| Oracle® Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform 11g Release 1 (11.1.1) Part Number E10031-02 |
|
|
View PDF |
| Oracle® Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform 11g Release 1 (11.1.1) Part Number E10031-02 |
|
|
View PDF |
This chapter describes the tools that are used for administering Oracle Directory Integration Platform. It contains these topics:
Graphical Tools for Administering Oracle Directory Integration Platform
Command-Line Tools for Administering Oracle Directory Integration Platform
You can use the following graphical tools to administer Oracle Directory Integration Platform:
Note:
Prior to 11g Release 1 (11.1.1), the Oracle Directory Integration Platform was graphically administered by using the Oracle Directory Integration Server Administration tool. This tool is no longer available with the Oracle Directory Integration Platform. To graphically administer the Oracle Directory Integration Platform in 11g Release 1 (11.1.1) you must use Oracle Enterprise Manager Fusion Middleware Control.As of 11g Release 1 (11.1.1), you can graphically administer many Oracle Directory Integration Platform features from the Oracle Enterprise Manager Fusion Middleware Control. This console enables you to configure and manage all Oracle products from one user interface.
To use Oracle Enterprise Manager Fusion Middleware Control to administer Oracle Directory Integration Platform:
Connect to Oracle Enterprise Manager Fusion Middleware Control. The URL is of the form:
https://host:port/em
In the left panel topology tree, expand the farm, then Identity and Access. Alternatively, from the farm home page, expand Fusion Middleware, then Identity and Access. Oracle Directory Integration Platform components are listed in both places.
To distinguish one component from another, move the mouse over the component name and view the full name of the component in the tool tip.
Select the Oracle Directory Integration Platform component you want to manage.
Use the DIP Server menu to select tasks.
You can use the DIP Server menu to navigate to other Fusion Middleware Control pages for Oracle Directory Integration Platform.
The Home Page for Oracle Directory Integration Platform in Oracle Enterprise Manager Fusion Middleware Control provides statistics and information about the component, including:
The status of Oracle Directory Integration Platform components, such as the Quartz Scheduler and MBeans.
The amount of CPU and memory being utilized.
Information about existing Synchronization Profiles, including name, status, average execution time, and successful and failed propagation of changes.
Information about existing Provisioning Profiles, including name, status, average execution time, and successful and failed propagation of changes.
The Oracle Internet Directory Self-Service Console enables you to delegate administrative privileges to various administrators and to users. It is a ready-to-use standalone application created with Oracle Delegated Administration Services that provides a single graphical interface for delegated administrators and users to manage data in the directory. The Oracle Internet Directory Self-Service Console enables both administrators and users, depending on their privileges, to perform various directory operations. In an integrated deployment, the Oracle Internet Directory Self-Service Console is primarily used for customizing realm parameters.
Note:
Oracle Directory Integration Platform 11g Release 1 (11.1.1) interoperates with and supports Oracle Delegated Administration Services release 10.1.4.3.0.See Also:
Oracle Fusion Middleware Guide to Delegated Administration for Oracle Identity ManagementThe Oracle Internet Directory Provisioning Console provides a single graphical interface for administrators to provision users in Oracle Internet Directory. The Provisioning Console was created with Oracle Delegated Administration Services, and works alongside the Oracle Internet Directory Self-Service Console.
Note:
Oracle Directory Integration Platform 11g Release 1 (11.1.1) interoperates with and supports Oracle Delegated Administration Services release 10.1.4.3.0 and higher.See Also:
Oracle Fusion Middleware Guide to Delegated Administration for Oracle Identity ManagementThe following command-line tools, located in the ORACLE_HOME/bin directory, are available for administering Oracle Directory Integration Platform:
Notes:
Best security practice is to provide a password only in response to a prompt from the command.
You must set the WLS_HOME and ORACLE_HOME environment variables before executing any of the Oracle Directory Integration Platform commands
Refer to the command-specific sections throughout this document and the Oracle Identity Management User Reference for additional information on each of the tools described in the following list.
dipStatus: Allows you to check the status of Oracle Directory Integration Platform and whether or not it is registered. Refer to "Viewing the Status of Oracle Directory Integration Platform Using the dipStatus Utility" for more information.
manageDIPServerConfig: Manages Oracle Directory Integration Platform configuration settings including refresh interval, Oracle Internet Directory port number, keystore location and password, and the number of scheduler threads. Refer to "Managing Oracle Directory Integration Platform Using manageDIPServerConfig" for more information.
manageSyncProfiles: Manages Oracle Directory Integration Platform synchronization profiles. Refer to "Managing Synchronization Profiles Using manageSyncProfiles" for more information.
syncProfileBootstrap: Performs the initial migration of data between a connected target directory and Oracle Internet Directory based on a synchronization profile or LDIF file. Refer to "Directory Bootstrapping Using syncProfileBootstrap" for more information.
expressSyncSetup: Creates profiles for standard LDAP directories using prepackaged templates based on the directory type. Refer to "Creating Import and Export Synchronization Profiles Using expressSyncSetup" for more information.
provProfileBulkProv: Performs initial migration of data from an LDIF file to Oracle Internet Directory for a provisioning profile. Refer to "Bulk Provisioning Using the provProfileBulkProv Tool" for more information.
oidprovtool: Administers provisioning profile entries in the directory by enabling you to perform tasks such as:
Create new provisioning profiles
Enable or disable existing provisioning profiles
Modify existing provisioning profiles
Delete existing provisioning profiles
Get the current status of a provisioning profile
Clear all errors in an existing provisioning profile
Refer to "Managing Provisioning Profiles Using oidprovtool" for more information.
schemasync: Directory Integration Platform does not support the synchronization of schema and ACLs. You can use the schemasync tool to identify differences in schema, specifically attributes and object classes, between Oracle Internet Directory and connected directories. After identifying the differences, you can make the appropriate changes to the LDIF file containing the schema and then use the ldapadd and ldapmodify tools to upload the schema differences. schemasync is located in the ORACLE_HOME/bin directory.
See:
Oracle Fusion Middleware User Reference for Oracle Identity Management for more information.Oracle Directory Integration Platform supports the standard LDAP command-line utilities, including those listed in Table 3-1.
For security reasons, avoid supplying a password on the command-line whenever possible. A password typed on the command line is visible on your screen and might appear in log files or in the output from the ps command. When you supply a password at a prompt, it is not visible on the screen, in ps output, or in log files. Use the -q and -Q options, respectively, instead of the -P password and -w password options.
The LDAP tools have been modified to disable the options -w password and -P password when the environment variable LDAP_PASSWORD_PROMPTONLY is set to TRUE or 1. Use this feature whenever possible.
See Also:
"Using Passwords with Command-Line Tools" in Oracle Fusion Middleware User Reference for Oracle Identity Management.Table 3-1 Entry and Attribute Management Command-Line Tools
| Tool | Description |
|---|---|
|
|
Indexes attributes |
|
|
Adds entries and their object classes, attributes, and values to the directory |
|
|
Supports multiple threads for concurrently adding entries and their object classes, attributes, and values to the directory |
|
|
Determines whether you can authenticate a client to a server |
|
|
Matches specified attribute values with an entry's attribute values |
|
|
Removes entries from the directory |
|
|
Modifies an entry's DN or RDN |
|
|
Modifies an entry's attributes |
|
|
Supports multiple threads to modify entries concurrently |
|
|
Searches for entries in the directory |
See Also:
Oracle Identity Management User Reference for the required syntax for each of the tools listed in Table 3-1.
|
 Copyright © 1999, 2009, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
