Oracle® Identity Manager Connector Guide for CA Top Secret Advanced Release 9.0.2 Part Number B32152-01 |
|
|
View PDF |
After installing Oracle Identity Manager and the connector, you need to perform the initial reconciliation of users. This is the process where mainframe users are added to Oracle Identity Manager to allow extension of enterprise user management of profiles and authorization of resources.
The initialization process is run from the command line on the Oracle Identity Manager server. The command does not require execution at a particular directory path, as long as the Java class path is correctly set.
These commands are:
java -Djava.security.auth.login.config=
OIM_HOME\xellerate\JavaTasks\Config\auth.conf com.identityforge.oracle.integration.initial.recon.tops.IdfReconciliationConnector –X
java -Djava.security.auth.login.config=
OIM_HOME\xellerate\JavaTasks\Config\auth.conf com.identityforge.oracle.integration.initial.recon.tops.IdfReconciliationConnector –R
Note: Enter these commands on a single line without any line breaks. |
These commands and a sample class path can be found in the intial_load_classpath
file. The controls for these commands are found in the connection.properties
file.
The following is a sample set of values for these parameters:
xlAdminId:xelsysadm xlAdminPwd:xelsysadm xlJndiUrl:jnp://192.168.1.120:1099 idfTrusted:true idfServerUrl:ldap://localhost:5389 idfAdminDn:cn=idfTopsAdmin, dc=tops,dc=com idfAdminPwd:idfTopsPwd ouPeople:ou=People ouGroups:ou=Groups ouDatasets:ou=Datasets ouResources:ou=Resources ouFacilities:ou=Facilities ouBaseDn:dc=tops,dc=com idfSystemAdminDn:cn=Directory Manager, dc=system,dc=backend idfSystemAdminPwd:testpass idfSystemDn:dc=system,dc=backend idfIgnoreIdList:start1,start2,private idfDoOnlyIdList:martin81,martin82,martin83 idList=do
To include or exclude specific users during initial reconciliation, modify the following lines:
idfIgnoreIdList:start1,start2,private idfDoOnlyIdList:jdoe81,jdoe82,jdoe83
Note: This control does not support wildcards and is designed for processing or excluding a limited number of users. |
To configure the connector to perform trusted source reconciliation, set the idfTrusted
control in the connection.properties
file to true, as follows:
idfTrusted:true
This control toggles trusted source reconiliation in the connector. Set this to false
if you are not performing reconciliation with a trusted source.
Note: Reconciliation updates to Oracle Identity Manager are in real-time, and you do not need to configure reconciliation as a scheduled task on Oracle Identity Manager.Refer to Oracle Identity Manager Connector Framework Guide for conceptual information about reconciliation configurations. |