Thursday, August 28, 2008

Oracle 10g SSO Integration with E-Biz 11.5.10.2 - Implementation-4

As a next step we have to configure External Authentication Plug-In:
User passwords are maintained in Active Directory. For every AD user in enterprise LDAP directory the synchronization connector will maintain a shadow entry in Oracle Internet Directory of the type “orclADUser”.
For such users Oracle Internet Directory will need to forward authentication request to Active Directory.
On the host where OID component is installed execute the following command:
$OH/bin/dipassistant ea \
-h \
-p \
-D cn=orcladmin \
-w \
-t AD

The following configuration parameters need to be set:

· Active Directory host and port number – AD LDAP host and port,
· Active Directory failover configuration - Secondary AD LDAP host and port,
· Invocation Naming Context – OID user container
. Second failover Activer Directory - If you have.

Once this is done, you can test https://hostname.domainname.com:389/pls/orasso and login with your AD username and password and you will be able to login. Vola Setup is done for OID and AD Integration. Now in next note we will do the setup at Ebiz Apps end to register that with Patner Application with OID.

Happy Troubleshooting !!!

2 comments:

Mariana Angelova said...

Thanks Sundeep,

Extremely helpful! I couldn't find anything comparable to your complete solution, neither in Oracle Metalink

I have a few questions:
* Is this a Java-based alternative of the plug-ins created via:
$ORACLE_HOME/ldap/admin/oidspadi.sh

as suggested in How to Configure OID External Authentication Plug-In for Authentication Via Microsoft Active Directory (MS AD) [ID 277382.1] ? Thus ignoring what's in Note 277382.1 ?!?

* The port in the test URL is it 389 or the Apache port for the SSO server actually?

Thanks in advance
Kind regards
Mariana Angelova

Sundeep Dubey said...

Hi Mariana,
Glad it helped you. See port 389 will be used in case you want to test something specifically for 10g iAS components. Rest all if you integrated then Apache port will be used.


Thanks
Sundeep