In Today’s Post I am going to cover overview OID to other LDAP Server Integration. Other LDAP Server can be Oracle’s Internet Directory or Sun’s iPlanet or Microsoft Active Directory (These are standard directory Servers but you can integrate OID with other third party LDAP servers as well)
Two way / One way Integration
You can integrate to synch changes one way only i..e. from Other ldap server OID or both way i.e. OID to other ldap server & vice-versa. (For Two way Integration you should have access to Update other LDAP Server)
Various OID Server Instances
Under OID there three services
- OIDLDAPD Server which is used for normal directory processing
- OIDREPLD Replication Server (To replicate entire OID to other OID server)
- ODISRV Directory Integration & Provision Server (This is the server/services used to integrate OID Users/Groups/objects with third party LDAP Servers)
By default OIDLDAPD & ODISRV Instances are started as you start OID using OPMN but you still need to start one more Instance of ODISRV for Integrating OID with other LDAP Servers
ODISRV is by default Up why I need additional ODISRV Server ?
Default ODISRV is used by Provisioning Services i.e. to povision users & groups from OID to Oracle Applications i.e. Portal/Workflow/Discoverer… So for Integrating OID with third party ldap server including OID we need another Instance of ODISRV.
How to start ODISRV & check related logs ?
You can start additional ODISRV instance using OIDCTL command
oidctl connect=[tns_alias] host=[oid_hostname] server=odisrv instance=2 configset=0 start
to stop it use
oidctl connect=[tns_alias] host=[oid_hostname] server=odisrv instance=2 stop
Logs related to above odisrv process will be in $ORACLE_HOME/ldap/log/odisrv0X.log where X is instance name.
Other log files will be at $ORACLE_HOME/ldap/odi/log/[profile_name].aud & [profile_name].trc
For Other things on OID to OID or other LDAP server Integration (iPlanet/AD) and significance of audit & trace log files mentioned above including Synchronization Profiles in OID..
Coming Soon ……
Related Posts for OID
- Oracle Internet Directory OID
- Oracle Internet Directory - Basics II
- Integrate OID with AD Part I
- OID to OID/Active Directory/iPlanet other LDAP Server Integration
- Multi Master OID Replication
- OID Architecture
- Oracle Internet Directory , OID Troubleshooting
- Server Chaining in OID
- OID Quesries/ Scripts FAQ
- OIDADMIN Client
- Oracle Identity Management (OID) 11g installation Issues on Linux
- OID 11g - Oracle Directory Services Manager (ODSM)
Popularity: 9% [?]
Download R12 VMware Documentation
Good hands-on exercises (installation, patching, cloning), very experienced trainer worth for Money 
9 users commented in " OID to OID/Active Directory/iPlanet other LDAP Server Integration "
Follow-up comment rss or Leave a TrackbackIs there some reason you didn’t mention OpenLDAP?
Hi Anonymous,
No its just like I never worked on Integration of OID with openLdap (I worked on OID to OID,AD,iPlanet only).
You can very well integrate with openLdap but you have to tweak with provision profile and mapping file
Hi, i am trying to integrate the OID with the windows active directory! I actually managed to Import the AD users to OID by tweaking the profiles and mapping files! but the thing is i cant export them back! can u post somekind of a step by step help? please! thanks.
Can you explain what do you mean by export them back ?
Where to export back ?
Do you mean by synchronization with AD ?
Dear Atual,
1) I integrted 10gAS with R12 instance.
Well its working,when i use r12 url it diverting to sso page, i use orcladmin/oracle123 then its open diffrent r12 html page with login screen. i supply aman/google .
it connect to that user. then i logout.
next time when i use r12 url it diverting to sso page,when i use oracladmin/password it directly coonect r12 user ( aman )whihc i use first time. if i use other r12 user i cant login with sso.(error authentication fail)
2)no reponce from ldapsearch process cuntnously with no output, no error.
bash-3.00$ ldapsearch -h oradevweb2 -p 636 -D cn=orcladmin -w oracle123 -b “or
lApplicationCommonName=prod,cn=EBusiness,cn=Products,cn=OracleContext,dc=india
in.com” userpassword -v oracle123
Can u tell me, what is above userpassword ,i use orcladmin password.
and wht for its continulsy running with no output no error.
thanks atul.
Syed,
Im step 1, what you did is linked orcladmin user in OID with User aman in R12 (fnd_user). Since there is no user called orcladmin in R12 (FND_USER) hence it tried to manually link orcladmin with aman as you supplied aman as user.
So from now orcladmin in oid is linked to aman in apps and this user can login.
2) In this what you are trying to search ?
What are options userpassword -v oracle123 ?
Tell me what are you trying to search and I will give you right OID command.
Above you mentioned that when you login with other R12 user you get login error so first check if this user si available in OID or not. Use /oiddas screen to check if user is in OID or not.
In order to sso login user should be in apps FND_USER and OID both.
Try to go through guide mentioned in my post specially OID inetgration with apps to clear your doubts.
http://onlineappsdba.com/index.php/2008/03/17/notesdocs-to-integrate-apps-11i-with-10g-as-portaloidsso/
Today did you have something with OpenLDAP?
Do you have steps to do OID to OID integration. We are upgrading OID from 10.1.2 to 10.1.4 and also moving to different server. We have done one time data import to 10.1.4 envionment. We want to setup OID to OID sync from 10.1.2 to 10.1.4.
Do you steps to do this ? If you have OID to OID mapping file, that will also help.
Hi Atul,
have you ever faced the challange to sync OID with IBM Directory Service? I tried it with the IPlanet connector and was able to bootstrap successfully. But, synchronization fails.
Looking forward for your thoughts.
Bernd
Leave A Reply