Home Learn the Basics View Content Add Content Create Pages Build Portlets Administer Page Groups Administer the Portal Try the Hands-On Exercises
Home
Home
Previous PageGo to page 1 of 15Go to page 2 of 15Go to page 3 of 15Go to page 4 of 15Current page 5 of 15Go to page 6 of 15Go to page 7 of 15Go to page 8 of 15Go to page 9 of 15Go to page 10 of 15Go to page 11 of 15Go to page 12 of 15Go to page 13 of 15Go to page 14 of 15Go to page 15 of 15Next Page
 

 

Windows Integration: OID SSL Server Configuration

Configuring a new OID SSL Server Configset

In order to synchronize passwords from OID to AD it is necessary that we setup OID to communicate with the AD server over SSL. In this section you will get hands on experience configuring a new OID server configset that will enable you to safely pass data between OID and AD. This lesson is one of four lessons that will configure OID to work in SSL mode. The other three lessons are titled "Wallet Creation", "Configuring the DIP Server for SSL", and "Reversible Password Configuration". All of these steps are necessary before we configure the Active Directory Export agent.

OID 10g AS infrastructure must be installed

The OID server must be running

 

Creating a new configset

Configsets in OID allow you to configure custom startup settings for the OID server. By calling a specific "configset" when you start OID you invoke whatever parameters are associated with that configset. This lesson will show you how to create a new configset with SSL parameters needed for running OID in SSL mode.

Step 1. Start the Oracle Directory Manager

Example:

# oidadmin

Step 2. Navigate to the "Directory Server" entry which is under the "Server Management" entry.

Step 3. Select the green box from the menu to create a new configset.

Step 4. A new form will appear giving you the ability to start configuring your new configset.

Step 5. In the "SASL Mechanism" field enter

DIGEST-MD5

EXTERNAL

Step 6. In the "SASL Cypher Choice" field enter:

RC4-56

DES

3DES

Step 7. In the "Non SSL Port" field give a port number such as 3160

Step 8. Select OK. You should now see a new configset in your list of "Directory Server".

Step 9. Select your new configset.

Step 10. Select the "SSL Settings" tab

Step 11. Set the "SSL Authentication" to "SSL Server Authentication".

Step 12. Set the "SSL Enable" field to "Both SSL and Non SSL".

Step 13. Set the "SSL Wallet URL" to the location where your wallet exists. At this point we have not created a wallet. We will create a wallet on the next page. For now we will set the "SSL Wallet URL" to the location where we will eventually create a new wallet. In this exercise we will be putting the wallet in the /u01 directory. Therefore we will set this value to "file:/u01".

Notice that we did not include the name of the wallet file, only the location of the wallet file.

Step 14. Set the SSL port number. In this exercise we will be using port 3230 for all of our SSL transactions.

Step 15. Start the OID Server using your new server configset.

Example:

#oidctl connect=dB_connect server=oidldapd instance=1 configset=2 start

Watch a viewlet to see how its done.
Oracle Logo Next Page