Go to main content
1/18
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Documentation Updates
Conventions
What's New in Oracle Identity Manager Connector for Microsoft Active Directory User Management?
Software Updates
Documentation-Specific Updates
1
About the Connector
1.1
Certified Components
1.2
Usage Recommendation
1.3
Certified Languages
1.4
Features of the Connector
1.4.1
Connector Architecture
1.4.1.1
Architecture of the Connector for Microsoft Active Directory
1.4.1.2
Connector for Microsoft ADAM
1.4.2
Lookup Fields Used During Connector Operations
1.4.3
Target Resource Reconciliation
1.4.3.1
User Fields for Target Resource Reconciliation
1.4.3.2
Group Fields for Reconciliation
1.4.3.3
Reconciliation Rules for Target Resource Reconciliation
1.4.3.4
Reconciliation Action Rules for Target Resource Reconciliation
1.4.4
Provisioning
1.4.4.1
User Provisioning Functions Supported by the Connector
1.4.4.2
User Fields for Provisioning
1.4.4.3
Group Fields for Provisioning
1.4.5
Trusted Source Reconciliation
1.4.5.1
User Fields for Trusted Source Reconciliation
1.4.5.2
Reconciliation Rule for Trusted Source Reconciliation
1.4.5.3
Reconciliation Action Rules for Trusted Source Reconciliation
1.4.5.4
Organization Reconciliation
1.5
Roadmap for Deploying and Using the Connector
2
Deploying the Connector
2.1
Preinstallation
2.1.1
Preinstallation on Oracle Identity Manager
2.1.1.1
Files and Directories On the Installation Media
2.1.1.2
Determining the Release Number of the Connector
2.1.2
Preinstallation on the Target System
2.1.2.1
Creating a Target System User Account for Connector Operations
2.2
Installation
2.2.1
Installation on Oracle Identity Manager
2.2.1.1
Running the Connector Installer
2.2.1.2
Copying the ldapbp.jar File
2.2.1.3
Configuring the IT Resource for the Target System
2.2.2
Installation on the Target System
2.2.2.1
Installing the Remote Manager
2.2.2.2
Enabling Logging in the Remote Manager
2.2.2.3
Enabling Client-Side Authentication for the Remote Manager
2.3
Postinstallation
2.3.1
Postinstallation on Oracle Identity Manager
2.3.1.1
Clearing Content Related to Connector Resource Bundles from the Server Cache
2.3.1.2
Enabling Logging
2.3.1.3
Configuring High Availability of the Target System
2.3.1.4
Configuring Oracle Identity Manager for Request-Based Provisioning
2.3.1.5
Configuring Oracle Identity Manager 11.1.2 or Later
2.3.1.6
Localizing Field Labels in UI Forms
2.3.2
Postinstallation on the Target System
2.3.2.1
Enabling or Disabling Password Policies in Microsoft Active Directory
2.3.3
Configuring the Remote Manager
2.3.3.1
Creating the IT Resource for the Remote Manager
2.3.3.2
Configuring Oracle Identity Manager Release 9.1.0.
x
to Trust the Remote Manager
2.3.3.3
Configuring Oracle Identity Manager Release 11.1.1 and 11.1.2.
x
to Trust the Remote Manager
2.3.3.4
Verifying That the Remote Manager Is Running
2.3.4
Configuring SSL for Microsoft Active Directory
2.3.4.1
Installing Certificate Services
2.3.4.2
Enabling LDAPS
2.3.4.3
Setting Up the Target System Certificate As a Trusted Certificate
2.3.5
Configuring SSL for Microsoft ADAM
2.3.5.1
Generating the Certificate in Microsoft ADAM
2.3.5.2
Setting Up the Target System Certificate As a Trusted Certificate
3
Using the Connector
3.1
Guidelines on Using the Connector
3.1.1
Guidelines on Configuring Reconciliation
3.1.2
Guidelines on Performing Provisioning Operations
3.2
Setting Up Lookup Definitions in Oracle Identity Manager
3.2.1
Configuring the Lookup.AD.Configuration Lookup Definition
3.2.2
Configuring the Lookup.AD.Country Lookup Definition
3.3
Scheduled Tasks for Lookup Field Synchronization
3.4
Configuring Reconciliation
3.4.1
Limited Reconciliation vs. Regular Reconciliation
3.4.2
Batched Reconciliation
3.4.3
Full Reconciliation vs. Incremental Reconciliation
3.4.4
Reconciliation Scheduled Tasks
3.4.4.1
Scheduled Tasks for Target Resource Reconciliation
3.4.4.2
Scheduled Tasks for Trusted Source Reconciliation
3.5
Configuring Scheduled Tasks
3.6
Configuring Provisioning
3.6.1
Specifying the Object Class for User Provisioning
3.7
Performing Provisioning Operations in Oracle Identity Manager Release 9.1.0.
x
and 11.1.1.x
3.7.1
Direct Provisioning
3.7.2
Request-Based Provisioning
3.7.2.1
End User's Role in Request-Based Provisioning
3.7.2.2
Approver's Role in Request-Based Provisioning
3.7.3
Switching Between Request-Based Provisioning and Direct Provisioning on Oracle Identity Manager Release 11.1.1
3.8
Performing Provisioning Operations in Oracle Identity Manager Release 11.1.2 or Later
4
Extending the Functionality of the Connector
4.1
Modifying Existing Field Mappings
4.2
Adding New Fields for Target Resource Reconciliation
4.3
Adding New Multivalued Fields for Target Resource Reconciliation
4.4
Adding New Fields for Provisioning
4.5
Adding New Multivalued Fields for Provisioning
4.6
Adding Mappings for New Object Classes
4.7
Enabling the Auto Pre-populate and Auto Save Options
4.8
Using Your Own Provisioning Script
4.9
Removing the ExecuteRemoteScripts Process Task
4.10
Adding New Fields for Trusted Source Reconciliation
4.11
Transforming Data Reconciled Into Oracle Identity Manager
4.12
Validating Data Sent to the Target System for Provisioning
4.13
Enabling Reconciliation and Provisioning Operations Across Multiple Domains
4.13.1
Setting Up the Lookup.AD.Domains Lookup Definition
4.13.2
Configuring the GCADITResource IT Resource
4.13.3
Adding Target System Attributes to the Global Catalog
4.14
Configuring the Connector for Multiple Trusted Source Reconciliation
4.15
Configuring the Connector for Multiple Installations of the Target System
4.15.1
Creating Copies of the Connector
4.16
Creating Update Proxy User Attribute Task for Custom Fields
4.16.1
Adding a New Field on the Process Form
4.16.2
Mapping the New Field and the Attribute in Microsoft Active Directory Application Mode
4.16.3
Creating an Update Task for the New Field
5
Testing the Connector
5.1
Using the Testing Utility
5.2
Using the Diagnostic Dashboard
6
Known Issues
A
Character Lengths of Target System Fields and Process Form Fields
B
Special Characters Supported for Passwords
C
Terminal Services Profile Field Names for Reconciliation and Provisioning
D
Sample Transformation Class
E
Sample Validation Class
Index
Scripting on this page enhances content navigation, but does not change the content in any way.