Presentation

1
Presentation 36576Oracle9i LDAP Advanced
Configuration of Directory Naming

• Daniel T. Liu
• Senior Technical consultant
• First American Real Estate Solutions

Date Wednesday, September 10, 2003 _at_ 430 AM -
530 PM
Place Moscone Room 131
2
Agenda

• Net Services Basics
• Connecting Methods
• OID Basics
• Step-by-Step Setup of OID for Names Resolutions
• Migrating to OID
• Q A

3
Net Services Basics
4
Net Services In a Nutshell

• What is the database instance ?
• Instance name (SID)
• Where is the database instance ?
• Instance address (host, IP address, port)
• How to communicate ?
• Network language (protocol)

5
Net Services Components

• Net Services Client
• Net Services Server
• Oracle Net
• Oracle Net Foundation Layer
• Oracle Protocol Support
• Listener

6
Client/Server

• Net Services Client
• Enables client connections to databases across a
  network. A client-side application sends a
  request to Oracle Net Services to be transported
  across the network to the server.
• Net Services Server
• Enables the listener, through a protocol, to
  accept connections from client application on the
  network.
  

7
Oracle Net

• Oracle Net Foundation Layer
• Provides a standard method for a client
  application to establish and maintain
  communication with the Oracle database server on
  top of industry-standard network protocol.
• Oracle Protocol Support
• TCP/IP (with SSL)
• Named Pipes
• LU 6.2
• VI

8
Oracle Net
9
Listener

• A separate process that resides on the server
• Receives incoming client connection requests and
  manages the traffic of these requests to the
  server
  
• Can listen to one or more databases either on the
  same system or on different system
  

10
Listener.ora

• listener_dallas
• (address_list (address (protocol ipc)
• (key db1))
• (address (protocol tcp)
• (host dallas.company.com)
• (port 1521))
• )
• sid_list_listener_dallas
• (sid_list (sid_desc (global_dbname
  db1.company.com)
  
• (sid_name db1)
• (oracle_home d\oracle\oracle81)
• )
• )

11
Making the Connection

• Method 1
• Retrieve from users memory
• Lengthy connect string
• Method 2
• Look up in your phone book
• tnsnames.ora

12
Making the Connection

• Method 3
• Call switchboard
• Oracle Names Server
• Oracle Internet Directory (LDAP)

13
Method 1 Retrieve From Users Memory

• Create a lengthy connect string as follows
• connect scott/tiger_at_
• (description
• (address (portocol tcp) (hostdallas.
  company.com)
  
• (port 1521)
• )
• (connect_data (service_name
  db1.company.com))
  
• )

14
Method 2Retrieve From A Client Machine

• Local Naming resolves a net service name to a
  network address using information configure in a
  local naming configuration file called
  tnsnames.ora.
• connect scott/tiger_at_db1.company.com
• tnsnames.ora file
• db1.company.com
• (description
• (address (portocol tcp) (hostdallas
  .company.com)
  
• (port 1521)
• )
• (connect_data (service_name
  db1.company.com))
  
• )

15
Method 3Retrieve From A Central System

• Central Naming stored the names and address of
  all database services in a central place on a
  network.
  
• Two popular methods
• 1. Oracle Names - Oracle proprietary software to
  store
  
• the service names on a network
• 2. Directory Naming - clients can use network
  
  
• information stored in a centralized LDAP-
• compliant directory server to access a
  database
  
• service (Oracle Internet Directory)

16
Oracle Internet Directory Basics

• Directory
• LDAP
• Oracle Internet Directory (OID)
• OID Terminology
• OID Architecture
• How Net Services Use A Directory Server

17
Directory

• Primarily read-focused
• Designed to handle relatively simple transactions
  on relatively small units of data
  
• Designed to be location-independent
• Designed to store information in entries

18
LDAP

• LDAP stands for Lightweight Directory Access
  Protocol
  
• It provides all users and applications in the
  enterprise with a single, well-defined, standard
  interface to a single, extensible directory

19
LDAP

• It reduces the need to enter and coordinate
  redundant information in multiple services
  scattered across the enterprise
  
• Its well-defined protocol and interfaces make it
  more practical to deploy internet-ready
  applications that leverage the directory.

20
Oracle Internet Directory (OID)

• A general-purpose directory service that enables
  fast retrieval and centralized management of
  information
  
• Full-featured LDAP Version 3 compliant directory
  service
  
• Major Benefits includes
• Scalability
• High Availability
• Security

21
OID Terminology

• Entries
• Distinguished Name (DN)
• Directory Information Tree (DIT)
• Relative Distinguished Name (RDN)
• Attributes
• Object Classes
• Directory Schema
• Naming Contexts

22
Directory Information Tree
23
OID Architecture

• Oracle Directory Server Instance
• OID Monitor
• OID Control Utility (OIDCTL)
• Oracle9i Database

24
OID Architecture
25
How Net Services Uses A Directory Server
26
Step-By-Step Setup Of Oracle Internet Directory
For Names Resolution

• Step 1 Planning the Network
• Step 2 Installing OID Software
• Step 3 Creating OID Repository Database and
  OID Schema
  
• Step 4 Starting OID Server

27
Step-By-Step Setup Of Oracle Internet Directory
For Names Resolution

• Step 5 Setting Up Directory Tree (Adding New
  Entry For Naming Context)
  
• Step 6 Setting Up An Oracle Context
• Step 7 Adding Service Names To OID
• Step 8 Setting Up The Client Machine

28
Step 1 Planning The Network
Understanding the different version of Oracle
Internet Directory
29
Step 1 Planning The Network

• Examine Companys Existing Oracle network
  environment
  
• List of all the network domains
• Oracle database servers within each domain
• Oracle instances and listeners running on each
  server
  
• Number of Oracle Clients

30
Step 1 Planning The Network

• Planning the Directory Tree
• Single domain called company.com
• 6 Oracle instances registered

31
Step 2 Installing OID Software

• Read the Installation Guide
• Prepare the environment
• PATH
• ORACLE_BASE
• ORACLE_HOME
• NLS_LANG
• PORT 389 is not in use by another process
• Mount the CD and bring up the Universal Installer

32
Step 2 Installing OID Software

• Choose installation type
• Management and Integration option
• Then, Oracle Internet Directory option
• Choose install OID schema on
• An existing database
• Or, a new independent database (preferred)
• In Summary window, review information
• Click Install, file copy process begins.

33
Step 3 Creating OID Repository Database and OID
Schema

• The Configuration Tools window appears at the
  end of installation
  
• The Universal Installer will first create and
  start an OID database instance
  
• Then, it creates OID schema and objects.
• - ORACLE_HOME/ldap/admin/newldap.sql
• Choose Exit and review log file for any
  installation errors
  

34
Step 4 Starting OID Server

• After successfully completing the installation,
  the default OID Monitor Daemon and LDAP Server
  Instance will already be running against OID
  database instance
• To start manually
• oidmon connect start
• Oidctl connect serveroidldapd
  instance1 start

35
(No Transcript)
36
(No Transcript)
37
(No Transcript)
38
(No Transcript)
39
(No Transcript)
40
(No Transcript)
41
(No Transcript)
42
(No Transcript)
43
(No Transcript)
44
(No Transcript)
45
(No Transcript)
46
Step 5 Setting Up Directory Tree

• Invoke the Oracle Directory Manager
• Type user name and password (orcladmin/welcome)
• Create new admin user if needed
• - Grant Browse, Add, Delete access rights
• Create the Naming Context
• Add new entry dccom
• Add new entry dccompany under dccom

47
(No Transcript)
48
(No Transcript)
49
(No Transcript)
50
(No Transcript)
51
(No Transcript)
52
(No Transcript)
53
(No Transcript)
54
(No Transcript)
55
(No Transcript)
56
(No Transcript)
57
Step 6 Setting Up Oracle Context

• Start the Net Configuration Assistant
• Choose Directory Service Access Configuration
  option
  
• Choose Create a new Oracle Context
• Choose Oracle Internet Directory
• Enter LDAP server location

58
Step 6 Setting Up Oracle Context

• Enter an administrative context in which to
  create the Oracle Context. In our case, it is
  dccompany,dccom
  
• Enter user name and password (cnorcladmin/welcome
  )
  
• The authenticated user is added to the following
  groups
  
• OracleDBCreators (OracleDBCreators,cnOracleContex
  t)
  
• OracleNetAdmins (cnOracleNetAdmins,cnOracleConte
  xt)

59
(No Transcript)
60
(No Transcript)
61
(No Transcript)
62
(No Transcript)
63
(No Transcript)
64
(No Transcript)
65
(No Transcript)
66
(No Transcript)
67
Step 7 Adding Service Names To OID

• Method 1
• Open Net Assistant. Under Net Configuration and
  Directory node, click Service Naming
  
• Enter username and password when the Directory
  Server Authentication window appears
  
• Highlight Service Naming node. Go to Menu
  Edit, then Create, the Net Service Name
  Wizard window appears.
  
• Enter Net Services Information (Host Name, Port,
  Protocol, etc)
  

68
(No Transcript)
69
(No Transcript)
70
(No Transcript)
71
Step 7 Adding Service Names To OID

• Method 2
• Prepare a LDIF file (example.ldif)

dncndb1,dcOraclecontext,dccompany,dccom
objectclass top objectclass db1NetServie cn d
b1 db1NetDescString (description
(address (protocol tcp)
(host
dallas.company.com)
(port 1521)) (connect
_data (service_name db1.company.com)))
72
Step 7 Adding Service Names To OID

• Method 2
• Execute the ldapadd command
• ldapadd D bind dn w password h ldap_host
  v verbose mode f ldif entry file)
  
• Ldapadd D cnorcladmin w welcome h server_name
  v f example.ldif
  

73
Step 8 Setting Up The Client Machine

• Install Oracle Net client software
• Start the Net Configuration Assistant
• Click Naming Method Configuration option
• Select Directory under Naming Methods. Click
  Finish
  

74
Step 8 Setting Up The Client Machine

• This process create ldap.ora file under
  ORACLE_HOME/network/admin/
  
• Configure Oracle Name Server or tnsnames.ora file
  as backup Naming Methods
  
• - NAMES.DIRECTORY_PATH(LDAP,ONAME,TNSNAMES)

LDAP.ORA Network Configuration
FileD\oracle\ora81\network\admin\ldap.ora
Generated by Oracle configuration tools.
DEFAULT_ADMIN_CONTEXT "dccompany,dccom"
DIRECTORY_SERVERS (dliu389636)
DIRECTORY_SERVER_TYPE OID
75
Migrating From Local Naming

• Start Oracle Net Assistant.
• Choose Command Directory Import Net Service
  Names.
  
• Enter username and password.
• Directory Server Migration Wizard starts, Click
  Next.
  

76
Migrating From Local Naming

• The Select Net Service Names window appears.
  From the list, select the network domain.
  
• The Select Destination Context window appears.
  Select the Directory Naming Context that contains
  the Oracle Context from the Directory Naming
  list.

77
Migrating From Local Naming

• Click Next. The wizard exports the net service
  names.
  
• Click Finish to complete the directory Server
  Migration wizard. Now OID has all the database
  connecting information loaded.
  

78
Migrating From Oracle Names Server

• Method 1 Direct Export
• Go to the Oracle Names Server, dump the service
  address information to a tnsnames.ora file.
  
• - NAMSCTL dump_tnsnames
• Transfer the file to the LDAP server.
• ftp ldapserver.company.com
• Put tnsnames.ora
• Load the net service information.

79
Migrating From Oracle Names Server

• Method 2 In-Direct Export
• Run DUMP_LDAP from Oracle name Server.
• - NAMESCTL dump_ldap company.com f sample.ldif
• Go to LDAP server, run the ldapadd command.

80
Migrating By Proxy

• Oracle Client version is 8.1.5 or earlier.
• Use Oracle Names LDAP proxy server.
• See article Migration by Proxy in May 2001 of
  Oracle Magazine for details.

81
Summary

• Net Services Basics.
• Connection Methods
• Directory
• LDAP
• Oracle Internet Directory (OID)
• OID Terminology and Architecture.

82
Summary

• How Net Services saved in Directory Server.
• Step-by-Step setup of Directory Naming using
  Oracle Internet Directory.
  
• Migrating from Local Naming.
• Migrating from Oracle Names Server.

83
References

• Oracle9i Net Services. Release 1 (9.0.1)
• Oracle Internet Directory, Administrators Guide.
  Release 3.0.1
  
• Oracle Internet Directory, Administrators Guide.
  Release 2.1.1
  
• Net8 A Step-by-Step Setup of Oracle Names
  Server Oracle Open World 2000P
  
• Oracle Metalink and support papers numbers
• Note 157892.1, Quick Start Guild Oracle
  Internet Directory Installation 3.0.1
  
• Note 112763.1, Example of LDAP setup for Net8
  Administration
  
• Note 120717.1, Net8 LDAP Naming Adding TNS
  Service Names to an OID.
  
• Reprinted from Oracle Internals
• I would also like to acknowledge the assistance
  of Bob Polak of the Allant Group, Ann Collins,
  Larry Bailey, Husam Tomeh and Archana Sharma of
  FARES, and Roger Peterson of Oracle.

84
Thanks For Coming !!

• Daniel Liu Contact Information
• Phone (714)-701-3346
• Email dliu_at_firstam.com
• Email daniel_t_liu_at_yahoo.com
• Company Web Site
• http//www.firstam.com