Novell Cool Solutions: Cool Tool
Activation/expiration time for a Group Membership in eDirectory, using an Oracle table.
|Posted:||7 Jan 2004|
Please read the note from our friends in legal before using this file.
This driver is based on the example coming with JDBC 1.6 driver for Oracle, which uses some Oracle side tables(EMP, EVENTLOG, etc). It works with DirXML 2.0. Some minor modifications would allow it to run on DirXML 1.1a, since no DirXML 2.0 specific features are leveraged.
It is required to obtain classes12.zip and nls_charset12.zip from http://otn.oracle.com as specified in the documentation for the driver.
The goal behind this driver is to provide a way to assign a period of validity for a Group Membership for a given user, something that is not supported out of the box by eDirectory. In the example an Oracle application is used because it provides some self-polling for the validity interval. I could have use Microsoft SQL Server or DB2, or another database.
Schema extensions(Single Value, Sync Immediate):
User: AgentRole(Case Ignore String), AgentStart and AgentEnd (Time) and AgentStatus (Case Ignore String)
N.B. Dynamic Group and Group have been tested.
What the connector does.
- USER CREATE EVENT: Updates dirxmlagent.agent, Required attributes = AgentRole, AgentStart and Agent End
- USER DELETE EVENT: Updates dirxmlagent.agent on User delete
- USER Modify EVENT: Updates dirxmlagent.agent
- N.B. MUST add values for the 3 required attributes(e.g. iManager plug-in studio task).
- Using a DBMS_Job queue, the agent tables is polled and the status is updated(active/inactive).
- Extend the schema for User
- Import the driver into eDirectory, Oracle. Enter the selected password for system account(or another account that has access to the dirxml agent Schema, e.g. dirxml), IP address for Oracle server, and instance name(e.g. O9ir2).
- Login as System(default password is manager) against Oracle with SQL+ or iSQL+. Create user dirxmlagent and dirxml, and grant all privileges:
- CREATE USER dirxmlagent identified by dirxml;
- GRANT ALL PRIVILEGES TO dirxmlagent;
- CREATE USER DIRXML identified by dirxml;
- GRANT ALL PRIVILEGES TO DIRXML;
- Login with dirxmlagent with SQL+ or iSQL+ and execute the following SQL scripts:
- Agent_Oracle.SQL ; Creates the Agent table and other related objects.
- DBMS_Job.txt ; Jobs polling agent for the validity period of an eDirectory membership. Execute then issue COMMIT;. The script also includes code for removing Jobs from queues, listing jobs in queues, etc. The polling interval is a fraction of 24 hours, so 1/8640 corresponds to 10 seconds. Make sure that Job queues are being monitored by setting the startup parameter JOB_QUEUE_PROCESSES . The code for dynamically activating the Job queues is included in the file.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com