Oracle Unified Directory

&

Oracle Internet Directory

Contents1. Oracle Unified Directory................................................................................................................3

Key capabilities:...................................................................................................................................3

Hardware Requirements.....................................................................................................................4

Operating System Requirements........................................................................................................5

2. Oracle Internet Directory............................................................................................................6

Key Capabilities....................................................................................................................................6

Hardware Requirements.....................................................................................................................6

Memory Requirements........................................................................................................................7

3. Difference between OUD and OID...............................................................................................7

1. Oracle Unified Directory OUD is one of a new directory product from Oracle as part of the Fusion Middleware Identity Management. OUD comes with Oracle Directory Services Plus (ODS Plus) suite. It is designed for performance (fast reads and writes), scalability (vertical and horizontal), ease of use, robust availability, extensibility (numerous plug-in points), security, and maintenance. “Unified” means it combines the services of a virtual directory, meta directory and data storage capability. OUD is pure Java based all-in-one directory solution for multiple platform support.

Oracle Unified Directory 11g Release 1 (11.1.1) can function in one of the three modes:

As an LDAP directory server, this contains data.

As an LDAP proxy server, where the server acts as an interface between the client and the directory server that contains the data.

As a replication gateway between Oracle Unified Directory and Oracle Directory Server Enterprise Edition.

Key capabilities:

There is no separate Oracle Database requirement for OUD (unlike Oracle Internet Directory).

OUD is a J2SE application that runs in JVM and does not require J2EE container.

Replication gateway for ODSEE, which is aimed for deployments with ODSEE to migrate to the OUD easily.

Oracle DIP provides functionality to synchronize data from one LDAP Directory to another, such as Active Directory (also from database to the LDAP Directory). Oracle DIP was already available earlier. Now, DIP is supported in OUD as well. It synchronizes data from other authoritative sources such as LDAP and databases:

o Keep data and groups synchronized between LDAP servers including OID, DSEE and Microsoft Active Directory

o Keep passwords synchronized between Microsoft Active Directory and OUD

o Keep passwords synchronized between external LDAP and OUD

o Synchronize between OUD and Databases

o Translate attributes and data between OUD and authoritative source

Adding multi-million entries to the existing base is as simple as including a configuration entry and the system distributes the additional entries automatically.

Global indexing capability routes the requests to servers that is physically holding the entry.

As per Oracle’s claims OUD provides “5 times write” and “3 times read” performance.

OUD does not require ODSEE as a pre-requisite. ODSEE is required only if used in conjunction with OVD.

Hardware Requirements

On Solaris systems, the operating system should be configured to have at least twice as much virtual memory as JVM heap. To achieve this, you might need to increase the size of the operating system swap space.

The system should also have enough disk space to store the generated log files. The server log files can consume up to 1 GB of disk space with default server settings. In replicated environments, the change log database can grow up to 30-40 GB with loads of 1000 mods/sec.

Oracle Unified Directory can be configured in such a way that it uses substantially less, or more, disk space depending on your application and performance needs. Any setup considerations must determine the amount of memory for the server's database and log files.

As a general guideline, the following hardware is recommended:

Hardware Component

Requirement

RAM Evaluation purposes: At least 256 MB of free memory for a small database.Production: Minimum of 2 GB.

Note - For large databases or large global index catalogs that require more than 4 GB of RAM, your system should use 64–bit architectures.

Local disk space

Evaluation purposes: For a small database and sufficient space for log files, your system should have at least 100 MB of free local disk space. Preferably, you should have at least 1 GB of disk space.Production: For a typical production deployment with a maximum of 250,000 entries and no binary attributes, such as images, 4 GB of disk space might be sufficient for the database only. You might need an additional 1 GB of disk space for log files. You need to determine disk space for the change log

database (DB), which is dependent on the load (updates per second) and on the replication purge delay (that is, the time the server should keep information about internal updates). The change log DB can grow up to 30-40 GB with loads of 1000 modifications per second.

When you use global index replication, ensure that you have enough disk space for the replication change logs. By default, the change log stores changes from the last 24 hours. The configuration should be based on the expected size of the service. For example, you would need 150 GB for 5000 modify/seconds.

The directory server does not support databases and logs installed on NFS-mounted file systems. Sufficient space should be provided for the database on a local file system, for example, in /var/opt or /local on UNIX or Linux machines.

Operating System Requirements

The following table outlines the operating system requirements.

Item RequirementOperating System TCP/IP Ports

The directory server uses the following ports by default: Administration connector, default port 4444

LDAP, default port 389

LDAPS, default port 636

SNMP, default port 161 if configured

JMX, default port 1689

Replication port 8989

The ports can differ between root and non-root users for some protocols.

File Descriptor Limits

On some Linux systems, the default file descriptor limit is set to 1024. This value might be too small when processing the total number of client connections, database files, and log files that the directory server requires to operate. It is strongly advised to increase the file descriptor limit to 64K or (65536 field descriptors).

2. Oracle Internet Directory OID is a complete directory service based on the Lightweight Directory Access Protocol (LDAP). OID combines the capabilities of a directory service with the power and security of the Infrastructure repository Oracle database.

Key Capabilities

OID provides the ability to store multiple contexts, thus disparate data can be managed in a single service.

OID is able to scale to extremely large deployments on less hardware with high performance.

OID is the most secure directory service providing security at every level from data in transit to storage and backups. In addition to LDAP security, it leverages Oracle database security features like Database Vault and Transparent Data Encryption. Database Vault enables separation of duty (SOD) while Transparent Data Encryption secures data in storage and backup.

OID provides several layers of high availability (HA) to ensure maximum availability.

OID provides un-paralled ease of use for general purpose directory storage via Oracle Directory Services Manager (ODSM).

Hardware Requirements

Category Minimum or Accepted Value

Platform UNIX:

Solaris 9, Solaris 10 HP-UX 11i (11.23), HP-UX 11i (11.31)

Oracle Enterprise Linux 4, Oracle Enterprise Linux 5, Red Hat Linux 4,

Category Minimum or Accepted Value

Red Hat Linux 5, SUSE 10

IBM AIX 5.3, IBM AIX 6.1

Windows:

Windows XP SP2 (Win32 platforms only), Windows 2003, Windows 2008, Windows Vista

Temp Space

At least 150MB

Swap Space

At least 512MB

Memory Requirements

Operating System Minimum Physical Memory Minimum Available Memory

Linux 2 GB 1 GB

UNIX 2 GB 1 GB

Windows 2 GB 1 GB

3. Difference between OUD and OID Below are few differences between OUD and OID:

OID is based on an external Oracle database, and OUD is based on an embedded Berkeley database.

Scalability wise, they have different approaches to support extremely large deployments, OID provides monolithic scalability in a single DIT and even leverages ExaData for large scale deployments, while OUD provides horizontal scalability by adding more instances with data partition and global index for performance and scalability on commodity hardware.