Login to the OID Server and invoke dipassistant(oracle directory integration and provisioning admin console) using the following options
login as dipadmin and password will be the same as of the orcladmin super user which you gave during the installation of OID.
if you press then the Import and export profile prepends the connector name and then
Click the check box Configure Access Control Policies if you want to enforce ACL.and then press OK to save this information which will start the actual integration.
To achieve the bi-directional Synchronization — in dipadmin console choose the configured configset1 in the
left pane(system objects and in the right pane you will see the configured adImport and adExport(since i have given
the connector name as ad).choose those connector profile and edit and Enable those profiles for both export and Import.
If You enable both ,then synchronization of Users is bi-directional(both ways)(i.e from OID to AD and from AD to OID).
you can also note that bootstrap status(which has not started yet). I have given the screenshots below for editing
the connector profiles.
The initial migration of Users from Microsoft Active Directory to Oracle Internet Directory is called “bootstrap” process.
to do the bootstrap we need to execute the command as shown below..
Now the initial Import of Users from AD to OID is complete.To start the synchronization of Users that are created both in AD and OID we need to start the odiserver(odisrv) with the configuration set 1(the one we have configured with dipadmin) we have use the following command
The final step in the configuration process is to deploy the Active Directory External Authentication Plug-in,
which validates user-supplied passwords with AD during a user login sequence.
The following steps involve execution of a Unix shell script.
$ cd $ORACLE_HOME/ldap/admin
$ sh oidspadi.sh
A series of messages and prompts will be displayed as the script executes. Sample prompt responses:
Please enter Active Directory host name: ad.vectorconsulting.co.uk
Do you want to use SSL to connect to Active Directory? (y/n) n
Please enter Active Directory port number : 389
Please enter DB connect string: iasdb
Please enter ODS password: oracleadmin1
Please enter confirmed ODS password: admin01
Please enter OID host name: sso.vectorconsulting.co.uk
Please enter OID port number : 13061
Please enter orcladmin password: oracleadmin01
Please enter confirmed orcladmin password: oracleadmin01
Please enter the subscriber common user search base [orclcommonusersearchbase]: cn=Users,dc=vectorconsulting,dc=co,dc=uk
Please enter the Plug-in Request Group DN:
Please enter the exception entry property [(!(objectclass=orcladuser))]:
Do you want to setup the backup Active Directory for failover? (y/n) n
of the plug-in deployment process and navigate to the click the Plug-In Management fork.
Make sure that the Plug-in Enable property is set for both adwhencompare and adwhenbind.
At this point, OID has been populated with an initial set of users and groups via bootstrap migration from Active directory,
and the Oracle Directory Integration and Provisioning tool has been configured such that it will use the Active Directory
Connector to keep this information synchronized. The Oracle Directory Server has been directed to authenticate users
migrated from Active Directory using the Oracle-supplied Active Directory External Authentication
Plug-in. It should now be possible to log in to Oracle SSO or any integrated applications like E-Business Suite using
one of the migrated Active Directory users with its corresponding password.
to defaut domain and cn=Users and find the users of Active Directory which i have shown below.