Skip Headers

Oracle Internet Directory Administrator's Guide
Release 9.2

Part Number A96574-01
Go To Documentation Library
Home
Go To Product List
Book List
Go To Table Of Contents
Contents
Go To Index
Index

Master Index

Feedback

Go to previous page Go to next page

35
Synchronization with Third-Party Metadirectory Solutions

The Oracle directory integration server does not provide mapping or scheduling services for third-party metadirectory solutions. Instead, Oracle Internet Directory uses change logs to enable synchronization with supported third-party metadirectory solutions. This chapter describes how change log information is generated and how supporting solutions use that information. It tells you how to enable third-party metadirectory solutions to synchronize with Oracle Internet Directory.

This chapter contains these topics:

About Change Logs

Oracle Internet Directory records each change as an entry in the change log container. A third-party metadirectory solution retrieves changes from the change log container and applies them to the third-party directory. To retrieve these changes, the third-party metadirectory solution must subscribe to the Oracle Internet Directory change logs.

Each entry in the change log store has a change number. The third-party metadirectory solution keeps track of the number of the last change it applied, and it retrieves from Oracle Internet Directory only those changes with numbers greater than the last change it applied. For example, if the last change a third-party metadirectory solution retrieved had a number of 250, then subsequent changes it retrieves would have numbers greater than 250.


Note:

If a third-party metadirectory solution is not subscribed to the Oracle Internet Directory change logs, and the first change it retrieves is more than one number higher than the last change it last applied, then some of the changes in the Oracle Internet Directory change log have been purged. In this case, the third-party metadirectory solution must read the entire Oracle Internet Directory to synchronize its copy with that in Oracle Internet Directory.



See Also:

"About Connectors and Directory Integration Profiles" for a conceptual discussion of directory integration profiles

Enabling Third-Party Metadirectory Solutions to Synchronize with Oracle Internet Directory

To enable third-party metadirectory solutions to retrieve changes from Oracle Internet Directory, perform the tasks described in this section.

Task 1: Perform Initial Bootstrapping

To bootstrap a directory to synchronize data between a local directory and Oracle Internet Directory, do the following:

  1. Find the number of the last change recorded in Oracle Internet Directory. This number is contained in the DSE root attribute, lastChangeNumber.

    To find the number of the last change recorded in Oracle Internet Directory, use ldapsearch. Enter the following command:

    ldapsearch -h host_name -p port_number -s base -b "" 'objectclass=*' 
    lastchangenumber
    
    

    If the change log does not contain change entries because they have been purged, then the last change number retrieved is 0 (zero).

  2. Use ldifwrite to export data from Oracle Internet Directory into an LDIF file.
  3. Convert the LDIF file to a format suitable to the client directory, then load it into the client directory.


    Note:

    Initial bootstrapping is not required with a new installation of Oracle Internet Directory. In this case, the current change number of the newly installed Oracle Internet Directory is 0 (zero).


    See Also:

    "ldifwrite Syntax" for instructions on using ldifwrite

Task 2: Create a Change Subscription Object in Oracle Internet Directory for the Third-Party Metadirectory Solution

To enable a third-party metadirectory solution to synchronize with Oracle Internet Directory, you must create a change subscription object for it in Oracle Internet Directory. This gives the third-party metadirectory solution access to change log objects stored in Oracle Internet Directory.

About the Change Subscription Object

The change subscription object is an entry located under the following container in Oracle Internet Directory:

cn=Subscriber Profile,cn=ChangeLog Subscriber,cn=Oracle Internet Directory

This change subscription object provides a unique credential for a third-party metadirectory solution to bind with Oracle Internet Directory and to retrieve changes from it. You associate the change subscription object with the auxiliary object class orclChangeSubscriber. This object class has several attributes, of which the following are mandatory:

Creating a Change Subscription Object

To create a change subscription object, use ldapadd. The following example uses an input file, named add.ldif, to create and enable a change subscription object, named my_change_subscription_object, under the container
cn=Subscriber Profile,cn=ChangeLog Subscriber,cn=Oracle Internet Directory. The orclLastAppliedChangeNumber is the current change number in the directory before initial bootstrapping--in this example, 250.

The Synchronization Process

This section contains these topics:

How a Connected Directory Retrieves Changes the First Time from Oracle Internet Directory

In this example, a connected directory with a change subscription object named my_change_subscription_object acquires changes from Oracle Internet Directory.

ldapsearch -h my_host -p 389 -b "cn=changeLog" -s one
(&(objectclass=changeLogEntry)
(changeNumber >= orclLastAppliedChangeNumber )
( ! (modifiersname =cn=my_change_subscription_object,cn=Subscriber Profile,
cn=ChangeLog Subscriber,cn=Oracle Internet Directory ) ) )

When the directory is retrieving changes for the first time, the value for orclLastAppliedChangeNumber is the number you set in "Task 2: Create a Change Subscription Object in Oracle Internet Directory for the Third-Party Metadirectory Solution".

The argument (!(modifiersname=client_bind_dn)) in the filter ensures that Oracle Internet Directory does not return changes made by the connected directory itself.

How a Connected Directory Updates the orclLastAppliedChangeNumber Attribute in Oracle Internet Directory

After retrieving changes from Oracle Internet Directory, the connected directory updates the orclLastAppliedChangeNumber attribute in its change subscription object in Oracle Internet Directory. This allows Oracle Internet Directory to purge changes that connected directories have already applied. It also enables the connected directory to retrieve only the most recent changes, ignoring those it has already applied.

This example uses an input file, mod.ldif, in which the connected directory has a change subscription object named my_change_subscription_object, and the last applied change number is 121. The connected directory updates orclLastAppliedChangeNumber in its change subscription object in Oracle Internet Directory as follows:

  1. Edit mod.ldif:
    dn: cn=my_change_subscription_object,cn=Subscriber Profile,
    cn=ChangeLog Subscriber,cn=Oracle Internet Directory changetype:modify replace: orclLastAppliedChangeNumber orclLastAppliedChangeNumber: 121
  2. Use ldapmodify to load the edited mod.ldif file:
    ldapmodify -h host -p port -f mod.ldif
    
See Also:

"Change Log Purging" for information about purging changes according to change numbers



Disabling and Deleting Change Subscription Objects

You can temporarily disable an existing change subscription object, or delete it altogether. This section contains these topics:

Disabling a Change Subscription Object

If a change subscription object already exists for a third-party metadirectory solution, but you want to disable it temporarily, then set the orclSubscriberDisable attribute to 1. The following example uses an input file, mod.ldif, to disable a change subscription object.

Deleting a Change Subscription Object

To delete a change subscription object, use ldapdelete. Enter the following command:

ldapdelete -h ldap_host -p ldap_port
"cn=my_change_subscription_object,cn=Subscriber Profile,
cn=ChangeLog Subscriber,cn=Oracle Internet Directory"

Go to previous page Go to next page
Oracle
Copyright © 1999, 2002 Oracle Corporation.

All Rights Reserved.
Go To Documentation Library
Home
Go To Product List
Book List
Go To Table Of Contents
Contents
Go To Index
Index

Master Index

Feedback