Oracle® Identity Management Integration Guide
10g Release 2 (10.1.2) B14085-02 |
|
Previous |
Next |
The Oracle Directory Integration and Provisioning Server Administration tool is a Java-based utility for graphically administering the Oracle directory integration and provisioning server. This section describes some of its basic features. More specific instructions are found in sections throughout this book that explain how to perform various tasks.
This section contains these topics:
Starting the Oracle Directory Integration and Provisioning Server Administration Tool
Navigating the Oracle Directory Integration and Provisioning Server Administration Tool
Before you can launch the Oracle Directory Integration and Provisioning Server Administration tool, you must have a directory server instance running.
See Also: Chapter 7, "Administration of Directory Synchronization" for information on the Oracle Directory Integration and Provisioning Server Administration tool |
To start the Oracle Directory Integration and Provisioning Server Administration tool, follow the instructions for your operating system as described in Table 3-1:
Table 3-1 Operating System-Specific Instructions for Starting Oracle Directory Integration and Provisioning Server Administration tool
The first time you start the Oracle Directory Integration and Provisioning Server Administration tool, an alert tells you that you must connect to a server. Choose OK. The Directory Server Connection dialog box appears.
Note: To use this tool, you must be a member of the following group: cn=dipadmingrp,cn=odi,cn=oracle internet directory . If you do not have the correct privileges, then access to the tool is denied.
|
To connect to a directory server:
In the Directory Server Connection dialog box, type the name and port number of an available server.
The default port is 389. You can change the port if you wish. However, if you have an Oracle directory server running on a port that is not the default, then be sure that any clients that use that server are informed of the correct port.
Choose OK. The Oracle Directory Integration and Provisioning Server Administration Connect dialog box appears.
If the directory server to which you want to connect does not appear in the initial login window—that is, it is not the default directory server—then you can select another directory server by clicking the button to the right of the Server field.
This dialog box then displays a list of all directory servers to which you have connected at any time in the past. You can select a directory server from the list, either to connect to it, delete it, edit it, or to use it as a template for another management connection.
To connect to a server from the list, select it and choose Select at the bottom of the dialog box. The server and port appear in the Oracle Internet Directory Connect dialog box, from which you can connect.
To delete an existing defined connection, select the server, then choose Delete. The server entry is removed from your list of defined management connections.
To define a new management connection:
To add a new management connection, choose Add. This displays the Directory Server Connection dialog box. After you enter a server name and port in this dialog box and choose OK, the new management connection appears in the list in the Select Directory Server dialog box. From here you can select it to appear in the Oracle Internet Directory Connect dialog box, and thus connect.
To use an existing management connection as the template for a new connection, select the server you want to use as a template, then click Add Like. The Directory Server Connection dialog box appears, with the template server information filled in. You must edit these entries to create a new management connection. After you enter a server name and port in this dialog box and click OK, the new management connection appears in the list in the Select Directory Server dialog box. From here you can select it to appear in the Oracle Internet Directory Connect dialog box, and thus connect.
To edit an existing connection, select it, then click Edit. The Directory Server Connection dialog box appears, with the server and port information filled in. Edit the entries and save any changes. After you enter a server name and port in this dialog box and click OK, the new management connection appears in the list in the Select Directory Server dialog box. From here you can select it to appear in the Oracle Internet Directory Connect dialog box, and thus connect.
In each field of the Credentials tab page, type the information specific to this server instance.
The fields in the Credentials tab page are described in Table A-1.
See Also:
|
If you selected the SSL Enabled check box on the Credentials tab page, then select the SSL tab.
In the SSL tab page, enter the requested data in the fields.
The fields in the SSL tab page are described in Table A-2
Choose Login. The Oracle Directory Integration and Provisioning Server Administration tool appears.
This section provides an overview of Oracle Directory Integration and Provisioning Server Administration, and explains the items in the menu bar and the buttons on the toolbar.
Like the directory itself, the navigator pane (left side of the double window interface) has a tree-like structure. When the tool first opens, the navigator pane shows only one tree item. By clicking the plus sign(+) next to the tree item, subcomponents of that tree item appear.
In the right pane, some windows contain buttons labeled Apply and OK. If you choose Apply, then your changes are committed, and the window remains available for more changes. If you choose OK, then your changes are committed, and the window closes.
Similarly, some windows have buttons that are labeled Revert and Cancel. If you press Revert, then your changes in that window do not take effect, the original values reappear in the fields, and the window stays open for further work. If you press Cancel, then your changes in that window do not take effect, and the window closes.
Table 3-2 lists and describes the menus you can access by using the menu bar. Menu items become enabled or disabled depending on the pane or tab page you are displaying.
Table 3-2 Oracle Directory Integration and Provisioning Server Administration Menu Bar
To disconnect from a directory server by using the Oracle Directory Integration and Provisioning Server Administration tool, from the File menu choose Disconnect. Also, when you exit the Oracle Directory Integration and Provisioning Server Administration tool, connections between all directory servers and the directory are automatically disconnected.
All connection information is stored in the user's home directory in the file osdadmin.ini
.
When you restart the Oracle Directory Integration and Provisioning Server Administration tool, all previously connected server connections appear in the Directory Server Login dialog box.
You can specify the maximum number of entries to be displayed in the Oracle Directory Integration and Provisioning Server Administration tool as the result of searches and the duration of searches. You can make these configurations in either this tool or the directory server or both.
If you make the configuration in both this tool and the directory server, and the two configurations do not match, then Oracle Internet Directory resolves the conflict as follows:
If the value you set in this tool is greater than that in the directory server, then the configuration of the server prevails. For example, if you set this tool to search for 2 minutes, and the directory server for 3 minutes, then the actual search duration will be 3 minutes.
If the value you set in this tool is less than that in the directory server, then the configuration of this tool prevails. For example, if you set this tool to search for 2 minutes, and the server for 3 minutes, then the actual search duration is 2 minutes.
To configure the display and duration of searches in the Oracle Directory Integration and Provisioning Server Administration tool:
In the navigator pane, select the server you want to configure.
From the toolbar, select User Preferences. The User Preferences dialog box appears.
In the Configure Entry Management tab page, in the field labeled Maximum number of one-level subtree entries, enter the maximum number of entries to be returned by a search. The default is 200.
In the Search Time Limit field, enter the maximum number of seconds for a search to be completed. The default is 25.
Choose OK.
The Oracle Directory Integration and Provisioning Server Administration tool enables you to determine whether the navigator pane displays all ACPs automatically or only as the result of a search. If you have a large number of ACPs, then you may want to display them only as the result of a search.
To configure the display of ACPs:
In the navigator pane, select the server you want to configure.
On the toolbar, choose User Preferences. The User Preferences dialog box appears.
Select the Configure Access Control Policy Management tab page.
Select either:
Always display all ACPs
Only display ACPs based on search request
Choose OK.
To effect your changes, restart the Oracle Directory Integration and Provisioning Server Administration tool.