Oracle B32100-01 User Manual
Groups in Oracle Internet Directory
5-2
Oracle Application Server Installation Guide
Repository, and Oracle Delegated Administration Services, the cn=orcladmin
user is created and becomes a member of the Repository Owners group and the
DAS Component Owners group. cn=orcladmin also becomes a member of the
iAS Admins group.
user is created and becomes a member of the Repository Owners group and the
DAS Component Owners group. cn=orcladmin also becomes a member of the
iAS Admins group.
Note that you cannot log in to Oracle Internet Directory as the superuser
(cn=orcladmin) using Oracle Delegated Administration Services. To log in as
cn=orcladmin
(cn=orcladmin) using Oracle Delegated Administration Services. To log in as
cn=orcladmin
, you must use the Oracle Directory Manager.
■
The orcladmin user is also created when you install Oracle Internet Directory.
The DN for this user is: cn=orcladmin,cn=users,<default realm DN>.
The DN for this user is: cn=orcladmin,cn=users,<default realm DN>.
The initial password for orcladmin is the same as the password for the ias_
admin user for the Oracle Application Server instance. You specified this
password during installation.
admin user for the Oracle Application Server instance. You specified this
password during installation.
You can log in to Oracle Internet Directory as orcladmin using Oracle Delegated
Administration Services to manage other Oracle Internet Directory users. You can
do this because orcladmin is a valid OracleAS Single Sign-On user.
Administration Services to manage other Oracle Internet Directory users. You can
do this because orcladmin is a valid OracleAS Single Sign-On user.
For more information on the cn=orcladmin and orcladmin users, see the Oracle
Internet Directory Administrator’s Guide.
Internet Directory Administrator’s Guide.
5.2 Groups in Oracle Internet Directory
Groups in Oracle Internet Directory can be classified into these categories:
■
■
■
5.2.1 "Global" Groups
components registered with Oracle Internet Directory.
Table 5–1
"Global" Groups
Group
Description
IAS Admins
DN: cn=IASAdmins, cn=groups,
cn=OracleContext
cn=OracleContext
IAS Admins have the following privileges:
■
Install and register new metadata repositories. IAS Admins have
no privileges to manage existing repositories already registered
with Oracle Internet Directory.
no privileges to manage existing repositories already registered
with Oracle Internet Directory.
■
Install middle tiers.
Trusted Application Admins
DN: cn=Trusted Application Admins,
cn=groups, cn=OracleContext
cn=groups, cn=OracleContext
To install Oracle Identity Management, OracleAS Portal, or OracleAS
Wireless components, you must belong to several groups, one of which
is the Trusted Application Admins group.
Wireless components, you must belong to several groups, one of which
is the Trusted Application Admins group.
lists the required
groups for each component.
IAS & User Management Application
Admins
Admins
DN: cn=IAS & User Mgmt Application
Admins, cn=groups, cn=OracleContext
Admins, cn=groups, cn=OracleContext
To install OracleAS Portal or OracleAS Wireless, you must belong to
several groups, one of which is the IAS & User Management
Application Admins group.
several groups, one of which is the IAS & User Management
Application Admins group.
component.