Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: LDAP.ora

Re: LDAP.ora

From: Frank van Bortel <frank.van.bortel_at_gmail.com>
Date: Sun, 18 Feb 2007 11:20:50 +0100
Message-ID: <er998b$gs1$1@news2.zwoll1.ov.home.nl> 





HansF schreef:


> On Sat, 17 Feb 2007 14:14:53 +0100, Frank van Bortel wrote:

> 


>> HansF schreef:
>>> Has anyone run into an issue using one centralized OiD for TNS resolution,
>>> and a completely separate OiD for SSO?  Any impact or concern? 
>>>
>> Fail to see when ONAMES comes in - that was phased
>> out when 8 or 8i was phased out. Doesn't harm, tho,
>> but I'd rather have LDAP, TNSNAMES, EZNAME - in that
>> sequence for your case.




> 

> The customer has a mixed 9i and 10g environment ... trying to switch to

> LDAP but still has some ONAMEs stuff.  So - LDAP, TNS, ONAMES, HOST,

> EZNAMES is their preference.

> 




Hmmm - did TNSNAMES to LDAP (using the Network tools,
that is done in a jiffy), never ONAMES to LDAP.
Surely there's a conversion/upgrade tool?
But still, LDAP, ONAMES, TNS would be the sequence of
my choice; if LDAP fails, try the good old ONAMES,
and only then revert to the file based TNS stuff.



BTW: if the tnsnames file is still around, it should be
maintained - converting tnsnames.ora to LDAP entries is
something well documented, and working! If tns is still
maintained -and thus up2date- maybe that is an alternative?


>> About your question: have not used your scenario, but
>> would not be surprised to find a product, or
>> installation, or combination, that does
>> not support this scenario of two LDAP servers.
>> I'd stick to one - if load is a problem, balance. But
>> somehow I doubt that load is the issue at hand here...




> 

> No choice.  Using Oracle App Server EE (Forms, Reports, etc.) ... looking

> at adding SSO at some time in the near future so need to plan for it. 

> 

> The infrastructure for IM and CM is in my project but the conversion from

> ONAMES to LDAP is a separate project.  Attempting to use one LDAP will

> simply delay both projects as the details of who/what/how/why get nailed.

> (Not necessarily politics, but logistics and coordination.)

> 



Makes sense - I *know* there was something about it.
Just remember - if some odd LDAP search works, but it cannot
resolve network - you just might have found your combo!


> 

> The thing that gets me concerned is that the OH/ldap/admin/ldap.ora is

> created by OIDCA whereas the OH/network/admin/ldap.ora is create by NETCA.

> The implication is that OIDCA knows something that NETCA does not.

> 



Have not been there, but it seems these can be merged.
The choice for two files, is (probably) simply because one
product can be used without the other (tho using SSO implies
using LDAP for network resolving in *some* areas!)

-- 
Regards,
Frank van Bortel

Top-posting is one way to shut me up...


Received on Sun Feb 18 2007 - 04:20:50 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US