Configuring and Managing the Oracle Virtual Directory Server 9-3

5. Select the Enable Access Control Check option to enable Oracle Virtual Directory

to enforce access controls as defined in the access control file.

6. Select the Enable Persistent Search option to enable Oracle Virtual Directory to

support the persistent search control regardless of the adapters configured.

7. Select the Enable Schema Check option to enable Oracle Virtual Directory to

check LDAP entries for conformance against the schema definitions contained in the files listed in the Schema Locations field. Oracle suggests disabling the Enable Schema Check option only when an external method for schema checking will be used.

8. If the Enable Schema Check option is selected, Oracle Virtual Directory uses the

files that are listed in the Schema Locations field to verify that LDAP entries conform to schema definitions. Use this field to identify the files Oracle Virtual Directory uses to define its schema. Each file is applied in descending order from top to bottom, with each file overriding the previous one when conflicts occur. Typically, the last file identified is schema.user.xml. Any and all changes to schema are applied to the schema.user.xml file to ensure standard files, such as schema.core.xml, remain unchanged between releases, but can also be virtually modified by having the changes in schema.user.xml override default-shipped schema in schema.core.xml. If you are installing a manufacturer supplied schema in DSML form, identify this file in the second to last file in the list of schema files. This protects the distributed manufacturer file from modification while allowing local customization, which is then stored in schema.user.xml. The following is a list of the default schema files: ■ schema.core.xml ■ schema.cosine.xml ■ schema.inetorgperson.xml ■ schema.nis.xml ■ schema.dyngroup.xml ■ schema.java.xml ■ schema.diameter.xml ■ schema.eus.xml ■ schema.user.xml 9. Use the TLS Configuration section to: ■ Read the names of the adapter keystore and truststore. You cannot configure these values using Oracle Enterprise Manager Fusion Middleware Control. ■ Set the password for the adapter keystore and truststore.

10. Click Apply on the Server Configuration screen to apply your settings.

To change the password for the Oracle Virtual Directory superuser: 1. Click the Change SuperUser Password tab on the Server Properties screen. 2. Enter the existing superuser password in the Old Password field. 3. Enter the new superuser password in the New Password field. 9-4 Oracle Fusion Middleware Administrators Guide for Oracle Virtual Directory 4. Reenter the new superuser password in the Confirm Password field.

5. Click Apply.

To Reset a Lost Oracle Virtual Directory Superuser Password If you lose the superuser password, you can run the ovdcred.pl script to reset the password. You can also change the Oracle Virtual Directory root username using this script. 1. Locate ovdcred.pl in ORACLE_HOMEovdbindirectory. 2. Run the ovdcred.pl script using the following syntax: ovdcred.pl -componentName ovd-component-name -instancePath ovd-instance-path -option usernamepassword option Where ■ componentName Required is the Oracle Virtual Directory component name ■ instancePath Optional is the ORACLE_INSTANCE value. If you already set the ORACLE_INSTANCE value then you do not have to provide this option. ■ option Required Specify a password or username for the value you want to edit or reset. For example: ovdcred.pl –componentName ovd1 –instancePath scratchaime1asinst_1 –option Password ovdcred.pl –componentName ovd1 –instancePath scratchaime1asinst_1 –option Username

9.2 Configuring Oracle Virtual Directory Server Settings Using Oracle Directory Services Manager

You can use Oracle Directory Services Manager to configure some Oracle Virtual Directory server settings, including settings related to the following: ■ Schema files ■ Access Control ■ Server search limits ■ Server activity limits ■ Adapter SSL settings Perform the following steps to configure Oracle Virtual Directory server settings using Oracle Directory Services Manager: 1. Log in to Oracle Directory Services Manager.

2. Select Advanced from the task selection bar. The Advanced navigation tree

appears.

3. Click the Server Settings entry in the Advanced navigation tree. The Server

Settings entry expands and the Settings, Quotas, and Adapter SSL Settings groups appear in the navigation tree. Note: You must set ORACLE_HOME before running this script. Configuring and Managing the Oracle Virtual Directory Server 9-5 4. Click the group you want to configure. The following tables describe each setting in each group. Note: After configuring the appropriate setting, click Apply in the main Oracle Directory Services Manager screen to save the settings to the Oracle Virtual Directory server. 9-6 Oracle Fusion Middleware Administrators Guide for Oracle Virtual Directory Table 9–1 Configuration Parameters for Settings Group in ODSM Category Setting Description Schema Schema Files Use the Schema Files section to identify the files Oracle Virtual Directory uses to define its schema. The Available Files field lists all available schema files that contain schema definitions. The Selected Files field lists the files that Oracle Virtual Directory uses to verify that LDAP entries conform to schema definitions. Oracle Virtual Directory verifies LDAP entries against the files listed in the Selected Files field only when the Enable Schema Checking option is selected. To move files between the Available Files and Selected Files fields, select one or more files, then use the appropriate Move or Remove arrow buttons to move the file. Oracle Virtual Directory verifies LDAP entries against the files in the Selected Files field in the sequence, or order, in which they appear in the field. Each file is used for verification in descending order from top to bottom, with each file overriding the previous one when conflicts occur. You can change the sequence, or order, in which the files are used for verification by selecting a file name in the Selected Files field and then using the up and down arrow buttons to the right of the Selected Files field to change the order. Typically, the last file identified is schema.user.xml. Any and all changes to schema are applied to the schema.user.xml file to ensure standard files, such as schema.core.xml, remain unchanged between releases, but can also be virtually modified by having the changes in schema.user.xml override default-shipped schema in schema.core.xml. If you are installing a manufacturer supplied schema in DSML form, identify this file in the second to last file in the list of schema files. This protects the distributed manufacturer file from modification while allowing local customization, which is then stored in schema.user.xml. The following is a list of the default schema files: ■ schema.core.xml ■ schema.cosine.xml ■ schema.inetorgperson.xml ■ schema.nis.xml ■ schema.dyngroup.xml ■ schema.java.xml ■ schema.diameter.xml ■ schema.eus.xml ■ schema.user.xml Enable Schema Checking Select the Enable Schema Check option to enable Oracle Virtual Directory to check LDAP entries for conformance against the schema definitions contained in the files listed in the Schema Files section. Oracle suggests disabling the Enable Schema Check option only when an external method of schema checking will be used.