|
Oracle® Identity Management Integration Guide
10g Release 2 (10.1.2) Part No. B14085-01 |
|
 Previous |
 Next |
|
Oracle® Identity Management Integration Guide
10g Release 2 (10.1.2) Part No. B14085-01 |
|
|
Previous |
Next |
Oracle Identity Management Integration Guide describes the features, architecture, and administration of Oracle Internet Directory. For information about installation, see the installation documentation for your operating system.
This preface contains these topics:
Oracle Identity Management Integration Guide is intended for anyone who performs administration tasks for the Oracle Internet Directory. You should be familiar with either the UNIX operating system or the Microsoft Windows NT operating system in order to understand the line-mode commands and examples. You can perform all of the tasks through the line-mode commands, and you can perform most of the tasks through Oracle Directory Manager, which is operating system-independent.
To use this document, you need some familiarity with the Lightweight Directory Access Protocol (LDAP).
Our goal is to make Oracle products, services, and supporting documentation accessible, with good usability, to the disabled community. To that end, our documentation includes features that make information available to users of assistive technology. This documentation is available in HTML format, and contains markup to facilitate access by the disabled community. Standards will continue to evolve over time, and Oracle is actively engaged with other market-leading technology vendors to address technical obstacles so that our documentation can be accessible to all of our customers. For additional information, visit the Oracle Accessibility Program Web site at
http://www.oracle.com/accessibility/
Accessibility of Code Examples in Documentation
JAWS, a Windows screen reader, may not always correctly read the code examples in this document. The conventions for writing code require that closing braces should appear on an otherwise empty line; however, JAWS may not always read a line of text that consists solely of a bracket or brace.
Accessibility of Links to External Web Sites in Documentation
This documentation may contain links to Web sites of other companies or organizations that Oracle does not own or control. Oracle neither evaluates nor makes any representations regarding the accessibility of these Web sites.
This document contains information about integration between Oracle Internet Directory and other directories.
Chapter 1, "Introduction to Oracle Identity Management Integration"
This chapter introduces Oracle Directory Integration and Provisioning, its components, architecture, and administration tools.
Chapter 2, "Security Features in Oracle Directory Integration and Provisioning"
This chapter discusses the most important aspects of security in Oracle Directory Integration and Provisioning.
Chapter 3, "Oracle Directory Integration and Provisioning Administration Tools"
This chapter describes the various tools used in Oracle Directory Integration and Provisioning. It gives an overview of all of the tools, and a more in-depth look at one of them, the Oracle Directory Integration and Provisioning Server Administration tool.
Chapter 4, "Managing the Oracle Directory Integration and Provisioning Server"
This chapter discusses Oracle directory integration and provisioning server and tells you how to configure and manage it.
Chapter 5, "Oracle Directory Synchronization Service"
This chapter discusses the synchronization profiles and connectors that link Oracle Internet Directory and connected directories.
Chapter 6, "Configuration of Directory Synchronization Profiles"
This chapter explains how to register connectors with Oracle Directory Integration and Provisioning and how to format the mapping rule attribute.
Chapter 7, "Administration of Directory Synchronization"
This chapter explains how to manage synchronization profiles.
Chapter 8, " Bootstrapping of a Directory in Oracle Directory Integration and Provisioning"
This chapter explains some of the initial setup tasks you may need to perform as you begin using Oracle Directory Integration and Provisioning.
Chapter 9, "Synchronization with Relational Database Tables"
This chapter explains how to synchronize data to Oracle Internet Directory from tables in a relational database. The synchronization can be either incremental—for example, one database table row at a time—or all the database tables at once.
Chapter 10, "Synchronization with Oracle Human Resources"
If you store employee data in Oracle Internet Directory, and if you use Oracle Human Resources to create, modify, and delete that data, then you must ensure that the data is synchronized between the two. This chapter explains the Oracle Human Resources agent, which enables you to do this.
Chapter 11, "Synchronization with Third-Party Metadirectory Solutions"
Oracle Internet Directory uses change logs to enable synchronization with supported third party metadirectory solutions. This chapter describes how change log information is generated and how supporting solutions use that information. It tells you how to enable the directory integration agents of third-party metadirectory solutions so that they can synchronize with Oracle Internet Directory.
Chapter 12, "The Oracle Provisioning Service"
This chapter describes the Oracle Provisioning Service, which enables your applications to receive provisioning information from Oracle Internet Directory.
Chapter 13, "Administration of Oracle Provisioning Service"
This chapter explains how to administer the Oracle Provisioning Service.
Chapter 14, "Integration of Provisioning Data with the Oracle E-Business Suite"
In Oracle Internet Directory 10g Release 2 (10.1.2), you can use the Oracle Provisioning Service to synchronize user accounts and other user information from the Oracle E-Business Suite.
Chapter 15, "Considerations for Integrating with Third-Party Directories"
Before you begin integrating any third-party directory with Oracle Internet Directory, you need to decide how you want to configure the integrated environment. This chapter discusses the basic decisions you need to make. Once you have made them, you can follow the steps for setting up successive bootstrapping and synchronization of data between the directories.
Chapter 16, "Integration with the Microsoft Active Directory Environment"
This chapter explains how to integrate the Oracle Application Server infrastructure with the Microsoft Windows Operating System. This integration is achieved by using the Active Directory Connector in Oracle Directory Integration and Provisioning.
Chapter 17, "Integration with the Microsoft Windows NT 4.0 Environment"
This chapter explains how to integrate Oracle Identity Management with Microsoft Windows NT 4.0.
Chapter 18, "Integration withSunONE (iPlanet) Directory Server"
This chapter explains how you can synchronize between Oracle Internet Directory and an SunONE Directory Server by using the SunONE connector.
Part IX: Appendixes
Appendix A, "Syntax for LDIF and Command-Line Tools"
This appendix provides syntax, usage notes, and examples for LDAP Data Interchange Format and LDAP command-line tools.
Appendix B, "LDAP Schema Elements for Oracle Directory Integration and Provisioning"
This appendix lists schema elements supported in Oracle Internet Directory.
This appendix describes the tab pages and corresponding fields in the Oracle Directory Integration and Provisioning Server Administration tool.
Appendix D, "Case Study: A Deployment of Oracle Directory Integration and Provisioning"
This appendix presents a hypothetical case study in which Directory Integration and Provisioning integrates various applications in an enterprise deployment.
Appendix E, "Troubleshooting Oracle Directory Integration and Provisioning"
This appendix describes how to troubleshoot Oracle Identity Management.
For more information, see:
Online help available through Oracle Directory Manager, the Oracle Delegated Administration Services and Oracle Enterprise Manager 10g
The Oracle Application Server and Oracle Database documentation sets, especially:
Oracle Identity Management Concepts and Deployment Planning Guide
Oracle9i Database Administrator's Guide
Oracle9i Application Developer's Guide - Fundamentals
Oracle Identity Management Guide to Delegated Administration
Oracle9i Net Services Administrator's Guide
Oracle9i Real Application Clusters Administration
Oracle9i Advanced Replication
Oracle Advanced Security Administrator's Guide
Oracle Application Server Single Sign-On Administrator's Guide
Oracle Application Server Certificate Authority Administrator's Guide
Printed documentation is available for sale in the Oracle Store at
http://oraclestore.oracle.com/
To download free release notes, installation documentation, white papers, or other collateral, please visit the Oracle Technology Network (OTN). You must register online before using OTN; registration is free and can be done at
http://WWW.oracle.com/technology/membership/
If you already have a username and password for OTN, then you can go directly to the documentation section of the OTN Web site at
http://www.oracle.com/technology/documentation/
For additional information, see:
Chadwick, David. Understanding X.500—The Directory. Thomson Computer Press, 1996.
Howes, Tim and Mark Smith. LDAP: Programming Directory-enabled Applications with Lightweight Directory Access Protocol. Macmillan Technical Publishing, 1997.
Howes, Tim, Mark Smith and Gordon Good, Understanding and Deploying LDAP Directory Services. Macmillan Technical Publishing, 1999.
Internet Assigned Numbers Authority home page, http://www.iana.org for information about object identifiers
Internet Engineering Task Force (IETF) documentation available at: http://www.ietf.org, especially:
The LDAPEXT charter and LDAP drafts
The LDUP charter and drafts
RFC 2254, "The String Representation of LDAP Search Filters"
RFC 1823, "The LDAP Application Program Interface"
The OpenLDAP Community, http://www.openldap.org
This section describes the conventions used in the text and code examples of this documentation set. It describes:
Conventions in Text
We use various conventions in text to help you more quickly identify special terms. The following table describes those conventions and provides examples of their use.
| Convention | Meaning | Example |
|---|---|---|
| Bold | Bold typeface indicates terms that are defined in the text or terms that appear in a glossary, or both. | When you specify this clause, you create an index-organized table. |
| Italics | Italic typeface indicates book titles or emphasis. | Oracle10i Database Concepts
Ensure that the recovery catalog and target database do not reside on the same disk. |
UPPERCASE monospace (fixed-width) font
|
Uppercase monospace typeface indicates elements supplied by the system. Such elements include parameters, privileges, datatypes, RMAN keywords, SQL keywords, SQL*Plus or utility commands, packages and methods, as well as system-supplied column names, database objects and structures, usernames, and roles. | You can specify this clause only for a NUMBER column.
You can back up the database by using the Query the Use the |
lowercase monospace (fixed-width) font
|
Lowercase monospace typeface indicates executable programs, filenames, directory names, and sample user-supplied elements. Such elements include computer and database names, net service names and connect identifiers, user-supplied database objects and structures, column names, packages and classes, usernames and roles, program units, and parameter values.
Note: Some programmatic elements use a mixture of UPPERCASE and lowercase. Enter these elements as shown. |
Enter sqlplus to start SQL*Plus.
The password is specified in the Back up the datafiles and control files in the The Set the Connect as The |
lowercase italic monospace (fixed-width) font
|
Lowercase italic monospace font represents placeholders or variables. | You can specify the parallel_clause.
Run |
Conventions in Code Examples
Code examples illustrate SQL, PL/SQL, SQL*Plus, or other command-line statements. They are displayed in a monospace (fixed-width) font and separated from normal text as shown in this example:
SELECT username FROM dba_users WHERE username = 'MIGRATE';
The following table describes typographic conventions used in code examples and provides examples of their use.
| Convention | Meaning | Example |
|---|---|---|
[ ] |
Anything enclosed in brackets is optional. |
DECIMAL (digits [ , precision ]) |
{ }
|
Braces are used for grouping items. |
{ENABLE | DISABLE}
|
| |
A vertical bar represents a choice of two options. |
{ENABLE | DISABLE}
[COMPRESS | NOCOMPRESS]
|
... |
Ellipsis points mean repetition in syntax descriptions.
In addition, ellipsis points can mean an omission in code examples or text. |
CREATE TABLE ... AS subquery; SELECT col1, col2, ... , coln FROM employees; |
| Other symbols | You must use symbols other than brackets ([ ]), braces ({ }), vertical bars (|), and ellipsis points (...) exactly as shown. |
|
Italics
|
Italicized text indicates placeholders or variables for which you must supply particular values. |
CONNECT SYSTEM/system_password DB_NAME = database_name |
UPPERCASE |
Uppercase typeface indicates elements supplied by the system. We show these terms in uppercase in order to distinguish them from terms you define. Unless terms appear in brackets, enter them in the order and with the spelling shown. Because these terms are not case sensitive, you can use them in either UPPERCASE or lowercase. |
SELECT last_name, employee_id FROM employees; SELECT * FROM USER_TABLES; DROP TABLE hr.employees; |
lowercase |
Lowercase typeface indicates user-defined programmatic elements, such as names of tables, columns, or files.
Note: Some programmatic elements use a mixture of UPPERCASE and lowercase. Enter these elements as shown. |
SELECT last_name, employee_id FROM employees; sqlplus hr/hr CREATE USER mjones IDENTIFIED BY ty3MU9; |
