caption { text-align:left; } td { white-space:nowrap } th { white-space:nowrap border: 1px solid black; background-color: #404040; color: white; } thead {...
caption { text-align:left; } td { white-space:nowrap } th { white-space:nowrap border: 1px solid black; background-color: #404040; color: white; } thead { white-space:nowrap text-align:left } Introduction Implementing SSSD (System Security Services Daemon) seems to be a popular topic. I wrote a 4 part series on SSSD that covers things such as the architecture, LDAP requirements, installation step-by-step guidelines, and troubleshooting tips along with a specific article on...
caption { text-align:left; } td { white-space:nowrap } th { white-space:nowrap border: 1px solid black; background-color: #404040; color: white; } thead { white-space:nowrap text-align:left }...
Introduction In Part 3 of 4 – SSSD Linux Authentication: Implementation Step-by-Step Guideline I covered all the necessary step-by-step details on deploying...
Introduction In Part 3 of 4 – SSSD Linux Authentication: Implementation Step-by-Step Guideline I covered all the necessary step-by-step details on deploying SSSD, but nothing ever seems to go perfect the first time does it. This is why I have included a final Part 4 that covers known problems I came across, though there could be more, and then troubleshooting tips I learned. These are all things I learned and want to share with you so that your SSSD implementation is...
Introduction In Part 3 of 4 – SSSD Linux Authentication: Implementation Step-by-Step Guideline I covered all the necessary step-by-step details on deploying SSSD, but nothing ever seems to go perfect...
Introduction In Part 2 of 4 – SSSD Linux Authentication: LDAP Identity Store Requirements all the aspects of the LDAP Identity Store requirements were covered....
Introduction In Part 2 of 4 – SSSD Linux Authentication: LDAP Identity Store Requirements all the aspects of the LDAP Identity Store requirements were covered. And before that in article Part 1 of 2 - SSSD Linux Authentication: Introduction and Architecture I covered an introduction and high-level architecture of SSSD, which will be very important for this article. Finally, in Part 3, I will cover all the necessary steps to implement SSSD in order to support the goals pointed...
Introduction In Part 2 of 4 – SSSD Linux Authentication: LDAP Identity Store Requirements all the aspects of the LDAP Identity Store requirements were covered. And before that in article Part 1 of 2 -...
Introduction In Part 1 of 4 - SSSD Linux Authentication: Introduction and Architecture I covered an introduction on SSSD and an architecture overview with...
Introduction In Part 1 of 4 - SSSD Linux Authentication: Introduction and Architecture I covered an introduction on SSSD and an architecture overview with details on the flow of how it all works. In this part I am going to cover the LDAP Identity Store details required for SSSD. LDAP Identity Store Schema Requirements for SSSD A UNIX user account typically requires a uid, a gid, a home directory, a login shell, and a password. Minimally, a uid (User ID) and gid (Group ID)...
Introduction In Part 1 of 4 - SSSD Linux Authentication: Introduction and Architecture I covered an introduction on SSSD and an architecture overview with details on the flow of how it all works. In...
Introduction This article provides the details needed to solve a real use case used to allow a user to authenticate to an Oracle Public Cloud Linux server in...
Introduction This article provides the details needed to solve a real use case used to allow a user to authenticate to an Oracle Public Cloud Linux server in SaaS using a single or multiple LDAP Identity store that could be Active Directory 2012R2 (AD) or better, Oracle Internet Directory (OID), Oracle Unified Directory (OUD), Oracle Directory Services Enterprise Edition (ODSEE), or OpenLDAP. The use case stems from the need to authenticate and authorize users to OPC Linux...
Introduction This article provides the details needed to solve a real use case used to allow a user to authenticate to an Oracle Public Cloud Linux server in SaaS using a single or multiple...
This post is about OUD and extremely large static groups where membership numbers exceed hundreds of thousands or even millions; yes I said millions. I have...
This post is about OUD and extremely large static groups where membership numbers exceed hundreds of thousands or even millions; yes I said millions. I have been using Directory Services for over 15 years and the response I typically have for a customer that wants to use very large static groups is don't do it. Then I steer them into dynamic groups or even suggest leveraging attributes from user entries. In fact OUD has a great feature unique to itself called Virtual...
This post is about OUD and extremely large static groups where membership numbers exceed hundreds of thousands or even millions; yes I said millions. I have been using Directory Services for over 15...
If you have been using Oracle’s Identity Management software for at least the last few years you will probably be familiar or at least heard of OVD (Oracle...
If you have been using Oracle’s Identity Management software for at least the last few years you will probably be familiar or at least heard of OVD (Oracle Virtual Directory), which was originally acquired back in 2005 from a company called OctetString. OVD provides a vast number of great virtual features used to aggregate multiple backend data stores and present LDAP consumers a single unified Directory Server. Beginning with OUD version 11.1.2.1.0, there have been a number...
If you have been using Oracle’s Identity Management software for at least the last few years you will probably be familiar or at least heard of OVD (Oracle Virtual Directory), which was...
Introduction I am always looking for great tips that give big values; this one is no exception. This article is to help you understand how to tweak the index...
Introduction I am always looking for great tips that give big values; this one is no exception. This article is to help you understand how to tweak the index called “Index Entry Limit” to reap some dramatic ldapsearch performance improvements. I explain what this index is about, some of my own test results, how to determine the correct value, and finally how to make the index change to your OUD instance. This will be a tip you will definitely want to add to your OUD Ninja...
Introduction I am always looking for great tips that give big values; this one is no exception. This article is to help you understand how to tweak the index called “Index Entry Limit” to reap some...
Introduction In Part 1, we looked at the initialization of libOVD at server startup. Now let's examine what happens inside libOVD when you actually click on the...
Introduction In Part 1, we looked at the initialization of libOVD at server startup. Now let's examine what happens inside libOVD when you actually click on the login button in BPM Workspace. Again, we are looking at BPM 11g PS5 BP7 with Patch 17315336. The Workspace login is a two step process. The first step is checking the username and password against the LDAP. This step is performed in WLS security layer rather than the JPS layer. This means even if you turn on tracing...
Introduction In Part 1, we looked at the initialization of libOVD at server startup. Now let's examine what happens inside libOVD when you actually click on the login button in BPM Workspace. Again,...
