This post gives a short intro to directory naming, shows how to import from tnsnames.ora to an LDAP directory. Finally, as an alternative, you get an example how a TNS connection string looks like in ldif file format. LDIF can be used universally to export and importing data to LDAP directories.

What is directory naming?

In order to connect to a database, you either need to pass a DB connection string or you are using an alias to lookup up the string. When using an alias, there are two ways to connect to an Oracle database:

  1. Local naming
    Lookup DB connection strings locally in a tnsnames.ora file
    There is a variant when the connection is “directly” established using local application configuration in application or a jdbc string:
  2. Directory naming
    Lookup DB connection strings remotely in a LDAP directory
    LDAP lookup is also possible via jdbc:

This diagram summarises all the possibilities :

Directory naming can be compared to DNS, all you aliases are in one central LDAP server (like in a DNS server).
If you do local naming, you use a local configuration file that can be compared to /etc/hosts.
The data structure of both tnsnames.ora file or LDAP server used is a very simple key-value-store, it’s actually <Alias>=<DB connection string>

Directory naming has some benefits over local naming:

  • There is a single source of “truth” in one central directory. Much easier to manage. You don’t have to distribute tnsnames.ora files to the clients.
    It’s advisable to run LDAP highly availabe, for example configuring replication between several LDAP servers and having load balancers distribute traffic.
  • On every client, all connections are available. Useful when accessing a DB from remote, for example remote PDB cloning, using DB links, Data Guard Observer, doing remote RMAN backup & restore/recovery or cloning, etc.

Mass import from tnsnames.ora to LDAP Server

In the following example we are using Oracle Unified Directory as an LDAP directory. You are free to choose other LDAP directories to use for directory naming: OpenLDAP or Active Directory to name just a few.
Once you setup OUD for directory naming, you may want to do an initial load with contents from local tnsnames.ora file. In the directory your environment variable TNS_ADMIN points to, make sure to have these three files present:

sqlnet.ora
contains information on SQL*net configuration, important parameters are:

NAMES.DEFAULT_DOMAIN = company.com # default domain if domains are used
NAMES.DIRECTORY_PATH = (LDAP) # Where to lookup aliass, multi values possible, for example (TNSNAMES, LDAP) to first look locally, then on LDAP

 

ldap.ora
contains information about your LDAP directory, important parameters are:

DIRECTORY_SERVERS     = (loadbalancer.company.com:1389) # Adress of the LDAP server
DEFAULT_ADMIN_CONTEXT = "dc=company,dc=com" # Context where alias entries are stored
DIRECTORY_SERVER_TYPE = OID # Type of LDAP server

 

tnsnames.ora
contains aliases and connections strings, example:

TESTDB = (DESCRIPTION=
           (ADDRESS_LIST=
              (ADDRESS=
                  (PROTOCOL=TCP)
                  (Host=testdb.company.com)
                  (Port=1521)
              )
           )
           (CONNECT_DATA=
              (SERVICE_NAME=testdb.company.com)
           )
        )

 

On the client you would like to do the mass import, make sure to have either have the Oracle client or RDBMS software installed. Here, I’m using Oracle Client 12.2 64Bit on Windows. It’s quite an old version, but it fits our purpose. Both in Oracle client or RDBMS software, there is a tool called “Net Manager”. By reading the configuration files mentioned above, it’s able to connect both to remote LDAP servers and local tnsnames.ora file.

Startup Net Manager. In the menu, choose “COMMAND – DIRECTORY – EXPORT NET SERVICE NAMES”:

After authenticating to the LDAP server, a wizard shows up on which you are able to choose which aliases to add to LDAP directory:

Alternative: Use LDIF to export and import LDAP data

LDIF file format is easiest if you want to transfer data between LDAP directories. It’s also possible to create LDIF files containing TNS data. See the following example LDIF record for alias “TESTDB”:

dn: CN=TESTDB,cn=OracleContext,dc=company,dc=com
orclNetDescString: (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(Host=testdb.company.com)(Port=1521)))(CONNECT_DATA=(SERVICE_NAME=testdb.company.com)))
objectClass: top
objectClass: orclNetService
CN: TESTDB

Aliases are stored in LDAP context “cn=OracleContext,dc=company,dc=com”.
“orclNetDescString” contains the actual DB connection string.
“CN” contains the alias value and is used to lookup a connection string.


Thumbnail [60x60]
by
Casimir Schmid