Previous Topic: How to Configure an Active Directory Global Catalog User Directory ConnectionNext Topic: How to Configure OpenLDAP Server User Directory Connections


How to Configure an Oracle Internet Directory User Directory Connection

You can use an Oracle Internet Directory (OID) user directory as a user store. The following process lists the steps for creating the user store connection to the Policy Server:

  1. Ping the User Store System
  2. Create the Organizational Unit in Oracle Internet Directory
  3. Configure the Oracle Internet Directory Connection
LDAP Referral Limitation for Oracle Internet Directory User Directory

LDAP referrals do not work when Oracle Internet Directory Server 10g (9.0.4) is configured as a user store and enhanced referrals are enabled. This is a limitation with OID.

Ping the User Store System

Pinging the user store system verifies that a network connection exists between the Policy Server and the user directory or database.

Note: Some user store systems may require the Policy Server to present credentials.

Create an Organizational Unit for an OID Directory

You can create an organizational unit for adding users to an OID directory.

To create an organizational unit for an OID directory

  1. Create an organizational unit under a domain using the ADD.

    Example: OracleSchemaVersion

  2. Select the organizational unit, and enter a Distinguished Name.

    Example: ou=people,cn=OracleSchemaVersion

  3. Right-click Entry Management, and select Create.
  4. Click Add on the Distinguished Name dialog, and select inetOrgPerson.
  5. Type the following on the Mandatory Properties tab:
  6. Specify the dn as: cn=user1,ou=people,cn=OracleSchemaVersion.
Configure Oracle Internet Directory Connections

You can configure a user directory connection that lets the Policy Server communicate with an OID user store.

To configure the user directory connection

  1. Click Infrastructure, Directory.
  2. Click User Directory, Create User Directory.

    The Create User Directory pane opens.

    Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

  3. Select LDAP from the Namespace list.

    LDAP settings open.

  4. Complete the remaining required connection information on the General and Directory Setup group boxes.

    Note: If the Policy Server is operating in FIPS mode and the directory connection is to use a secure SSL connection when communicating with the Policy Server, the certificates used by the Policy Server and the directory store must be FIPS compliant.

  5. Type the LDAP Search and LDAP User DN Lookup settings in the fields on the LDAP Settings group box.
  6. (Optional) Do the following in the Administrator Credentials area:
    1. Select the Require Credentials option.
    2. Enter the credentials of an administrator account.
  7. (Optional) Specify the user directory profile attributes that are reserved for CA SiteMinder® use in the User Attributes area.
  8. (Optional) Click Create in the Attribute Mapping List area to configure user attribute mapping.
  9. Click Submit.

    The user directory connection is created.

More information:

LDAP Load Balancing and Failover

Define an Attribute Mapping