| Oracle® Identity Manager Connector Guide for UNIX Telnet Release 9.0.4 Part Number E10177-01 |
|
|
View PDF |
| Oracle® Identity Manager Connector Guide for UNIX Telnet Release 9.0.4 Part Number E10177-01 |
|
|
View PDF |
Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for Telnet is used to integrate Oracle Identity Manager with target systems running AIX, HP-UX, Linux, and Solaris, using the Telnet protocol.
Note:
Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.This chapter contains the following sections:
Reconciliation involves duplicating in Oracle Identity Manager additions of and modifications to user accounts on the target system. It is an automated process initiated by a scheduled task that you configure.
See Also:
The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Framework Guide for conceptual information about reconciliation configurationsThe following target system attributes are reconciled:
User Login
User UID
Primary Group Name
Default Shell
Home Directory
GECOS
Password Change Time
Account Expiry Date
Note:
For a trusted configuration (such as the HP-UX trusted mode), the Password Change Time and Account Expiry Date fields are not reconciled.Provisioning involves creating or modifying a user's account information on the target system through Oracle Identity Manager. You use the Administrative and User Console to perform provisioning operations.
See Also:
The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Framework Guide for conceptual information about provisioningFor this target system, the following fields are provisioned:
User Login
Password
Secondary Group Names
User UID
Primary Group Name
Default Shell
GECOS
Home Directory
Account Expiry Date
Password Change Time
Create Home Directory
Skeleton Directory
Inactive Days
The following table lists the functions that are available with this connector.
| Function | Type | Description |
|---|---|---|
| Create User | Provisioning | Creates a user
When you use this function, in the User Defined process form:
|
| Delete User | Provisioning | Deletes a provisioned user on the UNIX server |
| Update User UID | Provisioning | Updates user properties according to a change in the User UID attribute |
| Update User Group | Provisioning | Updates user properties according to a change in the User Group attribute |
| Update User Password Change Time | Provisioning | Updates user properties according to a change in the User Password Change Time attribute |
| Update Shell | Provisioning | Updates user properties according to a change in the Shell attribute |
| Update Home Directory | Provisioning | Updates user properties according to a change in the Home Directory attribute |
| Update Account Expiry Date | Provisioning | Updates user properties according to a change in the Account Expiry Date attribute |
| Update User GECOS | Provisioning | Updates user properties according to a change in the User GECOS attribute |
| Set Password | Provisioning | Updates user properties according to a change in the Password attribute
The changed password must conform to the password policy requirements of the target system. |
| Update Secondary Group Names | Provisioning | Updates user properties according to a change in the Secondary Group Names attribute
Do not update the User Login field when you update the Secondary Group Names value. When you specify the secondary group name for the first time and then run this function, the primary group name is assigned the same value as the secondary group name. However, after the value of the primary group name is changed, you cannot set the secondary group name to the same value. On Solaris, the value of the Secondary Group Names field in the User Defined process form must always be different from the value of the Primary Group Name field. |
| Update Inactive Days | Provisioning | Updates user properties according to a change in the Update Inactive Days attribute
This function is not supported on AIX 5.2. |
| Update User Login | Provisioning | Updates user properties according to a change in the User Login attribute
Do not update the Secondary Group Names field when you update the User Login field. On AIX 5.2, if the User GECOS value contains spaces, then this function does not work. |
| Disable User | Provisioning | Disables an existing user on the UNIX server
Note: Suppose that a user on the UNIX server is disabled. If the Set Password function is run on this user account, then the account is automatically reenabled. |
| Enable User | Provisioning | Enables a disabled existing user on the UNIX server
Before running this function, the Set Password function must be run. This function is not supported on an HP-UX (trusted) server. |
| Trusted Reconciliation for User | Reconciliation | Creates Xellerate User accounts corresponding to the reconciled user accounts from the UNIX server |
| Create User | Reconciliation | Reconciles user accounts from the UNIX server |
| Update User | Reconciliation | Updates the attributes of previously reconciled user accounts from the UNIX server |
| Delete User | Reconciliation | Reconciles user accounts that have been deleted from the UNIX server |
The connector supports the following languages:
Chinese Simplified
Chinese Traditional
English
French
German
Italian
Japanese
Korean
Portuguese (Brazilian)
Spanish
Note:
The connector does not support the entry of multibyte characters in some of the fields. Appendix A, "Attribute Mappings Between Oracle Identity Manager and UNIX Telnet" provides information about the fields in which multibyte characters are not supported.See Also:
Oracle Identity Manager Globalization Guide for information about supported special charactersThe files and directories that comprise this connector are compressed in the following directory on the installation media:
Operating Systems/UNIX/UNIX Telnet
These files and directories are listed in the following table.
| File in the Installation Media Directory | Description |
|---|---|
ext/sshfactory.jar |
This file contains the JSCAPE libraries. These libraries are used to open an Telnet session with the target server. |
lib/xliTelnet.jar |
This file contains the Java classes that are required to support provisioning and reconciliation in Telnet. |
Files in the resources directory |
Each of these resource bundle files contains language-specific information that is used by the connector.
Note: A resource bundle is a file containing localized versions of the text strings that are displayed on the user interface of Oracle Identity Manager. These text strings include GUI element labels and messages displayed on the Administrative and User Console. |
test/config/config.properties |
This file is used to specify the parameters and settings required to connect to the target system by using the testing utility. |
test/config/log.properties |
This file is used to specify the log level and the directory in which the log file is to be created when you run the testing utility. |
test/config/userAttribute_NonAIX_prov.properties |
This file contains the parameters required for dynamic provisioning on non-AIX platforms. |
test/config/userAttribute_AIX_prov.properties |
This file contains the parameters required for dynamic provisioning on AIX platform. |
test/config/userAttribute_NonAIX_recon.properties |
This file contains the parameters required for dynamic reconciliation on non-AIX platforms. |
test/config/userAttribute_AIX_recon.properties |
This file contains the parameters required for dynamic reconciliation on AIX platform. |
test/lib/xliTelnetTest.jar |
This file contains the Java classes required to run the client for running test calls from the Oracle Identity Manager server. |
test/scripts/Telnet.bat test/scripts/telnet.sh |
This file contains the script required to run the client for running test calls from the Oracle Identity Manager server. |
xml/TelnetNonTrustedUser.xml |
This file contains definitions for the following Telnet User components of the connector:
|
xml/XellTelnetUser.xml |
This XML file contains the configuration for the Xellerate User. You must import this file only if you plan to use the connector in trusted source reconciliation mode. |
Note:
The files in the
test directory are used only to run tests on the connector.The "Step 3: Copying the Connector Files" section provides instructions to copy these files into the required directories.
You can use any one of the following methods to determine the release number of the connector.
To determine the release number of a connector:
Extract the contents of the xliTelnet.jar file. This file is in the following directory on the installation media:
Operating Systems/UNIX/UNIX Telnet/lib
Open the manifest.mf file in a text editor. The manifest.mf file is one of the files bundled inside the xliTelnet.jar file.
In the manifest.mf file, the release number of the connector is displayed as the value of the Version property.
Note:
If you maintain a copy of thexliTelnet.jar file after deployment, you can use this method to determine the release number of the connector at any stage. After you deploy the connector, it is recommended that you use the "After Deployment" method, which is described in the following section.To determine the release number of a connector that has already been deployed:
See Also:
Oracle Identity Manager Design Console GuideOpen the Oracle Identity Manager Design Console.
In the Form Designer, open the process form. The release number of the connector is the value of the Version field.
