Red Hat SummitChapter 8. Creating and maintaining database links
When a client application requests data from a database link, it retrieves the data from the remote database and returns it to the client. Chaining means that a server contacts other servers on behalf of a client application and then returns the combined results. This chaining process is implemented through a database link.
8.1. Creating a new database link
Basic database link configuration requires the following information:
Suffix informationThe suffix information must correspond to the suffix on the remote server that contains the data. You can create suffix in the directory tree managed by the database link.
Bind credentialsWhen the database link binds to a remote server, it impersonates a user, and this specifies the
DNand the credentials for each database link to use to bind with remote servers.LDAP URLThe
LDAP URLinformation provides theLDAP URLof the remote server to which the database link connects. URL consists of the protocol (LDAPorLADPS), the host name or IP address (IPv4orIPv6) for the server, and the port.List of failover serversThe list of failover servers is a list of alternative servers for the database link to contact in the case of a failure and is optional.
If secure binds are required for simple password authentication, using a secure connection (TLS and STARTTLS connections or the SASL authentication) is recommended when any chaining operations are performed .
8.2. Creating a New Database Link Using the Command Line
You can create a new database link by using the dsconf chaining link-create command.
Prerequisites
- You have opened the Directory Server user interface in the web console and selected the instance.
Procedure
Create a new database link :
dsconf -D "cn=Directory Manager" ldap://server.example.com chaining link-create --suffix="ou=Customers,dc=example,dc=com" --server-url="ldap://remote_server.example.com:389" --bind-mech=SIMPLE --bind-dn="cn=proxy_user,cn=config" --bind-pw="password" "example_chain_name"
# dsconf -D "cn=Directory Manager" ldap://server.example.com chaining link-create --suffix="ou=Customers,dc=example,dc=com" --server-url="ldap://remote_server.example.com:389" --bind-mech=SIMPLE --bind-dn="cn=proxy_user,cn=config" --bind-pw="password" "example_chain_name"Copy to Clipboard Copied! Toggle word wrap Toggle overflow
By using this command, you create the database link named example_chain_name for ou=Customers,dc=example,dc=com which refers to the ldap://remote_server.example.com:389 server and uses the specified bind DN and password to authenticate. You must set bind-mech to SIMPLE (EXTERNAL for certificate based authentication) or GSSAPI for kerberos authentication.
- Display additional settings that you can set when you create the database link:
dsconf -D "cn=Directory Manager" ldap://server.example.com chaining link-create --help
# dsconf -D "cn=Directory Manager" ldap://server.example.com chaining link-create --help
To grant the proxy_user the rights to access data, you must create the proxy ACI entry in the dc=example,dc=com suffix on remote server.
Verification
Display the new database link:
dsconf -D "cn=Directory Manager" ldap://server.example.com chaining link-create --suffix="ou=Customers,dc=example,dc=com" --server-url="ldap://remote_server.example.com:389" --bind-mech=SIMPLE --bind-dn="cn=proxy_user,cn=config" --bind-pw="password" "example_chain_name"
# dsconf -D "cn=Directory Manager" ldap://server.example.com chaining link-create --suffix="ou=Customers,dc=example,dc=com" --server-url="ldap://remote_server.example.com:389" --bind-mech=SIMPLE --bind-dn="cn=proxy_user,cn=config" --bind-pw="password" "example_chain_name"Copy to Clipboard Copied! Toggle word wrap Toggle overflow
8.3. Creating a New Database Link Using the Web Console
You can create a new database link by using the web console.
Prerequisites
- You have opened the Directory Server user interface in the web console and selected the instance.
Procedure
-
Open the
Databasemenu. Create a new suffix:
- Click button.
-
Enter the
DNsuffix and back end name. -
Select
Create The Top Suffix Entryand click .
-
Select the suffix, click button on the right side, and select
Create Database Link. - Fill the fields with the details about the connection to the remote server.
- Click .
Verification
-
Open the
Databasemenu and ensure that the new database link appears in this menu.
8.4. Managing the default configuration for new database links
You can manage the default configuration of database links by using the dsconf chaining command .
Procedure
Display the current default values of the database link:
dsconf -D "cn=Directory Manager" ldap://server.example.com chaining config-get-def
# dsconf -D "cn=Directory Manager" ldap://server.example.com chaining config-get-defCopy to Clipboard Copied! Toggle word wrap Toggle overflow Use the
dsconf chaining config-set-defcommand to change the new database links configuration. For example, to set theresponse-delayparameter to30, run:dsconf -D "cn=Directory Manager" ldap://server.example.com chaining config-set-def --response-delay 30
# dsconf -D "cn=Directory Manager" ldap://server.example.com chaining config-set-def --response-delay 30Copy to Clipboard Copied! Toggle word wrap Toggle overflow The example command sets the default response timeout for all chaining connections. You can overwrite the response timeout for a specific chaining link by using the
dsconf instance chaining link-setcommand.To see the list of all parameters you can set, run:
dsconf -D "cn=Directory Manager" ldap://server.example.com chaining config-set-def --help
# dsconf -D "cn=Directory Manager" ldap://server.example.com chaining config-set-def --helpCopy to Clipboard Copied! Toggle word wrap Toggle overflow
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}