Oracle® Identity Manager Connector Guide for Oracle Internet Directory Release 9.0.3 Part Number B32363-02 |
|
|
View PDF |
Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for Oracle Internet Directory is used to integrate Oracle Identity Manager with Oracle Internet Directory.
Note:
Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.This chapter contains the following sections:
The following table lists the functions that are available with this connector.
Function | Type | Description |
---|---|---|
Create User | Provisioning | Creates a user |
Delete User | Provisioning | Deletes a user |
Enable User | Provisioning | Enables a user |
Disable User | Provisioning | Disables a user |
Move User | Provisioning | Moves a user from one container to another |
Password Updated | Provisioning | Updates the password of a user |
First Name Updated | Provisioning | Updates the first name of a user |
Last Name Updated | Provisioning | Updates the last name of a user |
Department Updated | Provisioning | Updates the department of a user |
Email ID Updated | Provisioning | Updates the e-mail address of a user |
Location Updated | Provisioning | Updates the location of a user |
Middle Name Updated | Provisioning | Updates the middle name of a user |
Preferred Language Updated | Provisioning | Updates the language preference of a user |
Telephone Updated | Provisioning | Updates the telephone number of a user |
Time Zone Updated | Provisioning | Updates the time zone of a user |
Title Updated | Provisioning | Updates the title of a user |
Organization DN Updated | Provisioning | Updates the organization DN of a user |
Add user to group | Provisioning | Adds a user to a group |
Remove user from group | Provisioning | Removes a user from a group |
Add user to role | Provisioning | Adds a user to a role |
Remove user from role | Provisioning | Removes a user from a role |
Reconciliation Delete Received | Reconciliation | Deletes a user from Oracle Identity Manager if the user has been deleted from the target system |
Reconciliation Insert Received | Reconciliation | Inserts a user in Oracle Identity Manager |
Reconciliation Update Received | Reconciliation | Updates a user in Oracle Identity Manager. This operation involves modifying any of the user properties, such as the first name or last name. |
Note:
Oracle Internet Directory is a general-purpose directory service that enables fast retrievals and centralized management of information about dispersed users and network resources.Lightweight Directory Access Protocol (LDAP) is an Internet-ready, lightweight implementation of ISO X.500 standard for directory services.
Oracle Internet Directory implements and combines LDAP with the high performance, scalability, robustness, and availability features of Oracle Database. At some places in this guide, the terms Oracle Internet Directory and LDAP have been used interchangeably.
See Also:
Appendix A for information about attribute mappings between Oracle Identity Manager and Oracle Internet Directory.This release of the connector supports the following languages:
English
Brazilian Portuguese
French
German
Italian
Japanese
Korean
Simplified Chinese
Spanish
Traditional Chinese
See Also:
Oracle Identity Manager Globalization Guide for information about supported special charactersThis section discusses the elements that the reconciliation module extracts from the target system to construct reconciliation event records.
Reconciliation can be divided into the following types:
Lookup fields reconciliation involves reconciling the lookup values for groups and roles.
This section provides information about user reconciliation.
The following fields are reconciled:
User ID
First Name
Last Name
Middle Name
Department
Location
Telephone
Preferred Language
Timezone
Logon Script
Title
Server Name (IT resource)
UserGroup
UserRole
The following fields are reconciled only if reconciliation is implemented in trusted mode:
User ID
First Name
Last Name
Organization
Xellerate Type
Role
The following fields are provisioned:
ldapObjectClass
ldapUserObjectClassPrimary
ldapUserObjectClassSecondary
ldapFirstName
ldapLastName
ldapUserID
ldapPassword
ldapUserDNPrefix
ldapUserDisableAttr
ldapOrgDNPrefix
ldapGroupDNPrefix
ldapGroupMemberAttr
Note:
The names of the fields are case-sensitive.The files and directories that comprise this connector are compressed in the following directory on the installation media.
Directory Servers\Oracle Internet Directory
These files and directories are listed in the following table.
File in the Installation Media Directory | Description |
---|---|
Files in the Batch\custom directory |
When you run the custom.bat file, a required object class and an attribute are added to the existing Oracle Internet Directory schema.
Refer to the "Step 2: Configuring the Target System" section for more information. |
lib\xliOID.jar |
This JAR file contains the class files required for provisioning and reconciliation. |
Files in the resources directory |
Each of these resource bundle files contains language-specific information that is used by the connector.
Note: A resource bundle is a file containing localized versions of the text strings that are displayed on the user interface of Oracle Identity Manager. These text strings include GUI element labels and messages displayed on the Administrative and User Console. |
Files in the Troubleshoot directory |
These files are used to perform basic tests on the connector, even before Oracle Identity Manager is installed. |
xml\oimOIDUser.xml |
This XML file contains definitions for the following components of the connector:
|
xml\oimUser.xml |
This XML file contains the configuration for the Xellerate User. You must import this file only if you plan to use the connector in trusted source reconciliation mode. |
Note:
The files in theTroubleshoot
directory are used only to run tests on the connector.The "Step 3: Copying the Connector Files and External Code" section provides instructions to copy these files into the required directories.
To determine the release number of the connector that you have deployed:
Extract the contents of the xliOID.jar
file. For a connector that has been deployed, this file is in the following directory:
OIM_home\xellerate\JavaTasks
Open the manifest.mf
file in a text editor. The manifest.mf
file is one of the files bundled inside the xliOID.jar
file.
In the manifest.mf
file, the release number of the connector is displayed as the value of the Version
property.
See Also:
Oracle Identity Manager Design Console Guide