1.What is Oracle Internet Directory(OID)?
An online directory is a specialized database that stores and retrieves collections of information about objects. The information can represent any resources that require management, for example:
Employee names, titles, and security credentials
Information about partners
Information about shared resources such as conference rooms and printers.
The information in the directory is available to different clients, such as single sign-on solutions, email clients, and database applications. Oracle Internet Directory is an LDAP directory that uses an Oracle Database for storage. Clients communicate with a directory server by means of the Lightweight Directory Access Protocol (LDAP).
2.Need an Oracle Internet Directory ?
Use of Oracle Internet Directory (Oracle’s LDAP) is much bigger and can’t be explained in this post but here is few bits which you is enough for time being (to get you started on OID).
OID is repository for enterprise users, groups data.
Information about various applications (Portal, BI, E-Business Suite, Collaboration Suite) registered to OID (You can register E-Business Suite or Database in OID).
Password policy for Single Sign-On Partner Applications.
3.How to start & stop OID?
To start OID:
4.What can I do if my application doesn’t speak to LDAP ?
Gateway that translates one directory access protocol into another.
5.How can I join information contained in different directories ?
Distributed, multi-vendor directories glued together by referrals and references.
Related Courses: Oracle Identity Analytics >> Oracle WebLogic
Related Courses: Fusion Middleware and OBIEE
6.What are different Daemon/Server in OID?
There are three servers/daemon in OID
OIDLDAPD – This is the main server/daemon waiting for ldap request (ldapsearch, ldapadd, ldapmodify, ldapdelete..). When any application want to do any ldap operation(add, modify, delete, search..) on OID object (user, group, application..), that request is fulfilled by this server/daemon.
ODISRV – It is also called as Oracle Directory Integration Server, this is used for integration of Various Application (Portal, BI, E-Business Suite/Apps) with OID for user/group data. If any user/group is added/deleted in Portal/BI synchronization of that user to OID is done by this Daemon (Vice Versa). If you have Integrated Apps(11i/R12) with OID/SSO then users is provisioned/de-provisioned using this daemon of OID.
OIDREPLD – Also called as OID Replication Daemon is used if you have replicated OID. By default this daemon is disabled.
7.Are there Graphical editors for LDAP?
Yes, Following are some GUI based tools for LDAP
Java LDAP Browser/Editor
Softerra LDAP Browser
8.How to lookup OID entities?
ldapsearch -h my-host-name -p 389 -D “cn=orcladmin” -w mypassword -b “cn=TESTENTRY,cn=OracleContext,dc=mycompany,dc=com” -s base “objectclass=*” orcl docstring
9.How to modify OID entities?
$ ldapmodify -h my-host-name -p 389 -D cn=orcladmin -w mypassword -c -v -f <filename>.ldif
10.How to Start/Stop OID ?
OID Data including status of OID Servers (OIDLDAPD, ODISRV OIDREPLD) is stored in Oracle Database so in order to start OID first start Database and Database Listener. Then,
To Start OID – opmnctl startproc ias-component=OID
To Stop OID – opmnctl stopproc ias-component=OID
OPMNCTL will first start OIDMON (OID Monitoring Process) and then instruct OIDCTL (OID Control) to start OIDLDAPD and ODISRV daemons.
11.What is LDAP ?
LDAP stands for Lightweight Directory Access Protocol. In plain and simple terms, it is a database whereby it has all the details of all organizations, individuals, and other resources such as files and devices in a network, whether on the Internet or on corporate intranet and whether or not you know the domain name, IP address, or geographic whereabouts. An LDAP directory can be distributed among many servers on a network, then replicated and synchronized regularly. An LDAP server is also known as a Directory System Agent (DSA). Itsa not a relational database. Outlook and other email programs use LDAP to search for a recipient in an organization.
Improve your skills with >> Oracle Enterprise Data Quality >> Oracle Data Integrator
12.How to delete OID ?
$ ldapdelete -h my-host-name -p 389 -D “cn=orcladmin” -w mypassword “cn=TESTENTRY,cn=OracleContext,dc=mycompany,dc=com”
13.Where to find log files related to OID?
Logs related to OIDMON, OIDCTL, OIDLDAPD should be in $ORACLE_HOME/ldap/log directory , ODISRV related logs should be in $ORACLE_HOME/ldap/ODI/log
14.What is the relationship between LDAP and JNDI?
JNDI has classes provided by SUN that will help urappln interact with an LDAP server. JNDI appln work similarly to JDBC applns once and be free to use ‘drivers’ from different vendors. SUN provides the “driver” that will help interact with the LDAP server. Sun also provides “drivers” for other naming services (like CORBA).
15.How to add OID entities?
$ ldapadd -h my-host-name -p 389 -D “cn=orcladmin” -w mypassword -f onames.ldif
16.Why is LDAP called light weight?
LDAP (Lightweight Directory Access Protocol) is a protocol for communications between LDAP servers and LDAP clients.
LDAP servers store “directories” which are accessed by LDAP clients.
LDAP is called lightweight because it is a smaller and easier protocol which was derived from the X.500 DAP
(Directory Access Protocol) defined in the OSI network protocol stack.
17.What is SLAPD?
SLAPD stands for Stand-Alone LDAP.Clients connect to the server over the LDAP protocol, usually using a network-based connection (though SLAPD provides a UNIX socket listener).
18.How to create the first Internet Directory?
Creating the First Oracle Internet Directory Instance
When you install Oracle Internet Directory on a host computer, Oracle Identity Management 11g Installer creates an Oracle Fusion Middleware system component of Type=OID in a new or existing Oracle instance (ASINST). The Oracle Internet Directory component contains an OIDMON process and an Oracle Internet Directory instance (inst=1). The Oracle Internet Directory instance consists of a dispatcher process and one or more OIDLDAPD processes. The component name for the first Oracle Internet Directory component is usually oid1 and the Oracle instance name is chosen during the installation, usually asinst_1.
Oracle Identity Management 11g Installer creates the following instance-specific configuration entry for this component during installation:
In addition, the Oracle Identity Management 11g Installer creates some file system directories under the Oracle instance directory. Some of the pathnames it creates are specific to the component name. For example, the pathnames under your Oracle instance on UNIX or Linux include:
If you selected Create New Domain or Extend Existing Domain during installation, the Oracle Internet Directory component is registered with a WebLogic domain. If you selected Configure Without a Domain during installation, the Oracle Internet Directory component is not registered with a domain. You can register it later from the command line. Registering with a domain in this case is optional.
19.How to Register an Oracle Instance or Component with the WebLogic Server?
If you want to manage an Oracle Internet Directory component with Oracle Enterprise Manager Fusion Middleware Control, you must register the component and the Oracle instance that contains it with a WebLogic domain. You can register an Oracle instance with a WebLogic domain during installation or Oracle instance creation, but you are not required to do so. If an Oracle instance was not previously registered with a WebLogic domain, you can register it by using opmnctl registerinstance.
20.How to Create an Oracle Internet Directory Component by Usingopmnctl?
WE create an Oracle Internet Directory system component in an Oracle instance by using opmnctl createcomponent. This command automatically registers the component with a WebLogic domain at the time you create the component, as long as the instance is in a registered state.