Oracle® Identity Manager Connector Guide for CA ACF2 Advanced Release 9.0.1 Part Number B31112-01 |
|
|
View PDF |
After installing the Oracle Identity Manager CA ACF2 connector, you need to perform the initial reconciliation of users. This is the process where mainframe users are added to the Oracle Identity Manager to allow extension of enterprise user management of profiles and authorization of resources.
The initialization process is run from the command line on the Oracle Identity Manager server. The command does not require execution at a particular directory path, as long as the Java class path is correctly set.
These commands are:
java -Djava.security.auth.login.config=c:\software\idforacle9.0\xellerate\JavaTasks\Config\auth.conf com.identityforge.oracle.integration.initial.recon.acf2.IdfReconciliationConnector –X
java -D java.security.auth.login.config=c:\software\idforacle9.0\xellerate\JavaTasks\Config\auth.conf com.identityforge.oracle.integration.initial.recon.acf2.IdfReconciliationConnector –R
Note:
Please enter these commands on a single line without any line breaks.These commands and the sample class path can be found in the intial_load_classpath
file. The controls for these commands are found in the connection.properties
file.
The following is a sample set of values for these parameters:
xlAdminId:xelsysadm xlAdminPwd:xelsysadm xlJndiUrl:jnp://192.168.1.120:1099 idfTrusted:true idfServerUrl:ldap://localhost:5389 idfAdminDn:cn=idfAcf2Admin, dc=acf2,dc=com idfAdminPwd:idfAcf2Pwd ouPeople:ou=People ouGroups:ou=Groups ouDatasets:ou=Datasets ouResources:ou=Resources ouFacilities:ou=Facilities ouBaseDn:dc=acf2,dc=com idfSystemAdminDn:cn=Directory Manager, dc=system,dc=backend idfSystemAdminPwd:testpass idfSystemDn:dc=system,dc=backend idfIgnoreIdList:start1,start2,private idfDoOnlyIdList:martin81,martin82,martin83 idList=do
To include or exclude specific users during initial reconciliation, modify the following lines:
idfIgnoreIdList:start1,start2,private idfDoOnlyIdList:martin81,martin82,martin83
Note:
this control does not support wildcards and is designed for processing or excluding a limited number of users.