Install Oracle Internet Directory (OID) in Standalone mode
Oracle Internet Directory (OID) is an LDAP server which uses an Oracle database as a datastore. Client machines can use the OID for all TNS lookups. With OID. Once all client machines are configured correctly any modifications to the TNS lookups can be done from a central location reducing the amount of client machine administration.
This guide is about installing and using Oracle Internet Directory in Standalone mode, no need for Oracle Fusion Middleware Infrastructure.
Step-by-step guide
Download Oracle Internet Directory (Part of identity management) from
http://www.oracle.com/technetwork/middleware/id-mgmt/downloads/index.html
Install OID, follow instructions:
https://docs.oracle.com/en/middleware/lifecycle/12.2.1.3/inoim/installing-product-software.html#GUID-5D47117E-3983-4BED-BADB-CB7DDD63DB34
Starting the Installation Program:
./fmw_12.2.1.3.0_oid_linux64.binConfigure the Domain:
$ORACLE_HOME/oracle_common/common/bin/config.shStart the Servers for Standalone Oracle Internet Directory:
DOMAIN_HOME/bin/startNodeManager.shPerform Initial Oracle Internet Directory Setup:
$ORACLE_HOME/oracle_common/common/bin/wlst.shStart the Repository Creation Utility:
nmConnect(username='wls_user',password='password',domainName='base_domain')
oid_setup(orcladminPassword='password',odsPassword='password',realmDN='dc=us,dc=oracle,dc=com')
$ORACLE_HOME/oracle_common/bin/rcufix permissions (Doc ID 947285.1):
vi ldifFileModify the file sqlnet.ora in $ORACLE_HOME/network/admin directory need to have the following line:
dn: cn=oid1,cn=osdldapd,cn=subconfigsubentry
changetype: modify
replace: orclAnonymousBindsFlag
orclAnonymousBindsFlag: 1
ldapmodify -D cn=orcladmin -q -p 3060 -h oid -f ldifFile
NAMES.DIRECTORY_PATH= (LDAP,TNSNAMES,EZCONNECT)Create the file ldap.ora in the $ORACLE_HOME/network/admin directory location.
This file has information of the server where the LDAP directory resides along with the port numbers for normal and secure connections
DEFAULT_ADMIN_CONTEXT = "dc=us,dc=oracle,dc=com"Add tns entry in OID (TESTTNS will be the tns alias):
DIRECTORY_SERVERS = (oid.mydomain.local:3060:3131)
DIRECTORY_SERVER_TYPE = OID
NAMES.DEFAULT_DOMAIN = mydomain.local
vi add_entry.ldifLoad the ldif file:
dn: cn=TESTTNS,cn=OracleContext,dc=us,dc=oracle,dc=com
objectclass: top
objectclass: orclNetService
cn: TESTTNS
orclNetDescString: (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=oid)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=oid)))
orclnetdescname=000:cn=DESCRIPTION_0
ldapadd -h oid -p 3060 -c -D "cn=orcladmin" -f add_entry.ldif -w mypasswordWe will now check a connection to the alias TESTTNS ensuring that the SQL*Net connection details are now obtained from the OID LDAP directory and not using information stored in the local tnsnames.ora file.
Note: the output of the tnsping command shows that the LDAP directory was accessed to resolve the alias
tnsping TESTTNS
TNS Ping Utility for Linux: Version 12.2.0.1.0 - Production on 02-JUL-2018 14:41:49
Copyright (c) 1997, 2016, Oracle. All rights reserved.
Used parameter files:
/oracle/product/12.2.0.1/dbhome_1/network/admin/sqlnet.ora
Used LDAP adapter to resolve the alias
Attempting to contact (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=oid.mydomain.local)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=oid)))
OK (0 msec)
Comments
Post a Comment