-
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
1/18
DBA Tips Archive for Oracle
Oracle Database Name Resolution with OpenLDAP
by Jeff Hunter, Sr. Database Aministrator
Contents
!ntrouction "onfi#ure LDAP Directory
"onfi#ure Oracle "lients for LDAP
$ana#e Net Ser%ice Names
&ser !nterfaces
'roubleshootin#
About the Author
Introduction
Anyone who has e%er wor(e with the Oracle Database is most li(ely familiar with thetnsnames.orafile. 'he tnsnames.ora file is a te)t file that contains client sie efinitions for net
ser%ice names, sometimes call aliases, neee to lo# in to an Oracle instance. 'his pro%ies localname resolution by mappin# net ser%ice names to connect escription information for Oracleinstances* similar to how the local hostsfile for an operatin# system maps machine names to !P
aresses. 'he tnsnames.ora file is commonly foun in its efault location uner theORACLE_HOME/network/adminirectory.
One of the a%anta#es of usin# a local tnsnames.ora file is that it is easy to create an eitentries. 'his is especially true when there are only a few entries to maintain an the file onlynees to be istribute to a small number of Oracle client machines. 'he primary isa%anta#e oflocal namin# is when there are a lar#e number of client machines on the networ(, say + ore%en a + clients, each re-uire to ha%e their own tnsnames.ora file. 'his problem #etscompoune when fre-uent chan#es to the tnsnames.ora are re-uire as a result of ain# ormo%in# atabase an the file has to be reistribute to those clients.
http://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#Introductionhttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#Configure%20LDAP%20Directoryhttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#Configure%20Oracle%20Clients%20for%20LDAPhttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#Manage%20Net%20Service%20Nameshttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#User%20Interfaceshttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#Troubleshootinghttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#About%20the%20Authorhttp://www.idevelopment.info/http://window.history.back%28%29/http://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#Configure%20LDAP%20Directoryhttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#Configure%20Oracle%20Clients%20for%20LDAPhttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#Manage%20Net%20Service%20Nameshttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#User%20Interfaceshttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#Troubleshootinghttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#About%20the%20Authorhttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml#Introduction -
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
2/18
A more efficient solution is to centrali/e the list of atabase names in a repository that e%eryOracle client can access. !n this article, ! will emonstrate how to confi#ure Oracle atabasenamin# in an LDAP irectory. LDAP is for tnsnames.ora what DNS is for a local hosts file li(e/etc/hosts. Similar to how the local tnsnames.ora file wor(s, when a client performs a loo(up
for a net ser%er name in LDAP, it is #i%en the appropriate connect escriptor information for the
Oracle instance or ser%ice name.
Support for net ser%ice name resolution throu#h LDAP starte in Net0 with Oracle atabaserelease 0.+.1. Note that the name Net0 was chan#e to Oracle Net in Oracle2i. Oracle Net runson both the client machine an the atabase ser%er an allows transparent atabasecommunication o%er a networ(. 3efore LDAP, Oracle Nameswas the ser%ice use to support acentrali/e namin# ser%ice an a way to eliminate the local tnsnames.ora file on client machines.Althou#h this technolo#y wor(e well, it was a proprietary solution that in4t offer theinte#rate solution with other stanars base namin# ser%ices li(e irectory namin# foun inLDAP. Oracle2iwas the terminal release of Oracle Names an Oracle stron#ly recommensusers to mi#rate to irectory namin# usin# LDAP.
'he LDAP implementation use in this #uie is OpenLDAP Software runnin# on the "entOS 5platform. 'his #uie assumes the LDAP irectory is alreay confi#ure an runnin# on amachine name ldapsrv.idevelopment.info. 'he LDAP irectory use in this #uie has been
initiali/e with a base DN of dc=idevelopment,dc=info. Ob%iously, the name of your LDAP
ser%er an the base DN will iffer an the e)amples presente in this #uie will nee to bemoifie accorin#ly for you en%ironment. Refer to the followin# two tutorials on how to installOpenLDAP Software an initiali/e the LDAP irectory on the ser%er.
"entOS 5
!nstall an "onfi#ure OpenLDAP!nitiali/e a New LDAP Directory
"entOS 1
!nstall an "onfi#ure OpenLDAP!nitiali/e a New LDAP Directory
Althou#h Oracle pro%ies an officially supporte LDAP implementation name Oracle !nternetDirectory 6O!D7, it is part of a much lar#er an comple) !entity $ana#ement software prouctthat is inte#rate into their Oracle 8usion $ileware an Oracle Applications. Since ! am usin#
the LDAP irectory for nothin# more than atabase name loo(ups, this option woul be e)tremeo%er(ill. Not to mention that OpenLDAP is open source an comes at a total cost of 9. whileO!D will set you bac( a #oo chun( of chan#e.
'he solution escribe in this article is not supporte by Oracle Support.
http://www.idevelopment.info/data/LDAP/LDAP_Resources/OPENLDAP_Install_CentOS5.shtmlhttp://www.idevelopment.info/data/LDAP/LDAP_Resources/OPENLDAP_Initialize_a_New_LDAP_Directory_CentOS5.shtmlhttp://www.idevelopment.info/data/LDAP/LDAP_Resources/OPENLDAP_Install_CentOS6.shtmlhttp://www.idevelopment.info/data/LDAP/LDAP_Resources/OPENLDAP_Initialize_a_New_LDAP_Directory_CentOS6.shtmlhttp://www.idevelopment.info/data/LDAP/LDAP_Resources/OPENLDAP_Install_CentOS5.shtmlhttp://www.idevelopment.info/data/LDAP/LDAP_Resources/OPENLDAP_Initialize_a_New_LDAP_Directory_CentOS5.shtmlhttp://www.idevelopment.info/data/LDAP/LDAP_Resources/OPENLDAP_Install_CentOS6.shtmlhttp://www.idevelopment.info/data/LDAP/LDAP_Resources/OPENLDAP_Initialize_a_New_LDAP_Directory_CentOS6.shtml -
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
3/18
Configure LDAP Directory
'he process starts with confi#urin# the OpenLDAP irectory with similar capabilities of Oracle!nternet Directory 6O!D7. 'his in%ol%es importin# four Oracle specific schema specification files
that implement the structure of a net ser%ice name entry an the connect escriptor informationthat shoul be returne to the client that as(s for the name to be resol%e.
8irst, create the followin# irectory on the LDAP ser%er:
root!ldapsrv #$%mkdir -p /etc/openldap/oid/schema
Ne)t, ownloa the four schema specification files to the newly create irectory. 'hese fileswere ta(en from the O!D schema ob;ects an sli#htly moifie to wor( with OpenLDAP.
oibase.schema
oinet.schema
oirbms.schema
alias.schema
Open the main confi#uration file for the OpenLDAP ser%er 6/etc/openldap/slapd.conf7 an
a lin(s to the O!D schema files.
incl&de /etc/openldap/oid/schema/oid'ase.schemaincl&de /etc/openldap/oid/schema/oidnet.schemaincl&de /etc/openldap/oid/schema/oidrd'ms.schemaincl&de /etc/openldap/oid/schema/alias.schema
After ma(in# moifications to the confi#uration file, restart the LDAP ser%er aemon.
root!ldapsrv #$% service ldap restart(toppin) slapd* O+ $(tartin) slapd* O+ $
8inally, create the followin# LDAP recor that efines the orclContextob;ect class. 'o o this,
create a new LD!8 file with the followin# contents. $oify the e)ample entry below to matchyour base DN.
root!ldapsrv #$% vi oracleContext.ldif
dn* cn=OracleContet,dc=idevelopment,dc=infoo'-ectclass* orclContetcn* OracleContet
http://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/oidbase.schemahttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/oidnet.schemahttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/oidrdbms.schemahttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/alias.schemahttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/oidbase.schemahttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/oidnet.schemahttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/oidrdbms.schemahttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/alias.schema -
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
4/18
'his #uie assumes the irectory has been initiali/e with a base DN ofdc=idevelopment,dc=infoas escribe in the followin# tutorial:
!nitiali/e a New LDAP Directory
&se the ldapaddcomman to loa the new ob;ect class to the irectory.
root!ldapsrv #$% ldapadd -x -W -D "cn=Manager,dc=idevelopment,dc=info" -foracleContext.ldifEnter LA assword* *********addin) new entr0 1cn=OracleContet,dc=idevelopment,dc=info1
Configure Oracle Clients for LDAP
'he ne)t step is to setup the Oracle Net confi#uration files on the client for net ser%ice name
resolution throu#h LDAP. 'he client in this case is the machine bein# use to connect to theOracle instance. 'he client machine will nee to ha%e the Oracle "lient or Oracle Databasesoftware installe which inclues the Oracle Net software.
LDAP Naming ethod ! "s#lnet$ora%
Start by specifyin# the namin# methos throu#h the 2AME(.3REC4OR5_A4Hparameter in the
ORACLE_HOME/network/admin/s6lnet.ora file on the client machine. 'he (eywor for
irectory namin# is LDAP. 'he followin# parameter settin# will confi#ure a client to attemptname resolution throu#h the local tnsnames.ora file first, an then throu#h the LDAP irectory.
2AME(.3REC4OR5_A4H= 742(2AME(, LA8
!f your client confi#uration will not inclue a tnsnames.ora file for local name resolution, remo%ethe 42(2AME((eywor an only inclue LA.
2AME(.3REC4OR5_A4H= 7LA8
LDAP &erver Information ! "ldap$ora%
Ne)t, create a new file in the same irectory name ORACLE_HOME/network/admin/ldap.ora.
'his file will contain information necessary to connect to the LDAP ser%er an inclues threeentries similar to the followin#. $oify the contents escribe below to the name of your LDAPser%er, LDAP listenin# port, an the efault aministrati%e conte)t within your LDAP irectory.
3REC4OR5_(ER9ER(= 7ldapsrv.idevelopment.info*:;A?L4_AM32_CO24E@4 = 1dc=idevelopment,dc=info1
http://www.idevelopment.info/data/LDAP/LDAP_Resources/OPENLDAP_Initialize_a_New_LDAP_Directory_CentOS5.shtmlhttp://www.idevelopment.info/data/LDAP/LDAP_Resources/OPENLDAP_Initialize_a_New_LDAP_Directory_CentOS5.shtml -
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
5/18
3REC4OR5_(ER9ER_45E = O3
A?L4_OMA32parameter is specifie in the s6lnet.orafile, it is i#nore
when irectory namin# is use. !nstea, the e-ui%alent functionality escribe abo%e willbe pro%ie throu#h the E>A?L4_AM32_CO24E@4parameter in ldap.ora.
!n the abo%e e)ample, Oracle Net will translate the un-ualifie net ser%er name 6testd'B7 to a
fully -ualifie istin#uishe name 6dn*
cn=testd'B,cn=OracleContet,dc=idevelopment,dc=info 7 which is then passe to the
LDAP irectory. !f a match is foun, the LDAP ser%er then returns the connect escriptorinformation to the client which will be use to initiate a connection to the specifie Oracleinstance or ser%ice name.
anage Net &ervice Names
At this point, the LDAP irectory (nows what the structure of an Oracle net ser%ice name recorshoul loo( li(e an the Oracle client (nows how to access the LDAP ser%er. 'he ne)t step is toa a new Oracle net ser%ice name recor to the LDAP irectory. 'he metho use in thissection is to create a template recor in the LDAP Data !nterchan#e 8ormat, or LD!8, file formatan loa it usin# the LDAP client tool ldapadd.
Add Net &ervice Name
-
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
6/18
"reate an LD!8 file name newnetservicename.ldifwith information similar to the
followin# e)ample:
root!ldapsrv #$% vi ne-netservicename.ldif
dn* cn=testd'B,cn=OracleContet,dc=idevelopment,dc=infoo'-ectclass* topo'-ectclass* orcl2et(ervicecn* testd'Borcl2etesc(trin)* 7E(CR343O2=7ARE((=7RO4OCOL=4C87HO(4=testnodeB87OR4=BDB887CO22EC4_A4A=7(ER93CE_2AME=testd'B.idevelopment.info888
'he last line of the e)ample abo%e shoul loo( familiar if you ha%e e%er mana#e entries in thetnsnames.orafile. 'he new recor will be store within the OracleContetschema that was
create earlier in this #uie.
After moifyin# the e)ample recor for your en%ironment, a it to the irectory usin# ldapadd.
root!ldapsrv #$% ldapadd -x -W -D "cn=Manager,dc=idevelopment,dc=info" -fne-netservicename.ldif
Enter LA assword* *********addin) new entr0 1cn=testd'B,cn=OracleContet,dc=idevelopment,dc=info1
'est that the Oracle client is able to resol%e the net ser%ice name throu#h LDAP usin# anun-ualifie an fully -ualifie net ser%ice name.
oracle!testnode: #$F tnsping testd!
42( in) ?tilit0 for Lin&* 9ersion BB..G.:.G rod&ction on GA?GBB
-
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
7/18
?sed LA adapter to resolve the aliasAttemptin) to contact 7E(CR343O2=7ARE((=7RO4OCOL=4C87HO(4=testnodeB87OR4=BDB887CO22EC4_A4A=7(ER93CE_2AME=testd'B.idevelopment.info888O+ 7G msec8
odify Net &ervice Name
!n aition to ain# new entries, any e)istin# LDAP recor can be moifie by creatin# theappropriate LD!8 file an usin# the ldapmodif0comman. 8or e)ample, if the testd'B
atabase mo%e to another host, say newtestnodeB, create an LD!8 recor similar to the
followin#:
root!ldapsrv #$% vi modif#-netservicename.ldif
dn* cn=testd'B,cn=OracleContet,dc=idevelopment,dc=info
chan)et0pe* modif0replace* orcl2etesc(trin)orcl2etesc(trin)* 7E(CR343O2=7ARE((=7RO4OCOL=4C87HO(4=newtestnodeB87OR4=BDB887CO22EC4_A4A=7(ER93CE_2AME=testd'B.idevelopment.info888
&pate the irectory recor usin# ldapmodif0.
root!ldapsrv #$% ldapmodif# -x -W -D "cn=Manager,dc=idevelopment,dc=info" -fmodif#-netservicename.ldif -vldap_initialiJe7 ldap*//ldapsrv 8Enter LA assword* *********replace orcl2etesc(trin)*
7E(CR343O2=7ARE((=7RO4OCOL=4C87HO(4=newtestnodeB87OR4=BDB887CO22EC4_A4A=7(ER93CE_2AME=testd'B.idevelopment.info888modif0in) entr0 1cn=testd'B,cn=OracleContet,dc=idevelopment,dc=info1modif0 complete
'est the new recor from the Oracle client.
oracle!testnode: #$F tnsping testd!
42( in) ?tilit0 for Lin&* 9ersion BB..G.:.G rod&ction on GA?GBB
-
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
8/18
Delete Net &ervice Name
&se the ldapdeletecomman to elete a recor 6an Oracle net ser%ice name entry7 from the
LDAP irectory.
root!ldapsrv #$% ldapdelete -x -W -D "cn=Manager,dc=idevelopment,dc=info""cn=testd!,cn=$racleContext,dc=idevelopment,dc=info" -v
ldap_initialiJe7 ldap*//ldapsrv 8Enter LA assword* *********deletin) entr0 1cn=testd'B,cn=OracleContet,dc=idevelopment,dc=info1
'ser Interfaces
After ain# or moifyin# a few of these net ser%ice name recors usin# LD!8, it shouln4t belon# before you start as(in# yourself whether or not there is a more efficient metho for
mana#in# irectory entries. >our first thou#ht may be to fire up the Oracle client toolNetManager. &nfortunately, Net $ana#er an many other Oracle client tools only wor( with Oracle!nternet Directory* not OpenLDAP or any other #eneric LDAP ser%er. Althou#h ! was able tosuccessfully authenticate to the OpenLDAP irectory usin# Net $ana#er, ! was not able to a,%iew, or moify any of the irectory entries in the OracleContetschema.
'here are se%eral free LDAP amin proucts that you mi#ht fin useful* some of which are listebelow.
webmin 6mana#e user account, DNS, LDAP, an much more usin# a web interface7
J?plorer 6stanalone client7
Apache Directory Stuio
phpLDAPamin
$y personal fa%orite is phpLDAPamin 6also (nown as PLA7. phpLDAPamin is a free anpopular webbase LDAP client that is easy to install an customi/e. !ts hierarchical tree%ieweran a%ance search functionality ma(e it intuiti%e to browse an aminister an LDAP irectory.Since it is webbase, the LDAP browser wor(s on many platforms, ma(in# your LDAP ser%ereasy to mana#e from any location.
&se the followin# instructions to install the phpLDAPamin software alon# with PHP an theApache H''P Ser%er. 8or the purpose of this e)ample, ! installe the phpLDAPamin webapplication on the same ser%er hostin# the OpenLDAP irectory6ldapsrv.idevelopment.info7.
Install Apache (TTP &erver
http://www.webmin.com/http://jxplorer.org/http://directory.apache.org/studio/http://phpldapadmin.sourceforge.net/http://www.webmin.com/http://jxplorer.org/http://directory.apache.org/studio/http://phpldapadmin.sourceforge.net/ -
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
9/18
!f the application ser%er alreay has the Apache H''P Ser%er installe, this section may bes(ippe. $a(e certain that the Apache H''P ser%er is starte an confi#ure to launch on boot.
'he Apache H''P Ser%er can be installe on "entOS, ReHat
-
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
10/18
% 'ase K with scope 'aseO'-ect% filter* 7o'-ectclass=8% re6&estin)* s&'schema(&'entr0%
%dn*s&'schema(&'entr0* cn=(&'schema
% search res<search* res<* G (&ccess
% n&mResponses* % n&mEntries* B
@. Cerify any aitional prere-uisites.
http:phplapamin.sourcefor#e.netwi(iine).phpPreRe-uisites
3. Downloa the current %ersion of phpLDAPamin 6phpldapadminB...Jipat the timeof this writin#7 to the application ser%er.
http:phplapamin.sourcefor#e.netwi(iine).phpDownloa
E. &npac( the phpLDAPamin archi%e.
% %n+ip phpldapadmin-.&.&.+ip
5. Put the resultin# NphpldapadminNirectory anywhere in your DocumentRoot 6i.e.
/var/www/html7.
%mv phpldapadmin-.&.& /var//html/phpldapadmin
6. !n the NphpldapadminNconfi# irectory 6i.e. oc&mentRoot/phpldapadmin/confi)7
copy Nconfi).php.eampleNto Nconfi).phpNan moify any settin#s in confi).php
to customi/e the phpLDAPamin en%ironment.
% cd /var//html/phpldapadmin/config% cp config.php.example config.php
7. 'he only moification ! mae to the confi).phpfile was to Fserversset9al&e:
/ A convenient name that will appear in the tree viewer and thro&)ho&t phpLAadmin to identif0 this LA server to &sers. /Fserversset9al&e7NserverN,NnameN,Nievelopment.infoN8
0. Restart the Apache H''P ser%ice.
% apachectl restart
http://phpldapadmin.sourceforge.net/wiki/index.php/PreRequisiteshttp://phpldapadmin.sourceforge.net/wiki/index.php/Downloadhttp://phpldapadmin.sourceforge.net/wiki/index.php/PreRequisiteshttp://phpldapadmin.sourceforge.net/wiki/index.php/Download -
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
11/18
anage Net &ervice Names using phpLDAPadmin
$ana#in# LDAP recors usin# the phpLDAPamin web interface is fairly selfe)planatory. !nthis final section, !4ll pro%ie the methos ! use to mana#e net ser%ice names in OpenLDAP usin#phpLDAPamin. ! will pro%ie two custom templates that ! wrote which ma(es creatin# an
moifyin# net ser%ice names in phpLDAPamin simple an strai#htforwar.
Cisit the phpLDAPamin website to learn more about templates.
http:phplapamin.sourcefor#e.netwi(iine).php'emplates
+. Downloa the followin# Create Templatethat will pro%ie a custom interface use tocreate new Oracle net ser%ice names in phpLDAPamin.
o orclNetSer%ice.)ml
"opy the orcl2et(ervice.mlfile to the
oc&mentRoot/phpldapadmin/templates/creation irectory on the application
ser%er.
% cp orcletervice.xml /var//html/phpldapadmin/templates/creation/
@. Downloa the followin#Modification Templatethat will pro%ie a custom interface useto moify e)istin# Oracle net ser%ice names in phpLDAPamin.
o orclNetSer%ice.)ml
"opy the orcl2et(ervice.mlfile to the
oc&mentRoot/phpldapadmin/templates/modification irectory on the application
ser%er.
% cp orcletervice.xml/var//html/phpldapadmin/templates/modification/
. Open your web browser an na%i#ate to the phpLDAPamin web application.
http:FhostnameGphplapamin
!f you are repeatin# the steps in this section an recei%e any errors tryin# to brin#up the web site 6for e)ample 4'he connection to the ser%er was reset while thepa#e was loain#.47 clear your coo(ies an cache from the browser an restart the
Apache H''P ser%ice.E. Lo# in to your LDAP irectory from the phpLDAPamin home pa#e.
http://phpldapadmin.sourceforge.net/wiki/index.php/Templateshttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/creation/orclNetService.xmlhttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/modification/orclNetService.xmlhttp://phpldapadmin.sourceforge.net/wiki/index.php/Templateshttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/creation/orclNetService.xmlhttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/modification/orclNetService.xml -
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
12/18
5. 8rom the base DN 6left pane7, e)pan your irectory tree an na%i#ate to theOracleContetschema. !f you ha%e any atabases re#istere, clic( on the net ser%ice
name 6cn=Ktns_alias7 to %iew or moify that entry.
!f you installe the two templates escribe in the pre%ious steps, this will brin# up a
pa#e 6ri#ht pane7 that allows you to choose which template to eit the entry with. !n thee)ample below, the choices are:
Oracle: Net Ser%ice Name (our custom Modification Template)
Default(phpLDAPadmin default modification
screen)
Select the 4Oracle* Net &ervice Name4 template.
1. &se this template to moify the Connect Descriptorattribute for the selecte net ser%icename. Notice in this form that the Net &ervice Namefiel is reaonly.
http://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/phpLDAPadmin_large_s2.pnghttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/phpLDAPadmin_large_s2.png -
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
13/18
. !t shoul be note that it is not re-uire to use the custom moification template 6Oracle:Net Ser%ice Name7 to upate the net ser%ice name entry. !f you selecte the Defaulttemplate, the entry form pro%ies all upatable fiels an the actual name of the attributes6as oppose to the titles ! use in place of the attribute names7.
0. 'o create a new net ser%ice name, clic( the Create ne+ entry hereoption uner theOracleContextschema.
http://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/phpLDAPadmin_large_s3.pnghttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/phpLDAPadmin_large_s3.pnghttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/phpLDAPadmin_large_s3.png -
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
14/18
2. Just as we saw when moifyin# an entry, a list of a%ailable templates will be liste whichcan be use to create a new entry. Since we will be creatin# a net ser%ice name entry,select the custom template Oracle* Net &ervice Name. Remember, you can always selectthe Defaulttemplate which pro%ies a form with attributes that are a caniate for bein#upate.
+. 'he Oracle: Net Ser%ice Name template ma(es it easy to enter a Net &ervice Nameanthe Connect Descriptor.
http://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/phpLDAPadmin_large_s4.pnghttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/phpLDAPadmin_large_s5.pnghttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/phpLDAPadmin_large_s5.pnghttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/phpLDAPadmin_large_s4.pnghttp://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/resources/OracleDatabaseNameResolutionOpenLDAP/phpLDAPadmin_large_s4.png -
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
15/18
++. After ain# the new net ser%ice name, ;ump on to the Oracle client machine an try to
lo# on to the atabase throu#h LDAP.
oracle!testnode: #$F slpl%s scott/tigerracd!(PLl&s* Release BB..G.:.G rod&ction on 4&e A&) B G*QQ*D GB
Cop0ri)ht 7c8 B
-
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
16/18
(tat&s * >ail&re LA* error code : 2o (&ch O'-ect$
8or e)ample:
Loo(in# at the lo# file for the LDAP ser%er shows that SIL De%eloper sent an LDAP re-uest
that in4t match the O!D LDAP structure that we impro%ise in OpenLDAP. 'he re-uest sentby SIL De%eloper was e)pectin# a stanar O!D LDAP structure that in4t match ourimplementation.
'he wor(aroun is to create an Advanced"onnection 'ype with a "ustom JD3" &RL similarto the followin#:
-d'c*oracle*thin*!ldap*//ldapsrv*:;
-
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
17/18
A,out the Author
Jeffrey Hunter is an Oracle "ertifie Professional, Ja%a De%elopment "ertifie Professional,Author, an an Oracle A"
-
8/14/2019 Oracle Database Name Resolution with OpenLDAP.doc
18/18
! ha%e mae e%ery effort an ta(en #reat care in ma(in# sure that the material inclue on my web site is technicallyaccurate, but ! isclaim any an all responsibility for any loss, ama#e or estruction of ata or any other property
which may arise from relyin# on it. ! will in no case be liable for any monetary ama#es arisin# from such loss,ama#e or estruction.
Last moifie on
Benesay, Jul@+ +:E2:+@