Manualshelf

User Guide

ManualsBrandsOracle ManualsOtherH09993100
31323334353637383940
“Deleting User Directory Configurations” on page 54
“Managing User Directory Search Order” on page 54
“Setting Global Parameters” on page 57
Using the Unique Identity Attribute to Handle Inter-OU Moves in
LDAP-Enabled User Directories
Native Directory, the default user directory for Hyperion products, maintains a link to
provisioned users and groups defined in external user directories. When the following actions
take place in an LDAP-based user directory including MSAD, these links are broken, creating
stale data in Native Directory and causing loss of access to Hyperionapplications.
Users and groups are moved across Organizational Units (OU).
Multiple users or groups are assigned identical common name (CN).
CN of provisioned users or groups are modified.
Shared Services resolves this issue by using a unique identity attribute that identifies user
directory users and groups without reference to the location of their accounts.
Caution!
Before migrating to the unique identity attribute, you must clean the stale data, if any, in Native
Directory by running the Update Native Directory Utility utility. See Chapter 9, “Using the
Update Native Directory Utility to Clean Stale Native Directory Data” for detailed information.
Support for inter-OU moves can be implemented while you configure LDAP-enabled user
directories (see “Configuring Oracle Internet Directory, MSAD, and Other LDAP-Enabled User
Directories” on page 40).
Planning the Migration to the Unique Identity Attribute
You must migrate users and groups to the new unique identity attribute only if you face any of
the following scenarios in your MSAD or other LDAP-based user directories, which create
broken links and stale data in Native Directory.
You moved users and groups across OUs.
You have multiple users or groups with identical CN.
You modified the CN of users or groups.
Because migrating to the new unique identity attribute affects all Hyperion products, plan the
migration to minimize application downtime.
38
Configuring User Directories