OID 11g – Oracle Directory Services Manager (ODSM)

This post covers overview of Oracle Directory Service Manager (ODSM) , new tool to manager Oracle Internet Directory (OID) and Oracle Virtual Directory (OVD)

JNDI – Java Naming and Directory Interface
LDAP – Lightweight Directory Access Protocol
ODM  – Oracle Directory Manager (10g OID)
ODSM– Oracle Directory Services Manager (11g OID)
OID  – Oracle Internet Directory
OVD  – Oracle Virtual Directory
WLST– WebLogic Scripting Tool

.
Oracle Directroy Service Manager  (ODSM) – is Java application (introduced in 11g OID/OVD) to manage OID and OVD. 
a)  ODSM is java application which runs on WebLogic Server (Managed Server – wls_ods1
b) Oracle Directory Manager (tool to manage OID in 10g) is now deprecated in 11g OID.
c) ODSM uses JNDI to connect to OID & OVD
d) You can install and configure ODSM with OID/OVD during installation or later

.
How to find ODSM URL ?

Option 1 – $Fusion_Middleware_Home/ Oracle_Identity_Management_domain/ servers/ wls_ods/ data/ nodemanager/ wls_ods1.url

Option 2 – Identify Managed Server (wls_ods1) port and use URL http://host:port/odsm

How to access ODSM ?1. Start Managed Server wls_ods1 
startManagedWebLogic.sh wls_ods1

2. Access ODSM from URL – http://host:port/odsm  where default managed server (wls_ods1) port is 7005 (cn=orcladmin)

.

.
References

About the Author Masroof Ahmad

Leave a Comment:

35 comments
ccp says November 16, 2009

Atul Kumar I want touch you,can you tell me your mail id? or msn? Thanks!

Reply
siva says February 19, 2010

Atul,

wls_ods1 is up and running. But the URL http://host:port/odsm is not working. What could be the possibility of this?

Your help is appreciated

Thanks

Reply
» OID/Directory Services 11g - Schema, Object Class, Attributes Online Apps DBA: One Stop Shop for Apps DBA’s says September 28, 2010

[…] can use a) Oracle Directory Services Manager (More on ODSM here) or b) command line tool (ldapXXXX) to add/modify/delete Object […]

Reply
» OID Server Mode R, RW, RM: LDAP: error code 53 - Server currently in read only mode Online Apps DBA: One Stop Shop for Apps DBA’s says November 25, 2010

[…] (command line tool) or ODSM/OIDMON (graphical user interface) in OID 11g/10g resp. More on ODSM here Q.How to use command line (ldapmodify) to change OID server mode A. 1. Create change_mode.ldif […]

Reply
» How to add custom attribute, Object Classe in OID from command line or GUI Online Apps DBA: One Stop Shop for Apps DBA’s says December 14, 2010

[…] ODSM more here,  is a Graphical Tool to create/view/manage Attributes/Object Classes (Select tab Schema & […]

Reply
» Part VIII (Optional) Configure LDAP Sync with OIM 11g (OIM 11g Integration with OVD/OID) Online Apps DBA: One Stop Shop for Apps DBA’s says December 29, 2010

[…] OVD (If you have installed OVD with default settings then use SSL port 8899 for OVD). More on ODSM here 2.2.2 Select Adapter tab in ODSM 2.2.3 Click Create Adapter button 2.2.4 In new Adapter Wizard […]

Reply
Rajendra Prasad says February 15, 2011

Hi Atul,

We are implementing OID 11g (11.1.1.3) for the identity store.We have created users using ODSM tool.

When we are trying to login to ODSM using the newly created users,it is throwning error Invalid credentials..

Please suggest a solution..

Thanks
Rajendra

Reply
Atul Kumar says February 15, 2011

@ Rajendra Prasad,
Login to odsm (as of today) is supported only via cn=orcladmin .

If you wish to test your users which you created use ldapbind like

ldapbind -h oid_host -p oid_port -d “cn=your_user,cn=users,dc=[domain or oid_realm]” -w [your_user_password]

ldapbind -h oid_host -p oid_ssl_port -d “cn=your_user,cn=users,dc=[domain or oid_realm]” -w [your_user_password] -U 1

where default oid_port in oid 11g is 3060 and oid_ssl_port is 3131

Reply
Rajendra Prasad says February 15, 2011

Hi Atul,

Thanks for your quick response.

I have tested using ldapbind command they are working.

Regards
Rajendra

Reply
» Registering Database with OID : Directory does not contain the required Oracle Schema or Schema version is not correct Online Apps DBA: One Stop Shop for Apps DBA’s says March 18, 2011

[…] value to 1 for entry cn=oid1, cn=osdldapd, cn=subconfigsubentry). This can be done via ODSM or using FMW Enterprise Manager Control or LDIF file as explained here. More on anonymous bind in […]

Reply
Raghu says July 26, 2011

Hi Atul,

We have current OID version 9.2.0.7 and we want it to be upgraded to 11g. Is this possible?

Also i need to know the impact of not running OID 11g in weblogic.

Are there any other middlewares other than weblogic lik tomcat which can be used and is it better compared to weblogic.

What are the advantages & disadvantages of using weblogic for OID 11g.

Regards,
Raghu

Reply
Atul Kumar says July 26, 2011

@ Raghu,
To upgrade OID to 11gR1, you should be on atleast 10.1.2 or 10.1.4.0.1 else first upgrade OID to one these version .

http://download.oracle.com/docs/cd/E21764_01/upgrade.1111/e10129/starting_points.htm#BABHFGFG

WebLogic in OID used only for DIP or to manage OID using GUI.

If you are not using DIP (EBS Integration, 10g/11g Portal or sync with AD or other directory) or can manage OID from command line (LDAP commands) then WebLogic is not required.

Reply
Raghu says July 27, 2011

Thanks Atul for your information.

Reply
ABODAAS says August 15, 2011

Hi Atul i want to install the OIDDAS component sepeartely to manage the OID 11g,now i mange it by odsm but i want OIDDAS its doable or not
thank in advance, aslo is there any web app can manage OID ????

Reply
vicosobase says September 28, 2011

Hi Atul,

I purchase the e-book “Oracle E-Business Suite (R12) Integration with OID/OAM for Single Sign-On but I do not know how to download or where to download. I was expecting I will be sent an email with download instructions.

Please, send me the link to download the book. I paid with Pay Pal.

Thanks.

Reply
Atul Kumar says September 29, 2011

@ vicosobase,
Please drop mail to email address mentioned in eBook with payment ID with things you would like to see in document. You will get updated copy with required content in 3 days.

Reply
Sanjeev says March 6, 2012

Hi Atul,

i have a requirement in OID. we have created a seperate realm unlink “users” , so under the new relam i have created a new user , this user i have privileged (OracleDASCreateUser,OracleDASDeleteUser,OracleDASEdit,OracleDASUserPriv)him to create other users as we have some restrictions on not sharing orcladmin password to all, so we have done like this., Now if i login with odsm with that User it will say invalid credentials ( it would allow only with orcladmin), so how do a user will create another user in OID 11g ??

Reply
Atul Kumar says March 11, 2012

@ Sanjeev,

In OID 11.1.1.3 (or 11.1.1.4 as well not sure) and lower, only cn=orcladmin can login to ODSM.

What version of OID/ODSM you are using . Did you try with OID/ODSM 11.1.1.5 or 11.1.1.6 ?

Reply
Sanjeev says March 12, 2012

Hi Atul,

Thanx for reply

We are currently using IDM 11.1.1.5 at our environment.

Thanx
Sanjeev

Reply
Atul Kumar says March 13, 2012

@ Sanjeev,
Could you please confirm that your requirement is to create user in new realm in OID and login using that realm ?

If Yes , what is DN of user which you created in different realm ?

What username you are using in ODSM ?

Did you check logs for wls_ods1 managed server.

Reply
Nehas says April 19, 2012

Uesr Interface of (ODSM)in OID 11.1.1.1 that lets you to interact with Oracle Internet Directoy is allowed only to superuser in OID, my question is that can the access to User Interface of ODSM be allowed to all the users, if yes, please let me us know the mechanism. or has it been allowed in 11.1.1.2 and 11.1.1.5 (not sure whether released or not).

Reply
» HTTP Web DSML/Admin Gateway in OVD Online Apps DBA: One Stop Shop for Apps DBA’s says June 1, 2012

[…] When you connect to OVD using ODSM , you use Admin Gateway Port as shown below – I changed OVD admin gateway port from 8899 to […]

Reply
IgnitedMind says August 4, 2012

Hi Atul,

I have done Fresh Installed Entire Security Stack 11.1.1.6.0. I am able to access weblogic & managed server is also up & running & but still unable to access ODSM.

After successfully connection to ODSM, i would like to create some tree & than I will be doing OIM configuration with ldap sync.

What can be the possibility ?

Help Appreciated.

Reply
    Atul Kumar says August 4, 2012

    @IgnitedMind,
    Is ODSM managed server up and running ? Is there a process listening on ODSM managed server port (netstat -an | grep ) ?

    Check ODSM managed server log file for issues

    Reply
Pradeep says September 18, 2012

I am following the install guide for installing OID and integrating with R12.

I have registered the Instance with OID and registered EBS with OID and set the SSO profile options.

When I create a user in the ODSM the same is not being synchronized with EBS. The other way is working fine. Any new user added EBS is showing up in ODSM.

Can you tell me what I am missing ?

Reply
Atul Kumar says September 20, 2012

@ Predeep,
If you have our eBook http://onlineappsdba.com/index.php/book/ then there is step to enable debug via profile option and check messages in FND_LOG_MESSAGES table.

Few things I can think of two check
a) What options were used to integrate EBS with OID (was two way sync used)
b) Is DIP (managed server on OID) up and running, do you see any error in this managed server ?

Reply
» Integrate OES 11gR2 with LDAP (OID) Server for OES Policy Administration Console (/apm) login Online Apps DBA: One Stop Shop for Apps DBA’s says August 5, 2013

[…] example I created user atul), group OESAdmins, and add user (Atul) as member of group OESAdmin. Use ODSM or command line tool ldapadd to create user and […]

Reply
» How to debug OID : LDAP Error code 50 – Insufficient Access Rights Online Apps DBA: One Stop Shop for Apps DBA’s says January 24, 2014

[…] If you encounter “Insufficient Access Rights” in OID then enable Debug in OID (Set orcldebugflag to 8192 and orcldebugop to 8 to OID instance) using ODSM […]

Reply
fbilliotel says March 10, 2014

Hi Atul,

wls_ods1 is up and running.
But the URL http://host:7005/odsm is not working (404 error).
I remember that when i first installed OID, URL was ok (since i rebooted server).

[hostname ~]$ netstat -an | grep 7005
tcp 1 0 nnn.nnn.nnn.nnn:17955 nnn.nnn.nnn.nnn:7005 CLOSE_WAIT
tcp 0 0 nnn.nnn.nnn.nnn:46632 nnn.nnn.nnn.nnn:7005 CLOSE_WAIT
tcp 0 0 ::ffff:nnn.nnn.nnn.nnn:7005 :::* LISTEN
tcp 0 0 fe80::216:3eff:fe3e:22:7005 :::* LISTEN
tcp 0 0 ::1:7005 :::* LISTEN
tcp 0 0 ::ffff:127.0.0.1:7005 :::* LISTEN
tcp 0 0 ::ffff:nnn.nnn.nnn.nnn:7005 ::ffff:nnn.nnn.nnn.nn:64533 ESTABLISHED
tcp 0 0 ::ffff:nnn.nnn.nnn.nn:64533 ::ffff:nnn.nnn.nnn.nnn:7005 ESTABLISHED

I do not know how to resolve this…

Many Thanks.
Regards.
Fabrice

Reply
fbilliotel says March 10, 2014

Hi Atul,

I forgot to run:
startManagedWebLogic.sh “my_managed_server” “http://:7002”
I can now access to http://localhost:7005/odsm
Thank You.
Fabrice

Reply
» Installation of Oracle Identity Management (OID/OVD/ODSM/OIF) 11gR1(11.1.1.7) – Part 2 Online Apps DBA: One Stop Shop for Apps DBA’s says April 1, 2014

[…] ODSM (more on ODSM here) requires Weblogic Server and WebLogic Domain.  Select create a new […]

Reply
Victor says January 26, 2015

I am using OVD. Now, I am using orcladmin to login to odsm. How could I create another user ID for odsm login and configure in OAM for OAM authentication?

Reply
Add Your Reply