Migrate OID to OUD

Similar Messages

• Differences between OID and OUD

  Hello gurus,
  What are the differences between OID and OUD.
  Why Oracle release two LDAP directories. Please let me know.

  These two are two LDAP directories.
  Where OID is database dependent and OUD is not.

• Migrate OID of Portal to Another OID

  Hi
  We have a dubt about the procedure to migrate OID of portal to another OID.
  We have two portal, and it are associocate with diferent OID.
  We need to have only one OID server with two portal.
  These portals have diferents domains, one have cliente1.cl and
  another have cliente.cl, its registry with diferent cn, and we have diferent
  users and groups.
  The goal of this change is create users in 1 OID. So we have 2 question:
  1) Can I migrate user and groups for OID2 to OID1 that it have different domiain?
  2) What is the best procedure (how to) for change portal to other OID?, we read some notes but it is not very clary, because OID1 just already existing with other portal.
  Please we need the answer asap.
  Thank you very much

  Hi,
  You can use transportable tablespace if you are on 10gR2 (and above).
  10gR2 Transportable Tablespaces Certified for EBS 11i
  http://blogs.oracle.com/stevenChan/2010/04/10gr2_xtts_ebs11i.html
  Note: 454574.1 - Cross Platform Transportable Tablespaces on 11i with 10gR2
  Note: 729309.1 - Using Transportable Database to migrate Oracle E-Business Suite 11i Using Oracle Database 10.2.0 or 11g
  For Oracle9i migration, you will have to use export/import (which I believe you are aware of).
  Thanks,
  Hussein

• Migrating OID groups to OIM

  We have been given the task of migrating our existing identity management systems to OIM (Oracle Identity Manager).
  Part of our existing system uses OID (Oracle Internet Directory). All users have an entry in OID. Some of our systems use OID for authentication.
  We also use OID to hold users' entitlements/privileges that control access to our applications. We use OID groups (represented by entries based on groupOfUniqueNames and orclGroup objects) to do this. For example we might have an application called 'Finance' with three levels of access represented by OID groups e.g. 'finance_enquiry', 'finance_updater', 'finance_superuser'. Those groups would all belong to a parent group called 'finance_application'. To access the application the user needs to be a member of 'finance_application' group or one of its child groups. Access to features of the application are controlled by membership of the 3 child groups. We have an application that maintains groups, group membership, and user entitlements in OID.
  As part of the migration project we want to move maintenance of groups and group membership from our own application into OIM. The above scenario seems quite basic.
  My main question is how would this be done in OIM? Do our current OID groups become OIM Groups? Do they become entries in some lookup table in OIM? Are there any case studies or other documentation that describes this kind of requirement?
  I've looked at the OIM Connector for OID documentation but it doesn't describe typical scenarios. It assumes that you know what you are doing.
  We also want to give users the ability to request entitlements, and to provide an approval process. So we could have a user who approves/rejects entitlement requests to access to the applications they control. But that's a another topic.
  Cheers,
  Eric

  PeachEye wrote:
  We have been given the task of migrating our existing identity management systems to OIM (Oracle Identity Manager).
  As part of the migration project we want to move maintenance of groups and group membership from our own application into OIM. The above > scenario seems quite basic.You're about to find out otherwise.
  >
  My main question is how would this be done in OIM? Do our current OID groups become OIM Groups? Do they become entries in some lookup table > in OIM? Are there any case studies or other documentation that describes this kind of requirement?You'll need a custom connector and lots of OIM tweaks. Your groups will stay in OID, OIM will replace the current application you use to maintain them. That's one way of doing it, no impact to OID schema is the benefit of this way, there are other ways.

• Migrating OID service names

  Hi all,
  I am new to this OID.
  We are currently using 9i OID and we are upgrading our infrastructure and moving all databases to 10g.
  We use OID only for tnsnames resolution.
  I have installed 10gR3 AS infrastructure for OID.
  can someone please provide me instructions on how we move OID service name entries from one version to another.
  i had a look at the oracle support [ID 251776.1] and it doesnt seems to be clear for a newbie like me.
  Thanks
  BS

  In case if any one has been with the same problems
  the easiest way to do is to install jxplorer and export as LDIF file and then remove unnecessary attributes and import

• Migrating to linux 4 from linux3 32bit

  We are migrating OID server to linux 4 32bit from linux 3 32 bit.
  Just wonder if anybody have any suggestion better than to reinstall everything including metadata repository?
  we have configured synchronization with AD.
  Thanks in advance.

  Just to clarify, we are migrating the OS on the box from linux 3 to linux4 not the OID server. We are looing for easier way not to reinstall OID and metadata repository.

• Migration from OCS 10g to Another OCS10g

  I need to migrate a single box installation of OCS 10g (production) to a multi-box with hight disponibility feature (with new machine names, etc).
  Anybody have a idea to migrate this setup ?
  Best Regards,
  Adail Horst

  Hello
  you've been advised to contact ACE team through you Oracle Sales Rep some times ago, they would surely have provided some help, now the they've moved to Beehive, that will be impossible.
  OCS is not an "imature solution", but now it's becoming "too mature" as it will be replaced with Beehive, and you waited too long before ringing the bell. Who is immature ? Oracle Support because they want to call you in order to provide some help ? I don't understand.
  Though, migrating OID, emails and Calendar is far from being impossible, it's the easiest part.
  - for OID you just need to migrate contents (users, groups etc) through LDIF
  - for emails and contacts you need OMT (Oracle Migration Tool) and a partner to operate that tool
  - for calendar it's more or less a matter of moving the database if you keep ctcalxitemids the same, if I remember well
  And there's also an easier solution : move all the software and data to another servermore powerful that your old box. If you use the same Linux version, same patchlevel, and same configuration (network, sysctl, etc), it will work.
  Do not try and implement an OCS Cluster now, if you wan't to move to a high availability environment, consider Beehive, really.

• Is there client for business users?

  Hi,
  We currently use OID and OUD. The administrator manage these LDAP systems with ODSM. We want a tool for business users, so that they can edit their information and change passwords. Is there any component in Identity Management can meet our requirement?
  Thanks

  You can use oracle identity manager with certain UI customizations to meet your requirement.
  regards,
  GP

• Migration of Portal-Users to OID

  Hello,
  I have two 3.0.9.8.5 Portals (Production and Training) running under the same IAS 1.0.2.2. The access to the different Portals is managed over different DADs. Know I want to run the old Portals with the new Midtier 9.0.2. So I added the DADs to the 9.0.2 Midtier and run ssodatan on both Portals. Everything works fine so far.
  In the next step I want to migrate the old Login-Server-users and groups to the new OID. I think I have to follow the SSO-Migration Guide.
  I have identical usernames in the two Portals (same User in the Production World and for Training). The Users should be really different (also with different passwords). The Idea is to use different LDAP-Trees for them.
  My questions:
  How can I configure the Portals to use different LDAP-Trees?
  Mirko

  You may try Enabling Virtual Private Portal (Create HOSTED PORTALS ) with following:
  � Enabling virtual private portals on Oracle9iAS Portal and the Single Sign-On (SSO) server.
  � Creates a basic structure on Oracle Internet Directory (OID) for user/group support.
  This would also involve creating a new subscriber stripe in Oracle9iAS Portal/SSO schemas.

• Migrating ADF Security to WLS using OID

  I have seen a number of posts on this forum regarding deploying an application which has ADF Security enabled to a stand-alone WebLogic server, but none of them seem to address the following.
  I have an application in JDeveloper which uses an XML-based identity store and policy store. I have a stand-alone WLS which is connected to OID. I am trying to migrate the credential store and policy store to the OID configured for my stand-alone WLS. The various blogs and OTN articles mentioned frequently in this forum regarding ADF Security address configuring OID in WLS, as well as how to migrate security to XML-based providers on WLS. However, I have not seen any information on how to migrate security to OID in WLS. I have a few questions in particular:
  1) JDeveloper online help has limited information for modifying the jps-config.xml to have a destination context, service instance, and service provider for LDAP (OID). It has configuration parameters for “JpsFarmName” and “JpsRootNodeName”. What are these used for, and what should the values be?
  2) Does the jps-config.xml file need to be modified in WLS (i.e. <Domain>/config/oracle/jps-config.xml)? Is this file even used at runtime by WLS?
  3) How does WLS know to use OID for obtaining credential, identity, and policy information instead of system-jazn-data?
  Any information on this topic would be very appreciated!
  Thanks,
  Erick

  Hi,
  I am using migrateSecurityStore for policy migration from xml to OID.
  migrateSecurityStore(type="policyStore",configFile="t2p-policies.xml",src="XMLsourceContext",dst="LDAPdestinationContext")
  when I run above command I am getting following error.
  Jul 9, 2009 11:00:08 AM oracle.security.jps.internal.config.util.BootstrapConfig
  urationUtil getCredentialFromBootstrapWallet
  SEVERE: Cannot get credential. Reason java.security.PrivilegedActionException: o
  racle.security.jps.service.credstore.CredStoreException.
  COMMAND FAILED due to an unknown reason, Check the stack trace for details
  Traceback (innermost last):
  File "<console>", line 1, in ?
  File "D:\JDEVST~2\JDEVEL~1\common\wlst\jpsWlstCmd.py", line 780, in migrateSec
  urityStore
  File "D:\JDEVST~2\JDEVEL~1\common\wlst\jpsWlstCmd.py", line 752, in migrateSec
  urityStoreImpl
  at oracle.security.jps.internal.policystore.ldap.LdapPolicyStore.<init>(
  LdapPolicyStore.java:230)
  at oracle.security.jps.internal.policystore.ldap.LdapPolicyStoreProvider
  .getInstance(LdapPolicyStoreProvider.java:108)
  at oracle.security.jps.internal.policystore.ldap.LdapPolicyStoreProvider
  .getInstance(LdapPolicyStoreProvider.java:55)
  at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.findServ
  iceInstance(ContextFactoryImpl.java:139)
  at oracle.security.jps.internal.core.runtime.DelegatingContextFactoryImp
  l.findServiceInstance(DelegatingContextFactoryImpl.java:61)
  at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getConte
  xt(ContextFactoryImpl.java:170)
  at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getConte
  xt(ContextFactoryImpl.java:206)
  at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getCo
  ntextFromConfig(JpsContextFactoryImpl.java:171)
  at oracle.security.jps.internal.tools.utility.util.JpsHelper.getContextF
  romConfigObj(JpsHelper.java:115)
  at oracle.security.jps.internal.tools.utility.mgrs.JpsPolicyAPIManager.g
  etPolicyStoreForDestination(JpsPolicyAPIManager.java:157)
  at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDs
  tPolicy.<init>(JpsDstPolicy.java:186)
  at oracle.security.jps.internal.tools.utility.destination.JpsInitializer
  Dst.getDestinations(JpsInitializerDst.java:82)
  at oracle.security.jps.internal.tools.utility.JpsUtility.<init>(JpsUtili
  ty.java:63)
  at oracle.security.jps.internal.tools.utility.JpsUtilMigrationPolicyImpl
  .migrateAllPolicyData(JpsUtilMigrationPolicyImpl.java:234)
  at oracle.security.jps.tools.utility.JpsUtilMigrationTool.executeCommand
  (JpsUtilMigrationTool.java:167)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
  java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
  sorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  oracle.security.jps.JpsRuntimeException: oracle.security.jps.JpsRuntimeException
  : Cannot read the default policy store.
  thanks and regards
  KishoreM

• Migrate users from FND_USER to OID

  We are planning to authenticate Oracle apps users against OID and have installed a 9iAS Portal 1.0.2.2.2 environment with 11.5.7 and OID for this purpose.
  We need to migrate user information (username and password as a minimum) from FND_USER to OID. Is there a recommended way of doing this? Can the encrypted password in FND_USER be moved directly across to OID?
  Any help much appreciated.

  If your source and target servers can have access to each other use dipassistant utility to migrate all users with passwords to new server.
  Use this article for details.
  http://www.oracle.com/technology/obe/obe_as_10g/im/ads_import/import.htm

• Migrate data from OID to another OID

  My case is I have currently running OID on machine A (RAC structure).
  And I have another new standalone machine B, with fresh Oracle DB installed.
  How to migrate all OID data from machine A to machine B in fast, quick and error free way?
  Regards
  Eric

  What are you trying to accomplish? How much data do you need to copy to the new OID?
  If you want to copy users and groups from one OID instance to another, then read MetaLink Note 436998.1.
  If you want an exact copy of the entire db, then you could just use a regular export/import. BUT, I don't think that would work as the new OID instance would contain installation-specific data - things like server name, port #, and more.
  Also, read the OID Administrator's Guide for more info on the subject of migrating data from one OID to another.

• Migrate users from EBS to OID

  Hi,
  Please provide me the steps to migrate the users from EBS R12 to OID?

  Pl see MOS Doc 876539.1 (Using the Latest Oracle Internet Directory 11gR1 Patchset with Single Sign-on and Oracle E-Business Suite)
  HTH
  Srini

• Problems migrating entries form OID 9.0.4.0.0 to 10.1.2.3

  I have been trying to do this without much luck.
  I export from the source directory into an ldif file, run bulkload -check on the ldif file and it reported some duplicate DNs. I tried to delete the duplicates but I didn't see all the duplicates reported. later i just imported as it was and it completed without creating the index which I manually create with error on some tables. After the stage, I couldn't login with orcladmin from the web site and the whole thing got corrupted because OC4J won't start again.
  I have re-install whole AS server (infra +midtier) and I want to start afresh with the help of some one who is good in this area. If you can just reply with the steps you will use to migrate everything from OID from a dev to live server, I will appreciate it.
  Thanks very much.

  mitjas wrote:
  We are migrating Oracle portal 9.0.2.3.0B on windows to 10.1.2.3 on Linux.- I thought you asked for portal upgrades.
  I think upgrading portal to some version levels does not necessarily affect the AS support for forms/reports. For instance, you may be running AS 10.1.2.0.2 and yet may upgrade your portal to 10.1.4.0.0.
  If you had liked to go for the latest recommended portal version by Oracle currently (10.1.4.2) you would apply the Patch Set 3 on top
  of portal 10.1.4. And yet this Patch Set is applicable to Oracle instances including the Forms and Reports and the BI types for 10.1.2. See the following for reference.
  AMN
  Ref: from the readme.html of
  Oracle® Application Server and Oracle Developer Suite
  Patch Set Notes
  10g Release 2 (10.1.2) Patch Set 3 (10.1.2.3.0) for Solaris Operating System (SPARC) and Microsoft Windows
  This document accompanies Oracle Application Server and Oracle Developer Suite 10g Release 2 (10.1.2) Patch Set 3 (10.1.2.3.0) (OracleAS 10g Release 2 Patch Set 3). This patch set is applicable for the following releases only:
  * Oracle Application Server 10g Release 2 (10.1.2.0.0)
  * Oracle Application Server 10g Release 2 Standard Edition One (10.1.2.0.1)
  * Oracle Application Server 10g Release 2 (10.1.2.0.2)
  * Oracle Application Server Forms and Reports Services (10.1.2.0.2)
  * Oracle Application Server Portal 10g Release 2 (10.1.4)
  * Oracle Application Server Portal 10g Release 2 Patch Set 2 (10.1.4.1)
  * Oracle Developer Suite 10g (10.1.2.0.2)
  * Oracle Business Intelligence 10g Release 2 (10.1.2)
  * Oracle Business Intelligence 10g Release 2 (10.1.2.0.2)
  * Oracle Business Intelligence Tools 10g Release 2 (10.1.2)
  * Oracle Business Intelligence Tools 10g Release 2 (10.1.2.0.2)
  * Oracle Business Intelligence Tools 10g (10.1.2.0.2) that shipped as part of Oracle Developer Suite 10g Release 2 (10.1.2)
  * OracleAS 10g Release 2 Patch Set 1 (10.1.2.1.0)
  * OracleAS 10g Release 2 Patch Set 2 (10.1.2.2.0)

• OID DATA MIGRATION AMONG TWO GROUPS

  Hi all,
  I have two queries:-
  a) How can we move data from an X group to Y group in OID?(bulk movement of dat from x to y ).
  b) Whenever i try to create a group from my custom code in OID, the displayname (manadatory field ) entry somehow is missed,
  but i am still able to create the group.
  But when i will try to move users from X group to y group it will say please ener the manadatory atribute.
  Please suggest solution as it is very critical.
  Rgds
  Mohit
  Edited by: user629062 on Sep 29, 2008 11:22 PM

  Hi,
  If its a one time migration, you can go with ldifwrite/bulkload option.
  Generally, the source (old) ldap (OID) is not phased out immediately, so in that case you can use DIP so that its a continuous synch between the old and new OID, and once testing/fine tuning has been done, you can decomission the old OID.
  Regarding the size of the ldif, you need not do all the entries at once, and it is not advisable too.
  You can do a ldifwrite/bulkload of each container, or a few containers so that you can have control over the migration, and its much easier to debug/test.
  -- Pramod Aravind