Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: LDAP.ora

Re: LDAP.ora

From: HansF <Fuzzy.Greybeard_at_gmail.com>
Date: Sun, 18 Feb 2007 14:30:20 GMT
Message-ID: <pan.2007.02.18.14.30.14.310511@gmail.com> 





On Sun, 18 Feb 2007 11:20:50 +0100, Frank van Bortel wrote:



> HansF schreef:


>> On Sat, 17 Feb 2007 14:14:53 +0100, Frank van Bortel wrote:
>> 
>>> HansF schreef:
>>>> Has anyone run into an issue using one centralized OiD for TNS resolution,
>>>> and a completely separate OiD for SSO?  Any impact or concern? 
>>>>
>>> Fail to see when ONAMES comes in - that was phased
>>> out when 8 or 8i was phased out. Doesn't harm, tho,
>>> but I'd rather have LDAP, TNSNAMES, EZNAME - in that
>>> sequence for your case.
>> 
>> The customer has a mixed 9i and 10g environment ... trying to switch to
>> LDAP but still has some ONAMEs stuff.  So - LDAP, TNS, ONAMES, HOST,
>> EZNAMES is their preference.
>> 




> 

> Hmmm - did TNSNAMES to LDAP (using the Network tools,

> that is done in a jiffy), never ONAMES to LDAP.

> Surely there's a conversion/upgrade tool?

> But still, LDAP, ONAMES, TNS would be the sequence of

> my choice; if LDAP fails, try the good old ONAMES,

> and only then revert to the file based TNS stuff.

> 




We are actually using the listed search path in live 9i and 10g clients
and they work.



Yes there is an ONames to LDAPA conversion tool.  



> BTW: if the tnsnames file is still around, it should be

> maintained - converting tnsnames.ora to LDAP entries is

> something well documented, and working! If tns is still

> maintained -and thus up2date- maybe that is an alternative?




Maintaining tnsnames.ora on the cluster of Forms Server machines is
possible, but not desirable.  It's only those machines that concern me
right now.



> 


>>> About your question: have not used your scenario, but
>>> would not be surprised to find a product, or
>>> installation, or combination, that does
>>> not support this scenario of two LDAP servers.
>>> I'd stick to one - if load is a problem, balance. But
>>> somehow I doubt that load is the issue at hand here...
>> 
>> No choice.  Using Oracle App Server EE (Forms, Reports, etc.) ... looking
>> at adding SSO at some time in the near future so need to plan for it. 
>> 
>> The infrastructure for IM and CM is in my project but the conversion from
>> ONAMES to LDAP is a separate project.  Attempting to use one LDAP will
>> simply delay both projects as the details of who/what/how/why get nailed.
>> (Not necessarily politics, but logistics and coordination.)
>> 




> Makes sense - I *know* there was something about it.

> Just remember - if some odd LDAP search works, but it cannot

> resolve network - you just might have found your combo!




It seems to work, but there are nagging suspicions so I decided to ask
whether anyone else has seen this combination.


>> The thing that gets me concerned is that the OH/ldap/admin/ldap.ora is
>> created by OIDCA whereas the OH/network/admin/ldap.ora is create by NETCA.
>> The implication is that OIDCA knows something that NETCA does not.
>> 




> Have not been there, but it seems these can be merged.

> The choice for two files, is (probably) simply because one

> product can be used without the other (tho using SSO implies

> using LDAP for network resolving in *some* areas!)




Frustrating that Oracle would create two legitimate target directories for
the same file.  And typical that they would not indicate priority in the
odd case that one legitimately gets both versions of the file.



More testing continues ....


-- 
Hans Forbrich   (mailto: Fuzzy.GreyBeard_at_gmail.com)   
*** Feel free to correct me when I'm wrong!
*** Top posting [replies] guarantees I won't respond.


Received on Sun Feb 18 2007 - 08:30:20 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US