Feature Description
Integrate Oracle Unified Directory (OUD) management capabilities into OraDBA, providing OUDBase-inspired functionality for OUD environment setup, configuration, instance management, and daily operations.
Problem Statement
Current limitations:
- OraDBA focuses only on Oracle Database, not OUD
- No standardized OUD environment management
- Manual OUD instance setup and configuration
- No OUD-specific scripts or aliases
- Missing integration between database and directory services
- No centralized OUD operations management
- Difficult to manage multiple OUD instances
- No OUD version management
Background
Oracle Unified Directory (OUD) is Oracle's LDAP directory service, commonly used for:
- Enterprise user authentication
- Identity management
- Oracle Fusion Middleware integration
- Database external authentication
- Centralized access control
OUDBase is a management framework (similar to BasEnv/TVDBasEnv for databases) that provides:
- OUD environment variables
- Instance management scripts
- Configuration templates
- Operational utilities
Proposed Solution
1. OUD Environment Structure
srv/
├── bin/
│ ├── oud_env.sh # Set OUD environment
│ ├── oud_create.sh # Create OUD instance
│ ├── oud_start.sh # Start OUD instance
│ ├── oud_stop.sh # Stop OUD instance
│ ├── oud_status.sh # Check OUD status
│ ├── oud_backup.sh # Backup OUD data
│ └── oud_config.sh # Configure OUD settings
├── etc/
│ └── oud.conf # OUD configuration
├── sql/
│ └── oud/
│ └── db_external_auth.sql # DB external auth setup
└── templates/
└── oud/
├── oud_instance.props # Instance creation template
├── ldif/ # LDIF templates
│ ├── base_entries.ldif
│ ├── oracle_schema.ldif
│ └── acl_config.ldif
└── config/
└── oud_config.props
2. OUD Environment Variables
# OUD Base Directories
export OUD_BASE="${ORACLE_BASE}/oud"
export OUD_INSTANCE_HOME="${OUD_BASE}/${OUD_INSTANCE_NAME}"
export OUD_INSTANCE_NAME="oud1"
# OUD Software
export OUD_HOME="${ORACLE_HOME}" # Or separate OUD installation
export OUD_VERSION="12.2.1.4.0"
# OUD Configuration
export OUD_ADMIN_PORT="4444"
export OUD_LDAP_PORT="1389"
export OUD_LDAPS_PORT="1636"
export OUD_ADMIN_USER="cn=Directory Manager"
# Java for OUD
export JAVA_HOME="${ORACLE_BASE}/product/java/jdk"
export PATH="${OUD_INSTANCE_HOME}/OUD/bin:${PATH}"3. OUD Instance Creation Script
#!/usr/bin/env bash
# srv/bin/oud_create.sh - Create OUD instance
usage() {
cat <<EOF
Usage: oud_create.sh [OPTIONS]
Create Oracle Unified Directory instance.
Options:
--instance NAME Instance name (default: oud1)
--admin-port PORT Admin port (default: 4444)
--ldap-port PORT LDAP port (default: 1389)
--ldaps-port PORT LDAPS port (default: 1636)
--base-dn DN Base DN (default: dc=example,dc=com)
--admin-user USER Admin user (default: cn=Directory Manager)
--admin-password PWD Admin password (prompted if not provided)
--sample-data Load sample data
-h, --help Show this help
Examples:
# Create instance with defaults
oud_create.sh --instance oud1
# Create with custom ports
oud_create.sh --instance oud1 --ldap-port 1389 --admin-port 4444
# Create with sample data
oud_create.sh --instance oud1 --sample-data
EOF
}
create_oud_instance() {
local instance_name="${1}"
local admin_port="${2}"
local ldap_port="${3}"
local base_dn="${4}"
log_info "Creating OUD instance: ${instance_name}"
# Create instance directory
local instance_home="${OUD_BASE}/${instance_name}"
mkdir -p "${instance_home}"
# Run oud-setup
"${OUD_HOME}/oud-setup" \
--cli \
--instancePath "${instance_home}/OUD" \
--adminConnectorPort "${admin_port}" \
--ldapPort "${ldap_port}" \
--ldapsPort "${ldaps_port}" \
--rootUserDN "${admin_user}" \
--rootUserPassword "${admin_password}" \
--baseDN "${base_dn}" \
--addBaseEntry \
--noPropertiesFile \
--no-prompt
if [[ $? -eq 0 ]]; then
log_info "OUD instance created successfully: ${instance_home}"
# Create startup script
create_startup_script "${instance_name}" "${instance_home}"
# Register in oratab equivalent
register_oud_instance "${instance_name}" "${instance_home}"
else
log_error "Failed to create OUD instance"
return 1
fi
}4. OUD Management Aliases
# Add to srv/etc/oradba.bashrc
# OUD Environment
alias oud_env='. ${ORADBA_BASE}/srv/bin/oud_env.sh'
alias cdoud='cd ${OUD_INSTANCE_HOME}'
alias cdoudlog='cd ${OUD_INSTANCE_HOME}/OUD/logs'
alias cdoudconfig='cd ${OUD_INSTANCE_HOME}/OUD/config'
# OUD Operations
alias oud_start='${ORADBA_BASE}/srv/bin/oud_start.sh'
alias oud_stop='${ORADBA_BASE}/srv/bin/oud_stop.sh'
alias oud_status='${ORADBA_BASE}/srv/bin/oud_status.sh'
alias oud_restart='oud_stop && oud_start'
# OUD Logs
alias oud_log='tail -f ${OUD_INSTANCE_HOME}/OUD/logs/server.out'
alias oud_errors='tail -f ${OUD_INSTANCE_HOME}/OUD/logs/errors'
alias oud_access='tail -f ${OUD_INSTANCE_HOME}/OUD/logs/access'
# LDAP Utilities
alias ldapsearch_oud='ldapsearch -h localhost -p ${OUD_LDAP_PORT} -D "${OUD_ADMIN_USER}"'
alias ldapmodify_oud='ldapmodify -h localhost -p ${OUD_LDAP_PORT} -D "${OUD_ADMIN_USER}"'5. OUD Configuration File
# srv/etc/oud.conf
# ------------------------------------------------------------------------------
# OUD Configuration
# ------------------------------------------------------------------------------
# Default OUD instance
OUD_INSTANCE_NAME="oud1"
# OUD Base Directory
OUD_BASE="${ORACLE_BASE}/oud"
# Default Ports
OUD_DEFAULT_ADMIN_PORT=4444
OUD_DEFAULT_LDAP_PORT=1389
OUD_DEFAULT_LDAPS_PORT=1636
# Default Base DN
OUD_DEFAULT_BASE_DN="dc=example,dc=com"
# Java Settings for OUD
OUD_JAVA_OPTS="-Xms512m -Xmx1024m"
# Enable OUD functionality in OraDBA
ORADBA_OUD_ENABLED=true6. Integration with Database
-- srv/sql/oud/db_external_auth.sql
-- Configure database for OUD external authentication
-- Create LDAP directory link
CREATE OR REPLACE DIRECTORY LDAP_DIR AS
'ldap://localhost:1389/dc=example,dc=com';
-- Configure external authentication
ALTER SYSTEM SET ldap_directory_access = 'PASSWORD' SCOPE=BOTH;
-- Create externally authenticated user
CREATE USER ops$oracle_user IDENTIFIED EXTERNALLY;
GRANT CONNECT TO ops$oracle_user;
Tasks
Core Infrastructure
Instance Management
Configuration Management
Operations
Aliases and Shell Integration
Database Integration
Documentation
Testing
Acceptance Criteria
- OUD instances can be created via OraDBA scripts
- OUD environment variables properly set
- Start/stop/status operations work correctly
- OUD-specific aliases available
- Configuration templates provided
- Backup/restore functionality works
- Integration with Oracle Database external auth
- Comprehensive documentation available
Use Cases
Use Case 1: New OUD Instance Setup
DBA needs LDAP directory, runs oud_create.sh --instance oud1, gets fully configured OUD instance integrated with OraDBA environment management.
Use Case 2: Multiple OUD Instances
Environment has dev/test/prod OUD instances, uses oud_env oud_prod to switch between them, similar to database environment switching.
Use Case 3: Database External Authentication
Team configures Oracle Database to use OUD for authentication, uses provided SQL scripts and templates for seamless integration.
Use Case 4: OUD Operations
Operator needs to restart OUD instance, uses oud_restart alias, checks status with oud_status, monitors logs with oud_log.
Use Case 5: Backup and Recovery
Regular OUD backups automated via oud_backup.sh, disaster recovery uses oud_restore.sh to recover directory data.
Benefits
- Unified management for database and directory services
- Standardized OUD operations
- Simplified OUD instance provisioning
- Integration with existing OraDBA workflows
- Consistent tooling across Oracle stack
- Reduced operational complexity
- Better database-directory integration
Implementation Notes
OUD Versions
- Support OUD 11g (11.1.1.7+)
- Support OUD 12c (12.2.1.3+, 12.2.1.4)
- Consider OUDSM (OUD Services Manager) integration
Security
- Secure password handling
- SSL/TLS certificate management
- LDAP access control configuration
- Audit logging integration
Dependencies
- Java Runtime (JDK 8 or 11)
- OUD software installation
- Network ports availability
- Sufficient disk space
Integration Points
- Oracle Database external authentication
- Fusion Middleware integration
- Enterprise User Security (EUS)
- Oracle Access Manager (OAM) integration
References
Priority
Low
Feature Description
Integrate Oracle Unified Directory (OUD) management capabilities into OraDBA, providing OUDBase-inspired functionality for OUD environment setup, configuration, instance management, and daily operations.
Problem Statement
Current limitations:
Background
Oracle Unified Directory (OUD) is Oracle's LDAP directory service, commonly used for:
OUDBase is a management framework (similar to BasEnv/TVDBasEnv for databases) that provides:
Proposed Solution
1. OUD Environment Structure
2. OUD Environment Variables
3. OUD Instance Creation Script
4. OUD Management Aliases
5. OUD Configuration File
6. Integration with Database
Tasks
Core Infrastructure
Instance Management
Configuration Management
Operations
Aliases and Shell Integration
Database Integration
Documentation
Testing
Acceptance Criteria
Use Cases
Use Case 1: New OUD Instance Setup
DBA needs LDAP directory, runs
oud_create.sh --instance oud1, gets fully configured OUD instance integrated with OraDBA environment management.Use Case 2: Multiple OUD Instances
Environment has dev/test/prod OUD instances, uses
oud_env oud_prodto switch between them, similar to database environment switching.Use Case 3: Database External Authentication
Team configures Oracle Database to use OUD for authentication, uses provided SQL scripts and templates for seamless integration.
Use Case 4: OUD Operations
Operator needs to restart OUD instance, uses
oud_restartalias, checks status withoud_status, monitors logs withoud_log.Use Case 5: Backup and Recovery
Regular OUD backups automated via
oud_backup.sh, disaster recovery usesoud_restore.shto recover directory data.Benefits
Implementation Notes
OUD Versions
Security
Dependencies
Integration Points
References
Priority
Low