7 Managing Lookup Definitions and Remote Manager

This section describes how to use the Design Console to administer Oracle Identity Manager. It contains the following topics:

7.1 Overview

The Design Console Administration folder provides system administrators with tools for managing Oracle Identity Manager administrative features. This folder contains the following forms:

  • Lookup Definition: You use this form to create and manage lookup definitions. A lookup definition represents a lookup field and the values you can access from that lookup field.

    Note:

    Oracle Identity Manager recommends that you create and manage lookups by using the Oracle Identity System Administration. See "Managing Lookups" in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Manager for details.

  • Remote Manager: You use this form to display information about the servers that Oracle Identity Manager uses to communicate with third-party programs. These servers are known as remote managers.

7.2 Lookup Definition Form

A lookup definition represents one of the following:

  • The name and description of a text field

  • A lookup field and the values that are accessible from that lookup field by double-clicking it

  • A box, and the commands that can be selected from that box

These items, which contain information pertaining to the text field, lookup field, or box, are known as lookup values. Users can access lookup definitions from one of two locations:

  • A form or tab that comes packaged with Oracle Identity Manager

  • A user-created form or tab built by using the Form Designer form

The Lookup Definition form shown in Figure 7-1 is in the Design Console Administration folder. You use this form to create and manage lookup definitions.

Figure 7-1 Lookup Definition Form

Surrounding text describes Figure 7-1 .

Table 7-1 describes the data fields of the Lookup Definition form.

Table 7-1 Fields of the Lookup Definition Form

Field Name Description

Code

The name of the lookup definition.

Field

The name of the table column of the form or tab from which the text field, lookup field, or box field will be accessible.

Lookup Type/Field Type

These options designate if the lookup definition is to represent a text field, a lookup field, or a box.

If you select the Field Type option, the lookup definition will represent a text field.

If you select the Lookup Type option, the lookup definition is to represent either a lookup field or a box, along with the values that are to be accessible from that lookup field or box.

Note: For forms or tabs that come packaged with Oracle Identity Manager, the lookup definition has already been set as either a lookup field or a box. This cannot be changed. However, you can add or modify the values that are accessible from the lookup field or box.

For forms or tabs that are user defined, the user determines whether the lookup definition represents a lookup field or a box through the Additional Columns tab of the Form Designer form.

For more information about specifying the data type of a lookup definition, see "Additional Columns Tab".

Required

By selecting this check box, the lookup definition is designated as required. As a result, Oracle Identity Manager will not allow the contents of the corresponding form or tab to be saved to the database until the field or box, represented by the lookup definition, is supplied with data.

Group

The name of the Oracle Identity Manager or user-defined form on which the lookup definition is to be displayed.


The following sections describe how to create a lookup definition.

7.2.1 Creating a Lookup Definition

To create a lookup definition:

  1. Open the Lookup Definition form.

  2. In the Code field, enter the name of the lookup definition.

  3. In the Field field, enter the name of the table column of the Oracle Identity Manager or user-created form or tab, from which the text field, lookup field, or box field will be accessible.

  4. If the lookup definition is to represent a lookup field or box, select the Lookup Type option.

    If the lookup definition is to represent a text field, select the Field Type option.

  5. Optional. To save the contents of this form or tab only when the field or box represented by the lookup definition is supplied with data, select the Required check box. Otherwise, go to Step 6.

  6. In the Group field, enter the name of the Oracle Identity Manager or user-defined form on which the lookup definition is displayed.

    You must follow naming conventions for the text you enter into the Code, Field, and Group fields.

    See Also:

    See "Lookup Definition Form" for more information about naming conventions

  7. Click Save.

    The lookup definition is created. The associated text field, lookup field, or box will be displayed in the Oracle Identity Manager or user-defined form or tab you specified.

7.2.2 Lookup Code Information Tab

The Lookup Code Information tab is in the lower half of the Lookup Definition form. You use this tab to create and manage detailed information about the selected lookup definition. This information includes the names, descriptions, language codes, and country codes of a value pertaining to the lookup definition. These items are known as lookup values.

The following procedures show how to create, modify, and delete a lookup value.

7.2.2.1 Creating and Modifying a Lookup Value

To create or modify a lookup value:

Note:

For internationalization purpose, you must provide both a language and country code for a lookup value.

When creating a new lookup definition, you must save it before adding lookup values to it.

  1. Open the Lookup Definition form.

  2. Access a lookup definition.

  3. If you are creating a lookup value, click Add.

    A blank row is displayed in the Lookup Code Information tab.

    If you are modifying a lookup value, select the lookup value that you want to edit.

  4. Add or edit the information in the Code Key field.

    This field contains the name of the lookup value.

    In addition, if the Lookup Type option is selected, this field also represents what is displayed in the lookup field or box once the user makes a selection.

  5. Add or edit the information in the Decode field.

    This field contains a description of the lookup value.

    Note:

    The decode value is a humanly readable description of the field. The encode value is the actual code value that is used for provisioning. For example, decode value can be an LDAP group name, and encode value is the LDAP group GUID.

    If the Lookup Type option is selected, this field also represents one of the following:

    • The items that is displayed in a lookup window after the user double-clicks the corresponding lookup field

    • The commands that are to be displayed in the associated box

  6. Click Save.

    The lookup value you created or modified now reflects the settings you have entered.

7.2.2.2 Deleting a Lookup Value

To delete a lookup value:

Caution:

Deleting a lookup value might cause problems depending on what the lookup represents. For example, if a lookup value represents an entitlement and it is deleted, then it must be removed from various locations, such as any access policy with that entitlement or any user account having that entitlement granted. Therefore, Oracle recommends that you check all the possible effects before deleting a lookup value.

  1. Open the Lookup Definition form.

  2. Search for a lookup definition.

  3. Select the lookup value that you want to remove.

  4. Click Delete. The selected lookup value is deleted.

7.2.3 Configuring Challenge Questions for the User

You can configure challenge questions for the users by using the Lookup Definition Form. These challenge questions are prompted if the user forgets the password and tries to retrieve it. The user must enter the same answers provided while creating a password.

To configure challenge questions for the user:

  1. Login to Oracle Identity Manager Design Console.

  2. Navigate to Administration, Lookup Definition.

  3. Search for the Lookup for challenge questions, that is, lookup Code = Lookup.WebClient.Questions.

  4. In the Lookup Code Information tab, add questions by entering the appropriate values in the Code Key and Decode fields.

  5. Click Add.

  6. Add this key to the custom resource bundle.

7.3 Remote Manager Form

The Remote Manager is a lightweight network server that enables you to integrate with target systems whose APIs cannot communicate over a network, or that have network awareness but are not secure. The Remote Manager works as a server on the target system, and an Oracle Identity Manager server works as its client. The Oracle Identity Manager server sends a request for the Remote Manager to instantiate the target system APIs on the target system itself, and invokes methods on its behalf.

The Remote Manager form shown in Figure 7-2 is in the Design Console Administration folder. It displays the following:

  • The names and IP addresses of the remote managers that communicate with Oracle Identity Manager

  • Whether or not the remote manager is running

  • Whether or not it represents IT resources that Oracle Identity Manager can use

Figure 7-2 Remote Manager Form

Remote manager form

For this example, you can define only one remote manager that can communicate with Oracle Identity Manager: RManager.

Although this remote manager can handshake with Oracle Identity Manager, it is unavailable because the Running check box is deselected. Since the IT Resource check box is selected, this remote manager represents an IT resource or resources that can be used by Oracle Identity Manager.