Go to main content
1/24
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New in the Oracle Identity Manager Advanced Connector for IBM RACF?
Software Updates
Documentation-Specific Updates
1
About the Connector
1.1
Certified Components
1.2
Certified Languages
1.3
Connector Architecture
1.3.1
Connector Components
1.3.2
Connector Operations
1.3.2.1
Full Reconciliation Process
1.3.2.2
Initial LDAP Population and Reconciliation Process
1.3.2.3
Provisioning Process
1.4
Features of the Connector
1.4.1
Full and Incremental Reconciliation
1.4.2
Encrypted Communication Between the Target System and Oracle Identity Manager
1.4.3
High Availability Feature of the Connector
1.5
Connector Objects Used During Reconciliation and Provisioning
1.5.1
Supported Functions for Target Resource Reconciliation
1.5.2
Supported Functions for Provisioning
1.5.3
User Attributes for Target Resource Reconciliation and Provisioning
1.5.4
Group Attributes for Target Resource Reconciliation and Provisioning
1.5.5
Security Attributes for Provisioning
1.5.6
Dataset Profile Attributes for Provisioning
1.5.7
Resource Profile Attributes for Provisioning
1.5.8
Reconciliation Rule
1.5.9
Reconciliation Action Rules
2
Deploying the IDF Advanced Adapter for IBM RACF
2.1
IDF Mainframe Adapters Functional Characteristics
2.1.1
Pioneer
2.1.2
Voyager
2.2
Prerequisites
2.2.1
Message Transport Requirements
2.2.2
APF Authorization
2.3
Mainframe Adapter Installation
2.3.1
Extracting the Files for Deployment from the Distribution Zip Archive File
2.3.2
Uploading Files
2.3.3
Extracting the XMIT Files
2.3.4
Editing the Mainframe Batch Job Files to Match the Settings for the Customer's Site
2.3.5
Submitting Batch Job Streams
2.3.6
Activating and Loading the Exits
2.3.7
Creating a RACF UserID for Pioneer and Voyager with Permissions
2.3.8
Adding Pioneer/Voyager to the Facility Class Profiles (IRR)
2.3.9
Testing the Installation
3
Connector Deployment on Oracle Identity Manager
3.1
Files and Directories That Comprise the Connector
3.2
Running the Connector Installer
3.3
Configuring the IT Resource
3.4
Configuring Oracle Identity Manager
3.4.1
Creating Additional Metadata, Running Entitlement, and Catalog Synchronization Jobs
3.4.1.1
Creating and Activating a Sandbox
3.4.1.2
Creating a New UI Form
3.4.1.3
Creating an Application Instance
3.4.1.4
Publishing a Sandbox
3.4.1.5
Harvesting Entitlements and Sync Catalog
3.4.1.6
Updating an Existing Application Instance with a New Form
3.4.2
Localizing Field Labels in UI Forms
3.4.3
Clearing Content Related to Connector Resource Bundles from the Server Cache
3.4.4
Enabling Logging
3.4.4.1
Enabling Logging for the LDAP Gateway
3.4.4.2
Enabling Logging on Oracle Identity Manager
3.5
Installing and Configuring the LDAP Gateway
4
Using the Connector
4.1
Guidelines on Using the Connector
4.2
Scheduled Tasks for Lookup Field Synchronization
4.3
Configuring the Security Attributes Lookup Field
4.4
Configuring Reconciliation
4.4.1
Configuring Incremental Reconciliation
4.4.2
Performing Full Reconciliation
4.4.3
Reconciliation Scheduled Tasks
4.4.3.1
RACF Reconcile All Users
4.4.3.2
RACF Deleted User Reconciliation Using OIM
4.4.3.3
RACF Reconcile Users to Internal LDAP
4.4.3.4
RACF Reconcile All LDAP Users
4.4.4
Configuring Filtered Reconciliation to Multiple Resource Objects
4.5
Configuring Account Status Reconciliation
4.6
Configuring Scheduled Tasks
4.7
Performing Provisioning Operations
5
Extending the Functionality of the Connector
5.1
Adding Custom Fields for Target Resource Reconciliation
5.1.1
Adding Custom Fields for Reconciliation
5.1.2
Adding Custom Fields to Oracle Identity Manager
5.2
Adding Custom Multivalued Fields for Reconciliation
5.2.1
Adding Custom Multivalued Fields to the Reconciliation Component
5.2.2
Adding Custom Multivalued Fields to Oracle Identity Manager
5.3
Adding Custom Fields for Provisioning
5.4
Removing Attributes Mapped for Target Resource Reconciliation
5.5
Using the Provisioning Agent to Run IBM z/OS Batch Jobs
5.6
Configuring the Connector for Provisioning to Multiple Installations of the Target System
5.7
Initial LDAP Gateway Population and Full Reconciliation
5.7.1
Reconcile User Extract File
5.8
Configuring Windows Service
5.9
Customizing Log File Locations
5.10
LDAP Reconciliation Supported Queries
5.11
Handling PIONEER Error Messaging Exceptions in the Gateway
6
Troubleshooting
7
Known Issues and Workarounds
A
APF-Authorized Libraries
B
Pioneer Datasets
C
Reconciliation Agent (Voyager) Messages
D
Provisioning Agent (Pioneer) Messages
E
Mainframe Problem Source Identification and Problem Determination
F
Creating Custom Scheduled Tasks
F.1
Code for Searching All Users and All User Data
F.2
Code for Searching All Groups and All Group Data
F.3
Code for Searching All Datasets and All Dataset Data
G
Voyager and Pioneer Control File Parameters
H
Configuring RACF Starter User ID and Access for Voyager Agent and Pioneer Agent Started Tasks
I
Customizing AES Encryption Key
J
Mainframe Language Environment Runtime Options
Index
Scripting on this page enhances content navigation, but does not change the content in any way.