An identity management realm has a number of properties that can be viewed and managed by using Oracle Internet Directory tools like the Oracle Internet Directory Self-Service Console. These properties are described in Table 5-1.
Table 5-1 Identity Management Realm Properties
| Property | Description |
|---|---|
|
Attribute for Login Name |
Name of the directory attribute used to store login names. By default, login names are stored in the |
|
Attribute for Kerberos Principal Name |
Name of the directory attribute used to store Kerberos principal names. By default, Kerberos principal names are stored in the |
|
User Search Base |
Full distinguished name (DN) for the node at which enterprise users are stored in the directory. |
|
Group Search Base |
Full DN for the node at which user groups are stored for this identity management realm in the directory. |
|
Version Compatibility |
This property is no longer used. However, you should ensure that it is not set to |
Note:
Each identity management realm includes an orcladmin user who is the root user of that realm only. These realm-specific orcladmin users are represented by the directory entries cn=orcladmin,cn=Users,realm_DN. Note that when you are logged in to Enterprise User Security administration tools as a realm-specific orcladmin user, then you can manage only directory objects for that realm. To manage objects in another realm, you must log in to administration tools as the orcladmin user for that realm.