Referential integrity is the process of maintaining consistent relationships among sets of data. If referential Integrity is enabled in Oracle Internet Directory, whenever you update an entry in the directory, the server also updates other entries that refer to that entry. For example, if you remove a user’s entry from the directory, and the user is a member of a group, the server also removes the user from the group. If referential integrity is not enabled, the user remains a member of the group until manually removed. Referential integrity is not enabled by default.
Note: Disable referential integrity during the replication bootstrapping process. If referential integrity is enabled, bootstrapping fails.
Referential integrity takes effect in two situations:
- Delete–When an entry is deleted, all the DN attributes that refer to this entry DN are removed.
- Modify–When an entry’s DN is modified (renamed), all the attributes that refer to this entry DN are modified.
Beginning with 11g Release 1 (11.1.1), the Oracle Internet Directory server can enforce referential integrity. For every LDAP add, modify, delete, and rename operation, the server monitors the request and updates the necessary DN references.
- The parameter
orclRIenabledcontrols the referential integrity level. Values for
- 0–Referential integrity is disabled
- 1–Referential integrity is enabled for
- 2–Referential Integrity is enabled for a list of DN syntax attributes as specified in orclRIattr and for attributes
orclRIenabledis set to 2, the value of the parameter
orclRIattrtakes effect. The value of
orclRIattris a list of referential integrity-enabled attributes.
If referential integrity is enabled, it is strictly enforced. For example, you cannot add a group entry whose
uniquemember attributes are not currently part of the DIT.
Enabling Referential Integrity in ODSM.
Login to http://oid_directory_managed_server:port/odsm with orcladmin user,
And under Data Tree,
cn=dsaconfig,cn=configsets,cn=oracle internet directory
Change – orclrienabled from 0 to 1 or 2 (See above)