| Oracle® Mail Administrator's Guide 10g Release 1 (10.1.1) Part Number B14491-03 |
|
|
View PDF |
| Oracle® Mail Administrator's Guide 10g Release 1 (10.1.1) Part Number B14491-03 |
|
|
View PDF |
This appendix contains information necessary for using a plugin for Oracle Mail user provisioning. It contains examples of various provisioning operations, including:
To use a policy plugin for Oracle Mail user provisioning customizations, implement a class named oracle.mail.provisioning.policy.EmailCustomPolicyPlugin containing the customization code. This class must implement the interface oracle.mail.provisioning.plugin.EmailPolicyPluginInterface present in the $ORACLE_HOME/jlib/esprovisioning.jar file.
Customizations similar to the following examples, according to customer requirements, can be done by implementing this policy interface.
package oracle.mail.provisioning.policy; import oracle.mail.provisioning.plugin.EmailPolicyPluginInterface; import oracle.idm.user.IdmUser; import oracle.idm.provisioning.plugin.ApplicationContext; import oracle.idm.provisioning.plugin.PluginException; import oracle.idm.provisioning.plugin.PluginStatus; import oracle.ldap.util.LDIF; import oracle.ldap.util.ModPropertySet;
In order to make any customizations during Oracle Mail user creation through a centralized provisioning framework, administrators must implement additional code. This code must be in a class called EmailCustomPolicyPlugin contained in the oracle.mail.provisioning.policy package. This class must implement the oracle.mail.provisioning.plugin.EmailPolicyPluginInterface policy interface.
Any changes made by administrator implementation will eventually be merged by the centralized provisioning framework and will go into effect when a user is created.
public class EmailCustomPolicyPlugin implements EmailPolicyPluginInterface {
The processPolicy method in the EmailCustomPolicyPlugin class is invoked by the Oracle Mail pre-data entry plugin. If, in a deployment any customizations are required, this method must be implemented.
The centralized provisioning framework passes two ModPropertySet objects containing changes made to baseuser attributes and mailuser attributes so far in the e-mail pre-plugin. The baseuser attributes and mailuser attributes are the attributes for the base user and Oracle Mail user, respectively. When the Oracle Mail provisioning plugin invokes the implemented plugin, it passes the original ModPropertySet for the baseuser attribute containing base user attributes passed by the centralized provisioning framework to the Oracle Mail plugins, and two additional ModPropertySet instances for baseuser and mailuser attribute changes, respectively.
If changes need to be made to any baseuser attribute, such as deriving a user ID based on first name and last name, those changes must be done in the ModPropertySet for the base user changes.
Similarly, make changes to the mailuser attribute, such as assigning an Oracle Collaboration Suite Database or changing quota, in the ModPropertySet for mail user changes.
The processPolicy method and its parameters are, as follows:
public void processPolicy(ApplicationContext appCtx,
IdmUser idmUser,
ModPropertySet originalBaseUserAttrs,
ModPropertySet originalMailUserAttrs,
ModPropertySet modifiedBaseUserAttrs,
ModPropertySet modifiedMailUserAttrs,
PluginStatus pluginStatus)
throws PluginException {
appCtx: This parameter contains the jndi DirContext, type of operation, locale and logging.
idmUser: This parameter contains base user attributes used in modify and delete operations. In the case of a create operation, if any application needs the global user ID, it can be obtained from here.
originalBaseUserAttrs: This parameter contains the original base user attributes that Oracle Delegated Administration Services or Oracle Directory Integration and Provisioning passes to Oracle Mail plugins.
originalMailUserAttrs: This parameter contains the original Oracle Mail user attributes that Oracle Delegated Administration Services or Oracle Directory Integration and Provisioning passes to Oracle Mail plugins.
modifiedBaseUserAttrs: This parameter contains any changes made to current base user attributes in the e-mail pre-data entry plugin. As a part of customization, the baseuser attribute values that need to be modified can be set in this parameter.
mailUserAttrs: This parameter contains any changes made to current Oracle Mail user attributes in the e-mail pre-data entry plugin. As a part of customization, the mailuser attribute values that need to be modified can be set in this parameter.
pluginStatus: This is the plugin status object, which can contain provisioning status, description, and an execution status. These values are consumed by the provisioning framework.
PluginException: This exception generates PluginException in case of errors.
See Also:
Oracle Internet Directory API Reference for more informationGenerating a User ID Based on User's First and Last Names
This example generates a user ID, assigns an Oracle Collaboration Suite Database, and establishes mail quota during user creation.
String op_type = appCtx.getCallOp();
if (op_type.equals(ApplicationContext.OP_CREATE)) {
The preceding code checks if it is a create operation.
String firstname = originalBaseUserAttrs.getModPropertyValue("givenname");
String lastname = originalBaseUserAttrs.getModPropertyValue("sn");
if ((firstname != null) && (lastname != null)) {
String mailid = firstname + "." + lastname + "@foo.com";
The preceding code generates the user ID from the firstname and lastname of the base user.
modifiedBaseUserAttrs.deleteProperty("mail");
modifiedBaseUserAttrs.addProperty(LDIF.ATTRIBUTE_CHANGE_TYPE_ADD,"mail", mailid);
}
Assigning an Oracle Collaboration Suite Database Based on Country
This example assigns an mailstore based on the country in which the user resides or works. This example assumes the following:
c attribute of the base userusdb.foo.comindb.foo.comocsms.foo.comString country = originalBaseUserAttrs.getModPropertyValue("c");
if (country != null) {
String mailstore = "ocsms.acme.com";
if (country.equalsIgnoreCase("usa"))
mailstore = "usdb.acme.com";
if (country.equalsIgnoreCase("india"))
mailstore = "indb.acme.com";
modifiedMailUserAttrs.deleteProperty("orclmailstore");
modifiedMailUserAttrs.addProperty(LDIF.ATTRIBUTE_CHANGE_TYPE_ADD,"orclmailstore", mailstore);
}
Establish Mail Quota Dynamically Based on Title
This example assigns higher mail quota to managers, while for all other users, default mail quota that is set at the domain level applies. This example assumes the following:
title attribute of the base user is Manager for managersString title = originalBaseUserAttrs.getModPropertyValue("title");
if ((title != null) && (title.equalsIgnoreCase("manager"))) {
modifiedMailUserAttrs.deleteProperty("orclmailquota");
modifiedMailUserAttrs.addProperty(LDIF.ATTRIBUTE_CHANGE_TYPE_ADD,"orclmailquota", "200");
}
Selectively Provision Users for Oracle Mail
This example provisions users selectively. This example assumes the following:
title attribute of the base user is temporary, do not provisionif ((title != null) && (title.equalsIgnoreCase("temporary"))) {
pluginStatus.setProvStatus(IdmUser.PROVISION_NOT_REQUIRED);
}
}
}
}
Setting the provisioning status to PROVISION_NOT_REQUIRED causes Oracle Delegated Administration Services to show no provisioning for Oracle Mail and Oracle Directory Integration and Provisioning does not create an Oracle Mail user.
If the custom plugin requires any base user attributes other than mail, run the oidprovtool utility in the Applications Tier or infrastructure ORACLE HOME to add the additional attributes, as in the following example, where cn and sn attributes are added:
oidprovtool operation=modify ldap_host=OID_HOST ldap_port=OID_PORT ldap_user_dn='cn=orcladmin'ldap_user_password=ORCLADMIN_PASSWORD application_type=EMAIL application_dn='cn=EmailServerContainer,cn=Products,cn=OracleContext' application_name=EMAIL event_subscription='USER:ANY:MODIFY(mail,dn,orcluserApplnProvStatus;email)' event_subscription='USER:ANY:ADD (mail,dn,orclguid,cn,sn)' event_subscription='USER:ANY:DELETE' interface_version=3.0
Where:
OID_HOST is the infrastructure Oracle Internet Directory host nameOID_PORT is the infrastructure Oracle Internet Directory port numberORCLADMIN_PASSWORD is the password for cn=orcladmin
Note:
Ensure thatmail,dn,orclguid attributes are always included in the list of subscribed attributes. Otherwise, e-mail provisioning will not work as expected.To compile and load the policy jar file, follow these instructions on an Applications Tier $ORACLE_HOME. In the case of multiple Applications Tiers, these steps must be performed on the Applications Tier that contains the latest Oracle Mail provisioning patches.
To compile EmailCustomPolicyPlugin.java, the CLASSPATH must include the following jar files:
$ORACLE_HOME/jlib/esprovisioning.jar$ORACLE_HOME/jlib/ldapjclnt10.jarCompile the policy plugin.
$ORACLE_HOME/jdk/bin/javac oracle/mail/provisioning/policy/EmailCustomPolicyPlugin.java
Create the policy plugin jar file.
$ORACLE_HOME/jdk/bin/jar cvf $ORACLE_HOME/oes/provisioning_policyplugin/policyplugin.jar oracle/mail/provisioning/policy/*.class
Load the policy jar file into the provisioning framework.
Substitute $ORACLE_HOME with the full path of the Applications Tier ORACLE_HOME and create an ldif file with following lines:
dn: cn=Plugins, cn=EMAIL, cn=Applications, cn=Provisioning,cn=Directory Integration Platform,cn=Products,cn=OracleContext changetype: modify replace: orclODIPPluginExecData orclODIPPluginExecData: $ORACLE_HOME/jlib/esprovisioning.jar dn: cn=Plugins, cn=EMAIL, cn=Applications, cn=Provisioning,cn=Directory Integration Platform,cn=Products,cn=OracleContext changetype: modify add: orclODIPPluginExecData orclODIPPluginExecData: $ORACLE_HOME/oes/provisioning_policyplugin/policyplugin.jar
Assuming the ldif file is $ORACLE_HOME/oes/provisioning_policyplugin/loadpolicy.ldif, run the following command to upload the policy jar file into the provisioning framework:
$ORACLE_HOME/bin/ldapmodify -b -v -Dcn=orcladmin -w orcladmin_password -h oid_host -p oid_port -f $ORACLE_HOME/oes/provisioning_policyplugin/loadpolicy.ldif
