Contents

Title and Copyright Information

Preface

• Audience
• Documentation Accessibility
• Related Documents
• Conventions

1 Overview

• Introduction
• Overview of Oracle's Directory Services
• Oracle Virtual Directory Features
• Why the Enterprise Directory Is Not Enough
  • Data Federation
  • Data Ownership
  • Multiple Data Adapters
  • Flexible Security Domains
  • Secure Data Publication
  • High Availability Support
  • Application to Directory Integration
  • Flexible Deployment
  • Custom Application Programming Interfaces
  • Low-Cost, High-Value Solutions
  • Key Business Features & Benefits

2 Planning the Virtual Directory

• Virtualizing Directory Information
  • Foundation for Trust
  • Mapping Source Directory Information To Application Requirements
  • The Directory Network Design
  • Setting Fault Tolerance and Load-Balancing
    • Fault Handling
  • Planning Namespace
  • Routing Configuration
• Application-Directory Integration
  • Revising the Application
  • Creating a Super Directory
  • Virtualizing Application Access with Oracle Virtual Directory
• Planning Fault-Tolerant Deployments
  • DNS and Network Fail Over
  • Oracle Virtual Directory Fail Over
    • Fail Over with the Local Store Adapter
  • Proxied Sources Fail Over
• Planning Namespaces
  • Adapter Namespace Design Examples
• Oracle Virtual Directory Routing
• Dynamic Join Engine and JoinViews
  • JoinView Configuration Items
  • JoinView Joiners
  • Custom Joiners

3 Directory Infrastructure Planning

• Introduction
• Clogged Replication
• Transaction Failover
• Connection Domination Syndrome
• Everybody's Talking At Once
• Too Much Data to Swallow
• Conclusion

4 Oracle Virtual Directory Manager

• Introduction
• Setting the Language for the Oracle Virtual Directory Manager
  • Setting the Language for the Oracle Virtual Directory Manager Using the Locale Setting
  • Setting the Language for the Oracle Virtual Directory Manager Using the config.ini File
    • Using the Oracle Virtual Directory Manager Interface to Write to the config.ini File
    • Using a Text Editor to Edit the config.ini File Directly
  • Setting the Language for the Oracle Virtual Directory Manager by Passing Command Line Options to the OViDmanager Executable
• Understanding the Oracle Virtual Directory Manager Client
  • The Directory Management Perspective
  • Workspaces and Perspectives
  • Views
• Starting a Directory Project
• Defining A New Server
• Adding A New Adapter
• Configuring JDBC For Database Adapters
  • Preparing the JDBC Libraries
• Connecting or Logging-In to the Oracle Virtual Directory
• Server Log View
  • Exporting Access.log Data to CSV Format for Analysis
• Saving Changes
  • Selecting Items
  • Version Conflicts
  • Reloading Components
• Editing Server Configuration
  • Edit Conflicts
• Mapping Scripts
  • Defining a Mapping
  • Deploying a Mapping
  • Configuring a Mapping for Execution
• The Directory Browser View
  • Administrative Browsers
  • LDAP Browsing
  • Displaying Data and Searching
  • Importing and Exporting LDIF
  • Refreshing Browsers
• Managing Server Libraries
  • Library Management
  • Plug-in Management
    • Plug-in Inventory
    • Retrieving a Plug-in From a Server
    • Deploying a Plug-in
    • Building a Plug-in Using an Oracle Virtual Directory Manager Java Project
    • Editing Files of a Plug-in
    • Plug-in Manifest Editor Page
  • Joiner Management
    • Joiner Inventory
    • Managing Joiners
  • Managing Server Keys
  • SSL Terminology
  • Generating a Server Key
    • Self-Signed Key
    • Signed Server Keys
    • Importing a Trusted Certificate
    • Export
• Using the One-Step Configurations Feature to Integrate Oracle Virtual Directory with Microsoft Active Directory or IBM Tivoli Access Manager
  • Integrating Oracle Virtual Directory with Microsoft Active Directory
  • Integrating Oracle Virtual Directory with IBM Tivoli Access Manager
    • Adding New Directories to the Integrated Tivoli Access Manager Configuration

5 Configuration and Settings

• Introduction to Oracle Virtual Directory Configuration
• Server Configuration
  • General Information and Licensing Settings
  • Server Settings
  • Server Logging
  • Server Quotas
    • Closing Inactive Connections
  • Server Security
  • Server Views
  • Server Admin Gateway Configuration
• Listener Configuration
  • LDAP Listener
  • HTTP Listener
    • Basic Configuration
    • Web Gateway Service
• Adapter Configuration
  • Local Store Adapter
    • Basic Settings
    • Index Settings
    • Local Database Settings
    • Backup Settings
  • LDAP Adapter Configuration
    • Directory Namespace and Attribute Mapping
    • Read / Write / Rename / Compare Support
    • Access Control and the LDAP Adapter
    • Basic Settings
    • LDAP Settings
    • Connection Settings
    • Credential Processing
  • Database Adapter Configuration
    • Access Control and The Database Adapter
    • JDBC Java Class Libraries
    • Database Mapping Considerations
    • Using the Database Adapter Wizard
    • Basic Configuration Parameters
    • Database Settings
    • Connection Settings
    • Database Attribute Mapping
    • Database Adapter Automatic and Manual Schema Configuration
  • NT Adapter Configuration
    • Configuration Requirements for NT Adapter
    • Basic Settings
    • NT Settings
  • JoinView Adapter Configuration
    • Basic Settings
    • Settings
    • Join Rules
    • Simple Joiner
    • OneToMany Joiner
    • Shadow Joiner
• Schema Configuration
  • Attribute Definition
  • ObjectClass Definition

6 Integrating with Oracle's Enterprise User Security

• Performing the Integration
  • Integrating for Use with Microsoft Active Directory
    • Configuring Active Directory for the Integration
    • Configuring Oracle Virtual Directory for the Integration
  • Integrating for Use with Sun Java System Directory Server
    • Configuring Sun Java System Directory Server for the Integration
    • Configuring Oracle Virtual Directory for the Integration
  • Integrating for Use with Oracle Internet Directory
    • Configuring Oracle Internet Directory for the Integration
    • Configuring Oracle Virtual Directory for the Integration
• Integration Limitations

7 Routing

• Introduction
• Routing Concepts
  • Adapter Visibility
  • Server Criticality
  • Determining the Order of Adapter Processing in LDAP Operations
  • Routing Levels
  • Determining Which Credentials are Used for the Bind Operation
  • Limiting Retrieving and Storing Of Attributes
  • Including and Excluding Entries From Client Searches
  • DN Pattern Matching
• Management of Routing
  • Selection
  • Attribute Flow
  • General Settings

8 Mapping System

• Introduction
• Python Resources
• Example Scenarios
  • Example: Constructing A CN Attribute
    • Outbound Processing
    • Inbound Processing
  • Example: Mapping Active Directory Schema
• Mapping Functions
  • Methods
  • Data Objects

9 Developing Java Plug-Ins

• Introduction
• The Chain System
• Plug-in Implementation Types
• Plug-in Configuration, Initialization and Destruction
• Plug-In Availability
• Plug-in Operation Implementation
• EntrySet Creation
• Filter Processing
• Classes Overview
  • Virtual Service Interface
  • Global Service Interface
  • Adapter Service Interface
  • Joiner
  • Utility Classes
  • Data Classes
  • Data Types
  • Exceptions

10 Configuring Plug-Ins and Mappings

• Introduction
• Global Plug-ins Example
• Adapter Plug-ins Example
• Unique Identity Plug-In
• Namespace Filtering
• Plug-in Configuration Actions

11 Access Control

• Introduction
• Multi-Tier Authentication and Access Control
  • Pass-Through Authentication
  • CRAM-MD5 and SASL Binding
    • Proxy Account Authentication
    • Client Certificate Authentication
    • Source Directory Access Control
    • Oracle Virtual Directory Access Control
    • Access Control and Groups
  • Controlling LDAP Anonymous Authentication
• Access Control Configuration
  • Using The Editor
• Access Control Rules
  • Target/Location Component
  • Scope Component
  • Rights Component
  • Attributes Component
  • Permissions Component
    • Attribute Permissions
    • Notes on Attribute Permissions
    • Entry Permissions
    • Notes on Entry Permissions
  • Subject Component
  • Subject Component Notes
  • General Grant/Deny Evaluation Rules

A Oracle Virtual Directory 2.0 and 10.1.4 Property Table

• Adapter Properties
  • General Properties for All Adapters
  • Generic Adapter Routing Properties
  • Standard Adapter General Properties
  • Standard Adapter Index Properties
  • LDAP Adapter General Properties
  • Database Adapter General Properties
  • JoinView Adapter General Properties
  • NTLM Adapter General Properties
• Listener Properties
  • Listener General Properties
  • Web Gateway Service Properties
  • Web Listener Service Base Implementation
• General Oracle Virtual Directory Properties
  • Oracle Virtual Directory General Properties
  • Oracle Virtual Directory Logging Properties
  • Oracle Virtual Directory Replication Properties
  • Oracle Virtual Directory Quota Properties

B Bundled Plug-ins

• Introduction
• General Purpose Plug-ins
  • Caching
    • Cache Hit Logic
  • DynamicGroups
  • DumpTransactions
  • ObjectClass Mapper
  • Dynamic Entry Tree
  • Flat Tree
• Microsoft Active Directory and Microsoft ADAM
  • Active Directory Ranged Attributes
  • Active Directory Password
  • InetAD

C Web Gateway

• Introduction
  • WebGateway Listener
  • Demonstration Directory Browser
• WebGateway Listener Architecture
• DSML and XSLT Servlet LDAP Query Parameters
• WebGateway Listener
  • Resource Handler
  • DSML Servlet
  • WebGateway Servlet (XSLT)
• WebGateway Command Detail
  • Binary Attribute Retrieval
  • Form-Based Searching
  • Form-Based Entry Manipulation
  • HTTP POST
  • HTTP GET
• Security Contexts
  • Requirements for .htaccess Files
  • Directives for .htaccess Files
  • Resource Restrictions
  • Example Security Context Files
• Using XSL Stylesheet Templates
  • Using XSLT Servlet Queries To Create Dynamic Forms
  • Support for XSL Document() and Import/Include Commands
  • Passing Parameters to XSL Stylesheets
• Sample XSL