Home > Identity Manager, Oracle MiddleWare > Oracle Internet Directory (OID) Synchronization with Active Directory for Enterprise User Security – Part 1

Oracle Internet Directory (OID) Synchronization with Active Directory for Enterprise User Security – Part 1


This blog post outlines the step-by-step configurations to be made at Active Directory (AD) side and on the Oracle Internet Directory (OID) for the synchronization of identities from Active Directory to OID. Intentionally I split it into multiple blog posts for the configuration…

Following are the salient features of this integration:

  • Synchronization is only from Active Directory to OID i.e. changes made at OID will not be reflected on Active Directory
  • Create of a new user in the Active Directory would be reflected on to OID
  • For the synchronization to start, Administrator has to trigger a change password request for all the users of interest

High-Level Configurations to be made on Active Directory:

  • Install Oracle Password Filter, with comes with Oracle Identity Management 11gR2 Patch.
  • If AD machine is 64 bit then go into Utils –> adpwdfilter –> 64 bit –>setup.exe
  • If AD machine is 32 bit then go into Utils –> adpwdfilter –> setup.exe
  • Create SSL connection between OID and AD, with OID as server and AD as client. Add certificate of OID into AD’s trust store

High-Level Configuration to be made on OID:

  • Configure a new OID instance (don’t disturb the default OID instance that runs on 3060)
  • Configure SSL Authentication Server Mode:2 for the newly created OID instance
  • Configure synchronization profile using Oracle Directory Integration Platform
  • Test the synchronization profile to see that uid and userpassword attributes are replicated at OID

High-Level design diagram for Active Directory – Oracle Internet Directory one-way synchronization:

Next blog post is about how to configure new OID Instance

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: