User's Manual
Prerequisites for Performing Migration
Using the User Migration Utility G-9
Required Directory Privileges
In addition to the required database privileges, enterprise user administrators must
have the directory privileges which allow them to perform the following tasks:
■ Create entries in the directory under the specified user base and Oracle context
location
■ Browse the user entries under the search bases
Required Setup to Run the User Migration Utility
Perform the following steps before using the User Migration Utility:
1. Ensure that the directory server is running with SSL enabled for no
authentication.
2. Ensure that the database server is running with encryption and integrity
enabled.
3. Ensure that the database listener has a TCP listening endpoint.
4. Create an identity management realm in the directory, if it does not already
exist.
5. Create the parent context for the user entries in the directory, if it does not
already exist. The default (and recommended) location is in the cn=users
subtree in the identity management realm.
6. Set up directory access for the database Oracle home by using Oracle Net
Configuration Assistant to create an ldap.ora file. Note that the ldap.ora
file must include the identity management realm DN so the utility can locate
the correct administrative context. The utility searches for this file under
$LDAP_ADMIN, $ORACLE_HOME/ldap/admin, $TNS_ADMIN, $ORACLE_
HOME/network/admin, and,finally, the Domain Name System (DNS) server, if
you are using DNS discovery. (See Oracle Internet Directory Administrator's Guide
for information about DNS server discovery.)