print Printer View e-mail E-mail this page Bookmark Bookmark
Oracle Internet Directory New Features
Oracle Internet Directory: Summary of New Features in Oracle10g (9.0.4)
  • Integration with the Microsoft Windows environment -- You can integrate the Oracle Application Server infrastructure with the Microsoft Windows Operating System--including Microsoft Active Directory and Microsoft Windows NT 4.0. This integration is achieved by using the Active Directory Connector in the Oracle Directory Integration and Provisioning platform and plug-ins.

  • External authentication support -- You can store user security credentials in a repository other than Oracle Internet Directory--for example, a database or another LDAP directory such as Microsoft Active Directory or SunONE Directory Server. You can then use these credentials for user authentication.

  • Installation of  Oracle Internet Directory on Oracle9i Real Application Clusters -- You can install Oracle Internet Directory on Oracle9i Real Application Clusters. When you do this, both the software and schema for Oracle Internet Directory are installed on the primary node, while only the software is installed on the secondary nodes.  With the release of Oracle10g Database, this feature will also support Oracle10g Real Application Clusters as well.

  • Rack-mounted directory server configuration support -- This configuration provides high availability of a directory server by running multiple directory server instances on different hardware nodes. The directory servers are connected to the same underlying data store, which is an Oracle9i Database Server.

  • Two-way provisioning between Oracle Internet Directory and other application directories -- The Oracle Directory Provisioning Integration Service can send notification of provisioning events bidirectionally between Oracle Internet Directory and other applications.

  • Integration of provisioning data with the Oracle E-Business Suite -- You can synchronize user accounts and other user information from the Oracle E-Business Suite to Oracle Internet Directory by using the Oracle Directory Provisioning Integration Service.

  • Oracle Directory Manager enhancements -- Oracle Directory Manager now enables you to manage the following: - Attribute uniqueness
    - Plug-ins
    - Garbage collection
    - Change logs
    - Replication
    - Query optimization
    - Debug logging to a finer degree than previously
    - Enhancement of ACLs

  • Oracle Internet Directory Self-Service Console enhancements -- Oracle Internet Directory Self-Service Console, a graphical administrative tool built with Oracle Delegated Administration Services units, enables you to manage the following: - Identity Management Realms
    - Services
    - Accounts
    - Password resetting Oracle Internet Directory Self-Service Console also enables users to view organization charts and edit their own profiles.

  • Password policy enhancements -- New password policy capabilities in Oracle Internet Directory include: - Configurable Password History
    - Unlocking of accounts
    - Forced password change upon first login
    - Self-resetting of password in case of account lockout or forgotten passwords
    - IP-based account lockout
    - Password policy enablement or disablement by using a single attribute in the password policy entry

  • Dynamic groups -- You can create and use dynamic groups whose membership, rather than being maintained in a list, is computed on the fly, based on assertions that you specify.

  • Query optimization -- In searches, some attributes have very different response times depending on their values. You can uniform the response times of search operations for such attributes to enhance performance.

  • Garbage collection framework -- A garbage collector is a background database process that removes obsolete data from the directory. The Oracle Internet Directory garbage collection framework provides a default set of garbage collectors, and enables you to modify them.

  • Simple Authentication Security Layer (SASL) support -- Oracle Internet Directory supports the use of SASL, a method for adding authentication support to connection-based protocols. To use it, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions. If its use is negotiated, a security layer is inserted between the protocol and the connection.

  • Security credential storage enhancements -- New security credential storage capabilities in Oracle Internet Directory include: - Generation of O3logon verifier for enterprise users
    - Generation of a default set of verifiers for application bootstrapping
    - Generation of SASL/MD5 verifiers for directory authentication

  • Fan-out and partial replication support -- Oracle Internet Directory now supports: - Propagation of one or more naming contexts, rather than the entire DIT, to other nodes in a replication agreement
    - Consumer replicas, having received changes from a supplier, can then replicate those changes to one or more other replicas. This new "fan-out" replication can be either full DIT or partial, and can exclude or include any LDAP attribute from replication.

  • Replication Environment Management Tool -- This tool ensures that Oracle9i Advanced Replication is properly configured for directory replication. In the event of a directory replication failure, this tool looks for common problems and seeks to rectify them. If it cannot solve the problem, then it gives you a report of the nature of the problem and points you to a possible solution.

  • Server discovery by using DNS -- This feature enables the location of a directory server in a distributed environment to be discovered dynamically by using the domain name system (DNS). Rather than storing server location information statically in an ldap.ora file on the client, that information is stored and managed in a central domain name server. The client, at request processing time, retrieves this information from the domain name server.

  • Bulkload tool enhancements -- You can now use bulkload to add a large volume of entries to a non-empty directory. For example, you can add one million entries to a directory that has one million entries already. You can also incrementally add a medium-size number of entries to a large directory. For example, you can add 50,000 entries at a time to a directory that has five million entries already.

  • Logging enhancements -- This release of Oracle Internet Directory provides the following enhancements to logging and tracing: 
    - Object-based tracing for operations associated with thread and connection identifiers. This facilitates non-interleaved and coherent logging for each LDAP operation in a multithreaded environment.
    - Selective tracing for chosen operations by using the operation dimension
    - Structured, meaningful trace messages with additional information including thread identifier and criticality.

  • OID Migration Tool (ldifmigrator) enhancements -- You can use this tool to reconcile data with that in an existing directory, and to directly load data into Oracle Internet Directory.

  • Client side referral caching -- This new feature enables clients to cache referral information and use it to speed up referral processing.
E-mail this page
Printer View Printer View
Oracle Is The Information Company About Oracle | Oracle RSS Feeds | Careers | Contact Us | Site Maps | Legal Notices | Terms of Use | Privacy