cn=Directory Manager access through the proxy

Many DPS users reported the following problem: Bind requests as cn=Directory Manager fails when the proxy is deployed.

DPS analyses the bind dn to route the request to the data view holding the target dn. In many configuration, there is no data view candidate configured to hold the cn=directory manager suffix.

There are 2 ways to address the problem: Either create a additional data view with view base set to "cn=directory manager" or use "implicit" routing with a data view with an empty ("") view base. The latter solution is simple and also user-friendly in the sense the proxy does not need to know about the list of suffixes exposed by the directory.  Note that a "root data view" with empty dn is created by default when a DPS instance is created, but the data source pool associated with it is left empty, so if you plan to use it, don't forget to add at least one data source to that pool.



Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About


I am Sylvain Duloutre, I work as a Software Architect in the Oracle Directory Integration Team, the customer-facing part of Directory Services & Identity Management Product Development, working on Technical Field Enablement.

The views expressed on this blog are my own and do not necessarily reflect the views of Oracle.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
9
10
11
12
13
14
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today