This chapter provides an overview of the updates made to the software and documentation for the Oracle Identity Manager Connector for IBM AS/400 in release 9.0.4.16.
The updates discussed in this chapter are divided into the following categories:
This section describes updates made to the connector software. This section also points out the sections of this guide that have been changed in response to each software update.
Documentation-Specific Updates
This section describes major changes made to this guide. These changes are not related to software updates.
The following sections discuss software updates:
The following are software updates in releases 9.0.4.1 through 9.0.4.4:
IBM AS/400 user profile commands supported by the Provisioning Agent have been added in "Supported Functions for Provisioning".
The list of functions supported by the Provisioning Agent has been updated in "Supported Functions for Provisioning".
The commands supported by the Reconciliation Agent have been updated in "Supported Functions for Target Resource and Trusted Source Reconciliation".
The list of functions supported by the Reconciliation Agent has been updated in "Supported Functions for Target Resource and Trusted Source Reconciliation".
The list of fields reconciled between Oracle Identity Manager and IBM AS/400 has been updated in "User Attributes for Target Resource Reconciliation and Provisioning".
The IT resource parameters and their corresponding descriptions and sample values have been updated in "Importing the Connector XML File" on page 2-6.
The procedure to configure the connector for multiple installations of the target system has been added in "Configuring the Connector for Multiple Installations of the Target System".
Information about reconciliation based on user status has been added in "Configuring Account Status Reconciliation".
Known issues related to the following bugs have been added in Chapter 7, "Known Issues":
Bug 7189194
Bug 7353425
The following are the software updates in release 9.0.4.12:
In the earlier release, one installation of the LDAP Gateway worked with one target system installation. If you had multiple target system installations, you had to install multiple LDAP Gateways. From this release onward, you can configure a single LDAP Gateway to work with multiple target system installations. See Section 5.5.1, "Configuring One LDAP Gateway for Each Installation of the Target System" for more information.
This item was tracked by Bug 9483766.
The User Target Recon Scheduled Task scheduled task has been introduced in this release. You can configure this scheduled task to schedule reconciliation with the target system. See Section 4.1, "Configuring Reconciliation" for information about using this scheduled task. In addition, the Last Modified Time Stamp parameter has been added in the IT resource definition. See Section 2.5, "Configuring the IT Resource" for information about this parameter.
This item was tracked by Bug 9483766.
The following are the software updates in release 9.0.4.13:
From this release onward, the connector can be installed and used on Oracle Identity Manager 11g release 1 (11.1.1). Where applicable, instructions specific to this Oracle Identity Manager release have been added in the guide.
See Section 1.1, "Certified Components" for the full list of certified Oracle Identity Manager releases.
From this release onward, the connector provides support for request-based provisioning on Oracle Identity Manager 11g release 1 (11.1.1).
See Section 4.4.2, "Request-Based Provisioning" for more information.
The following table lists issues resolved in release 9.0.4.13:
| Bug Number | Issue | Resolution |
|---|---|---|
|
9231097 |
At the end of a successful Delete User provisioning operation, the connector showed the status R (that is, Rejected) instead of C (Completed). |
This issue has been resolved. The connector now shows status C at the end of a successful Delete User provisioning operation. |
|
10070632 and 9866401 |
Initial reconciliation did not work correctly. |
This issue has been resolved. Initial reconciliation now works as expected. |
|
9937520 |
The connector could not be used to manage more than one supplemental group. |
This issue has been resolved. The connector can now be used to manage multiple supplemental groups. |
|
9934948 |
The password of the target system user account used for connector operations could be viewed in plaintext in the LDAP Gateway. |
This issue has been resolved. The password is not stored in the LDAP Gateway. |
|
7356959 |
Under certain conditions, a Delete User provisioning operation resulted in the creation of a Delete User reconciliation event. |
This issue has been resolved. A Delete User provisioning operation does not cause the creation of a Delete User reconciliation event. |
|
7353425 |
The connector did not support some standard IBM AS/400 attributes. |
This issue has been resolved. All standard IBM AS/400 attributes are now supported. In addition, you can add new attributes for reconciliation and provisioning. Section 5.1, "Adding New Attributes for Target Resource Reconciliation" describes the procedure. |
|
7272110 |
During trusted source reconciliation, when an OIM User is created for a user that is in the Disabled state on the target system, the OIM User is not in the Disabled state. |
This issue has been resolved. When an OIM User is created for a user that is in the Disabled state on the target system, the OIM User is also in the Disabled state. |
The following is the software update in release 9.0.4.14:
From this release onward, reconciliation using external .jar files is no longer supported. Instead, both initial and real-time reconciliation are performed by running the scheduled task.
See Section 4.1, "Configuring Reconciliation" for detailed instructions.
The following are the software updates in release 9.0.4.15:
From this release onwards, the connector supports the Oracle Identity Manager reconciliation API feature ignoreEvent(). The LDAP Gateway will now confirm whether a reconciliation event should be ignored prior to creating the event in Oracle Identity Manager. Both real-time reconciliation and full reconciliation utilize this feature. See Section 1.4.2.1, "Full Reconciliation Process," and Section 1.4.2.3, "Incremental (Real-Time) Reconciliation Process," for more details.
From this release onwards, SSL configuration in LDAP Gateway has been supported. See Section 2.9, "Installing and Configuring the LDAP Gateway," for more information.
From this release onwards, the connector supports new IT resource parameters and LDAP gateway properties. See Table 2-2 and Table 2-3 for more details.
The following table lists issues resolved in release 9.0.4.15
| Bug Number | Issue | Resolution |
|---|---|---|
|
14164429 |
The Oracle Identity Manager 11G cannot connect to LDAPGATEWAY provided by OS400 connector. |
This issue has been resolved. The Oracle Identity Manager 11G can now successfully connect to the LDAPGATEWAY. |
|
12987614 |
AS 400 connector feature cannot run a CPYUSRPR command on the target system. |
This issue has been resolved. The CPYUSRPR command on the target system can be run and can configure the LDAP and OIM adapters. |
The following are the software updates in release 9.0.4.16:
Support for Scheduled Task- Single Connection User Reconciliation
Support for Scheduled Task- Delete User Reconciliation Using LDAP
Support for Scheduled Task- Delete User Reconciliation Using Oracle Identity Manager
From this release onward, the user reconciliation scheduled task supports the "LDAP Time Zone" property. This property can be used to specify the local time zone of the LDAP server machine in cases where Oracle Identity Manager and the LDAP gateway are hosted on separate servers in separate time zones. See Section 4.1, "Configuring Reconciliation," and Section 5.4, "Using the Additional Reconciliation Scheduled Tasks" for more details.
From this release onward, the connector supports an additional scheduled task for user profile reconciliation. This task creates a single connection to the target system and retrieves both user IDs and the user's profile attributes. Each user is stored in the internal LDAP store, if needed, and then those users are reconciled to Oracle Identity Manager. See Section 5.4, "Using the Additional Reconciliation Scheduled Tasks" for more details.
From this release onward, the connector supports an additional scheduled task for reconciling deleted users on the target system. This task retrieves a list of users from the target system and compares that list with a list of users from the internal LDAP store. If a user is found to exist within the internal LDAP store, but not on the target system, then the internal LDAP store is updated and a delete reconciliation event for the user is sent to Oracle Identity Manager. See Section 5.4, "Using the Additional Reconciliation Scheduled Tasks" for more details.
From this release onward, the connector supports an additional scheduled task for reconciling deleted users on the target system. This task retrieves a list of users from the target system and compares that list with a list of users from Oracle Identity Manager. If a user is found to exist within Oracle Identity Manager, but not on the target system, then a delete reconciliation event for the user is sent to Oracle Identity Manager. See Section 5.4, "Using the Additional Reconciliation Scheduled Tasks" for more details.
The following table lists issues resolved in release 9.0.4.16
| Bug Number | Issue | Resolution |
|---|---|---|
|
15988796 |
Reconciliation failing due to special characters (such as #) in UID. |
This issue has been resolved. The LDAP gateway now supports UIDs that begin with special characters. |
|
15988779 |
Connector updates the date on IT Resource are not time zone transparent. |
This issue has been resolved. All scheduled tasks now include an "LDAP Time Zone" property that specifies the local time zone of the LDAP gateway server. |
|
14679339 |
User profile attribute USEDATE is not made available for reconciliation on the gateway. |
This issue has been resolved. The USEDATE property is now supported. |
The following sections discuss documentation-specific updates:
The following are software updates in releases 9.0.4.1 through 9.0.4.4:
The "Certified Components" section has been updated with specific IBM AS/400 versions that can be used to deploy the Oracle Identity Manager IBM AS/400 Advanced connector.
The user profile field mappings between Oracle Identity Manager and the target system have been added in "User Attributes for Target Resource Reconciliation and Provisioning". "Appendix A: Attribute Mapping Between Oracle Identity Manager and IBM i5/AS" has been removed.
The components of the IBM AS/400 Advanced connector and the connector architecture for reconciliation and provisioning have been added in "Connector Architecture". "Appendix B: Connector Architecture" has been removed.
Guidelines that were earlier documented in Chapter 7, "Known Issues" have been moved to "Guidelines on Using the Connector".
In "Certified Languages", Arabic has been added to the list of languages that the connector supports.
In "Certified Components", changes have been made in the "Target System" row. Information about certified deployment configurations has been removed from "Certified Components".
In "Certified Components", the minimum Oracle Identity Manager release has been changed to 9.1.0.1 and the JDK requirement of release 1.5 or later has been added.
There are no documentation-specific updates in this release.
There are no documentation-specific updates in this release.
There are no documentation-specific updates in this release.
The following are the documentation-specific updates in release 9.0.4.15:
Table 2-1 has been updated for file or directory on the installation media.
A new Section 2.3, "Before Running the Connector Installer" has been added.
Table 4-1 has been updated for new attributes.
The following are the documentation-specific updates in revision "10" of release 9.0.4.16:
Table 4-1 has been updated for new attributes.
Table 2-3 has been updated for new properties.
A new Section 5.4, "Using the Additional Reconciliation Scheduled Tasks" has been added on reconciliation scheduled tasks.
The following are the documentation-specific updates in revision "11" of release 9.0.4.16:
The "Oracle Identity Manager" row of Section 1.1, "Certified Components" has been modified.
Section 1.2, "Usage Recommendation" has been added.