Vous êtes sur la page 1sur 18

DBA Tips Archive for Oracle

Oracle Database Name Resolution with OpenLDAP by Jeff Hunter, Sr. Database A ministrator

Contents

!ntro uction "onfi#ure LDAP Directory "onfi#ure Oracle "lients for LDAP $ana#e Net Ser%ice Names &ser !nterfaces 'roubleshootin# About the Author

Introduction
Anyone who has e%er wor(e with the Oracle Database is most li(ely familiar with the tnsnames.ora file. 'he tnsnames.ora file is a te)t file that contains client si e efinitions for net ser%ice names, sometimes call aliases, nee e to lo# in to an Oracle instance. 'his pro%i es local name resolution by mappin# net ser%ice names to connect escription information for Oracle instances* similar to how the local hosts file for an operatin# system maps machine names to !P a resses. 'he tnsnames.ora file is commonly foun in its efault location un er the ORACLE_HOME/network/admin irectory. One of the a %anta#es of usin# a local tnsnames.ora file is that it is easy to create an e it entries. 'his is especially true when there are only a few entries to maintain an the file only nee s to be istribute to a small number of Oracle client machines. 'he primary isa %anta#e of local namin# is when there are a lar#e number of client machines on the networ(, say +,, or e%en a +,,, clients, each re-uire to ha%e their own tnsnames.ora file. 'his problem #ets compoun e when fre-uent chan#es to the tnsnames.ora are re-uire as a result of a in# or mo%in# atabase an the file has to be re. istribute to those clients.

A more efficient solution is to centrali/e the list of atabase names in a repository that e%ery Oracle client can access. !n this article, ! will emonstrate how to confi#ure Oracle atabase namin# in an LDAP irectory. LDAP is for tnsnames.ora what DNS is for a local hosts file li(e /etc/hosts. Similar to how the local tnsnames.ora file wor(s, when a client performs a loo(up for a net ser%er name in LDAP, it is #i%en the appropriate connect escriptor information for the Oracle instance or ser%ice name. Support for net ser%ice name resolution throu#h LDAP starte in Net0 with Oracle atabase release 0.+.1. Note that the name Net0 was chan#e to Oracle Net in Oracle2i. Oracle Net runs on both the client machine an the atabase ser%er an allows transparent atabase communication o%er a networ(. 3efore LDAP, Oracle Names was the ser%ice use to support a centrali/e namin# ser%ice an a way to eliminate the local tnsnames.ora file on client machines. Althou#h this technolo#y wor(e well, it was a proprietary solution that i n4t offer the inte#rate solution with other stan ar s base namin# ser%ices li(e irectory namin# foun in LDAP. Oracle2i was the terminal release of Oracle Names an Oracle stron#ly recommen s users to mi#rate to irectory namin# usin# LDAP. 'he LDAP implementation use in this #ui e is OpenLDAP Software runnin# on the "entOS 5 platform. 'his #ui e assumes the LDAP irectory is alrea y confi#ure an runnin# on a machine name ldapsrv.idevelopment.info. 'he LDAP irectory use in this #ui e has been initiali/e with a base DN of dc=idevelopment,dc=info. Ob%iously, the name of your LDAP ser%er an the base DN will iffer an the e)amples presente in this #ui e will nee to be mo ifie accor in#ly for you en%ironment. Refer to the followin# two tutorials on how to install OpenLDAP Software an initiali/e the LDAP irectory on the ser%er.

"entOS 5 !nstall an "onfi#ure OpenLDAP !nitiali/e a New LDAP Directory

"entOS 1 !nstall an "onfi#ure OpenLDAP !nitiali/e a New LDAP Directory

Althou#h Oracle pro%i es an officially supporte LDAP implementation name Oracle !nternet Directory 6O!D7, it is part of a much lar#er an comple) ! entity $ana#ement software pro uct that is inte#rate into their Oracle 8usion $i leware an Oracle Applications. Since ! am usin# the LDAP irectory for nothin# more than atabase name loo(ups, this option woul be e)treme o%er(ill. Not to mention that OpenLDAP is open source an comes at a total cost of 9,.,, while O!D will set you bac( a #oo chun( of chan#e. 'he solution escribe in this article is not supporte by Oracle Support.

Configure LDAP Directory


'he process starts with confi#urin# the OpenLDAP irectory with similar capabilities of Oracle !nternet Directory 6O!D7. 'his in%ol%es importin# four Oracle specific schema specification files that implement the structure of a net ser%ice name entry an the connect escriptor information that shoul be returne to the client that as(s for the name to be resol%e . 8irst, create the followin# irectory on the LDAP ser%er:
root!ldapsrv"#$%"mkdir -p /etc/openldap/oid/schema

Ne)t, ownloa the four schema specification files to the newly create irectory. 'hese files were ta(en from the O!D schema ob;ects an sli#htly mo ifie to wor( with OpenLDAP.

oi base.schema oi net.schema oi r bms.schema alias.schema

Open the main confi#uration file for the OpenLDAP ser%er 6/etc/openldap/slapd.conf7 an a lin(s to the O!D schema files.
incl&de"/etc/openldap/oid/schema/oid'ase.schema incl&de"/etc/openldap/oid/schema/oidnet.schema incl&de"/etc/openldap/oid/schema/oidrd'ms.schema incl&de"/etc/openldap/oid/schema/alias.schema

After ma(in# mo ifications to the confi#uration file, restart the LDAP ser%er aemon.
root!ldapsrv"#$%"service ldap restart (toppin)"slapd*"""""""""""""""""""""""""""""""""""""""""""" ""O+""$ (tartin)"slapd*"""""""""""""""""""""""""""""""""""""""""""" ""O+""$

8inally, create the followin# LDAP recor that efines the orclContext ob;ect class. 'o o this, create a new LD!8 file with the followin# contents. $o ify the e)ample entry below to match your base DN.
root!ldapsrv"#$%"vi oracleContext.ldif dn*"cn=OracleConte,t,dc=idevelopment,dc=info o'-ectclass*"orclConte,t cn*"OracleConte,t

'his #ui e assumes the irectory has been initiali/e with a base DN of dc=idevelopment,dc=info as escribe in the followin# tutorial: !nitiali/e a New LDAP Directory &se the ldapadd comman to loa the new ob;ect class to the irectory.
root!ldapsrv"#$%"ldapadd -x -W -D "cn=Manager,dc=idevelopment,dc=info" -f oracleContext.ldif Enter"L.A/"/assword*"********* addin)"new"entr0"1cn=OracleConte,t,dc=idevelopment,dc=info1

Configure Oracle Clients for LDAP


'he ne)t step is to setup the Oracle Net confi#uration files on the client for net ser%ice name resolution throu#h LDAP. 'he client in this case is the machine bein# use to connect to the Oracle instance. 'he client machine will nee to ha%e the Oracle "lient or Oracle Database software installe which inclu es the Oracle Net software.

LDAP Naming

ethod ! "s#lnet$ora%

Start by specifyin# the namin# metho s throu#h the 2AME(..3REC4OR5_/A4H parameter in the ORACLE_HOME/network/admin/s6lnet.ora file on the client machine. 'he (eywor for irectory namin# is LDAP. 'he followin# parameter settin# will confi#ure a client to attempt name resolution throu#h the local tnsnames.ora file first, an then throu#h the LDAP irectory.
2AME(..3REC4OR5_/A4H="742(2AME(,"L.A/8

!f your client confi#uration will not inclu e a tnsnames.ora file for local name resolution, remo%e the 42(2AME( (eywor an only inclu e L.A/.
2AME(..3REC4OR5_/A4H="7L.A/8

LDAP &erver Information ! "ldap$ora%


Ne)t, create a new file in the same irectory name ORACLE_HOME/network/admin/ldap.ora. 'his file will contain information necessary to connect to the LDAP ser%er an inclu es three entries similar to the followin#. $o ify the contents escribe below to the name of your LDAP ser%er, LDAP listenin# port, an the efault a ministrati%e conte)t within your LDAP irectory.
.3REC4OR5_(ER9ER(="7ldapsrv.idevelopment.info*:;<*=:=8 .E>A?L4_A.M32_CO24E@4"="1dc=idevelopment,dc=info1

.3REC4OR5_(ER9ER_45/E"="O3.

<%en thou#h the LDAP implementation use in this #ui e is OpenLDAP, we still nee to set the .3REC4OR5_(ER9ER_45/E parameter to O!D for Oracle !nternet Directory. 'he efault a ministrati%e conte)t specifie in the ldap.ora file 6.E>A?L4_A.M32_CO24E@47 is the LDAP e-ui%alent of the efault Oracle Net omain name 62AME(..E>A?L4_.OMA327 specifie in the s6lnet.ora file. Since there is no strict format for the namin# structure in the tar#et LDAP omain, the .E>A?L4_A.M32_CO24E@4 pro%i es a mechanism to specify the conte)t in which un-ualifie net ser%er names are resol%e 8or e)ample, consi er the efault a ministrati%e conte)t use in this #ui e of =dc=idevelopment,dc=info=. Oracle Net will create a fully istin#uishe name 6 n7 from an un-ualifie net ser%er name which will then be passe to the LDAP irectory as shown in the followin# e)ample:
""""Oracle"2et"will"alwa0s"""""">rom".E>A?L4_A.M32_CO24E@4 """""""add"these"parts""""""""""""""""in"ldap.ora """""""""""""A""""""""""""""""""""""""""""""A """"_________A__________""""""""""""""""""""A "__A___"""""""""________A_______""__________A___________ A""""""A"""""""A""""""""""""""""AA""""""""""""""""""""""A 7dn*"cn=testd'B,cn=OracleConte,t,dc=idevelopment,dc=info8 """"""""A_____A """""""""""A 4he"&n6&alified"net"service ""name"that"was"s&pplied

!f the 2AME(..E>A?L4_.OMA32 parameter is specifie in the s6lnet.ora file, it is i#nore when irectory namin# is use . !nstea , the e-ui%alent functionality escribe abo%e will be pro%i e throu#h the .E>A?L4_A.M32_CO24E@4 parameter in ldap.ora. !n the abo%e e)ample, Oracle Net will translate the un-ualifie net ser%er name 6testd'B7 to a fully -ualifie istin#uishe name 6dn*" cn=testd'B,cn=OracleConte,t,dc=idevelopment,dc=info7 which is then passe to the LDAP irectory. !f a match is foun , the LDAP ser%er then returns the connect escriptor information to the client which will be use to initiate a connection to the specifie Oracle instance or ser%ice name.

anage Net &ervice Names


At this point, the LDAP irectory (nows what the structure of an Oracle net ser%ice name recor shoul loo( li(e an the Oracle client (nows how to access the LDAP ser%er. 'he ne)t step is to a a new Oracle net ser%ice name recor to the LDAP irectory. 'he metho use in this section is to create a template recor in the LDAP Data !nterchan#e 8ormat, or LD!8, file format an loa it usin# the LDAP client tool ldapadd.

Add Net &ervice Name

"reate an LD!8 file name newCnetservicename.ldif with information similar to the followin# e)ample:
root!ldapsrv"#$%"vi ne -netservicename.ldif dn*"cn=testd'B,cn=OracleConte,t,dc=idevelopment,dc=info o'-ectclass*"top o'-ectclass*"orcl2et(ervice cn*"testd'B orcl2et.esc(trin)*"7.E(CR3/43O2=7A..RE((=7/RO4OCOL=4C/87HO(4=testnodeB8 7/OR4=BDEB887CO22EC4_.A4A=7(ER93CE_2AME=testd'B.idevelopment.info888

'he last line of the e)ample abo%e shoul loo( familiar if you ha%e e%er mana#e entries in the tnsnames.ora file. 'he new recor will be store within the OracleConte,t schema that was create earlier in this #ui e. After mo ifyin# the e)ample recor for your en%ironment, a it to the irectory usin# ldapadd.

root!ldapsrv"#$%"ldapadd -x -W -D "cn=Manager,dc=idevelopment,dc=info" -f ne -netservicename.ldif Enter"L.A/"/assword*"********* addin)"new"entr0"1cn=testd'B,cn=OracleConte,t,dc=idevelopment,dc=info1

'est that the Oracle client is able to resol%e the net ser%ice name throu#h LDAP usin# an un-ualifie an fully -ualifie net ser%ice name.
oracle!testnode:"#$F"tnsping testd!" 42("/in)"?tilit0"for"Lin&,*"9ersion"BB.E.G.:.G"C"/rod&ction"on"EGCA?HCEGBE" B<*GI*EE Cop0ri)ht"7c8"B<<I,"EGBB,"Oracle.""All"ri)hts"reserved. ?sed"parameter"files* /&GB/app/oracle/prod&ct/BB.E.G/d'home_B/network/admin/s6lnet.ora ?sed"L.A/"adapter"to"resolve"the"alias Attemptin)"to"contact"7.E(CR3/43O2=7A..RE((=7/RO4OCOL=4C/87HO(4=testnodeB8 7/OR4=BDEB887CO22EC4_.A4A=7(ER93CE_2AME=testd'B.idevelopment.info888 O+"7BG"msec8 oracle!testnode:"#$F"tnsping testd!".idevelopment.info 42("/in)"?tilit0"for"Lin&,*"9ersion"BB.E.G.:.G"C"/rod&ction"on"EGCA?HCEGBE" B<*G;*B; Cop0ri)ht"7c8"B<<I,"EGBB,"Oracle.""All"ri)hts"reserved. ?sed"parameter"files* /&GB/app/oracle/prod&ct/BB.E.G/d'home_B/network/admin/s6lnet.ora

?sed"L.A/"adapter"to"resolve"the"alias Attemptin)"to"contact"7.E(CR3/43O2=7A..RE((=7/RO4OCOL=4C/87HO(4=testnodeB8 7/OR4=BDEB887CO22EC4_.A4A=7(ER93CE_2AME=testd'B.idevelopment.info888 O+"7G"msec8

odify Net &ervice Name


!n a ition to a in# new entries, any e)istin# LDAP recor can be mo ifie by creatin# the appropriate LD!8 file an usin# the ldapmodif0 comman . 8or e)ample, if the testd'B atabase mo%e to another host, say newtestnodeB, create an LD!8 recor similar to the followin#:
root!ldapsrv"#$%"vi modif#-netservicename.ldif dn*"cn=testd'B,cn=OracleConte,t,dc=idevelopment,dc=info chan)et0pe*"modif0 replace*"orcl2et.esc(trin) orcl2et.esc(trin)*"7.E(CR3/43O2=7A..RE((=7/RO4OCOL=4C/87HO(4=newtestnodeB8 7/OR4=BDEB887CO22EC4_.A4A=7(ER93CE_2AME=testd'B.idevelopment.info888

&p ate the irectory recor usin# ldapmodif0.


root!ldapsrv"#$%"ldapmodif# -x -W -D "cn=Manager,dc=idevelopment,dc=info" -f modif#-netservicename.ldif -v ldap_initialiJe7"ldap*//ldapsrv"8 Enter"L.A/"/assword*"********* replace"orcl2et.esc(trin)* """"""""7.E(CR3/43O2=7A..RE((=7/RO4OCOL=4C/87HO(4=newtestnodeB87/OR4=BDEB88 7CO22EC4_.A4A=7(ER93CE_2AME=testd'B.idevelopment.info888 modif0in)"entr0"1cn=testd'B,cn=OracleConte,t,dc=idevelopment,dc=info1 modif0"complete

'est the new recor from the Oracle client.


oracle!testnode:"#$F"tnsping testd!" 42("/in)"?tilit0"for"Lin&,*"9ersion"BB.E.G.:.G"C"/rod&ction"on"EGCA?HCEGBE" B<*BE*G< Cop0ri)ht"7c8"B<<I,"EGBB,"Oracle.""All"ri)hts"reserved. ?sed"parameter"files* /&GB/app/oracle/prod&ct/BB.E.G/d'home_B/network/admin/s6lnet.ora ?sed"L.A/"adapter"to"resolve"the"alias Attemptin)"to"contact"7.E(CR3/43O2=7A..RE((=7/RO4OCOL=4C/87HO(4=newtestnodeB8 7/OR4=BDEB887CO22EC4_.A4A=7(ER93CE_2AME=testd'B.idevelopment.info888 O+"7G"msec8

Delete Net &ervice Name


&se the ldapdelete comman to elete a recor 6an Oracle net ser%ice name entry7 from the LDAP irectory.
root!ldapsrv"#$%"ldapdelete -x -W -D "cn=Manager,dc=idevelopment,dc=info" "cn=testd!",cn=$racleContext,dc=idevelopment,dc=info" -v ldap_initialiJe7"ldap*//ldapsrv"8 Enter"L.A/"/assword*"********* deletin)"entr0"1cn=testd'B,cn=OracleConte,t,dc=idevelopment,dc=info1

'ser Interfaces
After a in# or mo ifyin# a few of these net ser%ice name recor s usin# LD!8, it shoul n4t be lon# before you start as(in# yourself whether or not there is a more efficient metho for mana#in# irectory entries. >our first thou#ht may be to fire up the Oracle client tool Net Manager. &nfortunately, Net $ana#er an many other Oracle client tools only wor( with Oracle !nternet Directory* not OpenLDAP or any other #eneric LDAP ser%er. Althou#h ! was able to successfully authenticate to the OpenLDAP irectory usin# Net $ana#er, ! was not able to a , %iew, or mo ify any of the irectory entries in the OracleConte,t schema. 'here are se%eral free LDAP a min pro ucts that you mi#ht fin useful* some of which are liste below.

webmin . 6mana#e user account, DNS, LDAP, an much more usin# a web interface7 J?plorer . 6stan alone client7 Apache Directory Stu io phpLDAPa min

$y personal fa%orite is phpLDAPa min 6also (nown as PLA7. phpLDAPa min is a free an popular web.base LDAP client that is easy to install an customi/e. !ts hierarchical tree.%iewer an a %ance search functionality ma(e it intuiti%e to browse an a minister an LDAP irectory. Since it is web.base , the LDAP browser wor(s on many platforms, ma(in# your LDAP ser%er easy to mana#e from any location. &se the followin# instructions to install the phpLDAPa min software alon# with PHP an the Apache H''P Ser%er. 8or the purpose of this e)ample, ! installe the phpLDAPa min web application on the same ser%er hostin# the OpenLDAP irectory 6ldapsrv.idevelopment.info7.

Install Apache (TTP &erver

!f the application ser%er alrea y has the Apache H''P Ser%er installe , this section may be s(ippe . $a(e certain that the Apache H''P ser%er is starte an confi#ure to launch on boot. 'he Apache H''P Ser%er can be installe on "entOS, Re Hat <nterprise Linu), or Oracle Linu) usin# the followin#: +. !nstall Apache H''P Ser%er.
%"#%m -# install httpd

@. Set the Apache ser%ice to start on boot.


%"chkconfig --levels &'( httpd on

A. $anually start the Apache H''P ser%ice.


%"apachectl start

Install P(P and P(P)LDAP


!f the php an phpCldap pac(a#es are alrea y installe on the application ser%er, this section may be s(ippe .
1. !nstall php pac(a#e.
%"#%m -# install php 2. !nstall phpCldap pac(a#e. %"#%m -# install php-ldap

A. 'he php.l ap pac(a#e is a ynamic share ob;ect 6DSO7 for the Apache Beb ser%er that a s Li#htwei#ht Directory Access Protocol 6LDAP7 support to PHP an is re-uire by phpLDAPa min.

Install phpLDAPadmin
After %erifyin# that the Apache H''P Ser%er is runnin# an accessible, ownloa an install phpLDAPa min.
1. Cerify that your LDAP ser%er 6ldapsrv in this e)ample7 pro%i es access to the schema

usin# an anonymous bin . <nsure that you can see your schema without ha%in# to bin to the LDAP ser%er. 8or e)ample:
%"ldapsearch -x -h ldapsrv -! )) -s !ase s%!schema*%!entr# %"e,tended"L.3> % %"L.A/v:

%"'ase"KL"with"scope"'aseO'-ect %"filter*"7o'-ectclass=M8 %"re6&estin)*"s&'schema(&'entr0 % % dn* s&'schema(&'entr0*"cn=(&'schema %"search"res&lt search*"E res&lt*"G"(&ccess %"n&mResponses*"E %"n&mEntries*"B

@. Cerify any a itional pre.re-uisites. http:DDphpl apa min.sourcefor#e.netDwi(iDin e).phpDPreRe-uisitesD


3. Downloa the current %ersion of phpLDAPa min 6phpldapadminCB.E.E.Jip at the time

of this writin#7 to the application ser%er. http:DDphpl apa min.sourcefor#e.netDwi(iDin e).phpDDownloa E. &npac( the phpLDAPa min archi%e.
%"%n+ip phpldapadmin-".&.&.+ip 5. Put the resultin# NphpldapadminN irectory /var/www/html7.

anywhere in your DocumentRoot 6i.e.

%"mv phpldapadmin-".&.& /var/ /html/phpldapadmin 6. !n the NphpldapadminN confi# irectory 6i.e. .oc&mentRoot/phpldapadmin/confi)7 copy Nconfi).php.e,ampleN to Nconfi).phpN an mo ify any settin#s in confi).php

to customi/e the phpLDAPa min en%ironment.


%"cd /var/ /html/phpldapadmin/config %"cp config.php.example config.php 7. 'he only mo ification ! ma e to the confi).php

file was to FserversCLset9al&e:

/M"A"convenient"name"that"will"appear"in"the"tree"viewer"and"thro&)ho&t """phpL.A/admin"to"identif0"this"L.A/"server"to"&sers."M/ FserversCLset9al&e7NserverN,NnameN,Ni.evelopment.infoN8O

0. Restart the Apache H''P ser%ice.


%"apachectl restart

anage Net &ervice Names using phpLDAPadmin


$ana#in# LDAP recor s usin# the phpLDAPa min web interface is fairly self.e)planatory. !n this final section, !4ll pro%i e the metho s ! use to mana#e net ser%ice names in OpenLDAP usin# phpLDAPa min. ! will pro%i e two custom templates that ! wrote which ma(es creatin# an mo ifyin# net ser%ice names in phpLDAPa min simple an strai#htforwar . Cisit the phpLDAPa min website to learn more about templates. http:DDphpl apa min.sourcefor#e.netDwi(iDin e).phpD'emplates +. Downloa the followin# Create Template that will pro%i e a custom interface use to create new Oracle net ser%ice names in phpLDAPa min. o orclNetSer%ice.)ml "opy the orcl2et(ervice.,ml file to the
.oc&mentRoot/phpldapadmin/templates/creation

irectory on the application

ser%er.
%"cp orcl,et*ervice.xml /var/ /html/phpldapadmin/templates/creation/

@. Downloa the followin# Modification Template that will pro%i e a custom interface use to mo ify e)istin# Oracle net ser%ice names in phpLDAPa min. o orclNetSer%ice.)ml "opy the orcl2et(ervice.,ml file to the
.oc&mentRoot/phpldapadmin/templates/modification

irectory on the application

ser%er.
%"cp orcl,et*ervice.xml /var/ /html/phpldapadmin/templates/modification/

A. Open your web browser an na%i#ate to the phpLDAPa min web application. http:DDFhostnameGDphpl apa minD !f you are repeatin# the steps in this section an recei%e any errors tryin# to brin# up the web site 6for e)ample 4'he connection to the ser%er was reset while the pa#e was loa in#.47 clear your coo(ies an cache from the browser an restart the Apache H''P ser%ice. E. Lo# in to your LDAP irectory from the phpLDAPa min home pa#e.

5. 8rom the base DN 6left pane7, e)pan your irectory tree an na%i#ate to the
OracleConte,t schema. !f you ha%e any atabases re#istere name 6cn=Ktns_aliasL7 to %iew or mo ify that entry.

, clic( on the net ser%ice

!f you installe the two templates escribe in the pre%ious steps, this will brin# up a pa#e 6ri#ht pane7 that allows you to choose which template to e it the entry with. !n the e)ample below, the choices are: Oracle: Net Ser%ice Name (our custom Modification Template) (phpLDAPadmin default modification Default screen) Select the 4Oracle* Net &ervice Name4 template.

1. &se this template to mo ify the Connect Descriptor attribute for the selecte net ser%ice name. Notice in this form that the Net &ervice Name fiel is rea .only.

H. !t shoul be note that it is not re-uire to use the custom mo ification template 6Oracle: Net Ser%ice Name7 to up ate the net ser%ice name entry. !f you selecte the Default template, the entry form pro%i es all up atable fiel s an the actual name of the attributes 6as oppose to the titles ! use in place of the attribute names7. 0. 'o create a new net ser%ice name, clic( the Create ne+ entry here option un er the OracleContext schema.

2. Just as we saw when mo ifyin# an entry, a list of a%ailable templates will be liste which can be use to create a new entry. Since we will be creatin# a net ser%ice name entry, select the custom template Oracle* Net &ervice Name. Remember, you can always select the Default template which pro%i es a form with attributes that are a can i ate for bein# up ate .

+,. 'he Oracle: Net Ser%ice Name template ma(es it easy to enter a Net &ervice Name an the Connect Descriptor.

++. After a in# the new net ser%ice name, ;ump on to the Oracle client machine an try to lo# on to the atabase throu#h LDAP.
oracle!testnode:"#$F"s-lpl%s scott/tiger.racd! """""""""" (PLM/l&s*"Release"BB.E.G.:.G"/rod&ction"on"4&e"A&)"EB"EG*QQ*DE"EGBE Cop0ri)ht"7c8"B<;E,"EGBB,"Oracle.""All"ri)hts"reserved. Connected"to* Oracle".ata'ase"BB)"Enterprise"Edition"Release"BB.E.G.:.G"C"=Q'it" /rod&ction Rith"the"/artitionin),"Real"Application"Cl&sters,"A&tomatic"(tora)e" Mana)ement,"Oracle"La'el"(ec&rit0, OLA/,".ata"Minin)"and"Real"Application"4estin)"options (PLL

Trou,leshooting
&-L Developer
One of the first Oracle client tools ! attempte to confi#ure to use LDAP for name resolution was SIL De%eloper. &nfortunately, ;ust li(e with the Oracle Net $ana#er client, SIL De%eloper only wor(s with Oracle !nternet Directory 6O!D7. Selectin# the LDAP "onnection 'ype in the New D Select Database "onnection wi/ar , SIL De%eloper will return an error after choosin# the LDAP Ser%er from the pull. own selection.

(tat&s"*">ail&re"C L.A/*"error"code":E"C"2o"(&ch"O'-ect$

8or e)ample:

Loo(in# at the lo# file for the LDAP ser%er shows that SIL De%eloper sent an LDAP re-uest that i n4t match the O!D LDAP structure that we impro%ise in OpenLDAP. 'he re-uest sent by SIL De%eloper was e)pectin# a stan ar O!D LDAP structure that i n4t match our implementation. 'he wor(aroun is to create an Advanced "onnection 'ype with a "ustom JD3" &RL similar to the followin#:
-d'c*oracle*thin*!ldap*//ldapsrv*:;</testd'B,cn=OracleConte,t,dc=idevelopment, dc=info

where ldapsrv*:;< is the name of the LDAP ser%er:port, testd'B is the net ser%ice name store in LDAP, an cn=OracleConte,t,dc=idevelopment,dc=info is the entry location in the irectory. 8or e)ample:

A,out the Author


Jeffrey Hunter is an Oracle "ertifie Professional, Ja%a De%elopment "ertifie Professional, Author, an an Oracle A"<. Jeff currently wor(s as a Senior Database A ministrator for 'he D3A Jone, !nc. locate in Pittsbur#h, Pennsyl%ania. His wor( inclu es a %ance performance tunin#, Ja%a an PLDSIL pro#rammin#, e%elopin# hi#h a%ailability solutions, capacity plannin#, atabase security, an physical D lo#ical atabase esi#n in a &N!?, Linu), an Bin ows ser%er en%ironment. Jeff4s other interests inclu e mathematical encryption theory, pro#rammin# lan#ua#e processors 6compilers an interpreters7 in Ja%a an ", LDAP, writin# web.base atabase a ministration tools, an of course Linu). He has been a Sr. Database A ministrator an Software <n#ineer for o%er +0 years an maintains his own website site at: http:DDwww.iDe%elopment.info. Jeff #ra uate from Stanislaus State &ni%ersity in 'urloc(, "alifornia, with a 3achelor4s e#ree in "omputer Science.

Copyright "c% .//0)12.3 4effrey

$ (unter$ All rights reserved$

All articles, scripts an material locate at the !nternet a ress of http:DDwww.i e%elopment.info is the copyri#ht of Jeffrey $. Hunter an is protecte un er copyri#ht laws of the &nite States. 'his ocument may not be hoste on any other site without my e)press, prior, written permission. Application to host any of the material elsewhere can be ma e by contactin# me at ;hunterKi e%elopment.info.

! ha%e ma e e%ery effort an ta(en #reat care in ma(in# sure that the material inclu e on my web site is technically accurate, but ! isclaim any an all responsibility for any loss, ama#e or estruction of ata or any other property which may arise from relyin# on it. ! will in no case be liable for any monetary ama#es arisin# from such loss, ama#e or estruction. Last mo ifie on Be nes ay, ,A.Jul.@,+A +,:E2:+@ <D' Pa#e "ount: 0H,2

Vous aimerez peut-être aussi