Sun Directory Server and OID Synchronization

Similar Messages

• Sun Directory Serve and AIX

  I want to Integrate AIX an HPUX in an SUN Ldap Enviroment.
  I ve got a SUN LDAP Directory Server 5.2 P4 on Windows2003 Enterprise Server.
  My Question: How can I get the Schema LDIF files with the attributes an objektclasses in a LDIF Format to
  include it to my LDAP Server. So that i can Integrate Users an logon to my AIX with authenticating by the Sun LDAP Server.
  I need only the Schema files with Objectcalsses an Attributes!!!!!

  On your integration profile, did you set the debug level to 63? You should have a _____.aud and a _____.trc file in your $ORACLE_HOME/ldap/odi/log directory that will provide more info. Did you start your DIP server (odisrv) with the oidctl command?
  You might also look at downloading the "diptester" utility for troubleshooting OID synchronization issues.
  - Brian

• Sun java directory server and Active Directory

  We are using two different directory servers Sun java directory server and active directory.
  My question is how we can have password synchronization between these two directory servers.
  I have checked Sun Java[TM] System Identity Synchronization for Windows 1 2004Q3
  http://www.sun.com/download/products.xml?id=41537425
  It seems that it's supported platforms is only for solaris and windows , but I have installed my Sun java directory server on linux and obviously it doesn't work for me.
  I would be grateful if anyone can suggest a solution to work around this situation.
  I have checked identity manager , I would like to know that if I can do this using this product.
  http://www.sun.com/software/products/identity_mgr/specs.jsp
  --regards.
  Sara

  Yes RHEL 4 is a supported OS with DSEE 6.0.
  Identity Synchronization for Windows is a part of DSEE that allows synchronization of users, passwords and groups between Sun Directory Server and Active Directory bi-directionally without altering the users environments, ie it does not require that users change their current habits.
  Identity Manager is a complete identity management solution that is targetting enterprise work flow when it comes to user provisioning and de-provisioning, but also allows to build authentication and password change forms that will provision the passwords to many different systems including Sun Directory Server and Active Directory but also IBM mainframes, legacy applications, databases...
  If you are implementing a complete identity management solution, then go with Identity Manager. If you need a lightweight and fast solution for just synchronizing users and passwords between Sun DS and MS AD, Identity Synchronization for Windows should be your choice.
  Regards,
  Ludovic.

• Sun Directory Server Password Policy Problems

  Hi,
  I am using Sun Directory Server and Sun AM (2005Q1).
  We are using SUN DS to configure the password policy to expire user passwords after 30 days.
  Also, the warning has been set to "one day before expiry". However, when the warning IS displayed to the user and the user changes his/her password on display of the warning, even though the user's password expiration timestamp attribute contains a new timestamp (which is 30 days hence the date of change), on next login user is AGAIN thrown the warning that his/her password will expire in "HH hours: MM mins".
  I do not understand what needs to be done to fix this. Any help would be appreciated.

  How is the user authenticated ? Through Access Manager or directly to the Directory Server ?
  Access Manager can be configured to handle Password expiration, and so can Directory Server. I would advise you to check which system is actually throwing the warning.
  Regards,
  Ludovic

• Directory server and ldap TLS on windows platform

  Any body, tested "sun directory server" and "ldap tls" on windows platform"??? cause I tried it, and I cant established a secure connection. On other platform, and I speack about solaris 9, evry thing is ok. Some comments??

  It's a rather unusual way to use attribute subtypes. You may be able to do something with the mapping engine in DPS - I'll wait for Sylvain or someone else who knows DPS really well to answer that. But from the perspective of the information model, I have some doubts about this approach. For instance, what happens if you have multiple subtypes on a single-valued attribute?
  Usually, for example, if there is a "preferred" common name as opposed to some other common names, it would be modeled in an entirely different attribute type, such as "preferredName". The subtypes are almost exclusively used for language specification nowadays. That's another question - what happens if you ever need to store multiple languages in your Directory?
  Do you know of anyone else who is using this kind of information model in their Directory?

• Error while migrating to Sun Directory Server 6.0

  Hi All,
  I am trying to migrate the Sun One Directory Server 5.2 to Sun Directory Server 6.0. I am getting the following error
  bash-3.2# ./dsmig migrate-config /var/Sun/mps/slapd-circb2bld3/ /var/SunDirectoryServer6.0/dsInst/
  Launching Configuration Migration of server instance /var/Sun/mps/slapd-circb2bld3 .....
  Enter the certificate database password:
  Starting server instance /var/SunDirectoryServer6.0/dsInst ..... Instance /var/SunDirectoryServer6.0/dsInst is already running (ns-slapd pid is 3868)
  Enter "cn=Directory Manager" password:
  Connecting to server localhost:389 .....
  Could not bind securely on "localhost:389".
  Remote host closed connection during handshake
  Details: SSL peer shut down incorrectly
  Could not create context for configuration migration.
  Operation "migrate-config" failed.
  Please help me.

  Please stop
  The migration guide has step by step instructions, including command line examples, are you using that as your reference?
  Your upgrade should be to (at a minimum) DSEE 6.3.1.1.1. Upgrading to 6.0 is upgrading to a release level that has no patches or fixes to the product. There are significant fixes to the migration command line tools. There is a good chance you will run into issues.
  You should install and review migration to ODSEE 11.1.1.7.0 (which would effectively be the 7.2 release of the DS).
  There is a specific guide for migration and upgrade, which includes migration from DS 5.2 to 11.x
  The full documentation collection for 11.1.1.7.0 is here
  http://docs.oracle.com/cd/E29127_01/index.htm
  The specific migration guide is here
  http://docs.oracle.com/cd/E29127_01/doc.111170/e28971/toc.htm
  See: Part II Migrating from ODSEE 5.2 to ODSEE 11g Release 1 (11.1.1.7.0)
  ODSEE 11.1.1.7.0 can be downloaded from here.
  http://www.oracle.com/technetwork/middleware/downloads/oid-11g-161194.html

• Sun directory server 6.3.1 admin conlsole

  Hi
  In my sun directory server 6.3.1 admin conlsole and Applications view I have the following:
  Server Group
  Server Group (2)
  Administration Server
  Identity Synchronization
  If I click on the Directory Server I get the following error:
  This server component has not yet been downloaded, or it could not be activated. Press Download to retry.
  If I click on Download, I get : (Class loader error) Failed to install a local copy of ds523.jar or one of its supporting files: error result
  What can I do to fix it?
  Thanks!

  Hi
  In my sun directory server 6.3.1 admin conlsole and Applications view I have the following:
  Server Group
  Server Group (2)
  Administration Server
  Identity Synchronization
  If I click on the Directory Server I get the following error:
  This server component has not yet been downloaded, or it could not be activated. Press Download to retry.
  If I click on Download, I get : (Class loader error) Failed to install a local copy of ds523.jar or one of its supporting files: error result
  What can I do to fix it?
  Thanks!

• Provisioning Sun directory Server to a User in OIM

  I am learning a OIM tool since 2 months, I could not able to do provisioning sun directory server to a user in OIM, the error is I am not getting the value for Organization DN. I am using ODSEE 11.1.1.5.0 and OIM 11.1.1.5.0. I have followed below steps
  1. Copy Connector and External Code Files.
  2. Configure Oracle Identity Manager Server.
  3. Import an Oracle Identity Manager Connector.
  4. Define an IT Resource.
  5. Create a User.
  6. Assign the Connector to a User.
  Please anyone suggest me solution for this problem.

  Hi,
  You need to run organization lookup reconciliation first then select value in the process form.
  If you are getting particular error, paste error messages from console?
  Regards,
  Raghav.

• Installation/Config Problem with Sun Directory Server Control Center (6.0)

  Hi All,
  I have recently attempted an installation of Sun Directory Server EE 6.0 on a x86 Solaris 10 machine.
  I have selected to install Core Directory Server and Sun Directory Server Control Center with my installation.
  After installation, if I check the status of the SUNDSCC, I receive the following message:
  bash-3.00# ./dsccsetup status
  DSCC Application is not installed
  DSCC Agent is registered in Cacao
  DSCC Registry has been created
  Path of DSCC registry is /var/opt/SUNWdsee/dscc6/dcc/ads
  Port of DSCC registry is 3998
  I have also tried to re-start the Sun Java Web Console using the /usr/sbin/smcwebserver start command but that does not do anything.
  If i try to initialize the SUNDSCC usin the ./dsccsetup initialize command, the registry got created, but it still displays as "application not installed".
  I do not understand. I have already installed this application using the JES installer.
  please help!
  Regards,
  Saahil Goel

  I had a similar issue. Here is how I fixed it.
  Run dsccsetup status with the -v option. it will show you where it is trying to find the DSCC Application. Then do a find on your system to see where it is actually installed. Then simply copy it over to where dsccsetup is looking for it. Then do dsccsetup initialize. Below is what it looked like on my system when I did it:
  # ./dsccsetup status -v
  ## /usr/sbin/smreg is present
  ## /usr/sbin/smcwebserver is present
  ## /opt/server/sun/dscc6/dccapp is MISSING
  DSCC Application is not installed
  ## /opt/sun/cacao/bin/cacaoadm is present
  ## /opt/server/sun/dscc6/lib/jar/nquickmodule.jar is present
  ## Running /opt/sun/cacao/bin/cacaoadm list-modules -r
  DSCC Agent is registered in Cacao
  ## Running /opt/sun/cacao/bin/cacaoadm status
  ## Running /opt/sun/cacao/bin/cacaoadm list-modules
  ## Running /opt/sun/cacao/bin/cacaoadm get-param network-bind-address
  ## Running /opt/sun/cacao/bin/cacaoadm get-param jmxmp-connector-port
  ## /opt/server/sun/ds6/bin/dsadm is present
  DSCC Registry has been created
  Path of DSCC registry is /var/opt/sun/dscc6/dcc/ads
  Port of DSCC registry is 3998
  # find / -name dccapp
  /opt/server/dscc6/dccapp
  # cp -R /opt/server/dscc6 /opt/server/sun
  # ./dsccsetup dismantle
  DSCC Application is not registered in Sun Java(TM) Web Console
  Unregistering DSCC Agent from Cacao...
  Deleting DSCC Registry...
  All server registrations will be definitively erased.
  Existing server instances will not be modified.
  Do you really want to delete the DSCC Registry ? [y/n]y
  Server stopped
  DSCC Registry has been deleted successfully
  # ./dsccsetup initialize
  Registering DSCC Application in Sun Java(TM) Web Console
  This operation is going to stop Sun Java(TM) Web Console.
  Do you want to continue ? [y,n] y
  Stopping Sun Java(TM) Web Console...
  Registration is on-going. Please wait...
  DSCC is registered in Sun Java(TM) Web Console
  Restarting Sun Java(TM) Web Console
  Please wait : this may take several seconds...
  Sun Java(TM) Web Console restarted successfully
  Registering DSCC Agent in Cacao...
  Checking Cacao status...
  Deploying DSCC agent in Cacao...
  DSCC agent has been successfully registered in Cacao.
  Choose password for Directory Service Manager:
  Confirm password for Directory Service Manager:
  Creating DSCC registry...
  DSCC Registry has been created successfully
  Hope this helps.

• Log file size in Sun Directory Server

  Does anyone have an idea about the how the Sun Directory Server's log file size will increase in size with respective to the actions performed?
  Can someone give a data regarding this? If someone has a better scenario and the supportive data w.r.t log file size it will be helpful.
  Thanks,

  AFAIK No its based on time "At a certain time, or after a specified interval, the server rotates your access logs. "
  More info in Archiving Log Files in [http://docs.sun.com/app/docs/doc/820-7985/gczxv?l=en&a=vie]
  It should be easy to write such a script to be run as a daemon in logs directory. Here is the pseudo code :
  while [1]
  do
  get size of the access/error log file
  If size of file > max_size
  <ws-install-dir>/https-<instance>/bin/rotate
  sleep for sometime
  done

• Sun Directory Server crashed

  Hi ,
  i dont know where to post this question because i really dont understand myself the error
  i downloaded Sun Directory Server 5.2 and installed in both my Solaris
  one of them is Solaris 8 ( Production Server)
  the other one is Solaris 10 ( Another Prod Server )
  i did master-master ldap replication but it works okay for quite sometimes ( few days )
  only today i found today that one of the directory server is crashing and what i found in the log is
  Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfe000000       /usr/lib/libpthread.so.1
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfdfd0000       /usr/lib/libCrun.so.1
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfdfb0000       /usr/lib/libmp.so.2
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfdf90000       /usr/lib/libaio.so.1
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfdf40000       /usr/lib/libresolv.so.2
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfede0000       /usr/platform/SUNW,Sun-Fire-480R/lib/libc_psr.so.1
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfded0000       /usr/lib/nss_files.so.1
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfdea0000       /var/Sun/mps/bin/https/lib/libAdmservPlugin.so
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfde70000       /var/Sun/mps/lib/libadmsslutil52.so
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfde40000       /v[19/Dec/2006:17:17:10] config (10607): # An error report file has been saved as hs_err_pid10607.log.
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): # Please refer to the file for further information.
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): #
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:14] info (10610): Installing a new configuration
  [19/Dec/2006:17:17:14] info (10610): [LS ls1] http://ils1app3.tpcils.com, port 390 ready to accept requests
  [19/Dec/2006:17:17:14] info (10610): A new configuration was successfully installed
  [19/Dec/2006:17:17:14] info (10610): Using the Java HotSpot(TM) Server VM v1.4.1_01 from Sun Microsystems Inc.
  [19/Dec/2006:17:17:14] info (10610): Java VM classpath: /var/Sun/mps/bin/https/jar/NSServletLayer.jar:/var/Sun/mps/bin/https/jar/NSJavaUtil.jar:/var/Sun/mps/bin/https/jar/NSJavaMiscUtil.jar:/var/Sun/mps/bin/https/jar/servlet.jar:/var/Sun/mps/bin/https/jar/servlet-2.3-filters-api.jar:/var/Sun/mps/bin/https/jar/jspengine.jar:/var/Sun/mps/java/ldapjdk.jar:/var/Sun/mps/java/jss311.jar:
  [19/Dec/2006:17:17:14] info (10610): Loading IWSSessionManager by default.
  [19/Dec/2006:17:17:14] info (10610): IWSSessionManager: Maximum number of sessions is 1000
  [19/Dec/2006:17:17:14] catastrophe (10610): Server crash detected (signal SIGSEGV)
  [19/Dec/2006:17:17:14] info (10610): Crash occurred in function PR_Write from module /var/Sun/mps/lib/libnspr4.so
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610): An unexpected exception has been detected in native code outside the VM.
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610): Unexpected Signal : 11 occurred at PC=0xFEEBB384
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610): Function=
  [19/Dec/2006:17:17:14] config (10610): PR_Write+0x0
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610): Library=/var/Sun/mps/lib/libnspr4.so
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610): Cannot obtain thread information
  [19/Dec/2006:17:17:14] config (10610):This is happening is the Solaris 8
  while in the Solaris 10 ( new box ) i cant see there is an error being logged.
  Any help/idea would be highly appreciated.
  Thanks

  Could it be because of too many load calls to LDAP server?
  or different java version ??

• Sun Directory Server as Primary Domain Controller.

  Hello,
  I've recently installed Sun Directory Server, Access Manager, and DSEE Identity Manager, on CentOS 5.2, with success, but my question is:
  Can I use this directory as a primary domain controller for my network, I want to know if it is possible to integrate this directory in the same way that Active Directory works, I mean connecting Windows computers to the DC with some kind of connector (because windows won't connect to another directory than AD natively). I know that there are some MSGina replacements, like pgina, but I'm looking for some serious solution, especially for computers running Windows Vista.
  Thanks in advance.

  Hi,
  thanks for your answer, but.. there is a way to configure the DSEE to be like a native 2000/2003 Active Directory?, I mean, connecting directly to the DSEE without using Samba, I know that is possible to use that solution, but you lose some functionality.
  I've been trying to do some research about the topic, like modifying the bind DNS to act like a AD DNS, and it works at a certain grade, windows xp detects the SVR records but when it tries to connect to the directory it fails giving me an error telling that the DC isn't available. It will be great to make such environment, Windows XP / Vista connected to DSEE without third party software.
  Any comment would be greatly appreciated.
  Thanks.

• Sun Directory Server Windows Version

  Hi,
  I am in need of Sun Directory Server 5.2 ( Windows Version ), as I am planning for upgrade to 11g.
  Is there any way I can get it?
  Thanks. JPrince

  Thank You Marco for the response.
  Yes, I understand that it is not available, however i am expecting if someone has it on their workstation, and could send it via bigfiles etc. If I dont get any response, surely i will try to reach out to support team.
  JPrince.

• Error installing OAM against Sun Directory Server 6.3: No such object (32)

  Hi folks,
  I'm getting error installing OAM 10.1.4.3.0 (Linux, 64 bit) against Sun Directory Server 6.3. I've followed Oracle troubleshooting doc (http://download.oracle.com/docs/cd/E15217_01/doc.1014/e12493/trouble.htm#BABBAAFH), and replaced every occurrence of cn=userRoot with cn=my_company_name inside iPlanet5_oblix_index_add.ldif. I still get the same error "ldapmodify: No such object (32)" for every entry in the file. Has someone managed to get it to work?
  Thank you, Roman

  Hi folks,
  I got it to work, here're the steps:
  1. After loading the schema file, follow the article (http://download.oracle.com/docs/cd/E15217_01/doc.1014/e12493/trouble.htm#BABBAAFH, not the doc 552157.1 as it states incorrect info, sorry
  Notoriuos) to edit the index file (iPlanet5_oblix_index_add.ldif) and replace all occurrences of "userRoot" with "your_company_name" (which is your ldap suffix without the c=us part as in
  o=your_company_name, c=us) using vi command:
  :%s/userRoot/your_company_name/g
  2. run ldapadd (not ldapmodify! as all but the one last object listed on the dn: line might already exist under cn=config), here's example:
  $ ldapadd -x -h your_ldap_host -p your_port -c -f IdentityServer_install_dir/identity/oblix/data.ldap/common/iPlanet5_oblix_index_add.ldif -D "cn=directory manager" -w directory_manager_passwd
  3. If done right, you should see smth like this:
  adding new entry "cn=obactionname,............... per every entry in the index file
  HTH
  Roman

• Problem with Sun Directory Server 6.0 Console

  Hi,
  I posted same onto wrong forum earlier hope I am in correct place :).
  I have installed Sun Directory server on my Sparc box and now I am unable to start the management console. I followed some instruction on net and it say we have to refister the product using folowing command from dscc6/bin folder for installation
  System SnapShot_
  # ./dsccsetup initialize
  DSCC Application is already registered
  DSCC Agent is already registered
  Choose password for Directory Service Manager:
  Confirm password for Directory Service Manager:
  Creating DSCC registry...
  DSCC Registry has been created successfully
  *and it suppose to be started on https://Ip_address:6789 but its not. Can any one please tell me how to start the admn console to manage my directory server effectively.
  Note: I have already started the instance I have created during the installation using slapd-start script and its running successfully.
  Thanks,
  Sheeraz

  NOOOOO :( ..... Now i can see the login page.,.. Thanks mate.... Now when I am trying to log in using the UserName and Password I have supplied during the installation process (Sun Directory Server) it says Authentication failed.????
  This looks like a general webconsole... do I need to provide an specific URL for diretory server page ?????