| Oracle® Identity Manager Connector Guide for CA-Top Secret Advanced Release 9.0.3 Part Number B32350-01 | 
 | 
| 
 | View PDF | 
Reconciliation with the CA-Top Secret Advanced connector is carried out in real time. This implies that after you have imported the initial load of user information, you need not perform reconciliation as a scheduled task. The initial reconciliation run involves obtaining user information from the target system into the Oracle Identity Manager server. This allows for the extension of enterprise user management of profiles and authorization of resources.
The initialization process is run from the command line on the Oracle Identity Manager server. The commands are run from the oim_home/xellerate/JavaTasks directory. There are non-trusted example scripts for initial provisioning and initial disabling at the following location:
CA Top Secret Advanced Rev 9.0.3/scripts
These non-trusted scripts are:
run_initial_recon_provisioning.bat run_initial_recon_disable.bat
The controls for the commands in these files are specified in the initialTopSecretAdv.properties file. The following is a sample set of values for these parameters:
xlAdminId:xelsysadm
xlAdminPwd:xelsysadm
xlJndiUrl:jnp://Host IP Address of the OIM Server:1099
idfTrusted:true
idfServerUrl:ldap://localhost:5389
idfAdminDn:cn=idfTopsAdmin, dc=tops,dc=com
idfAdminPwd:idfTopsPwd
ouPeople:ou=People
ouGroups:ou=Groups
ouDatasets:ou=Datasets
ouResources:ou=Resources
ouFacilities:ou=Facilities
ouBaseDn:dc=tops,dc=com
idfSystemAdminDn:cn=Directory Manager, dc=system,dc=backend
idfSystemAdminPwd:testpass
idfSystemDn:dc=system,dc=backend
idfIgnoreIdList:start1,start2,private
idfDoOnlyIdList:martin81,martin82,martin83
idList=do
To include or exclude specific users during initial reconciliation, modify the following lines:
idfIgnoreIdList:start1,start2,private idfDoOnlyIdList:jdoe81,jdoe82,jdoe83
Note:
This control does not support wildcards and is designed for processing or excluding a limited number of users.To configure the connector to perform trusted source reconciliation, set the idfTrusted control in the initialTopSecretAdv.properties file to true, as follows:
idfTrusted:true
This control toggles trusted source reconciliation in the connector. Set this to false if you are not performing reconciliation with a trusted source.
In addition, you must make a copy of the non-trusted scripts and change the JV parameter first to –X, and then to –R.