• Find us:
    +1 415 655 1723   |   +91-844-844-8901
  • Free Newsletter


  • Archive

  • Categories

  • Oracle Unified Directory High Availability Concepts

    Posted by "" in "FMW" on 2014-10-17


    In this post, we will discuss how we can implement high availability in Oracle Unified Directory. Oracle Unified Directory is the next generation LDAP v3 compliant directory service provider. It can act as a directory server, proxy server and replication gateway between Oracle Unified Directory server and Oracle Directory Server Enterprise Edition (ODSSE). To get an overview about this product, check out my previous post here: http://trainings.k21technologies.com/oracle-unified-directory-at-a-glance/


    In Oracle Unified Directory, there are broadly three ways of implementing high availability:

    1. Replication
    2. Proxy Server
      1. Distribution
      2. Load Balancing
    3. Replication Gateway


    Here it is assumed that the readers are familiar with the basic concepts of high availability, disaster recovery, replication etc. In next sections, we will see what Oracle Unified Directory offers to make the solution more reliable.


    • Replication

    When used in replicated mode, Oracle Unified Directory follows multi-master replication model. The model consists of two or more directory servers active across same or different geographical locations. All the servers are capable of processing read and write operations. This is performed over publish-subscribe architecture. When there is any change in one of the nodes, the changes are published to the other nodes in the topology. Usually the server that publishes the changes to others is called the replication server and the service it provides is termed as replication service.

    The directory servers are connected to the replication servers which are interconnected. The changes are sent to the replication servers by directory servers where they are forwarded to other connected replication servers. Modify conflicts as well as Naming conflicts are resolved with the help of change records.

    Following figure shows the basic replication architecture.

    Screen Shot 2014-10-17 at 12.05.27 am

    OUD also supports multiple data center topology as shown in the following figure.

    Screen Shot 2014-10-17 at 12.05.44 am


    • Proxy Server

    Oracle Unified Directory can be installed in proxy mode where OUD acts as proxy server between clients and directory servers. The proxy server does not hold any directory data but rather forwards the requests coming from clients to the appropriate directory servers with network connection management.

    In order to implement high availability, OUD proxy server can be used in following modes

    Simple Load Balancing

    The proxy server routes the requests to remote replicated directory servers (both contain the same data) based on some algorithm defined during deployment

    Screen Shot 2014-10-17 at 10.44.08 am

    Simple Distribution

    The directory data is partitioned into multiple partitions, distributed across multiple directory servers. Each partition is held on a separate directory server. The proxy server takes care of forwarding the requests to remote directory server which hold the appropriate partition data.

    Screen Shot 2014-10-17 at 11.05.48 am

    Failover between Data Centers

    In this mode, basically the load balancer, data centers and directory servers are all replicated. If one load balancer or data center goes down, the failover load balancer routes the traffic to replicated data centers.

    Screen Shot 2014-10-17 at 11.05.56 am

    Distribution with Load Balancing

    In this deployment, the data is distributed using load balancing. The data is partitioned and replicated across remote directory servers. The proxy server identifies the appropriate partition based on the incoming requests, forwards them to the load balancer where they are routed to the directory servers based on the algorithm used.

    Screen Shot 2014-10-17 at 11.06.07 am

    Distribution with failover between Data Centers

    Here the data is split into partitions across multiple directory servers. Each directory server is managed through a failover load balancing route. Each directory server in a data center as well as the data centers themselves are replicated and are managed by active load balancer and failover load balancer.

    Screen Shot 2014-10-17 at 11.06.28 am

    • Replication Gateway

    The replication gateway is responsible for the transfer of data between Oracle Directory Server Enterprise Edition (ODSEE) and Oracle Unified Directory. The main purpose of this deployment is to migrate the ODSEE data to OUD.

    When deployed in replication gateway mode, Oracle Unified Directory acts as a two-way forwarding server. It forwards changes from Oracle Directory Server Enterprise Edition servers to Oracle Unified Directory and vice versa.

    Screen Shot 2014-10-17 at 11.10.39 am


    In this post, we saw the various ways in which high availability can be deployed with Oracle Unified Directory to recover from system failures and maintain service level agreement.





    One thought on “Oracle Unified Directory High Availability Concepts”

    1. Vijay Kumar says:


      How can we achive below

      Master site with HA – read/write capability
      Secondary sites will read only replica

      As with OID we have external Oracle Database which can be RAC for OID providing HA on Primary site. How can we achive same with OUD [BrkDb] in Primary site.

      + Read only replica on Secondary site.

      Vijay Kumar

    Leave a Reply

    Your email address will not be published. Required fields are marked *

  • K21 Technologies is among the most experienced Identity Access Management service providers. We work with application development companies and in-house technology division to help achieve significant returns on their IT security investment. Our clientele includes some of the globally renowned corporate, which speaks of our expertise in our field.

    We have the most talented and experienced team that can swiftly deploy security solutions even in complex IT ecosystem. Our clients highly appreciate our timely implementation, interactive training, on-demand support and community resources.

    K21 Technologies
    128 Uxbridge Road, Hatchend,,
    London, HA5 4DS

    US: +1 415 655 1723
    India: +91-844-844-8901

  • Copyright 2019, K21 Technologies. All rights reserved
  • TOP