Go to main content
1/25
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Documentation Updates
Conventions
What's New in the Oracle Identity Manager Advanced Connector for CA Top Secret?
Software Updates
Documentation-Specific Updates
1
About the Connector
1.1
Certified Components
1.2
Certified Languages
1.3
Connector Architecture
1.3.1
Connector Components
1.3.2
Connector Operations
1.3.2.1
Full Reconciliation Process
1.3.2.2
CFILE Reconciliation Process
1.3.2.3
Incremental (Real-Time) Reconciliation Process
1.3.2.4
Provisioning Process
1.4
Features of the Connector
1.4.1
Target Resource Reconciliation
1.4.2
Full and Incremental Reconciliation
1.4.3
Encrypted Communication Between the Target System and Oracle Identity Manager
1.4.4
High Availability Feature of the Connector
1.5
Connector Objects Used During Reconciliation and Provisioning
1.5.1
Supported Functions for Target Resource Reconciliation
1.5.2
Supported Functions for Provisioning
1.5.3
User Attributes for Target Resource Reconciliation and Provisioning
1.5.4
PROFILE Attributes for Target Resource Reconciliation and Provisioning
1.5.5
GROUP Attributes for Target Resource Reconciliation and Provisioning
1.5.6
SOURCE Attributes for Provisioning
1.5.7
FACILITY Attributes for Target Resource Reconciliation and Provisioning
1.5.8
DATASET Attributes for Provisioning
1.5.9
Provisioning GENCERT Operations
1.5.10
Provisioning GENREQ Operations
1.5.11
Reconciliation Rule
1.5.12
Reconciliation Action Rules
2
Connector Deployment on Oracle Identity Manager
2.1
Files and Directories That Comprise the Connector
2.2
Running the Connector Installer
2.3
Configuring the IT Resource
2.4
Configuring Oracle Identity Manager
2.4.1
Configuring Oracle Identity Manager 11.1.2 or Later
2.4.1.1
Creating and Activating a Sandbox
2.4.1.2
Creating a New UI Form
2.4.1.3
Creating an Application Instance
2.4.1.4
Publishing a Sandbox
2.4.1.5
Harvesting Entitlements and Sync Catalog
2.4.1.6
Updating an Existing Application Instance with a New Form
2.4.2
Localizing Field Labels in UI Forms
2.4.3
Clearing Content Related to Connector Resource Bundles from the Server Cache
2.4.4
Enabling Logging
2.4.4.1
Enabling Logging for the LDAP Gateway
2.4.4.2
Enabling Logging in Oracle Identity Manager
2.5
Configuring Oracle Identity Manager for Request-Based Provisioning
2.5.1
Copying Predefined Request Datasets
2.5.2
Importing Request Datasets into the MDS
2.5.3
Enabling the Auto Save Form Feature
2.5.4
Running the PurgeCache Utility
2.6
Installing and Configuring the LDAP Gateway
3
Connector Deployment on the Mainframe
3.1
Reviewing Deployment Requirements
3.2
Deploying the Reconciliation Agent and Provisioning Agent
3.3
Editing the Mainframe Batch Job Files
3.4
Installing or Integrating the Reconciliation Agent Exit
3.4.1
Installing the Reconciliation Agent Exit
3.4.2
Integrating the Reconciliation Agent Exit
3.5
Set APF Authorization for Pioneer and Voyager
3.6
Creating a CA Top Secret Account for Connector Operations
3.7
Summary of the Deployment Procedure
3.8
Configuring the Started Tasks
3.9
Pioneer and Voyager Operator Commands
3.10
Starting Up and Shutting Down the Reconciliation Agent
3.11
Removing the Exit
4
Using the Connector
4.1
Guidelines on Using the Connector
4.2
Scheduled Tasks for Lookup Field Synchronization
4.3
Configuring the Sources Lookup Field
4.4
Configuring Reconciliation
4.4.1
Full Reconciliation
4.4.2
Reconciliation Scheduled Tasks
4.4.2.1
Top Secret Reconcile All Users
4.4.2.2
Top Secret Reconcile Deleted Users to OIM
4.4.2.3
Top Secret Reconcile Users to Internal LDAP
4.4.2.4
Top Secret Reconcile All LDAP Users
4.4.3
Configuring Filtered Reconciliation to Multiple Resource Objects
4.5
Configuring Account Status Reconciliation
4.6
Configuring Scheduled Tasks
4.7
Performing Provisioning Operations in Oracle Identity Manager Release 11.1.1.
x
4.7.1
Direct Provisioning
4.7.2
Request-Based Provisioning
4.7.2.1
End User's Role in Request-Based Provisioning
4.7.2.2
Approver's Role in Request-Based Provisioning
4.7.3
Switching Between Request-Based Provisioning and Direct Provisioning on Oracle Identity Manager
4.8
Performing Provisioning Operations in Oracle Identity Manager Release 11.1.2 or Later
5
Extending the Functionality of the Connector
5.1
Adding Custom Fields for Target Resource Reconciliation
5.1.1
Adding Custom Fields for Full Reconciliation
5.1.2
Adding Custom Fields to Oracle Identity Manager
5.2
Adding Custom Multivalued Fields for Reconciliation
5.2.1
Adding Custom Multivalued Fields for Full Reconciliation
5.2.2
Adding Custom Multivalued Fields to Oracle Identity Manager
5.3
Adding Custom Fields for Provisioning
5.4
Removing Attributes Mapped for Target Resource Reconciliation
5.5
Configuring the Connector for Provisioning to Multiple Installations of the Target System
5.6
Configuring the Generation of Single-Use Passwords for the Reset Password Operation
5.7
Initial LDAP Gateway Population and Full Reconciliation
5.7.1
Reconciliation Using a CFILE Extract File
5.8
Configuring Windows Service
5.9
Customizing Log File Locations
6
Troubleshooting
7
Known Issues and Workarounds
A
Authorized Libraries
B
AES 128 User Key Definition and Usage
C
Top Secret CFILE -> LDAP Attribute Mapping
D
Top-Secret CFILE Processing
E
Provisioning Methods for OIM Adapters
F
LOADDSN Member and the File Contents
G
Reconciliation Agent (Voyager) Messages
H
Provisioning Agent (Pioneer) Messages
I
Pioneer Searches – Initiated from the LDAP
J
Pioneer and Voyager LONG_FDTNAME=Y Processing
K
Mainframe Language Environment Runtime Options
Index
Scripting on this page enhances content navigation, but does not change the content in any way.