Setting up OID (LDAP) for TNS Service Resolution

Posted at Sunday, June 08, 2008
Here are the steps for configuring OID/LDAP to use for your Net Service (TNS) resolution.

This example assumes that you already have an LDAP directory available for use, in my case Oracle Internet Directory (OID) installed as part of OracleAS Infrastructure/Identity Management. Additionally, this example does not cover SSL.

Launch the Net Configuration Assistant

# export DISPLAY=192.168.1.3:0.0
# netca


Set-up the Directory Usage Configuration











At this point, you should have a properly configured directory file similar to the following:

ldap.ora

DIRECTORY_SERVERS= (rac2.colestock.test:389:636)

DEFAULT_ADMIN_CONTEXT = "dc=colestock,dc=test"

DIRECTORY_SERVER_TYPE = OID

Configure your Oracle Naming Configuration. In my case, I will use my OID (LDAP) directory as my primary lookup service; if it fails, the tnsnames.ora will be used.







At this point, your sqlnet.ora file should be properly configured for OID (LDAP) use:

sqlnet.ora

NAMES.DIRECTORY_PATH= (LDAP, TNSNAMES)

Import your Database Services, etc. into your OID (LDAP) Directory via Oracle Network Manager

# export DISPLAY=192.168.1.3:0.0
# netmgr












Manually confirm that the entries are present via a manual search of LDAP:

# ldapsearch -h rac2 -p 389 -D cn=orcladmin -w password -b "cn=OracleContext,dc=colestock,dc=test" -s one "objectclass=orclNetService" orclnetdescstring


cn=LDG,cn=OracleContext,dc=colestock,dc=test
orclnetdescstring=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.101)(PORT=1525)))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=ldg.colestock.test)))

cn=EM,cn=OracleContext,dc=colestock,dc=test
orclnetdescstring=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=rac1-vip)(PORT=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=rac2-vip)(PORT=1521))(LOAD_BALANCE=yes))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=em.colestock.test)(FAILOVER_MODE=(TYPE=SELECT)(METHOD=BASIC)(RETRIES=180)(DELAY=5))))

cn=STDBY,cn=OracleContext,dc=colestock,dc=test
orclnetdescstring=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.102)(PORT=1525)))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=stdby.colestock.test)))

cn=STANDBY,cn=OracleContext,dc=colestock,dc=test
orclnetdescstring=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.1.102)(PORT=1525)))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=stdby.colestock.test)))

cn=EM2,cn=OracleContext,dc=colestock,dc=test
orclnetdescstring=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=rac2-vip)(PORT=1521)))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=em.colestock.test)(INSTANCE_NAME=em2)))

cn=EM1,cn=OracleContext,dc=colestock,dc=test
orclnetdescstring=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=rac1-vip)(PORT=1521)))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=em.colestock.test)(INSTANCE_NAME=em1)))


Confirm SQLNet's use of the OID (LDAP) via a tnsping:

# tnsping EM

Used parameter files:
/u01/app/oracle/product/10.2/network/admin/sqlnet.ora

Used LDAP adapter to resolve the alias
Attempting to contact (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=rac1-vip)(PORT=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=rac2-vip)(PORT=1521))(LOAD_BALANCE=yes))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=em.colestock.test)(FAILOVER_MODE=(TYPE=SELECT)(METHOD=BASIC)(RETRIES=180)(DELAY=5))))
OK (0 msec)


Labels: ,