R-28 Oracle Fusion Middleware Administrators Guide for Oracle Internet Directory Troubleshooting bulkdelete, bulkmodify, and ldifwrite Oracle highly recommends that you investigate and correct all errors thrown by the bulk tools before proceeding with the next step. To get more information about the reason for error, run the command with debug enabled debug=t. Debug information is available in the corresponding log file, bulkdelete.log, bulkmodify.log, or ldifwrite.log, under ORACLE_ INSTANCE diagnosticslogsOIDtools. In the database, debug information is available in the ods.ds_ldap_log table. Problem The bulkdelete or bulkmodify command-line tool fails because of a broken connection to the database. This can occur, for example, due to a host crash or in to a failover in Real Application Clusters. Solution Ensure that the database is restarted properly. Then retry the bulkdelete or bulkmodify command that failed. Troubleshooting catalog Oracle highly recommends that you investigate and correct all errors thrown by the bulk tools before proceeding with the next step. To get more information about the reason for error, run the command with debug enabled debug=t. Debug information is available in ORACLE_ INSTANCE diagnosticslogsOIDtoolscatalog.log and in database ods.ds_ldap_log table. Problem The catalog command-line tool fails because of a broken connection to the database. This can occur, for example, due to a host crash or in to a failover in Real Application Clusters. Solution Ensure that the database is restarted properly. Retry the catalog command that failed. If the original invocation employed the add=TRUE option, the retry might fail because the first command partially completed. If the retry fails, use catalog delete=TRUE to delete the attribute index, then retry the command again. Problem The catalog command throws an error because more than 1000 attributes are present in the file. Solution If you need to index more than 1000 attributes, use multiple files. Troubleshooting remtool Problem A remtool query such as remtool -pdispqstat -v -bind host:port Troubleshooting Oracle Internet Directory R-29 hangs. During the hang, attempts to bind to the server with other tools might fail. Solution If there is a large backlog of changelogs waiting to be purged, the remtool search query runs for a long time. Ensure that changelog purging is configured appropriately for your environment. See Change Log Purging on page 35-5. You can also increase the number of worker threads so that other tools can bind while remtool is running the query. See Attributes of the Instance-Specific Configuration Entry on page 9-2 and the Oracle Internet Directory chapter in Oracle Fusion Middleware Performance and Tuning Guide. Troubleshooting Server Chaining Problem The log contains the error message Server Chaining error followed by javax.naming.AuthenticationException. Solution In ODSM, go to the Advanced tab and expand Server Chaining. In each enabled entry, click Verify Login Credential, Verify User Container, and Verify Group Container. If the verification fails, examine the values you entered for errors. If the problem persists, consult the external directory administrator to verify the accuracy of the values you entered. Viewing Version Information On the Oracle Directory Services Manager home page for Oracle Internet Directory, you can view version information about Oracle Directory Services Manager, Oracle Internet Directory, and the associated Oracle Database. For information about using Oracle Directory Services Manager, see Using Oracle Directory Services Manager on page 7-5. Troubleshooting Fusion Middleware Control and WLST Problem Oracle Enterprise Manager Fusion Middleware Control and WLST do not work after the system is patched to 11g Release 1 11.1.1.4.0. Solution This problem occurs if you had SSL server authentication enabled and cipher suites configured prior to patching. To fix this problem after patching, remove the orclsslciphersuite attribute from the instance-specific configuration entry by using ldapmodify. The LDIF file for deleting the orclsslciphersuite attribute in the instance-specific entry is: dn: cn=componentname,cn=osdldapd,cn=subconfigsubentry changetype: modify delete: orclsslciphersuite The command is: ldapmodify -D cn=orcladmin -q -p portNum -h hostname -f ldifFile R-30 Oracle Fusion Middleware Administrators Guide for Oracle Internet Directory Restart Oracle Internet Directory as described in Restarting the Oracle Internet Directory Server by Using opmnctl on page 8-10. Problem Oracle Internet Directory is up and running, but you cannot change Oracle Internet Directory parameters by using Oracle Enterprise Manager Fusion Middleware Control or WLST. You might see the error message: Unable to connect backend OID. Solution This can occur if the Oracle Internet Directory port number was changed and the server was not restarted or the Oracle Internet Directory component registration was not updated. Restart the server and run opmnctl updatecomponentregistration, as described in Updating the Component Registration of an Oracle Instance by Using opmnctl on page 8-8. Solution This occurs if you specify an SSL port configured for server authentication or mutual authentication when using the replication wizard. The replication wizard can only connect to SSL ports that are configured for no authentication. Always specify a non-SSL port or an SSL port configured for no authentication when prompted to log in or when specifying a node. Solution This occurs if Oracle Internet Directorys SSL port is configured for mutual authentication. Oracle Enterprise Manager Fusion Middleware Control and WLST manage Oracle Internet Directory through the SSL port, and the port must be configured for no authentication or server authentication. Troubleshooting Oracle Directory Services Manager This section lists issues related to Oracle Directory Services Manager. Cannot Invoke ODSM from Fusion Middleware Control Problem You attempt to invoke Oracle Directory Services Manager from Oracle Enterprise Manager Fusion Middleware Control by selecting Directory Services Manager from the Oracle Internet Directory menu in the Oracle Internet Directory target, then Data Browser , Schema, Security, or Advanced. ODSM does not open. You might see an error message. Solution This is probably an installation problem. See Oracle Fusion Middleware Installation Guide for Oracle Identity Management. See Also: SSL Authentication Modes on page 26-3. Troubleshooting Oracle Internet Directory R-31 Cannot Invoke ODSM from Fusion Middleware Control in Multiple NIC and DHCP Enabled Environment Problem The WebLogic Managed Server where Oracle Directory Services Manager is deployed has multiple Network Interface Cards NIC or is DHCP enabled. Attempts to invoke Oracle Directory Services Manager from Oracle Enterprise Manager Fusion Middleware Control fail and return 404 errors. Solution Use the WebLogic Server Administration Console to change the listen address of the Managed WebLogic Server so that the IP address or hostname in the URL for Oracle Directory Services Manager is accessible. Perform the following steps: 1. Using a web browser, access the WebLogic Server Administration Console.

2. In the left pane of the WebLogic Server Administration Console, click Lock Edit

to edit the server configuration. 3. In the left pane of the WebLogic Server Administration Console, expand Environment and select Servers. 4. On the Summary of Servers page, click the link for the WebLogic Managed Server where Oracle Directory Services Manager is deployed. 5. On the Settings page for the WebLogic Managed Server, update the Listen Address to the host name of the server where Oracle Directory Services Manager is deployed.

6. Click Save to save the configuration.

7. Click Activate Changes to update the server configuration.

Various Failover Issues Problem When you perform an Oracle Directory Services Manager failover using Oracle HTTP Server, the failover is not transparent. You see this behavior when you perform the following steps: 1. Oracle Directory Services Manager is deployed in a High Availability active-active configuration using Oracle HTTP Server. 2. Display an Oracle Directory Services Manager page using the Oracle HTTP Server name and port number. 3. Make a connection to an Oracle Internet Directory server. 4. Work with the Oracle Internet Directory server using the current Oracle Directory Services Manager Oracle HTTP Server host and port. 5. Shut down one managed server at a time using the WebLogic Server Administration Console. 6. Go back to the Oracle Directory Services Manager page and port, and the connection which was established earlier with Oracle Internet Directory. When you do, a message is displayed advising you to re-establish a new connection to the Oracle Directory Services Manager page. R-32 Oracle Fusion Middleware Administrators Guide for Oracle Internet Directory Solution If you encounter this problem, perform the following steps: 1. In your web browser, exit the current Oracle Directory Services Manager page. 2. Launch a new web browser page and specify the same Oracle Directory Services Manager Oracle HTTP Server name and port. 3. Re-establish a new connection to the Oracle Internet Directory server you were working with earlier. Problem ODSM temporarily loses its connection to Oracle Internet Directory and displays the message LDAP Server is down. Solution In a High Availability configuration where ODSM is connected to Oracle Internet Directory through a load balancer, ODSM reports that the server is down during failover from one instance of Oracle Internet Directory to another. In other configurations, this message might indicate that Oracle Internet Directory has been shut down and restarted. In either case, the connection is reestablished in less than a minute, and you are able to continue without logging in again. Problem ODSM temporarily loses its connection to an Oracle Internet Directory instance that is using an Oracle RAC database. ODSM might display the message Failure accessing Oracle database oracle errcode=errcode, where errcode is one of the following values: 3113, 3114, 1092, 28, 1041, or 1012. Solution This error can occur during failover of the Oracle Database that the Oracle Internet Directory instance is using. The connection is reestablished in less than a minute, and you are able to continue without logging in again. ODSM Displays an Error Message Problem ODSM displays the error message: Error :Posn: -1, Size: 0 Solution This error can be ignored. It usually indicates that Oracle Internet Directory has detected an error in an ODSM operation. JNDI, which ODSM uses to connect to Oracle Internet Directory, sometimes returns this error code instead of the actual error code. Oracle Internet Directory server log files show a more meaningful error message. See Also: ■ The Oracle Fusion Middleware High Availability Guide for more information about Oracle Directory Services Manager in High Availability configurations. ■ Configuring Oracle HTTP Server to Support Oracle Directory Services Manager in an Oracle WebLogic Server Cluster on page 7-12 Troubleshooting Oracle Internet Directory R-33 Cursor Loses Focus Problem When you access ODSM in accessibility mode, using only the keyboard, in Internet Explorer 7, the cursor loses focus. This behavior has been observed under the following circumstances: ■ You access the directory in SSL-enabled mode and the server certificate appears. ■ You type an invalid password and the error dialog appears. Solution Press the Tab key nine times, then press the Enter key. Need More Help? You can find more solutions on My Oracle Support formerly MetaLink, http:metalink.oracle.com . If you do not find a solution for your problem, log a service request. See Also: Oracle Fusion Middleware Release Notes for Microsoft Windows 32-Bit, available on the Oracle Technology Network: http:www.oracle.comtechnologydocumentationindex .html R-34 Oracle Fusion Middleware Administrators Guide for Oracle Internet Directory Index-1 Index Symbols + in search request, 13-11 Numerics 3DES value of orclpwdverifierparams generating dynamic verifiers, 30-11 A abstract object classes, 3-13 superclasses of, 20-4 top, 3-12 access exclusionary, 29-15 granting by using ODSM, 29-15 entry-level, by using ODSM data browser, 29-21 kinds, 29-10 level requirements for LDAP operations, 29-11 operations, 29-10 read-only granting by using ldapmodify command, 29-25 rights, setting by using ODSM access control, 29-18, 29-19 selecting, by DN by using ldapmodify command, 29-24 subject, 29-8 unspecified, 29-11 access control, 29-1 to 29-26 and authorization, 3-15 bind IP filter, 29-8 conceptual discussion, 29-1 default, 31-3 defined, 3-15 directive format. See ACI directive format information, described, 29-1 information, format and syntax, H-1 management constructs, 29-2 managing, 29-1 by using command-line tools, 29-22 by using ODSM, 29-15 policies conflicting, 29-3 inheriting, 29-3 policy administration, introduction, 29-1 prescriptive, 29-3 setting by using wildcards, 29-23 access control lists, 3-7 See also ACLs access control policy points defined, 3-5 groups, 29-4 See also ACPs account lockout enforced by password policies, 28-4 accounts disabling, 12-2 enabling and disabling by using command-line tools, 12-2 by using Oracle Internet Directory Self-Service Console, 12-4 managing, 12-1 privileged, 12-2 unlocking by using command-line tools, 12-3 by using Oracle Internet Directory Self-Service Console, 12-4 realm administrator, 33-7 superuser, 28-4 ACIs components, 29-7 content, 29-1 defined, 29-1 entry level setting up by using ldapmodify command, 29-23 more than one for the same subject, 29-14 object of directives, 29-7 representation, 29-2 restricting kinds users can add, 29-22 See access control items subject of directives, 29-8 ACL evaluation how it works, 29-12 ACLs directives, within entries, 29-3 for groups, 29-15 precedence rules, 29-12 Index-2 See access control lists within subtrees, 29-3 ACPs adding by using ldapmodify command, 29-23 by using ODSM access control, 29-16 by using ODSM Data Browser, 29-21 defined, 29-2 groups, 29-4 modifying by using ODSM access control, 29-20 by using ODSM Data Browser, 29-21 multiple, 29-3 See also access control policy points viewing by using ODSM access control, 29-15 activate replication, 40-13, 41-12, 41-21 active server instances viewing, 8-5 by usingopmnctl command, 8-9 added_object_constraint filter, 29-22 added-object-constraint, in access control, 29-10 adding attributes by using ldapmodify command, 20-20 adding attributes to object classes by using ldapmodify command, 20-19 adding indexes by using ODSM, 20-15 adding object classes by using ODSM, 20-11 adding object classes by using ldapmodify command, 20-18 addresses IP, 10-1 Advanced Replication adding a new node for, C-11 architecture, D-2 change logs, D-4 configuring by using Replication Management Tool, C-6 sqlnet.ora, C-6 tnsnames.ora, C-6 deleting a node, C-14 Directory Replication Group, C-3 DRG, C-3 filtering, C-1 installing and configuring, C-2, C-4 nodes adding, C-11 deleting, C-14 preparing the Oracle Net Services environment for, C-6 replication groups DRGs, C-4 configuring, C-4 Advanced Replication groups setting up, C-4 AL32UTF8 character set, R-2, R-3 alias entries, 17-1 to 17-6 adding by using ldapadd command, 17-2 defined, 17-1 dereferencing, 17-1 messages, 17-6 modifying by using ldapmodify command, 17-6 searching directory with, 17-3 aliases attributes with adding by using ldapmodify command, 20-21 alphabetic characters password policy attribute, 28-6 anonymous authentication, 32-1 anonymous binds, 9-12 default behavior, 32-8 limited operations on root DSE, 32-8 managing by using Fusion Middleware Control, 32-8 by using ldapmodify command, 32-8 application-specific repositories migrating data from, 36-6 apply threads per supplier, 40-13 architecture Oracle Internet Directory, 1-4, 3-1 Oracle Internet Directory Server Manageability framework, 24-2 attribute aliases, 20-10 delete by using ldapmodify command, 20-22 using with ldapadd, 20-24 using with ldapdelete, 20-25 using with ldapmoddn, 20-25 using with ldapmodify, 20-24 using with ldappadd, 20-24 using with ldapsearch, 20-23 attribute mapping in server chaining, 37-8 attribute name in search request case, 9-12 attribute options, 3-11 adding by using ldapmodify, 13-13 conceptual discussion, 3-11 deleting by using ODSM, 13-13 language codes, 3-11 searching for by using ldapsearch, 13-13 attribute selectors, 29-24 attribute uniqueness defined, 18-1 rules for creating, 18-3 attribute uniqueness constraint example, 18-8 attribute uniqueness constraint entries, 18-1 to 18-9 DN, 18-2 attribute uniqueness constraints creating by using ldapadd, 18-9 deleting by using ldapdelete, 18-9 modifying by using ldapmodify, 18-9 attribute values not preserved on upgrade to 11g, A-4 attributes adding, 20-5 by using ldapmodify command, 20-19, 20-20, 20-22 adding index by using ldapmodify Index-3 command, 20-20 as metadata in schema, 20-2 attribute options, 13-13 adding by using ldapmodify, 13-13 conceptual discussion, 3-11 deleting by using ODSM, 13-13 base schema deleting, 20-5 modifying, 20-5 change logs, 41-16 collective, 16-1 commonName, 3-10 configuration automatically created, 3-9 defined, 9-1 managing by using WLST, 9-14 content rules, 20-9 defined, 3-8 deleting, 20-5 by using ODSM, 20-14 determined by object classes, 20-2 ditcontentrule, 20-8 dropping indexes, 20-16 extending number of by using auxiliary object classes, 20-7 by using content rules, 20-8 for existing entries, 20-7 prior to creating entries, 20-7 for a specific entry viewing by using ODSM, 13-5 for which data exists indexing, 20-21 for which no directory data exists indexing, 20-20 hashed, 9-13 in base schema, 20-5 in Fusion Middleware Control replication wizard, 40-13 in top object class, 3-13 indexed, 3-6 indexes, created by bulkload, 15-7 indexing, 20-21 by using catalog command, 20-6 information, kinds of, 3-9 inheritance of, 20-3 instance-specific managing by using Fusion Middleware Control, 9-11 jpegPhotos, 3-10, 13-12 kinds of information in, 3-9 labeledURI, 14-4, 14-5, 14-6, 14-15 listing by using ldapsearch, 13-11 managing by using Fusion Middleware Control, 9-11 mandatory, 3-12, 20-3, 20-12 in a user entry, 36-9 matching rules, 3-11 modifying by using ldapmodify, 20-19 by using ODSM, 20-14 rules for, 20-5 using ldapmodify command, 20-22 multivalued converting to single-valued, 20-5 null values in, 20-3 objects associated with an ACI, 29-7 of the DSA configuration entry, 9-9 of the DSE, 9-10 of the instance-specific configuration entry, 9-2 optional, 3-12, 20-3 options, 3-11 language codes., 3-11 organization, 3-10 organizationalUnitName, 3-10 redefining mandatory, 20-4 ref, 19-1 removing from object classes, 20-4 replication configuration container, 40-1 searchable, 15-12 searching by using ODSM, 20-15 single-valued, 3-10 converting to multivalued, 20-5 skewed, 9-13 specifying as mandatory or optional, 20-3 storing password verifiers for authenticating to Oracle components, 30-5 syntax, 3-11 modifying, 20-5 syntax type selecting, 20-17 syntaxes cannot modify, 20-5 selecting, 20-17 system operational, 9-1 types, 3-9 user entry, 12-2 usercertificate, K-1 values, 3-9 viewing, 13-5 with aliases adding by using ldapmodify command, 20-21 audit attributes, 22-2 events and categories, 22-2 users to always, 22-4 audit configuration viewing by using ldapsearch command, 22-5 audit framework advantages, 22-2 features, 22-1 audit policy, 22-4 audit policy page in Fusion Middleware Control, 22-4 audit presets, 22-2 audit record pathname, 22-3 audit record storage, 22-3 audit records, 22-3 Index-4 audit, 10g versus 11g, A-7 auditing, 22-1 to 22-6 administrator, 22-2 defined, 22-1 managing by using Fusion Middleware Control, 22-4 by using ldapmodify command, 22-6 managing by using WLST, 22-5 auditing Oracle Directory Integration Platform, 22-3 auditing replication, 22-3 authentication, 32-1 to 32-9 anonymous, 32-1 at ldapbind, 32-1 certificate, 32-2 conceptual discussion, 32-1 defined, 3-15 direct options, 32-1 external, 32-4, 44-1 SASL, 32-2 in a typical directory operation, 3-7 indirect, 32-3 through a RADIUS server, 32-3 modes, SSL testing, 26-12 native, 44-1 Oracle directory replication server, 38-6 password-based, 32-1 PKI, 26-2 SASL, 32-1 SASL mechanism external authentication, 32-2 MD5 Digest, 32-2 simple, 32-1 Simple Authentication and Security Layer SASL, 32-1 SSL defined, 32-1 three levels, 1-6 through a middle tier, 32-3 authentication of replication server, 38-6 Authentication Services Group, 31-12 authorization, 3-15 defined, 29-1 automated resolution of conflicts, 41-6 autotune replication, 40-13, 41-2, 41-11, 41-21 auxiliary object classes, 3-13, 20-4 extending number of attributes by using, 20-7 B backing up data before setting up replication, 38-18 backup and restore, 25-1 base schema attributes, 20-5 deleting, 20-5 modifying, 20-5 object classes modifying, 20-4 base search, 13-4 basic management tasks, 7-15 binary values printing by using ldapsearch command, 13-14 bind IP filter, 29-8, 29-9 bind mode, 29-9 bind operation when authentication occurs, 32-1 bind performance monitoring garbage collectors, 35-3 binding, 3-7 binds anonymous, 9-12 bootstrap setting up by using command line, 38-19 setting up by using replication wizard, 38-3 troubleshooting, R-21 bootstrap capability of the replication server, 38-3 bootstrap rules, 38-3 bulk tools, 15-1 to 15-12 environment variables required, 15-1 troubleshooting, R-28 bulkdelete command, 15-9 deleting naming contexts replication setup, 38-27 Globalization Support, I-8 log file location, 23-1 log file name, 23-1 replication setup deleting naming contexts, 38-27 syntax, 15-10 bulkload load command option, 15-7 bulkload command, 15-6, 15-7 check mode, performing on LDIF files, 36-4 creating indexes, 15-7 Globalization Support, I-8 loading data replication setup, 38-27 loading data into schema, 15-3 log file location, 23-1 log file name, 23-1 migrating third party LDAP data, 36-5 replication setup loading data, 38-27 syntax, 15-5 troubleshooting, R-26 bulkmodify command, 15-8 Globalization Support, I-9 log file location, 23-1 log file name, 23-1 syntax, 15-9 C cache metadata, 3-4 cached and uncached groups, 14-2 caches Index-5 entry tuning, 9-12 privilege group membership tuning, 9-12 case of attribute name in search request, 9-12 catalog limit on number of attributes, R-28 catalog command, 20-21 creating indexes, 15-11 log file location, 23-1 log file name, 23-1 referential integrity enabling, 21-3 syntax, 15-12 troubleshooting, R-28 catalog entry, 3-6 Catalog Management Tool See catalog command certificate authentication, 32-2 certificates in wallet, 26-4 change log entries on ODSM home page, 24-7 change logs and directory replication, 41-3 attributes, 41-16 change number-based purging, 35-5 DNs, 35-5 enable or disable generation tuning, 9-12 garbage collection troubleshooting, R-24 garbage collector, 35-2 in Advanced Replication, D-4 in replication, 41-3 managing generation, 41-15 managing generation by using Fusion Middleware Control, 41-7 purging, 35-5 configuring by using ldapmodify command, 35-9 methods, 35-5 purging, in multimaster replication, 35-5 time-based purging, 35-5 viewing by using ldapsearch command, 41-15 viewing by using ODSM, 41-8 change number-based purging, 35-5 change retry count, 41-21 replication, 40-13 change retry counts, 41-11 cipher suites SSL, 26-2 SSL, supported, 26-2 supported in SSL, 26-2 cn entry attribute, 3-10 adding, 13-12 cn=oraclecontext naming context replication setup, 38-32 cn=pwdpolicies container in realm, 28-2 cn=replication namecontext, 40-6 cold failover cluster configuring IP address, 10-1 cold failover clusters IP addresses, 10-1 collective attribute managing, 16-4 overriding, 16-4 collective attributes, 16-1 command-line tools, 7-13 to 7-14 10g versus 11g, A-6 Catalog Management Tool, 20-6 indexing, 20-6, 20-21 managing entries, 13-11 overview, 7-13 setting Globalization Support, I-5 common entry, defined, 3-6 Common Group Attributes Group, 31-14 Common User Attributes Group, 31-14 commonName attribute, 3-10 compare failure performance monitoring garbage collectors, 35-3 components of a directory server, 3-2 of Oracle Internet Directory, 1-5 compound RDNs oidcmprec limitations, 41-34 configuration attributes, 9-1 to 9-18 10g versus 11g, A-3 automatically created, 3-9 defined, 9-1 listing by using ldapsearch command, 9-17 managing by using ODSM, 9-18 by using WLST, 9-14 setting by using ldapmodify command, 9-16 configuration files, 10g versus 11g, A-7 configuration information, 10g versus 11g, A-3 conflict resolution automatic, 41-6 in replication, 41-4 messages, 41-23 command-line monitoring, 41-22 monitoring by using Fusion Middleware Control, 41-14 conflicting access control policies, 29-3 precedence, rules for resolving, 29-3 conflicts, replication automated resolution of, 41-6 manual resolution of, 41-24 resolution, 29-12, 41-4 resolving manually, 41-24 typical causes of, 41-5 CONNECT_BY assertions and dynamic groups, 14-4, 14-5 connecting to a directory server, 3-6 connection timeout tuning, 9-12 connection to Oracle Database down, R-2 connections Index-6 on ODSM home page, 24-7 connections to database tuning, 9-12 connections, pooling, 1-6 constraints, object classes, 3-13 consumers, defined, 6-4 containment of groups, planning, 5-3 of users, planning, 5-3 content rules adding by usingldapmodify command, 20-25 defined, 20-8 defined as values of ditcontentrule attribute, 20-8 extending number of attributes by using, 20-8 format, 20-25 managing by using command-line tools, 20-25 modifying by using ODSM, 20-16 parameters, 20-26 rules for creating and modifying, 20-8 schema enforcement when using, 20-9 controls definition, 1-3 converting auxiliary object classes, 20-4 structural object classes, 20-4 createTimestamp attribute, 3-10, 36-3 optional in top, 3-13 creating an instance, 10g versus 11g, A-1 creating content rules by using ODSM, 20-16 creating content rules by using ODSM, 20-16 creating dynamic groups by using ODSM, 14-10 creating static groups by using ODSM, 14-8 creatorsName attribute, 3-10, 36-3 optional attribute in top, 3-13 critical events in Oracle Internet Directory Server Manageability framework, 24-9 levels, 24-9 customized settings LDAP replication setup, 38-18 D data migration from other repositories, 36-1 to 36-9 data migration process, 36-1 data privacy, 3-15, 27-1 to ??, 27-7, ?? to 27-7, ?? to 27-8 database connections pooling, 1-6 tuning, 9-12 dedicated for directory, 3-3 errors, R-2 password, changing, 12-6 server, 1-4 server error, R-2, R-3 server performance troubleshooting, R-11 database account ODSSM accessing server manageability information, 24-4 Database Vault best practices, 27-5 configuration for Oracle Internet Directory, 27-5 deleting policies, 27-5 disabling, 27-5 policies for protecting Oracle Internet Directory, 27-4 databases used by Oracle Internet Directory tablespace encryption enabling or disabling, 27-1 dc attribute, 3-10 debug on ODSM home page, 24-7 debug logging levels, 23-5 about, 23-2 replication server, 40-13, 41-11, 41-21 configuring by using Fusion Middleware Control, 41-12 setting by using ODSM, 23-5 setting by using OID Control Utility, 23-6 setting by using the command line, 23-6 debug operations, 23-7 enabled, 23-5 setting by using ldapmodify command, 23-8 debug, enabling, 10g versus 11g, A-6 debugging LDAP operations, 23-7 debugging the external authentication plug-in, 44-3 debugging, limiting to specific operations, 23-7 default configuration access controls, 31-3 default identity management realm, 3-23, 33-6 default knowledge references referrals configuring, 19-4 default password policy, 28-4 default ports, 3-4 10g versus 11g, A-5 default URLs and ports list of commonly-used, 7-2 Delegated Administration Services defined, 3-19 self-service console, 12-4 delegating privileges, 31-1 to 31-14 delegating privileges for user and group management, 31-3 deleting a replica command-line, 38-29 deleting attributes by using ODSM, 20-14 deleting object classes by using ODSM, 20-13 dereferencing alias entries, 17-1 differences between 10g and 11g, A-1 to A-9 Digest, MD5, 32-2 digest-md5 attribute, 41-11 directories