OID and multiple domains
DBAsupport.com Forums - Powered by vBulletin
Results 1 to 8 of 8

Thread: OID and multiple domains

  1. #1
    Join Date
    Oct 2000
    Location
    Germany
    Posts
    1,185

    OID and multiple domains

    I want to replace Oracle Names with the Oracle Internet Directory.

    The company has a collection of databases that originated in different countries, years ago. Thus, a single structure like domain.com will not accomodate databases from domain.fr, domain.de, domain.it, etc.

    Has anyone successfully implemented a multiple domain configuration and if so, can you provide a link that addresses some of the issues?

    TIA.
    David Knight
    OCP DBA 8i, 9i, 10g

  2. #2
    Join Date
    Mar 2002
    Location
    Mesa, Arizona
    Posts
    1,204
    I haven't implemented it and I'm not sure why it's an issue for you, but it shouldn't be tough to do.

    You would have to make a different ORACLE_CONTEXT under each domain node.

  3. #3
    Join Date
    Apr 2001
    Location
    Brisbane, Queensland, Australia
    Posts
    1,203
    I installed OID on multiple occasions and not once was the installation process the same. Honestly, I ended up pushing random multiple buttons and it eventually worked, each time different. :-)
    OCP 8i, 9i DBA
    Brisbane Australia

  4. #4
    Join Date
    Oct 2000
    Location
    Germany
    Posts
    1,185
    My installation is on the 10g Application Server 10.1.2.0.0.

    Here are two problems that I have (among others).

    1. I have two places where network entries can be placed. The first is under "Oracle Context" directly under "Entry Management". When i change the default_admin_context to "dc=mycompany,dc=de" in my ldap.ora file, these entries are not seen, i.e. a tnsping makes no contact.

    2. Under Entry Management i have a node called "de" then "mycompany" and then "OracleContext".

    I would like to use the "Create Like" command in the Oracle Directory Manager and build structures like

    cn=OracleContext,dc=mycompany,dc=de
    cn=OracleContext,dc=mycompany,dc=be
    cn=OracleContext,dc=mycompany,dc=fr
    cn=OracleContext,dc=mycompany,dc=at and so on.

    The "cn=OracleContext,dc=mycompany,dc=de" exists and works.

    dc=de has the object classes domain, top, orclContext.
    dc=mycompany has object classes domain, top, orclSubscriber, orclNetService.
    cn=OracleContext has object classes top, orclNetDescriptionList.

    First i use Create Like to create dc=fr. object classes are the same as dc=de. no problem.

    Next, i use Create Like to create dc=mycompany. object classes domain and top are intact, but orclSubscriber and orclNetService are missing in action. Using the Add Object Classes command does not list either of them as options to be added. Perhaps they are inherited classes from OracleContext?

    Last, i attempt to do a Create Like with the OracleContext. The object class "top" is automatically included, but orclNetService is not. In addition, orclNetService is not an option to be added. There are no mandatory properties for the new OracleContext and therefore it is not possible to create it.

    So the next try is adding a dummy object class, and i chose a bunch of Net related and still got no mandatory properties and was unable to create an OracleContext.

    At this point, I would be happy to read a cookbook as the Oracle Docs do not give much help for anything but the simplest case, which i have successfully constructed.
    David Knight
    OCP DBA 8i, 9i, 10g

  5. #5
    Join Date
    Oct 2000
    Location
    Germany
    Posts
    1,185
    I discovered the answer in the Oracle Identity Management docs.

    To construct multiple domains, it is necessary to use "Create Like" in the Oracle Directory Manager to create the "dc" parts.

    For example, use "Create Like" to copy dc=de to dc=fr. Then use "Create Like" to make a copy of dc=mycompany from the dc=de tree to the dc=fr tree.

    If the changes do not show up immediately, exit the directory manager and immediately re-enter.

    After that it is necessary to use the oidca tool and the CREATECTX option to add the OracleContext.

    For example

    oidca mode=CREATECTX -silent oidhost=OID Server hostname nonsslport=389 sslport=636 dn=cn=orcladmin pwd=password contextdn=cn=OracleContext,dc=mycompany,dc=fr

    That will create

    cn=OracleContext,dc=mycompany,dc=fr

    IMHO, the documentation and lack of concrete examples in the Oracle Docs is strange considering that OID seems to be the direction for network resolution.
    David Knight
    OCP DBA 8i, 9i, 10g

  6. #6
    Join Date
    Mar 2002
    Location
    Mesa, Arizona
    Posts
    1,204
    I agree. OID definately needs to mature. A decent functioning toolset and good documentation would go a long way here.

    Name resolution is quick and robust once you complete running the install and configuration gauntlet.

    Replication absolutely sucks. Messages for conflict resolution are buried in a real deep hole and fixes usually end up in a rebuild.
    "I do not fear computers. I fear the lack of them." Isaac Asimov
    Oracle Scirpts DBA's need

  7. #7
    Join Date
    Apr 2001
    Location
    Brisbane, Queensland, Australia
    Posts
    1,203
    Quote Originally Posted by dknight
    Last, i attempt to do a Create Like with the OracleContext. The object class "top" is automatically included, but orclNetService is not. In addition, orclNetService is not an option to be added. There are no mandatory properties for the new OracleContext and therefore it is not possible to create it.

    So the next try is adding a dummy object class, and i chose a bunch of Net related and still got no mandatory properties and was unable to create an OracleContext.
    Sometimes objects in OID simple just dissappear through the installation process. Once a object does dissapear, the only way I managed to get them back wast by removing the OID schemas (ODS and ODS_COMMON) and performing a "reinstall" via the Net Configuration Assistant. The OID documentation is terrible, you're better off tracking down Metalink notes.. (although, some of these are incorrect also).
    OCP 8i, 9i DBA
    Brisbane Australia

  8. #8
    Join Date
    Oct 2000
    Location
    Germany
    Posts
    1,185
    Thanks for your comments.

    The "Oracle Identity Management" docs were useful along with a few pages from a bunch of other Oracle docs. The OIDCA command options in the OIM docs was different than the OIDCA command options on my 10.1.2 AS installation.

    I don't want to rant too much, but the configuration was a lot more painful than it needed to be. A simple cookbook might augment the adaptation of the technology.
    David Knight
    OCP DBA 8i, 9i, 10g

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width