5-32 Oracle WebLogic Communications Server Administration Guide 2. Browse the Entry Management tree to find: cn=Products,cn=OracleContext,dc=example,dc=com. The exact domain part dc=example,dc=com will depend on the domain that you created when you installed Oracle Internet Directory 3. A convenient way to create a new entry for OWLCS is to clone an existing product entry. Select the first entry under Products this is generally the Calendar entry and right-click on the Calendar entry and choose Create Like. In the resulting dialog: Replace Calendar entry in dn with WLCS. Enter WLCS for cn

4. Click OK.

5. Select the Products entry, right-click and choose Refresh SubTree Entries and make sure that a new product with name WLCS shows up under Products.

5.12.2.2 Install the Static Verifier

Use the ldapadd command-line tool to install the static verifier, as follows:

1. Set the environmental variable ORACLE_HOME to point to the ORACLE_HOME

of your OID installation

2. Create an ldif file containing the following lines again replace the domain parts

with your domain: dn: cn=WLCSVerifierProfileEntry,cn=WLCS,cn=Products,cn=OracleContext,dc=exam ple,dc=com objectclass:top objectclass:orclpwdverifierprofile cn:WLCSVerifierProfileEntry orclappid:wlcs orclpwdverifierparams;authpassword: crypto:SASLMD5 realm:example.com usernameattribute:uid 3. cd ORACLE_HOME 4. Run the command .binldapadd -D cn=orcladmin -w password of orcladmin user -f yourfile.ldif 5. In oidadmin, refresh the WLCS product entry by right-clicking on entry and choosing Refresh SubTree Entries. The WLCSVerifierProfileEntry should appear

5.12.3 Add a New Oracle WebLogic Communication Services

To add a new Oracle WebLogic Communication Services Instance:

1. Select the WLCS product entry you created, right-click and choose Create.

2. In the Distinguished Name dn field enter orclApplicationCommonName=WLCSInstance1,cn=WLCS,cn=Products,cn=OracleContext,dc =example,dc=com replacing the domain part with your domain

3. Under Object Classes, click Add.

Administering Security Features 5-33

4. Select the orclApplicationEntity. Click Select.

5. Click on the Optional Properties and populate the values of the following attributes: userpassword not authpassword - enter any password of your choice orclappfullname - enter Oracle Weblogic Communication Services description - enter Entry for Oracle Weblogic Communication Services Instance 6. Click OK. 7. Refresh the WLCS product by right-clicking the entry and choosing Refresh SubTree Entries and make sure that you see the new entry you just created

5.12.4 Grant Verifier Privileges to the Oracle WebLogic Communication Services Instance

To grant Verifier Privileges to the Oracle WebLogic Communication Services Instance: 1. Navigate to: cn=verifierServices,cn=Groups,cn=OracleContext,dc=example,dc=com entry replacing the domain part with your domain. 2. Click cn=verifierServices 3. In the right pane, scroll down to the uniquemember attribute. You might see an entry or two for the value of the attribute. Add orclApplicationCommonName=WLCSInstance1,cn=WLCS,cn=Products,cn=Oracl eContext,dc=example,dc=com replacing the domain part with your domainto the existing value of uniquemember attribute.

4. Click Apply.

5. Repeat above two steps for each instance of OWLCS For each instance of OWLCS that needs to communicate with OID, you need to repeat the above two steps Adding a new OWLCS instance and granting verifier privileges to the instance

5.13 Provisioning Users

To provision users, you have to first create a user, set required attributes for the user, create a group, and assign the new user to be a member of the group by doing the following:

5.13.1 Create a New User

See the OID manual for administrating users via oiddas. Alternatively, if you want to quickly create one test user you can use the oidadmin and clone the orcladmin user as follows: Navigate to cn=Users,dc=example,dc=com replacing the domain part with your domain

1. Right-click on cn=orcladmin and choose Create Like.

2. In the resulting dialog, do the following: Change orcladmin in the Distinguised Name attribute value to test.user1 Enter test.user1 for cn Enter test.user1 for sn 5-34 Oracle WebLogic Communications Server Administration Guide 3. Click on the Optional Properties tab Enter test.user1 for givenName Enter test.user1example.com for mail since this email address will be the users SIP address also, make sure you enter it in the form usernameyour-domain Change description to Test User for OWLCS Change orclSAMAccountName to test.user1 Enter test.user1 for uid Enter a password for this test user of your choice Enter true for orclIsVisible property this is important 4. Click OK.

5.13.2 Create a Group

If you want to run the ProxyRegistrar then all users must be members of the Location Service group. That group has to be created, as described below. The easiest way to add groups and add members to groups is via the OIDDAS web interface. Consult the OID documentation on how to create groups. Alternatively, you can create a new group by cloning an existing group using the oidadmin tool by doing the following: 1. Browse to Entry Management tree until you get to cn=Groups,dc=example,dc=com replacing the domain part with your domain

2. Right-click on an existing Group such as OCS_Portal_Users and choose Create

Like . 3. Set the Distinguished Name dn to cn=Location Service,cn=Groups,dc=example,dc=com change OCS_Portal_Users to Location Service 4. Enter Location Service for cn.

5. Click on the Optional Properties tab.

6. For the description, enter Location Service Role for OWLCS. 7. Enter Location Service for displayName.

8. Click OK.

9. Click on cn=Groups and choose Refresh SubTree Entries and make sure you see the new group.

5.13.3 Assign Group Memberships to Users

As already mentioned, if you want to run the ProxyRegistrar then all OWLCS users must be members of the Location Service group created above. To add a user to the new Location Service group, do the following: 1. Click on the new Location Service group you created. You will find the group in the Entry Management tree at cn=Location Service,cn=Groups,dc=example,dc=com replace domain part with your domain 2. In the pane on your right, scroll down to uniquemember attribute and add cn=test.user1,cn=Users,dc=example,dc=com to any existing entries replace domain part with your domain.