A customer uses Oracle Internet Directory as secondary LDAP. Changes to the OID structure are performed using LDAP Data Interchange Format (LDIF) scripts.
Creating users in OID with LDIF scripts:
command: ldapadd -c -h servername -p 389 -D cn=orcladmin -w myPassword -f createUsers.ldif
script:
cn=jdoe,cn=Users,dc=myDivision,dc=myCompany cn=jdoe sn=jdoe objectclass=top objectclass=person objectclass=organizationalPerson objectclass=inetorgPerson objectclass=orclUserV2 description=John Doe userpassword=welcome2011 mail=john.doe@mycompany.com
Creating groups in OID with LDIF scripts:
command: ldapadd -c -h servername -p 389 -D cn=orcladmin -w myPassword -f createGroups.ldif
script:
cn=MyGroup,cn=groups,dc=myDivision,dc=myCompany cn=MyGroup objectclass=top objectclass=orclGroup objectclass=groupOfUniqueNames owner=cn=orcladmin displayname=MyGroup description=My Script Created Group orclisvisible=true
Remove members from groups in OID with LDIF scripts:
command: ldapmodify -c -h servername -p 389 -D cn=orcladmin -w myPassword -f removeMembersFromGroup.ldif
script:
dn: cn=myGroup,cn=groups,dc=myDivision,dc=myCompany changetype: modify delete: uniquemember
Add members to groups in OID with LDIF scripts:
command: ldapmodify -c -h servername -p 389 -D cn=orcladmin -w myPassword -f addMembersToGroup.ldif
script:
dn: cn=myGroup,cn=groups,dc=myDivision,dc=myCompany changetype: modify add: uniquemember uniquemember: cn=jdoe,cn=Users,dc=myDivision,dc=myCompany uniquemember: cn=user2,cn=Users,dc=myDivision,dc=myCompany uniquemember: cn=user3,cn=Users,dc=myDivision,dc=myCompany
Disable users in OID with LDIF scripts:
command: ldapmodify -c -h servername -p 389 -D cn=orcladmin -w myPassword -f DisableUsers.ldif
script:
cn=jdoe,cn=Users,dc=myDivision,dc=myCompany changetype: modify orclisenabled :DISABLED
Because I find the ODSM console not always satisfying, I use the following SQL queries to retrieve some information:
View Oracle Directory Services change log in Oracle Database with SQL:
select * from ods_chg_log
View Oracle Directory Services Users membership in Oracle Database with SQL:
SELECT * FROM ct_hrch_query WHERE attrvalue LIKE 'cn=jdoe%'