Manualshelf

User Guide

ManualsBrandsOracle ManualsOtherH09993100
31323334353637383940
directories other than MSAD (SunONE, IBM Directory Server, Novell eDirectory, and
custom user directories) must be updated to the new identity attribute before Shared Services
can migrate users and groups from these user directories to the new attribute.
For example, assume that three MSAD user directories are configured on Shared Services.
Two are configured to use the new identity attribute
ObjectGUID, and the third is
configured to use the old identity attribute (
DN). In this scenario, users and groups are not
migrated until the third configuration also uses a unique attribute other than
DN.
Reverse migration is not supported. After migrating to the new unique identity attribute,
you cannot return to the previous identity attribute (
DN).
Hyperion recommends that you back up Native Directory database before migrating to the
new unique identity attribute. If you return to
DN as the identity attribute, you can restore
data from the backup.
If your Release 9.2.x user directory configuration uses an attribute other than DN, you must
upgrade to Shared Services Release 9.3.1.
Do not migrate to the unique identity attribute by using the Update Native Directory Utility
if you changed the attribute identified as
loginAttribute (using the Login field of the
User Configuration screen or by editing
CSS.xml). If you run the utility, provisioning data
of the users whose accounts are defined on the user directory for which the
loginAttribute is changed is deleted from Native Directory. You cannot recover the
deleted data; however, you can restore it from the latest backup.
Configuring Oracle Internet Directory, MSAD, and Other LDAP-
Enabled User Directories
Use the procedures in this section to configure any LDAP-enabled corporate user directory, such
as Oracle Internet Directory, MSAD, Sun Java System Directory Server, IBM Tivoli Directory
Server, or a custom user directory.
Note:
Existing Oracle Virtual Directories that are configured to use a database can be configured in
Shared Services as external LDAP providers.
To configure Oracle Internet Directory, MSAD and other LDAP-enabled user directories:
1 Launch User Management Console, as explained in “Launching User Management Console” on page 33.
2 Select Administration > Configure User Directories.
The Defined User Directories screen opens. This screen lists all user directories, including Native
Directory, that are already configured.
3 Click Add.
4 In Directory Type, select an option:
40
Configuring User Directories