Oracle® Identity Manager Connector Guide for Oracle Internet Directory Release 9.0.1 Part Number B31128-01 |
|
|
View PDF |
Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for Oracle Internet Directory is used to integrate Oracle Identity Manager with Oracle Internet Directory.
Note:
Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.This chapter contains the following sections:
The following table lists the functions that are available with this connector.
Function | Type | Description |
---|---|---|
Create User | Provisioning | Creates a user |
Delete User | Provisioning | Deletes a user |
Enable User | Provisioning | Enables a user |
Disable User | Provisioning | Disables a user |
Move User | Provisioning | Moves a user from one container to another |
Password Updated | Provisioning | Updates the password of a user |
First Name Updated | Provisioning | Updates the first name of a user |
Last Name Updated | Provisioning | Updates the last name of a user |
Department Updated | Provisioning | Updates the department of a user |
Email ID Updated | Provisioning | Updates the e-mail address of a user |
Location Updated | Provisioning | Updates the location of a user |
Middle Name Updated | Provisioning | Updates the middle name of a user |
Preferred Language Updated | Provisioning | Updates the language of a user |
Telephone Updated | Provisioning | Updates the telephone number of a user |
Time Zone Updated | Provisioning | Updates the time zone of a user |
Title Updated | Provisioning | Updates the title of a user |
Organization DN Updated | Provisioning | Updates the organization DN of a user |
Add user to group | Provisioning | Adds a user to a group |
Remove user from group | Provisioning | Removes a user from a group |
Add user to role | Provisioning | Adds a user to a role |
Remove user from role | Provisioning | Removes a user from a role |
Reconciliation Delete Received | Reconciliation | Deletes a user from Oracle Identity Manager if the user has been deleted from the target system |
Reconciliation Insert Received | Reconciliation | Inserts a user in Oracle Identity Manager |
Reconciliation Update Received | Reconciliation | Updates a user in Oracle Identity Manager. This operation could involve modifying any of the user properties, such as the first name or last name. |
Note:
Oracle Internet Directory is a general-purpose directory service that enables fast retrievals and centralized management of information about dispersed users and network resources.Lightweight Directory Access Protocol (LDAP) is an Internet-ready, lightweight implementation of ISO X.500 standard for directory services.
Oracle Internet Directory implements and combines LDAP with the high performance, scalability, robustness, and availability features of Oracle Database. At some places in this guide, the terms Oracle Internet Directory and LDAP have been used interchangeably.
This section describes the elements that the reconciliation module extracts from the target system to construct reconciliation event records.
Reconciliation can be divided into the following types:
Lookup fields reconciliation involves reconciling the lookup values for groups and roles.
This section provides information about user reconciliation.
The following fields are reconciled:
User ID (This is a mandatory field)
First Name
Last Name
Middle Name
Department
Location
Telephone
Preferred Language
Timezone
Logon Script
Title
Organization Unit
Server Name (IT resource)
UserGroup
UserRole
The following fields are reconciled only if reconciliation is implemented in trusted mode:
User ID (This is a mandatory field)
First Name
Last Name
Organization
Xellerate Type
Password
Xellerate
Role
Note:
The user search has been modified to fetch all records from the target system, regardless of theQueryEntryReturnLimit
value set in Oracle Identity Manager. However, this modified functionality works only if the number of Oracle Identity Manager user IDs starting with patterns of aa,
ab,
ac,
and so on is less than or equal to the QueryEntryReturnLimit
value.The following fields are provisioned:
ldapObjectClass
ldapUserObjectClassPrimary
ldapUserObjectClassSecondary
ldapFirstName
ldapLastName
ldapUserID
ldapPassword
ldapUserDNPrefix
ldapUserDisableAttr
ldapOrgDNPrefix
ldapGroupDNPrefix
ldapGroupMemberAttr
Note:
The names of the fields are case-sensitive.The files and directories that comprise this connector are compressed in the following ZIP file on the installation media.
Directory Servers\Oracle Internet Directory\Oracle Internet Directory Rev 2.0.0.zip
These files and directories are listed in the following table.
The"Step 4: Copying the Connector Files and External Code" section provides instructions to copy these files into the required directories.