6-12 Oracle Fusion Middleware Administrators Guide for Oracle Directory Integration Platform EmployeeNumber: : : :employeenumber: :inetOrgperson EMail: : : :mail: :inetOrgperson TelephoneNumber1: : : :telephonenumber: :person TelephoneNumber2: : : :telephonenumber: :person TelephoneNumber3: : : :telephonenumber: :person Address1: : : :postaladdress: :person state: : : :st: :locality street1: : : :street: :locality zip: : : :postalcode: :locality town_or_city: : : :l: :locality Title: : : :title: :organizationalperson Sex: : : :sex: :person As described earlier, the mapping file consists of keywords and a set of domain and attribute mapping rule entries. The mapping file in this example contains the domain rule NONLDAP:dc=myCompany,dc=com:cn=,dc=myCompany,dc=com. ■ This rule implies that the source domain is NONLDAP—that is, there is no source domain. ■ The destination domain :dc=myCompany,dc=com implies that all the directory entries this profile deals with are in the domain dc=myCompany,dc=com. Be sure that the domain exists before you start synchronization. ■ The domain mapping rule :uid=,dc=myCompany,dc=com implies that the data from the source refers to the entry in the directory with the DN that is constructed using this domain mapping rule. In this case, uid must be one of the destination attributes that should always have a non null value. If any data corresponding to an entry to be synchronized has a null value, then the mapping engine assumes that the entry is not valid and proceeds to the next entry. To identify the entry correctly in the directory, it is also necessary that uid is a single value. ■ In the case of the tagged file, the source entry does not have an object class to indicate the type of object to which it is synchronizing. Note that the SrcObjectClass field is empty. ■ Every object whose destination is Oracle Internet Directory must have an object class. ■ Note that email is specified as a required attribute in the sample mapping file. This is because the uid attribute is derived from the email attribute. Successful synchronization requires the email attribute to be specified in all changes specified in the tagged file as follows: Email : 1 : : :uid : : person : truncemail,’’ ■ In some cases, the RDN of the DN needs to be constructed by using the name of a multivalued attribute. For example, to construct an entry with the DN of cn=,l=,dc=myCompany,dc=com, where cn is a multivalued attribute, the DomainMappingRule can be in this form: rdn,l=,dc=myCompany,dc=com where rdn is one of the destination attributes having a non null value. A typical mapping file supporting this could have the following form: DomainRules NONLDAP:dc=us,dc=myCompany,dc=com:rdn,l=,dc=us,dc=myCompany,dc=com AttributeRules firstname: : :cn: :person email : : : :cn: :person: truncemail, email : 1: : :rdn: :person: cn=+truncemail, Configuring Directory Synchronization 6-13 firstname,lastname: : : :cn: :person: firstname+,+lastname lastname,firstname: : : :cn: :person: lastname+,+firstname firstname,lastname: : : :sn: :person: lastname | firstname EmployeeNumber: : : :employeenumber: :inetOrgperson EMail: : : :mail: :inetOrgperson TelephoneNumber1: : : :telephonenumber: :person TelephoneNumber2: : : :telephonenumber: :person TelephoneNumber3: : : :telephonenumber: :person Address1: : : :postaladdress: :person Address1: : : :postaladdress: :person Address1: : : :postaladdress: :person state: : : :st: :locality street1: : : :street: :locality zip: : : :postalcode: :locality town_or_city: 2 : : :1: :locality Title: : : :title: :organizationalperson Sex: : : :sex: :person

6.4.6 Example: Mapping Files for an LDIF Interface

Sample integration profiles are created as part of the Oracle Directory Integration Platform installation. The property files used to created the sample integration profiles are located in the ORACLE_HOMEldapodisamples directory. The following is an example of a sample import mapping file: Sample Import Mapping File DomainRules dc=mycompany.oid,dc=com:dc=mycompany.iplanet,dc=com AttributeRules Mapping rules to map the domains and containers o: : :organization: o: :organization ou: : :organizationalUnit: ou: : organizationalUnit dc: : :domain:dc: :domain Mapping Rules to map users uid : : :person: uid: :inetOrgperson sn: : :person:sn: :person cn: : :person:cn: :person mail: :inetorgperson: mail: :inetorgperson employeenumber: :organizationalPerson: employeenumber: :organizationalperson c: : :country:c: :country l: : :locality: l: :locality telephonenumber: :organizationalPerson: telephonenumber: :organizationalperson userpassword: : :person: userpassword: :person uid: : :person: orcldefaultProfileGroup: :orclUserV2 Mapping Rules to map groups cn: : :groupofuniquenames:cn: :groupofuniquenames member: : :groupofuniquenames:member: :orclgroup uniquemember: : :groupofuniquenames:uniquemember: :orclgroup owner: : :groupofuniquenames:owner: :orclgroup userpassword: :base64:userpassword: :binary: Notice, in the preceding example that both the source domain and destination domain are specified in the Domain Mapping rule section. In this example, the source and the destination domains are the same. However, you can specify a different destination domain, provided the container exists in the destination directory. Also notice, in the preceding example, that the attribute rules are divided into two sections: user attribute mapping rules and group attribute mapping rules. Specifying