| Oracle® Identity Manager Connector Guide for RSA ClearTrust Release 9.0.4 Part Number E10169-01 |
|
|
View PDF |
| Oracle® Identity Manager Connector Guide for RSA ClearTrust Release 9.0.4 Part Number E10169-01 |
|
|
View PDF |
Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for RSA ClearTrust is used to integrate Oracle Identity Manager with RSA ClearTrust.
Note:
Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.This chapter contains the following sections:
Note:
At some places in this guide, RSA ClearTrust has been referred to as the target system.Reconciliation involves duplicating in Oracle Identity Manager additions of and modifications to user accounts on the target system. It is an automated process initiated by a scheduled task that you configure.
See Also:
The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Framework Guide for conceptual information about reconciliation configurationsThe following target system fields are reconciled:
UserID
FirstName
LastName
EmailID
StartDate
EndDate
PasswordExpDate
IsPublic
IsUserlocked
PropertyName
PropertyValue
GroupName
You can customize the following reconciliation fields by setting the UseReconFieldMap attribute to true and adding their values in the Lookup.CTReconciliation.FieldMap lookup:
Note:
The
userId and lastName fields are mandatory fields and, therefore, they must exist in the lookup.userId
lastName
islock
firstName
startDate
endDate
pwdExpDate
isPublic
properties
groups
The following target system fields are reconciled only if trusted source reconciliation is implemented:
UserID
FirstName
LastName
Organization
User Type
Employee Type
Provisioning involves creating or modifying a user's account information on the target system through Oracle Identity Manager. You use the Administrative and User Console to perform provisioning operations.
See Also:
The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Framework Guide for conceptual information about provisioningFor this target system, the following fields are provisioned:
User ID
Password
Password Expiration Date
First Name
Last Name
Email Address
Start Date
End Date
Lock User
Is Public
User Group Name
Property Value
Property Name
Property Value (Date)
Property Value (Boolean)
The following table lists the functions that are available with this connector.
| Process Task | Type | Description |
|---|---|---|
| Create User | Provisioning | Creates a user |
| Delete User | Provisioning | Deletes a provisioned user |
| Disable User | Provisioning | Disables an existing user |
| Enable User | Provisioning | Enables a disabled user |
| Update User | Provisioning | Updates an existing user |
| Set Password | Provisioning | Sets a password when a user is first created in RSA ClearTrust |
| Change Password | Provisioning | Updates a user's password |
| Assign User to a Group | Provisioning | Assigns a user to a group in RSA ClearTrust
To map an RSA ClearTrust group to Oracle Identity Manager:
|
| Remove User from a Group | Provisioning | Removes a user from a group |
| Assign a Default Group to the User | Provisioning | Assigns a default group to a user |
| Update User Property | Provisioning | Assigns or removes a property value
If the RSA ClearTrust property type is To set the value of any other type of property, use the Property Value field. |
| Trusted Reconciliation for Login | Reconciliation | Creates Xellerate Login accounts with respect to reconciled logins from RSA ClearTrust |
| Create User | Reconciliation | Reconciles user accounts from RSA ClearTrust |
| Update User Property | Reconciliation | Reconciles user properties from RSA ClearTrust |
| Assign User to a Group | Reconciliation | Reconciles user-group association from RSA ClearTrust |
This release of the connector supports the following languages:
Chinese Simplified
Chinese Traditional
English
French
German
Italian
Japanese
Korean
Portuguese (Brazilian)
Spanish
See Also:
Oracle Identity Manager Globalization Guide for information about supported special charactersThe files and directories that comprise this connector are in the following directory on the installation media:
Web Access Control/RSA ClearTrust
These files and directories are listed in the following table.
| File in the Installation Media Directory | Description |
|---|---|
lib/xliClearTrust.jar |
This JAR file contains the Java classes that are required for provisioning. |
Files in the resources directory |
Each of these resource bundle files contains language-specific information that is used by the connector.
Note: A resource bundle is a file containing localized versions of the text strings that are displayed on the user interface of Oracle Identity Manager. These text strings include GUI element labels and messages displayed on the Administrative and User Console. |
tests/config/config.properties |
This file contains the properties that are used to connect to the RSA ClearTrust server. |
tests/lib/xliClearTrustTest.jar |
This JAR file contains the test classes that can be used to test the functionality of the connector. |
tests/logs |
This directory is used by the connector test suite to log the results of the tests. The log files are created in this directory. |
xml/XLIClearTrust_DM.xml xml/XLIClearTrustEntityAdp_DM.xml |
These XML files contain definitions for the following components of the RSA ClearTrust connector:
|
xml/XLIClearTrustScheduleTask_DM.xml |
This XML file contains the code for the reconciliation scheduled task and its attributes. |
xml/XLICTAutoSaveAdapter_DM.xml |
This XML file contains the code for the adapter that is required to enable the AutoSave feature in the RSA ClearTrust provisioning process form. |
XLICTXLResourceObject.xml |
This file contains the configuration for the Xellerate User. You must import this file only if you plan to use the connector in trusted source reconciliation mode. |
Note:
The files in thetests directory are used only to run tests on the connector.The "Step 2: Copying the Connector Files and External Code Files" section provides instructions to copy these files into the required directories.
You can use any one of the following methods to determine the release number of the connector.
To determine the release number of a connector:
Extract the contents of the xliClearTrust.jar file. This file is in the following directory on the installation media:
Web Access Control/RSA ClearTrust/lib
Open the manifest.mf file in a text editor. The manifest.mf file is one of the files bundled inside the xliClearTrust.jar file.
In the manifest.mf file, the release number of the connector is displayed as the value of the Version property.
Note:
If you maintain a copy of thexliClearTrust.jar file after deployment, you can use this method to determine the release number of the connector at any stage. After you deploy the connector, it is recommended that you use the "After Deployment" method, which is described in the following section.To determine the release number of a connector that has already been deployed:
See Also:
Oracle Identity Manager Design Console GuideOpen the Oracle Identity Manager Design Console.
In the Form Designer, open the process form. The release number of the connector is the value of the Version field.
