"The
true republic: men, their rights and nothing more: women,
their rights and nothing less."
-Susan
B. Anthony (1820-1906)
|
What you need to know about OID (PART ONE)
What is OID?
Oracle Internet Directory (OID) is an LDAP server. It will use an Oracle database to store data. LDAP (Lightweight Directory Access Protocol) is defined as a network protocol. It accesses information in a directory with search, add, delete, and modify commands. It provides features such as single sign-on for users, centralized password management, and automatic registration of Oracle services.
What Oracle products use OID?
1- Advanced Security,
2- Net8 Name Resolution,
3- Oracle Portal and SSO (Single Sign On),
4- Email Server,
5- Etc.
What is NET8 LDAP Directory naming?
It allows net service names to be stored in Oracle Internet Directory (OID) and can be retrieved to establish connection.
How was NET8 Directory structured?
It was structured by nodes. Each node is an entry in the NET8 Directory. Each entry is uniquely identified by a Distinguished Name (DN). This hierarchy of entries is called the Directory Information Tree (DIT). Each DN contains of a sequence of Relative Distinguished Names (RDNs). It is similar to a directory path that contains a sequence of directories. For example, we may have an entry for a service called "sales.uk.iselfschooling.com," which it's domain structure is dc=uk,dc=iselfschooling,dc=com; and it's RDN is cn=sales. For example, in cn=sales, cn is one of the entry's attributes. The attribute, along with its value, uniquely identifies the entry. The following are the common attributes:
Attribute |
Description |
commonName, cn |
Common name of an entry |
country, c |
Name of country |
domain component, dc |
Domain component |
organization, o |
Name of organization |
organizationalUnitName, ou |
Name of a unit within an organization |
How to manage OID?
To manage OID, we use the Oracle Internet Directory Management tool (oidadmin). We should start OID Server in order to use this tool. Then start the OID server.
# oidmon connect={connect string} start | stop
Example: # oidmon connect=mydatabase start
Then start OID server (LDAP server):
# oidctl connect=mydatabase server=OIDLDAPD instance=1 start
To check which port the OID or LDAP server is using:
# more $ORACLE_HOME/ldap/install/oidca.out
To bind to OID:
# ldapbind -p portnumber -h localhost -D "cn=orcladmin" -w welcome
To stop the OID monitor & server:
# oidctl connect=mydatabase server=OIDLDAPD instance=1 stop
What should you do, if you kill OID server process?
You should truncate the "ods_process" table. Connect to the database as the "ods" user and truncate the table.
How to rebuild the OID schema?
If you can no longer restart the OID Server processes, it is time you may want to rebuild the OID schema.
1- Shutdown all OID Server processes,
2- Connect to your database as "SYS" and execute $ORACLE_HOME/admin/newldap.sql,
3- Recreate an "Oracle Context," use "oidadmin" to create domain components (e.g., dc=uk,dc=iselfschooling,dc=com),
4- Use the netca tool to create a new Oracle Context.
How can you use Bulk-loader?
1- Shutdown the OID LDAP server,
2- Load the "LDIF data" file, # ./bulkload.sh -connect <connect string> -check <LDIF file>
Where are the log file locations?
Bulk Loader (bulkload.sh): $ORACLE_HOME/ldap/log/install.log
Catalog Mgt. Tool (catalog.sh): $ORACLE_HOME/ldap/log/catalog.log
Directory Integration Server (oidsrv): $ORACLE_HOME/ldap/log/odisrvXX.log
Directory Replication Server (oidrepld): $ORACLE_HOME/ldap/log/oidrepld00.log
Directory Server (oidldapd): $ORACLE_HOME/ldap/log/oidldapdXXspid.log
LDAP Dispatcher (oidldapd): $ORACLE_HOME/ldap/log/oidldapdXX.log
OID Monitor (oidmon): $ORACLE_HOME/ldap/log/oidmon.log
Replication Setup (ldaprepl.sh): $ORACLE_HOME/ldap/log/ldaprepl.log
What is the "super-user" account for OID?
The super user account for OID is the "orcladmin" entry.
How to add an individual TNS name to OID?
You can add an Individual TNS Names to OID using the Oracle Net Manager (netmgr). First, expand the "Directory" folder & then try to expand the "Service Naming" folder that appears below it -- you will be presented with a login dialog. Enter "cn=orcladmin" as the username & the password. Then click on the "+" sign on the toolbar (or click Edit->Create) and enter the information required to define a new service name alias.
|