OID & Other Directory Server

Hi,
I'm trying to make a little research about Oracle Internet
Directory that shiped with Oracle 8.1.7 and other Directory
server.
They are several differences that I found out by self.
These differences are not listed in any Oracle documentation,
(what a great documentation from Oracle) :-)
They are:
1. Oracle Internet Directory doesn't allowed alphanumeric for
ObjectID for ObjectClass or Attribute. In iPlanet it's ok to
have alphanumeric as ObjectID.
2. Oracle Internet Directory doesn't support javaObject.
Do you have more list of differences? If you do please I want to
know all differences.
I hope someone from Oracle can give me a full list of
differences. Not to show that Oracle Internet Directory is
inmature but to give an idea what we can or can't do with it, so
we don't have to spent several hours to do a task that usually
works very well with other Directory server.
Perhaps I can get a future plan of Oracle Internet Directory or
at least a prediction that in OID version XXXXX that shiped with
Oracle 9.xxxx, maybe Oracle will have the same features with
other Directory server.
In addition Oracle Internet Directory Manager application is a
very powerful tool. It is so powerful that I get a very good
error message when I'm trying to use alphanumeric in objectID.
The error message is "Unknown", and the detail is a bunch of
Java exceptions. Why don't you guys try it (I think you like it).
If the problem is just objectID why don't this great tool give a
clear error message.
regards,
Evan

hello ...
The technology that allows 3rd party directories to integrate with OID is called the OID "Directory Integration Platform" (DIP).
Documentation on the OID DIP can be found at:
http://download-west.oracle.com/otndoc/oracle9i/901_doc/network.901/a90151/pt_odip.htm#435787
Also, Oracle consulting services are available to support directory integration work. Please email me if you are interested in getting more information about Oracle Consulting.

Similar Messages

  • Replication To Other Directory Servers

    Does iPlanet Directory Server 5.1 support replication to/from any other Directory Server in the market? i.e Active Directory, Novell Directory Server.
    Thanks,
    Hien

    Not that I know of. You will probably have to use some sort of meta directory solution to sync iPlanet DS with AD or Novell DS.

  • Sun Directory Server and OID Synchronization

    I'm having a problem with synchronizing OID with our existing Sun Directory Server. This is a one way synchronization, using Sun DS as the source, and OID as the destination. I've successfully installed OID with SSL enabled (this is part of an Oracle Portal installation), and followed what docs I could find. I created an integration profile based off the iPlanet Import profile, and imported a custom mapping profile based off a differing DIT naming convention (o=company.com vs dc=company,dc=com). I have applied an ACI that should allow the synchronization profile user to update entries on the OID side, and a user in Sun DS that has access to the appropriate areas on that side. I was able to successfully bootstrap and import all of our users, and it was also able modify the last changelog number.
    Having said all of that, incremental changes aren't propagating to OID. I'm not sure where to look or what steps to take to troubleshoot this, as I'm brand new to OID. There's an agent execution command that is blank in the integration profile, but according to what I've found that's the default and is acceptable.
    Am I missing a step here? According to the docs, all I need to do is enable the profile, and away it goes.
    One last thing I had to do to overcome an issue with the changelog number not updating was adding our internal root ca's certificate to the local JVM's cacerts file. I accomplished this with the keytool command, and it seemed to work fine. I'm unsure if it's the SSL config that is hosed and is causing this, or if it's a configuration parameter I'm missing.. but I don't have anywhere to start as far as troubleshooting is concerned.

    On your integration profile, did you set the debug level to 63? You should have a _____.aud and a _____.trc file in your $ORACLE_HOME/ldap/odi/log directory that will provide more info. Did you start your DIP server (odisrv) with the oidctl command?
    You might also look at downloading the "diptester" utility for troubleshooting OID synchronization issues.
    - Brian

  • OIM OID sync (IT Resource - Directory Server)

    Hi Friends ,
    I am trying to get information about OIM OID sync (IT Resource - Directory Server) but i am not find any link.
    I want to find out what are limitation of this sync and how we can control sync attributes.
    Thanks in advance.

    If you talking about OIM 11g LDAP Identity Store (the thing that synchronises OIM and OID automagically) then have a look at:
    http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14316/dployconfig.htm#insertedID3
    There's also stuff about it in the OIM 11g Developers Guide, the OIM 11g System Administrators Guide (LDAP scheduled tasks). The installation guide and entreprise deployment guide may also be useful.
    These should all be accessible from
    http://download.oracle.com/docs/cd/E14571_01/im.htm
    Have fun!

  • Can't start NT service for Directory Server using other acc. than LocalSys.

    Hi!
    I'm using Directory Server 5.1 on a Windows 2000 machine.
    I wrote a Plug-In for DS that needs Administrator Access to the NT Domain. So I tried to run the DS-Service as Administrator but the service can not start. I just keeps in status "starting...".
    I don't get any error message and the errorlog doesn't contain anything.
    Has anyone an idea?
    Thanks!
    Florian

    I forgot to tell one thing: I use SSL, without SSL I do not have this problem. Perhaps it's only the popup I get when starting DS, where I have to enter the certificate password?

  • Which directory server for naming?

    We are currently using OID for our Oracle naming resolution.  We are not running Identity Management, Portal, or any of the myriad of other middleware products that rely on directory server.  
    I need to migrate the OID to new hosts.  I've been flailing about with ODSEE, not realizing that Oracle has 3 different directory servers -- OID, OUD, and ODSEE.  Which one of these would be the best to use for this purpose?   Also, which one would leave me in the best position if we do adopt one of these other products?

    OUD is the best option as it supports TNS Names and EUS like OID does. I don't think ODSEE is an option here.
    Have a look at Frankie goes to Hollywood: Oracle Unified Directory 11.1.2.1.0: TNS and EUS - Part 1: TNS Resolving
    Sylvain

  • Sun java DIRECTORY SERVER 6.0 WITH SUN OPENSSO 8

    Hi all,
    I have install the sun java directory server 6.0.
    Now I have install the sun openssl ( I could had installed the sun java access manager but i wanna use the sun opensso 8 for SSO).
    when created the directory i.e. by using command from directory preparation tool, the directory server stop starting.
    It do not start and is asking me the error as follows,
    bash-3.00# /var/opt/SUNWdsee/dsins1/start-slapd
    [20/Feb/2009:14:44:30 +0500] - ERROR<4131> - Bootstrap config - conn=-1 op=-1 msgId=-1 - System error The entry cn=schema in file /var/opt/SUNWdsee/dsins1/config/schema/99user.ldif is invalid (error 20: Type or value exists) - attribute type sunIdentityServerDiscoEntries: Does not match the OID "1.3.6.1.4.1.42.2.27.9.1.821". Another attribute type is already using the name or OID..
    [20/Feb/2009:14:44:30 +0500] - ERROR<4129> - Bootstrap config - conn=-1 op=-1 msgId=-1 - Configuration error Please edit the configuration file to correct the reported problems and then restart the server. Server exiting.
    Server not running!! Failed to start ns-slapd process.
    Note: while preparing the directory (sun java directory preparation tool) I mentioned the schema 2 i.e. ACCESS MANAGER, because sun opensso 8 is the latest version for Sun java access manager ?
    Any help??????????????
    Regards
    Adeel

    Looks like the attribute sunIdentityServerDiscoEntries is defined twice in the schema. Run the following and see where it is defined for the second time.
    # cd /var/opt/SUNWdsee/dsins1/config/schema
    # grep -w sunIdentityServerDiscoEntries *.ldif | grep -iv objectclasses
    Edited by: etst123 on Mar 3, 2009 1:28 PM

  • Error while migrating to Sun Directory Server 6.0

    Hi All,
    I am trying to migrate the Sun One Directory Server 5.2 to Sun Directory Server 6.0. I am getting the following error
    bash-3.2# ./dsmig migrate-config /var/Sun/mps/slapd-circb2bld3/ /var/SunDirectoryServer6.0/dsInst/
    Launching Configuration Migration of server instance /var/Sun/mps/slapd-circb2bld3 .....
    Enter the certificate database password:
    Starting server instance /var/SunDirectoryServer6.0/dsInst ..... Instance /var/SunDirectoryServer6.0/dsInst is already running (ns-slapd pid is 3868)
    Enter "cn=Directory Manager" password:
    Connecting to server localhost:389 .....
    Could not bind securely on "localhost:389".
    Remote host closed connection during handshake
    Details: SSL peer shut down incorrectly
    Could not create context for configuration migration.
    Operation "migrate-config" failed.
    Please help me.

    Please stop
    The migration guide has step by step instructions, including command line examples, are you using that as your reference?
    Your upgrade should be to (at a minimum) DSEE 6.3.1.1.1. Upgrading to 6.0 is upgrading to a release level that has no patches or fixes to the product. There are significant fixes to the migration command line tools. There is a good chance you will run into issues.
    You should install and review migration to ODSEE 11.1.1.7.0 (which would effectively be the 7.2 release of the DS).
    There is a specific guide for migration and upgrade, which includes migration from DS 5.2 to 11.x
    The full documentation collection for 11.1.1.7.0 is here
    http://docs.oracle.com/cd/E29127_01/index.htm
    The specific migration guide is here
    http://docs.oracle.com/cd/E29127_01/doc.111170/e28971/toc.htm
    See: Part II Migrating from ODSEE 5.2 to ODSEE 11g Release 1 (11.1.1.7.0)
    ODSEE 11.1.1.7.0 can be downloaded from here.
    http://www.oracle.com/technetwork/middleware/downloads/oid-11g-161194.html

  • URL to be used in high availability for Directory Server

    Hi All,
    I have an environment configured for high availability. I have two OVD and OID servers each in this environment, configured in high availability. What should be the value in the Server URL field of the Directory Server IT Resource in the OIM for this environment? In the normal environment, I had it as "ldap://ovdhost01:6501" and it was working fine. But since there are two servers here, I am not sure what URL to use in place of this. The entry for the two ovd hosts in the OHS is "idstore.com" which is configured on 6501 port. But I tried using the following URLs and none of them worked:
    1. idstore.com
    2. ldap://idstore.com
    3. ldap://idstore.com:6501
    4. ldap://ovdhost01:6501,ldap://ovdhost01:6501
    Can someone help me know the correct URL to be used in this case?
    Thanks,
    $id

    Not sure about OVD or OID but for SOA and OIM:
    SOA:
    XMLConfig -> XMLConfig.SOAConfig -> SOAConfig
    Rmiurl -> t3://soahost1:soaport1,soahost2:soaport2
    Soapurl -> Load balancer or web server url (without the /workflow context)
    OIM:
    XMLConfig -> XMLConfig.DiscoveryConfig -> Discovery
    OimFrontEndUrl -> Load balance or web server url (without the /oim context)
    And ofcourse on your LB or WebServer, you need to configure these:
    SOA: http://docs.oracle.com/cd/E23943_01/core.1111/e10106/ha_soa.htm#CHDDJEGD
    OIM: http://docs.oracle.com/cd/E21764_01/core.1111/e10106/imha.htm#BGBDFEIE
    -Bikash

  • Performance concern with directory server implementation

    performance concern with directory server implementation
    I first posted this at metalink forum, and was suggested to post it here instead.
    Hi,
    I'd like to get any feedback regarding performance of oracle directory server implementation. Below is what I copy&patested from 9i Net Services Administrator's Guide, I found no 'directory server vendor documentation', so anything regarding this is welcome too.
    Performance
    Connect identifiers are stored in a directory server for all clients to access.
    Depending on the number of clients, there can be a significant load on a directory
    server.
    During a connect identifier lookup, a name is searched under a specific Oracle
    Context. Because of the scope of the lookup, you probably want users to experience
    relatively quick performance so that the database connect time is not affected. Users
    may begin to notice slow connect times if lookups takes more than one second.
    You can resolve performance problems changing the network topology or
    implementing replication.
    See Also: Directory server vendor documentation for details on
    resolving performance issues
    Thanks.
    Shannon

    Shannon,
    you can find some tuning advises in the following
    a) OiD Capacity Planning Considerations
    http://download-west.oracle.com/docs/cd/B10501_01/network.920/a96574/cap_plan.htm#1030019
    b) Tuning Considerations
    http://download-west.oracle.com/docs/cd/B10501_01/network.920/a96574/tuning.htm#999468
    c) oracle net services
    http://download-west.oracle.com/docs/cd/B10501_01/network.920/a96579/products.htm#1005697
    you should start with a) to get an overview what to be aware of
    --Olaf

  • Make Plug-in to Directory Server

    Hi,
    Iwas trying to get some API documentations and examples to create plug-ins to Directory Server in Java, however I was not able to download any useful.
    I have to integrate a special authentication method into Directory Server (that is part of a Portal Server). Can you please help to find the appropriate SDK/documents?

    Hi,
    The java program that you want to run when add/modify occurs can be kicked off in the class that implemented the Listner.
    Also, these programs will work on only those LDAP servers which support Persistent Search Control. Probably that was the reason why you didn't see anything happening when you started the listener and modified your LDAP database.
    The listener works fine in Netscape Direcory Service LDAP but doesn't work in OID(Oracle) or AD(Microsoft) directories.
    Hope this helps!
    -Rama

  • Directory Server Directions

    We are using Sun Directory Server 6.3.1 ,
    and are pleased with its performance and stability.
    We run entreprise critical systems on these servers.
    I have been tasked with researching the migration path
    fotr these systems . Can someone reply with urls
    for documentation on :
    - expected life of DS 6.3.1
    - current products in the DS 6.3.1 line
    - oracle expected migration path for identity management
    Thank You,
    JYard
    UCLA

    Hi,
    Please refer to http://www.oracle.com/us/support/library/lifetime-support-middleware-069163.pdf for product Lifetime Support, per Oracle policy.
    Since DS 6.3.1, 6.3.1.1, 7.0 and 11gR1 (Oracle rebranding of 7.0) have been released and are available for download. ODSEE 11gR1 is a rebranded release of Sun Directory Server Enterprise Edition 7.0
    To download Sun branded products, go to Oracle E-Delivry: http://edelivery.oracle.com/. When you have reached "Media Pack Search " page, please select "Sun Products" as Product Pack.
    You can get the 11gR1 from http://www.oracle.com/technetwork/middleware/downloads/oid-11g-161194.html
    Documentation for each release can be downloaded from http://www.oracle.com/technetwork/documentation/legacy-sun-identity-mgmt-193462.html
    For migration, you can start at http://download.oracle.com/docs/cd/E19656-01/821-1505/index.html
    Hope this helps
    -Sylvain

  • Synchronization between AD and Sun Java Directory Server

    I would like to build an environment as below, kindly let me know whether it is possible or not.
    My Enterprise Directory is Active Directory and i have Policy Server which directs the sso users to get authenticated with that server. I would like to synchronize the user data from Active Directory to Sun Java Directory Server (existing version is 5.2 Service Pack 4) including the passwords and i would like to know with which hashing algorithm these passwords are stored in the sun directory server. Because i want to synchronize the same attributes from sun java directory server to Oracle Internet Directory and is it possible to get my sso users to get authenticated at OID even?
    Kindly let me know whether this approach is feasible or not?
    Any suggestion to this approach is greatly appreciated...
    Thanks in advance...
    Regards,
    Kishore Repakula.

    i would like to know with which hashing algorithm these
    passwords are stored in the sun directory server.Like most other directory servers, SunDS offers a few choices here.
    The most secure is SSHA, which you'd probably want to use unless you have apps with dependencies on other hashes (e.g., CRYPT for backward compatibility with UNIX password field).
    I would like to synchronize the user data from Active Directory
    to Sun Java Directory Server (existing version is 5.2
    Service Pack 4) including the passwords...Sun has a "Identity Synchronization for Windows" product which might work for you.
    http://www.sun.com/software/products/directory_srvr_ee/identity_synch/
    Unfortunately, the big trick with AD passwords is that they are stored in a proprietary one-way hash, so you can't just sync them directly over to another directory. Likewise, you can't import password hashes from other sources into AD and expect them to work.

  • RSA Certificate Manager with Sun Java Directory Server

    Has anyone integrated Sun Java Directory Server with RSA Certificate Manager

    we have the Key Managment System in our DSEE 6.3 through a proxy. We had to enable some OIDs for it to work.

  • PasswordPolicyControl support in Directory Server 5.2

    Hi,
    Does the SunOne Directory Server 5.2 support Password Policy Control (OID 1.3.6.1.4.1.42.2.27.8.5.1)?
    Thanks,
    ~AA
    Message was edited by:
    ambhaikar123

    No, this control will be supported in Directory Server 6.0.
    Regards,
    Ludovic

Maybe you are looking for

  • What is the model number for an ipod classic 120gb

    I keep reading about the 6th Gen and 7th Gen ipod classics... Its my understanding that there is no real 7th Gen ipod classic just a new 120gb storage version... What is the correct model number for this version and does it vary with color or other o

  • Query Problem With Exception Aggregation

    Hello,          I have two I/O 0Customer and 0Cont_Acct and also I have a Infoset made out of both. Here is the problem i am trying to solve, I want to figure out the customers who has more than five contract accounts associated with each customer nu

  • VALUE BASED  PARTITIONING BETWEEN AN EXCEL AND DATABASE

    Can any1 help I have an EXCEL FILES and DATABASE. I want to make partitioning value-based between these sources. Thanks you in advances.

  • Oci_connect using easy connect naming method needs listener??

    Hi, I was thinking that using the easy connect naming method in oci_connect does not require a running local tnslsnr!? Am I wrong? I tried: $db = '(DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = my-ora-host.example.com)(PORT = 1521)) (CONNECT_DATA

  • How to properly bring in cs5 AVCHD (.mts) files

    My camera is SONY NX5. I shut a video in AVCHD Format. Who is the best way to bring this files in premiere cs5? I mean during the new sequence dailog box, who is the best available preset. What I have to select?