Comments on: Storing Oracle database connection strings in OpenLDAP instead of OID http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/ Ronny Egners Blog about Oracle, UNIX and Networker Sat, 27 Feb 2010 06:05:16 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Ronny Egner http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/comment-page-1/#comment-964 Ronny Egner Tue, 26 Jan 2010 15:28:00 +0000 http://ronnyegner.wordpress.com/?p=370#comment-964 It does not look like the site i found it..but it is close.... It does not look like the site i found it..but it is close….

]]> By: Kumar Raju http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/comment-page-1/#comment-871 Kumar Raju Wed, 20 Jan 2010 20:44:15 +0000 http://ronnyegner.wordpress.com/?p=370#comment-871 I found an article somewhere on the net showing how to migrate the needed schema objects from OID to openLDAP. I would have posted the link if i were able to find it again. But maybe you can help me out :-) Is this the link? http://oracle-cookies.blogspot.com/2007/01/get-tnsnamesora-from-openldap.html I found an article somewhere on the net showing how to migrate the needed schema objects from OID to openLDAP. I would have posted the link if i were able to find it again. But maybe you can help me out :-)

Is this the link?
http://oracle-cookies.blogspot.com/2007/01/get-tnsnamesora-from-openldap.html

]]> By: Ronny Egner http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/comment-page-1/#comment-277 Ronny Egner Mon, 30 Nov 2009 08:03:13 +0000 http://ronnyegner.wordpress.com/?p=370#comment-277 I see. I am afraid but thats not possible because it is not configured like this. For your name resolution problem please send me your files for vertification. I see. I am afraid but thats not possible because it is not configured like this.

For your name resolution problem please send me your files for vertification.

]]> By: mauro bagazzi http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/comment-page-1/#comment-229 mauro bagazzi Fri, 27 Nov 2009 14:38:27 +0000 http://ronnyegner.wordpress.com/?p=370#comment-229 the advantage of this implementation is that I can manage the access to many database or application from the ldap server. the advantage of this implementation is that I can manage the access to many database or application from the ldap server.

]]> By: Ronny Egner http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/comment-page-1/#comment-228 Ronny Egner Fri, 27 Nov 2009 12:07:59 +0000 http://ronnyegner.wordpress.com/?p=370#comment-228 Hmm.... i dont get your point here. For what reason? Whats the benefit of doing so? Hmm…. i dont get your point here. For what reason? Whats the benefit of doing so?

]]> By: mauro bagazzi http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/comment-page-1/#comment-227 mauro bagazzi Fri, 27 Nov 2009 11:22:46 +0000 http://ronnyegner.wordpress.com/?p=370#comment-227 <a href="#comment-213" rel="nofollow">@Ronny Egner </a> could you integrate oracle security (user and role) with the one belonging to the operating system? That is, could you replicate the same behaviour as oracle/windows group ? @Ronny Egner
could you integrate oracle security (user and role) with the one belonging to the operating system?
That is, could you replicate the same behaviour as oracle/windows group ?

]]> By: Ronny Egner http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/comment-page-1/#comment-213 Ronny Egner Fri, 27 Nov 2009 07:56:55 +0000 http://ronnyegner.wordpress.com/?p=370#comment-213 HI Mauro, strange thing. Please give me some time to analyze this further. At the moment i am short on time. Could you send me a testcase (/etc/ldap and /var/lib/ldap) by email so i can check it myself? HI Mauro,

strange thing. Please give me some time to analyze this further. At the moment i am short on time. Could you send me a testcase (/etc/ldap and /var/lib/ldap) by email so i can check it myself?

]]> By: mauro bagazzi http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/comment-page-1/#comment-205 mauro bagazzi Thu, 26 Nov 2009 10:34:20 +0000 http://ronnyegner.wordpress.com/?p=370#comment-205 I also include some row from the tnsping trace where you can see that the query against the ldap is unsuccessful even if it is correctly configured: nnflrne1: Quering the directory for dn: cn=pdmdb,cn=OracleContext,dc=itfits,dc=biz nnflqbf: entry nnflqbf: Search: Base: cn=pdmdb,cn=OracleContext,dc=itfits,dc=biz, Scope: 0, filter: (objectclass=*) nnflqbf: Search: Attrs[0]: objectclass nnflqbf: exit nnflgne: entry nnflgne: exit nnflfrm: entry nnflfrm: exit nnflrne1: exit nnfldlc: entry nnfldlc: exit nnfln2a: exit nnfgrne: Query unsuccessful, skipping to next adapter nnfgrne: exit nnfun2a: address for name "pdmdb" not found I also include some row from the tnsping trace where you can see that the query against the ldap is unsuccessful even if it is correctly configured:
nnflrne1: Quering the directory for dn: cn=pdmdb,cn=OracleContext,dc=itfits,dc=biz
nnflqbf: entry
nnflqbf: Search: Base: cn=pdmdb,cn=OracleContext,dc=itfits,dc=biz, Scope: 0, filter: (objectclass=*)
nnflqbf: Search: Attrs[0]: objectclass
nnflqbf: exit
nnflgne: entry
nnflgne: exit
nnflfrm: entry
nnflfrm: exit
nnflrne1: exit
nnfldlc: entry
nnfldlc: exit
nnfln2a: exit
nnfgrne: Query unsuccessful, skipping to next adapter
nnfgrne: exit
nnfun2a: address for name “pdmdb” not found

]]> By: mauro bagazzi http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/comment-page-1/#comment-204 mauro bagazzi Thu, 26 Nov 2009 10:24:08 +0000 http://ronnyegner.wordpress.com/?p=370#comment-204 ldap.ora: DIRECTORY_SERVERS=(10.2.51.209:389) DEFAULT_ADMIN_CONTEXT="dc=itfits,dc=biz" DIRECTORY_SERVER_TYPE=OID sqlnet.ora: NAMES.DIRECTORY_PATH=(ldap) TNSPING.TRACE_LEVEL=16 TNSPING.TRACE_DIRECTORY=/u01/app/oracle/network/admin TRACE_LEVEL_CLIENT=support TRACE_FILE_CLIENT=sqlnet.txt TRACE_DIRECTORY_CLIENT=/u01/app/oracle/network/admin this is the output from ldapsearch where you can see that the configuration is correct and complete: ldapsearch -x -D "cn=Manager,dc=itfits,dc=biz" -w secret -b "cn=OracleContext,dc=itfits,dc=biz" -s sub "objectclass=*" # extended LDIF # # LDAPv3 # base with scope subtree # filter: objectclass=* # requesting: ALL # # OracleContext, itfits.biz dn: cn=OracleContext,dc=itfits,dc=biz objectClass: orclContext cn: OracleContext # pdmdb, OracleContext, itfits.biz dn: cn=pdmdb,cn=OracleContext,dc=itfits,dc=biz objectClass: top objectClass: orclService cn: pdmdb orclNetDescString: '(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.2.51.209)(POR T=1521))(CONNECT_DATA=(SERVER = DEDICATED)(SERVICE_NAME=PDMDB)))' orclOracleHome: '/app/oracle/product/10.2.0/db_1' orclSid: 'PDMDB' orclServiceType: 'DB' # search result search: 2 result: 0 Success # numResponses: 3 # numEntries: 2 yet, this is the output from a plsql script using dbms_ldap: --------------------------------------- ATTIBUTE_NAME: objectClass = dcObject ATTIBUTE_NAME: objectClass = organization ATTIBUTE_NAME: o = ITFITS Network ATTIBUTE_NAME: dc = itfits --------------------------------------- ATTIBUTE_NAME: objectClass = organizationalRole ATTIBUTE_NAME: cn = Manager --------------------------------------- ATTIBUTE_NAME: objectClass = orclContext ATTIBUTE_NAME: cn = OracleContext --------------------------------------- ATTIBUTE_NAME: objectClass = organizationalRole ATTIBUTE_NAME: cn = mauro --------------------------------------- ATTIBUTE_NAME: objectClass = top ATTIBUTE_NAME: objectClass = orclService ATTIBUTE_NAME: cn = pdmdb ATTIBUTE_NAME: orclNetDescString = '(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.2.51.209)(PORT=1521))(CONNECT_DATA=(SERVER = DEDICATED)(SERVICE_NAME=PDMDB)))' ATTIBUTE_NAME: orclOracleHome = '/app/oracle/product/10.2.0/db_1' ATTIBUTE_NAME: orclSid = 'PDMDB' ATTIBUTE_NAME: orclServiceType = 'DB' L_RETVAL: 0 ldap.ora:
DIRECTORY_SERVERS=(10.2.51.209:389)
DEFAULT_ADMIN_CONTEXT=”dc=itfits,dc=biz”
DIRECTORY_SERVER_TYPE=OID

sqlnet.ora:
NAMES.DIRECTORY_PATH=(ldap)
TNSPING.TRACE_LEVEL=16
TNSPING.TRACE_DIRECTORY=/u01/app/oracle/network/admin
TRACE_LEVEL_CLIENT=support
TRACE_FILE_CLIENT=sqlnet.txt
TRACE_DIRECTORY_CLIENT=/u01/app/oracle/network/admin

this is the output from ldapsearch where you can see that the configuration is correct and complete:
ldapsearch -x -D “cn=Manager,dc=itfits,dc=biz” -w secret -b “cn=OracleContext,dc=itfits,dc=biz” -s sub “objectclass=*”
# extended LDIF
#
# LDAPv3
# base with scope subtree
# filter: objectclass=*
# requesting: ALL
#

# OracleContext, itfits.biz
dn: cn=OracleContext,dc=itfits,dc=biz
objectClass: orclContext
cn: OracleContext

# pdmdb, OracleContext, itfits.biz
dn: cn=pdmdb,cn=OracleContext,dc=itfits,dc=biz
objectClass: top
objectClass: orclService
cn: pdmdb
orclNetDescString: ‘(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.2.51.209)(POR
T=1521))(CONNECT_DATA=(SERVER = DEDICATED)(SERVICE_NAME=PDMDB)))’
orclOracleHome: ‘/app/oracle/product/10.2.0/db_1′
orclSid: ‘PDMDB’
orclServiceType: ‘DB’

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2

yet, this is the output from a plsql script using dbms_ldap:
—————————————
ATTIBUTE_NAME: objectClass = dcObject
ATTIBUTE_NAME: objectClass = organization
ATTIBUTE_NAME: o = ITFITS Network
ATTIBUTE_NAME: dc = itfits
—————————————
ATTIBUTE_NAME: objectClass = organizationalRole
ATTIBUTE_NAME: cn = Manager
—————————————
ATTIBUTE_NAME: objectClass = orclContext
ATTIBUTE_NAME: cn = OracleContext
—————————————
ATTIBUTE_NAME: objectClass = organizationalRole
ATTIBUTE_NAME: cn = mauro
—————————————
ATTIBUTE_NAME: objectClass = top
ATTIBUTE_NAME: objectClass = orclService
ATTIBUTE_NAME: cn = pdmdb
ATTIBUTE_NAME: orclNetDescString =
‘(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.2.51.209)(PORT=1521))(CONNECT_DATA=(SERVER = DEDICATED)(SERVICE_NAME=PDMDB)))’
ATTIBUTE_NAME: orclOracleHome = ‘/app/oracle/product/10.2.0/db_1′
ATTIBUTE_NAME: orclSid = ‘PDMDB’
ATTIBUTE_NAME: orclServiceType = ‘DB’
L_RETVAL: 0

]]> By: Ronny Egner http://blog.ronnyegner-consulting.de/2009/09/30/storing-oracle-database-connection-strings-in-openldap-instead-of-oid/comment-page-1/#comment-201 Ronny Egner Thu, 26 Nov 2009 08:23:13 +0000 http://ronnyegner.wordpress.com/?p=370#comment-201 Can you post your ldap.ora and sqlnet.ora ? Can you post your ldap.ora and sqlnet.ora ?

]]>