Policy Server Guides › Policy Server Configuration Guide › User Directories › How to Configure an Oracle Internet Directory User Directory Connection
How to Configure an Oracle Internet Directory User Directory Connection
You can use an Oracle Internet Directory (OID) user directory as a user store. The following process lists the steps for creating the user store connection to the Policy Server:
- Ping the User Store System
- Create the Organizational Unit in Oracle Internet Directory
- Configure the Oracle Internet Directory Connection
LDAP Referral Limitation for Oracle Internet Directory User Directory
LDAP referrals do not work when Oracle Internet Directory Server 10g (9.0.4) is configured as a user store and enhanced referrals are enabled. This is a limitation with OID.
Ping the User Store System
Pinging the user store system verifies that a network connection exists between the Policy Server and the user directory or database.
Note: Some user store systems may require the Policy Server to present credentials.
Create an Organizational Unit for an OID Directory
You can create an organizational unit for adding users to an OID directory.
To create an organizational unit for an OID directory
- Create an organizational unit under a domain using the ADD.
Example: OracleSchemaVersion
- Select the organizational unit, and enter a Distinguished Name.
Example: ou=people,cn=OracleSchemaVersion
- Right-click Entry Management, and select Create.
- Click Add on the Distinguished Name dialog, and select inetOrgPerson.
- Type the following on the Mandatory Properties tab:
- cn=user1
- sn=user1
- uid=user1
- userpassword=user1
- Specify the dn as: cn=user1,ou=people,cn=OracleSchemaVersion.
Configure Oracle Internet Directory Connections
You can configure a user directory connection that lets the Policy Server communicate with an OID user store.
To configure the user directory connection
- Click Infrastructure, Directory.
- Click User Directory, Create User Directory.
The Create User Directory pane opens.
Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.
- Select LDAP from the Namespace list.
LDAP settings open.
- Complete the remaining required connection information on the General and Directory Setup group boxes.
Note: If the Policy Server is operating in FIPS mode and the directory connection is to use a secure SSL connection when communicating with the Policy Server, the certificates used by the Policy Server and the directory store must be FIPS compliant.
- Type the LDAP Search and LDAP User DN Lookup settings in the fields on the LDAP Settings group box.
- (Optional) Do the following in the Administrator Credentials area:
- Select the Require Credentials option.
- Enter the credentials of an administrator account.
- (Optional) Specify the user directory profile attributes that are reserved for CA SiteMinder® use in the User Attributes area.
- (Optional) Click Create in the Attribute Mapping List area to configure user attribute mapping.
- Click Submit.
The user directory connection is created.
More information:
LDAP Load Balancing and Failover
Define an Attribute Mapping
Copyright © 2013 CA.
All rights reserved.
|
|