3r3746. 3r3-31. Everyone who has worked with this type of DBMS is aware of setting up access to the Oracle DBMS, which is stored in the tnsnames.ora file. 3r3734.  3r3746. 3r3734.  3r3746. The data is stored in the file 3r3629. tnsnames.ora [/i] in plain text form and can easily be modified using any text editor. It is good if there are not many records in it, but what to do if there are hundreds of databases in the organization, access to which needs to be provided from the hosts of users at various levels or from terminal servers. And if at one point, the database moves to another host, or other changes occur that change the database access parameters, you need to change the access parameters everywhere. 3r3734.  3r3746. 3r3734.  3r3746. Solutions can be offered a lot, including redirects, aliases, etc. 3r3734.  3r3746. 3r3734.  3r3746. I will describe here how to set up and configure a single repository for resolving database names using the Oracle Internet Directory OID, and how to apply for resolving names using the LDAP protocol. This is much more convenient than keeping the tnsnames.ora file up to date in hundreds of places. 3r3734.  3r3746. 3r318.
3r3734.  3r3746. Installing and configuring the DBMS for the OID repository database is not described here; the key points are indicated for this particular configuration. With the licensing policy of Oracle in terms of products RDBMS Database, Oracle Fusion Middleware and Oracle Internet Directory you can find on the company's website. 3r3734.  3r3746. 3r3734.  3r3746. 3r33655. Software installation
3r3734.  3r3746. The software was installed on a Linux OS (SUSE Linux Enterprise Server 11), for your OS you need to check with the compatibility matrix on oracle.com. 3r3734.  3r3746. 3r3734.  3r3746. To install the Standalone server (running NodeManager), the following versions of distributions were taken that are relevant at the time of setup:
 3r3746. 3r3734.  3r3746. JAVA: jdk-8u171-linux-x64.tar.gz
 3r3746. OID: fmw_???.3.0_oid_linux64_Disk1_1of1.zip
 3r3746. RDBMS: ???.2 + PSU + Opatch of current versions 3r3734.  3r3746. 3r3734.  3r3746. 3r3630. Install the software for the repository 3r36331. in which the OID
schemes will be stored.  3r3746. 3r3734.  3r3746. DBMS version ???.2 + PSU
 3r3746. DB. Create an “empty” database: 3r3734.  3r3746. You must specify 3r3734.  3r3746. AL32UTF8 encoding, enable ORACLE TEXT in software installation 3r3734.  3r3746. DB parameters:
 3r3746. [i] open_cursors = 800
 3r3746. processes = 500 3r33632. 3r3734.  3r3746. In addition, it was necessary to run the xaview.sql script, which turned out at the stage of checking the OID installation. 3r3734.  3r3746. configure and raise LISTENER for the database. 3r3734.  3r3746. 3r3734.  3r3746. So, an empty database is created by uhost-oid1: 1521 /oid1 (in this case, oid1-SID database) and is ready to create a repository in it. 3r3734.  3r3746. 3r3734.  3r3746. 3r33655. Installing OID
3r3734.  3r3746. Hereinafter, the home directory of the user oracle - /u /app /oracle
 3r3746. Unpack the java and set the JAVA_HOME
variable.  3r3746. 3r3734.  3r3746.
3r3704. unzip jdk-8u171-linux-x64.tar.gz
export JAVA_HOME = /u /app /oracle /jdk???_171
3r3734.  3r3746. We unpack OID
 3r3746. 3r3734.  3r3746.
3r3704. unzip fmw_???.3.0_oid_linux64_Disk1_1of1.zip
3r3734.  3r3746. 3r3734.  3r3746. It turns out the file ./fmw_???.3.0_oid_linux64.bin
 3r3746. 3r3734.  3r3746. We check that it is executable, if it is not so doing
 3r3746. 3r3734.  3r3746.
3r3704. chmod + x
3r3734.  3r3746. Run:
 3r3746. 3r3734.  3r3746.
3r3704. ./fmw_???.3.0_oid_linux64.bin
3r3734.  3r3746. (X-server forwarding must be configured beforehand), the java-based installer will start. 3r3734.  3r3746. 3r3734.  3r3746. As ORACLE_HOME it was specified: 3r3734.  3r3746. 3r3734.  3r3746. /u /app /oracle /product /middleware /Oracle_IDM1
 3r3746. 3r3734.  3r3746. The software for oracle fusion middleware (FMW) and the Oracle Internet Directory will be installed along this path. 3r3734.  3r3746. 3r3734.  3r3746. At the stage “installation type” we indicate STANDALONE. 3r3734.  3r3746. 3r3734.  3r3746. 3r3151. 3r3734.  3r3746. 3r3734.  3r3746. 3r33382. Create a repository (required schemas in the database) 3r33383. 3r3734.  3r3746. 3r3734.  3r3746. We create schemes for the repository in the database, for this we run rcu
 3r3746. 3r3734.  3r3746.
3r3704. cd /u /app /oracle /product /middleware /Oracle_IDM1 /oracle_common /bin /
./rcu.sh

3r3734.  3r3746. At this stage, ODSSM, ODS and DEV_STB schemes are created (remember the password, it will be required when setting up domain components) 3r3734.  3r3746. 3r3734.  3r3746. 3r33382. Create a domain in which the OID (domain in terms of FMW) will work for us
3r3734.  3r3746.
3r3704. cd /u /app /oracle /product /middleware /Oracle_IDM1 /oracle_common /common /bin
./config.sh

3r3734.  3r3746. 3r3734.  3r3746. We create the domain in a separate folder from the software. For example, indicate as follows:
 3r3746. 3r3734.  3r3746. /u /app /oracle /config /domains /oid_domain
 3r3746. 3r3734.  3r3746. 3r3734.  3r3746. 3r3734.  3r3746. 3r3734.  3r3746. 3r3734.  3r3746. For the connection to the database, specify the parameters of the previously created schemes (and passwords) 3r3734.  3r3746. During the installation, we set the login and password for the NodeManager (will be used later for connecting to the NodeManager and starting /stopping through the OID itself) 3r3734.  3r3746. 3r3734.  3r3746. 3r33382. Starting NodeManager
3r3734.  3r3746. To run NodeManager, you need to generate a file with the keys: DemoIdentity.jks. (If, in addition to installing the OID, you install updates, then this step may not be necessary)
 3r3746. We will generate the “default” one so that we don’t have to worry about the keystore boot options in the domain config. It works with such parameters - this is the password for the default storage:
 3r3746. 3r3734.  3r3746.
3r3704. cd /u /app /oracle /product /middleware /Oracle_IDM1 /oracle_common /common /bin

3r3734.  3r3746. doing 3r3734.  3r3746. 3r3734.  3r3746.
3r3704. . setWlstEnv.sh

3r3734.  3r3746. (always with a dot, does not work differently)
 3r3746. Go to the directory in which the file should be stored:
 3r3746. 3r3734.  3r3746.
3r3704. cd /u /app /oracle /config /domains /oid_domain /security
3r3746. java utils.CertGen -keyfilepass DemoIdentityPassPhrase -certfile democert -keyfile demokey -strength 1024 -noskid
3r3746. java used
3r3734.  3r3746. The key phrase DemoIdentityPassPhrase is just that, otherwise you will have to edit the domain config. 3r3734.  3r3746. We need to deal with this, but we must first start to work. 3r3734.  3r3746. 3r3734.  3r3746.
3r3704. export TNS_ADMIN = /u /app /oracle /config /domains /oid_domain /config /fmwconfig /components /OID /config
3r3734.  3r3746. It is necessary to configure the OID itself, otherwise the domain will not be able to connect to the repository database (see [i] Problem1-3r363232.) 3r3734.  3r3746. 3r3734.  3r3746.
3r3704. export LD_LIBRARY_PATH = /u /app /oracle /product /middleware /Oracle_IDM1 /lib: $ LD_LIBRARY_PATH

3r3734.  3r3746. It is necessary in order that there were necessary libraries and were pulled up from necessary ORACLE_HOME
 3r3746. 3r3734.  3r3746. If anything, check with ldd where they look:
 3r3746. 3r3734.  3r3746.
3r3704. ldd /u /app /oracle /product /middleware /Oracle_IDM1 /bin /oiddispd
3r3734.  3r3746. Must be on ORACLE_HOME with FMW software:
 3r3746. 3r3734.  3r3746.
3r3704. libclntsh.so.12.1 => /u/app/oracle/product/middleware/Oracle_IDM1/lib/libclntsh.so.???r3r3708.
3r3734.  3r3746. For errors, if this is not the case, see section [i] Problem 2 3r33232. 3r3734.  3r3746. 3r3734.  3r3746.
3r3704. cd /u /app /oracle /config /domains /oid_domain /bin /
./setStartupEnv.sh - exposes additional. environment variables
./startNodeManager.sh &

3r3734.  3r3746. Make sure the NodeManager is running. 3r3734.  3r3746. Logs and configuration: /u /app /oracle /config /domains /oid_domain /nodemanager
 3r3746. 3r3734.  3r3746. [i] 3r3630. Issue 1: 3r3631. 3r33232. 3r3734.  3r3746. 3r3734.  3r3746.
3r3704. Jun 2? ???:27:58 AM MSK Fatal error in NodeManager server
weblogic.nodemanager.common.ConfigException: Identity key store file not found: /u/app/oracle/config/domains/oid_domain/security/DemoIdentity.jks

3r3734.  3r3746. [i] 3r3630. Solution1 3r3631. 3r33232. : Go and generate DemoIdentity.jks, as described above
 3r3746. 3r3734.  3r3746. [i] 3r3630. Problem2 [/b] 3r33232. :
 3r3746. 3r3734.  3r3746.
3r3704. Jun 2? ???:20:08 PM MSK INFO /u /app /oracle /config /domains /oid_domain password:
confirm password:
Unabled to Connect to Database: Incorrect TNS or TNC Connect string or Invalid Password
>
3r3734.  3r3746. [i] 3r3630. Solution2 3r3631. 3r33232. : set the TNS_ADMIN variable and check the correctness of the login /password
 3r3746. 3r3734.  3r3746. 3r33382. Initial configuration OID
3r3734.  3r3746. At this point, the variables
should be set.  3r3746. TNS_ADMIN
 3r3746. LD_LIBRARY_PATH
 3r3746. It is assumed that the NodeManager is already running. 3r3734.  3r3746. Run the WLST utility:
 3r3746. 3r3734.  3r3746.
3r3704. cd /u /app /oracle /product /middleware /Oracle_IDM1 /oracle_common /common /bin
export MW_HOME = $ ORACLE_HOME
3r3734.  3r3746. We expose the variables that are needed for the WLST
utility to work.  3r3746. 3r3734.  3r3746.
3r3704. ./setHomeDirs.sh
./setWlstEnv.sh
./wlst.sh

3r3734.  3r3746. then use the WLST utility to connect to the NodeManager. We will need the login and password specified during the installation (specified for the NodeManager, we have this weblogic) 3r3734.  3r3746. 3r3734.  3r3746.
3r3704. nmConnect (username = 'weblogic', password = 'password from NodeManager', domainName = 'oid_domain')

3r3734.  3r3746. [i] Example output 3r33232. :
 3r3746. 3r3734.  3r3746.
3r3704.[13:45] [uhq-ora-oid1.oracle.:/u/app/oracle/product/middleware/Oracle_IDM1/oracle_common/common/bin]$ ./wlst.sh
3r3746. Initializing WebLogic Scripting Tool (WLST)
3r3746. Welcome to WebLogic Server Administration Scripting Shell
3r3746. Type help () for help on available commands
3r3746. wls: /offline> nmConnect (username = 'weblogic', password = '*****', domainName = 'oid_domain')
Connecting to Node Manager
Successfully Connected to Node Manager. 3r3746.
3r3734.  3r3746. We start initialization, during which an instance is created with the name oid1. 3r3734.  3r3746. In the line below:
 3r3746. 3r3734.  3r3746. odsPassword is the password to the ODS scheme based on the repository, which was set when executing ./rcu
 3r3746. orcladminPassword - the password that will be used as cn = orcladmin to access LDAP
 3r3746. realmDN is an LDAP schema that will be configured for 3r3-3734.  3r3746. 3r3734.  3r3746.
3r3704. oid_setup (orcladminPassword = '****', odsPassword = '***', realmDN = 'dc = mycomany, dc = ru ')
3r3734.  3r3746. After execution, the component (instance in terms of FMW) with the name oid1 3r3734 should be created.  3r3746. 3r3734.  3r3746. 3r3630. [i] Problem 3 3r33232. 3r3633. :
 3r3746. Log /u/app/oracle/config/domains/oid_domain/servers/OID/logs/oid1/oidmon*.log
 3r3746. contains
 3r3746. 3r3734.  3r3746.
3r3704. /u/app/oracle/product/middleware/Oracle_IDM1/wlserver//bin/oiddispd: error while loading shared libraries : libclntshcore.so.12.1: cannot be shared file directory
3r3734.  3r3746. 3r3630. [i] Solution3 3r3632. 3r3633. :
 3r3746. Set the environment variable
 3r3746. LD_LIBRARY_PATH = /u /app /oracle /product /middleware /Oracle_IDM1 /lib: $ LD_LIBRARY_PATH
 3r3746. restart NodeManager,
 3r3746. we launch component: 3r3734.  3r3746. 3r3734.  3r3746.
3r3704. cd /u /app /oracle /config /domains /oid_domain /bin /
nohup ./startNodeManager.sh &
./startComponent.sh oid1

3r3734.  3r3746. If for this reason the component was created but does not work, then we kill the oidmon process, change the process status parameters in the DBMS: 3r3734.  3r3746. 3r3734.  3r3746.
3r3704. ps –ef | grep oidmon
kill oidmon

3r3734.  3r3746.
3r? 3534. sqlplus /as sysdba
update ods.ods_process_status set pid = 0 where compname = 'oid1'; 3r3746. update ods.ods_process_status set state = 4 where compname = 'oid1'; 3r3746.
3r3734.  3r3746. Check connection:
 3r3746. 3r3734.  3r3746.
3r3704. ./ldapbind -h localhost -p 3060
./ldapbind -h localhost -p 3131 -U 1 -D 'cn = orcladmin' -w ****

3r3734.  3r3746. You may need to re-initialize oid_setup
 3r3746. 3r3630. [i] Problem4 3r3-33632. 3r3633. . When trying to save to NetManager:
 3r3746. 3r3734.  3r3746.
3r3704. oracle.net.common.dataStore.DataStoreException: error writing ServiceAlias ​​to: LDAPDataStore[svr: uhost-oid1.mycompany.ru:3060:3131, type: OID, ctxt: cn=OracleContext,dc=mycomany,dc=ru, home: C:oracleproduct12.1.0client_1]3r3746. original exception message: TNS-04409: Directory service error
caused by: oracle.net.config.DirectoryServiceException: TNS-04405: General error 3r3r6746. caused by: oracle.net.ldap.NNFLException
original stack trace: oracle.net.config.ServiceAliasException: TNS-04409: Error directory service
caused by: oracle.net.config.DirectoryServiceException: TNS-04405: General error 3r3r6746. caused by: oracle.net.ldap.NNFLException
oracle.net.config.DirectoryServiceException: TNS-04405: General error 3r3746. caused by: oracle.net.ldap.NNFLException
oracle.net.ldap.NNFLException

3r3734.  3r3746. 3r? 3580. 3r3734.  3r3746. 3r3734.  3r3746. 3r3630. Decision 4: 3r3631. 3r3734.  3r3746. Once again, run oid_setup
 3r3746. Check the ldap.ora settings on the client from which Net Manager is running
 3r3746. DEFAULT_ADMIN_CONTEXT = "dc = mycomany, dc = en"
 3r3746. 3r3734.  3r3746. 3r3630. Change the OID parameter (to allow requests from anonymous users) 3r3631. 3r3734.  3r3746. When creating a TNS name using net manager, but tnsping does not work. 3r3734.  3r3746. Create a file:
 3r3746. cat anonymousbind.ldif
 3r3746. 3r3734.  3r3746.
3r3704. dn: cn = oid? cn = osdldapd, cn = subconfigsubentry
changetype: modify
replace: orclAnonymousBindsFlag
orclAnonymousBindsFlag: 1

3r3734.  3r3746. and modify the parameters using this file:
 3r3746. 3r3734.  3r3746.
3r3704. ldapmodify -D cn = orcladmin -W -p 3131 -h localhost -f anonymousbind.ldif
3r3734.  3r3746. [i] 3r3630. Diagnostics: [/b] 3r33232. 3r3734.  3r3746. tnsping mytest does not work, a ldapsearch works
 3r3746. We check availability of ports 3060 and 3131 (for SSL)
 3r3746. 3r3734.  3r3746. so everything works (with the password)
 3r3746. 3r3734.  3r3746.
3r3704. ldapsearch -h uhost-oid1.mycompany.ru -p 3060 -D "cn = orcladmin" -w password_hear -b "cn = mytest, cn = OracleContext, dc = mycomany, dc = ru" -s base "objectclass = *"
3r3734.  3r3746. mytest is an alias created earlier. 3r3734.  3r3746. 3r3734.  3r3746. 3r33655. Client settings
3r3734.  3r3746. On the client side, the files in $ ORACLE_HOME /network /admin are
 3r3746. ldap.ora
 3r3746. sqlnet.ora
 3r3746. tnsnames.ora
 3r3746. 3r3734.  3r3746. The tnsnames.ora file contains “local” aliases, as usual, and is used if no name is found in LDAP. 3r3734.  3r3746. The sqlnet.ora file contains a description of the resolv order:
 3r3746. 3r3734.  3r3746. sqlnet.ora 3r3734.  3r3746. 3r33700. 3r3734.  3r3746. 3r3704. SQLNET.AUTHENTICATION_SERVICES = (NTS) 3r3734.  3r3746. NAMES.DIRECTORY_PATH = (TNSNAMES, LDAP)
 3r3746. 3r3734.  3r3746. 3r3734.  3r3746. LDAP file access parameters are specified in ldap.ora
 3r3746. 3r3734.  3r3746. ldap.ora 3r3734.  3r3746. 3r33700. 3r3734.  3r3746.
3r3704. DIRECTORY_SERVERS = (uhost-oid1.mycompany.ru:????rephost-oid1.mycompany.ru:3060 complete131)
DIRECTORY_SERVER_TYPE = OID
DEFAULT_ADMIN_CONTEXT = "dc = mycomany, dc = en"

3r3734.  3r3746. In the described configuration, the following order is used. 3r3734.  3r3746. 3r3734.  3r3746. First, the tnsnames.ora file is viewed, if the record was not found there, then we ask LDAP (if you need to change the order, change the order in the NAMES.DIRECTORY_PATH parameter 3r3734.  3r3746. 3r3734.  3r3746. Next comes the query to the main LDAP server, if it is unavailable for some reason, go to the second server in the DIRECTORY_SERVERS list
 3r3746. 3r3734.  3r3746. The order of the survey in this case is not important, the first is better to specify the geographically closest server. 3r3734.  3r3746. 3r3734.  3r3746. The default admin context (LDAP) is used for the default context in order not to specify mycompany.ru
each time.  3r3746. 3r3734.  3r3746. For the same reason, it is not recommended to use a dot in the alias entry, it perceives it as a domain. 3r3734.  3r3746. 3r3734.  3r3746. Further I will tell how to configure replication between servers
3r3746. 3r3746.
! function (e) {function t (t, n) {if (! (n in e)) {for (var r, a = e.document, i = a.scripts, o = i.length; o-- ;) if (-1! == i[o].src.indexOf (t)) {r = i[o]; break} if (! r) {r = a.createElement ("script"), r.type = "text /jаvascript", r.async =! ? r.defer =! ? r.src = t, r.charset = "UTF-8"; var d = function () {var e = a.getElementsByTagName ("script")[0]; e.parentNode.insertBefore (r, e)}; "[object Opera]" == e.opera? a.addEventListener? a.addEventListener ("DOMContentLoaded", d,! 1): e.attachEvent ("onload", d ): d ()}}} t ("//mediator.mail.ru/script/2820404/"""_mediator") () (); 3r33737. 3r3746. 3r3742. 3r3746. 3r3746. 3r3746. 3r3746.