1.Verify that your OID server will let you communicate with the Active Directory Server
[oracle@dev-oid-01 logs]$ cd $ORACLE_HOME/bin
[oracle@dev-oid-01 bin]$ ./ldapbind -h dr-rootdc-dev1 -p 389 -D "CN=pnhai,CN=Users,dc=vietin,dc=vn" -w Az123456
bind successful
2. Run the ldapsearch to obtain the last change number on Active Directory.
[oracle@dev-oid-01 bin]$ ./ldapsearch -h dr-rootdc-dev1 -p 389 -D "CN=pnhai,CN=Users,dc=vietin,dc=vn" -w Az123456 -b "" -s base "objectclass=*" highestCommittedUSN
highestCommittedUSN=773131
3. Verify that you can read the 'container' of directory entries that you wish to synchronize from AD
[oracle@dev-oid-01 bin]$ ./ldapsearch -h dr-rootdc-dev1 -p 389 -D "CN=pnhai,CN=Users,dc=vietin,dc=vn" -w Az123456 -b "OU=ANHT,dc=vietin,dc=vn" -s base "objectclass=*"
4. Verify that you can read an entry within the 'container' of directory entries that you wish to synchronize from AD:
[oracle@dev-oid-01 bin]$ ./ldapsearch -h dr-rootdc-dev1 -p 389 -D "CN=pnhai,CN=Users,dc=vietin,dc=vn" -w Az123456 -b "CN=dev1,OU=ANHT,dc=vietin,dc=vn" -s base "objectclass=*"
5. Login to FMW Enterprise Manager console with weblogic user.
configuration DIP.
Note: Do not enable the profile at this stage.
6. Bootstrap the users using the command line tool
[oracle@dev-oid-01 bin]$ /u01/app/oracle/Middleware/Oracle_IDM1/bin/syncProfileBootstrap -h 10.6.144.245 -port 7005 -D weblogic -profile AD_to_OID -lp 5
[Weblogic user password]
Connection parameters initialized.
Connecting at 10.6.144.245:7005, with userid "weblogic"..
Connected successfully.
The bootstrap operation completed, the operation results are:
entries read in bootstrap operation: 33
entries filtered in bootstrap operation: 0
entries ignored in bootstrap operation: 0
entries processed in bootstrap operation: 23
entries failed in bootstrap operation: 10
7. Verify that all the AD users were pulled into OID according to mapping rules
8. Enable the profile using either FMW EM Console or via the command line tool.
No comments:
Post a Comment