory name : " /pcreport " without code
kindlly help as its working on my developer suit 10g i created a virtual directory in my application server by making following entry in "orion-web.xml" file
<virtual-directory virtual-path="/pcreport" real-path="/u/treas/temp" />
kindlly help

(My paths shown, yours will be different)
In a text editor :
/u01/app/oracle/product/midtier/Apache/Apache/conf/httpd.conf
Add
Alias /pcreport/ "/u01/app/oracle/product/midtier/forms/pcreport/"
<Directory "/u01/app/oracle/product/midtier/forms/pcreport/">
Options Indexes
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Create the pcreport directory.
Add a simple test page
vi /u01/app/oracle/product/midtier/forms/pcreport/test.html
<html>
<head>
<title>Simple test page </title>
<style type="text/css">
body {
margin-left: 20%;;
margin-right: 20%;
border: 1px dotted gray;
padding: 10px 10px 10px 10px;
</style>
</head>
<body>
<p>test!</p>
</body>
</html>
Test
http://yourserver.com:7777/pcreport/test.html
Best Regards
mseberg

Ldap BIND trough virtual directory.

Similar Messages

Maybe you are looking for