Search

Top 60 Oracle Blogs

Recent comments

OpenLDAP – Care and Feeding of Your LDAP Server

This is part 4 of a multi-part blog post on using OpenLDAP for Net Service Name Resolution.  Part 1 can be found here.

Congratulations!

You should now have a correctly installed and fully configured LDAP server, that’s up to the task of doing Net Service Name resolution.  So, now you’ve come this far, you probably have a whole list of Net Service Names that you want to load into your LDAP server.  We’ve reviewed the LDIF format for Net Service Names, but, unless you have a very small number of Net Service Names, converting them from tnsnames.ora format to LDIF format could prove to be a very tedious task, indeed.  In my case, I had approximately 250 Net Service Names, that I needed to load.  So, I wrote a small C program, that I called tns2ldif, for this task.

tns2ldif

I wrote a small C program (less than 100 lines), that’s a filter, that will convert your tnsnames.ora file to LDIF format.  You should download tns2ldif.c, and then compile it.

But, before I continue, I’d like to take a brief moment to thank my management at ProQuest, especially Roger Valade, for allowing me to open source and publish this work.

Compilation can be achieved with the following command:

make tns2ldif

You don’t need a makefile for this program, the default make rules should do the job without any issues.  Once the program is compiled, executing is a fairly straightforward task, as well.  This program is written as a filter, as many Unix/Linux utilities are.  As such, the program reads from stdin and writes to stdout.  Any errors are written to stderr.  So, a sample execution, with an input file called tnsnames.ora and output file called tnsnames.ldif, would look like this:

tns2ldif < tnsnames.ora > tnsnames.ldif

Unless you have a truly enormous tnsnames.ora file or glacially slow I/O, the program should run very quickly.  (In less than a second.)  In the example run above, stdin and stdout are being redirected to files, so, you should not see any output to the console.  Any output that you see on the console would be an error message written to stderr.

Limitations

tns2ldif is a very simple utility that I wrote to “scratch an itch”.  i didn’t want to have to convert over 250 Net Service Name definitions to LDIF format by hand, and it gave me an opportunity to brush up on my C programming skills.  As such, it isn’t exactly full-featured.  First, if any of your Net Service Names have a domain specified, it won’t know how to deal with that.  My world is “flat”.  So, all Net Service Names are unique, and do not specify a domain.  So, I have “mydb1”, “mydb2”, “thisdb”, “thatdb”.  I don’t have “mydb.this.domain” or “mydb.that.domain”.  There is a version 2 of this utility in the works, which should be able to deal with this, but it’s not available yet.  Second, since there is no logic to handle domains, when it generates the LDIF output, it assumes a default domain.  If you edit the C source code in your favorite text editor, towards the top there is a #define for DEFAULT_DOMAIN, that allows you to set the domain that you’d like it to use.  Look for a line in tns2ldif.c that looks like this:

#define DEFAULT_DOMAIN "dc=proquest,dc=com"

Simply edit this, to reflect your appropriate default domain, and recompile the program.  If you have different sets of Net Service Names, that you want to fall under different domains, you don’t need to recompile the source before each run.  Just use the ‘-d’ option to set a different default domain, for a particular execution.  So, if I executed this:

tns2ldif -d dc=home,dc=net < tnsnames.ora > tnsnames.ldif

The program would override the value of DEFAULT_DOMAIN, and use “dc=home,dc=net” in it’s place.  In the next release, I envision that you could have Net Service Names and Net Service Aliases with various different domains, and the code would do the right thing on a per Net Service Name basis.  So, using tns2ldif, you should be in a good position to easily convert your enterprise-wide tnsnames.ora file into LDIF format for loading into your new LDAP server.  To load the newly converted tnsnames.ora into your LDAP server, execute the following command:

ldapadd -c -x -D "cn=admin,dc=proquest,dc=com" -W -f tnsnames.ldif

That should load all your Net Service Names into your LDAP server.  Go ahead and try a few out, to make sure the load was successful.

Next, I’ll review the installation, configuration, and usage of a GUI tool to help with day to day management of your LDAP server.

Stay tuned for OpenLDAP – phpldapadmin – Install and Configure.