Oracle® Identity Manager Connector Guide for UNIX Telnet Release 9.0.3 Part Number B32375-01 |
|
|
View PDF |
Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for Telnet is used to integrate Oracle Identity Manager with target systems running AIX, HP-UX, Linux, and Solaris, using the Telnet protocol.
Note:
Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.This chapter contains the following sections:
The following table lists the functions that are available with this connector.
Function | Type | Description |
---|---|---|
Create User | Provisioning | Creates a user
When you use this function, in the User Defined process form:
|
Delete User | Provisioning | Deletes a provisioned user on the UNIX server |
Update User UID | Provisioning | Updates user properties according to a change in the User UID attribute |
Update User Group | Provisioning | Updates user properties according to a change in the User Group attribute |
Update User Password Change Time | Provisioning | Updates user properties according to a change in the User Password Change Time attribute |
Update Shell | Provisioning | Updates user properties according to a change in the Shell attribute |
Update Home Directory | Provisioning | Updates user properties according to a change in the Home Directory attribute |
Update Account Expiry Date | Provisioning | Updates user properties according to a change in the Account Expiry Date attribute |
Update User GECOS | Provisioning | Updates user properties according to a change in the User GECOS attribute |
Set Password | Provisioning | Updates user properties according to a change in the Password attribute
The changed password must conform to the password policy requirements of the target system. |
Update Secondary Group Names | Provisioning | Updates user properties according to a change in the Secondary Group Names attribute
Do not update the User Login field when you update the Secondary Group Names value. When you specify the secondary group name for the first time and then run this function, the primary group name is assigned the same value as the secondary group name. However, after the value of the primary group name is changed, you cannot set the secondary group name to the same value. On Solaris, the value of the Secondary Group Names field in the User Defined process form must always be different from the value of the Primary Group Name field. |
Update Inactive Days | Provisioning | Updates user properties according to a change in the Update Inactive Days attribute
This function is not supported on AIX 5.2. |
Update User Login | Provisioning | Updates user properties according to a change in the User Login attribute
Do not update the Secondary Group Names field when you update the User Login field. On AIX 5.2, if the User GECOS value contains spaces, then this function does not work. |
Disable User | Provisioning | Disables an existing user on the UNIX server
Note: Suppose that a user on the UNIX server is disabled. If the Set Password function is run on this user account, then the account is automatically reenabled. |
Enable User | Provisioning | Enables a disabled existing user on the UNIX server
Before running this function, the Set Password function must be run. This function is not supported on an HP-UX (trusted) server. |
Trusted Reconciliation for User | Reconciliation | Creates Xellerate User accounts corresponding to the reconciled user accounts from the UNIX server |
Create User | Reconciliation | Reconciles user accounts from the UNIX server |
Update User | Reconciliation | Updates the attributes of previously reconciled user accounts from the UNIX server |
Delete User | Reconciliation | Reconciles user accounts that have been deleted from the UNIX server |
This release of the connector supports the following languages:
English
Brazilian Portuguese
French
German
Italian
Japanese
Korean
Simplified Chinese
Spanish
Traditional Chinese
See Also:
Oracle Identity Manager Globalization Guide for information about supported special charactersThe reconciliation module extracts the following elements from the target system to construct reconciliation event records:
User Login
User UID
Primary Group Name
Default Shell
Home Directory
GECOS
Password Change Time
Account Expiry Date
Note:
For a trusted configuration (such as the HP-UX trusted mode), the Password Change Time and Account Expiry Date fields are not reconciled.The following fields are provisioned:
User Login
Password
Secondary Group Names
User UID
Primary Group Name
Default Shell
GECOS
Home Directory
Account Expiry Date
Password Change Time
Create Home Directory
Skeleton Directory
Inactive Days
The files and directories that comprise this connector are compressed in the following directory on the installation media:
Operating Systems\UNIX\UNIX Telnet
These files and directories are listed in the following table.
File in the Installation Media Directory | Description |
---|---|
ext\sshfactory.jar |
This file contains the JSCAPE libraries. These libraries are used to open an SSH session with the target server. |
lib\xliTelnet.jar |
This file contains the Java classes that are required to support provisioning. |
Files in the resources directory |
Each of these resource bundle files contains language-specific information that is used by the connector.
Note: A resource bundle is a file containing localized versions of the text strings that are displayed on the user interface of Oracle Identity Manager. These text strings include GUI element labels and messages displayed on the Administrative and User Console. |
tests\config\config.properties |
This file specifies the properties required by the client for running test calls from the Oracle Identity Manager server. |
tests\lib\xliTelnetTest.jar |
This file contains the Java classes required to run the client for running test calls from the Oracle Identity Manager server. |
tests\logs |
This directory is used by the connector test suite to log the results of the tests. The log files are created in this directory. |
tests\scripts\telnet.bat tests\scripts\telnet.sh |
This file contains the script required to run the client for running test calls from the Oracle Identity Manager server. |
xml\XLITelnet_DM.xml |
This file contains definitions for the following Telnet User components of the connector:
|
xml\XLITelnet_Trusted_DM.xml |
This file contains definitions for the following Telnet User components of the connector for a trusted system (HP-UX):
|
xml\XLITelnetSchedulerTask_DM.xml |
This file contains the scheduled task for reconciliation. |
Note:
The files in thetests
directory are used only to run tests on the connector.The "Step 3: Copying the Connector Files" section provides instructions to copy these files into the required directories.
To determine the release number of the connector that you have deployed:
Extract the contents of the xliTelnet.jar
file. For a connector that has been deployed, this file is in the following directory:
OIM_home\xellerate\JavaTasks
Open the manifest.mf
file in a text editor. The manifest.mf
file is one of the files bundled inside the xliTelnet.jar
file.
In the manifest.mf
file, the release number of the connector is displayed as the value of the Version
property.
See Also:
Oracle Identity Manager Design Console Guide