This chapter provides an overview of the updates made to the software and documentation for the IBM Lotus Notes and Domino connector in release 9.0.4.14.
Note:
Release 9.0.4.14 of the connector comes after release 9.0.4.12. Release number 9.0.4.13 has not been used.
The updates discussed in this chapter are divided into the following categories:
This section describes updates made to the connector software.
Documentation-Specific Updates
This section describes major changes made to this guide. These changes are not related to software updates.
The following sections discuss software updates:
The following are software updates in release 9.0.4.1.x:
The following are issues resolved in release 9.0.4.1.x:
| Bug Number | Issue | Resolution | Release |
|---|---|---|---|
|
6699500 |
During a reconciliation run, the status of modified user records remained at "Event Received". In other words, the modified user records were not getting linked. |
This issue has now been resolved. The status of modified user records is "Event Linked". |
9.0.4.1_6739862 |
|
6813482 |
The Add User provisioning operation took a long time to complete. |
This issue has now been resolved. The time taken to complete the Add User provisioning operation has reduced significantly. |
9.0.4.1_6868231 |
|
6627965 |
Additional attributes added in the attributemapping_prov.properties file were not being provisioned at the time of provisioning. |
This issue has now been resolved. Now, additional attributes added in the attributemapping_prov.properties file are being provisioned at the time of provisioning. |
9.0.4.1+xxxx+6027293+6627965 |
|
6397485 |
The mail file for a Lotus user was not customizable. Therefore, if a user was provisioned with a name that already exists on the Domino server, then the existing user/mail file would be overwritten in Lotus 6.5 and exceptions were thrown in Domino 7.0.x. |
This issue has now been resolved. The following fixes were made:
|
9.0.4.1+6392533+6397485+6328685+6027293 |
|
6328685 |
During target resource reconciliation, the reconciled data was not getting linked. The status of user data remained at 'Event Received'. |
This issue has now been resolved. Now, the Target reconciliation completes and events are getting linked. |
9.0.4.1+6392533+6397485+6328685+6027293 |
|
6027293 |
Internet Users (users with user IDs in the non-DN format) were not getting reconciled. |
This issue has now been resolved. Internet Users (users with user IDs in the non-DN format) are now getting reconciled. |
9.0.4.1+6392533+6397485+6328685+6027293 |
The following are software updates in release 9.0.4.2:
IBM Lotus Domino Server 8.0.1 has been added to the list of supported target systems. The required information has been included at appropriate places in the guide.
The following are issues resolved in release 9.0.4.2:
| Bug Number | Issue | Resolution |
|---|---|---|
|
6645041 |
The target system does not allow updates to a user's organizational unit (OU) if the user has a certifier with an associated OU. A provisioning operation that attempts this action always fails. In the earlier release of the connector, subsequent attempts to update any of the name fields failed. |
You can now update any of the name fields even if the operation is preceded by a failed attempt at updating the user's OU. Note: The "Known Issues and Limitations" chapter lists another issue related to name fields. |
|
6723807 |
A provisioning operation failed if it involved an update to a name field (for example, the Last Name field) and any other field (for example, the Comment field). |
You can now update a name field and any other field. However, if you add a new field for provisioning, provisioning operations that involve updating a name field and the newly added field would fail. |
The following is a software update in release 9.0.4.3:
From Oracle Identity Manager release 9.1.0 onward, the Administrative and User Console provides the Connector Installer feature. This feature can be used to automate the connector installation procedure.
See Section 2.2.1, "Running the Connector Installer" for details.
The following are software updates in release 9.0.4.4:
The UniqueID field has been added on the process form. This field is used to uniquely identify Lotus Notes resource during reconciliation runs and provisioning operations. This field was added to address Bug 6976566, which is mentioned later in this section.
The following changes have been made in this guide:
In "Reconciled Resource Object Fields" on page 1-2, the UniqueID field has been added to the list of fields that are reconciled.
In "Files and Directories on the Installation Media" on page 1-5, the config_unid.properties file has been added. This file holds the UniqueID value of the user that you create while testing provisioning operations.
See "Changing the Mapping of the UniqueID Field" on page 3-13 for information about mapping the UniqueID field to a different target system field.
In Appendix A, the UniqueID field has been added to the table that lists attribute mappings.
The TargetRO attribute has been removed from the definition of the lookup fields reconciliation scheduled task.
See "Lookup Fields Reconciliation Scheduled Task" on page 4-3 for more information.
The following are issues resolved in this release:
Note:
Items related to these resolved issues have been removed from the "Known Issues and Limitations" chapter.
| Bug Number | Issue | Resolution |
|---|---|---|
|
6880664 |
The connector did not support IBM Lotus Notes and Domino Server 8.0. |
The connector now supports IBM Lotus Notes and Domino Server 8.0. |
|
6976566 |
A combination of the First Name and Last Name fields was used to uniquely identify resources in Oracle Identity Manager. |
This issue has been resolved. The This field is mapped to the |
|
6911516 |
Group description values were not reconciled during group lookup reconciliation runs. |
This issue has been resolved. The lookup for groups now contains group names in the Code Key column and group descriptions in the Decode column. If a group does not have a description, then the group name is copied into both the Code Key and Decode columns. |
|
6441230 |
The simultaneous update of more than one of the following fields was not supported during an Update User provisioning operation:
|
This issue has been resolved. You can now update multiple name fields during an Update User provisioning operation. |
|
6925950 |
During an Update User provisioning operation, all user attributes were sent to the target system even when you changed only some user attributes. This affected performance during the operation. |
This issue has been resolved. During an Update User provisioning operation, only user attributes that you change are sent to the target system. |
|
6764284 |
If you delete a group from the target system, then the group is not removed from the Oracle Identity Manager lookup definition for groups until the next reconciliation run. In earlier releases, if you assigned a user to a deleted group during a provisioning operation, then the user would be assigned to any of the existing groups on the target system. In other words, the group to which the user was assigned on Oracle Identity Manager did not exist on the target system. |
This issue has been resolved. Users cannot be assigned to groups that are deleted on the target system. |
|
6909410 |
If a set of target system records had the same time stamp, then only one of the records from the set was reconciled into Oracle Identity Manager. |
This issue has been resolved. All records with time stamp values greater than the time stamp of the last reconciliation run are reconciled. |
|
5616483 |
When you delete a user on the target system, you can specify the Terminated User group to which the user must be assigned. The connector did not support this feature for provisioning operations. |
This issue has been resolved. You can now use the Information about this IT resource parameter has been added in Section 2.2.2, "Configuring the IT Resource.". |
|
7129445 |
A user was successfully assigned to a group even if the Create User provisioning operation failed. |
This issue has been resolved. A user is not assigned to a group if the Create User provisioning operation fails. |
|
7198578 |
The connector did not support provisioning or reconciliation of multitiered OUs. |
This issue has been resolved. The connector now supports provisioning and reconciliation of multitiered OUs. |
|
7318881 |
The "Out of Back-End Memory" error was encountered during target resource reconciliation of a large number of users. |
This issue has been resolved. The Notes document that is created during reconciliation is reused to avoid creation of non-usable Java objects. |
The following is an issue resolved in release 9.0.4.5:
| Bug Number | Issue | Resolution |
|---|---|---|
|
7482958 |
In a customized connector, a password set through the Forgot Password feature was not propagated from the OIM User to the Lotus Notes resource. |
This issue has been resolved. If you have enabled the propagation of the password from the OIM User to the Lotus Notes resource, then password propagation takes place even when you use the Forgot Password feature. |
The following is an issue resolved in release 9.0.4.6:
| Bug Number | Issue | Resolution |
|---|---|---|
|
8345014 |
During Create User and Update User provisioning operations, the full name of the user was not set in the format specified on the target system. |
This issue has been resolved. The full name of the user is now set in the format specified on the target system. |
The following are software updates in release 9.0.4.7:
MailInternetAddress Added to the List of Reconciled Xellerate User Fields
ImmediateDelete and MailFileActionForDelete Parameters Added to the IT Resource
From this release onward, the connector adds support for IBM Lotus Notes and Domino 8.0.x, 8.5 as target systems.
These target system versions are mentioned in the "Verifying Deployment Requirements" section.
From this release onward, the MailInternetAddress (Email) field has been added to the list of reconciled Xellerate User fields. See "Reconciled Xellerate User (OIM User) Fields" for more information.
From this release onward, the UniqueID field is not mapped to any field of the target system. Instead, during Create User provisioning operations, the connector creates a unique ID and populates the UniqueID field. The "Changing the Mapping of the UniqueID Field" section has been removed from Chapter 4.
The ImmediateDelete and MailFileActionForDelete parameters have been added to the IT resource. You use the ImmediateDelete parameter to specify how the Delete User provisioning operation must be performed. You use the MailFileActionForDelete parameter to specify how mail file deletion must be performed when a user is deleted.
The following are issues resolved in release 9.0.4.7:
| Bug Number | Issue | Resolution |
|---|---|---|
|
7557864 |
An error was encountered while provisioning a Lotus Notes resource to multiple users at the same time. |
This issue has been resolved. Multiple users can be provisioned concurrently through the connector. |
|
8215433 |
The Notes MailIcon name was not changed when the first name or last name was updated. |
This issue has been resolved. When the first name, middle name, or last name is updated, the change is propagated to all places on the target system server. |
|
8439171 |
Reconciliation did not work if you specified a value for the certifierOU parameter in the IT resource. |
This issue has now been resolved. Events are reconciled even if you specify a value for the certifierOU parameter. |
|
8471001 |
Delete User reconciliation events were not linked during target resource reconciliation. |
This issue has been resolved. Delete User reconciliation events are now linked during target resource reconciliation. |
The following are software updates in release 9.0.4.8:
The Lotus Notes Delete User Reconciliation Task scheduled task has been introduced in this release. You use this scheduled task to reconcile deleted user records. See Section 3.3.4.2, "Scheduled Task for Reconciliation of Deleted Users" for information about this scheduled task.
The following are issues resolved in release 9.0.4.8:
| Bug Number | Issue | Resolution |
|---|---|---|
|
7356528 |
When a user account was disabled, it was automatically moved to the default Groups view. |
This issue has been resolved. Disabled user accounts are now placed in the Deny Access group. |
|
8634481 |
The OU part of the user's name fetched from the fullname attribute on the target system was not parsed correctly. |
This issue has been resolved. The value fetched from the fullname field is now correctly parsed. |
|
8744907 |
An unknown response was encountered if the Disable User task was rejected. |
This issue has been resolved. A response code has been added for the use case in which the Disable User task is rejected. |
|
8745728 |
An error was encountered when a scheduled task was configured. |
This issue has been resolved. No error is encountered if you correctly configure the scheduled task. |
|
8683657 |
Reconciliation events are not linked after updating the First Name or Last Name of a target system user record. |
This issue has been resolved. Reconciliation events are now linked after updating the First Name or Last Name of a target system user record. Note: The Notes Unique ID attribute is used for reconciliation matching. |
The following are software updates in release 9.0.4.11:
In this release, IBM Lotus Notes/Domino 8.5.1 has been added to the list of certified target systems. See Section 1.1, "Certified Components" for the full list of target system versions.
On the target system, the Universal ID attribute is used to uniquely identify users on the target system. From this release onward, the connector uses the Universal ID during Update User provisioning operations.
To facilitate reuse and customization of some parts of the connector code, Javadocs have been included in the connector deployment package.
The following are issues resolved in release 9.0.4.11:
| Bug Number | Issue | Resolution |
|---|---|---|
|
8521337 |
The connector failed if you added the Alternate Full Name, Alternate Language, or Alternate Organizational Unit attribute for reconciliation and provisioning. |
This issue has been resolved. You can now add the Alternate Full Name, Alternate Language, and Alternate Organizational Unit attributes to the standard set of attributes supported for reconciliation and provisioning. See Chapter 4, "Extending the Functionality of the Connector" for information about the procedure. |
|
8940225 |
During Create User operations, the connector used the registration server. However, during Update User operations, the connector used the mail server. This caused an error during update operations. |
This issue has been resolved. Now, the connector uses either the registration server or the mail server depending on the context. |
|
9398550 |
The reconciliation of a user's record failed if the record included an attribute that contained the string |
This issue has been resolved. Records containing the string |
The following are software updates in release 9.0.4.12:
Addition of Certifier and Group to the List of Filter Attributes for Reconciliation
Support for Creation of Lotus User Mail Files in the Background
Support for Storing Change History for Target System Attributes
From this release onward, the connector can be installed and used on Oracle Identity Manager 11g release 1 (11.1.1). Where applicable, instructions specific to this Oracle Identity Manager release have been added in the guide.
See Section 1.1, "Certified Components" for the full list of certified Oracle Identity Manager releases.
From this release onward, the connector supports Lotus Notes version 8.5.2.
See Section 1.1, "Certified Components" for the full list of certified target system versions.
From this release onward, the connector provides support for request-based provisioning on Oracle Identity Manager 11g release 1 (11.1.1).
See Section 3.6.2, "Request-Based Provisioning" for more information.
In earlier releases, you could use the LastName and OU attributes as filter criteria for reconciliation. From this release onward, you can also use the Certifier and Group attributes as filter criteria. See Section 3.3.2, "Limited Reconciliation" for more information.
This item was tracked by Bug 9670080.
On the target system, you can specify that you want to create mail files in the background during a Create User operation. When you enable this feature, user creation and mail file creation are not part of the same process. From this release onward, the Create Mail DB File In Bckgrnd parameter enables you to select this option. See section on configuring the IT resource in Chapter 2, "Deploying the Connector" for more information.
This item was tracked by Bug 8931359.
From this release onward, the connector supports the target system feature that enables you to store change history for the following attributes:
Comment
ShortName
InternetAddress
Location
MailAddress (that is, the ForwardDomain attribute on the target system)
See Chapter 2, "Enabling Storage of Change History for User Attributes" for information about this feature.
This item was tracked by Bug 9558482.
The following are issues resolved in release 9.0.4.12:
| Bug Number | Issue | Resolution |
|---|---|---|
|
8973747 |
If there were multiple OU certifiers in your operating environment, then you had to create one IT resource for each certifier. |
This issue has been resolved. The certifierOU, CertPath, and CertPwd parameters of the IT resource have been moved to the process form. certifierOU is a lookup field on the process form. During a provisioning operation, you can select a value from this lookup field. In addition, you can enter values in the CertPath and CertPwd fields. |
|
9611834 |
The Confirm Password field on the process form required users to enter their passwords 2 times. |
The Confirm Password field has been removed from the process form. |
The following are issues resolved in release 9.0.4.14:
| Bug Number | Issue | Resolution |
|---|---|---|
|
9776333 |
Reconciliation of a large number of user records failed. |
This issue has been resolved. No issue is encountered when you reconcile a large number of user records. |
|
10193966 |
Although an update user provisioning operation failed, a message confirming that the task was successful was displayed. |
This issue has been resolved. |
|
10238053 |
The update user provisioning operation failed if you deployed the connector on Oracle Identity Manager release 9.1.0.1. |
This issue has been resolved. The update user provisioning operations no longer fails. |
The following sections discuss documentation-specific updates:
The following documentation-specific updates have been made up to release 9.0.4.3:
In the "Known Issues and Limitations" chapter:
The following point has been added:
"The IBM Lotus Notes and Domino connector can support only one target in secure/SSL mode at a time."
The following point has been removed:
No error is thrown if you use Oracle Identity Manager to provision a user account that already exists on IBM Lotus Notes and Domino. This is considered an update operation for the user.
In the "Deploying the Connector" chapter, the following information has been added:
The NCSO.jar and the Notes.jar files must also be copied into the OIM_HOME/xellerate/ThirdParty directory before the testing utility is used.
The following documentation-specific updates have been made in release 9.0.4.4:
In "Reconciled Resource Object Fields" on page 1-2, the ExpirationDate field has been added.
In "Adding Standard Target System Attributes for Reconciliation", the procedure to enable updates of fields that you add for provisioning has been included.
There are no known issues in this release. Issues related to limitations of the target system have been moved from the "Known Issues and Limitations" chapter to other sections of this guide.
There are no documentation-specific updates in release 9.0.4.5.
In the "Known Issues and Limitations" chapter, the following known issue has been added:
Bug 8471001
Delete User reconciliation events are not linked during target resource reconciliation.
The following documentation-specific updates have been made in release 9.0.4.7:
Minor corrections have been made in some of the procedures in this guide.
In the "Known Issues and Limitations" chapter:
Two issues tracked by bug numbers 8703999 and 8683657 have been added
The following known issue has been deleted:
Bug 8471001
Delete User reconciliation events are not linked during target resource reconciliation.
Major changes have been made in the structure of the guide. The objective of these changes is to improve the usability of the guide.
The following documentation-specific updates have been made in release 9.0.4.11:
In Section 2.2.2, "Configuring the IT Resource," the description of the RegServer IT resource parameter has been modified.
Some steps have been added to the procedures described in Section 4.2, "Adding Standard Target System Attributes for Provisioning."
In the "Known Issues and Limitations" chapter:
The issue tracked by the 9490028 bug number has been added.
A limitation related to the target system has been added.
The following issue has been removed because it is was documented incorrectly as a known issue in the earlier release:
Bug 8703999
The value of the IT resource parameter for time stamp does not get updated if you specify a value for the LastName filter attribute of the user reconciliation scheduled task.
There are no documentation-specific updates in this release.
The following documentation-specific update has been made in revision "15" of release 9.0.4.14:
The "Oracle Identity Manager" row of Table 1-1, "Certified Components" has been modified.
Section 1.2, "Usage Recommendation" has been added.
The following documentation-specific updates have been made in the earlier revisions of the release 9.0.4.14:
In Section 2.2.2, "Configuring the IT Resource," a note has been added in the "ImmediateDelete" and "DenyAccessGroupName" rows of the table.
In Section 2.3.2.1, "Creating a Deny Access Group," the category to be selected has been added in Step 4. In addition, the group type to be selected has been changed from Multi-purpose to Deny List Only.
In Chapter 6, "Known Issues and Limitations," a known issue tracked by bug 11693279 has been added.
In Section 2.3.1.1, "Configuring Trusted Source Reconciliation," the path to locate and download XML files has been updated.
In Section 1.6.3, "Provisioning Functions," a note has been added to the description of the "Update User Password" function.
In the "Oracle Identity Manager" row of Table 1-1, "Certified Components", the minimum Oracle Identity Manager release on which this connector can be installed and used has been changed to release 9.1.0.2.
In Chapter 6, "Known Issues and Limitations," a known issue tracked by bug 16898634 has been added.