Skip Headers
Oracle® Identity Manager Connector Guide for RSA ClearTrust
Release 9.0.4

E10440-07
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

4 Extending the Functionality of the Connector

After you deploy the connector, you can configure it to meet your requirements. This chapter discusses the following optional configuration procedures:

4.1 Adding New Attributes for Target Resource Reconciliation

Note:

This section describes an optional procedure. Perform this procedure only if you want to add new attributes for target resource reconciliation.

You must ensure the new attributes that you add for reconciliation contain data in string-format only. Binary attributes must not be introduced into Oracle Identity Manager natively.

By default, the attributes listed in Section 1.6, "Connector Objects Used During Target Resource Reconciliation" are mapped for reconciliation between Oracle Identity Manager and the target system. If required, you can add new attributes for target resource reconciliation.

To add a new attribute for target resource reconciliation, perform the following procedure:

  1. Log in to the Oracle Identity Manager Design Console.

  2. Add the new attribute on the process form as follows:

    1. Expand Development Tools.

    2. Double-click Form Designer.

    3. Search for and open the CT Users process form.

    4. Click Create New Version.

    5. In the Label field, enter the version name. For example, version_1.

    6. Click the Save icon.

    7. Select the current version created in Step e from the Current Version list.

    8. Click Add to create an attribute and provide the values for that attribute.

      For example, if you are adding the Certificate DN attribute, then enter the following values in the Additional Columns tab:

      Field Value
      Name Certificate DN
      Variant Type String
      Length 100
      Field Label Certificate DN
      Field Type TextField
      Order 20

      The following screenshot shows this form:

      Surrounding text describes target_res_process_form.gif.
    9. Click the Save icon.

    10. Click Make Version Active.

  3. Add the new attribute to the list of reconciliation fields in the resource object as follows:

    1. Expand Resource Management.

    2. Double-click Resource Objects.

    3. Search for and open the ClearTrust resource object.

    4. On the Object Reconciliation tab, click Add Field, and then enter the following values:

      Field Name: Certificate DN

      Field Type: String

      The following screenshot shows this form:

      Surrounding text describes target_res_res_obj.gif.
    5. If you are using Oracle Identity Manager release 11.1.1, then click Create Reconciliation Profile. This copies changes made to the resource object into the MDS.

    6. Click the Save icon.

  4. Create a reconciliation field mapping for the new attribute in the process definition form as follows:

    1. Expand Process Management.

    2. Double-click Process Definition.

    3. Search for and open the CT Users process definition.

    4. On the Reconciliation Field Mappings tab, click Add Field Map, and then select the following values:

      Field Name: Certificate DN

      Field Type: String

      Process Data Field: Certificate DN

      The following screenshot shows this form:

      Surrounding text describes target_res_procss_defn.gif.
    5. Click the Save icon.

  5. Create an entry for the attribute in the lookup definition for reconciliation as follows:

    1. Expand Administration.

    2. Double-click Lookup Definition.

    3. Search for and open the Lookup.CTReconciliation.FieldMap lookup definition.

    4. Click Add and enter the Code Key and Decode values for the attribute. The Code Key value must be the name of the attribute given in the resource object. The Decode value is the name of the attribute in the target system.

      For example, enter organization in the Code Key field and then enter o in the Decode field.

      The following screenshot shows this form:

      Surrounding text describes target_src_lookup_defn.gif.
    5. Click the Save icon.

4.2 Adding New Attributes for Trusted Source Reconciliation

Note:

This section describes an optional procedure. Perform this procedure only if you want to add new attributes for trusted source reconciliation.

You must ensure that the new attributes you add for reconciliation contain only string-format data. Binary attributes must not be brought into Oracle Identity Manager natively.

By default, the attributes listed in Section 1.7.1, "User Attributes for Trusted Source Reconciliation" are mapped for reconciliation between Oracle Identity Manager and the target system. If required, you can add new attributes for trusted resource reconciliation.

To add a new attribute for trusted source reconciliation:

See Also:

One of the following guides for detailed instructions on performing the steps in this section:
  • For Oracle Identity Manager release 9.0.1 through 9.0.3.2 or release 9.1.0.x:

    Oracle Identity Manager Design Console Guide

  • For Oracle Identity Manager release 11.1.1:

    Oracle Fusion Middleware Developer's Guide

  1. Log in to the Oracle Identity Manager Design Console.

  2. Add the new attribute on the Users process form as follows:

    1. Expand Administration.

    2. Double-click User Defined Field Definition.

    3. Search for and open the Users process form.

    4. Click Add.

    5. In the User Defined Fields dialog box, enter the details of the attribute.

      For example, if you are adding the Account Starts attribute, then enter the following details in the User Defined Fields dialog box:

      • In the Label field, enter Account Starts.

      • From the Data Type list, select Date.

      • From the Field Type list, select DateField with Dialog.

      • In the Column Name field, enter USR_UDF_ACCOUNT_STARTS.

      The following screenshot shows this form:

      Surrounding text describes trusted_src_usrs_form.gif.
    6. Click Save.

  3. Add the new attribute to the list of reconciliation fields in the resource object as follows:

    1. Expand Resource Management.

    2. Double-click Resource Objects.

    3. Search for and open the Xellerate User resource object.

    4. On the Object Reconciliation tab, click Add Field.

    5. Enter the details of the attribute.

      For example, enter Account Starts in the Field Name field and select Date from the Field Type list.

    6. If you are using Oracle Identity Manager release 11.1.1, then click Create Reconciliation Profile. This copies changes made to the resource object into the MDS.

    7. Click Save.

      The following screenshot shows the Account Starts field added to the resource object:

      Surrounding text describes trusted_src_res_obj.gif.
  4. Create a reconciliation field mapping for the new attribute in the process definition as follows:

    1. Expand Process Management.

    2. Double-click Process Definition.

    3. Search for and open the Xellerate User process definition.

    4. On the Reconciliation Field Mappings tab, click Add Field Map.

    5. In the Field Name field, select the value for the attribute that you want to add.

      For example, select Account Starts=Account Starts.

      The following screenshot shows this form:

      Surrounding text describes trusted_src_procss_defn.gif.
    6. Click Save.

  5. Create an entry for the attribute in the lookup definition for reconciliation as follows:

    1. Expand Administration.

    2. Double-click Lookup Definition.

    3. Search for and open the Lookup.CTReconciliation.FieldMap lookup definition.

    4. Click Add and enter the Code Key and Decode values for the attribute. The Code Key value must be the name of the attribute on the target system, which you determined at the start of this procedure. The Decode value is the name that you provide for the reconciliation field in Step 3.e.

      For example, enter Account Starts in the Code Key field and then enter Account Starts in the Decode field.

      The following screenshot shows this form:

      Surrounding text describes trusted_src_lookup_defn.gif.
    5. Click Save.