Resolving Oracle Names from OpenLDAP (or replacing the Oracle Internet Directory)


This paper (HOWTO) describes the steps how to set resolving of Oracle Names from OpenLDAP.

This paper covers following steps:

Pre-Instalation Tasks

1. Download the OpenLDAP sources (openldap-2.2.17.tgz file) from http://www.openldap.org/software/download/
2. Check whether required (gdbm and gdbm-devel) packages are installed
$ rpm -qa | grep gdbm

Installing OpenLDAP Software

$ sign means OS command from nonsuper user account.
# sign means OS command from root user.
$ tar xvzf openldap-2.2.17.tgz
$ cd openldap-2.2.17
$ ./configure --prefix=/usr/local/openldap --enable-ldbm
$ make depend
# make install


After this step the OpenLDAP software was installed in /usr/local/openldap directory.

Configuration of OpenLDAP

Main configuration file (slapd.conf) is located in etc directory under the base OpenLDAP directory. This paper does not provide the steps for OpenLDAP configuration so use the sample configuration file instead. When the dowloading is finished you should issue the following command from your shell.

cp slapd.conf /usr/local/openldap/etc/openldap/

For detailed informations about installation and configuration of OpenLDAP software reffer to http://www.openldap.org or http://www.ldap-obssesion.sk site.

Schema file and Initial loading

Schema file provides the structure of LDAP tree. There are all object classes, elements, constraints and syntax of values defined. There is a sample schema file (oraclenet.schema) prepared for the OracleNet purposes. OracleNet schema file is defining the following attributes: You could download the schema file here.
When the downloading is finished you should issue the following command from your shell.

cp oraclenet.schema /usr/local/openldap/etc/openldap/schema/

Now our LDAP is configured and we should start it. To start the OpenLDAP server execute the following command from your OS shell.

/usr/local/openldap/libexec/slapd -h ldap://:389 -f /usr/local/openldap/etc/openldap/slapd.conf

Use the netstat utility to check wheter LDAP server is listening on port 389.

netstat -an | grep LISTEN

When the LDAP server is running you need make the initial loading. Assume that you have two domains for your databases named as .world and .us.acme.com so you need to create the top entries for this domains. I have prepared the sample LDIF file for this case named as initial.ldif and the content is as following:
dn: dc=world
objectClass: dcObject
objectClass: organization
dc: world
o: world

dn: cn=Manager,dc=world
objectClass: organizationalRole
cn: Manager

dn: cn=OracleContext,dc=world
objectClass: organizationalRole
cn: OracleContext

dn: dc=com
objectClass: dcObject
objectClass: organization
dc:: c2sg
o:: c2sg

dn: dc=acme,dc=com
objectClass: dcObject
objectClass: organization
dc: acme
o:: c2sg

dn: cn=Manager,dc=acme,dc=com
objectClass: organizationalRole
cn: Manager

dn: cn=OracleContext,dc=acme,dc=com
objectClass: organizationalRole
cn: OracleContext

dn: dc=us,dc=acme,dc=com
objectClass: dcObject
objectClass: organization
dc: isp
o: isp

dn: cn=OracleContext,dc=us,dc=acme,dc=com
objectClass: organizationalRole
cn: OracleContext


When the downloading is finished you should execute the following command from command line.

/usr/local/openldap/bin/ldapadd -x -h 127.0.0.1 -p 389 -b "cn=manager,dc=acme,dc=com" -w secret -f ./inital.ldif

Managing of entries

Assume that you have the development database named aphrodite and belongs to .world domain. IP address is 10.1.1.1 and listener is listening on port 1521. In this case the entry in LDIF format will be as following:

dn: cn=aphrodite,cn=OracleContext,dc=world
objectclass: top
objectClass: organizationalRole
objectclass: orclNetService
cn: aphrodite
orclnetdescstring: (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=10.1.1.1)(PORT=1521)))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=aphrodite)))
orclnetdescname: 000:cn=DESCRIPTION_0
orclVersion: 9.2.0.5
creatorname: Ivan Kartik
Description: Development DB


As we can see orclenetdescstring is same such as desctription string in tnsnames.ora