840 likes | 987 Vues
Presentation #36576 Oracle9i LDAP: Advanced Configuration of Directory Naming. Daniel T. Liu Senior Technical consultant First American Real Estate Solutions. Date: Wednesday, September 10, 2003 @ 4:30 AM - 5:30 PM Place: Moscone Room 131. Agenda. Net Services Basics Connecting Methods
E N D
Presentation #36576Oracle9i LDAP: Advanced Configuration of Directory Naming Daniel T. Liu Senior Technical consultant First American Real Estate Solutions Date: Wednesday, September 10, 2003 @ 4:30 AM - 5:30 PM Place: Moscone Room 131
Agenda • Net Services Basics • Connecting Methods • OID Basics • Step-by-Step Setup of OID for Names Resolutions • Migrating to OID • Q & A Paper #36576, Daniel T. Liu, FARES
Net Services Basics Paper #36576, Daniel T. Liu, FARES
Net Services In a Nutshell • What is the database instance ? • Instance name (SID) • Where is the database instance ? • Instance address (host, IP address, port) • How to communicate ? • Network language (protocol) Paper #36576, Daniel T. Liu, FARES
Net Services Components • Net Services Client • Net Services Server • Oracle Net • Oracle Net Foundation Layer • Oracle Protocol Support • Listener Paper #36576, Daniel T. Liu, FARES
Client/Server • Net Services Client • Enables client connections to databases across a network. A client-side application sends a request to Oracle Net Services to be transported across the network to the server. • Net Services Server • Enables the listener, through a protocol, to accept connections from client application on the network. Paper #36576, Daniel T. Liu, FARES
Oracle Net • Oracle Net Foundation Layer • Provides a standard method for a client application to establish and maintain communication with the Oracle database server on top of industry-standard network protocol. • Oracle Protocol Support • TCP/IP (with SSL) • Named Pipes • LU 6.2 • VI Paper #36576, Daniel T. Liu, FARES
Oracle Net Paper #36576, Daniel T. Liu, FARES
Listener • A separate process that resides on the server • Receives incoming client connection requests and manages the traffic of these requests to the server • Can listen to one or more databases either on the same system or on different system Paper #36576, Daniel T. Liu, FARES
Listener.ora listener_dallas = (address_list = (address = (protocol = ipc) (key = db1)) (address = (protocol = tcp) (host = dallas.company.com) (port = 1521)) ) sid_list_listener_dallas = (sid_list = (sid_desc = (global_dbname = db1.company.com) (sid_name = db1) (oracle_home = d:\oracle\oracle81) ) ) Paper #36576, Daniel T. Liu, FARES
Making the Connection • Method #1 • Retrieve from user’s memory • Lengthy connect string • Method #2 • Look up in your phone book • tnsnames.ora Paper #36576, Daniel T. Liu, FARES
Making the Connection • Method #3 • Call switchboard • Oracle Names Server • Oracle Internet Directory (LDAP) Paper #36576, Daniel T. Liu, FARES
Method #1: Retrieve From User’s Memory Create a lengthy connect string as follows: connect scott/tiger@ (description= (address = (portocol = tcp) (host=dallas.company.com) (port = 1521) ) (connect_data= (service_name = db1.company.com)) ) Paper #36576, Daniel T. Liu, FARES
Method #2:Retrieve From A Client Machine Local Naming resolves a net service name to a network address using information configure in a local naming configuration file called tnsnames.ora. connect scott/tiger@db1.company.com tnsnames.ora file: db1.company.com (description= (address = (portocol = tcp) (host=dallas.company.com) (port = 1521) ) (connect_data= (service_name = db1.company.com)) ) Paper #36576, Daniel T. Liu, FARES
Method #3:Retrieve From A Central System Central Naming stored the names and address of all database services in a central place on a network. Two popular methods: 1. Oracle Names - Oracle proprietary software to store the service names on a network 2. Directory Naming - clients can use network information stored in a centralized LDAP- compliantdirectory server to access a database service (Oracle Internet Directory) Paper #36576, Daniel T. Liu, FARES
Oracle Internet Directory Basics • Directory • LDAP • Oracle Internet Directory (OID) • OID Terminology • OID Architecture • How Net Services Use A Directory Server Paper #36576, Daniel T. Liu, FARES
Directory • Primarily read-focused • Designed to handle relatively simple transactions on relatively small units of data • Designed to be location-independent • Designed to store information in entries Paper #36576, Daniel T. Liu, FARES
LDAP • LDAP stands for Lightweight Directory Access Protocol • It provides all users and applications in the enterprise with a single, well-defined, standard interface to a single, extensible directory Paper #36576, Daniel T. Liu, FARES
LDAP • It reduces the need to enter and coordinate redundant information in multiple services scattered across the enterprise • Its well-defined protocol and interfaces make it more practical to deploy internet-ready applications that leverage the directory. Paper #36576, Daniel T. Liu, FARES
Oracle Internet Directory (OID) • A general-purpose directory service that enables fast retrieval and centralized management of information • Full-featured LDAP Version 3 compliant directory service • Major Benefits includes: • Scalability • High Availability • Security Paper #36576, Daniel T. Liu, FARES
OID Terminology • Entries • Distinguished Name (DN) • Directory Information Tree (DIT) • Relative Distinguished Name (RDN) • Attributes • Object Classes • Directory Schema • Naming Contexts Paper #36576, Daniel T. Liu, FARES
Directory Information Tree Paper #36576, Daniel T. Liu, FARES
OID Architecture • Oracle Directory Server Instance • OID Monitor • OID Control Utility (OIDCTL) • Oracle9i Database Paper #36576, Daniel T. Liu, FARES
OID Architecture Paper #36576, Daniel T. Liu, FARES
How Net Services Uses A Directory Server Paper #36576, Daniel T. Liu, FARES
Step-By-Step Setup Of Oracle Internet Directory For Names Resolution • Step #1: Planning the Network • Step #2: Installing OID Software • Step #3: Creating OID Repository Database and OID Schema • Step #4: Starting OID Server Paper #36576, Daniel T. Liu, FARES
Step-By-Step Setup Of Oracle Internet Directory For Names Resolution • Step #5: Setting Up Directory Tree (Adding New Entry For Naming Context) • Step #6: Setting Up An Oracle Context • Step #7: Adding Service Names To OID • Step #8: Setting Up The Client Machine Paper #36576, Daniel T. Liu, FARES
Step #1: Planning The Network • Understanding the different version of Oracle Internet Directory Paper #36576, Daniel T. Liu, FARES
Step #1: Planning The Network • Examine Company’s Existing Oracle network environment • List of all the network domains • Oracle database servers within each domain • Oracle instances and listeners running on each server • Number of Oracle Clients Paper #36576, Daniel T. Liu, FARES
Step #1: Planning The Network • Planning the Directory Tree • Single domain called “company.com” • 6 Oracle instances registered Paper #36576, Daniel T. Liu, FARES
Step #2: Installing OID Software • Read the Installation Guide • Prepare the environment • PATH • ORACLE_BASE • ORACLE_HOME • NLS_LANG • PORT 389 is not in use by another process • Mount the CD and bring up the Universal Installer Paper #36576, Daniel T. Liu, FARES
Step #2: Installing OID Software • Choose installation type: • “Management and Integration” option • Then, “Oracle Internet Directory” option • Choose install OID schema on: • An existing database • Or, a new independent database (preferred) • In “Summary” window, review information • Click “Install”, file copy process begins. Paper #36576, Daniel T. Liu, FARES
Step #3: Creating OID Repository Database and OID Schema • The “Configuration Tools” window appears at the end of installation • The Universal Installer will first create and start an OID database instance • Then, it creates OID schema and objects. - $ORACLE_HOME/ldap/admin/newldap.sql • Choose “Exit” and review log file for any installation errors Paper #36576, Daniel T. Liu, FARES
Step #4: Starting OID Server • After successfully completing the installation, the default OID Monitor Daemon and LDAP Server Instance will already be running against OID database instance • To start manually: • oidmon connect=<net_service_name> start • Oidctl connect=<net_service_name> server=oidldapd instance=1 start Paper #36576, Daniel T. Liu, FARES
Step #5: Setting Up Directory Tree • Invoke the Oracle Directory Manager • Type user name and password (orcladmin/welcome) • Create new admin user if needed - Grant “Browse, Add, Delete” access rights • Create the Naming Context • Add new entry “dc=com” • Add new entry “dc=company” under “dc=com” Paper #36576, Daniel T. Liu, FARES