How To Convert Attributes Containing Distinguished Name Values To The OVD Namespace (Doc ID 1122574.1)

Goal

This note explains how attributes containing Distinguished Name (DN) values can be converted by Oracle Virtual Directory (OVD).

OVD may be configured as a Virtual Proxy.
This means that a Namespace Mapping is executed by OVD, if the OVD Adapter Root Namespace is different from the Adapter Remote Base.

But there are some attributes that contain Distinguished Name values as well. (e.g.,  uniquemember, member, manager )

OVD by default passes the attribute values without performing a conversion.


In a common scenario, the attribute DN values are within the Adapter Remote Base Namespace, but it is also possible in some special cases that the attribute DN values are outside of the Adapter Namespace.
 

For the most common scenario (attribute DN values within the Adapter Namespace), OVD provides the Adapter configuration parameter "DN Attributes". Attributes listed in this parameter will be converted following the same rule applied to convert the Distinguished Name of the entry, so that the part of the DN value containing the Adapter "Remote Base" will be converted to the OVD root.

OVD is not able to convert attribute DN values outside of the Adapter Namespace out-of-the-box.

This means with the above example OVD would not convert the "manager" value of "cn=<MANAGER_NAME>,dc=<ANOTHER_REMOTE_DOMAIN>" even if the "manager" attribute is listed in the Adapter "DN Attributes" parameter.

The solution for this uncommon scenario would be to create a custom mapping script.

This Document addresses how to convert those DNs to the OVD Namespace.

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.