| Oracle® Identity Manager Connector Guide for CA ACF2 Advanced Release 9.0.2 Part Number B32151-01 |
|
|
View PDF |
| Oracle® Identity Manager Connector Guide for CA ACF2 Advanced Release 9.0.2 Part Number B32151-01 |
|
|
View PDF |
After installing the Oracle Identity Manager CA ACF2 Advanced Connector, you need to perform the initial reconciliation of the user profiles and permissions from the target host system. This is the process where mainframe users are added to Oracle Identity Manager to allow the extension of enterprise user management of profiles and authorization of resources.
The initialization process is run from the command line on the Oracle Identity Manager server. The command does not require execution at a particular directory path, as long as the Java class path is correctly set.
These commands are:
java -Djava.security.auth.login.config=
OIM_HOME\xellerate\JavaTasks\Config\auth.conf com.identityforge.oracle.integration.initial.recon.acf2.IdfReconciliationConnector –X
java -D java.security.auth.login.config=
OIM_HOME\xellerate\JavaTasks\Config\auth.conf com.identityforge.oracle.integration.initial.recon.acf2.IdfReconciliationConnector –R
|
Note: Enter these commands on a single line without any line breaks. |
These commands and a sample class path can be found in the intial_load_classpath file. The controls for these commands are found in the connection.properties file.
The following is a sample set of values for these parameters:
xlAdminId:xelsysadm xlAdminPwd:xelsysadm xlJndiUrl:jnp://192.168.1.120:1099 idfTrusted:true idfServerUrl:ldap://localhost:5389 idfAdminDn:cn=idfAcf2Admin, dc=acf2,dc=com idfAdminPwd:idfAcf2Pwd ouPeople:ou=People ouGroups:ou=Groups ouDatasets:ou=Datasets ouResources:ou=Resources ouFacilities:ou=Facilities ouBaseDn:dc=acf2,dc=com idfSystemAdminDn:cn=Directory Manager, dc=system,dc=backend idfSystemAdminPwd:testpass idfSystemDn:dc=system,dc=backend idfIgnoreIdList:start1,start2,private idfDoOnlyIdList:martin81,martin82,martin83 idList=do
To include or exclude specific users during initial reconciliation, modify the following lines:
idfIgnoreIdList:start1,start2,private idfDoOnlyIdList:jdoe81,jdoe82,jdoe83
|
Note: This control does not support wildcards and is designed for processing or excluding a limited number of users. |
To configure the connector to perform trusted source reconciliation, set the idfTrusted control in the connection.properties file to true, as follows:
idfTrusted:true
This control toggles trusted source reconiliation in the connector. Set this to false if you are not performing reconciliation with a trusted source.
|
Note: Reconciliation updates to Oracle Identity Manager are in real-time, and you do not need to configure reconciliation as a scheduled task on Oracle Identity Manager.Refer to Oracle Identity Manager Connector Framework Guide for conceptual information about reconciliation configurations. |
