Print PreviewThis tutorial contains the following sections:
Click icon to show all screenshots
Note: Alternatively, you can click an individual icon (or image) associated with each step to view (or hide) the screenshot associated with that step.
This tutorial covers the integration of Oracle Internet Directory (OID) with Shared Services.
Approximately 1 hour.
In this tutorial, you configure Oracle Internet Directory to integrate with Shared Services. After you test the connection, you can edit or delete the configuration.
The following is a list of software requirements:
Before starting this tutorial, you should:
1 . |
Have administrator access to a working installation of Shared Services. |
|---|---|
2 . |
Have administrator access to a working installation of Oracle Internet Directory.
|
You must log on to Shared Services using an administrator account to perform the following steps. To add new user directories:
1 . |
Log on to Shared Services.
|
|---|---|
2 . |
Select Administration, and then Configure User Directories.
The Defined User Directories page is displayed.
|
3 . |
Click New.
|
4 . |
Under Directory Type, select Lightweight Directory Access Protocol (LDAP).
|
5 . |
Click Next.
|
The Connection Information page contains the information used to connect to the directory server. To set the connection information:
1 . |
In the Directory Server drop-down list, select Oracle Internet Directory.
|
|---|---|
2 . |
Enter a name for the connection.
The connection name is used to identify a specific user directory if multiple user directories are configured.
|
3 . |
Enter a host name.
|
4 . |
Enter the OID port number.
The default port number for Oracle Internet Directory is 389. In this example, a custom port is used.
|
5 . |
Optional: Select SSL Enabled if the user directory is configured for secure communication.
In this example, SSL is not enabled.
|
6 . |
Click Fetch DNs.
You can also enter the Base Distinguished Name (DN).
|
7 . |
Accept the default value for the ID attribute.
|
8 . |
In the Maximum Size text box, enter the maximum number of results that a search can return.
|
9 . |
Select Trusted if this provider is a trusted single sign-on (SSO) source.
SSO tokens from trusted sources do not contain the user's password.
|
10 . |
Ensure that Anonymous Bind is not selected.
|
11 . |
Enter the User DN and password.
|
12 . |
Optional: Select Append Base DN if you want to append the Base DN to the User DN.
|
13 . |
Click Next.
|
Shared Services uses the properties set on the User Configuration page to create a user URL for determining the starting node for user searches. The URL speeds the search.
Note: The user URL should not point to an alias. Enterprise Performance Management System security requires that the user URL points to an actual user.
With OID, you cannot automatically configure the user filter, because the root Directory System Agent Specific-Entry (DSE) of OID does not contain entries in the Naming Contexts attribute.
To set the properties for the user URL:
1 . |
Optional: Enter a unique user identifier and click Auto Configure.
If you choose to auto configure, the values for the succeeding text boxes will be filled in for you.
|
|---|---|
2 . |
Enter a user RDN.
Each DN component is called a relative distinguished name (RDN) and represents a branch in the directory tree. The RDN of a user is generally the equivalent of the user ID (uID) or common name (cn).
|
3 . |
Enter a login attribute.
The login attribute stores the user's login name. You use the login attribute as the user name when you log on to EPM System products. Note: If you are configuring OID as an external user directory for EPM System products deployed on Oracle Application Server in a Kerberos environment, you must set this property to userPrincipalName.
|
4 . |
Enter a first name attribute.
This attribute stores the user's first name.
|
5 . |
Enter a last name attribute.
This attribute stores the user's last name.
|
6 . |
Optional: Enter an email attribute.
This attribute stores the user's e-mail address.
|
7 . |
Enter an object class name, and click Add.
Shared Services uses the object classes (the mandatory and optional attributes associated with the user) listed on this page to locate users who should be provisioned.
|
8 . |
Click Next.
|
Shared Services uses the properties set on the Group Configuration page to create the group URL for determining the starting node for group searches. The URL speeds the search.
Note: The Group URL should not point to an alias. EPM System security requires that the group URL point to an actual group.
Data entry on the Group Configuration page is optional. If you do not enter the group URL settings, Shared Services searches within the Base DN to locate groups. The search can negatively affect performance, especially if the user directory contains many groups.
With OID, you cannot use the autoconfigure feature, because the root DSE of OID does not contain entries in the Naming Contexts attribute.
To set group properties:
1 . |
If you do not plan to provision groups or if users are not categorized into groups on the user directory, clear Support Groups and skip to step 5. Otherwise, proceed to step 2.
Clearing this option disables the fields on this page.
|
|---|---|
2 . |
Optional: Enter a unique group identifier and click Auto Configure.
f you choose to auto configure, the values for the succeeding text boxes will be filled in for you.
|
3 . |
Enter a group RDN.
The Group RDN has a significant impact on login and search performance. Because it is the starting point for all group searches, you must identify the lowest possible node in which all groups for EPM System products are available. For optimum performance, ensure that the number of groups present within the group RDN do not exceed 10,000. If more groups are present, use a group filter to retrieve only the groups that you want to provision.
|
4 . |
Enter a name attribute.
This attribute stores the name of the group.
|
5 . |
Enter an object class name, and click Add.
Shared Services uses the object classes (the mandatory and optional attributes) listed on this page to locate groups that should be provisioned.
|
6 . |
Click Save.
|
7 . |
When the following status message is displayed, click OK.
The Oracle Internet Directory that you added is displayed on the Provider Configuration tab on the Defined User Directories page.
|
8 . |
Select File, and then Logout.
|
9 . |
Restart services.
|
You must log on Shared Services using an administrator account to perform the following steps.
To test the OID connection in Shared Services:
1 . |
Log on to Shared Services.
|
|---|---|
2 . |
Select Administration, and then Configure User Directories.
The Defined User Directories page is displayed.
|
3 . |
Ensure that the OID directory is selected, and click Test.
When the connection test is successful, the following status message is displayed:
If the connection test failed, proceed to the next topic to edit directory settings.
|
4 . |
When the following message is displayed, click Save.
|
5 . |
Click OK.
|
You must log on to Shared Services using an administrator account to perform the following steps.
To edit directory settings in Shared Services:
1 . |
In Shared Services, select Administration, and then Configure User Directories.
The Defined User Directories page is displayed.
|
|---|---|
2 . |
Select the Oracle Internet Directory that you want to modify and click Edit.
|
3 . |
Modify the configuration settings as needed.
Note: You cannot modify the configuration name.
|
4 . |
Click Save.
|
5 . |
When the following message is displayed, click OK.
|
6 . |
Select File, and then Logout.
|
7 . |
Restart services.
|
8 . |
Optional: Log on to Shared Services and test your connection.
|
You must log on Shared Services using an administrator account to perform the following steps.
To delete configured directories in Shared Services:
1 . |
In Shared Services, select Administration, and then Configure User Directories.
The Defined User Directories page is displayed.
|
|---|---|
2 . |
Select the Oracle Internet Directory that you want to delete and click Delete.
|
3 . |
When you are prompted to delete the external directory, click OK.
|
4 . |
When the following message is displayed, click OK.
|
5 . |
Select File, and then Logout.
|
6 . |
Restart services.
|
In this tutorial, you have learned how to:
 |
About
Oracle |  | Careers | Contact
Us | Site Maps | Legal
Notices | Terms of Use | Your Privacy Rights
|
