After you deploy the connector, you can configure it to meet your requirements. This chapter discusses the following optional configuration procedures:
Section 4.1, "Adding New Attributes for Target Resource Reconciliation"
Section 4.2, "Adding New Attributes for Trusted Source Reconciliation"
Note:
This section describes an optional procedure. Perform this procedure only if you want to add new attributes for target resource reconciliation.You must ensure the new attributes that you add for reconciliation contain data in string-format only. Binary attributes must not be introduced into Oracle Identity Manager natively.
By default, the attributes listed in Section 1.6, "Connector Objects Used During Target Resource Reconciliation" are mapped for reconciliation between Oracle Identity Manager and the target system. If required, you can add new attributes for target resource reconciliation.
To add a new attribute for target resource reconciliation, perform the following procedure:
Log in to the Oracle Identity Manager Design Console.
Add the new attribute on the process form as follows:
Expand Development Tools.
Double-click Form Designer.
Search for and open the CT Users process form.
Click Create New Version.
In the Label field, enter the version name. For example, version_1
.
Click the Save icon.
Select the current version created in Step e from the Current Version list.
Click Add to create an attribute and provide the values for that attribute.
For example, if you are adding the Certificate DN attribute, then enter the following values in the Additional Columns tab:
Field | Value |
---|---|
Name | Certificate DN |
Variant Type | String |
Length | 100 |
Field Label | Certificate DN |
Field Type | TextField |
Order | 20 |
The following screenshot shows this form:
Click the Save icon.
Click Make Version Active.
Add the new attribute to the list of reconciliation fields in the resource object as follows:
Expand Resource Management.
Double-click Resource Objects.
Search for and open the ClearTrust resource object.
On the Object Reconciliation tab, click Add Field, and then enter the following values:
Field Name: Certificate DN
Field Type: String
The following screenshot shows this form:
If you are using Oracle Identity Manager release 11.1.1, then click Create Reconciliation Profile. This copies changes made to the resource object into the MDS.
Click the Save icon.
Create a reconciliation field mapping for the new attribute in the process definition form as follows:
Expand Process Management.
Double-click Process Definition.
Search for and open the CT Users process definition.
On the Reconciliation Field Mappings tab, click Add Field Map, and then select the following values:
Field Name: Certificate DN
Field Type: String
Process Data Field: Certificate DN
The following screenshot shows this form:
Click the Save icon.
Create an entry for the attribute in the lookup definition for reconciliation as follows:
Expand Administration.
Double-click Lookup Definition.
Search for and open the Lookup.CTReconciliation.FieldMap lookup definition.
Click Add and enter the Code Key and Decode values for the attribute. The Code Key value must be the name of the attribute given in the resource object. The Decode value is the name of the attribute in the target system.
For example, enter organization
in the Code Key field and then enter o
in the Decode field.
The following screenshot shows this form:
Click the Save icon.
Note:
This section describes an optional procedure. Perform this procedure only if you want to add new attributes for trusted source reconciliation.You must ensure that the new attributes you add for reconciliation contain only string-format data. Binary attributes must not be brought into Oracle Identity Manager natively.
By default, the attributes listed in Section 1.7.1, "User Attributes for Trusted Source Reconciliation" are mapped for reconciliation between Oracle Identity Manager and the target system. If required, you can add new attributes for trusted resource reconciliation.
To add a new attribute for trusted source reconciliation:
See Also:
One of the following guides for detailed instructions on performing the steps in this section:For Oracle Identity Manager release 9.0.1 through 9.0.3.2 or release 9.1.0.x:
Oracle Identity Manager Design Console Guide
For Oracle Identity Manager release 11.1.1:
Oracle Fusion Middleware Developer's Guide
Log in to the Oracle Identity Manager Design Console.
Add the new attribute on the Users process form as follows:
Expand Administration.
Double-click User Defined Field Definition.
Search for and open the Users process form.
Click Add.
In the User Defined Fields dialog box, enter the details of the attribute.
For example, if you are adding the Account Starts attribute, then enter the following details in the User Defined Fields dialog box:
In the Label field, enter Account Starts
.
From the Data Type list, select Date.
From the Field Type list, select DateField with Dialog.
In the Column Name field, enter USR_UDF_ACCOUNT_STARTS
.
The following screenshot shows this form:
Click Save.
Add the new attribute to the list of reconciliation fields in the resource object as follows:
Expand Resource Management.
Double-click Resource Objects.
Search for and open the Xellerate User resource object.
On the Object Reconciliation tab, click Add Field.
Enter the details of the attribute.
For example, enter Account Starts
in the Field Name field and select Date from the Field Type list.
If you are using Oracle Identity Manager release 11.1.1, then click Create Reconciliation Profile. This copies changes made to the resource object into the MDS.
Click Save.
The following screenshot shows the Account Starts field added to the resource object:
Create a reconciliation field mapping for the new attribute in the process definition as follows:
Expand Process Management.
Double-click Process Definition.
Search for and open the Xellerate User process definition.
On the Reconciliation Field Mappings tab, click Add Field Map.
In the Field Name field, select the value for the attribute that you want to add.
For example, select Account Starts=Account Starts
.
The following screenshot shows this form:
Click Save.
Create an entry for the attribute in the lookup definition for reconciliation as follows:
Expand Administration.
Double-click Lookup Definition.
Search for and open the Lookup.CTReconciliation.FieldMap lookup definition.
Click Add and enter the Code Key and Decode values for the attribute. The Code Key value must be the name of the attribute on the target system, which you determined at the start of this procedure. The Decode value is the name that you provide for the reconciliation field in Step 3.e.
For example, enter Account Starts
in the Code Key field and then enter Account Starts
in the Decode field.
The following screenshot shows this form:
Click Save.