Migrating Oracle DSEE CoS to DS
The purpose of this article is to provide information on migrating Oracle® Directory Server Enterprise Edition (ODSEE) Class of Service (CoS) to DS.
Class of Service
This is a proprietary feature of ODSEE which allows the administrator to manage attribute values that are common to many entries, in a single place. For example, the postal address might be an attribute that’s common to everyone in an organization.
CoS is defined in an LDAP subentry. There are three kinds of CoS:
- Pointer CoS - The subentry references another template entry (via cosTemplateDN) and defines which attributes (via cosAttributes) from the template appear in the target entries.
- Indirect CoS - The subentry specifies which DN-valued attribute (cosIndirectSpecifier) in the target identifies the template entry, and then defines which attributes (via cosAttributes) to copy from the template to the target. The example in the ODSEE docs uses the target’s manager attribute to select the template, and then copies one of the manager’s attributes across to the target.
- Classic CoS - The subentry identifies the top of a subtree of template entries. An attribute (via cosSpecifier) in each target is used to select the child in the subtree, which becomes the template.
Collective attributes
These are a standard feature of LDAPv3, although implemented by DS in a proprietary way. They are broadly similar to CoS, but different in that the subentry itself contains the attribute values to copy to the targets. The subentry also selects which entries in scope are given the attributes.
Pointer CoS maps very simply to a single subentry. Assuming users are held below ou=People,dc=example,dc=com, this subentry will give each one a common description:
dn: cn=Collective description subentry,dc=example,dc=com cn: Collective description subentry objectClass: top objectClass: subentry objectClass: collectiveAttributeSubentry objectClass: extensibleObject subtreeSpecification: { base "ou=People" } description;collective: This is the shared value.Indirect CoS can be implemented in DS using one subentry for each template in the subtree. Each subentry uses a specificationFilter to identify different target entries:
dn: cn=Staff subentry,dc=example,dc=com cn: Staff subentry objectClass: top objectClass: subentry objectClass: collectiveAttributeSubentry objectClass: extensibleObject subtreeSpecification: { base "ou=People", specificationFilter "(employeeType=staff)" } description;collective: This is the shared value for staff. dn: cn=Contractor subentry,dc=example,dc=com cn: Contractor subentry objectClass: top objectClass: subentry objectClass: collectiveAttributeSubentry objectClass: extensibleObject subtreeSpecification: { base "ou=People", specificationFilter "(employeeType=contractor)" } description;collective: This is the shared value for contractors.Note
Classic CoS cannot easily be translated into collective attributes, as the attribute can only be defined in the subentry and is a combination of Pointer CoS and Indirect CoS.
See Also
What do I need to consider when planning a migration from Oracle DSEE to DS?
Migrating Oracle DSEE roles to DS
FAQ: Moving from Oracle DSEE to DS
Oracle DSEE - Directory Server Class of Service