Skip to main content

Oracle Virtual Directory (OVD) : LDAP Adapters

With Oracle Virtual Directory a LDAP adapter can be created which is mapped to either user container ("cn=users,dc=example,dc=com") or root value in LDAP server. It can also be mapped to the tree of the server (dc=example,dc=com). If two different LDAP adapters are created within OVD a user can be searched from both the directories or from a single directory based on the Mapped name space in the OVD.
Below is the use case scenarios depicting the same:
Create an Adapter with OID/OUD using remote base as “” and mapped name space to “dc=eus,dc=oracle,dc=com”. It can also be mapped to either tree (dc=oracle,dc=com) or user container (cn=Users,dc=oracle,dc=com).If we have to search the root values also from OID/OUD then map it to "".



 Now from the adapter browser even cn=”changelog” can be seen which doesn’t come under “dc=us,dc=oracle,dc=com” tree in OUD.


Create another adapter for Active directory mapping it to remote base as “dc=dev,dc=oracle,dc=com”.



Now mapping is as below:
OUD/OID:
Remote base: “”
Mapped Name Space: dc=eus,dc=oracle,dc=com
AD:
Remote Base: “dc=dev,dc=oracle,dc=com”
Mapped Name Space: dc=eus1,dc=oracle,dc=com
Now below use cases can be completed using ldapsearch through OVD.

Usecase:1 à Searching a user in both the directories.
If Ldapsearch is run against “dc=oracle,dc=com” then OVD will search the user in both the directories.
Searching an OUD user:

Now searching the above user “uid=user.0” through OVD.


Searching an AD user:


Searching the above user “cn=oam” using ldapserach.


Usecase:2 Searching a user in OUD.
A user can be searched in only OUD using mapped name space “dc=eus,dc=oracle,dc=com” while searching through OVD.


Usecase:3 Searching a user in AD.
A user can be searched in AD using the name space “dc=eus1,dc=oracle,dc=com” while searching through OVD.









Labels:

Comments

Post a Comment

Popular posts from this blog

Developing Prepopulate Adapter with OIM 11g R2

1.      Prepopulate Adapter in OIM uses the plugin point oracle.iam.request.plugins.PrePopulationAdapte r. 2.      Write the Java code which returns the value which has to be populated on the form. 3.      This code will implement the plugin point oracle.iam.request.plugins.PrePopulationAdapte r. Code Snippet: - package com.oracle.oim.utility.eventhandler; import java.io.Serializable; import java.util.Iterator; import java.util.List; import java.util.logging.Logger; import oracle.iam.identity.exception.NoSuchUserException; import oracle.iam.identity.exception.UserLookupException; import oracle.iam.identity.usermgmt.api.UserManager; import oracle.iam.identity.usermgmt.vo.User; import oracle.iam.platform.Platform; import oracle.iam.platform.authz.exception.AccessDeniedException; import oracle.iam.request.exception.RequestServiceException; import oracle.iam.request.vo.Beneficiary; import oracle.iam.request.vo.RequestData; public c
5 comments
Read more

OIM Tuning

Application Module tuning is a critical setting which will affect the UI performance. Following are the recommended application module settings for OIM and these are already set out-of-box (OOB) in later releases of OIM 11g R2. Ensure that these settings are implemented as recommended in your environment. -Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1 -Djbo.ampool.maxavailablesize=120 -Djbo.recyclethreshold=60 - Djbo.ampool.timetolive=-1 -Djbo.load.components.lazily=true - Djbo.doconnectionpooling=true -Djbo.txn.disconnect_level=1 - Djbo.connectfailover=false -Djbo.max.cursors=5 - Doracle.jdbc.implicitStatementCacheSize=5 - Doracle.jdbc.maxCachedBufferSize=19 open DOMAIN_HOME/bin/setDomainEnv.sh file for the WebLogic Server instance.find these lines: JAVA_OPTIONS="${JAVA_OPTIONS}" export JAVA_OPTIONS and change it to: JAVA_OPTIONS="-Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1 -Djbo.ampool.maxavailablesize=120 -D
Post a Comment
Read more

Creating Role through OIM API - 11gR2

package com.oim.utilities; import java.util.HashMap; import oracle.iam.identity.rolemgmt.api.RoleManager; import oracle.iam.identity.rolemgmt.api.RoleManagerConstants; import oracle.iam.identity.rolemgmt.vo.Role; import oracle.iam.platform.OIMClient; public class RoleManagement  { static RoleManager roleManager=null; static OIMClient client=null; @SuppressWarnings("null") public static void createRole(String roleName){ System.out.println("RoleManagement :: createRole :: role name is "+roleName); try  { if (roleName!=null) { HashMap<String, Object> mapAttrs = new HashMap<String, Object>();; mapAttrs.put(RoleManagerConstants.ROLE_NAME, roleName); mapAttrs.put(RoleManagerConstants.ROLE_DISPLAY_NAME,roleName); mapAttrs.put(RoleManagerConstants.ROLE_DESCRIPTION, roleName); Role role = new Role(mapAttrs); // Initialising the OIM Connection client=ClientOIM.initialise(); System.out.println("RoleManagemen
1 comment
Read more