Oracle Internet Directory administration cheatsheet

Leave a comment

What tools and files help one administer Oracle Internet Directory (OID)? Here’s a rundown on command line, GUI, OEM and log files offerings. This post applies to OID installed with Oracle Identity Manager and I haven’t used earlier versions.

opmnctl found in $ORACLE_HOME/opmn/bin will stop and start all services that are part of the Oracle application server (OAS) installation, of which OID is part. I will use $OH rather than $ORACLE_HOME for the rest of this post.

Just want to use OID and don’t want the over head of OAS? Use oidmon to start the monitoring component of oid services and then use oidctl to stop and start specific OID components. Both are found in $OH/bin.

Need to update OID entries from the command line? $OH/bin has several ldap compliant ldap tools: ldapsearch, ldapmodify, ldapadd, ldapdelete, ldapbind, ldapcompare and more.

You can configure OID replication with the OID gui installer. But after installing, you can administer OID replication with remtool, found in $OH/ldap/bin. The remtool utility allows you to configure OID replication done with LDAP and OID replication done with trigger based Advanced Replication.

If you have multiple OID directories, you may want to compare the contents to see whether the entries match, or whether subsets of OID directories match. Located in $OH/ldap/bin, oidcmprec allows one to do these comparisons and even reconcile two different directories by updating a target to match the source!

You can quickly generate LDIF (LDAP data interchange format or lightweight directory interchange format) text files containing the using the ldifwrite utility in $OH/ldap/bin. Such files can be used with any LDAP compliant server, not just Oracle’s.

$OH/ldap/bin has a number of other utilities, some which are shell scripts, some executables. There are password changing utilities, bulk updating utilities and configuration utilities.

For X-windows style administration, try $OH/bin/oidadmin.

Naturally, Oracle Enterprise Manager (OEM) has an interface for OID, but you’ll have to run OID with Oracle Application server to be able to do this. Running OID just with oidctl is not sufficient. When running just with oidctl, you can use OEM to monitor whether OID is up or down, but there are no screens for additional administration.

Lastly, you may wonder where OID specific log files are located. Most can be found in $OH/ldap/log. oidmon, the ldap server, replication components and remtool all output their log files here.

Oracle Identity Manager and Oracle Internet Directory bugs

Leave a comment

Regarding my last post, I worked through some nasty little bugs that were preventing me from reaching Oracle Internet Directory (OID) nirvana.

I couldn’t get replication working during the install due to this bug: 10.1.4 Install Replication Configuration Assistant Fails With * ERROR * Bootstrap is taking too long (metalink id: 392708.1). The problem? At work we name all of our instances with upper case letters. Upper case letters cause the replication configuration tool to fail.

Another problem was that the $ORACLE_HOME directory kept filling up with log file output. That was another bug: Note:469050.1

And now everything is cool!

Oracle Installer, oui, oui, oui, OY!

Leave a comment

I’ve been bear wrestling with Oracle Universal Installer (OUI). Oui, or should I say oy.

I had one success with it when I realized it had a bunch of command line switches.  Identifying the switch -waitforcompletion enabled someone writing a vbscript to automated client installs a way to get over a hurdle. With that switch, vbscript will wait until OUI is done with it’s work. Without, the vbscript will go to the next task because on setup.exe exits once it has shelled out to the main java OUI.

But I’ve been really struggling with unix installs of Oracle Internet Directory (OID). OID is now a component of Oracle Identify Manager. I’ve gotten OID to work in single node mode. But I’ve had two days of struggle trying to get replication to work.

My gripes with OUI and also OID are that you have to configure OID replication via the Oracle installer. You can’t just install binaries and then get things working with command line tools. Or maybe you can, but the documentation does not advertise this. Another complaint is that you can’t install OID and then go back to the installer to add another component of Oracle Identity Manager. Or at least the installer has complained that I can’t install into an existing repository whenever I try this…In short, if something isn’t working, I have to uninstall everything and then bear wrestle with oui, oui, oui again.