This is intended for specific people
This is a very technical post, actually, it is for a friend of mine to help him resolve a problem and additianally, it remains a reference for me in the future when i needed. I trust hosting services for their storage reliability more that i trust my own disk, i claim that Oracle Documentation has syntax error
ORACLE Says
Considerations for 9.0.4.x Infrastructure: Access Control List Settings
Prior to the Oracle Internet Directory 10.1.2 implementation, access control list (ACL) features were not set up properly for JAZNAdminGroup. To use the Oracle Internet Directory 9.0.4 implementation with a 10.1.x OracleAS JAAS Provider implementation, place the following contents into a file, replacing %s_MgmtRealmDN% with the appropriate ID management realm (for example,
dc=us,dc=oracle,dc=com), then execute the steps that follow. dn: cn=JAZNContext,cn=Products,cn=OracleContext,%s_MgmtRealmDN%
changetype: modify
replace: orclaci
orclaci: access to entry
by group= "cn=JAZNAdminGroup,cn=Groups,cn=JAZNContext,cn=Products,cn=OracleContext"
(browse, add, delete)
by group= "cn=IASAdmins,cn=Groups,cn=OracleContext,%s_MgmtRealmDN%
added_object_constraint=(objectclass=orclApplicationEntity) (add, delete, browse)
by * (none)
orclaci: access to attr=(*)
by group= "cn=JAZNAdminGroup,cn=Groups,cn=JAZNContext,cn=Products,cn=OracleContext"
(search, read, write, compare)
by group= "cn=IASAdmins,cn=Groups,cn=OracleContext,%s_MgmtRealmDN%"
(read, search, write, compare)
by * (none)
Name the file with the .ldif extension, such as jaznacl.ldif.
Run the ldapmodify utility with the newly created file as input, specifying oidport, oidhost, adminuser_dn, password, and filename, as appropriate: % ldapmodify -c -a -p oidport -h oidhost -D adminuser_dn -w password \
-f filename.ldif
I SAY
replace the code in Blue with the following
note That each directive must finish without a new line
Copy and paste the syntax and change dc=PALCO,dc=com with your dc
dn:cn=JAZNContext,cn=Products,cn=OracleContext,dc=PALCO1,dc=com changetype: modifyreplace: orclaciorclaci: access to entry by group= "cn=JAZNAdminGroup,cn=Groups,cn=JAZNContext,cn=Products,cn=OracleContext"
(browse, add, delete) by group= "cn=IASAdmins,cn=Groups,cn=OracleContext,dc=train1,dc=com"
added_object_constraint= (objectclass=orclApplicationEntity) (add, delete, browse) by * (none)orclaci: access to attr=(*) by group=
"cn=JAZNAdminGroup,cn=Groups,cn=JAZNContext,cn=Products,cn=OracleContext" (search, read, write,compare) by
group= "cn=IASAdmins,cn=Groups,cn=OracleContext,dc=PALCO,dc=com" (read, search, write, compare) by * (none)
i used the ldapmodify command as follows
E:\oracle\infra\bin>ldapmodify -c -a -p 389 -h train1 -D "cn=orcladmin" -w manager1 -f c:\jaznacl.ldif
and it works
modifying entry JAZNContext,cn=Products,cn=OracleContext,dc=train1,dc=com
and it
Subscribe to:
Post Comments (Atom)
Getting Ref of the View Object referenced by the current Iterator binding for One iterator page without knowing the name of the iterator
Getting Ref of the View Object referenced by the current Iterator binding for One iterator page without knowing the name of the iterator ...
-
After years and year of debate, finally, we at REALSOFT will have two day weekend. That was not possible before due to the fact that our off...
-
This is a purely technical post , that i am writing primarily to remind myself about many issues that would face anyone trying to login to ...
No comments:
Post a Comment